kite 0.0.5 → 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +9 -1
- data/lib/kite.rb +1 -0
- data/lib/kite/core.rb +15 -5
- data/lib/kite/error.rb +2 -0
- data/lib/kite/helpers.rb +23 -1
- data/lib/kite/version.rb +1 -1
- data/tpl/aws/README.md +8 -82
- data/tpl/aws/bosh-install.sh.erb +25 -0
- data/tpl/aws/deployments/bosh/bosh_director.yml +144 -0
- data/tpl/aws/deployments/bosh/bosh_vars.yml.erb +11 -0
- data/tpl/aws/deployments/bosh/cpi.yml +98 -0
- data/tpl/aws/deployments/bosh/jumpbox-user.yml +27 -0
- data/tpl/aws/setup-tunnel.sh.erb +4 -0
- data/tpl/gcp/README.md +22 -0
- data/tpl/gcp/bosh-install.sh.erb +5 -11
- data/tpl/gcp/bosh-vars.yml.erb +8 -0
- data/tpl/gcp/deployments/bosh/bosh.yml +144 -0
- data/tpl/gcp/deployments/bosh/cloud-config.yml +51 -0
- data/tpl/gcp/deployments/bosh/cpi.yml +69 -0
- data/tpl/gcp/deployments/bosh/jumpbox-user.yml +27 -0
- data/tpl/gcp/setup-tunnel.sh.erb +6 -0
- data/tpl/gcp/terraform/main.tf +12 -4
- data/tpl/gcp/terraform/network.tf +11 -0
- data/tpl/skel/README.md.tt +4 -1
- data/tpl/skel/config/cloud.yml +2 -1
- metadata +16 -4
- data/tpl/aws/bootstrap.sh +0 -21
- data/tpl/aws/bosh/bosh_director.yml.erb +0 -133
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b20f3f85398a1b4a4b23cb1cb818a0f29b489617
|
4
|
+
data.tar.gz: 8b2fa9d43523bfbb839ddd655ee3565cc028bfc1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '049614c95440425c9142eb0b25423e898480e151a648f6cf4b7f55c7d74f51ff406a25211e74fe449693b2e90fd00721c46bf609d3dd0f4417e804bc53180743'
|
7
|
+
data.tar.gz: d039515fb358e058c1ac49da66943cc24a9496183581f144ef7df4b5163f9f0df52d2f5dc582722031fbe226d8d947ad507411c6f7342d5060265fbe31b3996b
|
data/README.md
CHANGED
@@ -23,7 +23,15 @@ Or install it yourself as:
|
|
23
23
|
|
24
24
|
## Usage
|
25
25
|
|
26
|
-
|
26
|
+
To start using kite from scratch:
|
27
|
+
- Create a new kite project, use `kite new`
|
28
|
+
- Fill out the `config/cloud.yml` file with your credentials.
|
29
|
+
- For BOSH you'll need an SSH key, to generate one, use `ssh-keygen -f *path_to_key*`
|
30
|
+
- Generate the cloud IaC needed with `kite generate --cloud=*aws or gcp*`
|
31
|
+
- Continue with instructions from newly generated README.md
|
32
|
+
|
33
|
+
|
34
|
+
To list all Kite commands, use
|
27
35
|
|
28
36
|
```shell
|
29
37
|
$> kite help
|
data/lib/kite.rb
CHANGED
data/lib/kite/core.rb
CHANGED
@@ -17,7 +17,7 @@ module Kite
|
|
17
17
|
desc "generate", "Generate Cloud IaC from configuration"
|
18
18
|
def generate()
|
19
19
|
say "Generating Cloud #{ options[:cloud] } IaC", :green
|
20
|
-
@values =
|
20
|
+
@values = parse_cloud_config
|
21
21
|
|
22
22
|
case options[:cloud]
|
23
23
|
when 'aws'
|
@@ -26,9 +26,12 @@ module Kite
|
|
26
26
|
copy_file('aws/terraform/outputs.tf', 'terraform/outputs.tf')
|
27
27
|
copy_file('aws/terraform/variables.tf', 'terraform/variables.tf')
|
28
28
|
template('aws/terraform/terraform.tfvars.erb', 'terraform/terraform.tfvars')
|
29
|
-
|
30
29
|
copy_file('aws/README.md', 'README.md')
|
31
|
-
|
30
|
+
|
31
|
+
template('aws/bosh-install.sh.erb', 'bin/bosh-install.sh')
|
32
|
+
template('aws/setup-tunnel.sh.erb', 'bin/setup-tunnel.sh')
|
33
|
+
chmod('bin/bosh-install.sh', 0755)
|
34
|
+
chmod('bin/setup-tunnel.sh', 0755)
|
32
35
|
|
33
36
|
when 'gcp'
|
34
37
|
copy_file('gcp/terraform/main.tf', 'terraform/main.tf')
|
@@ -36,8 +39,13 @@ module Kite
|
|
36
39
|
copy_file('gcp/terraform/outputs.tf', 'terraform/outputs.tf')
|
37
40
|
copy_file('gcp/terraform/variables.tf', 'terraform/variables.tf')
|
38
41
|
template('gcp/terraform/terraform.tfvars.erb', 'terraform/terraform.tfvars')
|
42
|
+
copy_file('gcp/README.md', 'README.md', force: true)
|
43
|
+
|
39
44
|
template('gcp/bosh-install.sh.erb', 'bin/bosh-install.sh')
|
45
|
+
template('gcp/bosh-vars.yml.erb', 'bosh-vars.yml')
|
46
|
+
template('gcp/setup-tunnel.sh.erb', 'bin/setup-tunnel.sh')
|
40
47
|
chmod('bin/bosh-install.sh', 0755)
|
48
|
+
chmod('bin/setup-tunnel.sh', 0755)
|
41
49
|
|
42
50
|
else
|
43
51
|
say 'Cloud provider not specified'
|
@@ -45,15 +53,17 @@ module Kite
|
|
45
53
|
end
|
46
54
|
end
|
47
55
|
|
56
|
+
method_option :cloud, type: :string, desc: "Cloud provider", enum: %w{aws gcp}, required: true
|
48
57
|
desc 'render MANIFEST', 'Render manifest file from configuration and Terraform output'
|
49
58
|
def render(manifest)
|
50
59
|
say "Rendering #{ manifest } manifest", :green
|
51
|
-
@values =
|
60
|
+
@values = parse_cloud_config
|
52
61
|
@tf_output = parse_tf_state('terraform/terraform.tfstate')
|
53
62
|
|
54
63
|
case manifest
|
55
64
|
when "bosh"
|
56
|
-
|
65
|
+
cloud = options[:cloud]
|
66
|
+
directory("#{cloud}/deployments", 'deployments')
|
57
67
|
|
58
68
|
when "concourse"
|
59
69
|
template("aws/concourse/aws_cloud.yml.erb", "aws_cloud.yml")
|
data/lib/kite/error.rb
ADDED
data/lib/kite/helpers.rb
CHANGED
@@ -1,9 +1,31 @@
|
|
1
1
|
module Kite::Helpers
|
2
|
+
# Check config/cloud.yml file to be complete
|
3
|
+
def check_cloud_config(config)
|
4
|
+
raise Kite::Error, 'The config/cloud.yml is not filled out!' unless config.find { |key, hash| hash.find { |k, v| v.nil? } }.nil?
