This topic tells you how to install, upgrade, and uninstall Cluster Essentials v1.9.2.
Installation requires Kubernetes cluster v1.25, v1.26, v1.27, v1.28 or v1.29 on one of the following Kubernetes providers:
The Cluster Essentials install script can only be run on AMD64 CPUs with macOS, Windows or Linux.
If you are using a VMware Tanzu Kubernetes Grid cluster, you do not need to install Cluster Essentials because the contents of Cluster Essentials are already installed on your cluster.
For all other clusters, install Cluster Essentials using the following steps.
Sign in to the Broadcom Support Portal.
Go to Cluster Essentials for VMware Tanzu in Tanzu > My Downloads.
Expand the Cluster Essentials for VMWare Tanzu section.
Retrieve your Broadcom registry API token:
Click the Token Download icon next to the Cluster Essentials version you want to download.
Follow the instructions in the dialog box. Save the token as a variable named MY_BROADCOM_SUPPORT_ACCESS_TOKEN
. For example:
export MY_BROADCOM_SUPPORT_ACCESS_TOKEN=API-TOKEN
Where API-TOKEN
is your token from the Broadcom Support Portal.
Click 1.9.2.
Select the I agree to Terms and Conditions check box.
Choose a download according to your Kubernetes provider and operating system:
tanzu-cluster-essentials-darwin-amd64-1.9.2.tgz
.tanzu-cluster-essentials-linux-amd64-1.9.2.tgz
.tanzu-cluster-essentials-windows-amd64-1.9.2.tgz
.Unpack the TAR file into the tanzu-cluster-essentials
directory:
On macOS or Linux:
mkdir $HOME/tanzu-cluster-essentials
tar -xvf DOWNLOADED-CLUSTER-ESSENTIALS-BUNDLE -C $HOME/tanzu-cluster-essentials
Where DOWNLOADED-CLUSTER-ESSENTIALS-BUNDLE
is the name of the bundle you downloaded.
On Windows, in Command Prompt:
:: Ensure you are in the directory where you have downloaded DOWNLOADED-CLUSTER-ESSENTIALS-BUNDLE
mkdir tanzu-cluster-essentials
tar -xvf DOWNLOADED-CLUSTER-ESSENTIALS-BUNDLE -C tanzu-cluster-essentials
Where DOWNLOADED-CLUSTER-ESSENTIALS-BUNDLE
is the name of the bundle you downloaded.
For air-gapped installation, download the bundle:
On macOS or Linux:
$ cd tanzu-cluster-essentials
$ IMGPKG_REGISTRY_HOSTNAME=cluster-essentials.packages.broadcom.com \
IMGPKG_REGISTRY_USERNAME=BROADCOM-REGISTRY-USERNAME \
IMGPKG_REGISTRY_PASSWORD=${MY_BROADCOM_SUPPORT_ACCESS_TOKEN} \
./imgpkg copy \
-b cluster-essentials.packages.broadcom.com/tanzu-cluster-essentials/cluster-essentials-bundle@sha256:267c635556b060fb917d1b9165bbbc5c5b2f3bb576f2ca7c8ec61d1b7b465fbc \
--to-tar cluster-essentials-bundle-1.9.2.tar \
--include-non-distributable-layers
Where BROADCOM-REGISTRY-USERNAME
is your username for Broadcom registry.
On Windows, in Command Prompt:
cd tanzu-cluster-essentials
set IMGPKG_REGISTRY_HOSTNAME=cluster-essentials.packages.broadcom.com
set IMGPKG_REGISTRY_USERNAME=BROADCOM-REGISTRY-USERNAME
set /p IMGPKG_REGISTRY_PASSWORD=password:
:: Interactively enter $MY_BROADCOM_SUPPORT_ACCESS_TOKEN
imgpkg copy ^
-b cluster-essentials.packages.broadcom.com/tanzu-cluster-essentials/cluster-essentials-bundle@sha256:267c635556b060fb917d1b9165bbbc5c5b2f3bb576f2ca7c8ec61d1b7b465fbc ^
--to-tar cluster-essentials-bundle-1.9.2.tar ^
--include-non-distributable-layers
Where BROADCOM-REGISTRY-USERNAME
is your username for Broadcom registry.
List the existing contexts by running:
kubectl config get-contexts
Set the context to the cluster that you want to use for the Cluster Essentials install.
kubectl config use-context CONTEXT-NAME
Where CONTEXT-NAME
can be retrieved from the outputs of the previous step.
To deploy to your cluster, create a configuration secret if your registry requires a custom certificate then run the script to install Cluster Essentials.
If your registry needs a custom certificate, you must load that configuration into the cluster before installing kapp-controller
.
If your registry uses a public certificate, these steps are not required.
