使用bosh部署应用是需要两部分,一个是创建虚拟机使用的模板stemcell,另外一个是应该的Release。所以,部署CloudFoundry之前需要上传stencil和release
4.1使用spiff 生成 CF 配置文件
1 安装 spiff
官方原文 http://docs.cloudfoundry.org/deploying/cf-manifest-spiff.html
安装 curl
sudo yum install curl
安装 brew
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
安装 xoebus
brew tap xoebus/homebrew-cloudfoundry
安装 spiff
brew install spiff
因为go godep 等 源码都是在google 上的 所以需要修改/etc/hosts 文件
加入
- 216.239.90.113 storage.googleapis.com
- 216.239.90.113 go.googlesource.com
- 216.239.90.113 code.google.com
设置环境变量 gopath
- $ export GOPATH=/usr/local/go
- $ export PATH=$PATH:$GOPATH/bin
克隆cloudfoundry
- git clone git@github.com:cloudfoundry/cf-release
- cd cf-release
- ./update
根据实际条件修改配置文件
(原文参考:http://docs.cloudfoundry.org/deploying/cf-stub-openstack.html)
修改cf-release/spec/fixtures/openstack/cf-stub.yml 文件
- # The following line helps maintain current documentation at http://docs.cloudfoundry.org.
- # code_snippet cf-stub-openstack start
- ---
- director_uuid: 90c73a6e-4fd1-41bb-9282-299eb49af9fc
- meta:
- openstack:
- net_id: 9e5a6fd5-fa2e-48da-94ce-f85337bc2451
- auth_url: http://172.24.10.128:5000/v2.0
- tenant: demo
- username: demo
- api_key: openstack
- security_groups: [bosh]
- floating_static_ips:
- - 172.24.10.133
- networks:
- - name: cf1
- subnets:
- - cloud_properties:
- static:
- - 10.0.5.20 - 10.0.5.50
- properties:
- cc:
- droplets:
- droplet_directory_key: cloudfoundry-droplets
- buildpacks:
- buildpack_directory_key: cloudfoundry-buildpacks
- staging_upload_user: update
- staging_upload_password: openstack
- bulk_api_password: openstack
- db_encryption_key: openstack
- ccdb:
- roles:
- - name: ccadmin
- password: openstack
- tag: admin
- databases:
- roles:
- - name: ccadmin
- password: openstack
- - name: uaaadmin
- password: openstack
- dea_next:
- disk_mb: 2048
- memory_mb: 1024
- domain: example.com
- loggregator_endpoint:
- shared_secret: openstack
- nats:
- user: nats
- password: openstack
- router:
- enable_ssl: true
- ssl_cert: |
- -----BEGIN CERTIFICATE-----
- MIIDBjCCAe4CCQCz3nn1SWrDdTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB
- VTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0
- cyBQdHkgTHRkMB4XDTE1MDMwMzE4NTMyNloXDTE2MDMwMjE4NTMyNlowRTELMAkG
- A1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0
- IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
- AKtTK9xq/ycRO3fWbk1abunYf9CY6sl0Wlqm9UPMkI4j0itY2OyGyn1YuCCiEdM3
- b8guGSWB0XSL5PBq33e7ioiaH98UEe+Ai+TBxnJsro5WQ/TMywzRDhZ4E7gxDBav
- 88ZY+y7ts0HznfxqEIn0Gu/UK+s6ajYcIy7d9L988+hA3K1FSdes8MavXhrI4xA1
- fY21gESfFkD4SsqvrkISC012pa7oVw1f94slIVcAG+l9MMAkatBGxgWAQO6kxk5o
- oH1Z5q2m0afeQBfFqzu5lCITLfgTWCUZUmbF6UpRhmD850/LqNtryAPrLLqXxdig
- OHiWqvFpCusOu/4z1uGC5xECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAV5RAFVQy
- 8Krs5c9ebYRseXO6czL9/Rfrt/weiC1XLcDkE2i2yYsBXazMYr58o4hACJwe2hoC
- bihBZ9XnVpASEYHDLwDj3zxFP/bTuKs7tLhP7wz0lo8i6k5VSPAGBq2kjc/cO9a3
- TMmLPks/Xm42MCSWGDnCEX1854B3+JK3CNEGqSY7FYXU4W9pZtHPZ3gBoy0ymSpg
- mpleiY1Tbn5I2X7vviMW7jeviB5ivkZaXtObjyM3vtPLB+ILpa15ZhDSE5o71sjA
