Reading Time: 3 mins
Contents
ToggleOverview
The installation order is flexible given the ability to update the installation with a modified values file using the tanzu package installed update command. For this demo, I will be installing TAP in following order:
-
-
- View
- Build
- Run
- Iterate
- Add Build, Run, View and Iterate clusters to TAP GUI
-
Install View cluster
- Ensure the steps given in part-1 are completed.
tap-values-view.yaml
profile: view
ceip_policy_disclosed: true # Installation fails if this is set to 'false'
shared:
ingress_domain: captainvirtualization.co.in ## Domain to be changed
contour:
envoy:
service:
type: LoadBalancer
tap_gui:
service_type: ClusterIP # NodePort for distributions that don't support LoadBalancer
ingressEnabled: "true"
ingressDomain: "captainvirtualization.co.in" ## Domain to be changed
app_config:
app:
baseUrl: http://tap-gui.captainvirtualization.co.in ## Domain to be changed
proxy:
/metadata-store:
target: https://metadata-store-app.metadata-store:8443/api/v1
changeOrigin: true
secure: false
headers:
Authorization: "Bearer <TOKEN>" ## Token to be updated later
X-Custom-Source: project-star
integrations:
github: # Other integrations available see NOTE below
- host: github.com
token: <GITHUB TOKEN> # Create a token in github
catalog:
locations:
- type: url
target: https://github.com/Eknathreddy09/tanzu-java-web-app/blob/main/catalog/catalog-info.yaml ## Provide your repo (optional)
backend:
baseUrl: http://tap-gui.captainvirtualization.co.in ## Domain to be changed
cors:
origin: http://tap-gui.captainvirtualization.co.in ## Domain to be changed
kubernetes:
serviceLocatorMethod:
type: 'multiTenant'
clusterLocatorMethods:
- type: 'config'
clusters:
- url: https://tap-multi-build-dns-31959f19.hcp.eastus.azmk8s.io:443 ## URL to be changed
name: tap-multi-build ## Cluster Name to be changed (Optional)
authProvider: serviceAccount
skipTLSVerify: true
serviceAccountToken: <CLUSTER TOKEN> ## Cluster Token to be provided later
skipMetricsLookup: true
- url: https://tap-multi-run-dns-ef259c2d.hcp.eastus.azmk8s.io:443 ## URL to be changed
name: tap-multi-run ## Cluster Name to be changed (Optional)
authProvider: serviceAccount
skipTLSVerify: true
serviceAccountToken: <CLUSTER TOKEN> ## Cluster Token to be provided later
skipMetricsLookup: true
- url: https://tap-multi-iterate-dns-78eebbd7.hcp.eastus.azmk8s.io:443 ## URL to be changed
name: tap-multi-iterate ## Cluster Name to be changed (Optional)
authProvider: serviceAccount
skipTLSVerify: true
serviceAccountToken: <CLUSTER TOKEN> ## Cluster Token to be provided later
skipMetricsLookup: true
appliveview:
ingressEnabled: true
sslDisabled: true
ingressDomain: captainvirtualization.co.in ## Domain to be changedOnce the tap-values file is updated with your values – domain name, GITHUB token etc .., then proceed to install TAP in VIEW Cluster
$ tanzu package install tap -p tap.tanzu.vmware.com -v 1.3.4 --values-file tap-values-view.yaml -n tap-install
Installing package 'tap.tanzu.vmware.com'
Getting package metadata for 'tap.tanzu.vmware.com'
Creating service account 'tap-tap-install-sa'
Creating cluster admin role 'tap-tap-install-cluster-role'
Creating cluster role binding 'tap-tap-install-cluster-rolebinding'
Creating secret 'tap-tap-install-values'
Creating package resource
Waiting for 'PackageInstall' reconciliation for 'tap'
'PackageInstall' resource install status: Reconciling
'PackageInstall' resource install status: ReconcileSucceeded
Added installed package 'tap'
$ tanzu package installed list -n tap-install
NAME PACKAGE-NAME PACKAGE-VERSION STATUS
accelerator accelerator.apps.tanzu.vmware.com 1.3.2 Reconcile succeeded
api-portal api-portal.tanzu.vmware.com 1.2.5 Reconcile succeeded
appliveview backend.appliveview.tanzu.vmware.com 1.3.1 Reconcile succeeded
cert-manager cert-manager.tanzu.vmware.com 1.7.2+tap.1 Reconcile succeeded
contour contour.tanzu.vmware.com 1.22.0+tap.5 Reconcile succeeded
fluxcd-source-controller fluxcd.source.controller.tanzu.vmware.com 0.27.0+tap.1 Reconcile succeeded
learningcenter learningcenter.tanzu.vmware.com 0.2.4 Reconcile succeeded
learningcenter-workshops workshops.learningcenter.tanzu.vmware.com 0.2.3 Reconcile succeeded
metadata-store metadata-store.apps.tanzu.vmware.com 1.3.4 Reconcile succeeded
source-controller controller.source.apps.tanzu.vmware.com 0.5.1 Reconcile succeeded
tap tap.tanzu.vmware.com 1.3.4 Reconcile succeeded
tap-gui tap-gui.tanzu.vmware.com 1.3.5 Reconcile succeeded
tap-telemetry tap-telemetry.tanzu.vmware.com 0.3.2 Reconcile succeeded
## Get TAP-GUI Load Balancer IP
kubectl get svc -n tanzu-system-ingressOnce the packages are reconciled successfully, create a record set in DNS pointing the ip ( can be fetched using below command ) to host name as defined in tap-values-view.yaml, In this case I have used tap-gui.captainvirtualization.co.in
Load balancer IP
$ kubectl get svc -n tanzu-system-ingress
Now, you should be able to access TAP GUI in your browser.
