PROGRESSIVE - TANZU - Container Centric SDLC Workshop

# PROGRESSIVE - TANZU - Container Centric SDLC Workshop > This Lab will be focused on Container centric life cycle levering Tanzu Platform. This is targetted for Operations and Application Engineers. > > VI Admins/Operators will be installing Tanzu Kubernetes Grid on AWS, creating K8s clusters, provisioning a TKG cluster on AWS using a single management control (TMC - Tanzu Mission Control). >The application developers will be deploying ACME Fitness App on the workload cluster, manage the traffic using Tanzu Service Mesh and add Observability. Here are some quick links for future references: | K8s Topics | Useful Links | | ---------------------|:--------------------- | | Tanzu Portfolio | [:link:][portfolio] | | Tanzu Kubernetes Grid | [:link:][TKG] | | Tanzu Mission Control| [:link:][TMC] | | Tanzu Service Mesh | [:link:][TSM] | | Tanzu Application Catalog | [:link:][TAC] | [portfolio]: https://tanzu.vmware.com/tanzu [TKG]: https://tanzu.vmware.com/kubernetes-grid [TMC]: https://tanzu.vmware.com/mission-control [TSM]: https://tanzu.vmware.com/service-mesh [TAC]: https://tanzu.vmware.com/application-catalog ![](https://i.imgur.com/XU30rfr.png) ## :hammer_and_wrench: Tanzu Kubernetes Grid, Tanzu Mission Control & Tanzu Service Mesh Lab This lab will consist of 3 core components of Tanzu. The K8s dial tone which is `TKG (Tanzu Kubernetes Grid)`, Management Console for K8s which is `TMC (Tanzu Mission Control)` and Managing Traffic accorss multiple clusters by `TSM (Tanzu Service Mesh)`. ### Install TKG on AWS using TKG UI For Developers we have created a Management Cluster for you please proceed to "Create TKG Workload Cluster" section and use existing management cluster and skip Creation of new managment cluster. We will be following the steps from [Official Docs](https://docs.vmware.com/en/VMware-Tanzu-Kubernetes-Grid/1.1/vmware-tanzu-kubernetes-grid-11/GUID-index.html). Go the Terminal window and run the below command ``` sudo -s tkg init --ui ``` ==Open a browser and navigate to http://127.0.0.1:8080 to veiw the UI. Usually this UI pops up automatically but due to ubuntu vm, this doesn open up== - The above command will pop up TKG Installer UI: ![](https://i.imgur.com/pVJljdA.png) Select `DEPLOY` in the `AWS EC2` section. - IaaS Provider Section: On your Desktop, there is a file called `Lab Confirguation`. Open that file and use the information for AWS Access Key, Secret and SSH Key names. ![](https://i.imgur.com/VsKFZmZ.png) Once values are filled, Hit `NEXT` and it will take you to ``VPC for AWS``. - VPC for AWS Select `an existing VPC on AWS as vpc-0f24a1c5608af247b` with VPC CIDR as shown. ![](https://i.imgur.com/eJRe87I.png) Hit `NEXT` and it will take you to ``Management Cluster Settings``. - Management Cluster Settings Select `Development` and `Insatacne Type = t3.medium`. | Name | Value | | -------- | -------- | | Management Cluster Name | <initials>-mgmt-tkg | | Workder Node Instance Type | t3.medium | | Availability Zone | us-east-1a| | Bastion host | false ![](https://i.imgur.com/cV2iX8H.png) Hit `NEXT` and it will take you to `` Kubernetes Network Settings ``. - Kubernetes Network Settings Keep the default values in Cluster POD CIDR ![](https://i.imgur.com/CGuCmBW.png) Hit `Review Configuration` - Tanzu Kubernetes Grid - Confirm Settings Review the information and hit 'Deploy Management Cluster' ![](https://i.imgur.com/uAnnmzf.png) This will take around 10-15 mins to install Tanzu Kubernetes Grid and create a Management Cluster on AWS. Once the Maganement Cluster is installed, run the below command to view it from terminal: ``` tkg get management-cluster ``` This will list the management cluster you just created. run below command to view kubectl contexts and copy name of the newly created management cluster: ``` kubectl config get-contexts ``` Use the below command to set the context: ``` kubectl config use-context <NAME> ``` ![](https://i.imgur.com/Ea6iBzB.png) ``` kubectl get pods -A kubectl get storageclass ``` ------------------ ### Create TKG Workload Cluster In the same terminal, run the below command to create TKG Workload Cluster. Developers please use existing management cluster using below command to set context. ``` tkg get mc tkg set mc pgr-mgmt-cluster ``` Operators/DevOps Please use your management cluster to set context as mentioned below. ``` tkg get mc tkg set mc <initials>-mgmt-tkg ``` ``` tkg create cluster <initials>-pgr-lab-tkg-workload-cluster --size t3.small --worker-size t3.medium -p dev -c 1 -w 2 ``` Once this is completed, run the below command to view ``` tkg get clusters ``` ![](https://i.imgur.com/01bGTH3.png) Now run the below command to get the credentials: ``` tkg get credentials <cluster-name> ``` ![](https://i.imgur.com/lQ4d7bZ.png) Now set the context as mentioned when you ran the get credentials command: ``` kubectl config use-context jk-pgr-lab-tkg-workload-cluster-admin@jk-pgr-lab-tkg-workload-cluster kubectl get nodes ``` ### Deploy an Application ``` kubectl run nginx --image=nginx kubectl expose po nginx --type=LoadBalancer --port=80 ``` Get the external IP using below command and paste it in browser. It will take some time before you can access. ``` kubectl get svc ``` ## :hammer_and_wrench: Tanzu Build Service Lab This lab will leverage Tanzu Build Service which is a component that builds container for your applications and places it in your configured Container Registry. High level Architecture of this Lab ![](https://i.imgur.com/0F4Blg9.png) First let's verify if you are connected to the right cluster `jk-pgr-lab-tkg-workload-cluster` Open a new