Deploying an Application to VMware Tanzu Application Platform
Tony Vetter
Deploying applications to VMware Tanzu Application Platform is a straightforward process, but there is some initial setup involved. Some things, like setting up a development namespace and access controls, you would need to do regardless of the platform.
Other things you need to do might be a bit different than you are used to, such as creating the initial starter application and deploying it via the included CI/CD pipeline. But, hopefully, you will see the value in these steps, and this guide will highlight some of their benefits as you go through it.
In this guide, you will walk through all of these actions. From setting up your development namespace, to deploying a sample application.
By the end of this guide, you will have a working application running on Tanzu Application Platform, with local access to it via your web browser.
Assumptions
These are some assumptions you should be aware of before proceeding with this guide:
- This guide was written for Tanzu Application Platform
v1.0
. - This guide assumes you are running MacOS. Specifically, the
v12.0
“Monterey” line. Commands provided in this guide make these assumptions. - This guide will be updated regularly, but updates might not be timed exactly to new releases of these products or platforms. You may need to modify commands if versions do not line up.
- This guide heavily leverages the official documentation for Getting Started with Tanzu Application Platform. This guide is meant to be a simple setup to get you started quickly. For more complicated or production setups, refer to the official documentation.
Prerequisites
- A Tanzu Network account with
pivnet
installed - This guide walks you through setting up your account on the Tanzu Network, as well as installing thepivnet
CLI tool. - The
tanzu
CLI installed and configured - This guide walks you through downloading, installing, and using thetanzu
CLI tool. - An install of Tanzu Application Platform - This guide walks you through the install process for Tanzu Application Platform.
- A Docker Hub account - Other repositories are supported, but for ease of use and configuration, this guide uses Docker Hub.
- A GitHub account - You will use this account to
push
your sample application to, and laterclone
, modify, andpush
your code changes back to this repo.
Set up the environment
In order to make some commands easier to run, you should define some local environment variables. These will include sensitive information, such as passwords. This information will be stored in your shell history file. Be aware of this before proceeding, and consider this section optional.
Define the name of your new namespace. A sample default is provided here that will make sense for your sample app.
export DEVELOPMENT_NAMESPACE=dev-java-web-app
Define your Docker Hub credentials.
export DOCKER_HUB_USERNAME=your-docker-hub-username
export DOCKER_HUB_PASSWORD=your-docker-hub-password
Define your GitHub credentials.
export GITHUB_USERNAME=your-github-username
Define your custom domain name. This should be the same domain as you configured during your Tanzu Application Platform install.
export CUSTOM_DOMAIN=example.com
Setting up the development namespace
If you plan to use this environment for multiple applications, you are going to want some level of segmentation. Here, you will do this by setting up separate development namespaces in Kubernetes.
Create the namespace.
kubectl create ns $DEVLOPMENT_NAMESPACE
Configure a Kubernetes secret with your registry credentials.
kubectl create secret docker-registry registry-credentials --docker-server=https://index.docker.io/v1/ --docker-username=$DOCKER_HUB_USERNAME --docker-password=$DOCKER_HUB_PASSWORD -n $DEVLOPMENT_NAMESPACE
Create the necessary secrets, service accounts, and RBAC rules.
cat <<EOF | kubectl -n $DEVELOPMENT_NAMESPACE apply -f - apiVersion: v1 kind: Secret metadata: name: tap-registry annotations: secretgen.carvel.dev/image-pull-secret: "" type: kubernetes.io/dockerconfigjson data: .dockerconfigjson: e30K --- apiVersion: v1 kind: ServiceAccount metadata: name: default secrets: - name: registry-credentials imagePullSecrets: - name: registry-credentials - name: tap-registry --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: default rules: - apiGroups: [source.toolkit.fluxcd.io] resources: [gitrepositories] verbs: ['*'] - apiGroups: [source.apps.tanzu.vmware.com] resources: [imagerepositories] verbs: ['*'] - apiGroups: [carto.run] resources: [deliverables, runnables] verbs: ['*'] - apiGroups: [kpack.io] resources: [images] verbs: ['*'] - apiGroups: [conventions.apps.tanzu.vmware.com] resources: [podintents] verbs: ['*'] - apiGroups: [""] resources: ['configmaps'] verbs: ['*'] - apiGroups: [""] resources: ['pods'] verbs: ['list'] - apiGroups: [tekton.dev] resources: [taskruns, pipelineruns] verbs: ['*'] - apiGroups: [tekton.dev] resources: [pipelines] verbs: ['list'] - apiGroups: [kappctrl.k14s.io] resources: [apps] verbs: ['*'] - apiGroups: [serving.knative.dev] resources: ['services'] verbs: ['*'] - apiGroups: [servicebinding.io] resources: ['servicebindings'] verbs: ['*'] - apiGroups: [services.apps.tanzu.vmware.com] resources: ['resourceclaims'] verbs: ['*'] - apiGroups: [scanning.apps.tanzu.vmware.com] resources: ['imagescans', 'sourcescans'] verbs: ['*'] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: default roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: default subjects: - kind: ServiceAccount name: default EOF
Create the starter application
Here you are going to use the Tanzu Application Platform UI and its application accelerator service to create a small sample application. Then you will configure your local application directory as a GitHub repo and push
it, so that Tanzu Application Platform can track changes.