|
5
|
+
end
|
6
|
+
|
7
|
+
# Check if Terraform IaC was applied
|
8
|
+
def check_terraform_applied
|
9
|
+
raise Kite::Error, 'Did you terraform apply? terraform.tfstate is missing!' unless File.file? "terraform/terraform.tfstate"
|
10
|
+
end
|
11
|
+
|
2
12
|
# Parse Terraform .tfstate file, returning the output hash
|
3
13
|
def parse_tf_state(path)
|
4
|
-
|
14
|
+
check_terraform_applied
|
15
|
+
|
16
|
+
tf_state = YAML.load(File.read(path))
|
5
17
|
tf_output = tf_state["modules"].first["outputs"]
|
6
18
|
tf_output.map { |k, v| tf_output[k] = v["value"] }
|
19
|
+
|
7
20
|
tf_output
|
8
21
|
end
|
22
|
+
|
23
|
+
# Parse config/cloud.yml, returning the output hash
|
24
|
+
def parse_cloud_config
|
25
|
+
cloud_config = YAML.load(File.read('config/cloud.yml'))
|
26
|
+
check_cloud_config(cloud_config)
|
27
|
+
|
28
|
+
cloud_config
|
29
|
+
end
|
30
|
+
|
9
31
|
end
|
data/lib/kite/version.rb
CHANGED
data/tpl/aws/README.md
CHANGED
@@ -13,91 +13,17 @@ Requirements
|
|
13
13
|
-----
|
14
14
|
|
15
15
|
- Install [terraform](https://www.terraform.io/intro/getting-started/install.html)
|
16
|
-
- Install [bosh
|
17
|
-
- Install the [bosh_cli](https://bosh.io/docs/bosh-cli.html)
|
18
|
-
|
19
|
-
Ensure you have created a `terraform/terraform.tfvars` file with your variables, or set suitable [environment variables](https://www.terraform.io/docs/configuration/variables.html). An example tfvars file can be found in `terraform/terraform.tfvars.example`
|
20
|
-
|
21
|
-
Assumptions
|
22
|
-
-----
|
23
|
-
|
24
|
-
You already have:
|
25
|
-
|
26
|
-
- A Route53 Zone in AWS.
|
27
|
-
- An EC2 SSH keypair
|
28
|
-
- An SSL certificate in AWS for your Concourse ELB
|
16
|
+
- Install [bosh](https://bosh.io/docs/cli-v2.html#install)
|
29
17
|
|
30
18
|
Usage
|
31
19
|
-----
|
32
20
|
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
```
|
39
|
-
Set the following environment variables:
|
40
|
-
|
41
|
-
```
|
42
|
-
$AWS_ACCESS_KEY_ID
|
43
|
-
$AWS_SECRET_ACCESS_KEY
|
44
|
-
$AWS_REGION
|
45
|
-
$AWS_AZ
|
46
|
-
$BOSH_PASSWORD
|
47
|
-
$AWS_KEYPAIR_KEY_NAME
|
48
|
-
$PRIVATE_KEY_PATH
|
49
|
-
```
|
50
|
-
|
51
|
-
Then create the `bosh-director.yml` manifest:
|
52
|
-
```
|
53
|
-
./bin/make_manifest_bosh-init.sh
|
54
|
-
```
|
55
|
-
|
56
|
-
You are ready to deploy the BOSH Director
|
57
|
-
```
|
58
|
-
bosh-init deploy bosh-director.yml
|
59
|
-
```
|
60
|
-
|
61
|
-
Go and make a cup of tea.
|
62
|
-
|
63
|
-
Once the director is deployed, target it and apply your cloud-config for AWS.
|
64
|
-
Remember to set your chosen AZ and the subnet-id output by terraform in `aws-cloud.yml`.
|
65
|
-
|
66
|
-
```
|
67
|
-
bosh target <your EIP address>
|
68
|
-
bosh update cloud-config aws-cloud.yml
|
69
|
-
```
|
70
|
-
|
71
|
-
Set a database password and external URL for your deployment in these environment variables:
|
72
|
-
|
73
|
-
```
|
74
|
-
$DB_PASSWORD
|
75
|
-
$CONCOURSE_URL
|
76
|
-
```
|
77
|
-
Create a new OAuth application in GitHub as described [here](http://concourse.ci/authentication.html). The manifest assumes the existance of a 'CI' team that contains your authorised users, so create that too. Then set the following environment variables:
|
78
|
-
|
79
|
-
```
|
80
|
-
$GITHUB_ORG
|
81
|
-
$GITHUB_CLIENT_ID
|
82
|
-
$GITHUB_CLIENT_SECRET
|
83
|
-
```
|
84
|
-
|
85
|
-
Then create a concourse manifest for a single server deployment:
|
86
|
-
```
|
87
|
-
./bin/make_manifest_concourse.sh
|
88
|
-
```
|
89
|
-
Or, create a concourse manifest for small cluster:
|
90
|
-
```
|
91
|
-
./bin/make_manifest_concourse-cluster.sh
|
92
|
-
```
|
21
|
+
To deploy a BOSH Director:
|
22
|
+
- Apply the terraform IaC from `terraform` folder
|
23
|
+
- Run `bin/setup_tunnel.sh` to create an SSH CLI tunnel
|
24
|
+
- Run `kite render bosh --cloud aws` to render BOSH deployment files
|
25
|
+
- Run `bin/bosh_setup.sh` to deploy the BOSH Director
|
93
26
|
|
94
|
-
|
95
|
-
```
|
96
|
-
bosh upload stemcell https://bosh.io/d/stemcells/bosh-aws-xen-hvm-ubuntu-trusty-go_agent
|
97
|
-
bosh upload release https://bosh.io/d/github.com/concourse/concourse
|
98
|
-
bosh upload release https://bosh.io/d/github.com/cloudfoundry-incubator/garden-runc-release
|
99
|
-
bosh deployment concourse.yml
|
100
|
-
bosh deploy
|
101
|
-
```
|
27
|
+
To access BOSH Director information, use bosh -e *bosh_name* env
|
102
28
|
|
103
|
-
|
29
|
+
To connect to Bastion over SSH, use ssh jumpbox@*bastion ip* -i jumpbox.key
|
@@ -0,0 +1,25 @@
|
|
1
|
+
#!/usr/bin/env bash
|
2
|
+
|
3
|
+
set -xe
|
4
|
+
|
5
|
+
# Create a new BOSH environment with Director
|
6
|
+
bosh create-env deployments/bosh/bosh_director.yml \
|
7
|
+
--state=state.json \
|
8
|
+
--vars-store=creds.yml \
|
9
|
+
--vars-file=bosh_vars.yml \
|
10
|
+
--var-file private_key=<%= @values['kite']['private_key_path'] %> \
|
11
|
+
-o deployments/bosh/cpi.yml \
|
12
|
+
-o deployments/bosh/jumpbox-user.yml
|
13
|
+
|
14
|
+
# Configure alias for the new environment
|
15
|
+
bosh alias-env <%= @values['bosh']['name'] %> \
|
16
|
+
-e <%= @values['bosh']['static_ip'] %> \
|
17
|
+
--ca-cert <(bosh int ./creds.yml --path /director_ssl/ca)
|
18
|
+
|
19
|
+
# Get jumpbox user key
|
20
|
+
bosh int creds.yml --path /jumpbox_ssh/private_key > jumpbox.key
|
21
|
+
chmod 600 jumpbox.key
|
22
|
+
|
23
|
+
# Log into the newly created Director
|
24
|
+
