よくやる初期設定をメモしておく。
目次
- Kindクラスタの作成
- kapp controllerのインストール
- Tanzu Package Repositoryの追加
- cert-manager packageのインストール
- contour packageのインストール
- secretgen-controllerのインストール
Kindクラスタの作成
cat <<EOF > kind-expose-port.yaml
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
extraPortMappings:
- containerPort: 31443 # expose port 31443 of the node to port 80 on the host for use later by Contour ingress (envoy)
hostPort: 443
- containerPort: 31080 # expose port 31080 of the node to port 80 on the host for use later by Contour ingress (envoy)
hostPort: 80
EOF
kind create cluster --config kind-expose-port.yaml
kapp controllerのインストール
curl -sL https://github.com/vmware-tanzu/carvel-kapp-controller/releases/latest/download/release.yml | sed 's/kapp-controller-packaging-global/kapp/' | kubectl apply -f-
Tanzu Package Repositoryの追加
# kubectl create namespace kapp
kubectl create -n kapp sa kapp
kubectl create clusterrolebinding kapp-cluster-admin --clusterrole cluster-admin --serviceaccount=kapp:kapp
cat <<EOF | kubectl apply -f-
apiVersion: packaging.carvel.dev/v1alpha1
kind: PackageRepository
metadata:
name: tanzu-core
namespace: kapp
spec:
fetch:
imgpkgBundle:
image: projects.registry.vmware.com/tkg/packages/core/repo:v1.22.5_vmware.1-tkg.3
---
apiVersion: packaging.carvel.dev/v1alpha1
kind: PackageRepository
metadata:
name: tanzu-standard
namespace: kapp
spec:
fetch:
imgpkgBundle:
image: projects.registry.vmware.com/tkg/packages/standard/repo:v1.5.0
EOF
$ kubectl get package -A
NAMESPACE NAME PACKAGEMETADATA NAME VERSION AGE
kapp addons-manager.tanzu.vmware.com.1.5.0+vmware.1-tkg.3 addons-manager.tanzu.vmware.com 1.5.0+vmware.1-tkg.3 13s
kapp ako-operator.tanzu.vmware.com.1.5.0+vmware.4-tkg.1 ako-operator.tanzu.vmware.com 1.5.0+vmware.4-tkg.1 13s
kapp antrea.tanzu.vmware.com.1.2.3+vmware.4-tkg.1-advanced antrea.tanzu.vmware.com 1.2.3+vmware.4-tkg.1-advanced 13s
kapp calico.tanzu.vmware.com.3.19.1+vmware.1-tkg.3 calico.tanzu.vmware.com 3.19.1+vmware.1-tkg.3 13s
kapp cert-manager.tanzu.vmware.com.1.1.0+vmware.1-tkg.2 cert-manager.tanzu.vmware.com 1.1.0+vmware.1-tkg.2 7s
kapp cert-manager.tanzu.vmware.com.1.1.0+vmware.2-tkg.1 cert-manager.tanzu.vmware.com 1.1.0+vmware.2-tkg.1 7s
kapp cert-manager.tanzu.vmware.com.1.5.3+vmware.2-tkg.1 cert-manager.tanzu.vmware.com 1.5.3+vmware.2-tkg.1 7s
kapp contour.tanzu.vmware.com.1.17.1+vmware.1-tkg.1 contour.tanzu.vmware.com 1.17.1+vmware.1-tkg.1 7s
kapp contour.tanzu.vmware.com.1.17.2+vmware.1-tkg.2 contour.tanzu.vmware.com 1.17.2+vmware.1-tkg.2 7s
kapp contour.tanzu.vmware.com.1.17.2+vmware.1-tkg.3 contour.tanzu.vmware.com 1.17.2+vmware.1-tkg.3 7s
kapp contour.tanzu.vmware.com.1.18.2+vmware.1-tkg.1 contour.tanzu.vmware.com 1.18.2+vmware.1-tkg.1 7s
kapp external-dns.tanzu.vmware.com.0.10.0+vmware.1-tkg.1 external-dns.tanzu.vmware.com 0.10.0+vmware.1-tkg.1 7s
kapp external-dns.tanzu.vmware.com.0.8.0+vmware.1-tkg.1 external-dns.tanzu.vmware.com 0.8.0+vmware.1-tkg.1 6s
kapp fluent-bit.tanzu.vmware.com.1.7.5+vmware.1-tkg.1 fluent-bit.tanzu.vmware.com 1.7.5+vmware.1-tkg.1 6s
kapp fluent-bit.tanzu.vmware.com.1.7.5+vmware.2-tkg.1 fluent-bit.tanzu.vmware.com 1.7.5+vmware.2-tkg.1 6s
kapp grafana.tanzu.vmware.com.7.5.7+vmware.1-tkg.1 grafana.tanzu.vmware.com 7.5.7+vmware.1-tkg.1 7s
kapp grafana.tanzu.vmware.com.7.5.7+vmware.2-tkg.1 grafana.tanzu.vmware.com 7.5.7+vmware.2-tkg.1 7s
kapp harbor.tanzu.vmware.com.2.2.3+vmware.1-tkg.1 harbor.tanzu.vmware.com 2.2.3+vmware.1-tkg.1 7s
kapp harbor.tanzu.vmware.com.2.2.3+vmware.1-tkg.2 harbor.tanzu.vmware.com 2.2.3+vmware.1-tkg.2 7s
kapp harbor.tanzu.vmware.com.2.3.3+vmware.1-tkg.1 harbor.tanzu.vmware.com 2.3.3+vmware.1-tkg.1 7s
