Deploy a Multitenant Application to a Provider subaccount, Kyma Runtime

Open your subaccount in SAP BTP cockpit. Make sure you’ve already enabled SAP BTP, Kyma runtime on your cluster.

1. Install tool
   

   
   In order to run your code on Kyma runtime (or on any Kubernetes-based platform), you need to provide an OCI image (aka Docker image) for your application. While you are in principle free to choose your image building tool, we recommend using Cloud Native Buildpacks (CNB).
   
   
   The command-line tool pack supports providing a buildpack and your local source code and creating an OCI image from it. We are working on a process to provide recommended and supported buildpacks. In the meantime, you can use the community-supported Paketo Buildpacks.
   
   
   If you followed the tutorials Create a Basic Node.js Application with Express Generator and Deploy a Node.js Application in SAP BTP, Kyma runtime, you have installed the command-line tool pack. If not, please follow this official guide: Install Pack.

   For example (macOS):

   Shell / Bash

   Copy

   brew install buildpacks/tap/pack
   

2. Build image for applications
   

   
   When we speak about repository name, we mean the combination of account and repo name that is usual with Docker Hub: <docker-hub-account>/<repo-name>. An example would be tiaxu/multitenant-kyma-backend.
   
   
   As you can only create one private repository in a free Docker hub account, Docker images stored in Docker hub will have different tag names so that they can be stored in one repository. Thus, addressing an image will include the tag name:<docker-hub-account>/<repo-name>:<tag-name>. An example would be tiaxu/multitenant-kyma-backend:v2.
   
   
   In the directory kyma-multitenant-approuter, build the image for the approuter app from source, for example:
   Shell / Bash

   Copy

   pack build <docker-hub-account>/multitenant-approuter:v1 --builder paketobuildpacks/builder-jammy-full
   

   In the directory kyma-multitenant-node, build the image for the multitenant backend app from source, for example:

   Shell / Bash

   Copy

   pack build <docker-hub-account>/multitenant-kyma-backend:v2 --builder paketobuildpacks/builder-jammy-full
   

1. Log in to Docker using this command:

docker login -u <docker-id> -p <password>

2. Push the local images into the Docker Hub:

docker push <docker-hub-account>/multitenant-approuter:v1
docker push <docker-hub-account>/multitenant-kyma-backend:v2

For more details, see the Kubernetes documentation.

If you followed the tutorials Create a Basic Node.js Application with Express Generator and Deploy a Node.js Application in the Kyma Runtime, you have created a namespace in Kyma dashboard called multitenancy-ns. If not, create a new namespace multitenancy-ns through Kyma dashboard or kubectl CLI:

1. Select the Link to dashboard to open Kyma dashboard.

2. Create a new namespace through Kyma dashboard or kubectl CLI, for example, called multitenancy-ns:

3. Enable Istio Sidecar Proxy Injection
Enabling Istio sidecar proxy injection for a namespace allows istiod to watch all Pod creation operations in this namespace and automatically inject newly created Pods with an Istio sidecar proxy.
Switch the toggle to enable Istio sidecar proxy injection. Click Create to finish namespace creation.

For more details, refer to the Enable Istio Sidecar Proxy Injection

Since the OCI image is stored in your Docker hub, you need to provide the access information to your Kyma cluster that you can pull the images from those repositories.

If you followed the tutorials Create a Basic Node.js Application with Express Generator and Deploy a Node.js Application in SAP BTP, Kyma runtime, you have configured the credential of your Docker Hub as a Secret. If not, create a new Secret with the following command, replace the placeholder values according to your account:

kubectl -n multitenancy-ns create secret docker-registry registry-secret --docker-server=https://index.docker.io/v1/  --docker-username=<docker-id> --docker-password=<password> --docker-email=<email>

Therefore, all deployment files contain an imagePullSecret entry, which should be set to registry-secret.

imagePullSecrets:
        - name: registry-secret # replace with your own registry secret

1. Deploy consumed services by executing this command:

kubectl -n multitenancy-ns apply -f k8s-deployment-services.yaml

2. Deploy the approuter applications by executing this command:

kubectl -n multitenancy-ns apply -f k8s-deployment-approuter.yaml

3. Deploy the backend applications by executing this command:

kubectl -n multitenancy-ns apply -f k8s-deployment-backend.yaml

Launch Kyma dashboard from SAP BTP cockpit, then navigate to the multitenancy-ns namespace.

Go to Workloads, and then select Deployments. You will see deployments of kyma-multitenant-approuter-multitenancy and kyma-multitenant-node-multitenancy displayed, with their Pods statuses shown in green. At this point, your multitenant application has been deployed successfully.