中国领先的IT技术网站
|
|

开源PaaS方案(四)部署 CloudFoundry

使用bosh部署应用是需要两部分,一个是创建虚拟机使用的模板stemcell,另外一个是应该的Release。所以,部署CloudFoundry之前需要上传stencil和release。

作者:Yudar来源:博客园|2015-04-24 10:17

沙龙活动 | 去哪儿、陌陌、ThoughtWorks在自动化运维中的实践!10.28不见不散!


使用bosh部署应用是需要两部分,一个是创建虚拟机使用的模板stemcell,另外一个是应该的Release。所以,部署CloudFoundry之前需要上传stencil和release

4.1使用spiff 生成 CF 配置文件

1 安装 spiff

官方原文 http://docs.cloudfoundry.org/deploying/cf-manifest-spiff.html

安装 curl

sudo yum install curl

安装 brew

ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

安装 xoebus

brew tap xoebus/homebrew-cloudfoundry

安装 spiff

brew install spiff

因为go godep 等 源码都是在google 上的 所以需要修改/etc/hosts 文件

加入

  • 216.239.90.113 storage.googleapis.com
  • 216.239.90.113 go.googlesource.com
  • 216.239.90.113 code.google.com

设置环境变量 gopath

  1. $ export GOPATH=/usr/local/go 
  2.  
  3. $ export PATH=$PATH:$GOPATH/bin 

克隆cloudfoundry

  1. git clone git@github.com:cloudfoundry/cf-release 
  2.  
  3. cd cf-release 
  4.  
  5. ./update 

根据实际条件修改配置文件

(原文参考:http://docs.cloudfoundry.org/deploying/cf-stub-openstack.html)

