Tanzu Mission Control - Intro


Recently I've been playing around with VMware Tanzu and specifically vSphere with Tanzu. VMware Tanzu is a whole suite of different products and services, and to be honest it's not always easy to keep track of what's what and how things relates to eachother.

This post will be taking a closer look at a service VMware provides for managing Kubernetes across multiple clouds and cloud providers. To me this is a very promising offering and one of those things that can make a difference in a VI admins struggle to keep up with Dev's everlasting push for infra.

Enter Tanzu Mission Control, TMC for short.

TMC introduction

Tanzu Mission Control aims to help with the following (not an extensive list):

  • Managing clusters on any cloud and provider
  • Cluster lifecycle management on supported providers
  • Manage security across multiple clusters
  • Centralized policy management
  • Access management

One thing that differs TMC from a couple of the other products in the Tanzu portfolio is that this is a Software as a Service offering. Meaning it's a service you subscribe to, not a software you download and install in your datacenter.

Although this makes sense for many products, especially products like TMC that integrates with lot's of different providers, it's also making a bit more difficult to try out. Sure you can sign up for a trial and go ahead and use it, but I know from my own experience that this isn't always that easy. A trial usually comes with some kind of commitment (or at least a phone call or three) from the vendor where they want you report back how you found the service and so on. Maybe you also need approval (or don't want to) for testing and integrating on-prem stuff up to a cloud service, and so on.

Either way, I got my self a trial for the product giving me the ability to test it out and see if this can deliver on the promises to help managing Kubernetes across clouds and providers.

Let's dive in

VMware Cloud

TMC runs under the VMware Cloud umbrella like other products like the vRealize SaaS offerings, Skyline, VMC and so on. Chances are that you already have an account and an organization set up for this so I won't go into that in this post.

When I log in to the VMware Cloud Services console I have access to only two services at this point, the VMware Marketplace and the VMware Tanzu Mission Control trial

VMware Cloud Services console

Let's fire up that TMC link and see how we can get started

Mission Control

VMware Tanzu Mission Control console

The TMC console is obviously blank as we haven't added anything yet so let's add in a cluster

Adding a TKGS cluster

First let's add an existing Tanzu Kubernetes Grid Service cluster.

When adding clusters you have two options, Create and Attach. The first one creates a new cluster and to be able to do this you need a supported Provisioner, while the latter attaches an existing cluster, which can be running anywhere.

The creation process obviously differ a bit from the attaching, we'll take a look at creation later on. First we'll just add in an existing cluster.

TKGS cluster

We'll hit Attach cluster in our TMC console, and fill out the details for the cluster. In this example I'll just give it a name

Attach cluster

When we click Next we get a link that can be used to install the agent extensions needed in your cluster.

Install agent link

Applying that link in your Kubernetes cluster will create a namespace, config maps, some secrets, Custom Resource Definitions (CRD), Role bindings, Services and Deployments, all needed to let TMC talk to your cluster.

You can view the entire YAML file to see what it actually does

I'll apply this yaml in my cluster

Apply TMC yaml to Kubernetes cluster

After a little while you can hit the Verify connection button to see if your cluster is connected to TMC

Verify connection

If the connection is verified to be successful we can hit the View cluster button to see what TMC have fetched from our cluster

Cluster info

From TMC we can see that we get a lot of information about our cluster.

View cluster in TMC

The Overview tab names things like labels, versions, the current resource usage, health and so on.

Cluster nodes

The Nodes tab gives us information about the Kubernetes nodes running. We can see the kubelet version and the requested/allocated CPU and memory.

Cluster namespaces

The Namespaces tab lists all namespaces in the cluster, has a nice filter option to hide Tanzu and System namespaces. And it lets us create a namespace

Cluster workloads

The Workloads tab lists the workloads in the cluster, e.g. Replica sets and Deployments. Again we can filter the System and Tanzu workloads, and we can see the Health, number of Pods and labels of the different objects.

Cluster inspections

The Inspections tab lists the inspections run in this cluster. Since this is a new cluster there's nothing to list her. Later on we'll run some inspections to see what this can help us with.


This was a short intro to how to get a cluster added to Tanzu Mission Control and a first look at VMware's SaaS offering for managing Kubernetes clusters across clouds and providers.

Cluster dashboard

I'm very excited to see how this can help admins in managing their clusters, as I think this is one of the big obstacles for traditional IT admins when it comes to supporting developers with Kubernetes platforms.

In a few upcoming posts we'll take a closer look at a few of the capabilities, like adding clusters from different providers and clouds, creating clusters, policies and more.

Check out my other TMC posts

If you want to check out TMC yourself, but can't or don't want to sign up for a trial you can always test the Hands on labs from VMware

This page was modified on February 23, 2021: Added link to other posts in series