VMware Application Catalog is a customizable selection of open source software from the Bitnami collection that is continuously maintained and verifiably tested for use in production environments. VMware Application Catalog gives developers the productivity and agility of pre-packaged apps and components, while enabling operators to meet the stringent security and transparency requirements of enterprise IT.
This guide will walk you through the VMware Application Catalog environment.
In addition, you will learn how to consume the VMware Application Catalog content in the following ways:
Enterprises can consume and deploy trusted and updated applications from a catalog tailored to their needs. This catalog is distributed through a private repository to internal customers.
This tutorial assumes that:
You have subscribed to VMware Application Catalog service.
Don’t have VMware Application Catalog subscription? To learn more and talk to VMware representative, visit VMware Application Catalog.
Go to VMware Application Catalog and sign in using your VMware Account.
VMware Application Catalog has an extensive collection of continuously maintained and tested container images and Helm charts. source applications. To browse the VMware Application Catalog:
A list of all the applications available on VMware Application Catalog appear.
These applications are continuously updated and so that you can consume them for development and deployment.
To browse the extensive list of contain images available on VMware Application Catalog, on the left pane, click the Container Image filter. List of all the container images available on VMware Application catalog is displayed with the following information:
“Details” link to view more information associated with that container image
If a container has more than one released version, then all the versions are displayed.
You can use the following filters to search the container of your choice in the catalog:
The following image shows the catalog filtered by type, status, and operating system:
You can view the following information when you click “Details” next to an application:
To browse the extensive list of Helm charts available on VMware Application Catalog, on the left pane, click the Helm Chart filter. List of all the Helm charts available on VMware Application catalog is displayed with the following information:
“Details” link to view more information associated with that chart or its container image
You can use the following filters to search the Helm charts of your choice in the catalog:
The following image shows the catalog filtered by type, status, and operating system:
You can view the following information when you click “Details” next to a Helm chart:
Dependencies: container image included in the chart and its related information such as status, base image and release version
You can inspect the chart dependencies by clicking the container image. You will see the information related to that container, showing a tag indicating that the selected container is a part of a Helm chart:
VMware Application Catalog provides you the option of creating your own custom catalog. To create a custom catalog:
In the “My Applications” page, click the “ADD NEW APPLICATIONS” button.
The “Add New Applications” page appears.
You can deploy VMware Application Catalog on Kubernetes or virtual machine platforms. Select one of the following platforms, the associated base image options, and then click the “NEXT” button:
If you are deploying VMware Application Catalog on Kubernetes, click on the “Kubernetes” tile. A list of all the VMware supported base images for Kubernetes appears. Select a base image from the list.
If you select the “Custom Base Image” option, a list of all the custom base images that you would have added previously will appear. Select a base image from the list and then click the “NEXT” button. If you wish to add a new custom base image, then follow these instructions:
In the left navigation pane, click “Base Images”.
The “Base Images” page appears.
In the “Add Custom Base Image” dialog, do the following and then click the “ADD” button:
Select a registry that you have added to VMware Application Catalog.
NOTE: If you have not yet created any registry or if you do not want choose the existing registries and wish to add a new registry, then follow the instructions provided in the “Adding a new registry” section below.
Enter the location or path to the base image in the chosen registry you configured previously. For example, base-images/debian:buster or just debian:buster depending on the registry URL you previously configured. If you don’t specify a version, then VMware Application Catalog considers the latest version.
The base image that you added appears in the “My Custom Base Images” section.
To add a new registry:
In the “Add Registry” dialog, provide the following information and click “ADD”:
NOTE: The Egress IP(s) field appears only if your registry that trying to configure is either GCR or Harbor.
The newly added registry appears in the “My Registries” section.
If you are deploying VMware Application Catalog on virtual machines, click on the “Virtual Machines” tile.
NOTES:
Select the applications for your catalog and then click the “NEXT” button.
The “Active Artifacts” counter, below the application list, displays the number of artifacts selected, total number of artifacts eligible for your subscription quota, and the number of artifacts remaining in your subscription quota.
Example: At the time of adding a new application, your subscription entitles you to 25 artifacts. As you have already consumed five artifacts the Active Artifacts counter displays “25 (20 left)”. If you select five more applications from the list the Active Artifacts counter would display “25 (15 left)”.
NOTE: You will not be able to select an application in the following scenarios: - Application is not compatible with the base image that you have selected. - Application is already part of your catalog.
A list of all the registries that you would have added previously appears. Select an appropriate registry from the list and click the “NEXT” button. After your request is processed, all the applications and their updates will be pushed to this registry.