修改cf-release/spec/fixtures/openstack/cf-stub.yml 文件

  1. # The following line helps maintain current documentation at http://docs.cloudfoundry.org. 
  2. # code_snippet cf-stub-openstack start 
  3. --- 
  4. director_uuid:  90c73a6e-4fd1-41bb-9282-299eb49af9fc 
  5. meta: 
  6.   openstack: 
  7.     net_id: 9e5a6fd5-fa2e-48da-94ce-f85337bc2451 
  8.     auth_url: http://172.24.10.128:5000/v2.0 
  9.     tenant: demo 
  10.     username: demo 
  11.     api_key: openstack 
  12.     security_groups: [bosh] 
  13.   floating_static_ips: 
  14.   - 172.24.10.133 
  15. networks: 
  16. - name: cf1 
  17.   subnets: 
  18.     - cloud_properties: 
  19.       static
  20.       - 10.0.5.20 - 10.0.5.50 
  21. properties: 
  22.   cc: 
  23.     droplets: 
  24.       droplet_directory_key: cloudfoundry-droplets  
  25.     buildpacks: 
  26.       buildpack_directory_key: cloudfoundry-buildpacks 
  27.     staging_upload_user: update 
  28.     staging_upload_password: openstack 
  29.     bulk_api_password: openstack 
  30.     db_encryption_key: openstack 
  31.   ccdb: 
  32.     roles: 
  33.     - name: ccadmin 
  34.       password: openstack 
  35.       tag: admin 
  36.   databases: 
  37.     roles: 
  38.     - name: ccadmin 
  39.       password: openstack 
  40.     - name: uaaadmin 
  41.       password: openstack 
  42.   dea_next: 
  43.     disk_mb: 2048 
  44.     memory_mb: 1024 
  45.   domain: example.com 
  46.   loggregator_endpoint: 
  47.     shared_secret: openstack 
  48.   nats: 
  49.     user: nats 
  50.     password: openstack 
  51.   router: 
  52.     enable_ssl: true 
  53.     ssl_cert: | 
  54.       -----BEGIN CERTIFICATE----- 
  55.       MIIDBjCCAe4CCQCz3nn1SWrDdTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB 
  56.       VTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0 
  57.       cyBQdHkgTHRkMB4XDTE1MDMwMzE4NTMyNloXDTE2MDMwMjE4NTMyNlowRTELMAkG 
  58.       A1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0 
  59.       IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB 
  60.       AKtTK9xq/ycRO3fWbk1abunYf9CY6sl0Wlqm9UPMkI4j0itY2OyGyn1YuCCiEdM3 
  61.       b8guGSWB0XSL5PBq33e7ioiaH98UEe+Ai+TBxnJsro5WQ/TMywzRDhZ4E7gxDBav 
  62.       88ZY+y7ts0HznfxqEIn0Gu/UK+s6ajYcIy7d9L988+hA3K1FSdes8MavXhrI4xA1 
  63.       fY21gESfFkD4SsqvrkISC012pa7oVw1f94slIVcAG+l9MMAkatBGxgWAQO6kxk5o 
  64.       oH1Z5q2m0afeQBfFqzu5lCITLfgTWCUZUmbF6UpRhmD850/LqNtryAPrLLqXxdig 
  65.       OHiWqvFpCusOu/4z1uGC5xECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAV5RAFVQy 
  66.       8Krs5c9ebYRseXO6czL9/Rfrt/weiC1XLcDkE2i2yYsBXazMYr58o4hACJwe2hoC 
  67.       bihBZ9XnVpASEYHDLwDj3zxFP/bTuKs7tLhP7wz0lo8i6k5VSPAGBq2kjc/cO9a3 
  68.       TMmLPks/Xm42MCSWGDnCEX1854B3+JK3CNEGqSY7FYXU4W9pZtHPZ3gBoy0ymSpg 
  69.       mpleiY1Tbn5I2X7vviMW7jeviB5ivkZaXtObjyM3vtPLB+ILpa15ZhDSE5o71sjA 
  70.       jXqrE1n5o/GXHX+1M8v3aJc30Az7QAqWohW/tw5SoiSmVQZWd7gFht9vSzaH2WgO 
  71.       LwcpBC7+cUJEww== 
  72.       -----END CERTIFICATE----- 
  73.     ssl_key: | 
  74.       -----BEGIN RSA PRIVATE KEY----- 
  75.       MIIEpAIBAAKCAQEAq1Mr3Gr/JxE7d9ZuTVpu6dh/0JjqyXRaWqb1Q8yQjiPSK1jY 
  76.       7IbKfVi4IKIR0zdvyC4ZJYHRdIvk8Grfd7uKiJof3xQR74CL5MHGcmyujlZD9MzL 
