vcenter namespace management clusters: enable spec

The enable_spec structure contains the specification required to enable vSphere Namespaces on a cluster.

Representation:

{
    "workload_ntp_servers"[
        "string",
        "string"
    ],
    "master_DNS_search_domains"[
        "string",
        "string"
    ],
    "image_storage"{
        "storage_policy""obj-103"
    },
    "ncp_cluster_network_spec"{
        "nsx_edge_cluster""obj-103",
        "pod_cidrs"[
            {
                "address""string",
                "prefix"1
            },
            {
                "address""string",
                "prefix"1
            }
        ],
        "egress_cidrs"[
            {
                "address""string",
                "prefix"1
            },
            {
                "address""string",
                "prefix"1
            }
        ],
        "cluster_distributed_switch""obj-103",
        "ingress_cidrs"[
            {
                "address""string",
                "prefix"1
            },
            {
                "address""string",
                "prefix"1
            }
        ]
    },
    "master_management_network"{
        "mode""DHCP",
        "floating_IP""string",
        "address_range"{
            "subnet_mask""string",
            "starting_address""string",
            "gateway""string",
            "address_count"1
        },
        "network""obj-103"
    },
    "Master_DNS_names"[
        "string",
        "string"
    ],
    "master_NTP_servers"[
        "string",
        "string"
    ],
    "workload_networks_spec"{
        "network_list"[
            {
                "vsphere_network"{
                    "portgroup""obj-103",
                    "address_ranges"[
                        {
                            "address""string",
                            "count"1
                        },
                        {
                            "address""string",
                            "count"1
                        }
                    ],
                    "subnet_mask""string",
                    "gateway""string"
                },
                "network_provider""NSXT_CONTAINER_PLUGIN",
                "network""obj-103"
            },
            {
                "vsphere_network"{
                    "portgroup""obj-103",
                    "address_ranges"[
                        {
                            "address""string",
                            "count"1
                        },
                        {
                            "address""string",
                            "count"1
                        }
                    ],
                    "subnet_mask""string",
                    "gateway""string"
                },
                "network_provider""NSXT_CONTAINER_PLUGIN",
                "network""obj-103"
            }
        ],
        "supervisor_primary_workload_network"{
            "vsphere_network"{
                "portgroup""obj-103",
                "address_ranges"[
                    {
                        "address""string",
                        "count"1
                    },
                    {
                        "address""string",
                        "count"1
                    }
                ],
                "subnet_mask""string",
                "gateway""string"
            },
            "network_provider""NSXT_CONTAINER_PLUGIN",
            "network""obj-103"
        }
    },
    "ephemeral_storage_policy""obj-103",
    "default_image_repository""string",
    "service_cidr"{
        "address""string",
        "prefix"1
    },
    "login_banner""string",
    "size_hint""TINY",
    "load_balancer_config_spec"{
        "ha_proxy_config_create_spec"{
            "password""secret string",
            "servers"[
                {
                    "port"1,
                    "host""string"
                },
                {
                    "port"1,
                    "host""string"
                }
            ],
            "certificate_authority_chain""string",
            "username""string"
        },
        "address_ranges"[
            {
                "address""string",
                "count"1
            },
            {
                "address""string",
                "count"1
            }
        ],
        "provider""HA_PROXY",
        "id""obj-103"
    },
    "worker_DNS"[
        "string",
        "string"
    ],
    "default_image_registry"{
        "hostname""string",
        "port"1
    },
    "master_DNS"[
        "string",
        "string"
    ],
    "network_provider""NSXT_CONTAINER_PLUGIN",
    "master_storage_policy""obj-103",
    "default_kubernetes_service_content_library""obj-103"
}

Attributes:

Name Type Description
Required
size_hint string This affects the size and resources allocated to the Kubernetes API server and the worker nodes. It also affects the suggested default serviceCidr and podCidrs.

