Installing Tanzu Application Platform (TAP) (Beta) on an AKS Cluster
11 min readSep 3, 2021
What is Tanzu Application Platform (TAP)?
Tanzu Application Platform is a packaged set of components that helps developers and operators to more easily build, deploy, and manage apps on a Kubernetes platform. Currently its v0.1 version released as Beta.
TAP Components
- Application Accelerator for VMware Tanzu (Beta)
- Application Live View for VMware Tanzu (Beta)
- Cloud Native Runtimes for VMware Tanzu
- VMware Tanzu Build Service
Installation of Tanzu Application Platform
There are two supported method to install TAP:
- Install as a package bundle (Recommended) :-> In this post, i will talk about installing as a package bundle
- Install components individually
TAP Installation Steps
There are several pre-requirements to install TAP, I will talk about each of them one by one.
1. Installing the carvel command line tools
kapp: (v0.37.0 or later)
Download kapp from the below link based on your platform OS
Once downloaded, run the below commands ( for mac)
$ wget https://github.com/vmware-tanzu/carvel-kbld/releases/download/v0.30.0/kbld-darwin-amd64 -O kbld$ chmod 755 kbld
$ mv kbld /usr/local/bin$ kbld version
kbld version 0.30.0
ytt: (v0.34.0 or later)
Download ytt from the below link based on your platform OS
Once downloaded, run the below commands ( for mac)
$ wget https://github.com/vmware-tanzu/carvel-ytt/releases/download/v0.36.0/ytt-darwin-amd64 -O ytt$ chmod 755 ytt
$ mv ytt /usr/local/bin
imgpkg (v0.14.0 or later)
Download imgpkg from the below link based on your platform OS
Once downloaded, run the below commands ( for mac)
$ wget https://github.com/vmware-tanzu/carvel-imgpkg/releases/download/v0.17.0/imgpkg-darwin-amd64 -O imgpkg$ chmod 755 imgpkg
$ mv imgpkg /usr/local/bin
kbld (v0.30.0 or later)
Download kbld from the below link based on your platform OS
Once downloaded, run the below commands ( for mac)
$ wget https://github.com/vmware-tanzu/carvel-kbld/releases/download/v0.30.0/kbld-darwin-amd64 -O kbld$ chmod 755 kbld
$ mv kbld /usr/local/bin
2. You should have proper access on kuberenetes cluster to deploy the resources. In my case, i did this on an AKS cluster with admin privileges.
3. Install kapp-controller v0.20.0 or later
$ k apply -f https://github.com/vmware-tanzu/carvel-kapp-controller/releases/latest/download/release.yml
namespace/kapp-controller created
namespace/kapp-controller-packaging-global created
apiservice.apiregistration.k8s.io/v1alpha1.data.packaging.carvel.dev created
service/packaging-api created
customresourcedefinition.apiextensions.k8s.io/internalpackagemetadatas.internal.packaging.carvel.dev created
customresourcedefinition.apiextensions.k8s.io/internalpackages.internal.packaging.carvel.dev created
customresourcedefinition.apiextensions.k8s.io/apps.kappctrl.k14s.io created
customresourcedefinition.apiextensions.k8s.io/packageinstalls.packaging.carvel.dev created
customresourcedefinition.apiextensions.k8s.io/packagerepositories.packaging.carvel.dev created
deployment.apps/kapp-controller created
serviceaccount/kapp-controller-sa created
clusterrole.rbac.authorization.k8s.io/kapp-controller-cluster-role created
clusterrolebinding.rbac.authorization.k8s.io/kapp-controller-cluster-role-binding created
clusterrolebinding.rbac.authorization.k8s.io/pkg-apiserver:system:auth-delegator created
rolebinding.rbac.authorization.k8s.io/pkgserver-auth-reader createdVerify if kapp-controller is running
$ k get po -n kapp-controller
NAME READY STATUS RESTARTS AGE
kapp-controller-5bd56b4-tvgb2 1/1 Running 0 33s4. Download the TAP binaries from Tanzu Network. I think using pivnet cli is good way to do. You need have an account in Tanzu network.
