TAP On GKE (1.0.0) : Part 1 – Prepare The Setup

Reading Time: 4 mins


Tanzu Application Platform is a packaged set of components that helps developers and operators to more easily build, deploy, and manage apps on a Kubernetes platform.


  • Tanzu Network account to download Tanzu Application Platform packages.
  • A container image registry, such as Harbor or Docker Hub with at least 10 GB of available storage for application images, base images, and runtime dependencies. When available, VMware recommends using a paid registry account to avoid potential rate-limiting associated with some free registry offerings.
  • Registry credentials with push and write access made available to Tanzu Application Platform to store images.
  • Network access to https://registry.tanzu.vmware.com
  • Network access to your chosen container image registry.

There are some optional prerequisites as well, refer to official doc for more details.

Create GKE Cluster

  • Steps to create GKE cluster is documented here (includes kubectl, gcloud CLI),  but to install TAP you need instances with min 8 GB of RAM across all nodes available to Tanzu Application Platform. So ensure to deploy GKE cluster with below min config:

Note: Since this is for demo, I have selected Regional for Location type and 2 nodes. But, if you are deploying into production env, ensure to add more nodes to cluster with appropriate size.

      • Cluster basics: 

      • Node pool
          • Name: Give a name
      • Node Size


  • Once the cluster is created and status turns green, click on the cluster > connect > command-line access
# Get credentials

gcloud container clusters get-credentials <clustername> --zone asia-south1-a --project <project id>

# Get contexts
kubectl config get-contexts
CURRENT   NAME                                            CLUSTER                                         AUTHINFO                                        NAMESPACE
*         gke_eknath-se_asia-south1_tap-demo-clustergke   gke_eknath-se_asia-south1_tap-demo-clustergke   gke_eknath-se_asia-south1_tap-demo-clustergke

# Get the nodes
kubectl get nodes
NAME                                                 STATUS   ROLES    AGE     VERSION
gke-tap-demo-clustergke-tap-nodepool-3bb1fcf9-8cfq   Ready    <none>   7m50s   v1.21.5-gke.1302
gke-tap-demo-clustergke-tap-nodepool-3bb1fcf9-llw7   Ready    <none>   7m50s   v1.21.5-gke.1302
gke-tap-demo-clustergke-tap-nodepool-c2ce55fa-239h   Ready    <none>   7m50s   v1.21.5-gke.1302
gke-tap-demo-clustergke-tap-nodepool-c2ce55fa-fmsz   Ready    <none>   7m50s   v1.21.5-gke.1302

Install Tanzu CLI, plugins

Install Tanzu CLI

Sign to Tanzu Network and accept below EULAs:

Sign in to Tanzu Network , Download tanzu-cluster-essentials-darwin-amd64-1.0.0.tgz (for OS X) or tanzu-cluster-essentials-linux-amd64-1.0.0.tgz (for Linux) into local machine and copy to destination jumpbox using scp or download directly using pivnet cli.

scp command (Optional)
Syntax: scp -i < key file (include path)> <file name (include path )> ubuntu@<ip>:/tmp

$ scp -i ~/.ssh/jumpbox-aws.pem tanzu-cluster-essentials-linux-amd64-1.0.0.tgz ubuntu@

eknath@jumpbox:~$ ls
tanzu  tanzu-cluster-essentials-linux-amd64-1.0.0.tgz  tanzu-framework-linux-amd64_1.tar

# Create a new directory
mkdir $HOME/tanzu-cluster-essentials

# unpack the TAR file
tar -xvf tanzu-cluster-essentials-linux-amd64-1.0.0.tgz -C $HOME/tanzu-cluster-essentials

# Configure and run install.sh, which installs kapp-controller and secretgen-controller on your cluster: Where TANZU-NET-USER and TANZU-NET-PASSWORD are your credentials for Tanzu Network.

export INSTALL_BUNDLE=registry.tanzu.vmware.com/tanzu-cluster-essentials/cluster-essentials-bundle@sha256:82dfaf70656b54dcba0d4def85ccae1578ff27054e7533d08320244af7fb0343
export INSTALL_REGISTRY_HOSTNAME=registry.tanzu.vmware.com
cd $HOME/tanzu-cluster-essentials

Note: Succeeded indicates successful installation

# Install the kapp CLI onto your $PATH:

sudo cp $HOME/tanzu-cluster-essentials/kapp /usr/local/bin/kapp

# verify kapp version
$ kapp version
kapp version 0.42.0


Sign in to Tanzu Network , click on folder tanzu-cli-v0.10.0 and download tanzu-framework-bundle-linux (for Linux) into local machine and copy to destination jumpbox using scp or download directly using pivnet cli.

