Very simple web application with the least amount of dependencies.
- docker CLI
- pack CLI
- kp CLI
- Target Kubernetes cluster 1.18 or better with
- a container image registry (e.g., Harbor) installed
- may or may not be on same cluster as Tanzu Build Service
- Tanzu Build Service installed and appropriately integrated with container image registry
- a container image registry (e.g., Harbor) installed
- ~/.kube/config
- Target context set to the cluster where Tanzu Build Service is installed
- Target Kubernetes cluster 1.18 or better with
- kubectl
- tanzu CLI (beta 3)
- Assumes you have access to a cluster with Tanzu Application Platform installed
- cluster no.2 with kpack-controller installed
- cluster no.2 with cert-manager and external-dns installed
- a registry-credentials secret installed in the namespace(s) where application will be deployed
git clone https://github.com/pacphi/AltPackageRepository
You can switch between two branches:
- main
git checkout main
- Builds application sourcing packages from publicly hosted Nuget repositories
- jfrog-saas-artifactory
git checkout jfrog-saas-artifactory
- Builds application sourcing packages from private Artifactory repository
- You may need to talk to your friendly enterprise operator to help you get this set up
- JFrog makes this fairly straight-forward to setup a cloud-hosted instance yourself
First time use of pack, you'll need to run
pack config default-builder paketobuildpacks/builder:base
If you're on main branch then
pack build dotnet-core-sample-nuget --path . --wait
If you're on jfrog-saas-artifactory branch then
pack build dotnet-core-sample-nuget --path . --env USERNAME="{artifactory-username}" --env PASSWORD="{artifactory-password}" --env ARTIFACTORY_DOMAIN="{artifactory-domain}" --env REPOSITORY_KEY="{artifactory-repository-key}" --wait
Replace all occurrences of
{artifactory}-*
placeholders with appropriate values
If you want to build from the main branch then
kp image save dotnet-core-sample-nuget --git https://github.com/pacphi/AltPackageRepository --tag {container-image-registry-domain}/{repository-prefix}/dotnet-core-sample --wait
Replace
{}
placeholders with appropriate values
If you want to build from the jfrog-saas-artifactory branch then
kp image save dotnet-core-sample-nuget --git https://github.com/pacphi/AltPackageRepository --git-revision jfrog-saas-artifactory --tag {container-image-registry-domain}/{repository-prefix}/dotnet-core-sample --env USERNAME="{artifactory-username}" --env PASSWORD="{artifactory-password}" --env ARTIFACTORY_DOMAIN="{artifactory-domain}" --env REPOSITORY_KEY="{artifactory-repository-key}" --wait
Replace all occurrences of
{artifactory}-*
placeholders with appropriate values
For example
kp image save dotnet-core-sample-nuget --git https://github.com/pacphi/AltPackageRepository --git-revision jfrog-saas-artifactory --tag harbor.klu.zoolabs.me/platform/apps/dotnet-core-sample --env USERNAME="<redacted>" --env PASSWORD="<redacted>" --env ARTIFACTORY_DOMAIN="zoolabs.jfrog.io" --env REPOSITORY_KEY="public-nuget" --wait
If you previously built with pack
docker run --rm -d -p 8080:8080 dotnet-sample-nuget
Visit http://localhost:8080
To stop
docker ps
docker stop {pid}
Create a namespace
kubectl create namespace staging
Create deployment manifest
cat > dotnet-core-sample-deployment.yml <<EOF
apiVersion: v1
kind: Secret
type: kubernetes.io/dockerconfigjson
metadata:
name: registry-credentials
data:
.dockerconfigjson: eyJhdXRocyI6eyJoYXJib3Iua2x1Lnpvb2xhYnMubWUiOnsidXNlcm5hbWUiOiJhZG1pbiIsInBhc3N3b3JkIjoiamFja0JlUXVpY2skNTAifX19
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: dotnet-core-sample
name: dotnet-core-sample
spec:
replicas: 1
selector:
matchLabels:
app: dotnet-core-sample
template:
metadata:
labels:
app: dotnet-core-sample
spec:
imagePullSecrets:
- name: registry-credentials
containers:
- image: harbor.klu.zoolabs.me/platform/apps/dotnet-sample@sha256:4e2783a175a037f055165321d425cbcc1a84599e27ce0b4ba0749db05c141df7
name: dotnet-core-sample
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: dotnet-core-sample
spec:
ports:
- port: 8080
targetPort: 8080
selector:
app: "dotnet-core-sample"
EOF
You will need to replace
harbor.klu.zoolabs.me
, the encrypted value next to.dockerconfigjson:
, and the image tagdotnet-sample@sha256:4e2783a175a037f055165321d425cbcc1a84599e27ce0b4ba0749db05c141df7
with whatever the output ofkp image save
was.
Deploy it!
kubectl apply -f dotnet-core-sample-deployment.yml -n staging
Note the
staging
namespace must already exist
Port forward
kubectl port-forward $(kubectl get po -l app=dotnet-core-sample -n staging | tail -n -1 | grep -o '^\S*') 8080:8080 -n staging
Again note the
staging
namespace must already exist
Visit http://localhost:8080
in a web browser
Destroy it!
kubectl delete -f dotnet-core-sample-deployment.yml -n staging
Setup ServiceAccount
, Role
and RoleBinding
. (Assumes staging
namespace already exists in target cluster).
cat > staging-ns-sa.yml <<EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: staging-ns-sa
namespace: staging
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: staging-ns-role
namespace: staging
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["*"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: staging-ns-role-binding
namespace: staging
subjects:
- kind: ServiceAccount
name: staging-ns-sa
namespace: staging
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: staging-ns-role
EOF
Apply
kubectl apply -f staging-ns-sa.yml
Then, apply this CR when you want to pull and deploy the latest image available updates from the container registry with no intermediary step
cat > dotnet-core-sample-cd-via-imagepull.yml <<EOF
apiVersion: kappctrl.k14s.io/v1alpha1
kind: App
metadata:
name: dotnet-core-sample
namespace: staging
spec:
serviceAccountName: staging-ns-sa
fetch:
- image
url: harbor.klu.zoolabs.me/platform/apps/dotnet-sample@sha256:4e2783a175a037f055165321d425cbcc1a84599e27ce0b4ba0749db05c141df7
secretRef:
name: registry-credentials
template:
- ytt: {}
deploy:
- kapp: {}
EOF
You will need to replace
harbor.klu.zoolabs.me
, the encrypted value next to.dockerconfigjson:
, and the image tagdotnet-sample@sha256:4e2783a175a037f055165321d425cbcc1a84599e27ce0b4ba0749db05c141df7
with whatever the output ofkp image save
was
Accessing the deployed application is left as an exercise for the consumer. You could kubectl port-forward
or if the cluster had cert-manager, an ingress controller (like contour or traefik) and external-dns installed and configured appropriately you may establish a public route to your application.
A one-liner that combines build with deploy using an in-built (and operator-configurable) supply chain. Think of it as choreographed, opinionated, yet open for extension "path to production".
tanzu apps workload create dotnet-core-sample --git-repo https://github.com/pacphi/AltPackageRepository --git-branch main --type web --wait --tail