forked from pivotal-cf/docs-tas-kubernetes
-
Notifications
You must be signed in to change notification settings - Fork 0
/
configuring-installation-values.html.md.erb
110 lines (77 loc) · 4.46 KB
/
configuring-installation-values.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
---
title: Configuring Installation Values for Tanzu Application Service for Kubernetes
owner: Tanzu Application Service Release Engineering
---
This topic describes how to configure installation resources before deploying
Tanzu Application Service for Kubernetes (TAS for Kubernetes) to a Kubernetes cluster.
## <a id='prerequisites'></a> Prerequisites
Before proceeding, complete the following sections in [Preparing to Install TAS for Kubernetes]
(preparing-to-install-tas-for-kubernetes.html):
* [Prepare Your Installation Resources](#preparing-installation-resources)
* [Ensure Your Container Registry is Accessible](#app-container-registry)
* [Select a System Domain Name](#system-domain)
* [Ensure Command-Line Tools Are Installed](#command-line-tools)
## <a id='overview'></a> Overview
To configure installation values for TAS for Kubernetes,
generate credentials and certificates for the installation scripts,
configure an image registry, and
optionally configure a LoadBalancer service.
This topic includes the following procedures:
* [Generate Internal Configuration Values](#generate-configuration-values)
* [Use a LoadBalancer Service for the Ingress Gateway](#adjust-installation-resources-networking)
For more information about configuring image registries, see
[Configuring Image Registries](configuring-image-registries.html)
## <a id='generate-configuration-values'></a> Generate Internal Configuration Values
TAS for Kubernetes requires internal configuration values, credentials and
certificates to coordinate its components. Additionally, it requires a
certificate to terminate TLS at the ingress gateway.
These configuration values, credentials and certificates must be supplied to the
TAS for Kubernetes installation script.
To generate the internal values, credentials and certificates needed during TAS for Kubernetes installation,
use a helper script in the installation resources:
1. Create a directory named `configuration-values` in the same directory as the
`tanzu-application-service` directory.
You will use this directory to store configuration values for this installation.
1. Change directory to the new `tanzu-application-service` directory.
1. To run the value-generation script and store its output in the `configuration-values` directory:
```bash
./bin/generate-values.sh -d "SYSTEM-DOMAIN" > ../configuration-values/deployment-values.yml
```
Where `SYSTEM-DOMAIN` is the system domain you previously selected for your
TAS for Kubernetes installation.
<p class="note"><strong>Note:</strong>
The TLS certificate generated by the value-generation script
to terminate TLS traffic at the system ingress gateway is self-signed.
</p>
## <a id='adjust-installation-resources-networking'></a> (Optional) Use a LoadBalancer Service for the Ingress Gateway
If your Kubernetes cluster supports Kubernetes Services of type LoadBalancer,
you may configure the TAS for Kubernetes deployment to
provision a load balancer for the Istio ingress gateway
using a service of type LoadBalancer.
This option is recommended when deploying TAS for Kubernetes to
VMware Enterprise PKS on AWS, Azure, or GCP, or on vSphere with NSX-T container networking.
This option is also recommended when deploying TAS for Kubernetes to
Tanzu Kubernetes Grid on AWS.
<p class="note warning"><strong>Warning:</strong>
This option is not compatible with Tanzu Kubernetes Grid on vSphere or
VMware Enterprise PKS on vSphere with Flannel container networking.
</p>
To enable using a LoadBalancer service for the Istio ingress gateway:
1. Change directory to the `configuration-values` directory you created earlier.
1. Create a file named `load-balancer-values.yml` in the `configuration-values` directory.
1. Populate the `configuration-values` file with the following content:
```yaml
#@data/values
---
enable_load_balancer: True
```
For more information, see [Kubernetes Services]
(https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types)
in the Kubernetes documentation.
<!--
## <a id='configure-app-registry-values'></a> Next: Configure an Image Registry
TAS for Kubernetes pulls system component images from the Tanzu Network image registry,
builds app images for buildpack-based applications, and stores the app images in a user-provided image registry.
To configure the TAS for Kubernetes system and application registries,
see [Configuring Image Registries](configuring-image-registries.html).
-->