  77.       DNEOFngTuDEMFq/zxlj7Lu2zQfOd/GoQifQa79Qr6zpqNhwjLt30v3zz6EDcrUVJ 
  78.       16zwxq9eGsjjEDV9jbWARJ8WQPhKyq+uQhILTXalruhXDV/3iyUhVwAb6X0wwCRq 
  79.       0EbGBYBA7qTGTmigfVnmrabRp95AF8WrO7mUIhMt+BNYJRlSZsXpSlGGYPznT8uo 
  80.       22vIA+ssupfF2KA4eJaq8WkK6w67/jPW4YLnEQIDAQABAoIBAQCDVqpcOoZKK9K8 
  81.       Bt3eXQKEMJ2ji2cKczFFJ5MEm9EBtoJLCryZbqfSue3Fzpj9pBUEkBpk/4VT5F7o 
  82.       0/Vmc5Y7LHRcbqVlRtV30/lPBPQ4V/eWtly/AZDcNsdfP/J1fgPSvaoqCr2ORLWL 
  83.       qL/vEfyIeM4GcWy0+JMcPbmABslw9O6Ptc5RGiP98vCLHQh/++sOtj6PH1pt+2X/ 
  84.       Uecv3b1Hk/3Oe+M8ySorJD3KA94QTRnKX+zubkxRg/zCAki+as8rQc/d+BfVG698 
  85.       ylUT5LVLNuwbWnffY2Zt5x5CDqH01mJnHmxzQEfn68rb3bGFaYPEn9EP+maQijv6 
  86.       SsUM9A3lAoGBAODRDRn4gEIxjPICp6aawRrMDlRc+k6IWDF7wudjxJlaxFr2t7FF 
  87.       rFYm+jrcG6qMTyq+teR8uHpcKm9X8ax0L6N6gw5rVzIeIOGma/ZuYIYXX2XJx5SW 
  88.       SOas1xW6qEIbOMv+Xu9w2SWbhTgyRmtlxxjr2e7gQLz9z/vuTReJpInnAoGBAMMW 
  89.       sq5lqUfAQzqxlhTobQ7tnB48rUQvkGPE92SlDj2TUt9phek2/TgRJT6mdcozvimt 
  90.       JPhxKg3ioxG8NPmN0EytjpSiKqlxS1R2po0fb75vputfpw16Z8/2Vik+xYqNMTLo 
  91.       SpeVkHu7fbtNYEK2qcU44OyOZ/V+5Oo9TuBIFRhHAoGACkqHhwDRHjaWdR2Z/w5m 
  92.       eIuOvF3lN2MWZm175ouynDKDeoaAsiS2VttB6R/aRFxX42UHfoYXC8LcTmyAK5zF 
  93.       8X3SMf7H5wtqBepQVt+Gm5zGSSqLcEnQ3H5c+impOh105CGoxt0rk4Ui/AeRIalv 
  94.       C70AJOcvD3eu5aFq9gDe/1ECgYBAhkVbASzYGnMh+pKVH7rScSxto8v6/XBYT1Ez 
  95.       7JOlMhD667/qvtFJtgIHkq7qzepbhnTv5x3tscQVnZY34/u9ILpD1s8dc+dibEvx 
  96.       6S/gYLVorB5ois/DLMqaobRcew6Gs+XX9RPwmLahOJpZ9mh4XrOmCgPAYtP71YM9 
  97.       ExpHCQKBgQCMMDDWGMRdFMJgXbx1uMere7OoniBdZaOexjbglRh1rMVSXqzBoU8+ 
  98.       yhEuHGAsHGWQdSBHnqRe9O0Bj/Vlw2VVEaJeL1ewRHb+jXSnuKclZOJgMsJAvgGm 
  99.       SOWIahDrATA4g1T6yLBWQPhj3ZXD3eCMxT1Q3DvpG1DjgvXwmXQJAA== 
  100.       -----END RSA PRIVATE KEY----- 
  101.     cipher_suites: TLS_RSA_WITH_RC4_128_SHA:TLS_RSA_WITH_AES_128_CBC_SHA 
  102.     status: 
  103.       user: router_user 
  104.       password: openstack 
  105.     secure_cookies: true 
  106.   uaa: 
  107.     admin: 
  108.       client_secret: openstack 
  109.     batch: 
  110.       username: batch 
  111.       password: openstack 
  112.     cc: 
  113.       client_secret: openstack 
  114.     clients: 
  115.       app-direct: 
  116.         secret: openstack 
  117.       developer_console: 
  118.         secret: openstack 
  119.       notifications: 
  120.         secret: openstack 
  121.       login: 
  122.         secret: openstack 
  123.       doppler: 
  124.         secret: openstack 
  125.       cloud_controller_username_lookup: 
  126.         secret: cloud_controller_username_lookup_secret 
  127.       gorouter: 
  128.         secret: openstack 
  129.     jwt: 
  130.       verification_key:  
  131.         -----BEGIN PUBLIC KEY----- 
  132.         MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6WKxiVxx5+rqoMvj4vk 
  133.         X5FpipdWaVLpcPhmN8O5ut2bqcU8KV6pMV7/n+zowITVFHCbS/6J6Uk875NclTC1 
  134.         UI86Pxn3c+14KYL6KLe/Gi8McRyqvO5BpkQr3BTtBe9Z0EMgoeq5fAol2Lc/8SNz 
  135.         /uLdSkMc5CmtpEgZ7isnsc8ExSDCchRmrCmKaxIPxNUZvCYgqqXXduHBln1/MBJV 
  136.         YjsEXZZSbhLWzVaFOdAKkU9DlWxqI6sRWFSl6qZ3JCuMh3MQqLnFFXPAX8C9hxFV 
  137.         oC2i7Fe6AIFyECJijgfieqi0PiBdMZ29Kj36gssktVhE+5TAcGCdFqdfzXOBC2ih 