- jXqrE1n5o/GXHX+1M8v3aJc30Az7QAqWohW/tw5SoiSmVQZWd7gFht9vSzaH2WgO
- LwcpBC7+cUJEww==
- -----END CERTIFICATE-----
- ssl_key: |
- -----BEGIN RSA PRIVATE KEY-----
- MIIEpAIBAAKCAQEAq1Mr3Gr/JxE7d9ZuTVpu6dh/0JjqyXRaWqb1Q8yQjiPSK1jY
- 7IbKfVi4IKIR0zdvyC4ZJYHRdIvk8Grfd7uKiJof3xQR74CL5MHGcmyujlZD9MzL
- DNEOFngTuDEMFq/zxlj7Lu2zQfOd/GoQifQa79Qr6zpqNhwjLt30v3zz6EDcrUVJ
- 16zwxq9eGsjjEDV9jbWARJ8WQPhKyq+uQhILTXalruhXDV/3iyUhVwAb6X0wwCRq
- 0EbGBYBA7qTGTmigfVnmrabRp95AF8WrO7mUIhMt+BNYJRlSZsXpSlGGYPznT8uo
- 22vIA+ssupfF2KA4eJaq8WkK6w67/jPW4YLnEQIDAQABAoIBAQCDVqpcOoZKK9K8
- Bt3eXQKEMJ2ji2cKczFFJ5MEm9EBtoJLCryZbqfSue3Fzpj9pBUEkBpk/4VT5F7o
- 0/Vmc5Y7LHRcbqVlRtV30/lPBPQ4V/eWtly/AZDcNsdfP/J1fgPSvaoqCr2ORLWL
- qL/vEfyIeM4GcWy0+JMcPbmABslw9O6Ptc5RGiP98vCLHQh/++sOtj6PH1pt+2X/
- Uecv3b1Hk/3Oe+M8ySorJD3KA94QTRnKX+zubkxRg/zCAki+as8rQc/d+BfVG698
- ylUT5LVLNuwbWnffY2Zt5x5CDqH01mJnHmxzQEfn68rb3bGFaYPEn9EP+maQijv6
- SsUM9A3lAoGBAODRDRn4gEIxjPICp6aawRrMDlRc+k6IWDF7wudjxJlaxFr2t7FF
- rFYm+jrcG6qMTyq+teR8uHpcKm9X8ax0L6N6gw5rVzIeIOGma/ZuYIYXX2XJx5SW
- SOas1xW6qEIbOMv+Xu9w2SWbhTgyRmtlxxjr2e7gQLz9z/vuTReJpInnAoGBAMMW
- sq5lqUfAQzqxlhTobQ7tnB48rUQvkGPE92SlDj2TUt9phek2/TgRJT6mdcozvimt
- JPhxKg3ioxG8NPmN0EytjpSiKqlxS1R2po0fb75vputfpw16Z8/2Vik+xYqNMTLo
- SpeVkHu7fbtNYEK2qcU44OyOZ/V+5Oo9TuBIFRhHAoGACkqHhwDRHjaWdR2Z/w5m
- eIuOvF3lN2MWZm175ouynDKDeoaAsiS2VttB6R/aRFxX42UHfoYXC8LcTmyAK5zF
- 8X3SMf7H5wtqBepQVt+Gm5zGSSqLcEnQ3H5c+impOh105CGoxt0rk4Ui/AeRIalv
- C70AJOcvD3eu5aFq9gDe/1ECgYBAhkVbASzYGnMh+pKVH7rScSxto8v6/XBYT1Ez
- 7JOlMhD667/qvtFJtgIHkq7qzepbhnTv5x3tscQVnZY34/u9ILpD1s8dc+dibEvx
- 6S/gYLVorB5ois/DLMqaobRcew6Gs+XX9RPwmLahOJpZ9mh4XrOmCgPAYtP71YM9
- ExpHCQKBgQCMMDDWGMRdFMJgXbx1uMere7OoniBdZaOexjbglRh1rMVSXqzBoU8+
- yhEuHGAsHGWQdSBHnqRe9O0Bj/Vlw2VVEaJeL1ewRHb+jXSnuKclZOJgMsJAvgGm
- SOWIahDrATA4g1T6yLBWQPhj3ZXD3eCMxT1Q3DvpG1DjgvXwmXQJAA==
- -----END RSA PRIVATE KEY-----
- cipher_suites: TLS_RSA_WITH_RC4_128_SHA:TLS_RSA_WITH_AES_128_CBC_SHA
- status:
- user: router_user
- password: openstack
- secure_cookies: true
- uaa:
- admin:
- client_secret: openstack
- batch:
- username: batch
- password: openstack
- cc:
- client_secret: openstack
- clients:
- app-direct:
- secret: openstack
- developer_console:
- secret: openstack
- notifications:
- secret: openstack
- login:
- secret: openstack
- doppler:
- secret: openstack
- cloud_controller_username_lookup:
- secret: cloud_controller_username_lookup_secret
- gorouter:
- secret: openstack
- jwt:
- verification_key:
- -----BEGIN PUBLIC KEY-----
- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6WKxiVxx5+rqoMvj4vk
- X5FpipdWaVLpcPhmN8O5ut2bqcU8KV6pMV7/n+zowITVFHCbS/6J6Uk875NclTC1
- UI86Pxn3c+14KYL6KLe/Gi8McRyqvO5BpkQr3BTtBe9Z0EMgoeq5fAol2Lc/8SNz
- /uLdSkMc5CmtpEgZ7isnsc8ExSDCchRmrCmKaxIPxNUZvCYgqqXXduHBln1/MBJV
- YjsEXZZSbhLWzVaFOdAKkU9DlWxqI6sRWFSl6qZ3JCuMh3MQqLnFFXPAX8C9hxFV
- oC2i7Fe6AIFyECJijgfieqi0PiBdMZ29Kj36gssktVhE+5TAcGCdFqdfzXOBC2ih
- /wIDAQAB
- -----END PUBLIC KEY-----
- signing_key:
- -----BEGIN RSA PRIVATE KEY-----