Open the Tanzu Application Platform UI in your web browser. This may not work in the Safari browser since the connection is not secure.
open http://tap-gui.$CUSTOM_DOMAIN
Click the Create tab in the left-hand navigation bar.
What you are seeing here are some sample starter applications included with Tanzu Application Platform. Additional starter applications can be added, but this is beyond the scope of this guide.
Starter applications are useful to help you get started on projects faster. They can not only include many best practices for a particular language or framework, but also have your organization’s security policies and practices included by default.
They also give security and operations teams a centralized location to keep these starter applications up to date, so they can be easily changed and rolled out across an organization as the security and policy landscape changes.
Find the application called Tanzu Java Web App, and click Choose.
In the section “Prefix for the container image repository”, add
index.docker.io
as shown in the following image. Then click Next Step.Review your changes, then click Create.
This will take you to a page that shows a stream of activity logs. Once complete, click Download ZIP File. Save this to a workspace directory where you manage git projects. Mine is my
~/workloads/
directory.Back in your terminal, change directories to your workloads directory and unzip the file.
tar xvf tanzu-java-web-app.zip
Follow your preferred method for creating a new repository in GitHub and pushing up the
tanzu-java-web-app
directory as a new GitHub project. Here is GitHub’s documentation for one example of how to do this.Now that you have your project ready in GitHub, you have all you need to deploy your application on to Tanzu Application Platform. Run the following command to create your workload.
tanzu apps workload create tanzu-java-web-app \ --git-repo https://github.com/$GITHUB_USERNAME/tanzu-java-web-app \ --git-branch main \ --type web \ --label app.kubernetes.io/part-of=tanzu-java-web-app \ --yes \ --namespace $DEVELOPMENT_NAMESPACE
Optional: You can stream the logs for this deploy using the
tail
command.tanzu apps workload tail tanzu-java-web-app --since 10m --timestamp --namespace $DEVELOPMENT_NAMESPACE
This should start building within a few seconds, but the whole build may take 5 minutes or so.
Confirm that your workload deployed successfully.
tanzu apps workload get tanzu-java-web-app --namespace $DEVELOPMENT_NAMESPACE
Example output:
# tanzu-java-web-app: Ready --- lastTransitionTime: "2022-01-14T23:35:03Z" message: "" reason: Ready status: "True" type: Ready Workload pods NAME STATE AGE tanzu-java-web-app-build-1-build-pod Succeeded 7m11s tanzu-java-web-app-config-writer-lv92m-pod Succeeded 5m37s Workload Knative Services NAME READY URL tanzu-java-web-app Ready http://tanzu-java-web-app.dev-java-web-app.example.com
Your workload is now deployed on to Tanzu Application platform. But you probably still want to access your web application.
Accessing Tanzu Java Web App
Similarly to the process of accessing the Tanzu Application GUI, it is possible to set up DNS routing and records to reach this application globally. However, that process has a lot of variables. So for simplicity, here you will access your application simply by editing your /etc/hosts
file.
Get the IP address of your envoy ingress pod.
kubectl get svc envoy -n tanzu-system-ingress
Example output:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE envoy LoadBalancer 10.24.9.37 34.121.244.203 80:32569/TCP,443:30160/TCP 22h
Save the
EXTERNAL-IP
into another environment variable.export ENVOY_EXTERNAL_IP=34.121.244.203 #change the IP address for your output of the above command
Append this IP address mapping to your configured domain name to
/etc/hosts
. You can use a text editor or other methods to add this line as well. This command is provided for simplicity.sudo echo "$ENVOY_EXTERNAL_IP tanzu-java-web-app.dev-java-web-app.$CUSTOM_DOMAIN" | sudo tee -a /etc/hosts
Open the application interface in your web browser.
open http://tanzu-java-web-app.dev-java-web-app.$CUSTOM_DOMAIN"
This is a very simple application. All that should show up is the single line Greetings from Spring Boot + Tanzu!
.
Register the application in Tanzu Application Platform
Open the Tanzu Application Platform web UI.
open http://tap-gui.$CUSTOM_DOMAIN
Click Register Entity in the upper right of the UI.
In the field Repository URL, add the URL for the
catalog-info.yaml
file in your repository. It should behttps://github.com/$GITHUB_USERNAME/tanzu-java-web-app/blob/main/catalog-info.yaml
. Then click Analyze.Click Import.
Click back on the home page icon and see that your application instance has been registered. Clicking into this application, you can explore your deployment and various metrics regarding its health.
Next steps
You now have an application deployed on to Tanzu Application Platform. Of course, several steps were completed for you. These include creating the initial application accelerator (the starter application) and adding it to Tanzu Application Platform, as well as creating the various files necessary to deploy, including the workload.yaml
and the catalog-info.yaml
.
While this might make a good follow-on for a future guide, for now check out the Documentation for information about creating these for yourself and your own custom applications.
Moving forward, check out the next post in this series:
- Inner Loop Development with VMware Tanzu Application Platform - Local application development is a critical workflow for application developers. Getting fast feedback on each code change iteration is an important capability of this workflow. This guide will walk you through setting up a local development workflow which will enable live, local updates with each code save.