export BOSH_CLIENT=admin
|
25
|
+
export BOSH_CLIENT_SECRET=`bosh int ./creds.yml --path /admin_password`
|
@@ -0,0 +1,144 @@
|
|
1
|
+
---
|
2
|
+
name: bosh
|
3
|
+
|
4
|
+
releases:
|
5
|
+
- name: bosh
|
6
|
+
version: "262.3"
|
7
|
+
url: https://s3.amazonaws.com/bosh-compiled-release-tarballs/bosh-262.3-ubuntu-trusty-3421.9-20170706-183731-831697577-20170706183736.tgz?versionId=7GmwKfufgb5JwWhJ.cwIWLnejOtm2Hu4
|
8
|
+
sha1: 1eae3f06282417e54ebb199656458f9d6c38e2af
|
9
|
+
|
10
|
+
resource_pools:
|
11
|
+
- name: vms
|
12
|
+
network: default
|
13
|
+
env:
|
14
|
+
bosh:
|
15
|
+
password: '*'
|
16
|
+
mbus:
|
17
|
+
cert: ((mbus_bootstrap_ssl))
|
18
|
+
|
19
|
+
disk_pools:
|
20
|
+
- name: disks
|
21
|
+
disk_size: 32_768
|
22
|
+
|
23
|
+
networks:
|
24
|
+
- name: default
|
25
|
+
type: manual
|
26
|
+
subnets:
|
27
|
+
- range: 10.0.0.0/24
|
28
|
+
gateway: 10.0.0.1
|
29
|
+
static: [10.0.0.2]
|
30
|
+
dns: [8.8.8.8]
|
31
|
+
|
32
|
+
instance_groups:
|
33
|
+
- name: bosh
|
34
|
+
instances: 1
|
35
|
+
jobs:
|
36
|
+
- {name: nats, release: bosh}
|
37
|
+
- {name: postgres-9.4, release: bosh}
|
38
|
+
- {name: blobstore, release: bosh}
|
39
|
+
- {name: director, release: bosh}
|
40
|
+
- {name: health_monitor, release: bosh}
|
41
|
+
resource_pool: vms
|
42
|
+
persistent_disk_pool: disks
|
43
|
+
networks:
|
44
|
+
- name: default
|
45
|
+
static_ips: [((internal_ip))]
|
46
|
+
properties:
|
47
|
+
nats:
|
48
|
+
address: 127.0.0.1
|
49
|
+
user: nats
|
50
|
+
password: ((nats_password))
|
51
|
+
postgres: &db
|
52
|
+
listen_address: 127.0.0.1
|
53
|
+
host: 127.0.0.1
|
54
|
+
user: postgres
|
55
|
+
password: ((postgres_password))
|
56
|
+
database: bosh
|
57
|
+
adapter: postgres
|
58
|
+
blobstore:
|
59
|
+
address: 10.0.0.2
|
60
|
+
port: 25250
|
61
|
+
provider: dav
|
62
|
+
director:
|
63
|
+
user: director
|
64
|
+
password: ((blobstore_director_password))
|
65
|
+
agent:
|
66
|
+
user: agent
|
67
|
+
password: ((blobstore_agent_password))
|
68
|
+
director:
|
69
|
+
address: 127.0.0.1
|
70
|
+
name: ((director_name))
|
71
|
+
db: *db
|
72
|
+
flush_arp: true
|
73
|
+
enable_post_deploy: true
|
74
|
+
generate_vm_passwords: true
|
75
|
+
enable_dedicated_status_worker: true
|
76
|
+
enable_nats_delivered_templates: true
|
77
|
+
workers: 4
|
78
|
+
events:
|
79
|
+
record_events: true
|
80
|
+
ssl:
|
81
|
+
key: ((director_ssl.private_key))
|
82
|
+
cert: ((director_ssl.certificate))
|
83
|
+
user_management:
|
84
|
+
provider: local
|
85
|
+
local:
|
86
|
+
users:
|
87
|
+
- name: admin
|
88
|
+
password: ((admin_password))
|
89
|
+
- name: hm
|
90
|
+
password: ((hm_password))
|
91
|
+
hm:
|
92
|
+
director_account:
|
93
|
+
user: hm
|
94
|
+
password: ((hm_password))
|
95
|
+
ca_cert: ((director_ssl.ca))
|
96
|
+
resurrector_enabled: true
|
97
|
+
ntp: &ntp
|
98
|
+
- time1.google.com
|
99
|
+
- time2.google.com
|
100
|
+
- time3.google.com
|
101
|
+
- time4.google.com
|
102
|
+
agent:
|
103
|
+
mbus: nats://nats:((nats_password))@((internal_ip)):4222
|
104
|
+
|
105
|
+
cloud_provider:
|
106
|
+
mbus: https://mbus:((mbus_bootstrap_password))@((internal_ip)):6868
|
107
|
+
cert: ((mbus_bootstrap_ssl))
|
108
|
+
properties:
|
109
|
+
agent: {mbus: "https://mbus:((mbus_bootstrap_password))@0.0.0.0:6868"}
|
110
|
+
blobstore: {provider: local, path: /var/vcap/micro_bosh/data/cache}
|
111
|
+
ntp: *ntp
|
112
|
+
|
113
|
+
variables:
|
114
|
+
- name: admin_password
|
115
|
+
type: password
|
116
|
+
- name: blobstore_director_password
|
117
|
+
type: password
|
118
|
+
- name: blobstore_agent_password
|
119
|
+
type: password
|
120
|
+
- name: hm_password
|
121
|
+
type: password
|
122
|
+
- name: mbus_bootstrap_password
|
123
|
+
type: password
|
124
|
+
- name: nats_password
|
125
|
+
type: password
|
126
|
+
- name: postgres_password
|
127
|
+
type: password
|
128
|
+
- name: default_ca
|
129
|
+
type: certificate
|
130
|
+
options:
|
131
|
+
is_ca: true
|
132
|
+
common_name: ca
|
133
|
+
- name: mbus_bootstrap_ssl
|
134
|
+
type: certificate
|
135
|
+
options:
|
136
|
+
ca: default_ca
|
137
|
+
common_name: ((internal_ip))
|
138
|
+
alternative_names: [((internal_ip))]
|
139
|
+
- name: director_ssl
|
140
|
+
type: certificate
|
141
|
+
options:
|
142
|
+
ca: default_ca
|
143
|
+
common_name: ((internal_ip))
|
144
|
+
alternative_names: [((internal_ip))]
|
@@ -0,0 +1,11 @@
|
|
1
|
+
director_name: <%= @values['bosh']['name'] %>
|
2
|
+
internal_cidr: <%= @values['aws']['platform_subnet_cidr_block'] %>
|
3
|
+
internal_gw: 10.0.0.1
|
4
|
+
internal_ip: <%= @values['bosh']['static_ip'] %>
|
5
|
+
access_key_id: <%= @values['aws']['access_key'] %>
|
6
|
+
secret_access_key: <%= @values['aws']['secret_key'] %>
|
7
|
+
region: <%= @values['aws']['region'] %>
|
8
|
+
az: <%= @values['aws']['az'] %>
|
9
|
+
default_key_name: <%= @values['kite']['keypair_name'] %>
|
10
|
+
default_security_groups: [<%= @tf_output['security_group_id'] %>]
|
11
|
+
subnet_id: <%= @tf_output['platform_subnet_id'] %>
|
@@ -0,0 +1,98 @@
|
|
1
|
+
---
|
2
|
+
- type: replace
|
3
|
+
path: /releases/-
|
4
|
+
value:
|
5
|
+
name: bosh-aws-cpi
|
6
|
+
version: 65
|
7
|
+
url: https://bosh.io/d/github.com/cloudfoundry-incubator/bosh-aws-cpi-release?v=65
|
8
|
+
sha1: 26b3a5c43e6f82594a373309a495660d6db26254
|
9
|
+
|
10
|
+
- type: replace
|
11
|
+
path: /resource_pools/name=vms/stemcell?