Install Build clusters
- Ensure the steps given in part-1 are completed.
tap-values-build.yaml
profile: build
ceip_policy_disclosed: true # Installation fails if this is set to 'false'
shared:
ingress_domain: captainvirtualization.co.in ## Domain to be changed
image_registry:
project_path: "captainrepo.azurecr.io/build-service" ## Change Registry hostname
username: "captainrepo" ## Change Registry Username
password: "< Registry Password >"
buildservice:
kp_default_repository: "captainrepo.azurecr.io/build-service" ## Change Registry hostname
kp_default_repository_username: "captainrepo" ## Change Registry Username
kp_default_repository_password: "< Registry Password >" ## Provide Registry Password
supply_chain: testing_scanning
ootb_supply_chain_testing_scanning:
registry:
server: "captainrepo.azurecr.io" ## Change Registry hostname
repository: "supply-chain"
gitops:
ssh_secret: ""
cluster_builder: default
service_account: default
grype:
namespace: "tap-install" # (optional) Defaults to default namespace.
targetImagePullSecret: "registry-credentials"
metadataStore:
url: https://metadata-store.captainvirtualization.co.in ## Domain to be changed
caSecret:
name: store-ca-cert
importFromNamespace: metadata-store-secrets
authSecret:
name: store-auth-token
importFromNamespace: metadata-store-secrets
scanning:
metadataStore:
url: "" # Configuration is moved, so set this string to empty.$ tanzu package install tap -p tap.tanzu.vmware.com -v 1.3.4 --values-file tap-values-build.yaml -n tap-install
Installing package 'tap.tanzu.vmware.com'
Getting package metadata for 'tap.tanzu.vmware.com'
Creating service account 'tap-tap-install-sa'
Creating cluster admin role 'tap-tap-install-cluster-role'
Creating cluster role binding 'tap-tap-install-cluster-rolebinding'
Creating secret 'tap-tap-install-values'
Creating package resource
Waiting for 'PackageInstall' reconciliation for 'tap'
'PackageInstall' resource install status: Reconciling
'PackageInstall' resource install status: ReconcileSucceeded
Added installed package 'tap'
$ tanzu package installed list -n tap-install
NAME PACKAGE-NAME PACKAGE-VERSION STATUS
appliveview-conventions conventions.appliveview.tanzu.vmware.com 1.3.1 Reconcile succeeded
buildservice buildservice.tanzu.vmware.com 1.7.4 Reconcile succeeded
cartographer cartographer.tanzu.vmware.com 0.5.4 Reconcile succeeded
cert-manager cert-manager.tanzu.vmware.com 1.7.2+tap.1 Reconcile succeeded
contour contour.tanzu.vmware.com 1.22.0+tap.5 Reconcile succeeded
conventions-controller controller.conventions.apps.tanzu.vmware.com 0.7.1 Reconcile succeeded
fluxcd-source-controller fluxcd.source.controller.tanzu.vmware.com 0.27.0+tap.1 Reconcile succeeded
grype grype.scanning.apps.tanzu.vmware.com 1.3.1 Reconcile succeeded
ootb-supply-chain-testing-scanning ootb-supply-chain-testing-scanning.tanzu.vmware.com 0.10.5 Reconcile succeeded
ootb-templates ootb-templates.tanzu.vmware.com 0.10.5 Reconcile succeeded
scanning scanning.apps.tanzu.vmware.com 1.3.1 Reconcile succeeded
source-controller controller.source.apps.tanzu.vmware.com 0.5.1 Reconcile succeeded
spring-boot-conventions spring-boot-conventions.tanzu.vmware.com 0.5.0 Reconcile succeeded
tap tap.tanzu.vmware.com 1.3.4 Reconcile succeeded
tap-auth tap-auth.tanzu.vmware.com 1.1.0 Reconcile succeeded
tap-telemetry tap-telemetry.tanzu.vmware.com 0.3.2 Reconcile succeeded
tekton-pipelines tekton.tanzu.vmware.com 0.39.0+tap.2 Reconcile succeededInstall Run clusters
- Ensure the steps given in part-1 are completed.
