VMware/TP-SM: Difference between revisions
Jump to navigation
Jump to search
(→TP-SM) |
|||
| (30 intermediate revisions by the same user not shown) | |||
| Line 4: | Line 4: | ||
cd ./tanzu-installer | cd ./tanzu-installer | ||
kubectl --context tkgs.dersllc.com apply -f hub-cluster.yaml | kubectl --context tkgs.dersllc.com apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml | ||
kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub | kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub | ||
export CLUSTER_NAME="hub" | |||
export CLUSTER_NS="tmc" | |||
kubectl --context hub apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/tkgs-default-sc.yaml | |||
curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/STAR_dersllc_com.crt > /data/ders-star.crt | |||
kubectl --context tkgs.dersllc.com get KappControllerConfig -n ${CLUSTER_NS} ${CLUSTER_NAME}-kapp-controller-package -o yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml | |||
cat ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml | yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml | |||
#yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml | |||
kubectl --context tkgs.dersllc.com apply -f ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml | |||
####################################### | |||
# Install Tanzu Standard Repo # | |||
####################################### | |||
export PRIVATE_IMAGE_REGISTRY="harbor.dersllc.com" | |||
export TKG_REPO_VERSION="v2024.2.1_tmc.1" | |||
export TMC_PROJECT="tmc-1.2" | |||
tanzu package repository add tanzu-standard \ | |||
--url $PRIVATE_IMAGE_REGISTRY/$TMC_PROJECT/498533941640.dkr.ecr.us-west-2.amazonaws.com/packages/standard/repo:$TKG_REPO_VERSION \ | |||
--namespace tkg-system | |||
tanzu package repository get tanzu-standard --namespace tkg-system | |||
tanzu package available list --namespace tkg-system | |||
tanzu package install cert-manager -p cert-manager.tanzu.vmware.com -v 1.10.2+vmware.1-tkg.1 -n tkg-system | |||
kubectl apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/HomeLab/TMC%20on%20TKGm/tmc-issuer.yaml | |||
#tanzu package installed delete cert-manager -n tkg-system | |||
curl --insecure https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/config.yaml > config.yaml | curl --insecure https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/config.yaml > config.yaml | ||
export TANZU_SM_VERSION=1.0.0-rc.1085-vcd426e7 | export TANZU_SM_VERSION=1.0.0-rc.1085-vcd426e7 | ||
| Line 13: | Line 39: | ||
export DOCKER_REGISTRY=harbor.dersllc.com | export DOCKER_REGISTRY=harbor.dersllc.com | ||
./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes | ./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes | ||
kubectl get svc -n hub contour-envoy | |||
## ADD The "EXTERNAL-IP" to DNS under "hub.dersllc.com" | |||
## ADD The "EXTERNAL-IP" to DNS under "*.hub.dersllc.com" | |||
# Push Collectors | |||
./cli_bundle/linux/amd64/hubsm pushimages -a "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY} -f tp-k8s-collector.tar -s | |||
== TP-SM UNINSTALL == | |||
kubectl --context tkgs.dersllc.com delete -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml | |||
kubectl config delete-context hub | |||
kubectl --context tkgs.dersllc.com apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml | |||
#tanzu package installed -n hub delete hub --yes | |||
#kubectl --context hub delete clusterrolebindings hub-hub-binding | |||
#kubectl --context hub delete clusterrolebindings hub-self-managed-install-binding | |||
#kubectl --context hub delete clusterrole/hub-self-managed-install-role | |||
#kubectl --context hub delete -n hub secret hub-hub-values | |||
#kubectl --context hub delete ns hub | |||
==Troubleshooting== | ==Troubleshooting== | ||
== | ==COULD NOT PROCEED: ERROR FETCHING PACKAGEINSTALL: UNAUTHORIZED== | ||
====CMD==== | ====CMD==== | ||
./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes | ./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes | ||
| Line 27: | Line 71: | ||
====SOLUTION==== | ====SOLUTION==== | ||
kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub | kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub | ||
==TLS FAILED TO VERIFY CERT== | |||
====CMD==== | |||
./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes | |||
====ERROR==== | |||
Checking Hub Self Managed version 1.0.0-rc.1085-vcd426e7 in repository harbor.dersllc.com/hub-self-managed/1.0.0-rc.1085-vcd426e7/repo | |||
[x] Could not determine if step needed: failed to fetch tags from repository with error Get "https://harbor.dersllc.com/v2/hub-self-managed/1.0.0-rc.1085-vcd426e7/repo/tags/list": tls: failed to verify certificate: x509: certificate signed by unknown authority step="Installing Image" | |||
====SOLUTION==== | |||
sudo apt-get install -y ca-certificates | |||
sudo curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/AddTrustExternalCARoot.crt > /usr/local/share/ca-certificates/ders-star-ca.crt | |||
sudo curl --insecure https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/HomeLab/DERS-CA-CERT/ders-ca.cer > /usr/local/share/ca-certificates/ders-ssca.crt | |||
sudo update-ca-certificates | |||
==PKGR x509 ERROR== | |||
====CMD==== | |||
kubectl describe pkgr -n hub tanzu.vmware.com | |||
====ERROR==== | |||
Unable to create round tripper: | |||
Get "https://harbor.dersllc.com/v2/": tls: failed to verify certificate: x509: certificate signed by unknown authority | |||
====SOLUTION==== | |||
export CLUSTER_NAME="hub" | |||
export CLUSTER_NS="tmc" | |||
mkdir -p /data | |||
curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/STAR_dersllc_com.crt > /data/ders-star.crt | |||
kubectl --context tkgs.dersllc.com get KappControllerConfig -n ${CLUSTER_NS} ${CLUSTER_NAME}-kapp-controller-package -o yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml | |||
cat ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml | yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml | |||
#yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml | |||
kubectl --context tkgs.dersllc.com apply -f ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml | |||
tanzu package repository kick --namespace hub -r tanzu.vmware.com | |||
==PVC's Pending== | |||
====CMD==== | |||
kubectl get pvc -n hub | |||
====ERROR==== | |||
hub data-clickhouse-shard0-0 Pending 12m │ | |||
hub data-clickhouse-shard1-0 Pending 12m │ | |||
hub data-clickhouse-shard2-0 Pending 12m │ | |||
hub data-opensearch-data-0 Pending 2m43s │ | |||
hub data-opensearch-data-1 Pending 2m43s │ | |||
hub data-opensearch-master-0 Pending 2m43s │ | |||
hub data-opensearch-master-1 Pending 2m43s │ | |||
hub data-postgresql-0 Pending 2m45s │ | |||
hub prometheus-server Pending 12m │ | |||
hub redis-data-redis-master-0 Pending 12m │ | |||
hub redis-data-redis-replicas-0 Pending 12m | |||
====SOLUTION==== | |||
kubectl --context hub apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/tkgs-default-sc.yaml | |||
Latest revision as of 18:54, 21 August 2024
TP-SM
cd /nfs/Download/ tar -xzvf hub-self-managed-1.0.0-rc.1085-vcd426e7.tar.gz -C ./tanzu-installer cd ./tanzu-installer kubectl --context tkgs.dersllc.com apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml
kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub
export CLUSTER_NAME="hub" export CLUSTER_NS="tmc" kubectl --context hub apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/tkgs-default-sc.yaml curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/STAR_dersllc_com.crt > /data/ders-star.crt kubectl --context tkgs.dersllc.com get KappControllerConfig -n ${CLUSTER_NS} ${CLUSTER_NAME}-kapp-controller-package -o yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml cat ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml | yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml #yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml kubectl --context tkgs.dersllc.com apply -f ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml ####################################### # Install Tanzu Standard Repo # ####################################### export PRIVATE_IMAGE_REGISTRY="harbor.dersllc.com" export TKG_REPO_VERSION="v2024.2.1_tmc.1" export TMC_PROJECT="tmc-1.2" tanzu package repository add tanzu-standard \ --url $PRIVATE_IMAGE_REGISTRY/$TMC_PROJECT/498533941640.dkr.ecr.us-west-2.amazonaws.com/packages/standard/repo:$TKG_REPO_VERSION \ --namespace tkg-system tanzu package repository get tanzu-standard --namespace tkg-system tanzu package available list --namespace tkg-system tanzu package install cert-manager -p cert-manager.tanzu.vmware.com -v 1.10.2+vmware.1-tkg.1 -n tkg-system kubectl apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/HomeLab/TMC%20on%20TKGm/tmc-issuer.yaml #tanzu package installed delete cert-manager -n tkg-system curl --insecure https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/config.yaml > config.yaml export TANZU_SM_VERSION=1.0.0-rc.1085-vcd426e7 export ARTIFACTORY_USER=admin export ARTIFACTORY_API_TOKEN=DERS4me! export DOCKER_REGISTRY=harbor.dersllc.com ./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes
kubectl get svc -n hub contour-envoy ## ADD The "EXTERNAL-IP" to DNS under "hub.dersllc.com" ## ADD The "EXTERNAL-IP" to DNS under "*.hub.dersllc.com"
# Push Collectors
./cli_bundle/linux/amd64/hubsm pushimages -a "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY} -f tp-k8s-collector.tar -s
TP-SM UNINSTALL
kubectl --context tkgs.dersllc.com delete -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml kubectl config delete-context hub kubectl --context tkgs.dersllc.com apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml
#tanzu package installed -n hub delete hub --yes #kubectl --context hub delete clusterrolebindings hub-hub-binding #kubectl --context hub delete clusterrolebindings hub-self-managed-install-binding #kubectl --context hub delete clusterrole/hub-self-managed-install-role #kubectl --context hub delete -n hub secret hub-hub-values #kubectl --context hub delete ns hub
Troubleshooting
COULD NOT PROCEED: ERROR FETCHING PACKAGEINSTALL: UNAUTHORIZED
CMD
./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes
ERROR
kubectl is already installed. [x] Could not proceed: error fetching PackageInstall: Unauthorized
SOLUTION
kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub
TLS FAILED TO VERIFY CERT
CMD
./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes
ERROR
Checking Hub Self Managed version 1.0.0-rc.1085-vcd426e7 in repository harbor.dersllc.com/hub-self-managed/1.0.0-rc.1085-vcd426e7/repo [x] Could not determine if step needed: failed to fetch tags from repository with error Get "https://harbor.dersllc.com/v2/hub-self-managed/1.0.0-rc.1085-vcd426e7/repo/tags/list": tls: failed to verify certificate: x509: certificate signed by unknown authority step="Installing Image"
SOLUTION
sudo apt-get install -y ca-certificates sudo curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/AddTrustExternalCARoot.crt > /usr/local/share/ca-certificates/ders-star-ca.crt sudo curl --insecure https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/HomeLab/DERS-CA-CERT/ders-ca.cer > /usr/local/share/ca-certificates/ders-ssca.crt sudo update-ca-certificates
PKGR x509 ERROR
CMD
kubectl describe pkgr -n hub tanzu.vmware.com
ERROR
Unable to create round tripper: Get "https://harbor.dersllc.com/v2/": tls: failed to verify certificate: x509: certificate signed by unknown authority
SOLUTION
export CLUSTER_NAME="hub" export CLUSTER_NS="tmc" mkdir -p /data curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/STAR_dersllc_com.crt > /data/ders-star.crt kubectl --context tkgs.dersllc.com get KappControllerConfig -n ${CLUSTER_NS} ${CLUSTER_NAME}-kapp-controller-package -o yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml cat ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml | yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml #yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml kubectl --context tkgs.dersllc.com apply -f ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml tanzu package repository kick --namespace hub -r tanzu.vmware.com
PVC's Pending
CMD
kubectl get pvc -n hub
ERROR
hub data-clickhouse-shard0-0 Pending 12m │ hub data-clickhouse-shard1-0 Pending 12m │ hub data-clickhouse-shard2-0 Pending 12m │ hub data-opensearch-data-0 Pending 2m43s │ hub data-opensearch-data-1 Pending 2m43s │ hub data-opensearch-master-0 Pending 2m43s │ hub data-opensearch-master-1 Pending 2m43s │ hub data-postgresql-0 Pending 2m45s │ hub prometheus-server Pending 12m │ hub redis-data-redis-master-0 Pending 12m │ hub redis-data-redis-replicas-0 Pending 12m
SOLUTION
kubectl --context hub apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/tkgs-default-sc.yaml