This topic describes how to install Cloud Native Runtimes for Tanzu. This includes installing the serving and eventing services. You must install a Kubernetes cluster on a cloud platform provider, install command line tools, configure your cluster, and download Cloud Native Runtimes before installing. You install Cloud Native Runtimes on a Kubernetes cluster.

Prerequisites

The following prerequisites are required to install Cloud Native Runtimes:

  • Kubernetes v1.18 or later

    • For information about creating a compatible Kubernetes cluster, see Create a Kubernetes Cluster. Cloud Native Runtimes is compatible with a Kubernetes cluster on the following Kubernetes providers:
      • Tanzu Kubernetes Grid v1.3.1 and later
      • Tanzu Kubernetes Grid Integrated Edition (TKGI)
      • Tanzu Mission Control
      • vSphere 7.0 with Tanzu
      • Google Kubernetes Engine (GKE)

        Note: GKE Autopilot is not supported.

      • Azure Kubernetes Service
      • Amazon Elastic Kubernetes Service
      • Docker Desktop
      • kind
      • minikube

      Note: For a cluster with one node, set CPUs to at least 6, memory to at least 6.0 GB, and disk storage to at least 30 GB. For a cluster with multiple nodes, set CPUs to at least 2, memory to at least 4.0 GB, and disk storage to at least 20 GB for each node.

    • Your Cloud Provider must support the creation of Service type LoadBalancer. For information about Service type LoadBalancer, see the Kubernetes documentation and your cloud provider documentation. For more information about Tanzu Kubernetes Grid support for Service type LoadBalancer, see Install VMware NSX Advanced Load Balancer on a vSphere Distributed Switch.

      The exception is local installation, which does not require support for Service type LoadBalancer.

  • Kapp-controller v0.17.0 or later. To download kapp-controller, see Install in the Carvel documentation.

    Note: Kapp-controller is pre-installed on Tanzu Kubernetes Grid v1.3.1 and later.

  • Command line tools. The following command line tools are required:
    • kubectl (v1.18 or later)
    • kapp (v0.34.0 or later)
    • ytt (v0.30.0 or later)
    • kbld (v0.28.0 or later)
    • kn
  • (Highly recommended for production environments) A domain name for your installation. You use this domain name to set up the external DNS as described in Set Up External DNS below.
  • (Optional) Use the Octant Plugin for Knative to view, manage, create, and delete Knative resources within Octant. For information about installing Octant, see Octant Plugin for Knative in GitHub.
  • If you are installing Cloud Native Runtimes on a cluster that is attached to Tanzu Service Mesh, see Configuring Cloud Native Runtimes with Tanzu Service Mesh.
  • Pod Security Policy role bindings. If you have pod security policies (PSP) enabled on your Kubernetes cluster, create one of the following role bindings on the Kubernetes cluster where you install kapp-controller and Cloud Native Runtimes:

    • vSphere 7.0 with Tanzu:
    apiVersion: rbac.authorization.k8s.io/v1   
    kind: ClusterRoleBinding
    metadata:
      name: kapp-controller-psp-role-binding
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: ClusterRole
      name: psp:vmware-system-restricted
    subjects:
    - kind: ServiceAccount
      name: kapp-controller-sa
      namespace: kapp-controller
    
    • Tanzu Kuberetes Grid Integrated Edition (TKGI)
    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRoleBinding
    metadata:
      name: kapp-controller-psp-role-binding
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: ClusterRole
      name: psp:restricted
    subjects:
    - kind: ServiceAccount
      name: kapp-controller-sa
      namespace: kapp-controller
    

Create a Kubernetes Cluster

To use Cloud Native Runtimes, you must have a Kubernetes cluster. See the following resources to create and configure your Kubernetes cluster, depending on your platform provider. Cloud Native Runtimes is compatible with a Kubernetes cluster on any of the following Kubernetes cloud platform providers:

Download Cloud Native Runtimes

To install Cloud Native Runtimes, you must first download the installation package from VMware Tanzu Network.

To download Cloud Native Runtimes:

  1. Log into VMware Tanzu Network.
  2. Navigate to the Cloud Native Runtimes release page.
  3. Download the cloud-native-runtimes-1.0.x.tgz archive.
  4. Extract the contents of cloud-native-runtimes-1.0.x.tgz, for example:
    tar -xvf cloud-native-runtimes-1.0.0.tgz
    

Use Image Relocation with Cloud Native Runtimes

Follow this image relocation procedure if either of the following are true:

  • You do not have access to the VMware Harbor registry.
  • Your security policies require that you access images from a designated private registry.

If you are installing Cloud Native Runtimes using image relocation with a registry that does not have a publicly-rooted certificate, you need to provision your cluster with a self-signed certificate. For information about provisioning a cluster with a self-signed certificate, see How to Set Up a Harbor Registry with Self-Signed Certificates for Tanzu Kubernetes Clusters.

Prerequisites

In addition to the prerequsites listed above, you need the following prerequisites:

  • imgpkg v0.13.0 or later. To download imgpkg, see the imgpkg website.
  • To use image relocation with a private registry, set the following environment variables:
    • cnr_registry__server. Where cnr_registry__server is the URI of the registry.
    • cnr_registry__username. Where cnr_registry__username is the username for the registry.
    • cnr_registry__password. Where cnr_registry__password is the password to access the registry.

    Note: The environment variables include two underscore symbols ( _ ).

Relocate Image to Private Registry

To relocate the Cloud Native Runtimes image to a private registry:

  1. Download cloud-native-runtimes-1.0.x.lock file from the Cloud Native Runtimes release page.

  2. Log in to your registry through Docker or, for other authentication options, such as environment variables, see the imgpkg documentation.