tap-values-run.yaml
profile: run
ceip_policy_disclosed: true # Installation fails if this is set to 'false'
shared:
ingress_domain: captainvirtualization.co.in ## Change Domain Name
supply_chain: testing_scanning
ootb_supply_chain_testing_scanning:
registry:
server: "captainrepo.azurecr.io" ## Change Registry Hostname
repository: "supply-chain"
excluded_packages:
- policy.apps.tanzu.vmware.com
contour:
envoy:
service:
type: LoadBalancer
appliveview_connector:
backend:
sslDisabled: true
ingressEnabled: true
host: "appliveview.captainvirtualization.co.in" ## Change Domain Name$ tanzu package install tap -p tap.tanzu.vmware.com -v 1.3.4 --values-file tap-values-run.yaml -n tap-install
Installing package 'tap.tanzu.vmware.com'
Getting package metadata for 'tap.tanzu.vmware.com'
Creating service account 'tap-tap-install-sa'
Creating cluster admin role 'tap-tap-install-cluster-role'
Creating cluster role binding 'tap-tap-install-cluster-rolebinding'
Creating secret 'tap-tap-install-values'
Creating package resource
Waiting for 'PackageInstall' reconciliation for 'tap'
'PackageInstall' resource install status: Reconciling
'PackageInstall' resource install status: ReconcileSucceeded
Added installed package 'tap'
$ tanzu package installed list -n tap-install
NAME PACKAGE-NAME PACKAGE-VERSION STATUS
api-auto-registration apis.apps.tanzu.vmware.com 0.1.2 Reconcile succeeded
appliveview-connector connector.appliveview.tanzu.vmware.com 1.3.1 Reconcile succeeded
appsso sso.apps.tanzu.vmware.com 2.0.0 Reconcile succeeded
cartographer cartographer.tanzu.vmware.com 0.5.4 Reconcile succeeded
cert-manager cert-manager.tanzu.vmware.com 1.7.2+tap.1 Reconcile succeeded
cnrs cnrs.tanzu.vmware.com 2.0.2 Reconcile succeeded
contour contour.tanzu.vmware.com 1.22.0+tap.5 Reconcile succeeded
eventing eventing.tanzu.vmware.com 2.0.2 Reconcile succeeded
fluxcd-source-controller fluxcd.source.controller.tanzu.vmware.com 0.27.0+tap.1 Reconcile succeeded
image-policy-webhook image-policy-webhook.signing.apps.tanzu.vmware.com 1.1.10 Reconcile succeeded
ootb-delivery-basic ootb-delivery-basic.tanzu.vmware.com 0.10.5 Reconcile succeeded
ootb-templates ootb-templates.tanzu.vmware.com 0.10.5 Reconcile succeeded
service-bindings service-bindings.labs.vmware.com 0.8.1 Reconcile succeeded
services-toolkit services-toolkit.tanzu.vmware.com 0.8.1 Reconcile succeeded
source-controller controller.source.apps.tanzu.vmware.com 0.5.1 Reconcile succeeded
tap tap.tanzu.vmware.com 1.3.4 Reconcile succeeded
tap-auth tap-auth.tanzu.vmware.com 1.1.0 Reconcile succeeded
tap-telemetry tap-telemetry.tanzu.vmware.com 0.3.2 Reconcile succeededInstall Iterate clusters
- Ensure the steps given in part-1 are completed.
