This is a Hands-on-Lab to deploy Tanzu Kubernetes Grid and its extensions in AWS and vSphere. This lab uses helm charts for all extensions. You should be able to create Management cluster, Shared Service Cluster and Workload cluster with all extensions.
For TMC setup, please refer to TKG-LAB documentation to attach all three clusters and apply role bindings. You can use ACME Fitness lab to deploy workload on workload cluster but you just need to make sure that you are using right ingress provided in params.yaml file in helm install directory.
This lab is also using External DNS. External DNS creates wild card DNS entries for envoy service. External DNS does not support HTTPProxy CRD so for this lab we are using wild card dns entries for Load Balancer service.
Below are the instructions to install extension using helm charts on any TKG cluster considering you already have clusters up and running with all prerequisities.
helm upgrade -n cert-manager --create-namespace --install cert-manager ./tkg-extensions-helm-charts/cert-manager-0.1.0.tgz --waithelm upgrade -n tanzu-system-ingress --create-namespace --install contour ./tkg-extensions-helm-charts/contour-0.1.0.tgz \
--set ingress.host=$DNS --waithelm upgrade -n tanzu-system-auth --create-namespace --install dex ./tkg-extensions-helm-charts/dex-0.1.0.tgz \
--set svcCluster.gangway=$dns \
--set svcCluster.id=$cluster_name \
--set svcCluster.name=$cluster_name \
--set wlCluster.id=$cluster_name \
--set wlCluster.name=$cluster_name \
--set svcCluster.secret=$secret \
--set wlCluster.secret=$secret \
--set wlCluster.gangway=$dns \
--set oidc.oidcUrl=$oidcurl \
--set oidc.oidcClientId=$oidcClientId \
--set oidc.oidcClientSecret=$oidcClientSecret \
--set ingress.host=$dexhost --waithelm upgrade -n tanzu-system-auth --create-namespace --install gangway ./tkg-extensions-helm-charts/gangway-0.1.0.tgz \
--set gangway.secret=$(echo -n $SECRET | base64) \
--set gangway.secretKey=$(openssl rand -base64 32) \
--set cluster.name=$CLUSTER_NAME \
--set cluster.apiServerName=$(kubectl config view -o jsonpath="{.clusters[?(@.name==\"$CLUSTER_NAME\")].cluster.server}") \
--set dex.hostname=$dex_dns \
--set ingress.host=$GANGWAY_INGRESShelm upgrade -n tanzu-system-logging --create-namespace --install elasticsearch-kibana ./tkg-extensions-helm-charts/elasticsearch-kibana-0.1.0.tgz \
--set elasticsearch.host=$elasticsearch_dns \
--set kibana.host=$kibana_dnshelm upgrade -n tanzu-system-logging --create-namespace --install fluent-bit ./tkg-extensions-helm-charts/fluent-bit-0.1.0.tgz \
--set elasticsearch.host=$elasticsearch_dns \
--set elasticsearch.port=$elasticsearch_port) \
--set tkg.clusterName=$CLUSTER_NAME \
--set tkg.instanceName=$CLUSTER_NAMEhelm upgrade -n metallb --create-namespace --install metallb bitnami/metallb -f $METALLB_VALUES_FILEMake sure you have the below CLI's installed on your machine. Please make sure that you are using params.yaml file provided in helmisntall directory. Since TKG-LAb and helminstall using two different params.yaml file but they are going to merged in next iterations.
- kubectl
- tkg
- helm 3 - latest version
- yq
Follow the instructions here to complete the Prerequisites.
- Setup Bootstrap Environment & Creating Management Cluster
- Configure External DNS and/or Metallb
- Configure Contour
- Configure DEX
- Create a Shared Services Cluster
- Configure TMC
- Configure Certificate Manager
- Insall External DNS and/or Metallb
- Configure Ingress Controller - Contour
- Configure Gangway
- Configure Tanzu Observability
- Configure Elastic Search & Kibana
- Configure Fluentbit
-
Deploy an Application
Please follow acme fitness lab. You need to make sure that you are using right ingress.