Deploying applications to VMware Tanzu Application Platform is a straightforward process, but there is some initial setup involved. Some things, like setting up a development namespace and access controls, you would need to do regardless of the platform.
Other things you need to do might be a bit different than you are used to, such as creating the initial starter application and deploying it via the included CI/CD pipeline. But, hopefully, you will see the value in these steps, and this guide will highlight some of their benefits as you go through it.
In this guide, you will walk through all of these actions. From setting up your development namespace, to deploying a sample application.
By the end of this guide, you will have a working application running on Tanzu Application Platform, with local access to it via your web browser.
These are some assumptions you should be aware of before proceeding with this guide:
v12.0“Monterey” line. Commands provided in this guide make these assumptions.
pivnetinstalled - This guide walks you through setting up your account on the Tanzu Network, as well as installing the
tanzuCLI installed and configured - This guide walks you through downloading, installing, and using the
pushyour sample application to, and later
clone, modify, and
pushyour code changes back to this repo.
In order to make some commands easier to run, you should define some local environment variables. These will include sensitive information, such as passwords. This information will be stored in your shell history file. Be aware of this before proceeding, and consider this section optional.
Define the name of your new namespace. A sample default is provided here that will make sense for your sample app.
Define your Docker Hub credentials.
Define your GitHub credentials.
Define your custom domain name. This should be the same domain as you configured during your Tanzu Application Platform install.
If you plan to use this environment for multiple applications, you are going to want some level of segmentation. Here, you will do this by setting up separate development namespaces in Kubernetes.
Create the namespace.
kubectl create ns $DEVLOPMENT_NAMESPACE
Configure a Kubernetes secret with your registry credentials.
kubectl create secret docker-registry registry-credentials --docker-server=https://index.docker.io/v1/ --docker-username=$DOCKER_HUB_USERNAME --docker-password=$DOCKER_HUB_PASSWORD -n $DEVLOPMENT_NAMESPACE
Create the necessary secrets, service accounts, and RBAC rules.
cat <<EOF | kubectl -n $DEVELOPMENT_NAMESPACE apply -f - apiVersion: v1 kind: Secret metadata: name: tap-registry annotations: secretgen.carvel.dev/image-pull-secret: "" type: kubernetes.io/dockerconfigjson data: .dockerconfigjson: e30K --- apiVersion: v1 kind: ServiceAccount metadata: name: default secrets: - name: registry-credentials imagePullSecrets: - name: registry-credentials - name: tap-registry --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: default rules: - apiGroups: [source.toolkit.fluxcd.io] resources: [gitrepositories] verbs: ['*'] - apiGroups: [source.apps.tanzu.vmware.com] resources: [imagerepositories] verbs: ['*'] - apiGroups: [carto.run] resources: [deliverables, runnables] verbs: ['*'] - apiGroups: [kpack.io] resources: [images] verbs: ['*'] - apiGroups: [conventions.apps.tanzu.vmware.com] resources: [podintents] verbs: ['*'] - apiGroups: [""] resources: ['configmaps'] verbs: ['*'] - apiGroups: [""] resources: ['pods'] verbs: ['list'] - apiGroups: [tekton.dev] resources: [taskruns, pipelineruns] verbs: ['*'] - apiGroups: [tekton.dev] resources: [pipelines] verbs: ['list'] - apiGroups: [kappctrl.k14s.io] resources: [apps] verbs: ['*'] - apiGroups: [serving.knative.dev] resources: ['services'] verbs: ['*'] - apiGroups: [servicebinding.io] resources: ['servicebindings'] verbs: ['*'] - apiGroups: [services.apps.tanzu.vmware.com] resources: ['resourceclaims'] verbs: ['*'] - apiGroups: [scanning.apps.tanzu.vmware.com] resources: ['imagescans', 'sourcescans'] verbs: ['*'] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: default roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: default subjects: - kind: ServiceAccount name: default EOF
Here you are going to use the Tanzu Application Platform UI and its application accelerator service to create a small sample application. Then you will configure your local application directory as a GitHub repo and
push it, so that Tanzu Application Platform can track changes.
Open the Tanzu Application Platform UI in your web browser. This may not work in the Safari browser since the connection is not secure.
Click the Create tab in the left-hand navigation bar.
What you are seeing here are some sample starter applications included with Tanzu Application Platform. Additional starter applications can be added, but this is beyond the scope of this guide.
