Installing Tanzu Application Platform (TAP) (Beta) on an AKS Cluster

Source-> VMware doc

What is Tanzu Application Platform (TAP)?

Tanzu Application Platform is a packaged set of components that helps developers and operators to more easily build, deploy, and manage apps on a Kubernetes platform. Currently its v0.1 version released as Beta.

TAP Components

  1. Application Accelerator for VMware Tanzu (Beta)
  2. Application Live View for VMware Tanzu (Beta)
  3. Cloud Native Runtimes for VMware Tanzu
  4. VMware Tanzu Build Service

Installation of Tanzu Application Platform

There are two supported method to install TAP:

  1. Install as a package bundle (Recommended) :-> In this post, i will talk about installing as a package bundle
  2. Install components individually

TAP Installation Steps

There are several pre-requirements to install TAP, I will talk about each of them one by one.

1. Installing the carvel command line tools

kapp: (v0.37.0 or later)

Download kapp from the below link based on your platform OS

https://github.com/vmware-tanzu/carvel-kapp/releases

Once downloaded, run the below commands ( for mac)

$ wget  https://github.com/vmware-tanzu/carvel-kbld/releases/download/v0.30.0/kbld-darwin-amd64 -O kbld
$ chmod 755 kbld 

$ mv kbld /usr/local/bin
$ kbld version
kbld version 0.30.0

ytt: (v0.34.0 or later)

Download ytt from the below link based on your platform OS

https://github.com/vmware-tanzu/carvel-ytt/releases

Once downloaded, run the below commands ( for mac)

$ wget https://github.com/vmware-tanzu/carvel-ytt/releases/download/v0.36.0/ytt-darwin-amd64 -O ytt
$ chmod 755 ytt 

$ mv ytt /usr/local/bin

imgpkg (v0.14.0 or later)

Download imgpkg from the below link based on your platform OS

https://github.com/vmware-tanzu/carvel-imgpkg/releases

Once downloaded, run the below commands ( for mac)

$ wget https://github.com/vmware-tanzu/carvel-imgpkg/releases/download/v0.17.0/imgpkg-darwin-amd64 -O imgpkg
$ chmod 755 imgpkg 

$ mv imgpkg /usr/local/bin

kbld (v0.30.0 or later)

Download kbld from the below link based on your platform OS

https://github.com/vmware-tanzu/carvel-kbld/releases

Once downloaded, run the below commands ( for mac)

$ wget  https://github.com/vmware-tanzu/carvel-kbld/releases/download/v0.30.0/kbld-darwin-amd64 -O kbld
$ chmod 755 kbld 

$ mv kbld /usr/local/bin

2. You should have proper access on kuberenetes cluster to deploy the resources. In my case, i did this on an AKS cluster with admin privileges.

3. Install kapp-controller v0.20.0 or later

$ k apply -f https://github.com/vmware-tanzu/carvel-kapp-controller/releases/latest/download/release.yml
namespace/kapp-controller created
namespace/kapp-controller-packaging-global created
apiservice.apiregistration.k8s.io/v1alpha1.data.packaging.carvel.dev created
service/packaging-api created
customresourcedefinition.apiextensions.k8s.io/internalpackagemetadatas.internal.packaging.carvel.dev created
customresourcedefinition.apiextensions.k8s.io/internalpackages.internal.packaging.carvel.dev created
customresourcedefinition.apiextensions.k8s.io/apps.kappctrl.k14s.io created
customresourcedefinition.apiextensions.k8s.io/packageinstalls.packaging.carvel.dev created
customresourcedefinition.apiextensions.k8s.io/packagerepositories.packaging.carvel.dev created
deployment.apps/kapp-controller created
serviceaccount/kapp-controller-sa created
clusterrole.rbac.authorization.k8s.io/kapp-controller-cluster-role created
clusterrolebinding.rbac.authorization.k8s.io/kapp-controller-cluster-role-binding created
clusterrolebinding.rbac.authorization.k8s.io/pkg-apiserver:system:auth-delegator created
rolebinding.rbac.authorization.k8s.io/pkgserver-auth-reader created

Verify if kapp-controller is running

$ k get po -n kapp-controller   
NAME                            READY   STATUS    RESTARTS   AGE
kapp-controller-5bd56b4-tvgb2   1/1     Running   0          33s

4. Download the TAP binaries from Tanzu Network. I think using pivnet cli is good way to do. You need have an account in Tanzu network.

