TCE cluster created using docker extension enables you to quickly start your journey as developer for modern apps. This cluster is much more than what you get with an opensource k8s cluster e.g. a CNI, kapp-controller
, tanzu package repository
etc.
If you are looking to setup TCE as docker extension, feel free to refer my earlier post below.
Below screenshot represents the running TCE cluster as docker extension.

Here are some key points about TCE cluster created using docker extension:
- Once TCE extension for docker is enabled, then you need to create a TCE Cluster
kubeconfig
file is automatically updated to access the newly createdtanzu-community-edition
cluster. You can validate the new context by running the following command:
$ kubectl config get-clusters | grep -i tanzu
tanzu-community-edition
- It’s a single node cluster where control plane and workload runs
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
tanzu-community-edition-control-plane Ready control-plane,master 8d v1.22.7
- Calico cni is setup as part of cluster creation
kapp-controller
is installed for a tanzu package management
Deploying Tanzu Packages on a TCE Cluster
When a TCE Cluster is running as docker extension, you will notice that the tanzu package repository is automatically added. Let’s validate it by running the following command:
$ tanzu package repository list -A
- Retrieving repositories...
NAME REPOSITORY TAG STATUS DETAILS NAMESPACE
projects.registry.vmware.com-tce-main-0.12.0 projects.registry.vmware.com/tce/main 0.12.0 Reconcile succeeded tanzu-package-repo-global
tkg-core-repository projects.registry.vmware.com/tce/repo-12 0.12.0 Reconcile succeeded tkg-system
Let’s also validate the list of available packages:
tanzu package available list -A
/ Retrieving available packages...
NAME DISPLAY-NAME SHORT-DESCRIPTION LATEST-VERSION NAMESPACE
app-toolkit.community.tanzu.vmware.com App-Toolkit package for TCE Kubernetes-native toolkit to support application lifecycle 0.2.0 tanzu-package-repo-global
cartographer-catalog.community.tanzu.vmware.com Cartographer Catalog Reusable Cartographer blueprints 0.3.0 tanzu-package-repo-global
cartographer.community.tanzu.vmware.com Cartographer Kubernetes native Supply Chain Choreographer. 0.3.0 tanzu-package-repo-global
cert-injection-webhook.community.tanzu.vmware.com cert-injection-webhook The Cert Injection Webhook injects CA certificates and proxy environment variables into pods 0.1.1 tanzu-package-repo-global
cert-manager.community.tanzu.vmware.com cert-manager Certificate management 1.8.0 tanzu-package-repo-global
contour.community.tanzu.vmware.com contour An ingress controller 1.20.1 tanzu-package-repo-global
external-dns.community.tanzu.vmware.com external-dns This package provides DNS synchronization functionality. 0.10.0 tanzu-package-repo-global
fluent-bit.community.tanzu.vmware.com fluent-bit Fluent Bit is a fast Log Processor and Forwarder 1.7.5 tanzu-package-repo-global
fluxcd-source-controller.community.tanzu.vmware.com Flux Source Controller The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, Helm repositories and S3 buckets. 0.21.5 tanzu-package-repo-global
gatekeeper.community.tanzu.vmware.com gatekeeper policy management 3.7.1 tanzu-package-repo-global
grafana.community.tanzu.vmware.com grafana Visualization and analytics software 7.5.11 tanzu-package-repo-global
harbor.community.tanzu.vmware.com harbor OCI Registry 2.4.2 tanzu-package-repo-global
helm-controller.fluxcd.community.tanzu.vmware.com Flux Helm Controller The Helm Controller is a Kubernetes operator, allowing one to declaratively manage Helm chart releases with Kubernetes manifests. 0.17.2 tanzu-package-repo-global
knative-serving.community.tanzu.vmware.com knative-serving Knative Serving builds on Kubernetes to support deploying and serving of applications and functions as serverless containers 1.0.0 tanzu-package-repo-global
kpack-dependencies.community.tanzu.vmware.com kpack dependencies Dependencies in the form of Buildpacks and Stacks for the kpack package 0.0.27 tanzu-package-repo-global
kpack.community.tanzu.vmware.com kpack kpack builds application source code into OCI compliant images using Cloud Native Buildpacks 0.5.3 tanzu-package-repo-global
kustomize-controller.fluxcd.community.tanzu.vmware.com Flux Kustomize Controller Kustomize controller is one of the components in GitOps toolkit. 0.21.1 tanzu-package-repo-global
local-path-storage.community.tanzu.vmware.com local-path-storage This package provides local path node storage and primarily supports RWO AccessMode. 0.0.22 tanzu-package-repo-global
multus-cni.community.tanzu.vmware.com multus-cni This package provides the ability for enabling attaching multiple network interfaces to pods in Kubernetes 3.8.0 tanzu-package-repo-global
prometheus.community.tanzu.vmware.com prometheus A time series database for your metrics 2.27.0-1 tanzu-package-repo-global
velero.community.tanzu.vmware.com velero Disaster recovery capabilities 1.8.0 tanzu-package-repo-global
whereabouts.community.tanzu.vmware.com whereabouts A CNI IPAM plugin that assigns IP addresses cluster-wide 0.5.1 tanzu-package-repo-global
antrea.community.tanzu.vmware.com antrea networking and network security solution for containers 0.13.3 tkg-system
calico.community.tanzu.vmware.com calico Networking and network security solution for containers. 3.22.1 tkg-system
metrics-server.community.tanzu.vmware.com metrics-server Metrics Server is a scalable, efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines. 0.5.1 tkg-system
pinniped.community.tanzu.vmware.com pinniped Pinniped provides identity services to Kubernetes. 0.12.1 tkg-system
secretgen-controller.community.tanzu.vmware.com secretgen-controller Secret generation and sharing 0.7.1 tkg-system
As you can see above, there are several packages available as part of the default TCE repository. We will try installing one package from the list above. But before that, Let’s validate which all packages are installed as part of TCE cluster creation.