To download the binaries, go to think link
Accept the EULA for below produts in Tanzu network site.
- Tanzu Application Platform
- Tanzu Build Service and its associated components, Tanzu Build Service Dependencies, Buildpacks for VMware Tanzu, and Stacks for VMware Tanzu
- Cloud Native Runtimes
- Application Accelerator
- Application Live View
e.g. here is the one reference, similarly do for all above list products.
Note: If you need help in setting up pivnet, follow below link
Now, Below are the pivnet commands to download different binaries.
$ pivnet download-product-files --product-slug='tanzu-application-platform' --release-version='0.1.0' --product-file-id=10297622021/09/03 16:53:23 Downloading 'tap-package-repo.yaml' to 'tap-package-repo.yaml'
261 B / 261 B [====================================================] 100.00% 0s
2021/09/03 16:53:24 Verifying SHA256
2021/09/03 16:53:24 Successfully verified SHA256$ pivnet download-product-files --product-slug='tanzu-application-platform' --release-version='0.1.0' --product-file-id=10308722021/09/03 16:53:42 Downloading 'tanzu-cli-bundle-darwin-amd64.tar' to 'tanzu-cli-bundle-darwin-amd64.tar'
20.25 MiB / 20.25 MiB [============================================] 100.00% 5s
2021/09/03 16:53:49 Verifying SHA256
2021/09/03 16:53:49 Successfully verified SHA256
Before pulling the tap container image, login to both registries. You need to use your Tanzu network credential.
$ docker login registry.pivotal.io
Authenticating with existing credentials...
Login Succeeded$ docker login registry.tanzu.vmware.com
Username: <your username>
Password: <your password>
Login Succeeded
Then, run the below command to pull the docker image.
$ docker pull registry.tanzu.vmware.com/tanzu-application-platform/tap-packages:0.1.0
0.1.0: Pulling from tanzu-application-platform/tap-packages
b022ec72af03: Pull complete
Digest: sha256:162ecbbcd65de13ef5feff4deb21f3ac0ab60630d63f1c8647e6e885c86b8ed0
Status: Downloaded newer image for registry.tanzu.vmware.com/tanzu-application-platform/tap-packages:0.1.0
registry.tanzu.vmware.com/tanzu-application-platform/tap-packages:0.1.05. Now, Install Tanzu CLI. Remember you have already downloded the tanzu cli binary.. In my case, i am going to use the mac one but you need to use based on your platform OS. Run the below commands:
$ mkdir $HOME/tanzu
$ tar -xvf tanzu-cli-bundle-darwin-amd64.tar -C $HOME/tanzu
x cli/
x cli/core/
x cli/manifest.yaml
x cli/package/
x cli/package/v1.4.0-rc.5/
x cli/package/plugin.yaml
x cli/package/v1.4.0-rc.5/tanzu-package-darwin_amd64
x cli/core/v1.4.0-rc.5/
x cli/core/plugin.yaml
x cli/core/v1.4.0-rc.5/tanzu-core-darwin_amd64
$ cd $HOME/tanzu
$ sudo install cli/core/v1.4.0-rc.5/tanzu-core-darwin_amd64 /usr/local/bin/tanzu
Check Tanzu cli version
$ tanzu version
version: v1.4.0-rc.5
buildDate: 2021-08-29
sha: c9929b8fInstall Tanzu CLI plugins
$ tanzu plugin clean
tanzu plugin install -v v1.4.0-rc.5 --local cli package
✔ successfully installed package
Validate if Tanzu CLI plugin is installed. Tanzu package management is the one needs to be installed.
$ tanzu plugin list
NAME LATEST VERSION DESCRIPTION REPOSITORY VERSION STATUS
alpha v1.3.1 Alpha CLI commands core not installed
cluster v1.3.1 Kubernetes cluster operations core not installed
kubernetes-release v1.3.1 Kubernetes release operations core not installed
login v1.3.1 Login to the platform core not installed
management-cluster v1.3.1 Kubernetes management cluster operations core not installed
package Tanzu package management v1.4.0-rc.5 installed
pinniped-auth v1.3.1 Pinniped authentication operations (usually not directly invoked) core not installed 6. Add the TAP Package Repository
Before adding the TAP package repository, there are few more steps needs to be completed.