To download the binaries, go to think link

https://network.tanzu.vmware.com/products/tanzu-application-platform

Accept the EULA for below produts in Tanzu network site.

e.g. here is the one reference, similarly do for all above list products.

Now, Below are the pivnet commands to download different binaries.

$ pivnet download-product-files --product-slug='tanzu-application-platform' --release-version='0.1.0' --product-file-id=1029762
2021/09/03 16:53:23 Downloading 'tap-package-repo.yaml' to 'tap-package-repo.yaml'
 261 B / 261 B [====================================================] 100.00% 0s
2021/09/03 16:53:24 Verifying SHA256
2021/09/03 16:53:24 Successfully verified SHA256
$ pivnet download-product-files --product-slug='tanzu-application-platform' --release-version='0.1.0' --product-file-id=1030872
2021/09/03 16:53:42 Downloading 'tanzu-cli-bundle-darwin-amd64.tar' to 'tanzu-cli-bundle-darwin-amd64.tar'
 20.25 MiB / 20.25 MiB [============================================] 100.00% 5s
2021/09/03 16:53:49 Verifying SHA256
2021/09/03 16:53:49 Successfully verified SHA256

Before pulling the tap container image, login to both registries. You need to use your Tanzu network credential.

$ docker login registry.pivotal.io                                                   
Authenticating with existing credentials...
Login Succeeded
$ docker login registry.tanzu.vmware.com                                             
Username: <your username>
Password: <your password>
Login Succeeded

Then, run the below command to pull the docker image.

$ docker pull registry.tanzu.vmware.com/tanzu-application-platform/tap-packages:0.1.0
0.1.0: Pulling from tanzu-application-platform/tap-packages
b022ec72af03: Pull complete 
Digest: sha256:162ecbbcd65de13ef5feff4deb21f3ac0ab60630d63f1c8647e6e885c86b8ed0
Status: Downloaded newer image for registry.tanzu.vmware.com/tanzu-application-platform/tap-packages:0.1.0
registry.tanzu.vmware.com/tanzu-application-platform/tap-packages:0.1.0

5. Now, Install Tanzu CLI. Remember you have already downloded the tanzu cli binary.. In my case, i am going to use the mac one but you need to use based on your platform OS. Run the below commands:

$ mkdir $HOME/tanzu
$ tar -xvf tanzu-cli-bundle-darwin-amd64.tar -C $HOME/tanzu
x cli/
x cli/core/
x cli/manifest.yaml
x cli/package/
x cli/package/v1.4.0-rc.5/
x cli/package/plugin.yaml
x cli/package/v1.4.0-rc.5/tanzu-package-darwin_amd64
x cli/core/v1.4.0-rc.5/
x cli/core/plugin.yaml
x cli/core/v1.4.0-rc.5/tanzu-core-darwin_amd64

$ cd $HOME/tanzu
$ sudo install cli/core/v1.4.0-rc.5/tanzu-core-darwin_amd64  /usr/local/bin/tanzu

Check Tanzu cli version

$ tanzu version
version: v1.4.0-rc.5
buildDate: 2021-08-29
sha: c9929b8f

Install Tanzu CLI plugins

$ tanzu plugin clean
tanzu plugin install -v v1.4.0-rc.5 --local cli package 
✔  successfully installed package

Validate if Tanzu CLI plugin is installed. Tanzu package management is the one needs to be installed.

$ tanzu plugin list 
  NAME                LATEST VERSION  DESCRIPTION                                                        REPOSITORY  VERSION      STATUS         
  alpha               v1.3.1          Alpha CLI commands                                                 core                     not installed  
  cluster             v1.3.1          Kubernetes cluster operations                                      core                     not installed  
  kubernetes-release  v1.3.1          Kubernetes release operations                                      core                     not installed  
  login               v1.3.1          Login to the platform                                              core                     not installed  
  management-cluster  v1.3.1          Kubernetes management cluster operations                           core                     not installed  
  package                             Tanzu package management                                                       v1.4.0-rc.5  installed      
  pinniped-auth       v1.3.1          Pinniped authentication operations (usually not directly invoked)  core                     not installed

6. Add the TAP Package Repository

Before adding the TAP package repository, there are few more steps needs to be completed.

Create namespace in kubernetes cluster

$ k create ns tap-install
namespace/tap-install created

Create docker-registry secret to store your Tanzu network credential to login to registry.

$ k create secret docker-registry tap-registry -n tap-install --docker-server='registry.pivotal.io' --docker-username="your registry user" --docker-password="<your registry pwd>"
secret/tap-registry created

Create a “tap-package-repo.yaml” file with below content and save it.

apiVersion: packaging.carvel.dev/v1alpha1
kind: PackageRepository
metadata:
 name: tanzu-tap-repository
spec:
 fetch:
   imgpkgBundle:
     image: registry.pivotal.io/tanzu-application-platform/tap-packages:0.1.0 #image location
     secretRef:
       name: tap-registry

Add TAP package repository to the cluster by applying the tap-package-repo.yaml to the cluster

$ kapp deploy -a tap-package-repo -n tap-install -f ./tap-package-repo.yaml -y
Target cluster 'https://demo-aks-cluster-dns-f1a323cd.hcp.centralindia.azmk8s.io:443' (nodes: aks-agentpool-44123869-vmss000000)

Changes

Namespace    Name                  Kind               Conds.  Age  Op      Op st.  Wait to    Rs  Ri  
tap-install  tanzu-tap-repository  PackageRepository  -       -    create  -       reconcile  -   -  

Op:      1 create, 0 delete, 0 update, 0 noop
Wait to: 1 reconcile, 0 delete, 0 noop

5:17:35PM: ---- applying 1 changes [0/1 done] ----
5:17:36PM: create packagerepository/tanzu-tap-repository (packaging.carvel.dev/v1alpha1) namespace: tap-install
5:17:36PM: ---- waiting on 1 changes [0/1 done] ----
5:17:36PM: ongoing: reconcile packagerepository/tanzu-tap-repository (packaging.carvel.dev/v1alpha1) namespace: tap-install
5:17:36PM:  ^ Reconciling
5:18:09PM: ok: reconcile packagerepository/tanzu-tap-repository (packaging.carvel.dev/v1alpha1) namespace: tap-install
5:18:09PM: ---- applying complete [1/1 done] ----
5:18:09PM: ---- waiting complete [1/1 done] ----

Succeeded

List the package repositories

$ tanzu package repository list -n tap-install
\ Retrieving repositories... 
  NAME                  REPOSITORY                                                         STATUS               DETAILS  
  tanzu-tap-repository  registry.pivotal.io/tanzu-application-platform/tap-packages:0.1.0  Reconcile succeeded

List the available package in repository

$ tanzu package available list -n tap-install
/ Retrieving available packages... 
  NAME                               DISPLAY-NAME                              SHORT-DESCRIPTION                                               
  accelerator.apps.tanzu.vmware.com  Application Accelerator for VMware Tanzu  Used to create new projects and configurations.                 
  appliveview.tanzu.vmware.com       Application Live View for VMware Tanzu    App for monitoring and troubleshooting running apps             
  cnrs.tanzu.vmware.com              Cloud Native Runtimes                     Cloud Native Runtimes is a serverless runtime based on Knative

List the package version

$ tanzu package available list cnrs.tanzu.vmware.com -n tap-install
- Retrieving package versions for cnrs.tanzu.vmware.com... 
  NAME                   VERSION  RELEASED-AT           
  cnrs.tanzu.vmware.com  1.0.1    2021-07-30T15:18:46Z

Now, we are going to install the packages

Get the available package that we are going to install.

