Tanzu Application Platform (TAP) is a developer platform that provides a pre-paved path to production for cloud-native applications. The foundation of the path to production is a secure supply chain (or different supply chains), based on the Cartographer open-source project. A supply chain describes the path to get from the initial code, to a production ready cloud-native application running on Kubernetes. The unique value of TAP is that solution support both the Devs as well as the SecOps people. TAP provides self-service capabilities for the developers to get their projects started quickly, while TAP also helps SecOps teams to get apps to production in a fast, reliable and secure way.
In this first post we will have a closer look at the whole process from starting a new project (Kubernetes app) based on pre-defined framework called an accelerator, build a first version of the application in the developer environment. In follow up posts we will commit our changes and sync them with a remote repository. TAP will then build the “production” version of our app and deploy it to a Kubernetes cluster. In a third post we will explore the TAP GUI.
Available articles in these TAP series are:
- Building and deploying your first app on Tanzu Application Platform (1/3) – Setup the inner loop: Setup the inner loop, configure the dev environment and build a first version of our app.
- Building and deploying your first app on Tanzu Application Platform (2/3) – Setup the ouer loop:Setup the outer loop, provide a SecOps process, build and deploy our app to Kubernetes.
- Building and deploying your first app on Tanzu Application Platform (3/3) – Explore the TAP Graphical User Interface.
Before we get started with building and deploying our application, let’s walk through some prerequisites:
- You’ve installed Tanzu Application Cluster on a Kubernetes cluster. You can follow the official documentation for installation or follow along in one of my previous posts.
- The TAP GUI is available at tap-gui.<your-ingress-domain>. In my case this is tap-gui.tap.viktoriouslab.nl.
- The Tanzu CLI is available, we will need both the ‘tanzu accelerator’ and ‘tanzu apps’ command. Of course you also have kubectl available. Follow the Install Tanzu CLI in this post to get things in place.
- You will also need to install the Tanzu Developer Tools for VS code and you will also need to install Tilt. More details available here.
TAP consist of different (open-source) projects to work together to provide a superior developer experience. Running
kubectl get ns
will give you a list of the namespaces that contain the different components:
kubectl get packageinstalls.packaging.carvel.dev -n tap-install
will display the actual packages and the installed versions.
In this single cluster example I’ve also configured a tap-iterate and tap-production namespace, which will hold development resources and will hold production apps. These namespaces are configured in step 8 of the automated deployment of TAP as described here (scripts available here).
Inner loop and outer loop
Tanzu Application Platform will help you to jumpstart development and accelerate your path to production. TAP is managing & automating the inner loop and outer loop of software development.
The inner loop is the iterative process of writing, building and debugging code that a single developer performs before sharing the code, either publicly or with their team. The outer loop start as soon as source is checked into version control where automated systems (such as supply chains) will build a new version of your app (source).
Inner Loop (green) and Outer Loop (blue) are illustrated in the diagram below:
Inner loop: TAP integrates with IDEs such as Visual Studio Code and IntelliJ and allows developers to run & test apps as a Kubernetes app straight from Visual Studio Code and/or IntelliJ. Using accelerators, TAP provides a blueprint/framework for new applications the adhere enterprise-conforming code and configurations. Using a pre-defined (but customizable) supply chain (based on supply chain choreography using Cartographer) TAP is capable of automatically building the Kubernetes pod(s) based on Buildpacks (using Tanzu Build Service) and deploying the pods to the Kubernetes environment of a developer.
Outer loop: TAP supports DevSecOps teams to build production ready Kubernetes based applications. Again supply chain choreography is used to manage the whole proces from source to production. Depending on the supply chain and requirements extensive testing (using Tekton) and security scanning capabilities can be added to the supply chain.
You might want to learn a bit more about Software Supply Chain Choreography versus Orchestration. This article is a nice starting point. The GUI of TAP (called tap-gui) is based on Backstage, an open source framework for building developer portals, created at Spotify, donated to the CNCF, and adopted by hundreds of companies.
Let’s now build our fist path-to-production and setup an inner loop and outer loop with TAP.
Setup the inner loop
So let’s start with the inner loop, setup an accelerator, download the blueprint, add to our IDE and start working on our application.
Explore and setup an accelerator
The starting point for developing applications with TAP is an Application Accelerator. An Application Accelerator contains a framework/blueprint for building a new app. It’s a blueprint or skeleton that is a starting point for building a new app. The accelerator contains configurable options such as name, sizing, database configuration, resource claims, etc. These options are configured by the person who builds the accelerator.