|
12
|
+
value:
|
13
|
+
url: https://bosh.io/d/stemcells/bosh-aws-xen-hvm-ubuntu-trusty-go_agent?v=3421.9
|
14
|
+
sha1: 316a699d44f49d69493b1545d4addd17b78b5840
|
15
|
+
|
16
|
+
# Configure AWS sizes
|
17
|
+
- type: replace
|
18
|
+
path: /resource_pools/name=vms/cloud_properties?
|
19
|
+
value:
|
20
|
+
instance_type: m4.xlarge
|
21
|
+
ephemeral_disk: {size: 25_000, type: gp2}
|
22
|
+
availability_zone: ((az))
|
23
|
+
|
24
|
+
- type: replace
|
25
|
+
path: /disk_pools/name=disks/cloud_properties?
|
26
|
+
value: {type: gp2}
|
27
|
+
|
28
|
+
- type: replace
|
29
|
+
path: /networks/name=default/subnets/0/cloud_properties?
|
30
|
+
value: {subnet: ((subnet_id))}
|
31
|
+
|
32
|
+
# Enable registry job
|
33
|
+
- type: replace
|
34
|
+
path: /instance_groups/name=bosh/jobs/-
|
35
|
+
value:
|
36
|
+
name: registry
|
37
|
+
release: bosh
|
38
|
+
|
39
|
+
- type: replace
|
40
|
+
path: /instance_groups/name=bosh/properties/registry?
|
41
|
+
value:
|
42
|
+
address: ((internal_ip))
|
43
|
+
host: ((internal_ip))
|
44
|
+
db: # todo remove
|
45
|
+
host: 127.0.0.1
|
46
|
+
user: postgres
|
47
|
+
password: ((postgres_password))
|
48
|
+
database: bosh
|
49
|
+
adapter: postgres
|
50
|
+
http:
|
51
|
+
user: registry
|
52
|
+
password: ((registry_password))
|
53
|
+
port: 25777
|
54
|
+
username: registry
|
55
|
+
password: ((registry_password))
|
56
|
+
port: 25777
|
57
|
+
|
58
|
+
# Add CPI job
|
59
|
+
- type: replace
|
60
|
+
path: /instance_groups/name=bosh/jobs/-
|
61
|
+
value: &cpi_job
|
62
|
+
name: aws_cpi
|
63
|
+
release: bosh-aws-cpi
|
64
|
+
|
65
|
+
- type: replace
|
66
|
+
path: /instance_groups/name=bosh/properties/director/cpi_job?
|
67
|
+
value: aws_cpi
|
68
|
+
|
69
|
+
- type: replace
|
70
|
+
path: /cloud_provider/template?
|
71
|
+
value: *cpi_job
|
72
|
+
|
73
|
+
- type: replace
|
74
|
+
path: /instance_groups/name=bosh/properties/aws?
|
75
|
+
value: &aws
|
76
|
+
access_key_id: ((access_key_id))
|
77
|
+
secret_access_key: ((secret_access_key))
|
78
|
+
default_key_name: ((default_key_name))
|
79
|
+
default_security_groups: ((default_security_groups))
|
80
|
+
region: ((region))
|
81
|
+
|
82
|
+
- type: replace
|
83
|
+
path: /cloud_provider/ssh_tunnel?
|
84
|
+
value:
|
85
|
+
host: ((internal_ip))
|
86
|
+
port: 22
|
87
|
+
user: vcap
|
88
|
+
private_key: ((private_key))
|
89
|
+
|
90
|
+
- type: replace
|
91
|
+
path: /cloud_provider/properties/aws?
|
92
|
+
value: *aws
|
93
|
+
|
94
|
+
- type: replace
|
95
|
+
path: /variables/-
|
96
|
+
value:
|
97
|
+
name: registry_password
|
98
|
+
type: password
|
@@ -0,0 +1,27 @@
|
|
1
|
+
- type: replace
|
2
|
+
path: /releases/name=os-conf?