Starter applications are useful to help you get started on projects faster. They can not only include many best practices for a particular language or framework, but also have your organization’s security policies and practices included by default.
They also give security and operations teams a centralized location to keep these starter applications up to date, so they can be easily changed and rolled out across an organization as the security and policy landscape changes.
Find the application called Tanzu Java Web App, and click Choose.
In the section “Prefix for the container image repository”, add
index.docker.io as shown in the following image. Then click Next Step.
Review your changes, then click Create.
This will take you to a page that shows a stream of activity logs. Once complete, click Download ZIP File. Save this to a workspace directory where you manage git projects. Mine is my
Back in your terminal, change directories to your workloads directory and unzip the file.
tar xvf tanzu-java-web-app.zip
Follow your preferred method for creating a new repository in GitHub and pushing up the
tanzu-java-web-app directory as a new GitHub project. Here is GitHub’s documentation for one example of how to do this.
Now that you have your project ready in GitHub, you have all you need to deploy your application on to Tanzu Application Platform. Run the following command to create your workload.
tanzu apps workload create tanzu-java-web-app \ --git-repo https://github.com/$GITHUB_USERNAME/tanzu-java-web-app \ --git-branch main \ --type web \ --label app.kubernetes.io/part-of=tanzu-java-web-app \ --yes \ --namespace $DEVELOPMENT_NAMESPACE
Optional: You can stream the logs for this deploy using the
tanzu apps workload tail tanzu-java-web-app --since 10m --timestamp --namespace $DEVELOPMENT_NAMESPACE
This should start building within a few seconds, but the whole build may take 5 minutes or so.
Confirm that your workload deployed successfully.
tanzu apps workload get tanzu-java-web-app --namespace $DEVELOPMENT_NAMESPACE
# tanzu-java-web-app: Ready --- lastTransitionTime: "2022-01-14T23:35:03Z" message: "" reason: Ready status: "True" type: Ready Workload pods NAME STATE AGE tanzu-java-web-app-build-1-build-pod Succeeded 7m11s tanzu-java-web-app-config-writer-lv92m-pod Succeeded 5m37s Workload Knative Services NAME READY URL tanzu-java-web-app Ready http://tanzu-java-web-app.dev-java-web-app.example.com
Your workload is now deployed on to Tanzu Application platform. But you probably still want to access your web application.
Similarly to the process of accessing the Tanzu Application GUI, it is possible to set up DNS routing and records to reach this application globally. However, that process has a lot of variables. So for simplicity, here you will access your application simply by editing your
Get the IP address of your envoy ingress pod.
kubectl get svc envoy -n tanzu-system-ingress
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE envoy LoadBalancer 10.24.9.37 220.127.116.11 80:32569/TCP,443:30160/TCP 22h
EXTERNAL-IP into another environment variable.
export ENVOY_EXTERNAL_IP=18.104.22.168 #change the IP address for your output of the above command
Append this IP address mapping to your configured domain name to
/etc/hosts. You can use a text editor or other methods to add this line as well. This command is provided for simplicity.
sudo echo "$ENVOY_EXTERNAL_IP tanzu-java-web-app.dev-java-web-app.$CUSTOM_DOMAIN" | sudo tee -a /etc/hosts
Open the application interface in your web browser.
This is a very simple application. All that should show up is the single line
Greetings from Spring Boot + Tanzu!.
Open the Tanzu Application Platform web UI.
Click Register Entity in the upper right of the UI.
In the field Repository URL, add the URL for the
catalog-info.yaml file in your repository. It should be
https://github.com/$GITHUB_USERNAME/tanzu-java-web-app/blob/main/catalog-info.yaml. Then click Analyze.
Click back on the home page icon and see that your application instance has been registered. Clicking into this application, you can explore your deployment and various metrics regarding its health.
You now have an application deployed on to Tanzu Application Platform. Of course, several steps were completed for you. These include creating the initial application accelerator (the starter application) and adding it to Tanzu Application Platform, as well as creating the various files necessary to deploy, including the
workload.yaml and the
While this might make a good follow-on for a future guide, for now check out the Documentation for information about creating these for yourself and your own custom applications.
Moving forward, check out the next post in this series:
Getting Started with VMware Tanzu Application Platform light Profile
Inner Loop Development with VMware Tanzu Application Platform