TAP On GKE (1.0.0) : Part 1 – Prepare The Setup

Reading Time: 4 mins


Tanzu Application Platform is a packaged set of components that helps developers and operators to more easily build, deploy, and manage apps on a Kubernetes platform.


  • Tanzu Network account to download Tanzu Application Platform packages.
  • A container image registry, such as Harbor or Docker Hub with at least 10 GB of available storage for application images, base images, and runtime dependencies. When available, VMware recommends using a paid registry account to avoid potential rate-limiting associated with some free registry offerings.
  • Registry credentials with push and write access made available to Tanzu Application Platform to store images.
  • Network access to https://registry.tanzu.vmware.com
  • Network access to your chosen container image registry.

There are some optional prerequisites as well, refer to official doc for more details.

Create GKE Cluster

  • Steps to create GKE cluster is documented here (includes kubectl, gcloud CLI),  but to install TAP you need instances with min 8 GB of RAM across all nodes available to Tanzu Application Platform. So ensure to deploy GKE cluster with below min config:

Note: Since this is for demo, I have selected Regional for Location type and 2 nodes. But, if you are deploying into production env, ensure to add more nodes to cluster with appropriate size.

      • Cluster basics: 

      • Node pool
          • Name: Give a name
      • Node Size


  • Once the cluster is created and status turns green, click on the cluster > connect > command-line access
# Get credentials

gcloud container clusters get-credentials <clustername> --zone asia-south1-a --project <project id>

# Get contexts
kubectl config get-contexts
* gke_eknath-se_asia-south1_tap-demo-clustergke gke_eknath-se_asia-south1_tap-demo-clustergke gke_eknath-se_asia-south1_tap-demo-clustergke

# Get the nodes
kubectl get nodes
gke-tap-demo-clustergke-tap-nodepool-3bb1fcf9-8cfq Ready <none> 7m50s v1.21.5-gke.1302
gke-tap-demo-clustergke-tap-nodepool-3bb1fcf9-llw7 Ready <none> 7m50s v1.21.5-gke.1302
gke-tap-demo-clustergke-tap-nodepool-c2ce55fa-239h Ready <none> 7m50s v1.21.5-gke.1302
gke-tap-demo-clustergke-tap-nodepool-c2ce55fa-fmsz Ready <none> 7m50s v1.21.5-gke.1302

Install Tanzu CLI, plugins

Install Tanzu CLI

Sign to Tanzu Network and accept below EULAs:

Sign in to Tanzu Network , Download tanzu-cluster-essentials-darwin-amd64-1.0.0.tgz (for OS X) or tanzu-cluster-essentials-linux-amd64-1.0.0.tgz (for Linux) into local machine and copy to destination jumpbox using scp or download directly using pivnet cli.

scp command (Optional)
Syntax: scp -i < key file (include path)> <file name (include path )> ubuntu@<ip>:/tmp

$ scp -i ~/.ssh/jumpbox-aws.pem tanzu-cluster-essentials-linux-amd64-1.0.0.tgz ubuntu@

eknath@jumpbox:~$ ls
tanzu tanzu-cluster-essentials-linux-amd64-1.0.0.tgz tanzu-framework-linux-amd64_1.tar

# Create a new directory
mkdir $HOME/tanzu-cluster-essentials

# unpack the TAR file
tar -xvf tanzu-cluster-essentials-linux-amd64-1.0.0.tgz -C $HOME/tanzu-cluster-essentials

# Configure and run install.sh, which installs kapp-controller and secretgen-controller on your cluster: Where TANZU-NET-USER and TANZU-NET-PASSWORD are your credentials for Tanzu Network.

export INSTALL_BUNDLE=registry.tanzu.vmware.com/tanzu-cluster-essentials/cluster-essentials-bundle@sha256:82dfaf70656b54dcba0d4def85ccae1578ff27054e7533d08320244af7fb0343
export INSTALL_REGISTRY_HOSTNAME=registry.tanzu.vmware.com
cd $HOME/tanzu-cluster-essentials

Note: Succeeded indicates successful installation

# Install the kapp CLI onto your $PATH:

sudo cp $HOME/tanzu-cluster-essentials/kapp /usr/local/bin/kapp

# verify kapp version
$ kapp version
kapp version 0.42.0


Sign in to Tanzu Network , click on folder tanzu-cli-v0.10.0 and download tanzu-framework-bundle-linux (for Linux) into local machine and copy to destination jumpbox using scp or download directly using pivnet cli.

# Create a directory named tanzu:

$ mkdir $HOME/tanzu

# unpack the TAR file into the tanzu directory:

$ tar -xvf tanzu-framework-linux-amd64.tar -C $HOME/tanzu

# Set env var TANZU_CLI_NO_INIT to true to assure the local downloaded versions of the CLI core and plug-ins are installed:

export TANZU_CLI_NO_INIT=true

# Install the CLI core:

cd $HOME/tanzu
sudo install cli/core/v0.10.0/tanzu-core-linux_amd64 /usr/local/bin/tanzu

$ tanzu version
version: v0.10.0
buildDate: 2021-11-03
sha: fd96bebe

# From your tanzu directory, Install the local versions of the plug-ins you downloaded by running:

cd $HOME/tanzu
tanzu plugin install --local cli all

# Check the plugin installation status:

$ tanzu plugin list
accelerator Manage accelerators in a Kubernetes cluster v1.0.0 installed
apps Applications on Kubernetes v0.4.0 installed
cluster v0.14.0 Kubernetes cluster operations core v0.10.0 upgrade available
kubernetes-release v0.14.0 Kubernetes release operations core v0.10.0 upgrade available
login v0.14.0 Login to the platform core v0.10.0 upgrade available
management-cluster v0.14.0 Kubernetes management cluster operations core v0.10.0 upgrade available
package v0.14.0 Tanzu package management core v0.10.0 upgrade available
pinniped-auth v0.14.0 Pinniped authentication operations (usually not directly invoked) core v0.10.0 upgrade available
secret v0.14.0 Tanzu secret management core v0.10.0 upgrade available
services Discover Service Types and manage Service Instances (ALPHA) v0.1.1 installed

Install Docker

  • Refer to Docker page to get the detailed steps of Installing Docker.

Image Repo (GCR) – Optional

Note: If you have Docker hub pro account, please use it as it do not have any pull limits. Otherwise, use gcr.io which I will cover in this demo or harbor.

  • Login to Google cloud console > IAM & Admin > Service Accounts > Create Service Account
  • Give a name and click on Create and Continue
  • Add below given roles and Done

  • Click on newly created service account > Keys > Create new key
  • Select Key type as JSON and Create – this downloads a json file, keep it safe and secured.

Test Access

  • Copy the downloaded json key into jumpbox or any machine where you are planning execute Tanzu commands for TAP install.
#Login to gcr.io with docker login command using downloaded json key

$ docker login -u _json_key -p "$(cat eknath-se-cc6b9fe1ac86.json)" https://gcr.io
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /home/ubuntu/.docker/config.json.
Configure a credential helper to remove this warning. See

Login Succeeded

######Test the Access

# Tag Image
docker tag busybox gcr.io/eknath-se/test-repo/busybox:latest

#Push the image to gcr.io

$ docker push gcr.io/eknath-se/test-repo/busybox:latest
The push refers to repository [gcr.io/eknath-se/test-repo/busybox]
01fd6df81c8e: Layer already exists
latest: digest: sha256:62ffc2ed7554e4c6d360bce40bbcf196573dd27c4ce080641a2c59867e732dee size: 527

Now we are all set to proceed with TAP Install on EKS cluster using gcr image repo.