VMware/TP-SM

From DER's LLC
Revision as of 18:50, 15 August 2024 by Ders (talk | contribs) (→‎TP-SM)
Jump to navigation Jump to search

TP-SM

cd /nfs/Download/
tar -xzvf hub-self-managed-1.0.0-rc.1085-vcd426e7.tar.gz -C ./tanzu-installer
cd ./tanzu-installer

kubectl --context tkgs.dersllc.com apply -f hub-cluster.yaml
kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub

curl --insecure https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/TP-SM/config.yaml > config.yaml
export TANZU_SM_VERSION=1.0.0-rc.1085-vcd426e7
export ARTIFACTORY_USER=admin
export ARTIFACTORY_API_TOKEN=DERS4me!
export DOCKER_REGISTRY=harbor.dersllc.com
./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes

kubectl get svc -n hub contour-envoy
## ADD The "EXTERNAL-IP" to DNS under "hub.dersllc.com"
## ADD The "EXTERNAL-IP" to DNS under "*.hub.dersllc.com"


Troubleshooting

COULD NOT PROCEED: ERROR FETCHING PACKAGEINSTALL: UNAUTHORIZED

CMD

./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes

ERROR

kubectl is already installed.
[x] Could not proceed: error fetching PackageInstall: Unauthorized

SOLUTION

kubectl-vsphere login --insecure-skip-tls-verify -u admin --server tkgs.dersllc.com --tanzu-kubernetes-cluster-namespace tmc --tanzu-kubernetes-cluster-name hub

TLS FAILED TO VERIFY CERT

CMD

./cli_bundle/linux/amd64/hubsm install -f config.yaml -u "${ARTIFACTORY_USER}:${ARTIFACTORY_API_TOKEN}" -r ${DOCKER_REGISTRY}/hub-self-managed/${TANZU_SM_VERSION}/repo --install-version ${TANZU_SM_VERSION} -i hub-${TANZU_SM_VERSION}.tar --yes

ERROR

Checking Hub Self Managed version 1.0.0-rc.1085-vcd426e7 in repository harbor.dersllc.com/hub-self-managed/1.0.0-rc.1085-vcd426e7/repo
[x] Could not determine if step needed: failed to fetch tags from repository with error Get "https://harbor.dersllc.com/v2/hub-self-managed/1.0.0-rc.1085-vcd426e7/repo/tags/list": tls: failed to verify certificate: x509: certificate signed by unknown authority step="Installing Image"

SOLUTION

sudo apt-get install -y ca-certificates
sudo curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/AddTrustExternalCARoot.crt > /usr/local/share/ca-certificates/ders-star-ca.crt
sudo curl --insecure https://ders-gitlab.dersllc.com/ders/vmware-se/-/raw/main/HomeLab/DERS-CA-CERT/ders-ca.cer > /usr/local/share/ca-certificates/ders-ssca.crt
sudo update-ca-certificates

PKGR x509 ERROR

CMD

kubectl describe pkgr -n hub tanzu.vmware.com

ERROR

Unable to create round tripper:
Get "https://harbor.dersllc.com/v2/": tls: failed to verify certificate: x509: certificate signed by unknown authority

SOLUTION

export CLUSTER_NAME="hub"
export CLUSTER_NS="tmc"
mkdir -p /data
curl --insecure https://ders-gitlab.dersllc.com/ders/ders-proxy/-/raw/master/STAR_dersllc_com.crt > /data/ders-star.crt
kubectl --context tkgs.dersllc.com get KappControllerConfig -n ${CLUSTER_NS} ${CLUSTER_NAME}-kapp-controller-package -o yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml
yq eval '.spec.kappController.config.caCerts = "'"$(< /data/ders-star.crt)"'"' ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package.yaml > ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml
kubectl --context tkgs.dersllc.com apply -f ${CLUSTER_NS}-${CLUSTER_NAME}-kapp-controller-package-fixed.yaml

tanzu package repository kick --namespace hub -r tanzu.vmware.com
Retrieved from "http://wiki.dersllc.com/index.php?title=VMware/TP-SM&oldid=214"