$ tanzu package available get cnrs.tanzu.vmware.com/1.0.1 --values-schema -n tap-install
| Retrieving package details for cnrs.tanzu.vmware.com/1.0.1... 
  KEY                         DEFAULT  TYPE     DESCRIPTION                                    
  ingress.external.namespace  <nil>    string   external namespace                             
  ingress.internal.namespace  <nil>    string   internal namespace                             
  ingress.reuse_crds          false    boolean  set true to reuse existing Contour instance    
  local_dns.domain            <nil>    string   domain name                                    
  local_dns.enable            false    boolean  specify true if local DNS needs to be enabled  
  pdb.enable                  true     boolean  <nil>                                          
  provider                    <nil>    string   Kubernetes cluster provider                    
  registry.password           <nil>    string   registry password                              
  registry.server             <nil>    string   registry server                                
  registry.username           <nil>    string   registry username

7. Install Cloud Native Runtime

Create a cnr-values.yaml using the following sample as a guide, update the username and password in it.

---
registry:
 server: "registry.pivotal.io"
 username: "your tanzu network username"
 password: "your tanzu network password"

provider:
pdb:
 enable: "true"

ingress:
 reuse_crds:
 external:
   namespace:
 internal:
   namespace:    

Local_dns:

Install by running

$ tanzu package install cloud-native-runtimes -p cnrs.tanzu.vmware.com -v 1.0.1 -n tap-install -f cnr-values.yaml
- Installing package 'cnrs.tanzu.vmware.com' 
| Getting namespace 'tap-install' 
/ Getting package metadata for 'cnrs.tanzu.vmware.com' 
| Creating service account 'cloud-native-runtimes-tap-install-sa' 
| Creating cluster admin role 'cloud-native-runtimes-tap-install-cluster-role' 
| Creating cluster role binding 'cloud-native-runtimes-tap-install-cluster-rolebinding' 
| Creating secret 'cloud-native-runtimes-tap-install-values' 
- Creating package resource 
\ Package install status: Reconciling

8. Install Application Accelerator

Create an app-acclerator-values.yaml using the following sample as a guide, update username and password.

registry:
  server: "registry.pivotal.io"
  username: "your tanzu network username"
  password: "your tanzu network password"
server:
  # Set this service_type to "NodePort" for local clusters like minikube.
  service_type: "LoadBalancer"
  watched_namespace: "default"
  engine_invocation_url: "http://acc-engine.accelerator-system.svc.cluster.local/invocations"
engine:
  service_type: "ClusterIP"

Install the Flux2 dependency before application accelerator

$ kapp deploy -a flux -f https://github.com/fluxcd/flux2/releases/download/v0.15.0/install.yaml
Target cluster 'https://demo-aks-cluster-dns-f1a323cd.hcp.centralindia.azmk8s.io:443' (nodes: aks-agentpool-44123869-vmss000000)

