Deploy a Multitenant Application to a Provider subaccount, Kyma Runtime
- How to build Application to OCI Image
- How to push OCI image to Docker Hub
- How to deploy applications into Kyma runtime
- You have a Kyma runtime environment on SAP Business Technology Platform (BTP). If not, please follow this tutorial: Enable SAP BTP, Kyma Runtime.
- You have installed Docker.
- You have Docker Hub account.
- You have installed Kubernetes command-line tool.
- You have finished the tutorial Register a Multitenant Application to the SAP SaaS Provisioning Service.
- Step 1
Open your subaccount in the Cockpit. In the overview page, find the subdomain for your deployment.
- Step 2
In your Kyma dashboard, find the full Kyma cluster domain in the downloaded
kubeconfig.ymlfile or in the URL of the Kyma dashboard.
- Step 3
In order to run your code on the Kyma Runtime (or on any Kubernetes-based platform), you need to provide an OCI image (aka Docker image) for your application. While you are in principle free to choose your image building tool, we recommend using Cloud Native Buildpacks (CNB).
The command-line tool
packsupports providing a buildpack and your local source code and creating an OCI image from it. We are working on a process to provide recommended and supported buildpacks. In the meantime, you can use the community-supported Paketo Buildpacks.
If you followed the tutorials Create a Basic Node.js Application with Express Generator and Deploy a Node.js Application in the Kyma Runtime, you have installed the command-line tool
pack, if not, please follow this official guide: Install Pack.
For example (macOS):Shell / BashCopy
brew install buildpacks/tap/pack
Build image for applications
When we speak about repository name, we mean the combination of account and repo name that is usual with Docker Hub:
<docker-hub-account>/<repo-name>. An example would be
As you can only create one private repository in a free Docker hub account, Docker images stored in Docker hub will have different tag names so that they can be stored in one repository. Thus, addressing an image will include the tag name:
<docker-hub-account>/<repo-name>:<tag-name>. An example would be
In the directory
kyma-multitenant-approuter, build the image for the approuter app from source, for example:Shell / BashCopy
pack build multitenant-approuter --builder paketobuildpacks/builder:full docker tag multitenant-approuter <docker-hub-account>/multitenant-approuter:v1
In the directory
kyma-multitenant-node, build the image for the approuter app from source, for example:Shell / BashCopy
pack build multitenant-kyma-backend --builder paketobuildpacks/builder:full docker tag multitenant-kyma-backend <docker-hub-account>/multitenant-kyma-backend:v1
- Step 4
1. Log in to Docker using this command:Shell / BashCopy
docker login -u <docker-id> -p <password>
2. Push the local images into the Docker Hub:Shell / BashCopy
docker push <docker-hub-account>/multitenant-approuter:v1 docker push <docker-hub-account>/multitenant-kyma-backend:v1
For more details, see the Kubernetes documentation.
- Step 5
If you followed the tutorials Create a Basic Node.js Application with Express Generator and Deploy a Node.js Application in the Kyma Runtime, you have created a namespace in the Kyma environment called
multitenancy-ns. If not, create a new namespace through the Kyma dashboard or
kubectlCLI, for example, called
- Step 6
Since the OCI image is stored in your Docker hub, you need to provide the access information to your Kyma cluster that you can pull the images from those repositories.
If you followed the tutorials Create a Basic Node.js Application with Express Generator and Deploy a Node.js Application in the Kyma Runtime, you have configured the credential of your Docker Hub as a Secret. If not, create a new Secret with the following command, replace the placeholder values according to your account:Shell / BashCopy
kubectl -n multitenancy-ns create secret docker-registry registry-secret --docker-server=https://index.docker.io/v1/ --docker-username=<docker-id> --docker-password=<password> --docker-email=<email>
Therefore, all deployment files contain an
imagePullSecretentry, which should be set to
imagePullSecrets: - name: registry-secret # replace with your own registry secret
- Step 7
1. Deploy consumed services by executing this command:Shell / BashCopy
kubectl -n multitenancy-ns apply -f k8s-deployment-services.yaml
2. Deploy the approuter applications by executing this command:Shell / BashCopy
kubectl -n multitenancy-ns apply -f k8s-deployment-approuter.yaml
3. Deploy the backend applications by executing this command:Shell / BashCopy
kubectl -n multitenancy-ns apply -f k8s-deployment-backend.yaml
Dedicated images are necessary for your applications when deploying them into Kyma runtime.