Create the kapp-controller
namespace:
kubectl create namespace kapp-controller
Create a configuration secret by using the registry’s ca.crt
stored on local disk:
kubectl create secret generic kapp-controller-config \
--namespace kapp-controller \
--from-file caCerts=ca.crt
Configure and run install.sh
, which installs kapp-controller
and secretgen-controller
on your cluster:
For online installation, run:
export INSTALL_BUNDLE=cluster-essentials.packages.broadcom.com/tanzu-cluster-essentials/cluster-essentials-bundle@sha256:267c635556b060fb917d1b9165bbbc5c5b2f3bb576f2ca7c8ec61d1b7b465fbc
export INSTALL_REGISTRY_HOSTNAME=cluster-essentials.packages.broadcom.com
export INSTALL_REGISTRY_USERNAME=BROADCOM-REGISTRY-USERNAME
export INSTALL_REGISTRY_PASSWORD=${MY_BROADCOM_SUPPORT_ACCESS_TOKEN}
export CA_PATH=/PATH-TO-CA-CERT/ca.crt
cd $HOME/tanzu-cluster-essentials
./install.sh --yes
Where:
BROADCOM-REGISTRY-USERNAME
is your username for Broadcom registry.PATH-TO-CA-CERT
is the location of your custom CA certificate.
Note
CA_PATH
is only required if your registry needs the custom certificate you optionally provided earlier to pull the image and deploy kapp-controller.
For air-gapped installation:
Upload the previously downloaded bundle to the air-gapped registry and install Cluster Essentials by running:
$ cd tanzu-cluster-essentials
$ IMGPKG_REGISTRY_HOSTNAME=MY-REGISTRY \
IMGPKG_REGISTRY_USERNAME=MY-REGISTRY-USER \
IMGPKG_REGISTRY_PASSWORD=MY-REGISTRY-PASSWORD \
CA_PATH=/PATH-TO-CA-CERT/ca.crt \
./imgpkg copy \
--tar cluster-essentials-bundle-1.9.2.tar \
--to-repo MY-REGISTRY/cluster-essentials-bundle \
--include-non-distributable-layers \
--registry-ca-cert-path CA_PATH
$ INSTALL_BUNDLE=MY-REGISTRY/cluster-essentials-bundle@sha256:678c20e14e1065c6a97828632d02b0716ef453e2c9b3c5e1ea0dba1817bd8125 \
INSTALL_REGISTRY_HOSTNAME=MY-REGISTRY \
INSTALL_REGISTRY_USERNAME=MY-REGISTRY-USER \
INSTALL_REGISTRY_PASSWORD=MY-REGISTRY-PASSWORD \
./install.sh
Where:
MY-REGISTRY
is your air-gapped container registry.MY-REGISTRY-USER
is the user with write access to MY-REGISTRY
.MY-REGISTRY-PASSWORD
is the password for MY-REGISTRY-USER
.PATH-TO-CA-CERT
is the location of your custom CA certificate.
Note
CA_PATH
is only required if your registry needs the custom certificate you optionally provided earlier to pull the image and deploy kapp-controller.
Configure and run install.bat
, which installs kapp-controller
and secretgen-controller
on your cluster:
For online installation, run:
cd tanzu-cluster-essentials
set INSTALL_BUNDLE=cluster-essentials.packages.broadcom.com/tanzu-cluster-essentials/cluster-essentials-bundle@sha256:267c635556b060fb917d1b9165bbbc5c5b2f3bb576f2ca7c8ec61d1b7b465fbc
set INSTALL_REGISTRY_HOSTNAME=cluster-essentials.packages.broadcom.com
set INSTALL_REGISTRY_USERNAME=BROADCOM-REGISTRY-USERNAME
set /p INSTALL_REGISTRY_PASSWORD=password:
:: Interactively enter $MY_BROADCOM_SUPPORT_ACCESS_TOKEN
set CA_PATH=/PATH-TO-CA-CERT/ca.crt
install.bat
Where:
BROADCOM-REGISTRY-USERNAME
is your username for Broadcom registry.PATH-TO-CA-CERT
is the location of your custom CA certificate.
Note
CA_PATH
is only required if your registry needs the custom certificate you provided earlier to pull the image and deploy kapp-controller.