kapp kapp-controller.tanzu.vmware.com.0.30.0+vmware.1-tkg.1 kapp-controller.tanzu.vmware.com 0.30.0+vmware.1-tkg.1 13s
kapp load-balancer-and-ingress-service.tanzu.vmware.com.1.6.1+vmware.2-tkg.3 load-balancer-and-ingress-service.tanzu.vmware.com 1.6.1+vmware.2-tkg.3 13s
kapp metrics-server.tanzu.vmware.com.0.5.1+vmware.1-tkg.1 metrics-server.tanzu.vmware.com 0.5.1+vmware.1-tkg.1 13s
kapp multus-cni.tanzu.vmware.com.3.7.1+vmware.1-tkg.1 multus-cni.tanzu.vmware.com 3.7.1+vmware.1-tkg.1 7s
kapp multus-cni.tanzu.vmware.com.3.7.1+vmware.2-tkg.1 multus-cni.tanzu.vmware.com 3.7.1+vmware.2-tkg.1 7s
kapp multus-cni.tanzu.vmware.com.3.7.1+vmware.2-tkg.2 multus-cni.tanzu.vmware.com 3.7.1+vmware.2-tkg.2 7s
kapp pinniped.tanzu.vmware.com.0.12.0+vmware.1-tkg.1 pinniped.tanzu.vmware.com 0.12.0+vmware.1-tkg.1 13s
kapp prometheus.tanzu.vmware.com.2.27.0+vmware.1-tkg.1 prometheus.tanzu.vmware.com 2.27.0+vmware.1-tkg.1 7s
kapp prometheus.tanzu.vmware.com.2.27.0+vmware.2-tkg.1 prometheus.tanzu.vmware.com 2.27.0+vmware.2-tkg.1 7s
kapp secretgen-controller.tanzu.vmware.com.0.7.1+vmware.1-tkg.1 secretgen-controller.tanzu.vmware.com 0.7.1+vmware.1-tkg.1 13s
kapp vsphere-cpi.tanzu.vmware.com.1.22.4+vmware.1-tkg.1 vsphere-cpi.tanzu.vmware.com 1.22.4+vmware.1-tkg.1 13s
kapp vsphere-csi.tanzu.vmware.com.2.4.1+vmware.1-tkg.1 vsphere-csi.tanzu.vmware.com 2.4.1+vmware.1-tkg.1 13s
cert-manager packageのインストール
cat <<EOF | kubectl apply -f-
apiVersion: packaging.carvel.dev/v1alpha1
kind: PackageInstall
metadata:
name: cert-manager
namespace: kapp
spec:
serviceAccountName: kapp
packageRef:
refName: cert-manager.tanzu.vmware.com
versionSelection:
constraints: 1.5.3+vmware.2-tkg.1
EOF
contour packageのインストール
cat <<EOF | kubectl apply -f-
apiVersion: packaging.carvel.dev/v1alpha1
kind: PackageInstall
metadata:
name: contour
namespace: kapp
spec:
serviceAccountName: kapp
packageRef:
refName: contour.tanzu.vmware.com
versionSelection:
constraints: 1.18.2+vmware.1-tkg.1
values:
- secretRef:
name: contour-data-values
---
apiVersion: v1
kind: Secret
metadata:
name: contour-data-values
namespace: kapp
type: Opaque
stringData:
values.yml: |
---
infrastructure_provider: "vsphere"
namespace: tanzu-system-ingress
contour:
replicas: 1
envoy:
service:
type: NodePort
externalTrafficPolicy: Local
nodePorts:
http: 31080
https: 31443
EOF
secretgen-controllerのインストール
cat <<EOF | kubectl apply -f-
apiVersion: packaging.carvel.dev/v1alpha1
kind: PackageInstall
metadata:
name: secretgen-controller
namespace: kapp
spec:
serviceAccountName: kapp
packageRef:
refName: secretgen-controller.tanzu.vmware.com
versionSelection:
constraints: 0.7.1+vmware.1-tkg.1
EOF
ここまで入る。
$ kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
cert-manager cert-manager-c876cd987-7466v 1/1 Running 0 100s
cert-manager cert-manager-cainjector-7cd8d85c9c-vdd6q 1/1 Running 0 100s
cert-manager cert-manager-webhook-5c97d4d759-znckp 1/1 Running 0 100s
kapp-controller kapp-controller-78888867d-s8fww 1/1 Running 0 4m16s
kube-system coredns-558bd4d5db-96b4d 1/1 Running 0 9m17s
kube-system coredns-558bd4d5db-97tfj 1/1 Running 0 9m17s
kube-system etcd-kind-control-plane 1/1 Running 0 9m26s
kube-system kindnet-ws224 1/1 Running 0 9m17s
kube-system kube-apiserver-kind-control-plane 1/1 Running 0 9m26s
kube-system kube-controller-manager-kind-control-plane 1/1 Running 0 9m26s
kube-system kube-proxy-4kxvg 1/1 Running 0 9m17s
kube-system kube-scheduler-kind-control-plane 1/1 Running 0 9m26s
local-path-storage local-path-provisioner-547f784dff-h4vsc 1/1 Running 0 9m17s
secretgen-controller secretgen-controller-7b5f877f95-nlct6 1/1 Running 0 32s
tanzu-system-ingress contour-68bc494566-mc2wg 1/1 Running 0 70s
tanzu-system-ingress envoy-dgq75 2/2 Running 0 70s