|
3
|
+
value:
|
4
|
+
name: os-conf
|
5
|
+
version: 12
|
6
|
+
url: https://bosh.io/d/github.com/cloudfoundry/os-conf-release?v=12
|
7
|
+
sha1: af5a2c9f228b9d7ec4bd051d71fef0e712fa1549
|
8
|
+
|
9
|
+
- type: replace
|
10
|
+
path: /instance_groups/name=bosh/properties/director/default_ssh_options?/gateway_user
|
11
|
+
value: jumpbox
|
12
|
+
|
13
|
+
- type: replace
|
14
|
+
path: /instance_groups/name=bosh/jobs/-
|
15
|
+
value:
|
16
|
+
name: user_add
|
17
|
+
release: os-conf
|
18
|
+
properties:
|
19
|
+
users:
|
20
|
+
- name: jumpbox
|
21
|
+
public_key: ((jumpbox_ssh.public_key))
|
22
|
+
|
23
|
+
- type: replace
|
24
|
+
path: /variables/-
|
25
|
+
value:
|
26
|
+
name: jumpbox_ssh
|
27
|
+
type: ssh
|
data/tpl/gcp/README.md
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
## GCP Cloud
|
2
|
+
|
3
|
+
### Usage
|
4
|
+
Apply terraform code
|
5
|
+
```
|
6
|
+
pushd terraform && terraform init && terraform apply && popd
|
7
|
+
```
|
8
|
+
|
9
|
+
Render bosh deployment
|
10
|
+
```
|
11
|
+
kite render bosh --cloud=gcp
|
12
|
+
```
|
13
|
+
|
14
|
+
Setup tunnel
|
15
|
+
```
|
16
|
+
./bin/setup-tunnel.sh
|
17
|
+
```
|
18
|
+
|
19
|
+
Install BOSH
|
20
|
+
```
|
21
|
+
./bin/bosh-install.sh
|
22
|
+
```
|
data/tpl/gcp/bosh-install.sh.erb
CHANGED
@@ -2,17 +2,11 @@
|
|
2
2
|
|
3
3
|
set -xe
|
4
4
|
|
5
|
-
bosh create-env bosh
|
5
|
+
bosh create-env deployments/bosh/bosh.yml \
|
6
6
|
--state=config/state.json \
|
7
7
|
--vars-store=config/creds.yml \
|
8
|
-
-
|
9
|
-
-v director_name=bosh-director \
|
10
|
-
-v internal_cidr=<%= @values['gcp']['subnet_cidr'] %> \
|
11
|
-
-v internal_gw=<%= @values['gcp']['internal_gw'] %> \
|
12
|
-
-v internal_ip=<%= @values['bosh']['static_ip'] %> \
|
8
|
+
--vars-file=bosh-vars.yml \
|
13
9
|
--var-file gcp_credentials_json=<%= @values['gcp']['service_account'] %> \
|
14
|
-
-v
|
15
|
-
-
|
16
|
-
-
|
17
|
-
-v network=<%= @values['gcp']['vpc_name'] %> \
|
18
|
-
-v subnetwork=<%= @values['gcp']['subnet_name'] %>
|
10
|
+
-v tags='[platform-internal, no-ip]' \
|
11
|
+
-o deployments/bosh/cpi.yml \
|
12
|
+
-o deployments/bosh/jumpbox-user.yml
|
@@ -0,0 +1,8 @@
|
|
1
|
+
director_name: <%= @values['bosh']['name'] %>
|
2
|
+
internal_cidr: <%= @values['gcp']['subnet_cidr'] %>
|
3
|
+
internal_gw: <%= @values['gcp']['internal_gw'] %>
|
4
|
+
internal_ip: <%= @values['bosh']['static_ip'] %>
|
5
|
+
project_id: <%= @values['gcp']['project'] %>
|
6
|
+
zone: <%= @values['gcp']['zone'] %>
|
7
|
+
network: <%= @values['gcp']['vpc_name'] %>
|
8
|
+
subnetwork: <%= @values['gcp']['subnet_name'] %>
|
@@ -0,0 +1,144 @@
|
|
1
|
+
---
|
2
|
+
name: bosh
|
3
|
+
|
4
|
+
releases:
|
5
|
+
- name: bosh
|
6
|
+
version: "263"
|
7
|
+
url: https://s3.amazonaws.com/bosh-compiled-release-tarballs/bosh-263-ubuntu-trusty-3445.7-20170901-012146-902840377-20170901012153.tgz?versionId=89a.ZxB3Jc_gl6s4YESlL41xNOfoJKrO
|
8
|
+
sha1: cc71c2ee6992071b1e1f6ae9f2119c03a42521c5
|
9
|
+
|
10
|
+
resource_pools:
|
11
|
+
- name: vms
|
12
|
+
network: default
|
13
|
+
env:
|
14
|
+
bosh:
|
15
|
+
password: '*'
|
16
|
+
mbus:
|
17
|
+
cert: ((mbus_bootstrap_ssl))
|
18
|
+
|
19
|
+
disk_pools:
|
20
|
+
- name: disks
|
21
|
+
disk_size: 32_768
|
22
|
+
|
23
|
+
networks:
|
24
|
+
- name: default
|
25
|
+
type: manual
|
26
|
+
subnets:
|
27
|
+
- range: ((internal_cidr))
|
28
|
+
gateway: ((internal_gw))
|
29
|
+
static: [((internal_ip))]
|
30
|
+
dns: [8.8.8.8]
|
31
|
+
|
32
|
+
instance_groups:
|
33
|
+
- name: bosh
|
34
|
+
instances: 1
|
35
|
+
jobs:
|
36
|
+
- {name: nats, release: bosh}
|
37
|
+
- {name: postgres-9.4, release: bosh}
|
38
|
+
- {name: blobstore, release: bosh}
|
39
|
+
- {name: director, release: bosh}
|
40
|
+
- {name: health_monitor, release: bosh}
|
41
|
+
resource_pool: vms
|
42
|
+
persistent_disk_pool: disks
|
43
|
+
networks:
|
44
|
+
- name: default
|
45
|
+
static_ips: [((internal_ip))]
|
46
|
+
properties:
|
47
|
+
nats:
|
48
|
+
address: 127.0.0.1
|
49
|
+
user: nats
|
50
|
+
password: ((nats_password))
|
51
|
+
postgres: &db
|
52
|
+
listen_address: 127.0.0.1
|
53
|
+
host: 127.0.0.1
|
54
|
+
user: postgres
|
55
|
+
password: ((postgres_password))
|
56
|
+
database: bosh
|
57
|
+
adapter: postgres
|
58
|
+
blobstore:
|
59
|
+
address: ((internal_ip))
|
60
|
+
port: 25250
|
61
|
+
provider: dav
|
62
|
+
director:
|
63
|
+
user: director
|
64
|
+
password: ((blobstore_director_password))
|
65
|
+
agent:
|
66
|
+
user: agent
|
67
|
+
password: ((blobstore_agent_password))
|
68
|
+
director:
|
69
|
+
address: 127.0.0.1
|
70
|
+
name: ((director_name))
|
71
|
+
db: *db
|
72
|
+
flush_arp: true
|
73
|
+
enable_post_deploy: true
|
74
|
+
generate_vm_passwords: true
|
75
|
+
enable_dedicated_status_worker: true
|
76
|
+
enable_nats_delivered_templates: true
|
77
|
+
workers: 4
|
78
|
+
events:
|
79
|
+
record_events: true
|
80
|
+
ssl:
|
81
|
+
key: ((director_ssl.private_key))
|
82
|
+
cert: ((director_ssl.certificate))
|
83
|
+
user_management:
|
84
|
+
provider: local
|
85
|
+
local:
|
86
|
+
users:
|
87
|
+
- name: admin
|
88
|
+
password: ((admin_password))
|
89
|
+
- name: hm
|
90
|
+
password: ((hm_password))
|
91
|
+
hm:
|
92
|
+
director_account:
|
93
|
