Walkthrough of Tanzu Community Edition (TCE) cluster created using Docker Extension & Package Installation

TCE cluster created using docker extension enables you to quickly start your journey as developer for modern apps. This cluster is much more than what you get with an opensource k8s cluster e.g. a CNI, kapp-controller, tanzu package repository etc.

If you are looking to setup TCE as docker extension, feel free to refer my earlier post below.

Below screenshot represents the running TCE cluster as docker extension.

Here are some key points about TCE cluster created using docker extension:

  • Once TCE extension for docker is enabled, then you need to create a TCE Cluster
  • kubeconfig file is automatically updated to access the newly created tanzu-community-edition cluster. You can validate the new context by running the following command:
$ kubectl config get-clusters | grep -i tanzu
tanzu-community-edition
  • It’s a single node cluster where control plane and workload runs
$ kubectl get nodes
NAME                                    STATUS   ROLES                  AGE   VERSION
tanzu-community-edition-control-plane   Ready    control-plane,master   8d    v1.22.7
  • Calico cni is setup as part of cluster creation
  • kapp-controller is installed for a tanzu package management

Deploying Tanzu Packages on a TCE Cluster

When a TCE Cluster is running as docker extension, you will notice that the tanzu package repository is automatically added. Let’s validate it by running the following command:

$ tanzu package repository list -A
- Retrieving repositories... 
  NAME                                          REPOSITORY                                TAG     STATUS               DETAILS  NAMESPACE                  
  projects.registry.vmware.com-tce-main-0.12.0  projects.registry.vmware.com/tce/main     0.12.0  Reconcile succeeded           tanzu-package-repo-global  
  tkg-core-repository                           projects.registry.vmware.com/tce/repo-12  0.12.0  Reconcile succeeded           tkg-system     

Let’s also validate the list of available packages:

tanzu package available list -A
/ Retrieving available packages... 
  NAME                                                    DISPLAY-NAME                 SHORT-DESCRIPTION                                                                                                                                          LATEST-VERSION  NAMESPACE                  
  app-toolkit.community.tanzu.vmware.com                  App-Toolkit package for TCE  Kubernetes-native toolkit to support application lifecycle                                                                                                 0.2.0           tanzu-package-repo-global  
  cartographer-catalog.community.tanzu.vmware.com         Cartographer Catalog         Reusable Cartographer blueprints                                                                                                                           0.3.0           tanzu-package-repo-global  
  cartographer.community.tanzu.vmware.com                 Cartographer                 Kubernetes native Supply Chain Choreographer.                                                                                                              0.3.0           tanzu-package-repo-global  
  cert-injection-webhook.community.tanzu.vmware.com       cert-injection-webhook       The Cert Injection Webhook injects CA certificates and proxy environment variables into pods                                                               0.1.1           tanzu-package-repo-global  
  cert-manager.community.tanzu.vmware.com                 cert-manager                 Certificate management                                                                                                                                     1.8.0           tanzu-package-repo-global  
  contour.community.tanzu.vmware.com                      contour                      An ingress controller                                                                                                                                      1.20.1          tanzu-package-repo-global  
  external-dns.community.tanzu.vmware.com                 external-dns                 This package provides DNS synchronization functionality.                                                                                                   0.10.0          tanzu-package-repo-global  
  fluent-bit.community.tanzu.vmware.com                   fluent-bit                   Fluent Bit is a fast Log Processor and Forwarder                                                                                                           1.7.5           tanzu-package-repo-global  
  fluxcd-source-controller.community.tanzu.vmware.com     Flux Source Controller       The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, Helm repositories and S3 buckets.  0.21.5          tanzu-package-repo-global  
  gatekeeper.community.tanzu.vmware.com                   gatekeeper                   policy management                                                                                                                                          3.7.1           tanzu-package-repo-global  
  grafana.community.tanzu.vmware.com                      grafana                      Visualization and analytics software                                                                                                                       7.5.11          tanzu-package-repo-global  
  harbor.community.tanzu.vmware.com                       harbor                       OCI Registry                                                                                                                                               2.4.2           tanzu-package-repo-global  
  helm-controller.fluxcd.community.tanzu.vmware.com       Flux Helm Controller         The Helm Controller is a Kubernetes operator, allowing one to declaratively manage Helm chart releases with Kubernetes manifests.                          0.17.2          tanzu-package-repo-global  
  knative-serving.community.tanzu.vmware.com              knative-serving              Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers                               1.0.0           tanzu-package-repo-global  
  kpack-dependencies.community.tanzu.vmware.com           kpack dependencies           Dependencies in the form of Buildpacks and Stacks for the kpack package                                                                                    0.0.27          tanzu-package-repo-global  
  kpack.community.tanzu.vmware.com                        kpack                        kpack builds application source code into OCI compliant images using Cloud Native Buildpacks                                                               0.5.3           tanzu-package-repo-global  
  kustomize-controller.fluxcd.community.tanzu.vmware.com  Flux Kustomize Controller    Kustomize controller is one of the components in GitOps toolkit.                                                                                           0.21.1          tanzu-package-repo-global  
  local-path-storage.community.tanzu.vmware.com           local-path-storage           This package provides local path node storage and primarily supports RWO AccessMode.                                                                       0.0.22          tanzu-package-repo-global  
  multus-cni.community.tanzu.vmware.com                   multus-cni                   This package provides the ability for enabling attaching multiple network interfaces to pods in Kubernetes                                                 3.8.0           tanzu-package-repo-global  
  prometheus.community.tanzu.vmware.com                   prometheus                   A time series database for your metrics                                                                                                                    2.27.0-1        tanzu-package-repo-global  
  velero.community.tanzu.vmware.com                       velero                       Disaster recovery capabilities                                                                                                                             1.8.0           tanzu-package-repo-global  
  whereabouts.community.tanzu.vmware.com                  whereabouts                  A CNI IPAM plugin that assigns IP addresses cluster-wide                                                                                                   0.5.1           tanzu-package-repo-global  
  antrea.community.tanzu.vmware.com                       antrea                       networking and network security solution for containers                                                                                                    0.13.3          tkg-system                 
  calico.community.tanzu.vmware.com                       calico                       Networking and network security solution for containers.                                                                                                   3.22.1          tkg-system                 
  metrics-server.community.tanzu.vmware.com               metrics-server               Metrics Server is a scalable, efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines.                                0.5.1           tkg-system                 
  pinniped.community.tanzu.vmware.com                     pinniped                     Pinniped provides identity services to Kubernetes.                                                                                                         0.12.1          tkg-system                 
  secretgen-controller.community.tanzu.vmware.com         secretgen-controller         Secret generation and sharing                                                                                                                              0.7.1           tkg-system                 