- MIIEpAIBAAKCAQEAw6WKxiVxx5+rqoMvj4vkX5FpipdWaVLpcPhmN8O5ut2bqcU8
- KV6pMV7/n+zowITVFHCbS/6J6Uk875NclTC1UI86Pxn3c+14KYL6KLe/Gi8McRyq
- vO5BpkQr3BTtBe9Z0EMgoeq5fAol2Lc/8SNz/uLdSkMc5CmtpEgZ7isnsc8ExSDC
- chRmrCmKaxIPxNUZvCYgqqXXduHBln1/MBJVYjsEXZZSbhLWzVaFOdAKkU9DlWxq
- I6sRWFSl6qZ3JCuMh3MQqLnFFXPAX8C9hxFVoC2i7Fe6AIFyECJijgfieqi0PiBd
- MZ29Kj36gssktVhE+5TAcGCdFqdfzXOBC2ih/wIDAQABAoIBAFHF3zrya5wEILwk
- GLzmu402OeazWmqrPOb6675jED4KYgWTapHf/tej3TP60U2mN2lTp5UbzoizE8UO
- 0qOIuD/znWTCdar+ljrDg8uBAV7wS0L7uGE/NDFKTQqvtGHGqMNjS0Bh2yT9GNR7
- wz4Gk3T1XYishGbZBLqlaDEj2HN4V1Yy1Qp4KohqLsJN4B5+c2Q0HrTejOHeSsou
- B7nJndfZm2ljKdoql++4UZPjWGLGSdtLhzLvYkzbql0GYBYVTOmn/A7AZLz2w769
- RmDt28nqOIXIAqDL6qt/frtDfCknbsk7lSEFDlrRfjjPIuah/1UCo80Kjd3Iv+rb
- 4NZxiAECgYEA+X1WCCWIWP4hlSjRtISpjOaStz8d5eDLeSTI14cPYM7cMiyROrEo
- SCJm10AYIs5TsBlb5AfQlBV2YrcmdxeG4ARlVOnpki3ZAyQlQi5LQenQh9abqKtY
- b2Z0udDmPgwgtPYexdh1FQTzeXptYDED/sHynj6pN4GBIlZTjZXiCwsCgYEAyMCE
- 8MEPJZmAQ8vaWjzkzbToUbW5knrEhRNEoxnlbRXXwzXReUIbu+E22FQjwNNxlsJx
- smKFWzPvF5seiChBp7yT9dnDKCm9bJVRRAlVD5oyBIFkqXmCn3QM9ySWW6QHxgEH
- 4wsoNs0RcpTNW/CLi7E9tvtzjnoFqdfDIaSbPV0CgYBhv56OcI4cN+1WcHjBHl0D
- rG79RshjAZEW9LeP4gW/ayzQp6967GAY6wmZ+i26rVYSn8zl6b3p1wLcKF/0tw4M
- BQzimQb/U+E7ntTOOi8YMxCVuBqimgd7FgxTpSogU0YZQHjMEUPGKXtvM+1Yi7vB
- +6EgKPLJoX7DwkjYJ0o6AwKBgQC842gyn3SBDE2DfOuWvHUMmIt/Vl2lVZ5TGC4c
- yOD2IvdA1gKi9XDi9qWEJqb9Z/YYxBv2nHyds9/jdjDkK/yatvUA/kSCJcP1xwkP
- 2zgN1if51UXBsHMXVTpd0C8pSs2FoLKrDnRoG8uu5BPVzh9+8OYApde011s806bm
- oNrwgQKBgQCW/CUPXOrfyIwdFIEqSPB79GuV9e27cm8iB8Fu+Rcc3xlQc+3Ak97X
- bLi2C1to/pMX+q8ksudd1jOMoyhufle8wJaxC0jLgVx4DGUorvA0uiVtEAULreXz
- beE4LXyvVu+tYIl4ATlIyEQSAnNIR6oCX5KvQJu+jHA4i9z+Vg0mpA==
- -----END RSA PRIVATE KEY-----
- scim:
- users:
- - admin|openstack|scim.write,scim.read,openid,cloud_controller.admin,doppler.firehose
- uaadb:
- roles:
- - name: uaaadmin
- password: openstack
- tag: admin
- # code_snippet cf-stub-openstack end
- # The previous line helps maintain current documentation at http://docs.cloudfoundry.org.
将cf-stub 复制到cf-release 文件夹下运行
- 1./generate_deployment_manifest openstack cf-stub.yml > cf-deployment.yml
可能会遇到out of memory 错误,如果遇到这个错误,请参看我在stackoverflow 中提交的问题
http://stackoverflow.com/questions/29742497/out-of-memory-when-generate-cloudfoundry-deploy-manifest-file-cf-deployment-yml/29791331#29791331
还可能遇到下面的问题
- 62015/04/22 15:50:22 error generating manifest: unresolved nodes:
- (( lamb_meta.loggregator_templates )) in dynaml jobs.[23].templates
- (( lamb_meta.loggregator_templates )) in dynaml jobs.[24].templates
- (( lamb_meta.loggregator_trafficcontroller_templates )) in dynaml jobs.[25].templates
- (( lamb_meta.loggregator_trafficcontroller_templates )) in dynaml jobs.[26].templates
- (( merge )) in ./templates/cf-jobs.yml lamb_meta
这个问题是因为spiff 不能解析相对路径引用的文件
打开templates/cf-lamb.yml 可以看到如下内容
./src/loggregator/manifest-templates/cf-lamb.yml
这个文件引用就是问题的原因
将 ./src/loggregator/manifest-templates/cf-lamb.yml 中的内容拷贝到 templates/cf-lamb.yml 即可。
这个文件需要到https://github.com/cloudfoundry/loggregator/blob/develop/manifest-templates/cf-lamb.yml 去找。