+
user: hm
|
94
|
+
password: ((hm_password))
|
95
|
+
ca_cert: ((director_ssl.ca))
|
96
|
+
resurrector_enabled: true
|
97
|
+
ntp: &ntp
|
98
|
+
- time1.google.com
|
99
|
+
- time2.google.com
|
100
|
+
- time3.google.com
|
101
|
+
- time4.google.com
|
102
|
+
agent:
|
103
|
+
mbus: nats://nats:((nats_password))@((internal_ip)):4222
|
104
|
+
|
105
|
+
cloud_provider:
|
106
|
+
mbus: https://mbus:((mbus_bootstrap_password))@((internal_ip)):6868
|
107
|
+
cert: ((mbus_bootstrap_ssl))
|
108
|
+
properties:
|
109
|
+
agent: {mbus: "https://mbus:((mbus_bootstrap_password))@0.0.0.0:6868"}
|
110
|
+
blobstore: {provider: local, path: /var/vcap/micro_bosh/data/cache}
|
111
|
+
ntp: *ntp
|
112
|
+
|
113
|
+
variables:
|
114
|
+
- name: admin_password
|
115
|
+
type: password
|
116
|
+
- name: blobstore_director_password
|
117
|
+
type: password
|
118
|
+
- name: blobstore_agent_password
|
119
|
+
type: password
|
120
|
+
- name: hm_password
|
121
|
+
type: password
|
122
|
+
- name: mbus_bootstrap_password
|
123
|
+
type: password
|
124
|
+
- name: nats_password
|
125
|
+
type: password
|
126
|
+
- name: postgres_password
|
127
|
+
type: password
|
128
|
+
- name: default_ca
|
129
|
+
type: certificate
|
130
|
+
options:
|
131
|
+
is_ca: true
|
132
|
+
common_name: ca
|
133
|
+
- name: mbus_bootstrap_ssl
|
134
|
+
type: certificate
|
135
|
+
options:
|
136
|
+
ca: default_ca
|
137
|
+
common_name: ((internal_ip))
|
138
|
+
alternative_names: [((internal_ip))]
|
139
|
+
- name: director_ssl
|
140
|
+
type: certificate
|
141
|
+
options:
|
142
|
+
ca: default_ca
|
143
|
+
common_name: ((internal_ip))
|
144
|
+
alternative_names: [((internal_ip))]
|
@@ -0,0 +1,51 @@
|
|
1
|
+
azs:
|
2
|
+
- name: z1
|
3
|
+
cloud_properties:
|
4
|
+
zone: ((zone))
|
5
|
+
- name: z2
|
6
|
+
cloud_properties:
|
7
|
+
zone: ((zone))
|
8
|
+
- name: z3
|
9
|
+
cloud_properties:
|
10
|
+
zone: ((zone))
|
11
|
+
|
12
|
+
vm_types:
|
13
|
+
- name: default
|
14
|
+
cloud_properties:
|
15
|
+
machine_type: n1-standard-2
|
16
|
+
root_disk_size_gb: 20
|
17
|
+
root_disk_type: pd-ssd
|
18
|
+
- name: large
|
19
|
+
cloud_properties:
|
20
|
+
machine_type: n1-standard-2
|
21
|
+
root_disk_size_gb: 50
|
22
|
+
root_disk_type: pd-ssd
|
23
|
+
|
24
|
+
disk_types:
|
25
|
+
- name: default
|
26
|
+
disk_size: 3000
|
27
|
+
- name: large
|
28
|
+
disk_size: 50_000
|
29
|
+
|
30
|
+
networks:
|
31
|
+
- name: default
|
32
|
+
type: manual
|
33
|
+
subnets:
|
34
|
+
- range: ((internal_cidr))
|
35
|
+
gateway: ((internal_gw))
|
36
|
+
azs: [z1, z2, z3]
|
37
|
+
dns: [8.8.8.8]
|
38
|
+
cloud_properties:
|
39
|
+
network_name: ((network))
|
40
|
+
subnetwork_name: ((subnetwork))
|
41
|
+
ephemeral_external_ip: true
|
42
|
+
tags: ((tags))
|
43
|
+
- name: vip
|
44
|
+
type: vip
|
45
|
+
|
46
|
+
compilation:
|
47
|
+
workers: 5
|
48
|
+
reuse_compilation_vms: true
|
49
|
+
az: z1
|
50
|
+
vm_type: default
|
51
|
+
network: default
|
@@ -0,0 +1,69 @@
|
|
1
|
+
---
|
2
|
+
- type: replace
|
3
|
+
path: /releases/-
|
4
|
+
value:
|
5
|
+
name: bosh-google-cpi
|
6
|
+
version: 25.10.0
|
7
|
+
url: https://bosh.io/d/github.com/cloudfoundry-incubator/bosh-google-cpi-release?v=25.10.0
|
8
|
+
sha1: 3a551822bff0fd040d73fd385ab34fbc17b476f5
|
9
|
+
|
10
|
+
- type: replace
|
11
|
+
path: /resource_pools/name=vms/stemcell?
|
12
|
+
value:
|
13
|
+
url: https://bosh.io/d/stemcells/bosh-google-kvm-ubuntu-trusty-go_agent?v=3445.7
|
14
|
+
sha1: 4bc264aab6717c81fb3a37783e796982fe9956ca
|
15
|
+
|
16
|
+
# Configure sizes
|
17
|
+
- type: replace
|
18
|
+
path: /resource_pools/name=vms/cloud_properties?
|
19
|
+
value:
|
20
|
+
zone: ((zone))
|
21
|
+
machine_type: n1-standard-1
|
22
|
+
root_disk_size_gb: 40
|
23
|
+
root_disk_type: pd-standard
|
24
|
+
|
25
|
+
- type: replace
|
26
|
+
path: /disk_pools/name=disks/cloud_properties?
|
27
|
+
value: {type: pd-standard}
|
28
|
+
|
29
|
+
- type: replace
|
30
|
+
path: /networks/name=default/subnets/0/cloud_properties?
|
31
|
+
value:
|
32
|
+
network_name: ((network))
|
33
|
+
subnetwork_name: ((subnetwork))
|
34
|
+
ephemeral_external_ip: false
|
35
|
+
tags: ((tags))
|
36
|
+
|
37
|
+
# Add CPI job
|
38
|
+
- type: replace
|
39
|
+
path: /instance_groups/name=bosh/jobs/-
|
40
|
+
value: &cpi_job
|
41
|
+
name: google_cpi
|
42
|
+
release: bosh-google-cpi
|
43
|
+
|
44
|
+
- type: replace
|
45
|
+
path: /instance_groups/name=bosh/properties/director/cpi_job?
|
46
|
+
value: google_cpi
|
47
|
+
|
48
|
+
- type: replace
|
49
|
+
path: /cloud_provider/template?
|
50
|
+
value: *cpi_job
|
51
|
+
|
52
|
+
- type: replace
|
53
|
+
path: /instance_groups/name=bosh/properties/google?
|
54
|
+
value: &cpi_conf
|
55
|
+
project: ((project_id))
|
56
|
+
json_key: ((gcp_credentials_json))
|
57
|
+
|
58
|
+
- type: replace
|
59
|
+
path: /cloud_provider/properties/google?
|
60
|
+
value: *cpi_conf
|
61
|
+
|
62
|
+
# Use GCP NTP
|
63
|
+
- type: replace
|
64
|
+
path: /instance_groups/name=bosh/properties/ntp
|
65
|
+
value: &ntp [169.254.169.254]
|
66
|
+
|
67
|
+
- type: replace
|
68
|
+
path: /cloud_provider/properties/ntp
|
69
|
+
value: *ntp
|
@@ -0,0 +1,27 @@
|
|
1
|
+
- type: replace
|
2
|
+
path: /releases/name=os-conf?
