These steps follow the documented process to install TBS 1.4.2 based on images in a local registry.
Note /var/lib/containerd must be extended to allow for a large image cache.
Update tbs-cluster.yml to have the correct storage policy and target namespace for the workload cluster.
When logged into the supervisor cluster:
# Create the cluster
kubectl apply -f tbs-cluster.yml
# Check that cluster has become ready
kubectl get tkc -A
# Log in to the workload cluster
kubectl vsphere login --server=172.20.2.2 --vsphere-username [email protected] --tanzu-kubernetes-cluster-name tbs-1 --tanzu-kubernetes-cluster-namespace tbs --insecure-skip-tls-verify
# Clear the default PSP
kubectl create clusterrolebinding psp:authenticated --clusterrole=psp:vmware-system-privileged --group=system:authenticated
Ensure the cluster has the registry CA added to the system trust store. In the example above it is defined in the yaml file.
Setup a project in the registry host TBS images and another for apps.
Follow the docs...
Update and export necessary env vars:
# REGISTRY refers to your container registry which will host all the images.
export REGISTRY_USERNAME=admin
export REGISTRY_PASSWORD=####
export REGISTRY_ENDPOINT=harbor.lab
# The path is the <registry endpoint>/<project name>
export REGISTRY_TBS_PATH=${REGISTRY_ENDPOINT}/tbs
export REGISTRY_APPS_PATH=${REGISTRY_ENDPOINT}/test-apps
export [email protected]
export TANZU_NET_PASSWORD=####
Import TBS bundle into a local registry.
imgpkg copy -b "registry.tanzu.vmware.com/build-service/bundle:1.4.2" --to-repo ${REGISTRY_TBS_PATH}/dependencies
Pull the bundle into the local temp directory.
imgpkg pull -b "${REGISTRY_TBS_PATH}/dependencies:1.4.2" -o /tmp/bundle
Install the TBS kapp in the cluster.
ytt -f /tmp/bundle/config/ \
-f /home/matt/workspace/secrets/certs/rootCA.pem \
-v kp_default_repository="${REGISTRY_TBS_PATH}/dependencies" \
-v kp_default_repository_username=$REGISTRY_USERNAME \
-v kp_default_repository_password=$REGISTRY_PASSWORD \
--data-value-yaml pull_from_kp_default_repo=true \
-v tanzunet_username="$TANZU_NET_USERNAME" \
-v tanzunet_password="$TANZU_NET_PASSWORD" \
-v descriptor_name='full' \
--data-value-yaml enable_automatic_dependency_updates=true \
| kbld -f /tmp/bundle/.imgpkg/images.yml -f- \
| kapp deploy -a tanzu-build-service -f- -y
Set the registry Secret in the namespace where TBS is installed.
kp secret create my-registry-creds --registry $REGISTRY_ENDPOINT --registry-user $REGISTRY_USERNAME
Golang test app
kp image create test-image-go --tag ${REGISTRY_APPS_PATH}/test-app-go --git https://github.com/laidbackware/tanzu-build-service-experiments --sub-path ./example-apps/golang --wait
Java test app
kp image create my-image --tag ${REGISTRY_APPS_PATH}/test-app-java --git https://github.com/buildpacks/samples --sub-path ./apps/java-maven --wait
Python test app
kp image create test-image-python --tag ${REGISTRY_APPS_PATH}/test-app-python --git https://github.com/laidbackware/tanzu-build-service-experiments --sub-path ./example-apps/python --wait