Create namespace in kubernetes cluster
$ k create ns tap-install
namespace/tap-install createdCreate docker-registry secret to store your Tanzu network credential to login to registry.
$ k create secret docker-registry tap-registry -n tap-install --docker-server='registry.pivotal.io' --docker-username="your registry user" --docker-password="<your registry pwd>"
secret/tap-registry createdCreate a “tap-package-repo.yaml” file with below content and save it.
apiVersion: packaging.carvel.dev/v1alpha1
kind: PackageRepository
metadata:
name: tanzu-tap-repository
spec:
fetch:
imgpkgBundle:
image: registry.pivotal.io/tanzu-application-platform/tap-packages:0.1.0 #image location
secretRef:
name: tap-registryAdd TAP package repository to the cluster by applying the tap-package-repo.yaml to the cluster
$ kapp deploy -a tap-package-repo -n tap-install -f ./tap-package-repo.yaml -y
Target cluster 'https://demo-aks-cluster-dns-f1a323cd.hcp.centralindia.azmk8s.io:443' (nodes: aks-agentpool-44123869-vmss000000)
Changes
Namespace Name Kind Conds. Age Op Op st. Wait to Rs Ri
tap-install tanzu-tap-repository PackageRepository - - create - reconcile - -
Op: 1 create, 0 delete, 0 update, 0 noop
Wait to: 1 reconcile, 0 delete, 0 noop
5:17:35PM: ---- applying 1 changes [0/1 done] ----
5:17:36PM: create packagerepository/tanzu-tap-repository (packaging.carvel.dev/v1alpha1) namespace: tap-install
5:17:36PM: ---- waiting on 1 changes [0/1 done] ----
5:17:36PM: ongoing: reconcile packagerepository/tanzu-tap-repository (packaging.carvel.dev/v1alpha1) namespace: tap-install
5:17:36PM: ^ Reconciling
5:18:09PM: ok: reconcile packagerepository/tanzu-tap-repository (packaging.carvel.dev/v1alpha1) namespace: tap-install
5:18:09PM: ---- applying complete [1/1 done] ----
5:18:09PM: ---- waiting complete [1/1 done] ----
SucceededList the package repositories
$ tanzu package repository list -n tap-install
\ Retrieving repositories...
NAME REPOSITORY STATUS DETAILS
tanzu-tap-repository registry.pivotal.io/tanzu-application-platform/tap-packages:0.1.0 Reconcile succeededList the available package in repository
$ tanzu package available list -n tap-install
/ Retrieving available packages...
NAME DISPLAY-NAME SHORT-DESCRIPTION
accelerator.apps.tanzu.vmware.com Application Accelerator for VMware Tanzu Used to create new projects and configurations.
appliveview.tanzu.vmware.com Application Live View for VMware Tanzu App for monitoring and troubleshooting running apps
cnrs.tanzu.vmware.com Cloud Native Runtimes Cloud Native Runtimes is a serverless runtime based on Knative List the package version
$ tanzu package available list cnrs.tanzu.vmware.com -n tap-install
- Retrieving package versions for cnrs.tanzu.vmware.com...
NAME VERSION RELEASED-AT
cnrs.tanzu.vmware.com 1.0.1 2021-07-30T15:18:46Z
Now, we are going to install the packages
Get the available package that we are going to install.
$ tanzu package available get cnrs.tanzu.vmware.com/1.0.1 --values-schema -n tap-install
| Retrieving package details for cnrs.tanzu.vmware.com/1.0.1...