|
3
|
+
value:
|
4
|
+
name: os-conf
|
5
|
+
version: 12
|
6
|
+
url: https://bosh.io/d/github.com/cloudfoundry/os-conf-release?v=12
|
7
|
+
sha1: af5a2c9f228b9d7ec4bd051d71fef0e712fa1549
|
8
|
+
|
9
|
+
- type: replace
|
10
|
+
path: /instance_groups/name=bosh/properties/director/default_ssh_options?/gateway_user
|
11
|
+
value: jumpbox
|
12
|
+
|
13
|
+
- type: replace
|
14
|
+
path: /instance_groups/name=bosh/jobs/-
|
15
|
+
value:
|
16
|
+
name: user_add
|
17
|
+
release: os-conf
|
18
|
+
properties:
|
19
|
+
users:
|
20
|
+
- name: jumpbox
|
21
|
+
public_key: ((jumpbox_ssh.public_key))
|
22
|
+
|
23
|
+
- type: replace
|
24
|
+
path: /variables/-
|
25
|
+
value:
|
26
|
+
name: jumpbox_ssh
|
27
|
+
type: ssh
|
data/tpl/gcp/terraform/main.tf
CHANGED
@@ -39,10 +39,6 @@ resource "google_compute_instance" "bastion" {
|
|
39
39
|
}
|
40
40
|
}
|
41
41
|
|
42
|
-
metadata {
|
43
|
-
sshKeys = "kite:${file(var.public_key)}"
|
44
|
-
}
|
45
|
-
|
46
42
|
network_interface {
|
47
43
|
subnetwork = "${google_compute_subnetwork.platform_net.name}"
|
48
44
|
access_config {
|
@@ -50,6 +46,18 @@ resource "google_compute_instance" "bastion" {
|
|
50
46
|
}
|
51
47
|
}
|
52
48
|
|
49
|
+
can_ip_forward = true
|
50
|
+
|
51
|
+
metadata {
|
52
|
+
sshKeys = "kite:${file(var.public_key)}"
|
53
|
+
}
|
54
|
+
|
55
|
+
metadata_startup_script = <<EOT
|
56
|
+
#!/bin/bash
|
57
|
+
sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
|
58
|
+
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
59
|
+
EOT
|
60
|
+
|
53
61
|
service_account {
|
54
62
|
scopes = ["userinfo-email", "compute-ro", "storage-ro"]
|
55
63
|
}
|
@@ -9,6 +9,17 @@ resource "google_compute_subnetwork" "platform_net" {
|
|
9
9
|
network = "${google_compute_network.platform.self_link}"
|
10
10
|
}
|
11
11
|
|
12
|
+
resource "google_compute_route" "platform-gate" {
|
13
|
+
name = "platform-gate"
|
14
|
+
dest_range = "0.0.0.0/0"
|
15
|
+
network = "${google_compute_network.platform.name}"
|
16
|
+
next_hop_instance = "${google_compute_instance.bastion.name}"
|
17
|
+
next_hop_instance_zone = "${var.zone}"
|
18
|
+
priority = 800
|
19
|
+
tags = ["no-ip"]
|
20
|
+
project = "${var.project}"
|
21
|
+
}
|
22
|
+
|
12
23
|
# Allow open access between internal VM
|
13
24
|
resource "google_compute_firewall" "platform_internal" {
|
14
25
|
name = "platform-internal"
|
data/tpl/skel/README.md.tt
CHANGED
data/tpl/skel/config/cloud.yml
CHANGED
@@ -16,7 +16,7 @@ aws:
|
|
16
16
|
ops_subnet_name: "ops_services"
|
17
17
|
|
18
18
|
gcp:
|
19
|
-
|
19
|
+
project: gcp-project
|
20
20
|
region: europe-west1
|
21
21
|
zone: europe-west1-b
|
22
22
|
service_account: "~/safe/terraform.json"
|
@@ -26,6 +26,7 @@ gcp:
|
|
26
26
|
internal_gw: "10.0.0.1"
|
27
27
|
|
28
28
|
bosh:
|
29
|
+
name: "bosh-director"
|
29
30
|
static_ip: "10.0.0.10"
|
30
31
|
|
31
32
|
concourse:
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: kite
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Louis Bellet
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-09-
|
11
|
+
date: 2017-09-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
@@ -90,19 +90,31 @@ files:
|
|
90
90
|
- lib/kite/base.rb
|
91
91
|
- lib/kite/cloud.rb
|
92
92
|
- lib/kite/core.rb
|
93
|
+
- lib/kite/error.rb
|
93
94
|
- lib/kite/helpers.rb
|
94
95
|
- lib/kite/version.rb
|
95
96
|
- tpl/aws/README.md
|
96
|
-
- tpl/aws/
|
97
|
-
- tpl/aws/bosh/bosh_director.yml.erb
|
97
|
+
- tpl/aws/bosh-install.sh.erb
|
98
98
|
- tpl/aws/concourse/aws_cloud.yml.erb
|
99
99
|
- tpl/aws/concourse/concourse.yml.erb
|
100
|
+
- tpl/aws/deployments/bosh/bosh_director.yml
|
101
|
+
- tpl/aws/deployments/bosh/bosh_vars.yml.erb
|
102
|
+
- tpl/aws/deployments/bosh/cpi.yml
|
103
|
+
- tpl/aws/deployments/bosh/jumpbox-user.yml
|
104
|
+
- tpl/aws/setup-tunnel.sh.erb
|
100
105
|
- tpl/aws/terraform/main.tf
|
101
106
|
- tpl/aws/terraform/network.tf
|
102
107
|
- tpl/aws/terraform/outputs.tf
|
103
108
|
- tpl/aws/terraform/terraform.tfvars.erb
|
104
109
|
- tpl/aws/terraform/variables.tf
|
110
|
+
- tpl/gcp/README.md
|
105
111
|
- tpl/gcp/bosh-install.sh.erb
|
112
|
+
- tpl/gcp/bosh-vars.yml.erb
|
113
|
+
- tpl/gcp/deployments/bosh/bosh.yml
|
114
|
+
- tpl/gcp/deployments/bosh/cloud-config.yml
|
115
|
+
- tpl/gcp/deployments/bosh/cpi.yml
|
116
|
+
- tpl/gcp/deployments/bosh/jumpbox-user.yml
|
117
|
+
- tpl/gcp/setup-tunnel.sh.erb
|
106
118
|
- tpl/gcp/terraform/main.tf
|
107
119
|
- tpl/gcp/terraform/network.tf
|
108
120
|
- tpl/gcp/terraform/outputs.tf
|
data/tpl/aws/bootstrap.sh
DELETED
@@ -1,21 +0,0 @@
|
|
1
|
-
#!/usr/bin/env bash
|
2
|
-
|
3
|
-
|
4
|
-
pushd terraform && terraform apply && popd
|
5
|
-
|
6
|
-
kite render-manifest --manifest=bosh
|
7
|
-
bosh-init deploy bosh_director.yml
|
8
|
-
|
9
|
-
pushd terraform && BOSH_DIRECTOR_IP=$(terraform output eip) && popd
|
10
|
-
bosh target $BOSH_DIRECTOR_IP
|
11
|
-
|
12
|
-
kite render-manifest --manifest=concourse