(原文参考https://github.com/cloudfoundry-incubator/diego-release/issues/29)
4.1.2 使用bosh上传Stemcell
- # bosh upload stemcell ~/stemcell/bosh-stemcell-2652-openstack-kvm-ubuntu-lucid-go_agent.tgz
- # bosh stemcells
- +------------------------------------------+---------+--------------------------------------+
- | Name | Version | CID |
- +------------------------------------------+---------+--------------------------------------+
- | bosh-openstack-kvm-ubuntu-lucid-go_agent | 2652* | 5a6ddcc0-29e6-4b65-a769-8dd8a99eb5df |
- +------------------------------------------+---------+--------------------------------------+
- (*) Currently in-use
- Stemcells total: 1
#p#
4.2 使用bosh上传CloudFoundry
- # cd ~/bosh-workspace/releases/cf-release
- # bosh upload release releases/cf-170.yml
- # bosh releases+------+----------+-------------+
- | Name | Versions | Commit Hash |
- +------+----------+-------------+
- | cf | 170* | 0c0c72c3+ |
- +------+----------+-------------+
- (*) Currently deployed
- (+) Uncommitted changes
- Releases total: 1
#p#
4.3 创建部署描述文件
- <%
- director_uuid = "REPLACE-DIRECTOR_UUID"
- static_ip = "REPLACE-IP-ADDRESS"
- root_domain = "#{static_ip}.xip.io"
- deployment_name = 'cf'
- cf_release = '170'
- protocol = 'http'
- common_password = 'mysecretpassword'
- %>
- ---
- name: <%= deployment_name %>
- director_uuid: <%= director_uuid %>
- releases:
- - name: cf
- version: <%= cf_release %>
- compilation:
- workers: 3
- network: default
- reuse_compilation_vms: true
- cloud_properties:
- instance_type: m1.large
- update:
- canaries: 0
- canary_watch_time: 30000-600000
- update_watch_time: 30000-600000
- max_in_flight: 32
- serial: false
- networks:
- - name: default
- type: dynamic
- cloud_properties:
- security_groups:
- - default
- - bosh
- - cf-private
- - name: external
- type: dynamic
- cloud_properties:
- security_groups:
- - default
- - bosh
- - cf-public
- - name: floating
- type: vip
- cloud_properties: {}
- resource_pools:
- - name: common
- network: default
- size: 14
- stemcell:
- name: bosh-openstack-kvm-ubuntu-lucid
- version: latest
- cloud_properties:
- instance_type: m1.small
- - name: large
- network: default
- size: 3
- stemcell:
- name: bosh-openstack-kvm-ubuntu-lucid
- version: latest
- cloud_properties:
- instance_type: m1.medium
- jobs:
- - name: nats
- templates:
- - name: nats
- - name: nats_stream_forwarder
- instances: 1
- resource_pool: common
- networks:
- - name: default
- default: [dns, gateway]
- - name: syslog_aggregator
- templates:
- - name: syslog_aggregator
- instances: 1
- resource_pool: common
- persistent_disk: 65536
- networks:
- - name: default
- default: [dns, gateway]
- - name: nfs_server
- templates:
- - name: debian_nfs_server
- instances: 1
- resource_pool: common
- persistent_disk: 65535
- networks:
- - name: default
- default: [dns, gateway]
- - name: postgres
- templates:
- - name: postgres
- instances: 1
- resource_pool: common
- persistent_disk: 65536
- networks:
- - name: default