tap-values-iterate.yaml
profile: iterate
shared:
ingress_domain: "captainvirtualization.co.in" ## Change Domain Name
image_registry:
project_path: "captainrepo.azurecr.io/build-service" ## Change Registry HostName
username: "captainrepo" ## Change Registry User Name
password: "< Registry Password >" ## Provide Registry Password
ceip_policy_disclosed: TRUE # Installation fails if this is not set to true. Not a string.
buildservice: # Optional if the corresponding shared keys are provided.
kp_default_repository: "captainrepo.azurecr.io/build-service" ## Change Registry HostName
kp_default_repository_username: "captainrepo" ## Change Registry User Name
kp_default_repository_password: "< Registry Password >" ## Provide Registry Password
supply_chain: testing_scanning
ootb_supply_chain_testing_scanning: # Optional if the shared above mentioned shared keys are provided.
registry:
server: "captainrepo.azurecr.io" ## Change Registry HostName
repository: "supply-chain"
gitops:
ssh_secret: "" # (Optional) Defaults to "".
image_policy_webhook:
allow_unmatched_tags: true
contour:
envoy:
service:
type: LoadBalancer # (Optional) Defaults to LoadBalancer.
cnrs:
domain_name: "captainvirtualization.co.in" # Optional if the shared.ingress_domain is provided. ## Change Domain Name
appliveview_connector:
backend:
sslDisabled: true
ingressEnabled: true
host: "appliveview.captainvirtualization.co.in" ## Change Domain Name
excluded_packages:
- policy.apps.tanzu.vmware.com
- image-policy-webhook.signing.apps.tanzu.vmware.com$ tanzu package install tap -p tap.tanzu.vmware.com -v 1.3.4 --values-file tap-values-iterate.yaml -n tap-install
Installing package 'tap.tanzu.vmware.com'
Getting package metadata for 'tap.tanzu.vmware.com'
Creating service account 'tap-tap-install-sa'
Creating cluster admin role 'tap-tap-install-cluster-role'
Creating cluster role binding 'tap-tap-install-cluster-rolebinding'
Creating secret 'tap-tap-install-values'
Creating package resource
Waiting for 'PackageInstall' reconciliation for 'tap'
'PackageInstall' resource install status: Reconciling
'PackageInstall' resource install status: ReconcileSucceeded
Added installed package 'tap'
$ tanzu package installed list -n tap-install
NAME PACKAGE-NAME PACKAGE-VERSION STATUS
api-auto-registration apis.apps.tanzu.vmware.com 0.1.2 Reconcile succeeded
appliveview-connector connector.appliveview.tanzu.vmware.com 1.3.1 Reconcile succeeded
appliveview-conventions conventions.appliveview.tanzu.vmware.com 1.3.1 Reconcile succeeded
appsso sso.apps.tanzu.vmware.com 2.0.0 Reconcile succeeded
buildservice buildservice.tanzu.vmware.com 1.7.4 Reconcile succeeded
cartographer cartographer.tanzu.vmware.com 0.5.4 Reconcile succeeded
cert-manager cert-manager.tanzu.vmware.com 1.7.2+tap.1 Reconcile succeeded
cnrs cnrs.tanzu.vmware.com 2.0.2 Reconcile succeeded
contour contour.tanzu.vmware.com 1.22.0+tap.5 Reconcile succeeded
conventions-controller controller.conventions.apps.tanzu.vmware.com 0.7.1 Reconcile succeeded
developer-conventions developer-conventions.tanzu.vmware.com 0.8.0 Reconcile succeeded
eventing eventing.tanzu.vmware.com 2.0.2 Reconcile succeeded
fluxcd-source-controller fluxcd.source.controller.tanzu.vmware.com 0.27.0+tap.1 Reconcile succeeded
ootb-delivery-basic ootb-delivery-basic.tanzu.vmware.com 0.10.5 Reconcile succeeded
ootb-templates ootb-templates.tanzu.vmware.com 0.10.5 Reconcile succeeded
service-bindings service-bindings.labs.vmware.com 0.8.1 Reconcile succeeded
services-toolkit services-toolkit.tanzu.vmware.com 0.8.1 Reconcile succeeded
source-controller controller.source.apps.tanzu.vmware.com 0.5.1 Reconcile succeeded
spring-boot-conventions spring-boot-conventions.tanzu.vmware.com 0.5.0 Reconcile succeeded
tap tap.tanzu.vmware.com 1.3.4 Reconcile succeeded
tap-auth tap-auth.tanzu.vmware.com 1.1.0 Reconcile succeeded
tap-telemetry tap-telemetry.tanzu.vmware.com 0.3.2 Reconcile succeeded
tekton-pipelines tekton.tanzu.vmware.com 0.39.0+tap.2 Reconcile succeededMulti Cluster Setup
## Change the context to View cluster
$ kubectl config use-context tap-view-cluster
Switched to context "tap-view-cluster".