KEY DEFAULT TYPE DESCRIPTION
ingress.external.namespace <nil> string external namespace
ingress.internal.namespace <nil> string internal namespace
ingress.reuse_crds false boolean set true to reuse existing Contour instance
local_dns.domain <nil> string domain name
local_dns.enable false boolean specify true if local DNS needs to be enabled
pdb.enable true boolean <nil>
provider <nil> string Kubernetes cluster provider
registry.password <nil> string registry password
registry.server <nil> string registry server
registry.username <nil> string registry username
7. Install Cloud Native Runtime
Create a cnr-values.yaml using the following sample as a guide, update the username and password in it.
---
registry:
server: "registry.pivotal.io"
username: "your tanzu network username"
password: "your tanzu network password"
provider:
pdb:
enable: "true"
ingress:
reuse_crds:
external:
namespace:
internal:
namespace:
Local_dns:Install by running
$ tanzu package install cloud-native-runtimes -p cnrs.tanzu.vmware.com -v 1.0.1 -n tap-install -f cnr-values.yaml
- Installing package 'cnrs.tanzu.vmware.com'
| Getting namespace 'tap-install'
/ Getting package metadata for 'cnrs.tanzu.vmware.com'
| Creating service account 'cloud-native-runtimes-tap-install-sa'
| Creating cluster admin role 'cloud-native-runtimes-tap-install-cluster-role'
| Creating cluster role binding 'cloud-native-runtimes-tap-install-cluster-rolebinding'
| Creating secret 'cloud-native-runtimes-tap-install-values'
- Creating package resource
\ Package install status: Reconciling8. Install Application Accelerator
Create an app-acclerator-values.yaml using the following sample as a guide, update username and password.
registry:
server: "registry.pivotal.io"
username: "your tanzu network username"
password: "your tanzu network password"
server:
# Set this service_type to "NodePort" for local clusters like minikube.
service_type: "LoadBalancer"
watched_namespace: "default"
engine_invocation_url: "http://acc-engine.accelerator-system.svc.cluster.local/invocations"
engine:
service_type: "ClusterIP"Install the Flux2 dependency before application accelerator
$ kapp deploy -a flux -f https://github.com/fluxcd/flux2/releases/download/v0.15.0/install.yaml
Target cluster 'https://demo-aks-cluster-dns-f1a323cd.hcp.centralindia.azmk8s.io:443' (nodes: aks-agentpool-44123869-vmss000000)
Changes
Namespace Name Kind Conds. Age Op Op st. Wait to Rs Ri
(cluster) alerts.notification.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
^ buckets.source.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
^ cluster-reconciler ClusterRoleBinding - - create - reconcile - -
^ crd-controller ClusterRole - - create - reconcile - -
^ crd-controller ClusterRoleBinding - - create - reconcile - -
^ flux-system Namespace - - create - reconcile - -
^ gitrepositories.source.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
^ helmcharts.source.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
^ helmreleases.helm.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
^ helmrepositories.source.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
^ imagepolicies.image.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
^ imagerepositories.image.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
^ imageupdateautomations.image.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
^ kustomizations.kustomize.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
^ providers.notification.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
^ receivers.notification.toolkit.fluxcd.io CustomResourceDefinition - - create - reconcile - -
flux-system allow-egress NetworkPolicy - - create - reconcile - -
^ allow-scraping NetworkPolicy - - create - reconcile - -
^ allow-webhooks NetworkPolicy - - create - reconcile - -
^ helm-controller Deployment - - create - reconcile - -
^ helm-controller ServiceAccount - - create - reconcile - -
^ image-automation-controller Deployment - - create - reconcile - -
^ image-automation-controller ServiceAccount - - create - reconcile - -
^ image-reflector-controller Deployment - - create - reconcile - -
^ image-reflector-controller ServiceAccount - - create - reconcile - -
^ kustomize-controller Deployment - - create - reconcile - -
^ kustomize-controller ServiceAccount - - create - reconcile - -
^ notification-controller Deployment - - create - reconcile - -
^ notification-controller Service - - create - reconcile - -
^ notification-controller ServiceAccount - - create - reconcile - -
^ source-controller Deployment - - create - reconcile - -
^ source-controller Service - - create - reconcile - -
^ source-controller ServiceAccount - - create - reconcile - -
^ webhook-receiver Service - - create - reconcile - -
Op: 34 create, 0 delete, 0 update, 0 noop
Wait to: 34 reconcile, 0 delete, 0 noop
Continue? [yN]: yNow, apply application accelerator yaml file
$ tanzu package install app-accelerator -p accelerator.apps.tanzu.vmware.com -v 0.2.0 -n tap-install -f app-acclerator-values.yaml
\ Installing package 'accelerator.apps.tanzu.vmware.com'
| Getting namespace 'tap-install'
| Getting package metadata for 'accelerator.apps.tanzu.vmware.com'
| Creating service account 'app-accelerator-tap-install-sa'
| Creating cluster admin role 'app-accelerator-tap-install-cluster-role'
| Creating cluster role binding 'app-accelerator-tap-install-cluster-rolebinding'
| Creating secret 'app-accelerator-tap-install-values'
- Creating package resource
| Package install status: Reconciling
Added installed package 'app-accelerator' in namespace 'tap-install'9. Install Application Live View
Create a app-live-view-values.yaml using the following sample as a guide. update yourname and password.