- default: [dns, gateway]
- properties:
- db: databases
- - name: uaa
- templates:
- - name: uaa
- instances: 1
- resource_pool: common
- networks:
- - name: default
- default: [dns, gateway]
- - name: loggregator
- templates:
- - name: loggregator
- instances: 1
- resource_pool: common
- networks:
- - name: default
- default: [dns, gateway]
- - name: trafficcontroller
- templates:
- - name: loggregator_trafficcontroller
- instances: 1
- resource_pool: common
- networks:
- - name: default
- default: [dns, gateway]
- - name: cloud_controller
- templates:
- - name: cloud_controller_ng
- instances: 1
- resource_pool: common
- networks:
- - name: default
- default: [dns, gateway]
- properties:
- ccdb: ccdb
- - name: cloud_controller_worker
- templates:
- - name: cloud_controller_worker
- instances: 1
- resource_pool: common
- networks:
- - name: default
- default: [dns, gateway]
- properties:
- ccdb: ccdb
- - name: clock_global
- templates:
- - name: cloud_controller_clock
- instances: 1
- resource_pool: common
- networks:
- - name: default
- default: [dns, gateway]
- properties:
- ccdb: ccdb
- - name: etcd
- templates:
- - name: etcd
- instances: 1
- resource_pool: common
- persistent_disk: 10024
- networks:
- - name: default
- default: [dns, gateway]
- - name: health_manager
- templates:
- - name: hm9000
- instances: 1
- resource_pool: common
- networks:
- - name: default
- default: [dns, gateway]
- - name: dea
- templates:
- - name: dea_logging_agent
- - name: dea_next
- instances: 3
- resource_pool: large
- networks:
- - name: default
- default: [dns, gateway]
- - name: router
- templates:
- - name: gorouter
- instances: 1
- resource_pool: common
- networks:
- - name: default
- default: [dns, gateway]
- - name: haproxy
- templates:
- - name: haproxy
- instances: 1
- resource_pool: common
- networks:
- - name: external
- default: [dns, gateway]
- - name: floating
- static_ips:
- - <%= static_ip %>
- properties:
- networks:
- apps: external
- properties:
- domain: <%= root_domain %>
- system_domain: <%= root_domain %>
- system_domain_organization: 'admin'
- app_domains:
- - <%= root_domain %>
- haproxy: {}
- networks:
- apps: default
- nats:
- user: nats
- password: <%= common_password %>
- address: 0.nats.default.<%= deployment_name %>.microbosh
- port: 4222
- machines:
- - 0.nats.default.<%= deployment_name %>.microbosh
- syslog_aggregator:
- address: 0.syslog-aggregator.default.<%= deployment_name %>.microbosh
- port: 54321
- nfs_server:
- address: 0.nfs-server.default.<%= deployment_name %>.microbosh
- network: "*.<%= deployment_name %>.microbosh"
- idmapd_domain: "localdomain"
- debian_nfs_server:
- no_root_squash: true
- loggregator_endpoint:
- shared_secret: <%= common_password %>
- host: 0.trafficcontroller.default.<%= deployment_name %>.microbosh
- loggregator:
- servers:
- zone:
- - 0.loggregator.default.<%= deployment_name %>.microbosh
- traffic_controller:
- zone: 'zone'
- logger_endpoint:
- use_ssl: <%= protocol == 'https' %>
- port: 80
- ssl:
- skip_cert_verify: true