tanzu package installed list -A
- Retrieving installed packages...
NAME PACKAGE-NAME PACKAGE-VERSION STATUS NAMESPACE
cni calico.community.tanzu.vmware.com 3.22.1 Reconcile succeeded tkg-system
You will notice that the calico cni
package is already installed.
In this demonstration, I will be installing secretgen-controller
package on an existing TCE cluster. First, let’s look at the detail about this package and if it requires some parameters.
Get the Package Detail
Run the following command to get the package detail:
$ tanzu package available get secretgen-controller.community.tanzu.vmware.com/0.7.1 -n tkg-system
- Retrieving package details for secretgen-controller.community.tanzu.vmware.com/0.7.1...
NAME: secretgen-controller.community.tanzu.vmware.com
VERSION: 0.7.1
RELEASED-AT: 0001-01-01 00:00:00 +0000 UTC
DISPLAY-NAME: secretgen-controller
SHORT-DESCRIPTION: Secret generation and sharing
PACKAGE-PROVIDER: VMware
MINIMUM-CAPACITY-REQUIREMENTS:
LONG-DESCRIPTION: Provide CRDs to specify what secrets need to be on cluster (generated or not).
MAINTAINERS: [{Shivaani Gupta}]
RELEASE-NOTES: secretgen-controller 0.7.1 https://github.com/vmware-tanzu/carvel-secretgen-controller
LICENSE: [Apache 2.0]
SUPPORT:
CATEGORY: [package management]
Get the available Parameters for Secretgen-Controller
Run the following command to get the parameters details:
$ tanzu package available get secretgen-controller.community.tanzu.vmware.com/0.7.1 -n tkg-system --values-schema
| Retrieving package details for secretgen-controller.community.tanzu.vmware.com/0.7.1...
KEY DEFAULT TYPE DESCRIPTION
secretgenController.createNamespace true boolean Whether to create namespace specified for secretgen-controller
secretgenController.namespace secretgen-controller string The namespace in which to deploy secretgen-controller
As you see above, we can pass two parameters, but in this demo, let’s not complicate and go ahead with default parameters.
Install Package
Run the below command to install the package.
$ tanzu package install secretgen-controller --package-name secretgen-controller.community.tanzu.vmware.com --version 0.7.1 -n tkg-system
- Installing package 'secretgen-controller.community.tanzu.vmware.com'
| Getting package metadata for 'secretgen-controller.community.tanzu.vmware.com'
| Creating service account 'secretgen-controller-tkg-system-sa'
| Creating cluster admin role 'secretgen-controller-tkg-system-cluster-role'
| Creating cluster role binding 'secretgen-controller-tkg-system-cluster-rolebinding'
| Creating package resource
/ Waiting for 'PackageInstall' reconciliation for 'secretgen-controller'
/ 'PackageInstall' resource install status: Reconciling
| 'PackageInstall' resource successfully reconciled
Added installed package 'secretgen-controller'
Validate Package Installation
- Namespace is created
secretgen-controller Active 2m34s
- Deployment is created
k get all -n secretgen-controller
NAME READY STATUS RESTARTS AGE
pod/secretgen-controller-77f49ffd87-2475w 1/1 Running 0 3m8s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/secretgen-controller 1/1 1 1 3m8s
NAME DESIRED CURRENT READY AGE
replicaset.apps/secretgen-controller-77f49ffd87 1 1 1 3m8s
- Run the below command to list the installed packages again and you will see the
secretgen-controller
package installed.
tanzu package installed list -A
\ Retrieving installed packages...
NAME PACKAGE-NAME PACKAGE-VERSION STATUS NAMESPACE
cni calico.community.tanzu.vmware.com 3.22.1 Reconcile succeeded tkg-system
secretgen-controller secretgen-controller.community.tanzu.vmware.com 0.7.1 Reconcile succeeded tkg-system
That’s all for this post, please let me know your feedback in a comment.