## Store CA certificate from View cluster
CA_CERT=$(kubectl get secret -n metadata-store ingress-cert -o json | jq -r ".data.\"ca.crt\"")
cat <<EOF > store_ca.yaml
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: store-ca-cert
namespace: metadata-store-secrets
data:
ca.crt: $CA_CERT
EOF
## Store authentication token from the View cluster
AUTH_TOKEN=$(kubectl get secrets metadata-store-read-write-client -n metadata-store -o jsonpath="{.data.token}" | base64 -d)## Switch the context to Build cluster
$ kubectl config use-context tap-build-cluster
Switched to context "tap-build-cluster".
## Apply the CA certificate and authentication token to Build cluster
$ kubectl create ns metadata-store-secrets
$ kubectl apply -f store_ca.yaml
$ kubectl create secret generic store-auth-token --from-literal=auth_token=$AUTH_TOKEN -n metadata-store-secrets
$ tanzu package installed update tap -f tap-values-build.yaml -n tap-installConfigure developer namespaces
cat <<EOF | kubectl apply -f -
---
apiVersion: secretgen.carvel.dev/v1alpha1
kind: SecretExport
metadata:
name: store-ca-cert
namespace: metadata-store-secrets
spec:
toNamespaces: [tap-install]
---
apiVersion: secretgen.carvel.dev/v1alpha1
kind: SecretExport
metadata:
name: store-auth-token
namespace: metadata-store-secrets
spec:
toNamespaces: [tap-install]
EOFViewing resources on multiple clusters in Tanzu Application Platform GUI
You can configure Tanzu Application Platform GUI to retrieve Kubernetes object details from multiple clusters and then surface those details in the various Tanzu Application Platform GUI plug-ins.
Copy this YAML content into a file called tap-gui-viewer-service-account-rbac.yaml
apiVersion: v1
kind: Namespace
metadata:
name: tap-gui
---
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: tap-gui
name: tap-gui-viewer
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tap-gui-read-k8s
subjects:
- kind: ServiceAccount
namespace: tap-gui
name: tap-gui-viewer
roleRef:
kind: ClusterRole
name: k8s-reader
apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: k8s-reader
rules:
- apiGroups: ['']
resources: ['pods', 'pods/log', 'services', 'configmaps']
verbs: ['get', 'watch', 'list']
- apiGroups: ['apps']
resources: ['deployments', 'replicasets']
verbs: ['get', 'watch', 'list']
- apiGroups: ['autoscaling']
resources: ['horizontalpodautoscalers']
verbs: ['get', 'watch', 'list']
- apiGroups: ['networking.k8s.io']
resources: ['ingresses']
verbs: ['get', 'watch', 'list']
- apiGroups: ['networking.internal.knative.dev']
resources: ['serverlessservices']
verbs: ['get', 'watch', 'list']
- apiGroups: [ 'autoscaling.internal.knative.dev' ]
resources: [ 'podautoscalers' ]
verbs: [ 'get', 'watch', 'list' ]
- apiGroups: ['serving.knative.dev']
resources:
- configurations
- revisions
- routes
- services
verbs: ['get', 'watch', 'list']
- apiGroups: ['carto.run']
resources:
- clusterconfigtemplates
- clusterdeliveries
- clusterdeploymenttemplates
- clusterimagetemplates
- clusterruntemplates
- clustersourcetemplates
- clustersupplychains
- clustertemplates
- deliverables
- runnables
- workloads
verbs: ['get', 'watch', 'list']
- apiGroups: ['source.toolkit.fluxcd.io']
resources:
- gitrepositories
verbs: ['get', 'watch', 'list']
- apiGroups: ['source.apps.tanzu.vmware.com']
resources:
- imagerepositories
- mavenartifacts
verbs: ['get', 'watch', 'list']
- apiGroups: ['conventions.carto.run']
resources:
- podintents
verbs: ['get', 'watch', 'list']
- apiGroups: ['kpack.io']
resources:
- images
- builds
verbs: ['get', 'watch', 'list']
- apiGroups: ['scanning.apps.tanzu.vmware.com']
resources:
- sourcescans
- imagescans
- scanpolicies
verbs: ['get', 'watch', 'list']
- apiGroups: ['tekton.dev']
resources:
- taskruns
- pipelineruns
verbs: ['get', 'watch', 'list']
- apiGroups: ['kappctrl.k14s.io']
resources:
- apps
verbs: ['get', 'watch', 'list'] RUN Cluster
## Switch the context to RUN Cluster
$ kubectl config use-context tap-run-cluster
Switched to context "tap-run-cluster".
