In this article, I will show you how to build a simple Tanzu Platform lab environment backed by a Cloud Foundry-based underlay. This blog post is intended for people with little to no experience with TP and/or CF—serving as a ‘101 getting started’ guide.

To get things up and running and prepare for your first cf push (we’ll cover that in more detail later), follow these steps:

1. Install and configure Tanzu Operations Manager.
2. Configure and deploy BOSH Director for vSphere (if you’re deploying to vSphere/VCF).
3. Configure and deploy the Small Footprint Tanzu Platform for Cloud Foundry.
4. Deploy your first application using cf push.

In this example, we’re using the Small Footprint CF tile to optimize resource usage in my lab environment. For a production deployment, you would typically use the full Tanzu Platform for Cloud Foundry tile instead.

Install and configure the Tanzu Operations Manager

The first component we need to install is Tanzu Operations Manager, often referred to as Ops Manager. It is an OVA that must be deployed to vSphere/VCF (or another cloud of your choice). Ops Manager is responsible for installing and configuring all other components needed to run Tanzu Platform / Cloud Foundry.

The installation process is straightforward. I recommend uploading your local public SSH key during setup, so you can access Ops Manager via the command line later if needed.

My configuration looks like this:

After the VM is deployed, it’s time to setup the OpsManager.

I choose for Internal Authentication and have setup a username and password plus a decryption passphrase. Wait a short while and you’re able to logon to the OpsManager using the credentials you’ve just configured.

I prefer to have signed certificates, so I’ve created and uploaded a PEM certificate + Private key under settings->SSL certificate. I am using certbot in combination with AWS Route53 and Let’s Encrypt for this.

Now, let’s take a look at the Installation Dashboard, which displays the components (called tiles) running in your environment.

At this stage, you’ll see only one tile available—the BOSH Director. BOSH is responsible for interacting with the vSphere environment, but before it can do so, we need to set up and configure the BOSH tile.

Configure and Deploy BOSH Director for vSphere

In the BOSH Director we need to setup:

1. vCenter Configuration
2. Director Configuratiojn
3. Create Availability Zones
4. Create Network
5. Assign AZs and Networks

In the vCenter Server Configuration screen setup a name for the connection, the vCenter host and of course username and password (I am using administrator@vsphere.local for my lab setup). At a minimum you need to setup a Datacenter name, Emphemeral and Persistent datastores, these are used by BOSH to deploy VMs to. Don’t forget to hit save.

In the Director Config tab you only need to setup an NTP server.

In the Create Availability Zones screen you configure where you want to deploy Ops Manager compatible products to, for me this setup looks like this:

You can optionally specify a Resource Pool and/or Host Group.

The Create Networks screen allows you to configure network that are available to BOSH to use when deploying VMs. My setup looks like this:

I recommend to configure a reserved range, BOSH is not allowed to use these IP addresses for the VMs that BOSH is deploying.

Now you also need to specify where you want to deploy the BOSH VM:

After you’ve setup everything (don’t forget to hit save!), it’s now time to deploy the BOSH component. Go back to the Installation Dashboard, and select Review Pending Changes. You can review your changes and hit Apply Changes when you’re happy with all the settings.

Now Ops Manager will run through a couple of steps that will Install and Configure BOSH director.

The process will take a while,but after everything is completed successfully you have BOSH director available and you’re ready to continue with the next step…configure and deploy Tanzu Cloud Foundry.

Configure and deploy the Small Footprint TPCF

Before configuring and deploying Cloud Foundry, we first need to download the CF tile from the Broadcom support portal. Be sure to download the Small Footprint version.

Once the tile is downloaded, import it into Operations Manager using the Import a Product button. The new product will then appear in the left-hand column in Ops Manager, where it can be easily added by clicking the plus sign.

Next, we need to go through a few configuration options. The first step is to assign AZs and Networks, which is a straightforward process in this setup:

Next thing is that you need to define are two domains: a system domain and an apps domain. You can add more apps domains at a later stage. The applications that you’re going to deploy to CF will use the apps domain, any facilitating system services are going to use the system domain.

My environment is configured like this:

I would recommend to use a signed certificates and create a (wildcard) certificate that contains the following domains:

• *.system.viktoriouslab.nl
• *.apps.viktoriouslab.nl
• *.login.system.viktoriouslab.nl
• *.uaa.system.viktoriouslab.nl

The certbot command in this case would like this:

certbot certonly --dns-route53 -d *.system.viktoriouslab.nl -d *.apps.viktoriouslab.nl -d *.login.system.viktoriouslab.nl -d *.uaa.system.viktoriouslab.nl -n --agree-tos -m <email-address> --key-type rsa --cert-name system.viktoriouslab.nl

Note that the certificate should be of type RSA.

This (PEM) certificate is now needs to be added under networking as a certificate for the gorouter(s). You also need to specify one or more IP addresses for your gorouters, the main access point to your system services and applications. Note that you need to create a DNS record that points the *.system.viktoriouslab.nl and *.apps.viktoriouslab.nl domain to the IP address of the Gorouter (in the context of this lab setup):

Under the UAA tab you also need to provide a certificate, because *.uaa.system.viktoriouslab.nl has been added as a SAN to certificate you can use the same certificate + private key as you’ve been using for the Gorouters. Under the CredHub tab you need to provide an internal encryption provider key that consist of at least 10 characters.

Optionally you might want to check and update the Resource Config tab, depending on what you’re planning to do you can change the number and size of the VMs that will be deployed as part of your CF deployment. For example, you want to add extra compute nodes or maybe you want to add a seconday Gorouters – you need to add an extra IP address in the configuration we’ve discussed earlier.

Now that everything is configured, it’s time to go to the Installation Dashboard again, hit Review Pending Changes and choose Apply Changes for CF to be deployed. This might take some time (up to more than one hour), depending on the performance of your lab environment.

After installation completes, you got yourself up and running CF environment. Now it’s time for….

Your first “cf push”

Now you have your environment available, there are two ways to access the environment:

1. Through the UI using Apps Manager, available via https://apps.<your-system-fqdn>
2. Through the CF command line tool

Accessing the Apps Manager

The logon on to the Apps Manager, you first need to retrieve the credentials. Credentials are available under the Credentials tab that’s part of the CF tile in Ops Manager.

Look for the Admin Credentails under UAA.

Now logon to https://apps.<your-system-fqdn> and create a new Organization next to the system organization that is already there. After you’ve created a new organization, open it and create a new space. Things should look like this:

Using the CF command

Now go to your command and install the cf cli.

Now type:

cf api https://api.<your-system-fqdn>
cf login

Use the same credentials as you’ve used to logon to the App Manager interface. After you’ve logged on, select the org you’ve just created. The newly created space will automatically be selected.

You can always use

cf target

to learn your current target.

Now it’s time to push a first application 🙂

git clone https://github.com/viktoriousss/first-push

(or choose another app that runs on CF)

And…

cf push

You will get an URL for your new app (unders routes) where you can access your new app. Open the URL and you will be welcomed by a nice message:

Tanzu Platform is now up and running and you have first application running on the platform.