Changes

Namespace    Name                                            Kind                      Conds.  Age  Op      Op st.  Wait to    Rs  Ri  
(cluster)    alerts.notification.toolkit.fluxcd.io           CustomResourceDefinition  -       -    create  -       reconcile  -   -  
^            buckets.source.toolkit.fluxcd.io                CustomResourceDefinition  -       -    create  -       reconcile  -   -  
^            cluster-reconciler                              ClusterRoleBinding        -       -    create  -       reconcile  -   -  
^            crd-controller                                  ClusterRole               -       -    create  -       reconcile  -   -  
^            crd-controller                                  ClusterRoleBinding        -       -    create  -       reconcile  -   -  
^            flux-system                                     Namespace                 -       -    create  -       reconcile  -   -  
^            gitrepositories.source.toolkit.fluxcd.io        CustomResourceDefinition  -       -    create  -       reconcile  -   -  
^            helmcharts.source.toolkit.fluxcd.io             CustomResourceDefinition  -       -    create  -       reconcile  -   -  
^            helmreleases.helm.toolkit.fluxcd.io             CustomResourceDefinition  -       -    create  -       reconcile  -   -  
^            helmrepositories.source.toolkit.fluxcd.io       CustomResourceDefinition  -       -    create  -       reconcile  -   -  
^            imagepolicies.image.toolkit.fluxcd.io           CustomResourceDefinition  -       -    create  -       reconcile  -   -  
^            imagerepositories.image.toolkit.fluxcd.io       CustomResourceDefinition  -       -    create  -       reconcile  -   -  
^            imageupdateautomations.image.toolkit.fluxcd.io  CustomResourceDefinition  -       -    create  -       reconcile  -   -  
^            kustomizations.kustomize.toolkit.fluxcd.io      CustomResourceDefinition  -       -    create  -       reconcile  -   -  
^            providers.notification.toolkit.fluxcd.io        CustomResourceDefinition  -       -    create  -       reconcile  -   -  
^            receivers.notification.toolkit.fluxcd.io        CustomResourceDefinition  -       -    create  -       reconcile  -   -  
flux-system  allow-egress                                    NetworkPolicy             -       -    create  -       reconcile  -   -  
^            allow-scraping                                  NetworkPolicy             -       -    create  -       reconcile  -   -  
^            allow-webhooks                                  NetworkPolicy             -       -    create  -       reconcile  -   -  
^            helm-controller                                 Deployment                -       -    create  -       reconcile  -   -  
^            helm-controller                                 ServiceAccount            -       -    create  -       reconcile  -   -  
^            image-automation-controller                     Deployment                -       -    create  -       reconcile  -   -  
^            image-automation-controller                     ServiceAccount            -       -    create  -       reconcile  -   -  
^            image-reflector-controller                      Deployment                -       -    create  -       reconcile  -   -  
^            image-reflector-controller                      ServiceAccount            -       -    create  -       reconcile  -   -  
^            kustomize-controller                            Deployment                -       -    create  -       reconcile  -   -  
^            kustomize-controller                            ServiceAccount            -       -    create  -       reconcile  -   -  
^            notification-controller                         Deployment                -       -    create  -       reconcile  -   -  
^            notification-controller                         Service                   -       -    create  -       reconcile  -   -  
^            notification-controller                         ServiceAccount            -       -    create  -       reconcile  -   -  
^            source-controller                               Deployment                -       -    create  -       reconcile  -   -  
^            source-controller                               Service                   -       -    create  -       reconcile  -   -  
^            source-controller                               ServiceAccount            -       -    create  -       reconcile  -   -  
^            webhook-receiver                                Service                   -       -    create  -       reconcile  -   -  

Op:      34 create, 0 delete, 0 update, 0 noop
Wait to: 34 reconcile, 0 delete, 0 noop

Continue? [yN]: y

Now, apply application accelerator yaml file

$ tanzu package install app-accelerator -p accelerator.apps.tanzu.vmware.com -v 0.2.0 -n tap-install -f app-acclerator-values.yaml
\ Installing package 'accelerator.apps.tanzu.vmware.com' 
| Getting namespace 'tap-install' 
| Getting package metadata for 'accelerator.apps.tanzu.vmware.com' 
| Creating service account 'app-accelerator-tap-install-sa' 
| Creating cluster admin role 'app-accelerator-tap-install-cluster-role' 
| Creating cluster role binding 'app-accelerator-tap-install-cluster-rolebinding' 
| Creating secret 'app-accelerator-tap-install-values' 
- Creating package resource 
| Package install status: Reconciling 

 Added installed package 'app-accelerator' in namespace 'tap-install'

9. Install Application Live View

Create a app-live-view-values.yaml using the following sample as a guide. update yourname and password.

