The TKG Extension deploys Contour on the target Tanzu Kubernetes cluster.

Contour provides ingress control for Kubernetes workloads.

Prerequisites

Download the TKG Extensions v1.3.0 Bundle

Install the TKG Extensions v1.3.0 Prerequisites

Procedure

  1. Change directory to where you have downloaded the Contour extension files.
    cd /tkg-extensions/extensions/ingress/contour
    Note: All subsequent file paths listed in this topic are relative to this path.
  2. Create the Contour namespace and role objects.
    kubectl apply -f namespace-role.yaml
    Expected results:
    The namespace and several role-based access control objects are created for use with Contour.
    namespace/tanzu-system-ingress created
    serviceaccount/contour-extension-sa created
    role.rbac.authorization.k8s.io/contour-extension-role created
    rolebinding.rbac.authorization.k8s.io/contour-extension-rolebinding created
    clusterrole.rbac.authorization.k8s.io/contour-extension-cluster-role created
    clusterrolebinding.rbac.authorization.k8s.io/contour-extension-cluster-rolebinding created
  3. Create a Contour data values file for vSphere.
    The example data values file provides the minimum required configuration.
    cp vsphere/contour-data-values-lb.yaml.example vsphere/contour-data-values.yaml
  4. Configure the Contour extension by updating vsphere/contour-data-values.yaml. See Configure the Contour Extension for a description of the configuration fields and options.
    Here is an example configuration for the Contour extension for vSphere that uses LoadBalancer.
    infrastructure_provider: "vsphere"
    contour:
      image:
        repository: projects-stg.registry.vmware.com/tkg
    envoy:
      image:
        repository: projects-stg.registry.vmware.com/tkg
      service:
        type: "LoadBalancer"
    Note: The repository points to the public container registry for the Contour extension. For air-gapped installations, change this to point to your private registry.
  5. Create a secret with data values.
    kubectl create secret generic contour-data-values --from-file=values.yaml=vsphere/contour-data-values.yaml -n tanzu-system-ingress
    
    Expected results: The secret contour-data-values is created in the tanzu-system-ingress namespace. You can verify this using the following command: kubectl get secrets -n tanzu-system-ingress.
  6. Deploy the Contour extension.
    kubectl apply -f contour-extension.yaml
    Expected result:
    extension.clusters.tmc.cloud.vmware.com/contour created
  7. Check the status of the Contour extension.
    kubectl get extension contour -n tanzu-system-ingress
  8. Check the status of the Contour app.
    kubectl get app contour -n tanzu-system-ingress
    Expected results: Once the Contour app is deployed successfully, the status should change from Reconciling to Reconcile Succeeded.
    NAME      DESCRIPTION   SINCE-DEPLOY   AGE
    contour   Reconciling   56s            57s
    NAME      DESCRIPTION           SINCE-DEPLOY   AGE
    contour   Reconcile succeeded   3s             99s
  9. View detailed status and troubleshoot as necessary.
    kubectl get app contour -n tanzu-system-ingress -o yaml