Created
January 19, 2017 20:29
-
-
Save byllc/d998d81f5abfca2548e411c5a671fb31 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Cloudfoundry inception and startup | |
| This document describes the cf inception environment within our management network and also | |
| describes a first shot to boot a cloudfoundry environment with microbosh, bosh and cloudfoundry. | |
| ## Prerequisits | |
| 1. Order a new tenant and user from your openstack admin | |
| 1.a User & Tenant must have the same name (for now) | |
| 2. Request a new inception user on the central inception server. You will need to provide the following things: | |
| * name: This is your inception server user, openstack tenant and password | |
| * os_password: The password for your openstack user | |
| * os_api_ip: The address of your openstack api (hostname or ip address) | |
| * initial_ssh_key: Your ssh public key. Used for an initial login. Can be multiple (one per line) | |
| Puppet will then generate a new user on the inception server with everything pre-setup so that you are ready to deploy your cloudfoundry installation. | |
| ## Environment | |
| Login (from one of the jump hosts): | |
| ssh CF_USER@cfinception1-dev.mgmt.sccloudpoc.net | |
| Here you have everything available that you need to deploy a cloudfoundry installation. Your environment looks like: | |
| ~ | |
| |-- bin # all the installed binaries - included in your PATH | |
| `-- bosh-workspace | |
| |-- bosh_cache | |
| |-- deployments # the place for your deployments with bosh (a git repository) | |
| | `-- bosh # your bosh deployment | |
| | `-- cloudfoundry # your cf deployment | |
| |-- microboshes # the place from where we installed microbosh | |
| | `-- microbosh # your microbosh deployment | |
| |-- releases | |
| | `-- bosh # the checked-out bosh release | |
| | `-- cf # the checked-out cf release | |
| |-- repos | |
| |-- ssh | |
| | |-- bosh # ssh key for your bosh servers already added to your tenant | |
| | `-- cloudfoundry # ssh key for your cf installation already added to your tenant | |
| |-- stemcells # the place for your stemcells | |
| `-- tmp # your tmpdirectory. Will be used to prepare releases. | |
| Also included is the setup for your openstack tenant and the fog credentials. So as first test, you could verify that these are actually working: | |
| nova keypair-list # should return 2 keypairs: bosh / cloudfoundry | |
| fog openstack # then Compute[:openstack].key_pairs should show the same keypairs | |
| If this works for your, your inception is setup and ready for your deployments. | |
| If you are still using nova network, we should create the basic nova security rules in your tenant, which will later be used by bosh and cloudfoundry. Puppet has created you a little helper script in `~/bin/nova_security_rules` to support you in creating them. So simply execute this script and let the rules be generated. | |
| ## Install microbosh in your tenant | |
| Now we can start to deploy microbosh in your tenant. For that download the latest stemcell: | |
| cd ~/bosh-workspace/stemcells/ | |
| bosh download public stemcell `bosh public stemcells | grep -E 'bosh.*openstack-kvm-ubuntu' | awk '{ print $2 }'` | |
| Now we can create a microbosh deployment: | |
| vi ~/bosh-workspace/microboshes/microbosh/micro_bosh.yml | |
| An initial version of the deployment file has been created, so the only thing that you should need to adapt is the IP address and the net-id. An example can be found here: (examples/microbosh.yaml)[examples/microbosh.yaml] | |
| **Note 1**: If you are using nova network, you will have to add add the *microbosh* security group to the template as well. | |
| **Note 2:** If you are deploying from an inception server from which you aren't routed into the network of the tenant, you will have to add a floating ip to the microbosh server. You can register one by using `nova floating-ip-create` and then add the ip from the output as *vip:* to the network part. | |
| Ready to deploy microbosh: | |
| cd ~/bosh-workspace/microboshes | |
| bosh micro deployment microbosh | |
| bosh micro deploy ~/bosh-workspace/stemcells/`ls -1tr ~/bosh-workspace/stemcells/ | tail -n 1` | |
| Now we should be able to create a new user: | |
| bosh target https://A.B.C.D:25555 microbosh # the ip you got from the output | |
| # login with admin / admin | |
| bosh create user # create a user, likewise with the same name | |
| # as your tenant | |
| # add this information to the microbosh manifest file | |
| # in the resurrector part | |
| Verify that you can login: | |
| bosh login # login with your newly created user | |
| bosh status | |
| Either you can now install bosh using microbosh or directly install cloudfoundry with microbosh. For the latter jump down to the install cloudfoundry instructions. | |
| ## Install bosh with microbosh | |
| We can now upload the boshstemcell to our bosh director so it can use it for further deployments: | |
| bosh upload stemcell http://bosh-jenkins-artifacts.s3.amazonaws.com/bosh-stemcell/openstack/bosh-stemcell-latest-openstack-kvm-ubuntu.tgz | |
| bosh stemcells # shows the uploaded stemcell | |
| Ready to deploy our bosh release | |
| cd ~/bosh-workspace/releases/bosh/release | |
| git pull # update the latest release | |
| bosh upload release releases/bosh-XY.yml | |
| bosh releases # shows the release | |
| Now we can work on deploying bosh itself. | |
| If you are using a non reachable tenant network, we need to create 2 floating ips for bosh: | |
| quantum net-external-list # get the external network | |
| quantum floatingip-create <ext-internet> | |
| quantum floatingip-create <ext-internet> | |
| quantum floating-ip-list # shows you the current ips | |
| These ips are then used for bosh, as noted in the example. | |
| If you are using a reachable network, we can deploy bosh without the floating ips. | |
| vi ~/bosh-workspace/deployments/bosh/bosh.yml | |
| An example can be found here: (examples/bosh.yaml)[examples/bosh.yaml] | |
| Let's deploy | |
| bosh deployment ~/bosh-workspace/deployments/bosh/bosh.yml | |
| bosh deploy | |
| bosh target https://DIRECTOR.IP:25555 bosh # login as admin / admin | |
| # again create a user | |
| bosh create user # preferably again with the tenant name as user | |
| bosh login | |
| bosh status | |
| bosh vms # should list no deployments | |
| # Install cloudfoundry using bosh | |
| Upload the stemcell: | |
| bosh upload stemcell http://bosh-jenkins-artifacts.s3.amazonaws.com/bosh-stemcell/openstack/bosh-stemcell-latest-openstack-kvm-ubuntu.tgz | |
| Then we need to upload our release to bosh: | |
| cd ~/bosh-workspace/releases/cf/ | |
| git pull # be sure to have the latest release | |
| bosh upload release releases/cf-157.yml | |
| bosh releases # shows the uploaded release | |
| cd ~/bosh-workspace/deployments | |
| git remote add bosh-manifests https://github.com/rkoster/swisscom_manifests | |
| git fetch bosh-manifests | |
| git merge bosh-manifests/ux-rework | |
| bundle install --deployment | |
| cp deplyoments/prod2-cf.yml deployments/<yours>.yml | |
| quantum net-external-list # get the external network | |
| quantum floatingip-create <ext-internet> | |
| vi deployments/<yours>.yml | |
| # delete/comment the security groups in the templates if you are on plumgrid, as we don't use them there. | |
| bundle exec bosh deployment <yours> | |
| bundle exec bosh prepare deployment | |
| bundle exec bosh deploy | |
| And we are done! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment