This post explains how to prepare Amazon EC2 environment for running Tanzu Kubernetes Grid. Before you can use the Tanzu CLI or installer interface to deploy a management cluster, you must prepare the bootstrap machine (can be your local workstation or any vm that has internet access) on which you run the Tanzu CLI and set up your Amazon Web Services Account (AWS). In this demo, we will be using ubuntu deployed as EC2 in AWS.
Note: Refer to official doc for more details.
Deploy a vm for bootstrap
- In AWS console, navigate to AWS services > EC2
- Click on launch instance
- Search for Ubuntu AMI (Amazon Machine Image)
- Select an Instance type, In this case I have used t2.xlarge ( not a Free tier eligible )
- Select the default vpc and click on Add Storage
- Change the size to 40 GB and click on Add Tags
- Add tag – Name : Jumpbox-aws , click on Configure Security group
- Create a new security group, provide Name and Description > Allow ports 22 and 8080 as shown below
- Review and Launch > Launch
- In key pair section : Create a new key pair > Provide a name and Download Key pair > Launch Instances
- It should take few mins to launch, post that collect the public ip and connect to jumpbox vm using below command.
- Refer to docker page for detailed steps.
Install Tanzu bundle and Kubectl
- Download the VMware Tanzu CLI 1.4.0 CLI from myvmware using your my vmware credentials and navigate to Tanzu Kubernetes Grid Downloads page
- In the select version drop-down, select 1.4.0. or latest (if available)
- Under Product Downloads, scroll to the section labeled VMware Tanzu CLI 1.4.0 CLI > Download Now
- In the same page, scroll down to Kubectl 1.21.2 > Download Now
- On your system, create a new directory named
tanzu. If you previously unpacked artifacts for previous releases to this folder, delete the folder’s existing contents.
- Copy the downloaded CLI files into tanzu directory
tanzufolder, unpack the bundle Tanzu CLI and kubectl bundle files for your operating system using
- Navigate to the
tanzu/clifolder that you unpacked in the previous section.
- Make the CLI available to the system by installing the binary to /usr/local/bin:
- Navigate to the
kubectlbinary that you unpacked earlier into tanzu directory
- Make the CLI available to the system by installing the binary to /usr/local/bin
Install Carvel Tools:
Carvel provides a set of reliable, single-purpose, composable tools that aid in application building, configuration, and deployment to Kubernetes.
- ytt – a command-line tool for templating and patching YAML files. You can also use
yttto collect fragments and piles of YAML into modular chunks for easy re-use.
- kapp – the applications deployment CLI for Kubernetes. It allows you to install, upgrade, and delete multiple Kubernetes resources as one application.
- kbld – an image-building and resolution tool.
- imgpkg – a tool that enables Kubernetes to store configurations and the associated container images as OCI images, and to transfer these images.
Install AWS CLI, jq
Permissions and access to AWS accounts
Configure AWS Credentials
- You should have the access key ID and access key secret from an active AWS account. refer aws doc to get required access key ID and secret.
SSH Key Pair
- Create SSH key pair in your AWS Account, can be done through UI or AWS CLI
- In AWS Console, navigate to AWS services > EC2 >Network & Security > Key pairs > Create Key pair > Give Name > Create Key pair
- Automatically downloads a .pem file into your machine, can be used later.
Tag Resources: (Optional)
Note: This step is required only if you are using existing vpc to deploy the management cluster and if you are creating services of type LoadBalancer in management cluster. In our case, I have allowed TKG to create new vpc during the creation of management cluster, which you will see in next post.
Required Permissions for AWS Account
- Refer to doc to know the required IAM resources and permissions to create management cluster in AWS account.
We are now set to create management cluster.