TAP installation configurator using Tanzu Accelerator to provide a tailored GitOps installation repo for the platform.
Current version TAP/tbs-deps 1.6.4 / RMQ 1.5.1 / TDS 1.12.0
NOTE: "tanzu-sync/scripts/deploy.sh" script errors out but installation will continue and fully reconcile.
- Deploy, Configure and Load up a new TAP cluster without the need to edit / create configuration files!!
- Deploy without any YAML editing!
- Platform Gitops Based TAP Deployment
- Platform GitOps Namespace provisioner configured
- Application GitOps Configured with auto-deployed demo suite
- Supported upstream platform binary registry locations
- TanzuNet direct
- Custom (Harbor)
- Supported platform target binary registry locations
- DockerHub
- Custom (Harbor tested with TAP, TBS-full-dependencies and TDS Repos mirrored)
- Dual supply-chain support
- basic
- test & scan
- Dual TLS configuration Options
- HTTP Solver for Automated ACME certificate configuration using LetsEncrypt (caution: rate-limited!)
- Bring your own TLS wildcard certificate
- Tanzu Data Services
- PostgresQL Operator
- Demo workload (petclinic deployed with service binding to in-namespace TDS postgres db)
- Spring Cloud Gateway and Spring API Portal
- Vault (helm deployed) integration for API-KEY manged microservice deployment support
- OKTA SSO protections for Spring API Portal
- Required for Spring API-Portal API-Key management support
- Tiny TAP Overlay
- Allow for non-production full profile TAP cluster deployment into < 50% of typical requirements (1-2 x 16gb AKS nodes)
- Selectively omit deployment of TLC / Eventing packages to further reduce resource requirements
- Private Registry support - provide self-signed certs for registry or intermediate CAs
- RMQ operator support allowing for 'drag and drop' "Where for dinner" deployment support
-
Provide configuration values/secrets to tap-installer wizard
-
Generate Accelerator, download & explode zip-archive
-
Open console prompt & run ./setup-tap.sh
-
optionally move/delete ./accelerator-log and ./accelerator-assets/secrets-to-seal assets
-
run ./initialize-repo.sh to create new git repo and upload to new github.
-
cd ./cluster/taplab
-
Ensure kubectl is set to access target cluster & tanzu-cluster-essentials installed thereon
-
run ./tanzu-sync/scripts/deploy.sh
-
Monitor for external IP created by TAP cluster contour - update DNS record when available
kubectl -n tanzu-system-ingress get svc -w
Optionally run k9s to watch TAP install and configuraiton on your target cluster
- DNS Service with ability to map a wildcard DNS domain to a given IP
- For 'bring your own certs' setup using letsEncrypt and Certbot, ability to record TXT records needed
- GitHub account with personal access token
- GitHub oAuth appplication (client ID & Secret)
- TanzuNet or custom registry credentials
- kubectl
- k9s (optional)
- az (if using azure / AKS)
- golang (sops cli dependency)
- sops
- kapp
- ytt
- age-keygen (optional)
- gh (optional)
- git
- Deploy kubernetes cluster
- Deploy tanzu-cluster-essentials to cluster
- Authenticate / login from your workstation to GitHub
- Create a seal-secrets (sops) encryption key (using 'age-keygen" cli