README.md

Install The App Toolkit

The app-toolkit will install and configure the following with a single command:

1. Contour - an ingress controller
2. Knative Serving
3. Kpack
4. Kpack configuration
5. FluxCD source controller
6. Cert Manager
7. Cartographer
8. Out of the box supply chain for cartographer (Cartographer Catalog)

Important the commands below assume you have a terminal window open in the same directory as this README.

Update Configuration Values

The file config/app-toolkit-values.yaml must be modified to contain values suitable for your environment. The following table has details of what needs to change. There are examples for the various registry values on the Container Registry page.

Configuration Value	Notes
contour.envoy.service.type	Change this to "LoadBalancer" if your cluster has a load balancer available
knative_serving.domain.name	If you have a LoadBalancer and DNS available, specify the domain name you will use. If you are running locally in Kind, the default value is sufficient for local workstation use. If you are using the Guard Dog OVA, replace 127-0-0-1 with the IP address of the VM.
kpack.kp_default_repository	This is a repository where certain images for Kpack will be pushed during install. If you are using Docker Hub, use the value <user_name>/kpack
kpack.kp_default_repository_username	User name for the repository
kpack.kp_default_repository_password	Password for the repository
cartographer_catalog.registry.server	Server name for images created by the out of the box supply chain. This value will be used to compose tags for images. If you are using Docker Hub, enter "index.docker.io"
cartographer_catalog.registry.repository	Tag prefix for images created by the out of the box supply chain. This value will be prepended to image tags created by Cartographer. If you are using Docker Hub, enter your Docker userid.

App Toolkit Pre-Requisites

The app toolkit only needs a registry secret. The secret must be named "registry-credentials".

On a fully "Tanzu-ified" cluster, the Carvel secretgen-controller will be installed. When the secretgen-controller is installed, you should create the secret using the Tanzu CLI. If the secretgen-controller is not installed, you can create the secret using kubectl.

You can check to see if the secretgen-controller is installed with the following command:

tanzu package installed list -A

On a fully Tanzu-ified cluster, you will see the secretgen-controller - usually in the tkg-system namespace.

If you have the secretgen-controller installed, create the secret with a command like this:

Powershell...

tanzu secret registry add registry-credentials `
  --server harbor.tanzuathome.net `
  --username admin `
  --password Harbor12345 `
  --export-to-all-namespaces

Linux/MacOS shell...

tanzu secret registry add registry-credentials \
  --server harbor.tanzuathome.net \
  --username admin \
  --password Harbor12345 \
  --export-to-all-namespaces

Important Note: If you are using Docker Hub, change the server to https://index.docker.io/v1/:

tanzu secret registry add registry-credentials `
  --server https://index.docker.io/v1/ `
  --username jeffgbutler `
  --password ******* `
  --export-to-all-namespaces

If you do not have the secretgen-controller installed, create the secret with Kubectl:

kubectl create secret docker-registry registry-credentials `
  --docker-server=harbor.tanzuathome.net `
  --docker-username=admin `
  --docker-password=Harbor12345

Linux/MacOS shell...

kubectl create secret docker-registry registry-credentials \
  --docker-server=harbor.tanzuathome.net \
  --docker-username=admin \
  --docker-password=Harbor12345

Important Note: If you are using Docker Hub, change the server to https://index.docker.io/v1/

kubectl create secret docker-registry registry-credentials `
  --docker-server=https://index.docker.io/v1/ `
  --docker-username=jeffgbutler `
  --docker-password=*******

Install App-Toolkit

Powershell...

tanzu package install app-toolkit `
  --package-name app-toolkit.community.tanzu.vmware.com `
  --version 0.2.0 `
  --values-file config/app-toolkit-values.yaml

Linux/MacOS shell...

tanzu package install app-toolkit \
  --package-name app-toolkit.community.tanzu.vmware.com \
  --version 0.2.0 \
  --values-file config/app-toolkit-values.yaml

Setup DNS on an Unmanaged Cluster (Optional)

If you created an unmanaged cluster and specified a domain name other than the default (an nip.io domain), then you should add a DNS wildcard record using the domain you specified with and answer of the cluster's IP address. The IP address can be:

1. 127.0.0.1 (localhost) if you installed everything locally and only want to access applications from a local browser
2. The IP address of the VM if you used the Guard Dog OVA to create a VM

Setup DNS With a LoadBalancer (Optional)

If you enabled load balancing and a domain in your app toolkit install, then you should add a DNS record.

First find the Load Balancer's address:

kubectl get service envoy -n projectcontour

Then add a wildcard DNS "A" record using the domain name you specified in the configuration file. In my case I added a record "*.tce.tanzuathome.net" with IP address 192.168.140.200.

Test the App Toolkit (Optional)

Once the app toolkit has finished reconciling, you can try a simple test with a Knative deployment:

kn service create kuard --image gcr.io/kuar-demo/kuard-amd64:blue

Once the command completes, the application should be available at http://kuard.default.127-0-0-1.nip.io/ (or the IP address of your VM). If you used a load balancer or changed the domain name, you can retrieve the URL with this command:

kn service describe kuard

When you are finished experimenting with Knative, you can delete the service with the following command:

kn service delete kuard

If you would like to learn more about Contour and how to configure it, you can continue to Contour Deep Dive. Otherwise, continue to learning about Knative.

Next (Explore Knative) ->