NOTES:
Google Container Registry (GCR)
To add GCR, do the following:
| Field | Description |
|---|---|
| Provider | Select the “Google Container Registry (GCR)” option. |
| Name | Enter a name. |
| Description | Enter appropriate description. |
| Registry URL | Enter the path to the GCR registry appended with https://. For example, https://gcr.io/myvacregistry. This corresponds to the base URL where the GCR instance resides. VAC pushes all the requested assets to this GCR instance. The registry URL contains the path to the repository. In GCR, repositories are created on the fly while pushing the subscribed assets for the first time. |
| Credentials (JSON) | Copy and paste the contents of the Credentials.JSON file generated by GCR in the service account as shown in the image below. For more information on how to generate credentials in GCR, see JSON key file. |
Azure Container Registry
To add Azure Container Registry, do the following:
| Field | Description |
|---|---|
| Provider | Select the “Azure Container Registry” option. |
| Name | Enter a name. |
| Description | Enter a description. |
| Registry URL | Enter the Azure login server path appended with https://. For example, https://myvacregistry.azurecr.io. This corresponds to the base URL where the Azure Container Registry instance resides. VAC pushes all the requested assets to this Azure container registry. The registry URL contains the path to the repository. In the Azure Container Registry, the repositories are created on the fly while pushing the subscribed assets for the first time. |
| Access Key | Enter the username that corresponds to the username generated on the Azure portal. It is recommended to provide the registry access by generating a service principal with read and write access. For more information on how to generate service principal object, see Azure Container Registry authentication with service principals. |
| Password | Enter the password that corresponds to the password generated on the Azure portal. It is recommended to provide registry access by generating a service principal with read and write access. For more information on how to generate service principal object, see Azure Container Registry authentication with service principals. |
Amazon Elastic Container Registry
To add Amazon Elastic Container Registry, do the following:
| Field | Description |
|---|---|
| Provider | Select the “Amazon Elastic Container Registry” option. |
| Name | Enter a name. |
| Description | Enter a description. |
| Registry URL | Enter the Amazon ECR login server path appended with https://. For example, https://456981234946.dkr.ecr.us-east-1.amazonaws.com. This corresponds to the base URL where the Amazone Elastic Container Registry instance resides. VAC pushes all the requested assets to this Amazon container registry. The registry URL contains the path to the repository. In the Amazon Elastic Container Registry, the repositories are created on the fly while pushing the subscribed assets for the first time. |
| Access Key ID | Enter the Access Key ID created on the AWS portal. It is recommended to provide the registry access by generating an IAM user with read and write access. For more information on how to configure ECR access , see Identity and Access Management for Amazon Elastic Container Registry. |
| Secret Access Key | Enter the Secret Access Key on the AWS portal. It is recommended to provide registry access by generating an IAM user with read and write access. For more information on how to configure ECR access, see Identity and Access Management for Amazon Elastic Container Registry. |
Harbor
To add a Harbor registry, do the following:
Ensure that you have created a project in Harbor. For more information on how to create a project, see Create Projects.
Enter the following configuration details:
| Field | Description |
|---|---|
| Provider | Select the “Harbor” option. |
| Name | Enter a name. |
| Description | Enter a description. |
| Registry URL | Enter the path to the Harbor project appended with https://. For example, https:\\demo.goharbor.io\myproject. This corresponds to the base URL where the Harbor project instance resides. VAC pushes all the requested assets to this Harbor project. The registry URL contains the path to the repository. In Harbor, the repositories are created on the fly while pushing the subscribed assets for the first time. |
| Access Key | Enter the username that corresponds to the username generated on the Harbor portal. It is recommended to provide registry access by generating a robot account with read and write access. For more information on robot accounts, see Create Project Robot Accounts. |
| Password | Enter the password that corresponds to the password generated on the Harbor portal. It is recommended to provide registry access by generating a robot account with read and write access. For more information on robot accounts, see Create Project Robot Accounts. |
JFrog Container Registry (JCR)
To add a JFrog Container Registry, do the following:
Ensure that you have created an JFrog Container Registry. For more information on how to create a registry, see Getting Started With Artifactory as a Docker Registry.
