Kubernetes Fleet Management using Tanzu Mission Control
Get hands-on practice with using Tanzu Mission Control to manage and secure your fleet of Kubernetes clusters.
IMPORTANT: Tanzu Mission Control capabilities are now part of Tanzu Platform. Tanzu Mission Control provided a centralized hub for simplified, multi-cloud, multi-cluster Kubernetes management including cluster lifecycle management, centralized access and policy management, data protection and more. It was also part of the Tanzu for Kubernetes Operations solution and is now part of Tanzu Platform for Kubernetes. This course has been retained for reference purposes and some of the content discussed may no longer be relevant or supported by VMware Tanzu by Broadcom.
This course introduces students to Tanzu Mission Control (TMC) and explains the main concepts, features and use cases of the product which can help students quickly realize the value in large scale fleet management of any CNCF conformant Kubernetes cluster. The topics covered include:
- Understanding TMC concepts and benefits
- Logically grouping TMC managed resources
- Managing the lifecycle of managed Kubernetes clusters
- Managing authorization and access control for managed Kubernetes clusters
- Deploying Tanzu packages and Helm charts to managed Kubernetes clusters
- Defining policies for managed Kubernetes clusters
- Using TMC data protection for managed Kubernetes clusters to recover and restore cluster data
- Perform managed cluster conformance inspections against industry standard benchmarks such as CIS
- Configuring and using continuous delivery to apply declarative configurations to managed Kubernetes clusters
Pre-requisites
- General working knowledge of Kubernetes
- Basic knowledge of OPA Gatekeeper
- Basic knowledge of Kustomize
- Basic knowledge of Velero
- Basic knowledge of Sonobuoy
- Basic knowledge of Flux
Course Outline
Introduction to the Course
What is the aim of this course and who should take it?
Accessing the Lab Environment
How do you access and use the lab environment?
Lab: Prepare the Base Environment
Set up the base environment for use in the rest of the course.
Introduction to Tanzu Mission Control
So what exactly is Tanzu Mission Control?
Organizing Cluster Resources
How do you keep the management of your large fleet of Kubernetes clusters under control?
Lab: Organizing Cluster Resources
Setup the logical grouping structure for the resources created in the rest of the course.
Cluster Management
How do you manage your organizations Kubernetes clusters?
Lab: Cluster Management
Attach CNCF conformant Kubernetes clusters to TMC.
Identity & Access Management
How do you provide a manageable security posture for resources in your organization?
Lab: Identity & Access Management
Configure access controls which will be applied to TMC managed resources.
Installing Packages
How do you install and govern additional packages in your managed clusters?
Lab: Installing Packages
Install packages into your managed Kubernetes clusters.
Policy Management
How do you provide a set of rules that govern your organization and all the objects it contains?
Lab: Policy Management - Part 1
Create policies of various types to manage the operation and security posture of your Kubernetes clusters and other organizational objects.
Lab: Policy Management - Part 2
Create policies of various types to manage the operation and security posture of your Kubernetes clusters and other organizational objects.
Data Protection
How do you protect the valuable data resources in your Kubernetes clusters?
Lab: Data Protection
Use the data protection features of TMC to create a backup of a managed cluster and perform a restore of the lab sample application namespace.
Inspections
How do you ensure that your clusters are properly configured and their behavior conforms to industry specifications such as CIS?
Lab: Inspections
Run a CIS benchmark inspection against a managed cluster in the lab environment.
Continuous Delivery
How do you ensure that your clusters configuration is continuously synchronized in a declarative way?
Lab: Continuous Delivery
Use the continuous delivery features of TMC to install a sample application to a managed cluster utilizing declarative manifests in a configured Git source repository.