- router:
- endpoint_timeout: 60
- status:
- port: 8080
- user: gorouter
- password: <%= common_password %>
- servers:
- z1:
- - 0.router.default.<%= deployment_name %>.microbosh
- z2: []
- etcd:
- machines:
- - 0.etcd.default.<%= deployment_name %>.microbosh
- dea: &dea
- disk_mb: 102400
- disk_overcommit_factor: 2
- memory_mb: 15000
- memory_overcommit_factor: 3
- directory_server_protocol: <%= protocol %>
- mtu: 1460
- deny_networks:
- - 169.254.0.0/16 # Google Metadata endpoint
- dea_next: *dea
- disk_quota_enabled: false
- dea_logging_agent:
- status:
- user: admin
- password: <%= common_password %>
- databases: &databases
- db_scheme: postgres
- address: 0.postgres.default.<%= deployment_name %>.microbosh
- port: 5524
- roles:
- - tag: admin
- name: ccadmin
- password: <%= common_password %>
- - tag: admin
- name: uaaadmin
- password: <%= common_password %>
- databases:
- - tag: cc
- name: ccdb
- citext: true
- - tag: uaa
- name: uaadb
- citext: true
- ccdb: &ccdb
- db_scheme: postgres
- address: 0.postgres.default.<%= deployment_name %>.microbosh
- port: 5524
- roles:
- - tag: admin
- name: ccadmin
- password: <%= common_password %>
- databases:
- - tag: cc
- name: ccdb
- citext: true
- ccdb_ng: *ccdb
- uaadb:
- db_scheme: postgresql
- address: 0.postgres.default.<%= deployment_name %>.microbosh
- port: 5524
- roles:
- - tag: admin
- name: uaaadmin
- password: <%= common_password %>
- databases:
- - tag: uaa
- name: uaadb
- citext: true
- cc: &cc
- srv_api_uri: <%= protocol %>://api.<%= root_domain %>
- jobs:
- local:
- number_of_workers: 2
- generic:
- number_of_workers: 2
- global:
- timeout_in_seconds: 14400
- app_bits_packer:
- timeout_in_seconds: null
- app_events_cleanup:
- timeout_in_seconds: null
- app_usage_events_cleanup:
- timeout_in_seconds: null
- blobstore_delete:
- timeout_in_seconds: null
- blobstore_upload:
- timeout_in_seconds: null
- droplet_deletion:
- timeout_in_seconds: null
- droplet_upload:
- timeout_in_seconds: null
- model_deletion:
- timeout_in_seconds: null
- bulk_api_password: <%= common_password %>
- staging_upload_user: upload
- staging_upload_password: <%= common_password %>
- quota_definitions:
- default:
- memory_limit: 10240
- total_services: 100
- non_basic_services_allowed: true
- total_routes: 1000
- trial_db_allowed: true
- resource_pool:
- resource_directory_key: cloudfoundry-resources
- fog_connection:
- provider: Local
- local_root: /var/vcap/nfs/shared
- packages:
- app_package_directory_key: cloudfoundry-packages
- fog_connection:
- provider: Local
- local_root: /var/vcap/nfs/shared
- droplets:
- droplet_directory_key: cloudfoundry-droplets
- fog_connection:
- provider: Local
- local_root: /var/vcap/nfs/shared
- buildpacks:
- buildpack_directory_key: cloudfoundry-buildpacks
- fog_connection:
- provider: Local
- local_root: /var/vcap/nfs/shared
- install_buildpacks:
- - name: java_buildpack
- package: buildpack_java
- - name: ruby_buildpack
- package: buildpack_ruby
- - name: nodejs_buildpack
- package: buildpack_nodejs