  3. Push the bundle to a registry. Run:

    imgpkg copy --lock cloud-native-runtimes-1.0.x.lock --to-repo LINK-TO-PRIVATE-REPO --lock-output LOCK-OUTPUT
    

    Where:

    • LINK-TO-PRIVATE-REPO is the path to the private registry.
    • LOCK-OUTPUT is the name of your lock output file.

    Note: If you do not have the certificates for your private registry, then add --registry-verify-certs=false to the command and to the command in step 4.

    For example:

     $ imgpkg copy --lock cloud-native-runtimes-1.0.0.lock --to-repo my.corp.registry/cnr --lock-output ./relocated.lock --registry-verify-certs=false 

  4. Pull your image. Run:

    imgpkg pull --lock LOCK-OUTPUT -o ./cloud-native-runtimes
    

    Where LOCK-OUTPUT is the name of your lock output file.

    For example:

    $ imgpkg pull --lock ./relocated.lock -o ./cloud-native-runtimes 

  5. Navigate to the cloud-native-runtimes directory. Run:

    cd cloud-native-runtimes
    
  6. Mark the install.sh file as executable by updating the install script permission. Run:

    chmod +x ./bin/install.sh
    
  7. Follow the steps in Preparing to Create a Service to create a secret for your private registry.

Install Cloud Native Runtimes

Use one of the following procedures, depending on your platform, to install Cloud Native Runtimes. To install, you target the cluster and run the installation script.

Note: If you see the following error message after you run the Cloud Native Runtimes installation script, see Installing Cloud Native Runtimes with an Existing Contour Installation:
Could not proceed with installation. Refer to Cloud Native Runtimes documentation for details on how to utilize an existing Contour installation. Another app owns the custom resource definitions listed below.

Install on Tanzu Kubernetes Grid

To install Cloud Native Runtimes on Tanzu Kubernetes Grid:

  1. Target the cluster you want to use. See Connect to Your New Cluster in the Tanzu Kubernetes Grid documentation.

  2. Verify that you are targeting the correct Kubernetes cluster. Run:

    kubectl cluster-info
    
  3. Run the installation script from the cloud-native-runtimes directory:

    ./bin/install.sh
    

    Note: If the installation fails with a kapp: Error: message, see Installation fails with kapp-controller v0.16 in Troubleshooting.

Install on TKGI

To install Cloud Native Runtimes on Tanzu Kubernetes Grid Integrated Edition:

  1. Target the cluster you want to use. See Create a Kubernetes Cluster in the TKGI documentation.

  2. Verify that you are targeting the correct Kubernetes cluster. Run:

    kubectl cluster-info
    
  3. Run the installation script from the cloud-native-runtimes directory:

    ./bin/install.sh
    

Install on Tanzu Mission Control

To install Cloud Native Runtimes on Tanzu Mission Control:

  1. Target the cluster you want to use. See Register Your Management Cluster in the Tanzu Mission Control documentation.

  2. Verify that you are targeting the correct Kubernetes cluster. Run:

    kubectl cluster-info
    
  3. Run the installation script from the cloud-native-runtimes directory:

    ./bin/install.sh
    

Install on vSphere

To install Cloud Native Runtimes on vSphere 7.0 with Tanzu:

  1. Target the cluster you want to use. See Register Your Management Cluster with Tanzu Mission Control in the VMware Tanzu Kubernetes Grid documentation.

  2. Verify that you are targeting the correct Kubernetes cluster. Run:

    kubectl cluster-info
    
  3. Run the installation script from the cloud-native-runtimes directory:

    cnr_provider=tkgs ./bin/install.sh
    

Install on Kubernetes Cloud Platforms

To install Cloud Native Runtimes on Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), or Google Kubernetes Engine (GKE):

  1. Target the cluster you want to use:

  2. Verify that you are targeting the correct Kubernetes cluster. Run:

    kubectl cluster-info
    
  3. Run the installation script from the cloud-native-runtimes directory:

    ./bin/install.sh
    

Install on a Local Kubernetes Cluster Provider

To install Cloud Native Runtimes on Docker Desktop, kind, or minikube:

Note: To install on minikube, you need at least 4GB of available system RAM for all pods to start.

  1. Target the cluster you want to use. See Docker Desktop for Mac user manual, kind User Guide, or minikube start.

  2. Verify that you are targeting the correct Kubernetes cluster. Run:

    kubectl cluster-info
    
  3. Run the installation script from the cloud-native-runtimes directory:

    cnr_provider=local ./bin/install.sh
    

Set Up External DNS

Knative uses example.com as the default domain. After Cloud Native Runtimes is installed on your cluster, you change the default domain to your custom domain.

Note: If you are setting up Cloud Native Runtimes for development or testing, you do not have to set up an external DNS. However, if you want to access your workloads (apps) over the internet, then you do need to set an external DNS.

To set up the custom domain and its external DNS record:

  1. Set your custom domain by following the instructions Edit using kubectl or Apply from a file in the Knative documentation.

    When your workloads are created, Knative automatically creates URLs for each workload based on this custom domain.

  2. Get the address of the cluster load balancer:

    kubectl get service envoy -n contour-external --output 'jsonpath={.status.loadBalancer.ingress}'
    

    If this command returns a URL instead of an IP address, then ping the URL to get the load balancer IP address.

  3. Create a wildcard DNS A record that assigns the custom domain to the load balancer IP. Follow the instructions provided by your domain name registrar for creating records.

    The record created looks like:

    *.DOMAIN IN A TTL LOADBALANCER-IP
    

    Where:

    • DOMAIN is the custom domain.
    • TTL is the time-to-live.
    • LOADBALANCER-IP is the load balancer IP.

    For example:

    *.mydomain.com IN A 3600 198.51.100.6

check-circle-line exclamation-circle-line close-line
Scroll to top icon