Enter the following configuration details:
| Field | Description |
|---|---|
| Provider | Select the “JFrog Container Registry (JCR)” option. |
| Name | Enter a name. |
| Description | Enter a description. |
| Registry URL | Enter the path to the JCR registry appended with https://. For example, https://myvacregistry-docker-local.artifactory.acme.com (the URL may vary depending on if the antifactory instance is on cloud or on-self-hosted). This corresponds to the base URL where the JCR instance resides. VAC pushes all the requested assets to this JCR instance. The registry URL contains path to the repository. In JCR, repositories are created on the fly while pushing the subscribed assets for the first time. |
| Username | Enter the username that corresponds to the username generated on the JCR portal. |
| Password | Enter the password that corresponds to the password generated on the JCR portal. |
(Optional) Provide an appropriate name and description for your request and then click “NEXT”.
Review the summary of your request, make appropriate changes if required and, then click the “SUBMIT” button.
A message appears confirming that your new application request has been successfully submitted.
NOTE: It may take up to two weeks to review and process your request. You can monitor the status of your request in the “My Requests” tab. It displays the list of all the requests you have submitted along with the status. It also displays the statistics of your active artifacts and requests. You can view the details by clicking the arrow next to each request.
After your request is processed, the application appears in the “My Applications” tab.
VMware Application Catalog builds trusted and continuously maintained content that can be consumed in the following ways:
TIP: Check out the Consume VMware Application Catalog Helm charts In Your Local Machine guide to learn more about this topic.
In this scenario, we will describe how to push the content to your local machine using the Docker or the Helm CLI depending on the type of content you want to use.
To run a container from VMware Application Catalog:
Execute the docker run command followed by the container tag you selected. The below command is an example of how to download and run the container image for Chartmuseum (replace the example registry URL shown with the corresponding URL for your VMware Application Catalog container registry):
$ docker run gcr.io/sys-2b0109it/demo/bitnami/chartmuseum:0-centos-7
To run a Helm chart from VMware Application Catalog:
Copy the commands you will find in the “Helm Install” section and execute them in a terminal window on the machine you have your Kubernetes cluster running.
TIP: Check out the Consume VMware Application Catalog Helm charts using Kubeapps guide to learn more about this topic.
You can deploy the Helm charts available in your catalog using the Kubeapps user interface. To do so, you only need to add the VMware Application Catalog as an application repository in Kubeapps.
In the “Configuration” menu, select the “App Repositories” option.
In the resulting screen, give a name to your repository and add the chart URL you will find under the “Chart Information” section in VMware Application Catalog if you want to add a specific chart to Kubeapps:
To add the entire catalog to Kubeapps, use this URL instead: https://charts.app-catalog.vmware.com/demo
Select an authentication method and click “Install Repo” to finish the process.
The VMware Application Catalog demo that you are accessing automatically pushes the content of the container catalogs to Google Container Registry (GCR), so it is very easy to check and manage a container image from the Google Cloud platform user interface.
Navigate to a container catalog and click the “Details” link of the container image you want to check.
Copy the URL you will find under the “Digest” section.
Log in to Google Cloud Platform if you aren’t, open a new tab of your browser and paste the URL in the navigation bar. You will be redirected to the Google Container Registry. You will see all the information related to the container image you selected:
To pull the image, click the “Show Pull Command” button, copy the commands and paste them into a terminal window or in the Google Cloud Shell:
Check out the Consume VMware Application Catalog Images using a Private Harbor Registry guide to learn more about this topic.
If you are no longer using an application, you can delete it from your catalog. This decreases the active artifacts consumption in your subscription.
When you delete an application, it will be greyed out and marked as deleted in your catalog. VMware Application Catalog stops releasing new updates to the deleted application in your catalog. After two months from the date of deletion, the application will be marked as archived and moved to the “Archived” tab.
To delete applications from your catalog:
Go to “Applications”. In the “My Requests” tab, click the “DELETE APPLICATIONS” button.
The Delete Application page appears.
Select the applications that you want to delete from your catalog and then click the “DELETE APPLICATIONS” button.
NOTE: The “Used” count in the Active Artifacts counter changes for each application that you select for deletion.
A message appears asking if you really want to delete the selected applications.
Click the “CONFIRM” button.
A message appears confirming that your request for deleting the applications has been submitted.
Click “GO TO MY APPLICATIONS”.
The My Applications tab is displayed. The “Release Status” of the applications that you deleted appears as “Deleting” and the “Released At” value will be “Stopped updates”. After two months, the deleted applications will no longer be listed in the “My Applications” tab. They will be moved to the “Archived” tab.
After going through this guide with your demo account, you should be able to see the catalog examples that we have built, how to view the anti-virus and CVE results, and how to consume the artifacts that are in the VMware Application Catalog.
If you need a more customized experience for testing, please reach out to your VMware sales representative. We will work with you to create a POC that includes your target format, base image, and applications of your choice.