# Create a directory named tanzu:

$ mkdir $HOME/tanzu

# unpack the TAR file into the tanzu directory:

$ tar -xvf tanzu-framework-linux-amd64.tar -C $HOME/tanzu

# Set env var TANZU_CLI_NO_INIT to true to assure the local downloaded versions of the CLI core and plug-ins are installed:

export TANZU_CLI_NO_INIT=true

# Install the CLI core:

cd $HOME/tanzu
sudo install cli/core/v0.10.0/tanzu-core-linux_amd64 /usr/local/bin/tanzu

$ tanzu version
version: v0.10.0
buildDate: 2021-11-03
sha: fd96bebe

# From your tanzu directory, Install the local versions of the plug-ins you downloaded by running:

cd $HOME/tanzu
tanzu plugin install --local cli all

# Check the plugin installation status:

$ tanzu plugin list
  NAME                LATEST VERSION  DESCRIPTION                                                        REPOSITORY  VERSION  STATUS
  accelerator                         Manage accelerators in a Kubernetes cluster                                    v1.0.0   installed
  apps                                Applications on Kubernetes                                                     v0.4.0   installed
  cluster             v0.14.0         Kubernetes cluster operations                                      core        v0.10.0  upgrade available
  kubernetes-release  v0.14.0         Kubernetes release operations                                      core        v0.10.0  upgrade available
  login               v0.14.0         Login to the platform                                              core        v0.10.0  upgrade available
  management-cluster  v0.14.0         Kubernetes management cluster operations                           core        v0.10.0  upgrade available
  package             v0.14.0         Tanzu package management                                           core        v0.10.0  upgrade available
  pinniped-auth       v0.14.0         Pinniped authentication operations (usually not directly invoked)  core        v0.10.0  upgrade available
  secret              v0.14.0         Tanzu secret management                                            core        v0.10.0  upgrade available
  services                            Discover Service Types and manage Service Instances (ALPHA)                    v0.1.1   installed

Install Docker

  • Refer to Docker page to get the detailed steps of Installing Docker.

Image Repo (GCR) – Optional

Note: If you have Docker hub pro account, please use it as it do not have any pull limits. Otherwise, use gcr.io which I will cover in this demo or harbor.

  • Login to Google cloud console > IAM & Admin > Service Accounts > Create Service Account
  • Give a name and click on Create and Continue
  • Add below given roles and Done

  • Click on newly created service account > Keys > Create new key
  • Select Key type as JSON and Create – this downloads a json file, keep it safe and secured.

Test Access

  • Copy the downloaded json key into jumpbox or any machine where you are planning execute Tanzu commands for TAP install.
#Login to gcr.io with docker login command using downloaded json key

$ docker login -u _json_key -p "$(cat eknath-se-cc6b9fe1ac86.json)" https://gcr.io
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /home/ubuntu/.docker/config.json.
Configure a credential helper to remove this warning. See

Login Succeeded

######Test the Access

# Tag Image
docker tag busybox gcr.io/eknath-se/test-repo/busybox:latest

#Push the image to gcr.io

$ docker push gcr.io/eknath-se/test-repo/busybox:latest
The push refers to repository [gcr.io/eknath-se/test-repo/busybox]
01fd6df81c8e: Layer already exists
latest: digest: sha256:62ffc2ed7554e4c6d360bce40bbcf196573dd27c4ce080641a2c59867e732dee size: 527

Now we are all set to proceed with TAP Install on EKS cluster using gcr image repo.