---
registry:
server: "registry.pivotal.io"
username: "your tanzu network username"
password: "your tanzu network password"Now, apply the yaml file
$ tanzu package install app-live-view -p appliveview.tanzu.vmware.com -v 0.1.0 -n tap-install -f app-live-view-values.yaml
- Installing package 'appliveview.tanzu.vmware.com'
| Getting namespace 'tap-install'
| Getting package metadata for 'appliveview.tanzu.vmware.com'
| Creating service account 'app-live-view-tap-install-sa'
| Creating cluster admin role 'app-live-view-tap-install-cluster-role'
| Creating cluster role binding 'app-live-view-tap-install-cluster-rolebinding'
| Creating secret 'app-live-view-tap-install-values'
- Creating package resource
| Package install status: Reconciling
Added installed package 'app-live-view' in namespace 'tap-install'List the installed packages
$ tanzu package installed list -n tap-install
\ Retrieving installed packages...
NAME PACKAGE-NAME PACKAGE-VERSION STATUS
app-accelerator accelerator.apps.tanzu.vmware.com 0.2.0 Reconcile succeeded
app-live-view appliveview.tanzu.vmware.com 0.1.0 Reconcile succeeded
cloud-native-runtimes cnrs.tanzu.vmware.com 1.0.1 Reconcile succeededCheck what is deployed on Kubernetes cluster.
$ k get ns
NAME STATUS AGE
accelerator-system Active 16m
contour-external Active 32m
contour-internal Active 32m
default Active 70m
flux-system Active 13m
kapp-controller Active 50m
kapp-controller-packaging-global Active 50m
knative-discovery Active 32m
knative-eventing Active 32m
knative-serving Active 32m
knative-sources Active 32m
kube-node-lease Active 70m
kube-public Active 70m
kube-system Active 70m
tap-install Active 45m
triggermesh Active 32m
vmware-sources Active 32mGet the service in accelerator-system namespace to access the GUI.
$ k get svc -n accelerator-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
acc-engine ClusterIP 10.0.48.176 <none> 80/TCP 17m
acc-ui-server LoadBalancer 10.0.39.154 13.71.56.116 80:30541/TCP 17mAccess by using the IP address shown for “acc-ui-server” service.
10. Creating an accelerator — Sample
Create a new-accelerator.yaml file and save below content
apiVersion: accelerator.apps.tanzu.vmware.com/v1alpha1
kind: Accelerator
metadata:
name: new-accelerator
spec:
git:
url: https://github.com/sample-accelerators/new-accelerator
ref:
branch: main
tag: v0.2.xApply the file
$ k create -f new-accelerator.yaml
accelerator.accelerator.apps.tanzu.vmware.com/new-accelerator createdRefresh your app accelerator UI and you will see that the newly created one.
List the accelerators, run below command.
k get accelerator
NAME READY REASON AGE
accelerator-by-dinesh True 4s
new-accelerator True 9m8s
So, you are now all set to work on your application :)