Determines the configuration of Kubernetes API server and the worker nodes. It also determines the default values associated with the maximum number of pods and services. Use get to get information associated with a sizing_hint. Value is one of:
TINY: Cluster size of 'tiny'.
SMALL: Cluster size of 'small'.
MEDIUM: Cluster size of 'medium'.
LARGE: Cluster size of 'large'.

service_cidr ipv4_cidr CIDR block from which Kubernetes allocates service cluster IP addresses. This range should not overlap with those in com.vmware.vcenter.namespace_management.NCPClusterNetworkEnableSpec#podCidrs, com.vmware.vcenter.namespace_management.NCPClusterNetworkEnableSpec#ingressCidrs, com.vmware.vcenter.namespace_management.NCPClusterNetworkEnableSpec#egressCidrs, or other services running in the datacenter.

service_cidr.address string The IPv4 address.

service_cidr.prefix long The CIDR prefix.

network_provider string The provider of cluster networking for this vSphere Namespaces cluster.

Identifies the network plugin that cluster networking functionalities for this vSphere Namespaces Cluster. Value is one of:
NSXT_CONTAINER_PLUGIN: NSX-T Container Plugin.
VSPHERE_NETWORK: vSphere Networking. This constant was added in vSphere API 7.0.1.0.

ncp_cluster_network_spec.pod_cidrs ipv4_cidr[] CIDR blocks from which Kubernetes allocates pod IP addresses. This range should not overlap with those in com.vmware.vcenter.namespace_management.EnableSpec#serviceCidr, vcenter.namespace_management.clusters.NCP_cluster_network_enable_spec.ingress_cidrs, vcenter.namespace_management.clusters.NCP_cluster_network_enable_spec.egress_cidrs, or other services running in the datacenter. All Pod CIDR blocks must be of at least subnet size /23.

ncp_cluster_network_spec.pod_cidrs[].address string The IPv4 address.

ncp_cluster_network_spec.pod_cidrs[].prefix long The CIDR prefix.

ncp_cluster_network_spec.ingress_cidrs ipv4_cidr[] CIDR blocks from which NSX assigns IP addresses for Kubernetes Ingresses and Kubernetes Services of type LoadBalancer. These ranges should not overlap with those in vcenter.namespace_management.clusters.NCP_cluster_network_enable_spec.pod_cidrs, com.vmware.vcenter.namespace_management.EnableSpec#serviceCidr, vcenter.namespace_management.clusters.NCP_cluster_network_enable_spec.egress_cidrs, or other services running in the datacenter.

ncp_cluster_network_spec.ingress_cidrs[].address string The IPv4 address.

ncp_cluster_network_spec.ingress_cidrs[].prefix long The CIDR prefix.

ncp_cluster_network_spec.egress_cidrs ipv4_cidr[] CIDR blocks from which NSX assigns IP addresses used for performing SNAT from container IPs to external IPs. These ranges should not overlap with those in vcenter.namespace_management.clusters.NCP_cluster_network_enable_spec.pod_cidrs, com.vmware.vcenter.namespace_management.EnableSpec#serviceCidr, vcenter.namespace_management.clusters.NCP_cluster_network_enable_spec.ingress_cidrs, or other services running in the datacenter.

ncp_cluster_network_spec.egress_cidrs[].address string The IPv4 address.

ncp_cluster_network_spec.egress_cidrs[].prefix long The CIDR prefix.

workload_networks_spec.supervisor_primary_workload_network create_spec The CreateSpec of the vSphere Namespaces network that will be used by Kubernetes control plane VMs to expose Kubernetes API server to devops users and other workloads. It can also used as backing network for Tanzu Kubernetes Cluster VMs. This attribute was added in vSphere API 7.0.1.0.

workload_networks_spec.supervisor_primary_workload_network.network string Identifier of the network. This has DNS_LABEL restrictions as specified in . This must be an alphanumeric (a-z and 0-9) string and with maximum length of 63 characters and with the '-' character allowed anywhere except the first or last character. This name must be unique within a cluster. This attribute was added in vSphere API 7.0.1.0.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.vcenter.namespace_management.Network. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.vcenter.namespace_management.Network.

workload_networks_spec.supervisor_primary_workload_network.network_provider string The network provider that will manage the vSphere Namespaces network object. This attribute was added in vSphere API 7.0.1.0.

