lukaszbudnik/Service Catalog with Open Service Broker for Azure to provision Azure Database

## Service Catalog with Open Service Broker for Azure to provision Azure Database
# az cli version
az version
{
  "azure-cli": "2.5.1",
  "azure-cli-command-modules-nspkg": "2.0.3",
  "azure-cli-core": "2.5.1",
  "azure-cli-nspkg": "3.0.4",
  "azure-cli-telemetry": "1.0.4",
  "extensions": {}
}

# kubectl/Kubernetes version
kubectl version
Client Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.0", GitCommit:"2bd9643cee5b3b3a5ecbd3af49d09018f0773c77", GitTreeState:"clean", BuildDate:"2019-09-18T14:36:53Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.10", GitCommit:"059c666b8d0cce7219d2958e6ecc3198072de9bc", GitTreeState:"clean", BuildDate:"2020-04-03T15:17:29Z", GoVersion:"go1.12.12", Compiler:"gc", Platform:"linux/amd64"}

# helm version
helm version
version.BuildInfo{Version:"v3.2.0-rc.1", GitCommit:"7bffac813db894e06d17bac91d14ea819b5c2310", GitTreeState:"clean", GoVersion:"go1.13.10"}

# service catalog cli version
svcat version
Client Version: v0.3.0-beta.2
Server Version: v1.15.10

# the database will be provisioned in the following resource group
RG_NAME=lukaszbudnik

# add helm repos for Service Catalog and Azure (contains Open Service Broker for Azure chart)
helm repo add svc-cat https://svc-catalog-charts.storage.googleapis.com
helm repo add azure https://kubernetescharts.blob.core.windows.net/azure

# install service catalog chart
kubectl create ns catalog
helm install catalog svc-cat/catalog --namespace catalog --set apiserver.storage.etcd.persistence.enabled=true --set apiserver.healthcheck.enabled=false --set controllerManager.healthcheck.enabled=false --set apiserver.verbosity=2 --set controllerManager.verbosity=2

# create service principal
sp=$(az ad sp create-for-rbac)

# copy parameters which we need to pass to OSBA to provision Azure resources/services on our behalf
AZURE_SUBSCRIPTION_ID=$(az account show | jq -r '.id')
AZURE_TENANT_ID=$(echo $sp | jq -r '.tenant')
AZURE_CLIENT_ID=$(echo $sp | jq -r '.appId')
AZURE_CLIENT_SECRET=$(echo $sp | jq -r '.password')

# install Open Service Broker for Azure chart
kubectl create ns osba
helm install osba azure/open-service-broker-azure --namespace osba --set azure.subscriptionId=$AZURE_SUBSCRIPTION_ID --set azure.tenantId=$AZURE_TENANT_ID --set azure.clientId=$AZURE_CLIENT_ID --set azure.clientSecret=$AZURE_CLIENT_SECRET

# wait until ClusterServiceBroker is available (be patient - takes a few minutes)
kubectl get ClusterServiceBrokers

# make sure service catalog read all the data from Azure correctly
svcat get brokers
svcat get classes
svcat get plans

# create the DB instance - I selected PostgreSQL 10
cat <<EOF > db-instance.yaml
apiVersion: servicecatalog.k8s.io/v1beta1
kind: ServiceInstance
metadata:
  name: db-instance
  namespace: osba
spec:
  clusterServiceClassExternalName: azure-postgresql-10
  clusterServicePlanExternalName: basic
  parameters:
    location: eastus
    resourceGroup: $RG_NAME
    firewallRules:
    - startIPAddress: "0.0.0.0"
      endIPAddress: "255.255.255.255"
      name: "AllowAll"
EOF
kubectl create -f db-instance.yaml

# provisioning a new database will take a few minutes check the status with the following command
kubectl get serviceinstances -n osba

# finally, you can create servicebinding which will sync all DB-related properties (host, port, database, username, password, encryption settings, even connection string/urls) to Kubernetes secret - which is super sweet!
cat <<EOF > db-binding.yaml
apiVersion: servicecatalog.k8s.io/v1beta1
kind: ServiceBinding
metadata:
  name: db-binding
  namespace: osba
spec:
  instanceRef:
    name: db-instance
  secretName: db-credentials
EOF
kubectl create -f db-binding.yaml