terminal and run the below commands ``` sudo -s tkg set mc sh-lab-tkg-mgmt tkg get clusters tkg get credentials pb-pgr-lab-tkg-workload-cluster ``` This will list you the cluster 'jk-pgr-lab-tkg-workload-cluster'. Get and context and then set it to the above clusters. ``` kubectl config get-contexts kubectl config use-context pb-pgr-lab-tkg-workload-cluster-admin@pb-pgr-lab-tkg-workload-cluster kubectl get no ``` ![](https://i.imgur.com/7kL7D3E.png) Lets run the `pb` command to verify the build service cli is also connected. ``` pb project list ``` This will be empty as we have not created any projects yet. ### Create Tanzu Build Service Project First we will create a project for you application in which all the build and image information will be there. Creating a project will create a namespace in your Kubernetes cluster where your local image will run. Run the below command to create a project. ``` pb project create <initials>-spring-music ``` Now when you run the below command, you will see your project with your initials. Lets target to that project. ``` pb project list pb project target <initials>-spring-music ``` ![](https://i.imgur.com/W6fxXUA.png) ### Fork & Clone the Application Repository We will be using a sample Application in which we will commit few changes and then see how Tanzu Build Service creates a container Image for you and pushes it to a Container Registery (Docker hub) in our case. Fork the repo Node Todo (https://github.com/cloudfoundry-samples/spring-music) into your github account. ![](https://i.imgur.com/e1aJs93.png) Use the `Fork` button at the top right corner to move it your repo. Next step is to clone this application into your local lab vm. Click on the `Code` button on right corner and copy the clone command. ![](https://i.imgur.com/WfQJTJU.png) Go the terminal, nagivate to your workspace folder under Home and clone this repo. ``` cd workspace git clone https://github.com/<username>/spring-music.git cd spring-music mkdir tbs-config chmod 777 /home/ubuntu/workspace/spring-music/tbs-config ``` ![](https://i.imgur.com/MbVpp5a.png) Once you have cloned the repo, you can open the repo in `ATOM` which is available in the startup menu under Development. Next steps is to create to configuration files. - Secrets for your Container Registry Repo - dockerhub-config.yaml ``` project: <initials>-spring-music registry: https://index.docker.io/v1/ username: <username> password: <password-or-token> ``` - Secrets for your Github - github-config.yaml ``` project: <initials>-spring-music repository: github.com/<username>/spring-music username: <username> password: <password-or-token> ``` Create these two yaml files under tbs-config folder. Just for Reference, on your desktop we have created templates for you so you can open those and `Save As` in your node-todo/tbs-config folder and then update the values. ![](https://i.imgur.com/pTmhNS2.png) ### Configure Secrets Once the files are created, now we have to tell Tanzu Build Service about those using the below commands: Make sure your terminal is at your spring-music project directory. ``` pb secrets git apply -f tbs-config/github-config.yaml pb secrets registry apply -f tbs-config/dockerhub-config.yaml ``` ### Configure Image Once the secrets are configured, we will set the Image configuration so that Tanzu Build Service can trigger as soon any changes are made to the repo and push it to the container registry. Create a file named - spring-music-image-config.yaml. (A sample is created for you on the desktop) and fill it with your github repo and dockerhub registry link. Save this file in the node-todo/tbs-config folder. ![](https://i.imgur.com/1znJPrO.png) from your terminal, lets apply the image command now ``` pb image apply -f tbs-config/spring-music-image-config.yaml ``` As soon as you apply the image file, it will trigger the build to create container of the node-todo app and push it to Docker Hub. Verify the build status ``` pb image builds index.docker.io/<username>/spring-music pb image logs index.docker.io/<username>/spring-music -b 1 -f ``` ![](https://i.imgur.com/nMiXL4u.png) Now go to you docker hub and see that your container will be pushed. ![](https://i.imgur.com/2DltOz0.png) ### End to End Implementation with ArgoCD Now lets build end to end deployment of the same app using ArgoCD which a CD tool for Kubernetes. ArgoCD is already deployed, we will start. Open a new Terminal and run the below command to run ArgoCD server locally ``` sudo -s kubectl port-forward svc/argocd-server -n argocd 8080:443 ``` In the browser, navigate to ==http://localhost:8080== and enter the below credentials: Username: admin password: argocd-server-86cf69886-798rj ![](https://i.imgur.com/EBISLT9.png) Since this is another GitOps Flow, you will need to fork another repository which will manage all the latest tags for your applications. Go ahead and fork the repo: https://github.com/sameerhashmi/gitops-argocd Lets Create a `New App` in ArgoCD. Hit `New App` Application Name: <initials>-spring-music Project: default Sync Policy: Automatic Repository URL: https://github.com/<username>/gitops-argocd Path: spring-music/k8s-manifest Destination Cluster: https://kubernetes.default.svc namespace: <initials>-spring-music ![](https://i.imgur.com/PalYyNR.png) ![](https://i.imgur.com/1H0mPrx.png) Hit `Create` ![](https://i.imgur.com/rYZoXzu.png) To access the application: ``` kubectl get svc -n <initials>-spring-music ``` ![](https://i.imgur.com/LhSGcdq.png) And get the external IP from the above output. Navigate to the dns to view the application. This may take few misn as it is spinning a LB in AWS for this app.