---
registry:
  server: "registry.pivotal.io"
  username: "your tanzu network username"
  password: "your tanzu network password"

Now, apply the yaml file

$ tanzu package install app-live-view -p appliveview.tanzu.vmware.com -v 0.1.0 -n tap-install -f app-live-view-values.yaml
- Installing package 'appliveview.tanzu.vmware.com' 
| Getting namespace 'tap-install' 
| Getting package metadata for 'appliveview.tanzu.vmware.com' 
| Creating service account 'app-live-view-tap-install-sa' 
| Creating cluster admin role 'app-live-view-tap-install-cluster-role' 
| Creating cluster role binding 'app-live-view-tap-install-cluster-rolebinding' 
| Creating secret 'app-live-view-tap-install-values' 
- Creating package resource 
| Package install status: Reconciling 

 Added installed package 'app-live-view' in namespace 'tap-install'

List the installed packages

$ tanzu package installed list -n tap-install
\ Retrieving installed packages... 
  NAME                   PACKAGE-NAME                       PACKAGE-VERSION  STATUS               
  app-accelerator        accelerator.apps.tanzu.vmware.com  0.2.0            Reconcile succeeded  
  app-live-view          appliveview.tanzu.vmware.com       0.1.0            Reconcile succeeded  
  cloud-native-runtimes  cnrs.tanzu.vmware.com              1.0.1            Reconcile succeeded

Check what is deployed on Kubernetes cluster.

$ k get ns          
NAME                               STATUS   AGE
accelerator-system                 Active   16m
contour-external                   Active   32m
contour-internal                   Active   32m
default                            Active   70m
flux-system                        Active   13m
kapp-controller                    Active   50m
kapp-controller-packaging-global   Active   50m
knative-discovery                  Active   32m
knative-eventing                   Active   32m
knative-serving                    Active   32m
knative-sources                    Active   32m
kube-node-lease                    Active   70m
kube-public                        Active   70m
kube-system                        Active   70m
tap-install                        Active   45m
triggermesh                        Active   32m
vmware-sources                     Active   32m

Get the service in accelerator-system namespace to access the GUI.

$ k get svc -n accelerator-system                 
NAME            TYPE           CLUSTER-IP    EXTERNAL-IP    PORT(S)        AGE
acc-engine      ClusterIP      10.0.48.176   <none>         80/TCP         17m
acc-ui-server   LoadBalancer   10.0.39.154   13.71.56.116   80:30541/TCP   17m

Access by using the IP address shown for “acc-ui-server” service.

10. Creating an accelerator — Sample

Create a new-accelerator.yaml file and save below content

apiVersion: accelerator.apps.tanzu.vmware.com/v1alpha1
kind: Accelerator
metadata:
 name: new-accelerator
spec:
 git:
  url: https://github.com/sample-accelerators/new-accelerator
  ref:
    branch: main
    tag: v0.2.x

Apply the file

$ k create -f new-accelerator.yaml
accelerator.accelerator.apps.tanzu.vmware.com/new-accelerator created

Refresh your app accelerator UI and you will see that the newly created one.

List the accelerators, run below command.

k get accelerator                     
NAME                    READY   REASON   AGE
accelerator-by-dinesh   True             4s
new-accelerator         True             9m8s

So, you are now all set to work on your application 🙂

See the TAP documentation here

https://docs.vmware.com/en/VMware-Tanzu-Application-Platform/0.1/tap-0-1/GUID-overview.html

One thought on “Installing Tanzu Application Platform (TAP) (Beta) on an AKS Cluster

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s