Identifies the network plugin that cluster networking functionalities for this vSphere Namespaces Cluster. Value is one of:
NSXT_CONTAINER_PLUGIN: NSX-T Container Plugin.
VSPHERE_NETWORK: vSphere Networking. This constant was added in vSphere API 7.0.1.0.

workload_networks_spec.supervisor_primary_workload_network.vsphere_network.portgroup string Identifier of the vSphere Distributed Portgroup backing the vSphere network object. This attribute was added in vSphere API 7.0.1.0.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: Network. When operations return a value of this structure as a result, the field will be an identifier for the resource type: Network.

workload_networks_spec.supervisor_primary_workload_network.vsphere_network.address_ranges IP_range[] Usable IP pools on this network. This attribute was added in vSphere API 7.0.1.0.

workload_networks_spec.supervisor_primary_workload_network.vsphere_network.address_ranges[].address string The starting address of the range. This attribute was added in vSphere API 7.0.1.0.

workload_networks_spec.supervisor_primary_workload_network.vsphere_network.address_ranges[].count long The number of IP addresses in the range. This attribute was added in vSphere API 7.0.1.0.

workload_networks_spec.supervisor_primary_workload_network.vsphere_network.gateway string Gateway for the network. This attribute was added in vSphere API 7.0.1.0.

workload_networks_spec.supervisor_primary_workload_network.vsphere_network.subnet_mask string Subnet mask of the network. This attribute was added in vSphere API 7.0.1.0.

workload_networks_spec.network_list[].network string Identifier of the network. This has DNS_LABEL restrictions as specified in . This must be an alphanumeric (a-z and 0-9) string and with maximum length of 63 characters and with the '-' character allowed anywhere except the first or last character. This name must be unique within a cluster. This attribute was added in vSphere API 7.0.1.0.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.vcenter.namespace_management.Network. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.vcenter.namespace_management.Network.

workload_networks_spec.network_list[].network_provider string The network provider that will manage the vSphere Namespaces network object. This attribute was added in vSphere API 7.0.1.0.

Identifies the network plugin that cluster networking functionalities for this vSphere Namespaces Cluster. Value is one of:
NSXT_CONTAINER_PLUGIN: NSX-T Container Plugin.
VSPHERE_NETWORK: vSphere Networking. This constant was added in vSphere API 7.0.1.0.

workload_networks_spec.network_list[].vsphere_network.portgroup string Identifier of the vSphere Distributed Portgroup backing the vSphere network object. This attribute was added in vSphere API 7.0.1.0.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: Network. When operations return a value of this structure as a result, the field will be an identifier for the resource type: Network.

workload_networks_spec.network_list[].vsphere_network.address_ranges IP_range[] Usable IP pools on this network. This attribute was added in vSphere API 7.0.1.0.

workload_networks_spec.network_list[].vsphere_network.address_ranges[].address string The starting address of the range. This attribute was added in vSphere API 7.0.1.0.

workload_networks_spec.network_list[].vsphere_network.address_ranges[].count long The number of IP addresses in the range. This attribute was added in vSphere API 7.0.1.0.

workload_networks_spec.network_list[].vsphere_network.gateway string Gateway for the network. This attribute was added in vSphere API 7.0.1.0.

workload_networks_spec.network_list[].vsphere_network.subnet_mask string Subnet mask of the network. This attribute was added in vSphere API 7.0.1.0.

load_balancer_config_spec.id string An identifier that identifies a load balancer and can be used to query or configure load balancer properties via these resources. The identifier has DNS_LABEL restrictions as specified in . This must be an alphanumeric (a-z and 0-9) string, with a maximum length of 63 characters and with the '-' character allowed anywhere except the first or last character. This name is unique across all Namespaces in this vCenter server. This attribute was added in vSphere API 7.0.1.0.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.vcenter.namespace_management.LoadBalancerConfig. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.vcenter.namespace_management.LoadBalancerConfig.

load_balancer_config_spec.address_ranges IP_range[] List of address ranges that will be used to derive frontend IP addresses for L4 virtual servers. At least one range must be provided. This attribute was added in vSphere API 7.0.1.0.

load_balancer_config_spec.provider string The provider selects a provider from the list of available providers to be used with vSphere Namespaces. This attribute was added in vSphere API 7.0.1.0.

