--- apiVersion: v1 kind: Secret metadata: name: workload-vsphere-tkg3-user-trusted-ca-secret namespace: demo1 type: Opaque data: harbor-ca-1: TFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVWlBWRU5EUVRaSFowRjNTVUpCWjBsS1FVMXNSVzl2YVZKRWJVeHJUVUV3UjBOVGNVZFRTV0l6UkZGRlFrTjNWVUZOU1VkdVRWRnpkME5SV1VRS1ZsRlJSRVJCU2tSUlZFVllUVUpWUjBObmJWTktiMjFVT0dsNGEwRlNhMWRDTTFwNlkwZG9iR050VlhoR1ZFRlVRbWR2U210cFlVcHJMMGx6V2tGRldncEdaMVp6WWpKT2FHSkVSVXhOUVd0SFFURlZSVUpvVFVOV1ZrMTRSWHBCVWtKblRsWkNRV2ROUTJ0T2FHSkhiRzFpTTBwMVlWZEZlRXRVUVc1Q1owNVdDa0pCYjAxSlNFNXFUV2t3ZUUxRE1IaFBSRmwwVFhwTmRFMVVWVEpNYlZaMVduazFNbUpZWkdoamJWVjFXVEk1ZEUxU2MzZEhVVmxFVmxGUlRFUkNTbGNLVkZoa2FHTnRWV2RTVnpWdVlWYzFiRnBZU25CaWJXTjNTR2hqVGsxcVNYZFBSRVY2VFZSbmVFNXFSWGxYYUdOT1RYcEpkMDlFUlhkTlZHZDRUbXBGZVFwWGFrTkNjSHBGVEUxQmEwZEJNVlZGUVhkM1ExRXdSWGhHZWtGV1FtZHZTbXRwWVVwckwwbHpXa0ZGV2tablpESmpNMEp2V2xoS2JFMVNWWGRGZDFsTENrTmFTVzFwV2xCNVRFZFJRa2RTV1VaaVJ6bHFXVmQzZUVONlFVcENaMDVXUWtGWlZFRnNWbFJOVWsxM1JWRlpSRlpSVVVsRVFYQkVXVmQ0Y0ZwdE9Ya0tZbTFzYUUxVGEzZEtkMWxFVmxGUlMwUkRRbnBaZWtsMFRWUkJkRTFVWnpKTVZFMTZURlJGTVU1cE5XeGliV04xWkcweE0xbFlTbXhNYlU1MllsUkZZZ3BOUW10SFFURlZSVU4zZDFOV2F6RXpXVmhLYkVsRlZuVmFNbXgxV2xkV2VXRlhOVzVOU1VsQ2IycEJUa0puYTNGb2EybEhPWGN3UWtGUlJVWkJRVTlEQ2tGWk9FRk5TVWxDYVdkTFEwRlpSVUZ5YjJoTVMyRmtXR3hzYURCa2JYWTBjMnB4ZUhWR1pWVjJLMjFIWlcxc2FrcDJNMjB4TUhoVVNEUndaVFJ5YUV3S1UwTTROaTlIV25JMFoxRklhMjkzZUc1RU1Wa3ZiMXBwY1ZWUE1YRnlUek5pVURWaWRHbFVWM1pVYzNKQldqQjBWRWxRTVVZMWJXdzFZMmxHVTFBd05BcG5TR3RoVUZaVlQzb3dPSEJWUWpCcGEwSk9kR0V2WlRCTFlXdEZjR2MyUW1KWWVVZFVWMWRuTVdOaVFscGxlRzUwYkUxa05YcG1WRUZ4UmpCVFQzUXJDbFJ4TnpCRlYyVklZV3hyWVZkNFYyc3ZaMmRpU0VWNllrcFpURk5JUjA1NmQwcExlblJVZHpONFprUlJLM3BzWlRSR05rNUtTM1k0VlhGYVkzUmlhWGdLZWxoc2IzWkRhelpVYVRaM1FqTnBhM0JzZGtKbE56bElZWEZwV0VaRFNrRnpOVTV2UVU1dFkyMUlPVXhRVkZsWmFYQnhjR3RsU0M4NFJ6RXlNVVJyVVFwUU9IbHJjRUUxYlhkbmJITjZlVEVyVW5kUE5GWTVVa0p5U2s1NmFuSlhlRk5PUVc4MU9GQkViVzg1U1UxcE0zTnlWSGRNTkRSemREZGlTV281TVRWMENpOUhXVnBzZEhFMlpGa3hhMWQ2YkdSa1pXUlRZMmsyV1RkTFkwcEhMM05PVkhsV1ZqaEdTVWx4V0ZoRUwyNWpSbXhOZURKYVpESlZMMEpyUmtKdlMzb0tibU41WkdZM1RDOUhSemhPU2todFZWbE9VblZQVTNsYVUyVTNiV292YkRWUVdXOUJNVTlHTkhjMWNURjRaSE5ZV1hsSU1sUkRhRlZhT1hBeVVEZFNlUXBPYURSQldVNXJjMnhKUjBsdVlqQm1RV2ROUWtGQlIycGFha0pyVFVJd1IwRXhWV1JFWjFGWFFrSlRPRGRUVUdOSk5HcHFTR1JhZEROWmNUTnVVbGhtQ21GMVltOU9WRUZtUW1kT1ZraFNSVVZIUkVGWFoxRTFiR0pYUm5CaVJVSm9XVEl4YkV4dFRuWmlXV05GWm5kQlFVRlVRVTlDWjA1V1NGRTRRa0ZtT0VVS1FrRk5RMEZSV1hkRloxbEVWbEl3VkVGUlNDOUNRV2QzUW1kRlFpOTNTVUpCUkVGT1FtZHJjV2hyYVVjNWR6QkNRVkZ6UmtGQlQwTkJXVVZCYlcxRlFncDJSMHBhUkhsa01FMTZSMWRqT0hWVldrUTBjMlZKVm5kalNsUkpNMEZRYmtabGFVWnNVa1JJUVZoVFZtSlVNVXhsVUU5ck1ERnRiMjR6UjBsWU1FeE9Dall2VG5kU1VsTnFaRkpEVmpVM1ZYTm5ORzVSTXpCcE0xVTRaWFZPVm05d1FrVjZRMUJIWVZkU1lXNVljWEpQWTBJM05tZFhWMFZhUzBoM1RuRk5ibTRLVG1oNFkxWnJlV1YzV0hWa00weHZVSEpCTlVOSmFqWllUREZYYldOcGIwdENkRzkzWWs5b1ZERXdXWGhxTm1oQlVuVkZTRkJOUTJwMGEydHdNbE15TUFwdlF5ODFNVE5vYjFNNVJEaG1SbWR1WTFOemNrZFlNMFI1UVRGRFVIQkpLMHcwTTJGTE9YY3ZXSFZpTDNWRlozZ3Jaa3BuYTNabU1XaGtRMUpqUWpGT0NsbHFTV3QzYUhCdldGVlFNV2RsU2sxNGFUSlRlRXc1UW5wRlZVSlVlRlpDUjNaS1dHeHhabTB4V21Kc2RWRXpaMjlLU1dwdFRtOVViemhLVTJSNFZsUUtSbWx6Vm01NlowUnZSWEpVUnpSeWExWXpTM0JMZW5oaFZYTmFObmRWZFdKcloyTlJLM0JQYVhOTWVVNUhiVWd4ZW1STWVIRjFWWE55YjI5bFdWQlVSUXBRWjJnNFRVaDZkR0k0UkdkbVdVSldjR0Y1WlhGc1dWRnZZVzlSYmpaSmJIWTNWVU5wTTJSYVQxaDRTM2d6Y1RKMFVXd3JSbms1ZFVsb1ltZ3JMMmxyQ2xKaEsyZE5ZM1pFYUhKUU16UjBja0Z4YzFoVVNFWlRhVGxGTld4UWNtNVFXalJUYlVOQ1VEQnhTRFp1TkhWVmRYZDBabHBLU21WMU4wOVlkZ290TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09 --- apiVersion: cluster.x-k8s.io/v1beta1 kind: Cluster metadata: name: workload-vsphere-tkg3 namespace: demo1 spec: clusterNetwork: services: cidrBlocks: ["192.168.32.0/20"] pods: cidrBlocks: ["192.168.0.0/20"] serviceDomain: "cluster.local" topology: class: tanzukubernetescluster version: v1.25.7---vmware.3-fips.1-tkg.1 controlPlane: # metadata: # annotations: # run.tanzu.vmware.com/resolve-os-image: os-name=ubuntu replicas: 1 # 8.0U3 # machineHealthCheck: # enable: true # maxUnhealthy: 100% # nodeStartupTimeout: 4h0m0s # unhealthyConditions: # - status: Unknown # timeout: 5m0s # type: Ready # - status: "False" # timeout: 12m0s # type: Ready workers: machineDeployments: - class: node-pool failureDomain: zone1 name: node-pool-1 replicas: 1 # variables: # overrides: # - name: vmClass # value: best-effort-large # metadata: # annotations: # run.tanzu.vmware.com/resolve-os-image: os-name=ubuntu - class: node-pool failureDomain: zone2 name: node-pool-2 replicas: 0 # variables: # overrides: # - name: vmClass # value: best-effort-large # metadata: # annotations: # run.tanzu.vmware.com/resolve-os-image: os-name=ubuntu - class: node-pool failureDomain: zone3 name: node-pool-3 replicas: 0 # variables: # overrides: # - name: vmClass # value: best-effort-large # metadata: # annotations: # run.tanzu.vmware.com/resolve-os-image: os-name=ubuntu variables: - name: ntp value: "ntp.vmware.com" - name: vmClass value: best-effort-small - name: storageClass value: tanzu - name: defaultStorageClass value: tanzu - name: clusterEncryptionConfigYaml value: | apiVersion: apiserver.config.k8s.io/v1 kind: EncryptionConfiguration resources: - resources: - secrets providers: - aescbc: keys: - name: key1 secret: QiMgJGYXudtljldVyl+AnXQQlk7r9iUXBfVKqdEfKm8= - identity: {} # ADDITIONAL VALUES - name: nodePoolVolumes value: - capacity: storage: "15Gi" mountPath: "/var/lib/containerd" name: containerd storageClass: tanzu - capacity: storage: "15Gi" mountPath: "/var/lib/kubelet" name: kubelet storageClass: tanzu - name: controlPlaneVolumes value: - capacity: storage: "15Gi" mountPath: "/var/lib/containerd" name: containerd storageClass: tanzu - capacity: storage: "15Gi" mountPath: "/var/lib/kubelet" name: kubelet storageClass: tanzu # Not supported # - capacity: # storage: "4Gi" # mountPath: "/var/lib/etcd" # name: etcd # storageClass: tanzu - name: trust value: additionalTrustedCAs: - name: harbor-ca-1