In this article I would like to talk about a semi-automated installation of Tanzu Application Platform (TAP) that I use myself to setup demo environments. For this setup I use a series of scripts that all can be found on GitHub. These scripts can be used to deploy a single cluster installation of TAP. You can use these scripts for your own benefit, to get started with TAP quickly. The scripts will run on MacOS, and after some minor changes also on Linux. For an installation using Windows, please refer to the TAP documentation. The current version of the scripts is working for TAP 1.3.
Check the prerequisites
Let start with checking some prerequisites as published here. You will need:
- Access to Tanzu Network website and registry.
- A supported (private) registry, such Harbor, Azure Registry or something else. 10 GB storage is recommended and you need read/write access.
- At least one Kubernetes cluster running version 1.22, 1.23 or 1.24. AKS, EKS, GKE, Minikube, RHOS, TKG and vSphere with Tanzu are all supported. This article discusses a single cluster setup of TAP, a multi-cluster topology is also possible but out of scope of this article.
- You need to have enough resources available on the Kubernetes cluster, otherwise the installation will fail.
- You will need to have a configured default storage class. Use “k get storageclass” to see available storageclasses and check if a default storage class is configured.
- You will need to configure at least one DNS wildcard A record, more details below.
- Installing on EKS (AWS) adds some extra requirements to take into account.
Important: Only when running vSphere with Tanzu you must configure the pod security policies, otherwise your installation will fail.
kubectl create clusterrolebinding default-tkg-admin-privileged-binding --clusterrole=psp:vmware-system-privileged --group=system:authenticated
I have an example yaml file available that can be used with vSphere with Tanzu to deploy a workload cluster with enough (storage) capacity available and also has a default storage class configured. It’s available for download here and is tested on vSphere 7.
Configure a wildcard DNS A record
Configure a wildcard DNS A record for your TAP environment, for example *.tap.viktoriouslab.nl. The ingress of TAP will take care of the different entrypoints that are configured as part of the TAP installation.
Introduction to the scripts
To successfully install TAP the following scripts are used:
- Script 00-set-environment-variables.sh contains the environment variables.
- The tap-values.yaml file contains the TAP specific settings.
- Scripts 00 – 08 walk you through all required installation steps.
Clone the repository to your local workstation to access all the scripts/files:
git clone https://github.com/viktoriousss/tap-installation
Set environments variables
Start by editing 00-set-environment-variables.sh so it reflects the correct settings:
- Configure your Tanzu Network login/email adress and password.
- Create a private registry and configure registry URL, login and password. You can use Harbor, Azure registry
The environment variables are successfully loaded on to your system.
Sign in to Tanzu Network and download required software
Sign in to Tanzu Network and accept the following EULAs and download required software:
- Accept Tanzu Application Platform 1.3 EULA
- Accept Cluster Essentials for VMware Tanzu EULA
- Download version 1.3.0 of the Tanzu CLI
- Download version 1.3.0 of Cluster Essentials
Install Tanzu CLI on your system
Remove and install Tanzu CLI from/on your system:
- Remove Tanzu CLI if available on your system using 01-remove-tanzu-cli.sh.
- Install Tanzu CLI 1.3.0 on your system using 02-install-tanzu-cli.sh.
After the installation completes you should see:
Deploy cluster essentials
If you’re running a non-TKG Kubernetes cluster, or if you’re using vSphere with Tanzu you must install Tanzu Cluster Essentials. Tanzu Cluster Essentials is deployed to the cluster where you want to install TAP. Use
kubectl config set-context <kubernetes cluster context>
to switch to the context of your cluster, then install cluster essentials by using script 03-deploy-cluster-essentials.sh. Installation will take a couple of minutes. This step is not required for TKG multi-cloud (aka TKGm).
Relocate image to registry
Now it’s time to relocate the installation images from Tanzu Network to your private registry. Script 04-relocate-images-to-registry.sh will execute this task (depending on available bandwidth). This might take some time, about 6 GB will be copied from Tanzu Network to your private registry.
After the script has completed, you will find Tanzu installation files on your registry:
Note: you can choose to install TAP directly from Tanzu Network registry without using a private registry. This is an option, however there’s no SLA on the Tanzu Network registry, so this is not recommend for production usage.
Add repository to cluster
No it’s time to add the installation repository to your cluster, and create a secret so the installation repository can be accessed. Depending on your setup, a private registry versus the Tanzu Network registry, one of the following scripts should be executed:
- 05-add-repo-to-cluster.sh is used if you’re deploying TAP from a private registry and you have relocated TAP installation files.
- 05b-add-repo-to-cluster.sh is used if you’re deploying TAP from Tanzu Network registry. This is not recommended because no SLA is offered on the Tanzu Network registry.
Install Tanzu Application Platform
Now it’s to install TAP! Make sure you have a valid tap-values.yaml configuration. Install TAP using script 06-install-tap.sh. You can monitor installation progress (in a second terminal!) with script 07-monitor-tap-installation.sh.
Create Developer Namespaces
Now you have TAP up and running, the next step is to create two namespaces. In this example we will create an iterate and production namespace. The iterate namespace can be used by the developer to deploy his/her test apps. The production namespace will run the production workloads. These namespaces need some secrets and roles to be configured as documented here.
Namespaces will be configured by script 08-configure-namespaces.sh.
You’re now ready to configure and use TAP accelerators and deploy your first workloads with TAP. The documentation contains some interesting quick start guides.