Tanzu Application Service – Part 6 : Install TAS

Eknath -
Reading Time: 4 mins

To install TAS using ops manager, you first need to upload the software bundle to ops manager VM.

ssh to jumpbox that is created earlier – ref to post :

#ssh command

ssh -i JB_instance captain@<public ip of vm instance>

# where captain is user name and JB_instance is key

Execute the command pivnet products in jumpbox to verify the access, otherwise login to pivnet cli as mentioned in post

Download TAS

Just like with the terraform download, use the pivnet CLI to download the TAS

# To list the files for TAS for vms version 2.12.1 which is the latest: 

pivnet product-files -p elastic-runtime -r 2.12.1

# Download the Small Footprint PAS elastice run time bundle: 

pivnet download-product-files -p elastic-runtime -r 2.12.1 -i 1064290

pivnet download-product-files -p elastic-runtime -r 2.12.1 -i 1064290

 

Download Stemcell

Each product that includes deployment of virtual machines, requires a stem cell. Sometimes a product is compatible with: Multiple stem cells, Only an exact stem cell, Anything within a particular stem cell’s major release etc..

You can verify the stem cells on Tanzu Network for a specific version as shown in above screenshot or through Pivnet CLI:

pivnet release-dependencies -p elastic-runtime -r 2.12.1

# Download the latest one with below command which can also be extracted from tanzu network: 

pivnet download-product-files --product-slug='stemcells-ubuntu-xenial' --release-version='621.176' --product-file-id=1085078

# Tanzu Network: https://network.pivotal.io/products/stemcells-ubuntu-xenial#/releases/995206

Upload the files to Ops manager: 

TAS files and stem cells can be uploaded directly into ops manager using Import a product:

Since we have downloaded them into jumpbox, lets do the upload the files into ops manager using OM CLI:

Install OM CLI:

#Download the om cli from github

wget https://github.com/pivotal-cf/om/releases/download/7.4.1/om-linux-7.4.1

# make it executable and install

chmod +x om-linux-7.4.1

mv om-linux-7.4.1 /usr/local/bin/om

# Add the following lines to ~/.env file:

export OM_TARGET="https://pcf.${ENV_NAME}.${DOMAIN_NAME}" 
export OM_SKIP_SSL_VALIDATION="true"
export OM_USERNAME="admin"
export OM_PASSWORD="<provide ops manager password>"

# Execute

source ~/.env

Upload file to ops manager:

Use below commands to upload TAS file and stem cell to Ops Manager, upload might take sometime to process.

# cd into directory where the files are downloaded

om upload-stemcell –s <<stemcell filename>>
om upload-product –p <<srt filename>>

Upon successful upload, ops manager will show a new product for as shown below, click “+” to add as a tile but with orange colour which indicates configuration is pending.

Click on tile “Small Footprint VMware Tanzu Application Service” to configure:

Assign AZs and Networks

  • Select one AZ for singleton jobs, select all AZs under Balance other jobs and select ‘pas’ network – SAVE

Domains

# System domain

sys.ENV_NAME.DOMAIN_NAME

# Apps domain

apps.ENV_NAME.DOMAIN_NAME

Networking

  • click on add next to “Certificates and private keys for the Gorouter and HAProxy
  • set the Name to default, locate the files you generated earlier which ends with .cert and .key, copy its content into the ops Manager text field labelled Certificate PEM and Private Key PEM.
  • Disable: HAProxy forwards requests to Router over TLS and Save

App Security Groups

  • Type “X” and Save

UAA

  • In SAML Service Provider Credentials section, copy the certificate and private key that is generated earlier that ends with .cert and .key – SAVE

CredHub

  • Add an “Internal encryption provider keys”, provide a name, secret key (make sure it is at least 20 characters long) and check Primary.

Internal MySQL

  • Enter your email address and Save

Errands

  • Select off for following errands and click Save
              • Notifications Errand
              • Notifications UI Errand
              • App Autoscaler Errand
              • App Autoscaler Smoke Test Errand
              • NFS Broker Errand

Resource config

For external traffic to reach the jobs that are listening, you need to configure the load balancers that were created in GCP by Terraform to the instances.

# Expand the row labeled Router and copy the below text in load balancers field, where ENV_NAME need to be changed. 

tcp:<ENV_NAME>-cf-ws,http:<ENV_NAME>-httpslb

# Expand the row labeled Control and copy the below text in load balancers field, where ENV_NAME need to be changed. 

tcp:<ENV_NAME>-cf-ssh

Note: In row labelled Compute, change the num of instances to 2 and vm type to 2xlarge.disk

# SAVE

Navigate to Installation Dashboard > Review pending changes > Apply

You can view the progress, will be notified on screen once completed successfully.