TAP comes with a set of default accelerators that you can see in the GUI:
You can also get an overview of these accelerators through the command line:
tanzu accelerator list
kubectl get accelerators.accelerator.apps.tanzu.vmware.com -n accelerator-system
and get some more details about an accelerator (e.g.):
tanzu accelerator get tanzu-java-web-app
A list of sample accelerators is available on Github. For this example we will have close look at the tanzu-java-web-app application. Of course you can also (and will) build your own accelerators. I guess that’s for another post.
There’s an interesting “Tanzu App Accelerator – Deep Dive” article by Scott Rosenberg that explains all the nitty gritty details of accelerators. Diving into all the details is not the goal of this article, we will just configure the Tanzu Java Web App accelerator that’s available in the catalog. The Tanzu Java Web App only requires two parameters before it can be generated:
Think of a name for your app and also think of a prefix for the app that can be used on your registry. Click next and generate, and now you can explore the pre-configured package that is the startingpoint/blueprint/framework for your app. Download the zip, extract it and add it to a Git repository of choice. I’ve added my instance of this new application to my Github.
Open the app in VSC
Let’s now open the application in Visual Studio code.
If you’re laptop is setup correctly you can of course build and run the app locally. Our goal is it to bring the app to Kubernetes; for the IDE intergration with TAP we need to install Tilt and also download & configure the TAP plugin for Visual Studio Code (VSC). This process is describe here.
We also need to set a couple of settings in VSC:
Two important parameters are the namespace VSC can use to run the app and a repository on a registry that is available to publish/save the source code. The tap-iterate namespace (the name I use for it) is pre-configured following the proces here. If you followed my TAP installation procedure, the namespace is configured in this script. The repository (local-source) will automatically be created on your registry if it doesn’t exist.
Note: you also need to logon to the specified docker registry (viktorioustap.azurecr.io in this example) using docker login.
docker login viktorioustap.azure.io
The registry you specify as Tanzu Source Image in Visual Studio Code is used to publish your source code, however it’s not used to store the build images. The registry used for the build images is determined by the setting in your tap-values.yaml file.
Build and deploy the app to testing environment
Let’s start building the app and deploy it to the tap-iterate namespace. Type shift-cmd-P and select “Tanzu: Live update start” to get things going. Please be aware that your laptop is logged on to the Kubernetes cluster that contains the tap-iterate namespace.
You will see tilt is started:
You can open this page and follow the build proces there, or follow it straight in Visual Studio Code.
To get things up and running the following tanzu CLI command is started by the plugin:
tanzu apps workload apply -f config/workload.yaml --debug --live-update --local-path '.' --source-image viktorioustap.azurecr.io/local-source --namespace tap-iterate --yes > /dev/null && kubectl get workload tanzu-java-web-app --namespace tap-iterate -o yaml
- Creates a new workload object (kind = workload.carto.run) following the definition in config/workload.yaml.
- The source image for this app is coming from the local-source repository on the viktorious.azurecr.io registry (this is coming from the Tanzu plugin settings in Visual Studio Code)
- The app is deployed to tap-iterate namespace.
- After creation the workload is requested using a kubectl command.
You can monitor the build proces (using buildpacks technology) by entering the following command:
kubectl get pods -n tap-iterate -w
You can also use this command to watch the build proces:
tanzu apps workload tail tanzu-java-web-app --namespace tap-iterate
The first time the build will take a couple of minutes. Subsequent builds will only take a few seconds. You will also see a few new repositories being created on your registry server:
After a while your app is up and running in the tap-iterate namespace:
tanzu apps workload get tanzu-java-web-app --namespace tap-iterate
to get some info about your newly deployed app.
So, what do we see here?
- Source: Your source image code stored on your registry in the repository “local-source”.
- Supply chain: The (in this case) source-to-url supply chain is used for the deployment. As you can see the supply chain consist of various steps, building a ready to deploy K8S configuration from the source code repository that was provided. This K8S configuration is stored in a (GitOps) repository.
- Delivery: The delivery-basic is a cluster delivery supply chain that picks up this configuration and delivers (deploys) the application to the (production) Kubernetes environment.
- Pods: This shows the pods that are running the application.
- Knative Services: Shows the created Knative Services, this is the URL where you can connect to this workload/application.
The test version of the application is available at the URL as displayed under Knative Services. You can also use:
kubectl get services.serving.knative.dev -n tap-iterate
The app is now accessible by the developer. An update on the app that is saved to the local repository on the developer’s computer, will trigger an update to the pods running on Kubernetes. This will take a couple of seconds. In this way the developer can instantly see what the implications are to updates to his/her app.
That’s it for now, follow up posts will we be published soon!