As you can see above, there are several packages available as part of the default TCE repository. We will try installing one package from the list above. But before that, Let’s validate which all packages are installed as part of TCE cluster creation.

tanzu package installed list -A
- Retrieving installed packages... 
  NAME  PACKAGE-NAME                       PACKAGE-VERSION  STATUS               NAMESPACE   
  cni   calico.community.tanzu.vmware.com  3.22.1           Reconcile succeeded  tkg-system  

You will notice that the calico cni package is already installed.

In this demonstration, I will be installing secretgen-controller package on an existing TCE cluster. First, let’s look at the detail about this package and if it requires some parameters.

Get the Package Detail

Run the following command to get the package detail:

$ tanzu package available get secretgen-controller.community.tanzu.vmware.com/0.7.1 -n tkg-system
- Retrieving package details for secretgen-controller.community.tanzu.vmware.com/0.7.1... 
NAME:                             secretgen-controller.community.tanzu.vmware.com
VERSION:                          0.7.1
RELEASED-AT:                      0001-01-01 00:00:00 +0000 UTC
DISPLAY-NAME:                     secretgen-controller
SHORT-DESCRIPTION:                Secret generation and sharing
PACKAGE-PROVIDER:                 VMware
MINIMUM-CAPACITY-REQUIREMENTS:    
LONG-DESCRIPTION:                 Provide CRDs to specify what secrets need to be on cluster (generated or not).
MAINTAINERS:                      [{Shivaani Gupta}]
RELEASE-NOTES:                    secretgen-controller 0.7.1 https://github.com/vmware-tanzu/carvel-secretgen-controller
LICENSE:                          [Apache 2.0]
SUPPORT:                          
CATEGORY:                         [package management]

Get the available Parameters for Secretgen-Controller

Run the following command to get the parameters details:

$ tanzu package available get secretgen-controller.community.tanzu.vmware.com/0.7.1 -n tkg-system --values-schema
| Retrieving package details for secretgen-controller.community.tanzu.vmware.com/0.7.1... 
  KEY                                  DEFAULT               TYPE     DESCRIPTION                                                     
  secretgenController.createNamespace  true                  boolean  Whether to create namespace specified for secretgen-controller  
  secretgenController.namespace        secretgen-controller  string   The namespace in which to deploy secretgen-controller

As you see above, we can pass two parameters, but in this demo, let’s not complicate and go ahead with default parameters.

Install Package

Run the below command to install the package.

$ tanzu package install secretgen-controller --package-name secretgen-controller.community.tanzu.vmware.com --version 0.7.1 -n tkg-system
- Installing package 'secretgen-controller.community.tanzu.vmware.com' 
| Getting package metadata for 'secretgen-controller.community.tanzu.vmware.com' 
| Creating service account 'secretgen-controller-tkg-system-sa' 
| Creating cluster admin role 'secretgen-controller-tkg-system-cluster-role' 
| Creating cluster role binding 'secretgen-controller-tkg-system-cluster-rolebinding' 
| Creating package resource 
/ Waiting for 'PackageInstall' reconciliation for 'secretgen-controller' 
/ 'PackageInstall' resource install status: Reconciling 

| 'PackageInstall' resource successfully reconciled 

 Added installed package 'secretgen-controller'

Validate Package Installation

  • Namespace is created

secretgen-controller        Active   2m34s

  • Deployment is created
k get all -n secretgen-controller
NAME                                        READY   STATUS    RESTARTS   AGE
pod/secretgen-controller-77f49ffd87-2475w   1/1     Running   0          3m8s

NAME                                   READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/secretgen-controller   1/1     1            1           3m8s

NAME                                              DESIRED   CURRENT   READY   AGE
replicaset.apps/secretgen-controller-77f49ffd87   1         1         1       3m8s
  • Run the below command to list the installed packages again and you will see the secretgen-controller package installed.
tanzu package installed list -A
\ Retrieving installed packages... 
  NAME                  PACKAGE-NAME                                     PACKAGE-VERSION  STATUS               NAMESPACE   
  cni                   calico.community.tanzu.vmware.com                3.22.1           Reconcile succeeded  tkg-system  
  secretgen-controller  secretgen-controller.community.tanzu.vmware.com  0.7.1            Reconcile succeeded  tkg-system  

That’s all for this post, please let me know your feedback in a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s