Install Application Service Adapter to air-gapped environments

You can install Application Service Adapter to a K8s cluster and registry that is air-gapped from outside traffic. This topic has the steps you need to take.

For instructions on how to install prerequisites in air-gapped environments, see:

Relocate images to a registry (air-gapped)

This procedure relocates images from VMware Tanzu Network registry to an internal container image registry that is available to the air-gapped environment through a local machine. The local machine must have access to the air-gapped environment.

  1. Set up environment variables for the installation:


    Where VERSION-NUMBER is the version of Application Service Adapter you want to install. For example, 1.0.0.

  2. Log in to VMware Tanzu Network registry with your VMware Tanzu Network credentials:

     docker login
  3. Copy the Application Service Adapter bundle to a tarball with the Carvel imgpkg tool by running:

     imgpkg copy -b${TAS_ADAPTER_VERSION} --to-tar tas-adapter-package-repo.tar
  4. Move the tarball file tas-adapter-package-repo.tar to the local machine that has access to the air-gapped environment.

  5. Log in to the internal image registry from the local machine:

     docker login INTERNAL-REGISTRY

    Where INTERNAL-REGISTRY is the name of your internal image registry.

  6. Unpackage the images from the tarball to the internal registry:

     imgpkg copy --tar tas-adapter-package-repo.tar --to-repo=INTERNAL-REGISTRY /tas-adapter-package-repo

Install the package repository

After the images are relocated:

  1. Verify that the tap-install namespace exists in your cluster.

    kubectl get ns tap-install

    The output lists the status of the tap-install namespace:

    NAME          STATUS   AGE
    tap-install   Active   2d
  2. Create a registry secret to store your registry credentials in the tap-install namespace. These are required so that the Kubernetes cluster can pull images for the Application Service Adapter system from the internal registry.

    tanzu secret registry add internal-tas-adapter-registry \
      --server INTERNAL-REGISTRY \
      --export-to-all-namespaces \
      --yes \
      --namespace tap-install


  3. Add the Application Service Adapter package repository to the cluster.

    tanzu package repository add tas-adapter-repository \
      --url <INTERNAL-REGISTRY>/tas-adapter-package-repo:${TAS_ADAPTER_VERSION} \
      --namespace tap-install
  4. Verify that the package repository contains the Application Service Adapter package.

    tanzu package available list \
      --namespace tap-install

    The output includes the Application Service Adapter package:

    NAME                                          DISPLAY-NAME                 SHORT-DESCRIPTION                                                   LATEST-VERSION
    ...  Application Service Adapter  Application Service Adapter for VMware Tanzu Application Platform  1.0.0
  5. List the installation settings for the application-service-adapter package.

    tanzu package available get${TAS_ADAPTER_VERSION} --values-schema --namespace tap-install

    It should output a list of settings similar to:

    | Retrieving package details for
      KEY                         DEFAULT  TYPE     DESCRIPTION          string   TLS CA certificate of your cluster's auth proxy                  string   FQDN of your cluster's auth proxy
      api_ingress.fqdn                     string   FQDN used to access the Cloud Foundry API
      api_ingress.tls.crt                  string   TLS certificate for the Cloud Foundry API (PEM format)
      api_ingress.tls.key                  string   TLS private key for the Cloud Foundry API (PEM format)
      app_ingress.default_domain           string   Default application domain
      app_ingress.tls.crt                  string   TLS certificate for the default application domain (PEM format)
      app_ingress.tls.key                  string   TLS private key for the default application domain (PEM format)
      app_registry.path.droplets           string   Container registry repository where staged, runnable app images (Droplets) will be stored
      app_registry.path.packages           string   Container registry repository where uploaded app source code (Packages) will be stored
      kpack_clusterbuilder_name  default   string   Name of the kpack cluster builder to use for staging

For installation and configuration instructions, see the install guide.

check-circle-line exclamation-circle-line close-line
Scroll to top icon