Installing Cloud Foundry for Kubernetes

After taking the TAS for Kubernetes route lately I wanted to try out the underlying project in v0.4.0, as this incorporates the Paketo Buildpacks.

Preparation steps are the same as for the TAS installation, but the project includes some great documentation for installing it on a local cluster, may it be a kind or minikube one.

Assuming you have your kind cluster installed, kapp, kbld, ytt and bosh installed, changes start to kick in when preparing for the configuration. This time I wanted to use my GCP account instead of dockerhub to host the images. v0.4.0 will also include a metrics server configuration, and as such we don’t need to install it separately.

Generate configuration values

The scripts to generate the required config values are located in hack rather than bin as they are for the TAS installation, but other than that they serve the same purpose.

Generate those values and include the service account json for GCP

$ TMP_DIR=../configuration-values ; mkdir -p ${TMP_DIR}
$ ./hack/generate-values.sh -d 127.0.0.1.nip.io -g gcp_service_account.json > ${TMP_DIR}/cf-values.yml

This will generate the configuration and append the service account1 at the end

app_registry:
  hostname: gcr.io
  repository: gcr.io/someone/cf-workloads
  username: _json_key
  password: |
    {
      "type": "service_account",
      "project_id": "someone",
      "private_key_id": "",
      "private_key": "-----BEGIN PRIVATE KEY----------END PRIVATE KEY-----\n",
      "client_email": "[email protected]",
      "client_id": "1234567890",
      "auth_uri": "https://accounts.google.com/o/oauth2/auth",
      "token_uri": "https://accounts.google.com/o/oauth2/token",
      "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
      "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/1234567890-compute%40developer.gserviceaccount.com"
    }

The following command - while being long and hard to read - will generate the final yaml for k8s to install the required resources. It includes several overlay files which we copied over in my other article and will patch resources to run on our installed kind cluster.

$ ytt -f config -f config-optional/remove-resource-requirements.yml -f config-optional/remove-ingressgateway-service.yml -f config-optional/add-metrics-server-components.yml -f config-optional/patch-metrics-server.yml -f ${TMP_DIR}/cf-values.yml > ${TMP_DIR}/cf-for-k8s-rendered.yml

After a successful generation of the configuration, you may start the deployment

$ kapp deploy -a cf -f ${TMP_DIR}/cf-for-k8s-rendered.yml -y

Testing things out

Installation’s done, so we want to login and test things out.

Use the cf cli to point to the api endpoint:

$ cf api api.127.0.0.1.nip.io --skip-ssl-validation
Setting api endpoint to api.127.0.0.1.nip.io...
OK

api endpoint:   https://api.127.0.0.1.nip.io
api version:    2.148.0

That’s it! You can now deploy apps like you’re used to, and with the new paketo buildpacks enabled, you don’t need the diego_docker feature flag anymore. Plus, you can now run Java, Node.js, Golang, .NET Core, PHP, and NGINX Paketo Buildpacks with Ruby and Python to follow.

~/cf-sample-app-nodejs (master •) $ cf push
Pushing from manifest to org test-org / space test-space as admin...
Using manifest file /Users/mbeck/Projects/pivotal/demos/cf-sample-app-nodejs/manifest.yml
Getting app info...
Creating app with these attributes...
+ name:        cf-nodejs
  path:        /Users/mbeck/Projects/pivotal/demos/cf-sample-app-nodejs
+ instances:   1
+ memory:      512M
  routes:
+   cf-nodejs-fluent-squirrel-jg.apps.127.0.0.1.nip.io

Creating app cf-nodejs...
Mapping routes...
Comparing local files to remote cache...
Packaging files to upload...
Uploading files...
 1.24 MiB / 1.24 MiB [=========================================================================================================================================] 100.00% 1s

Waiting for API to complete processing files...

Staging app and tracing logs...
   Loading secret for "gcr.io" from secret "cc-kpack-registry-auth-secret-ver-1" at location "/var/build-secrets/cc-kpack-registry-auth-secret-ver-1"
   Successfully downloaded cf-blobstore-minio.cf-blobstore.svc.cluster.local:9000/cc-packages/c8/a5/c8a5b104-720e-4874-b4d9-c437c08e73a9 in path "/workspace"
   paketo-buildpacks/node-engine 0.0.210
   paketo-buildpacks/npm         0.1.39
   Previous image with name "gcr.io/someone/cf-workloads/336de67a-582f-43a0-87aa-9990a7e03f4a" not found
   Node Engine Buildpack 0.0.210
   Resolving Node Engine version
   Candidate version sources (in priority order):
   -> "*"
   Selected Node Engine version (using ): 10.20.1
   Executing build process
   Installing Node Engine 10.20.1
   Completed in 2.652s
   Configuring environment
   NODE_ENV     -> "production"
   NODE_HOME    -> "/layers/paketo-buildpacks_node-engine/node"
   NODE_VERBOSE -> "false"
   Writing profile.d/0_memory_available.sh
   Calculates available memory based on container limits at launch time.
   Made available in the MEMORY_AVAILABLE environment variable.
   NPM Buildpack 0.1.39
   Resolving installation process
   Process inputs:
   node_modules      -> "Not found"
   npm-cache         -> "Not found"
   package-lock.json -> "Not found"
   Selected NPM build process: 'npm install'
   Executing build process
   Running 'npm install'
   Completed in 7.464s
   Configuring environment
   NPM_CONFIG_LOGLEVEL   -> "error"
   NPM_CONFIG_PRODUCTION -> "true"
   PATH                  -> "$PATH:/layers/paketo-buildpacks_npm/modules/node_modules/.bin"
   Adding layer 'launcher'
   Adding layer 'paketo-buildpacks/node-engine:node'
   Adding layer 'paketo-buildpacks/npm:modules'
   Adding 1/1 app layer(s)
   Adding layer 'config'
   *** Images (sha256:5c793b56d2a6b1a44119887f2f03e9698f5751559d0c0fd9e447f9f7a82b3e89):
   gcr.io/fe-mbeck/cf-workloads/336de67a-582f-43a0-87aa-9990a7e03f4a
   gcr.io/fe-mbeck/cf-workloads/336de67a-582f-43a0-87aa-9990a7e03f4a:b1.20200708.105037
   Adding cache layer 'paketo-buildpacks/node-engine:node'
   Adding cache layer 'paketo-buildpacks/npm:npm-cache'
   Build successful

Waiting for app to start...

name:                cf-nodejs
requested state:     started
isolation segment:   placeholder
routes:              cf-nodejs-fluent-squirrel-jg.apps.127.0.0.1.nip.io
last uploaded:       Wed 08 Jul 12:53:44 CEST 2020
stack:
buildpacks:

type:            web
instances:       1/1
memory usage:    512M
start command:   npm start
     state     since                  cpu    memory      disk      details
#0   running   2020-07-08T10:53:50Z   0.0%   0 of 512M   0 of 1G

cf push  9.25s user 3.57s system 5% cpu 3:36.92 total

Cleaning the cluster

kapp delete -a cf will remove the whole installation from your kind cluster. This also greatly helps in case there was an error during your installation.

  1. Please use your own, which you can generate at https://console.cloud.google.com. This provided service account json will not work. ↩︎

Tech CloudFoundry Kubernetes