The provider enumerates the kinds of load balancers supported by vSphere Namespaces. This enumeration was added in vSphere API 7.0.1.0. Value is one of:
HA_PROXY: This constant was added in vSphere API 7.0.1.0.

load_balancer_config_spec.ha_proxy_config_create_spec.servers server[] Servers is a list of the addresses for the data plane API servers used to configure Virtual Servers. This attribute was added in vSphere API 7.0.1.0.

load_balancer_config_spec.ha_proxy_config_create_spec.username string An administrator user name for accessing the HAProxy Data Plane API server. This attribute was added in vSphere API 7.0.1.0.

load_balancer_config_spec.ha_proxy_config_create_spec.password secret The password for the administrator user. This attribute was added in vSphere API 7.0.1.0.

load_balancer_config_spec.ha_proxy_config_create_spec.certificate_authority_chain string CertificateAuthorityChain contains PEM-encoded CA chain which is used to verify x509 certificates received from the server. This attribute was added in vSphere API 7.0.1.0.

master_management_network network_spec Specification for the management network on Kubernetes API server. vcenter.namespace_management.clusters.network_spec.mode must be STATICRANGE as we require Kubernetes API server to have a stable address.

master_management_network.network string Identifier for the network.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: Network. When operations return a value of this structure as a result, the field will be an identifier for the resource type: Network.

master_management_network.mode string The address assignment mode.

Defines various IPv4 address assignment modes. Value is one of:
DHCP: The address is automatically assigned by a DHCP server.
STATICRANGE: The address is static.

master_management_network.address_range.starting_address string The IPv4 address denoting the start of the range.

master_management_network.address_range.address_count long The number of IP addresses in the range. Addresses are derived by incrementing vcenter.namespace_management.clusters.ipv4_range.starting_address.

master_management_network.address_range.subnet_mask string Subnet mask to be set.

master_management_network.address_range.gateway string The IPv4 address of the gateway associated with the range indicated by vcenter.namespace_management.clusters.ipv4_range.starting_address and vcenter.namespace_management.clusters.ipv4_range.address_count.

master_storage_policy string Identifier of storage policy associated with Kubernetes API server.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: SpsStorageProfile. When operations return a value of this structure as a result, the field will be an identifier for the resource type: SpsStorageProfile.

ephemeral_storage_policy string Identifier of storage policy associated with ephemeral disks of all the Kubernetes Pods in the cluster.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: SpsStorageProfile. When operations return a value of this structure as a result, the field will be an identifier for the resource type: SpsStorageProfile.

image_storage image_storage_spec Specification for storage to be used for container images.

image_storage.storage_policy string Identifier of the storage policy.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: SpsStorageProfile. When operations return a value of this structure as a result, the field will be an identifier for the resource type: SpsStorageProfile.

default_image_registry.hostname string IP address or the hostname of container image registry.

Optional
ncp_cluster_network_spec NCP_cluster_network_enable_spec Specification for the NSX Container Plugin cluster network.

Optional. It is only relevant when network_provider has value NSXT_CONTAINER_PLUGIN. This field is optional and it is only relevant when the value of network_provider is NSXT_CONTAINER_PLUGIN.

ncp_cluster_network_spec.cluster_distributed_switch string vSphere Distributed Switch used to connect this cluster.

Optional. This field is required when configuring a cluster that uses NSX-T. If unset and using NSXe, the system will choose a suitable vSphere Distributed Switch.When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: vSphereDistributedSwitch. When operations return a value of this structure as a result, the field will be an identifier for the resource type: vSphereDistributedSwitch.

ncp_cluster_network_spec.nsx_edge_cluster string NSX Edge Cluster to be used for Kubernetes Services of type LoadBalancer, Kubernetes Ingresses, and NSX SNAT.

Optional. This field is required when configuring a cluster that uses NSX-T. If unset and using NSXe, the system will choose a suitable NSX Edge Cluster.When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: NSXEdgeCluster. When operations return a value of this structure as a result, the field will be an identifier for the resource type: NSXEdgeCluster.

workload_networks_spec workload_networks_enable_spec Specification for the workload networks to be associated with the cluster. This attribute was added in vSphere API 7.0.1.0.

Optional. It is only relevant when network_provider has value VSPHERE_NETWORK. This field is optional and it is only relevant when the value of network_provider is VSPHERE_NETWORK.

workload_networks_spec.supervisor_primary_workload_network.vsphere_network vsphere_DVPG_network_create_spec The create spec for a DVPG-backed Namespaces network object, supported by VSPHERE_NETWORK network provider. This attribute was added in vSphere API 7.0.1.0.