|
13
|
-
bosh update cloud-config aws_cloud.yml
|
14
|
-
|
15
|
-
bosh upload stemcell https://bosh.io/d/stemcells/bosh-aws-xen-hvm-ubuntu-trusty-go_agent
|
16
|
-
bosh upload release https://bosh.io/d/github.com/concourse/concourse
|
17
|
-
bosh upload release https://bosh.io/d/github.com/cloudfoundry-incubator/garden-runc-release
|
18
|
-
|
19
|
-
bosh deployment concourse.yml
|
20
|
-
|
21
|
-
bosh deploy
|
@@ -1,133 +0,0 @@
|
|
1
|
-
---
|
2
|
-
name: bosh
|
3
|
-
|
4
|
-
releases:
|
5
|
-
- name: bosh
|
6
|
-
url: https://bosh.io/d/github.com/cloudfoundry/bosh?v=256.2
|
7
|
-
sha1: ff2f4e16e02f66b31c595196052a809100cfd5a8
|
8
|
-
- name: bosh-aws-cpi
|
9
|
-
url: https://bosh.io/d/github.com/cloudfoundry-incubator/bosh-aws-cpi-release?v=52
|
10
|
-
sha1: dc4a0cca3b33dce291e4fbeb9e9948b6a7be3324
|
11
|
-
|
12
|
-
resource_pools:
|
13
|
-
- name: vms
|
14
|
-
network: private
|
15
|
-
stemcell:
|
16
|
-
url: https://bosh.io/d/stemcells/bosh-aws-xen-hvm-ubuntu-trusty-go_agent?v=3232.3
|
17
|
-
sha1: 1fe87c0146ad1f3b55eeed5a80ce35c01b4eb6d9
|
18
|
-
cloud_properties:
|
19
|
-
instance_type: m3.large
|
20
|
-
ephemeral_disk: {size: 25_000, type: gp2}
|
21
|
-
availability_zone: <%= @values['aws']['az'] %>
|
22
|
-
|
23
|
-
disk_pools:
|
24
|
-
- name: disks
|
25
|
-
disk_size: 20_000
|
26
|
-
cloud_properties: {type: gp2}
|
27
|
-
|
28
|
-
networks:
|
29
|
-
- name: private
|
30
|
-
type: manual
|
31
|
-
subnets:
|
32
|
-
- range: 10.0.0.0/24
|
33
|
-
gateway: 10.0.0.1
|
34
|
-
dns: [10.0.0.2]
|
35
|
-
cloud_properties: {subnet: <%= @tf_output['default_subnet_id'] %>}
|
36
|
-
|
37
|
-
jobs:
|
38
|
-
- name: bosh
|
39
|
-
instances: 1
|
40
|
-
|
41
|
-
templates:
|
42
|
-
- {name: nats, release: bosh}
|
43
|
-
- {name: postgres, release: bosh}
|
44
|
-
- {name: blobstore, release: bosh}
|
45
|
-
- {name: director, release: bosh}
|
46
|
-
- {name: health_monitor, release: bosh}
|
47
|
-
- {name: registry, release: bosh}
|
48
|
-
- {name: aws_cpi, release: bosh-aws-cpi}
|
49
|
-
|
50
|
-
resource_pool: vms
|
51
|
-
persistent_disk_pool: disks
|
52
|
-
|
53
|
-
networks:
|
54
|
-
- name: private
|
55
|
-
static_ips: [10.0.0.6]
|
56
|
-
default: [dns, gateway]
|
57
|
-
- name: public
|
58
|
-
static_ips: [<%= @tf_output['eip'] %>]
|
59
|
-
|
60
|
-
properties:
|
61
|
-
nats:
|
62
|
-
address: 127.0.0.1
|
63
|
-
user: nats
|
64
|
-
password: <%= @values['bosh']['password'] %>
|
65
|
-
|
66
|
-
postgres: &db
|
67
|
-
listen_address: 127.0.0.1
|
68
|
-
host: 127.0.0.1
|
69
|
-
user: postgres
|
70
|
-
password: <%= @values['bosh']['password'] %>
|
71
|
-
database: bosh
|
72
|
-
adapter: postgres
|
73
|
-
|
74
|
-
registry:
|
75
|
-
address: 10.0.0.6
|
76
|
-
host: 10.0.0.6
|
77
|
-
db: *db
|
78
|
-
http: {user: admin, password: <%= @values['bosh']['password'] %>, port: 25777}
|
79
|
-
username: admin
|
80
|
-
password: <%= @values['bosh']['password'] %>
|
81
|
-
port: 25777
|
82
|
-
|
83
|
-
blobstore:
|
84
|
-
address: 10.0.0.6
|
85
|
-
port: 25250
|
86
|
-
provider: dav
|
87
|
-
director: {user: director, password: <%= @values['bosh']['password'] %>}
|
88
|
-
agent: {user: agent, password: <%= @values['bosh']['password'] %>}
|
89
|
-
|
90
|
-
director:
|
91
|
-
address: 127.0.0.1
|
92
|
-
name: eb-bosh
|
93
|
-
db: *db
|
94
|
-
cpi_job: aws_cpi
|
95
|
-
max_threads: 10
|
96
|
-
user_management:
|
97
|
-
provider: local
|
98
|
-
local:
|
99
|
-
users:
|
100
|
-
- {name: admin, password: <%= @values['bosh']['password'] %>}
|
101
|
-
- {name: hm, password: <%= @values['bosh']['password'] %>}
|
102
|
-
|
103
|
-
hm:
|
104
|
-
director_account: {user: hm, password: <%= @values['bosh']['password'] %>}
|
105
|
-
resurrector_enabled: true
|
106
|
-
|
107
|
-
aws: &aws
|
108
|
-
access_key_id: <%= @values['aws']['access_key'] %>
|
109
|
-
secret_access_key: <%= @values['aws']['secret_key'] %>
|
110
|
-
default_key_name: <%= @values['bosh']['keypair_name'] %>
|
111
|
-
default_security_groups: [<%= @tf_output['security_group_id'] %>]
|
112
|
-
region: <%= @values['aws']['region'] %>
|
113
|
-
|
114
|
-
agent: {mbus: "nats://nats:<%= @values['bosh']['password'] %>@10.0.0.6:4222"}
|
115
|
-
|
116
|
-
ntp: &ntp [0.pool.ntp.org, 1.pool.ntp.org]
|
117
|
-
|
118
|
-
cloud_provider:
|
119
|
-
template: {name: aws_cpi, release: bosh-aws-cpi}
|
120
|
-
|
121
|
-
ssh_tunnel:
|
122
|
-
host: <%= @tf_output['eip'] %> # <--- Replace with your Elastic IP address
|
123
|
-
port: 22
|
124
|
-
user: vcap
|
125
|
-
private_key: <%= @values['bosh']['private_key_path'] %> # Path relative to this manifest file
|
126
|
-
|
127
|
-
mbus: "https://mbus:<%= @values['bosh']['password'] %>@<%= @tf_output['eip'] %>:6868" # <--- Replace with Elastic IP
|
128
|
-
|
129
|
-
properties:
|
130
|
-
aws: *aws
|
131
|
-
agent: {mbus: "https://mbus:<%= @values['bosh']['password'] %>@0.0.0.0:6868"}
|
132
|
-
blobstore: {provider: local, path: /var/vcap/micro_bosh/data/cache}
|
133
|
-
ntp: *ntp
|