- - name: go_buildpack
- package: buildpack_go
- db_encryption_key: <%= common_password %>
- hm9000_noop: false
- diego: false
- newrelic:
- license_key: null
- environment_name: <%= deployment_name %>
- ccng: *cc
- login:
- enabled: false
- uaa:
- url: <%= protocol %>://uaa.<%= root_domain %>
- no_ssl: <%= protocol == 'http' %>
- cc:
- client_secret: <%= common_password %>
- admin:
- client_secret: <%= common_password %>
- batch:
- username: batch
- password: <%= common_password %>
- clients:
- cf:
- override: true
- authorized-grant-types: password,implicit,refresh_token
- authorities: uaa.none
- scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write
- access-token-validity: 7200
- refresh-token-validity: 1209600
- admin:
- secret: <%= common_password %>
- authorized-grant-types: client_credentials
- authorities: clients.read,clients.write,clients.secret,password.write,scim.read,uaa.admin
- scim:
- users:
- - admin|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin,uaa.admin,password.write
- - services|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin
- jwt:
- signing_key: |
- -----BEGIN RSA PRIVATE KEY-----
- REPLACE+ME+WITH+A+REAL+RSA+PRIVATE+KEY+++++++++++++asdfghj123122
- 123456789+++++REPLACE+ME+WITH+A+REAL+RSA+PRIVATE+KEY++++++++++++
- asd34++123456789+++++REPLACE+ME+WITH+A+REAL+RSA+PRIVATE+KEY+++++
- KVy7psa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX
- sdfvsdfgvKVy7psALKSFOa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJW
- VfYphNahvZ/7uMXKVy7psa8xzElSyzqx7oJyfJ1JZyOO:9T5SfTIq396agbHJWVf
- YphNasvZ/7uMXFzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX
- sedfsyzqx7oJyfJ1JZyOzToj9TDASWDASD5SfTIq396agbHJWVfYphNahvZ/7uMX
- -----END RSA PRIVATE KEY-----
- verification_key: |
- -----BEGIN PUBLIC KEY-----
- REPLACE+ME+WITH+A+VALID+PUBLIC+KEY++++++++++MIGfMA0GCSqGSIb3DQEBAQUA
- AASAqHxf+ZH9BL1gk9Y6kCnbM5R60gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBug
- BUGBUGspULZVNRxq7veq/fzwIDAQAB
- -----END PUBLIC KEY-----
其中REPLACE-DIRECTOR_UUID为Bosh Director的UUID,
- # bosh status
- Config
- /root/.bosh_config
- Director
- Name microbosh-openstack
- URL https://172.24.4.227:25555
- Version 1.2652.0 (00000000)
- User admin
- UUID 04fd1b77-9522-459e-8f56-bfe83b7c5624
- CPI openstack
- dns enabled (domain_name: microbosh)
- compiled_package_cache disabled
- snapshots disabled
- Deployment
- Manifest /root/bosh/bosh-workspace/deployments/cf/demo.yml
- REPLACE-IP-ADDRESS是预先分配好的floating ip
- # nova floating-ip-create public
root_domain是部署CloudFoundry使用的域名,部署CloudFoundry必须有一个通配符域名(Wildcard DNS record),例如, 如果使用的域名为example.com,那么example.com和*.example.com都要解析为同一IP地址,即前面申请的 floating ip。 如果没有这样的域名,可以试一下xip.io提供的动态域名,它可以把<ip>.xip.io和*.<ip>.xip.io都解析为<ip>, 例如,login.111.222.111.222.xip.io会被解析为111.222.111.222
在部署CloudFoundry过程中,需要设置很多密码,例如访问各个虚拟机,CloudFoundry默认的管理员账户等,在此例中,同一设置为common_password。在生产环境中,比较合理的做法是设置为不同的密码。
#p#
4.4 部署CloudFoundry
- # bosh deployment cf/demo.yml
- # bosh deploy
4.5 部署完成后,可以使用如下命令查看各个虚拟机运行状况
- # bosh vms