Optional. It is only relevant when network_provider has value VSPHERE_NETWORK. This field is optional and it is only relevant when the value of network_provider is VSPHERE_NETWORK.

workload_networks_spec.network_list create_spec[] CreateSpecs structurees for additional list of vSphere Namespaces networks to be associated with this cluster. This attribute was added in vSphere API 7.0.1.0.

Optional.

workload_networks_spec.network_list[].vsphere_network vsphere_DVPG_network_create_spec The create spec for a DVPG-backed Namespaces network object, supported by VSPHERE_NETWORK network provider. This attribute was added in vSphere API 7.0.1.0.

Optional. It is only relevant when network_provider has value VSPHERE_NETWORK. This field is optional and it is only relevant when the value of network_provider is VSPHERE_NETWORK.

workload_ntp_servers string[] List of NTP server DNS names or IP addresses to use for workloads such as Tanzu Kubernetes Grid VMs, specified in order of preference. This attribute was added in vSphere API 7.0.1.0.

Optional. If unset, NTP server for Kubernetes API servers will be used.

load_balancer_config_spec config_spec A LoadBalancer dictates configuration derived from a user-provisioned load balancer that will be used to operate a load balancer that fronts vSphere Namespaces cluster servers, Tanzu Kubernetes Grid API servers, and other servers upon request. This configuration is required for network providers that do not have a default load balancer included. This attribute was added in vSphere API 7.0.1.0.

Optional. It is only relevant when network_provider has value VSPHERE_NETWORK. This field is optional and it is only relevant when the value of network_provider is VSPHERE_NETWORK.

load_balancer_config_spec.ha_proxy_config_create_spec HA_proxy_config_create_spec The HA_proxy_config_create_spec is a conditional configuration made available upon selecting the HA_PROXY load balancer provider. It is used to configure the load balancer at run time. This attribute was added in vSphere API 7.0.1.0.

Optional. It is only relevant when provider has value HA_PROXY. This field is optional and it is only relevant when the value of provider is HA_PROXY.

master_management_network.floating_IP string Optionally specify the Floating IP used by the HA master cluster in the DHCP case.

Optional. It is only relevant when mode has value DHCP. This field is optional and it is only relevant when the value of mode is DHCP.

master_management_network.address_range ipv4_range Settings for the interfaces on the network.

Optional. It is only relevant when mode has value STATICRANGE. This field is optional and it is only relevant when the value of mode is STATICRANGE.

master_DNS string[] List of DNS server IP addresses to use on Kubernetes API server, specified in order of preference.

Optional. If unset, no default DNS servers are set.

worker_DNS string[] List of DNS server IP addresses to use on the worker nodes, specified in order of preference.

Optional. If unset, no default DNS servers are set.

master_DNS_search_domains string[] List of domains (for example "vmware.com") to be searched when trying to lookup a host name on Kubernetes API server, specified in order of preference.

Optional. If unset, no default DNS search domains are set.

master_NTP_servers string[] List of NTP server DNS names or IP addresses to use on Kubernetes API server, specified in order of preference.

Optional. If unset, VMware Tools based time synchronization is enabled.

login_banner string Disclaimer to be displayed prior to login via the Kubectl plugin.

Optional. If unset, just skip it.

Master_DNS_names string[] List of additional DNS names to associate with the Kubernetes API server. These DNS names are embedded in the TLS certificate presented by the API server.

Optional. If unset, no additional DNS names are embedded in the TLS certificate.

default_image_registry image_registry Default image registry to use when Kubernetes Pod container specification does not specify it as part of the container image name.

Optional. If unset, defaults to Docker Hub.

default_image_registry.port long Port number of the container image registry.

Optional. If unset, defaults to 443.

default_image_repository string Default image repository to use when Kubernetes Pod container specification does not specify it as part of the container image name.

Optional. If unset, defaults to Docker Hub official repository in case of Docker Hub image registry, otherwise defaults to empty string.

default_kubernetes_service_content_library string Identifier of the Content Library which holds the VM Images for vSphere Kubernetes Service. This Content Library should be subscribed to VMware's hosted vSphere Kubernetes Service Repository.

Optional. If unset, the Content Library identifier will not be set.When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.content.Library. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.content.Library.