# check the servicebinding
kubectl get servicebindings -n osba
# and the secret
kubectl get secret db-credentials -n osba
	# az cli version
	az version
	{
	"azure-cli": "2.5.1",
	"azure-cli-command-modules-nspkg": "2.0.3",
	"azure-cli-core": "2.5.1",
	"azure-cli-nspkg": "3.0.4",
	"azure-cli-telemetry": "1.0.4",
	"extensions": {}
	}

	# kubectl/Kubernetes version
	kubectl version
	Client Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.0", GitCommit:"2bd9643cee5b3b3a5ecbd3af49d09018f0773c77", GitTreeState:"clean", BuildDate:"2019-09-18T14:36:53Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}
	Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.10", GitCommit:"059c666b8d0cce7219d2958e6ecc3198072de9bc", GitTreeState:"clean", BuildDate:"2020-04-03T15:17:29Z", GoVersion:"go1.12.12", Compiler:"gc", Platform:"linux/amd64"}

	# helm version
	helm version
	version.BuildInfo{Version:"v3.2.0-rc.1", GitCommit:"7bffac813db894e06d17bac91d14ea819b5c2310", GitTreeState:"clean", GoVersion:"go1.13.10"}

	# service catalog cli version
	svcat version
	Client Version: v0.3.0-beta.2
	Server Version: v1.15.10

	# the database will be provisioned in the following resource group
	RG_NAME=lukaszbudnik

	# add helm repos for Service Catalog and Azure (contains Open Service Broker for Azure chart)
	helm repo add svc-cat https://svc-catalog-charts.storage.googleapis.com
	helm repo add azure https://kubernetescharts.blob.core.windows.net/azure

	# install service catalog chart
	kubectl create ns catalog
	helm install catalog svc-cat/catalog --namespace catalog --set apiserver.storage.etcd.persistence.enabled=true --set apiserver.healthcheck.enabled=false --set controllerManager.healthcheck.enabled=false --set apiserver.verbosity=2 --set controllerManager.verbosity=2

	# create service principal
	sp=$(az ad sp create-for-rbac)

	# copy parameters which we need to pass to OSBA to provision Azure resources/services on our behalf
	AZURE_SUBSCRIPTION_ID=$(az account show \| jq -r '.id')
	AZURE_TENANT_ID=$(echo $sp \| jq -r '.tenant')
	AZURE_CLIENT_ID=$(echo $sp \| jq -r '.appId')
	AZURE_CLIENT_SECRET=$(echo $sp \| jq -r '.password')

	# install Open Service Broker for Azure chart
	kubectl create ns osba
	helm install osba azure/open-service-broker-azure --namespace osba --set azure.subscriptionId=$AZURE_SUBSCRIPTION_ID --set azure.tenantId=$AZURE_TENANT_ID --set azure.clientId=$AZURE_CLIENT_ID --set azure.clientSecret=$AZURE_CLIENT_SECRET

	# wait until ClusterServiceBroker is available (be patient - takes a few minutes)
	kubectl get ClusterServiceBrokers

	# make sure service catalog read all the data from Azure correctly
	svcat get brokers
	svcat get classes
	svcat get plans

	# create the DB instance - I selected PostgreSQL 10
	cat <<EOF > db-instance.yaml
	apiVersion: servicecatalog.k8s.io/v1beta1
	kind: ServiceInstance
	metadata:
	name: db-instance
	namespace: osba
	spec:
	clusterServiceClassExternalName: azure-postgresql-10
	clusterServicePlanExternalName: basic
	parameters:
	location: eastus
	resourceGroup: $RG_NAME
	firewallRules:
	- startIPAddress: "0.0.0.0"
	endIPAddress: "255.255.255.255"
	name: "AllowAll"
	EOF
	kubectl create -f db-instance.yaml

	# provisioning a new database will take a few minutes check the status with the following command
	kubectl get serviceinstances -n osba

	# finally, you can create servicebinding which will sync all DB-related properties (host, port, database, username, password, encryption settings, even connection string/urls) to Kubernetes secret - which is super sweet!
	cat <<EOF > db-binding.yaml
	apiVersion: servicecatalog.k8s.io/v1beta1
	kind: ServiceBinding
	metadata:
	name: db-binding
	namespace: osba
	spec:
	instanceRef:
	name: db-instance
	secretName: db-credentials
	EOF
	kubectl create -f db-binding.yaml

	# check the servicebinding
	kubectl get servicebindings -n osba
	# and the secret
	kubectl get secret db-credentials -n osba