VMware/TP-SM: Difference between revisions
Jump to navigation
Jump to search
(→TP-SM) |
|||
| (13 intermediate revisions by the same user not shown) | |||
| Line 5: | Line 5: | ||
kubectl --context tkgs.dersllc.com apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml | kubectl --context tkgs.dersllc.com apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml | ||
kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub | kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub | ||
export CLUSTER_NAME="hub" | |||
export CLUSTER_NS="tmc" | |||
kubectl --context hub apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/tkgs-default-sc.yaml | kubectl --context hub apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/tkgs-default-sc.yaml | ||
curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/STAR_dersllc_com.crt > /data/ders-star.crt | curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/STAR_dersllc_com.crt > /data/ders-star.crt | ||
| Line 13: | Line 16: | ||
#yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml | #yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml | ||
kubectl --context tkgs.dersllc.com apply -f ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml | kubectl --context tkgs.dersllc.com apply -f ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml | ||
####################################### | |||
# Install Tanzu Standard Repo # | |||
####################################### | |||
export PRIVATE_IMAGE_REGISTRY="harbor.dersllc.com" | |||
export TKG_REPO_VERSION="v2024.2.1_tmc.1" | |||
export TMC_PROJECT="tmc-1.2" | |||
tanzu package repository add tanzu-standard \ | |||
--url $PRIVATE_IMAGE_REGISTRY/$TMC_PROJECT/498533941640.dkr.ecr.us-west-2.amazonaws.com/packages/standard/repo:$TKG_REPO_VERSION \ | |||
--namespace tkg-system | |||
tanzu package repository get tanzu-standard --namespace tkg-system | |||
tanzu package available list --namespace tkg-system | |||
tanzu package install cert-manager -p cert-manager.tanzu.vmware.com -v 1.10.2+vmware.1-tkg.1 -n tkg-system | |||
kubectl apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/HomeLab/TMC%20on%20TKGm/tmc-issuer.yaml | |||
#tanzu package installed delete cert-manager -n tkg-system | |||
curl --insecure https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/config.yaml > config.yaml | curl --insecure https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/config.yaml > config.yaml | ||
| Line 24: | Line 43: | ||
## ADD The "EXTERNAL-IP" to DNS under "hub.dersllc.com" | ## ADD The "EXTERNAL-IP" to DNS under "hub.dersllc.com" | ||
## ADD The "EXTERNAL-IP" to DNS under "*.hub.dersllc.com" | ## ADD The "EXTERNAL-IP" to DNS under "*.hub.dersllc.com" | ||
# Push Collectors | |||
./cli_bundle/linux/amd64/hubsm pushimages -a "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY} -f tp-k8s-collector.tar -s | |||
== TP-SM UNINSTALL == | == TP-SM UNINSTALL == | ||
kubectl --context tkgs.dersllc.com delete -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml | |||
kubectl --context hub delete | kubectl config delete-context hub | ||
kubectl --context hub delete clusterrolebindings hub-hub-binding | kubectl --context tkgs.dersllc.com apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml | ||
kubectl --context hub delete clusterrolebindings hub-self-managed-install-binding | |||
kubectl --context hub delete clusterrole/hub-self-managed-install-role | #tanzu package installed -n hub delete hub --yes | ||
kubectl --context hub delete -n hub secret hub-hub-values | #kubectl --context hub delete clusterrolebindings hub-hub-binding | ||
kubectl --context hub delete ns hub | #kubectl --context hub delete clusterrolebindings hub-self-managed-install-binding | ||
#kubectl --context hub delete clusterrole/hub-self-managed-install-role | |||
#kubectl --context hub delete -n hub secret hub-hub-values | |||
#kubectl --context hub delete ns hub | |||
==Troubleshooting== | ==Troubleshooting== | ||
Latest revision as of 18:54, 21 August 2024
TP-SM
cd /nfs/Download/ tar -xzvf hub-self-managed-1.0.0-rc.1085-vcd426e7.tar.gz -C ./tanzu-installer cd ./tanzu-installer kubectl --context tkgs.dersllc.com apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml
kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub
export CLUSTER_NAME="hub" export CLUSTER_NS="tmc" kubectl --context hub apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/tkgs-default-sc.yaml curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/STAR_dersllc_com.crt > /data/ders-star.crt kubectl --context tkgs.dersllc.com get KappControllerConfig -n ${CLUSTER_NS} ${CLUSTER_NAME}-kapp-controller-package -o yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml cat ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml | yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml #yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml kubectl --context tkgs.dersllc.com apply -f ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml ####################################### # Install Tanzu Standard Repo # ####################################### export PRIVATE_IMAGE_REGISTRY="harbor.dersllc.com" export TKG_REPO_VERSION="v2024.2.1_tmc.1" export TMC_PROJECT="tmc-1.2" tanzu package repository add tanzu-standard \ --url $PRIVATE_IMAGE_REGISTRY/$TMC_PROJECT/498533941640.dkr.ecr.us-west-2.amazonaws.com/packages/standard/repo:$TKG_REPO_VERSION \ --namespace tkg-system tanzu package repository get tanzu-standard --namespace tkg-system tanzu package available list --namespace tkg-system tanzu package install cert-manager -p cert-manager.tanzu.vmware.com -v 1.10.2+vmware.1-tkg.1 -n tkg-system kubectl apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/HomeLab/TMC%20on%20TKGm/tmc-issuer.yaml #tanzu package installed delete cert-manager -n tkg-system curl --insecure https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/config.yaml > config.yaml export TANZU_SM_VERSION=1.0.0-rc.1085-vcd426e7 export ARTIFACTORY_USER=admin export ARTIFACTORY_API_TOKEN=DERS4me! export DOCKER_REGISTRY=harbor.dersllc.com ./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes
kubectl get svc -n hub contour-envoy ## ADD The "EXTERNAL-IP" to DNS under "hub.dersllc.com" ## ADD The "EXTERNAL-IP" to DNS under "*.hub.dersllc.com"
# Push Collectors
./cli_bundle/linux/amd64/hubsm pushimages -a "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY} -f tp-k8s-collector.tar -s
TP-SM UNINSTALL
kubectl --context tkgs.dersllc.com delete -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml kubectl config delete-context hub kubectl --context tkgs.dersllc.com apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/hub-cluster.yaml
#tanzu package installed -n hub delete hub --yes #kubectl --context hub delete clusterrolebindings hub-hub-binding #kubectl --context hub delete clusterrolebindings hub-self-managed-install-binding #kubectl --context hub delete clusterrole/hub-self-managed-install-role #kubectl --context hub delete -n hub secret hub-hub-values #kubectl --context hub delete ns hub
Troubleshooting
COULD NOT PROCEED: ERROR FETCHING PACKAGEINSTALL: UNAUTHORIZED
CMD
./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes
ERROR
kubectl is already installed. [x] Could not proceed: error fetching PackageInstall: Unauthorized
SOLUTION
kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub
TLS FAILED TO VERIFY CERT
CMD
./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes
ERROR
Checking Hub Self Managed version 1.0.0-rc.1085-vcd426e7 in repository harbor.dersllc.com/hub-self-managed/1.0.0-rc.1085-vcd426e7/repo [x] Could not determine if step needed: failed to fetch tags from repository with error Get "https://harbor.dersllc.com/v2/hub-self-managed/1.0.0-rc.1085-vcd426e7/repo/tags/list": tls: failed to verify certificate: x509: certificate signed by unknown authority step="Installing Image"
SOLUTION
sudo apt-get install -y ca-certificates sudo curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/AddTrustExternalCARoot.crt > /usr/local/share/ca-certificates/ders-star-ca.crt sudo curl --insecure https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/HomeLab/DERS-CA-CERT/ders-ca.cer > /usr/local/share/ca-certificates/ders-ssca.crt sudo update-ca-certificates
PKGR x509 ERROR
CMD
kubectl describe pkgr -n hub tanzu.vmware.com
ERROR
Unable to create round tripper: Get "https://harbor.dersllc.com/v2/": tls: failed to verify certificate: x509: certificate signed by unknown authority
SOLUTION
export CLUSTER_NAME="hub" export CLUSTER_NS="tmc" mkdir -p /data curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/STAR_dersllc_com.crt > /data/ders-star.crt kubectl --context tkgs.dersllc.com get KappControllerConfig -n ${CLUSTER_NS} ${CLUSTER_NAME}-kapp-controller-package -o yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml cat ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml | yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml #yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml kubectl --context tkgs.dersllc.com apply -f ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml tanzu package repository kick --namespace hub -r tanzu.vmware.com
PVC's Pending
CMD
kubectl get pvc -n hub
ERROR
hub data-clickhouse-shard0-0 Pending 12m │ hub data-clickhouse-shard1-0 Pending 12m │ hub data-clickhouse-shard2-0 Pending 12m │ hub data-opensearch-data-0 Pending 2m43s │ hub data-opensearch-data-1 Pending 2m43s │ hub data-opensearch-master-0 Pending 2m43s │ hub data-opensearch-master-1 Pending 2m43s │ hub data-postgresql-0 Pending 2m45s │ hub prometheus-server Pending 12m │ hub redis-data-redis-master-0 Pending 12m │ hub redis-data-redis-replicas-0 Pending 12m
SOLUTION
kubectl --context hub apply -f https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/tkgs-default-sc.yaml