## create Namespace, ServiceAccount, ClusterRole, and ClusterRoleBinding by running:
$ kubectl create -f tap-gui-viewer-service-account-rbac.yaml
namespace/tap-gui created
serviceaccount/tap-gui-viewer created
clusterrolebinding.rbac.authorization.k8s.io/tap-gui-read-k8s created
clusterrole.rbac.authorization.k8s.io/k8s-reader created
## Discover the CLUSTER_URL and CLUSTER_TOKEN values:
CLUSTER_URL=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}')
CLUSTER_TOKEN=$(kubectl -n tap-gui get secret $(kubectl -n tap-gui get sa tap-gui-viewer -o=json \
| jq -r '.secrets[0].name') -o=json \
| jq -r '.data["token"]' \
| base64 --decode)
echo CLUSTER_URL: $CLUSTER_URL
echo CLUSTER_TOKEN: $CLUSTER_TOKEN
Record the Run cluster’s CLUSTER_URL and CLUSTER_TOKEN values BUILD Cluster
## Switch the context to BUILD Cluster
$ kubectl config use-context tap-build-cluster
Switched to context "tap-build-cluster".
## create Namespace, ServiceAccount, ClusterRole, and ClusterRoleBinding by running:
$ kubectl create -f tap-gui-viewer-service-account-rbac.yaml
namespace/tap-gui created
serviceaccount/tap-gui-viewer created
clusterrolebinding.rbac.authorization.k8s.io/tap-gui-read-k8s created
clusterrole.rbac.authorization.k8s.io/k8s-reader created
## Discover the CLUSTER_URL and CLUSTER_TOKEN values:
CLUSTER_URL=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}')
CLUSTER_TOKEN=$(kubectl -n tap-gui get secret $(kubectl -n tap-gui get sa tap-gui-viewer -o=json \
| jq -r '.secrets[0].name') -o=json \
| jq -r '.data["token"]' \
| base64 --decode)
echo CLUSTER_URL: $CLUSTER_URL
echo CLUSTER_TOKEN: $CLUSTER_TOKEN
Record the BUILD cluster’s CLUSTER_URL and CLUSTER_TOKEN values ITERATE Cluster
## Switch the context to ITERATE Cluster
$ kubectl config use-context tap-iterate-cluster
Switched to context "tap-iterate-cluster".
## create Namespace, ServiceAccount, ClusterRole, and ClusterRoleBinding by running:
$ kubectl create -f tap-gui-viewer-service-account-rbac.yaml
namespace/tap-gui created
serviceaccount/tap-gui-viewer created
clusterrolebinding.rbac.authorization.k8s.io/tap-gui-read-k8s created
clusterrole.rbac.authorization.k8s.io/k8s-reader created
## Discover the CLUSTER_URL and CLUSTER_TOKEN values:
CLUSTER_URL=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}')
CLUSTER_TOKEN=$(kubectl -n tap-gui get secret $(kubectl -n tap-gui get sa tap-gui-viewer -o=json \
| jq -r '.secrets[0].name') -o=json \
| jq -r '.data["token"]' \
| base64 --decode)
echo CLUSTER_URL: $CLUSTER_URL
echo CLUSTER_TOKEN: $CLUSTER_TOKEN
Record the ITERATE cluster’s CLUSTER_URL and CLUSTER_TOKEN valuesUpdate the kubernetes section in the tap-values-view.yaml file that Tanzu Application Platform used when you installed it. This section must have an entry for each cluster that has resources to view as shown below:
## Update the TAP package using below command:
$ tanzu package installed update tap --values-file tap-values-view.yaml -n tap-install
Updating installed package 'tap'
Getting package install for 'tap'
Getting package metadata for 'tap.tanzu.vmware.com'
Updating secret 'tap-tap-install-values'
Updating package install for 'tap'
Waiting for 'PackageInstall' reconciliation for 'tap'
'PackageInstall' resource install status: ReconcileSucceeded
'PackageInstall' resource successfully reconciled
Updated installed package 'tap' in namespace 'tap-install'