For air-gapped installation:
Upload the previously downloaded bundle to the air-gapped registry and install Cluster Essentials by running:
cd tanzu-cluster-essentials
set IMGPKG_REGISTRY_HOSTNAME=MY-REGISTRY
set IMGPKG_REGISTRY_USERNAME=MY-REGISTRY-USER
set IMGPKG_REGISTRY_PASSWORD=password:
:: Interactive enter MY-REGISTRY-PASSWORD
set CA_PATH=/PATH-TO-CA-CERT/ca.crt
imgpkg copy ^
--tar cluster-essentials-bundle-1.9.2.tar ^
--to-repo MY-REGISTRY/cluster-essentials-bundle ^
--include-non-distributable-layers ^
--registry-ca-cert-path CA_PATH
set INSTALL_BUNDLE=MY-REGISTRY/cluster-essentials-bundle@sha256:678c20e14e1065c6a97828632d02b0716ef453e2c9b3c5e1ea0dba1817bd8125
set INSTALL_REGISTRY_HOSTNAME=MY-REGISTRY
set INSTALL_REGISTRY_USERNAME=MY-REGISTRY-USER
set /p INSTALL_REGISTRY_PASSWORD=password:
:: Interactively enter MY-REGISTRY-PASSWORD
install.bat
Where:
MY-REGISTRY
is your air-gapped container registry.MY-REGISTRY-USER
is the user with write access to MY-REGISTRY
.MY-REGISTRY-PASSWORD
is the password for MY-REGISTRY-USER
.PATH-TO-CA-CERT
is the location of your custom CA certificate.
Note
CA_PATH
is only required if your registry needs the custom certificate you provided earlier to pull the image and deploy kapp-controller.
$PATH
(Optional) Several Tanzu products, such as Tanzu Application Platform, use the kapp
CLI to deploy. For convenience, you can install the kapp
CLI onto your $PATH
:
sudo cp $HOME/tanzu-cluster-essentials/kapp /usr/local/bin/kapp
(Optional) Several Tanzu products, such as Tanzu Application Platform, use the imgpkg
CLI to relocate packages. For convenience, you can install the imgpkg
CLI onto your $PATH
:
sudo cp $HOME/tanzu-cluster-essentials/imgpkg /usr/local/bin/imgpkg
Cluster Essentials components (such as kapp-controller
and secretgen-controller
) cannot be upgraded on clusters provisioned using VMware Tanzu Kubernetes Grid and VMware Tanzu Mission Control.
For all other clusters, if you already have Cluster Essentials v1.0 or later installed on your target cluster, you can upgrade to Cluster Essentials v1.9.2 using the following steps. Running this upgrade updates the kapp-controller
version on your cluster to v0.51.2
and secretgen-controller
version to v0.17.3
.
Follow the steps in Download artifacts from the Broadcom Support Portal and Set Kubernetes cluster context.
Configure and run install.sh
, which installs kapp-controller
and secretgen-controller
on your cluster:
On macOS or Linux:
cd $HOME/tanzu-cluster-essentials
export INSTALL_BUNDLE=cluster-essentials.packages.broadcom.com/tanzu-cluster-essentials/cluster-essentials-bundle@sha256:267c635556b060fb917d1b9165bbbc5c5b2f3bb576f2ca7c8ec61d1b7b465fbc
export INSTALL_REGISTRY_HOSTNAME=cluster-essentials.packages.broadcom.com
export INSTALL_REGISTRY_USERNAME=BROADCOM-REGISTRY-USERNAME
export INSTALL_REGISTRY_PASSWORD=${MY_BROADCOM_SUPPORT_ACCESS_TOKEN}
./install.sh --yes
Where BROADCOM-REGISTRY-USERNAME
is your username for Broadcom registry.
On Windows, in Command Prompt:
cd tanzu-cluster-essentials
set INSTALL_BUNDLE=cluster-essentials.packages.broadcom.com/tanzu-cluster-essentials/cluster-essentials-bundle@sha256:267c635556b060fb917d1b9165bbbc5c5b2f3bb576f2ca7c8ec61d1b7b465fbc
set INSTALL_REGISTRY_HOSTNAME=cluster-essentials.packages.broadcom.com
set INSTALL_REGISTRY_USERNAME=BROADCOM-REGISTRY-USERNAME
set /p INSTALL_REGISTRY_PASSWORD=password:
:: Interactively enter $MY_BROADCOM_SUPPORT_ACCESS_TOKEN
install.bat
Where BROADCOM-REGISTRY-USERNAME
is your username for Broadcom registry.
(Optional) Follow the steps in Install CLIs onto your $PATH to install newer versions of the kapp
and imgpkg
CLIs to your path.
CautionUninstalling Cluster Essentials when the upgrade fails will cause an unrepairable state for your cluster.
To rollback to the previously installed version, follow the previous version of Cluster Essentials deployment instructions.
CautionUninstalling Cluster Essentials when the installation fails will cause an unrepairable state for your cluster.
You must uninstall all the Custom Resources created by
kapp-controller
andsecretgen-controller
before running the uninstall script for Cluster Essentials.
Follow the steps in Set Kubernetes cluster context.
Run uninstall.sh
, which uninstalls kapp-controller
and secretgen-controller
on your cluster:
On macOS or Linux:
cd $HOME/tanzu-cluster-essentials
./uninstall.sh --yes
On Windows (in “Command Prompt” app):
cd tanzu-cluster-essentials
uninstall.bat