Starting with TAP 1.3, scaling out TAP GUI is supported. You can set replicas in tap-values.yaml
like bellow:
tap_gui:
deployment:
replicas: 3
But since sessions are not shared across instances, If you have authentication enabled for the TAP GUI, scaling out will make requests round-robin and A successful login can be routed to an instance that is not logged in and then display an authentication error.
Until the TAP GUI fixes this issue, using Contour's Session Affinity, you can the same logged-in user should be routed to the same instance. Create the following overlay to enable Session Affinity for HTTPProxy in TAP GUI.
cat EOF > tap-gui-session-affinity.yaml
#@ load("@ytt:overlay", "overlay")
#@overlay/match by=overlay.subset({"kind":"HTTPProxy","metadata":{"name":"tap-gui"}})
---
spec:
routes:
#@overlay/match by=overlay.subset({"services": [{"name": "server"}]})
- services: []
#@overlay/match missing_ok=True
loadBalancerPolicy:
strategy: Cookie
EOF
Create a Secret for the overlay
kubectl -n tap-install create secret generic tap-gui-session-affinity \
-o yaml \
--dry-run=client \
--from-file=tap-gui-session-affinity.yaml\
| kubectl apply -f-
Set the secret name of the created overlay to package_overlays in tap-values.yaml as follows:
package_overlays:
# ...
- name: tap-gui
secrets:
- name: tap-gui-session-affinity
# ...
Then, update package install
tanzu package installed update -n tap-install tap -f tap-values.yaml