  138.         /wIDAQAB 
  139.         -----END PUBLIC KEY----- 
  140.       signing_key:  
  141.         -----BEGIN RSA PRIVATE KEY----- 
  142.         MIIEpAIBAAKCAQEAw6WKxiVxx5+rqoMvj4vkX5FpipdWaVLpcPhmN8O5ut2bqcU8 
  143.         KV6pMV7/n+zowITVFHCbS/6J6Uk875NclTC1UI86Pxn3c+14KYL6KLe/Gi8McRyq 
  144.         vO5BpkQr3BTtBe9Z0EMgoeq5fAol2Lc/8SNz/uLdSkMc5CmtpEgZ7isnsc8ExSDC 
  145.         chRmrCmKaxIPxNUZvCYgqqXXduHBln1/MBJVYjsEXZZSbhLWzVaFOdAKkU9DlWxq 
  146.         I6sRWFSl6qZ3JCuMh3MQqLnFFXPAX8C9hxFVoC2i7Fe6AIFyECJijgfieqi0PiBd 
  147.         MZ29Kj36gssktVhE+5TAcGCdFqdfzXOBC2ih/wIDAQABAoIBAFHF3zrya5wEILwk 
  148.         GLzmu402OeazWmqrPOb6675jED4KYgWTapHf/tej3TP60U2mN2lTp5UbzoizE8UO 
  149.         0qOIuD/znWTCdar+ljrDg8uBAV7wS0L7uGE/NDFKTQqvtGHGqMNjS0Bh2yT9GNR7 
  150.         wz4Gk3T1XYishGbZBLqlaDEj2HN4V1Yy1Qp4KohqLsJN4B5+c2Q0HrTejOHeSsou 
  151.         B7nJndfZm2ljKdoql++4UZPjWGLGSdtLhzLvYkzbql0GYBYVTOmn/A7AZLz2w769 
  152.         RmDt28nqOIXIAqDL6qt/frtDfCknbsk7lSEFDlrRfjjPIuah/1UCo80Kjd3Iv+rb 
  153.         4NZxiAECgYEA+X1WCCWIWP4hlSjRtISpjOaStz8d5eDLeSTI14cPYM7cMiyROrEo 
  154.         SCJm10AYIs5TsBlb5AfQlBV2YrcmdxeG4ARlVOnpki3ZAyQlQi5LQenQh9abqKtY 
  155.         b2Z0udDmPgwgtPYexdh1FQTzeXptYDED/sHynj6pN4GBIlZTjZXiCwsCgYEAyMCE 
  156.         8MEPJZmAQ8vaWjzkzbToUbW5knrEhRNEoxnlbRXXwzXReUIbu+E22FQjwNNxlsJx 
  157.         smKFWzPvF5seiChBp7yT9dnDKCm9bJVRRAlVD5oyBIFkqXmCn3QM9ySWW6QHxgEH 
  158.         4wsoNs0RcpTNW/CLi7E9tvtzjnoFqdfDIaSbPV0CgYBhv56OcI4cN+1WcHjBHl0D 
  159.         rG79RshjAZEW9LeP4gW/ayzQp6967GAY6wmZ+i26rVYSn8zl6b3p1wLcKF/0tw4M 
  160.         BQzimQb/U+E7ntTOOi8YMxCVuBqimgd7FgxTpSogU0YZQHjMEUPGKXtvM+1Yi7vB 
  161.         +6EgKPLJoX7DwkjYJ0o6AwKBgQC842gyn3SBDE2DfOuWvHUMmIt/Vl2lVZ5TGC4c 
  162.         yOD2IvdA1gKi9XDi9qWEJqb9Z/YYxBv2nHyds9/jdjDkK/yatvUA/kSCJcP1xwkP 
  163.         2zgN1if51UXBsHMXVTpd0C8pSs2FoLKrDnRoG8uu5BPVzh9+8OYApde011s806bm 
  164.         oNrwgQKBgQCW/CUPXOrfyIwdFIEqSPB79GuV9e27cm8iB8Fu+Rcc3xlQc+3Ak97X 
  165.         bLi2C1to/pMX+q8ksudd1jOMoyhufle8wJaxC0jLgVx4DGUorvA0uiVtEAULreXz 
  166.         beE4LXyvVu+tYIl4ATlIyEQSAnNIR6oCX5KvQJu+jHA4i9z+Vg0mpA== 
  167.         -----END RSA PRIVATE KEY----- 
  168.     scim: 
  169.       users: 
  170.       - admin|openstack|scim.write,scim.read,openid,cloud_controller.admin,doppler.firehose 
  171.   uaadb: 
  172.     roles: 
  173.     - name: uaaadmin 
  174.       password: openstack 
  175.       tag: admin 
  176.  
  177. # code_snippet cf-stub-openstack end 
  178. # The previous line helps maintain current documentation at http://docs.cloudfoundry.org. 

将cf-stub 复制到cf-release 文件夹下运行

  1. 1./generate_deployment_manifest openstack cf-stub.yml > cf-deployment.yml 

可能会遇到out of memory 错误,如果遇到这个错误,请参看我在stackoverflow 中提交的问题

http://stackoverflow.com/questions/29742497/out-of-memory-when-generate-cloudfoundry-deploy-manifest-file-cf-deployment-yml/29791331#29791331

还可能遇到下面的问题

  1. 62015/04/22 15:50:22 error generating manifest: unresolved nodes: 
  2.  
  3. (( lamb_meta.loggregator_templates )) in dynaml jobs.[23].templates 
  4.  
  5. (( lamb_meta.loggregator_templates )) in dynaml jobs.[24].templates 
  6.  
  7. (( lamb_meta.loggregator_trafficcontroller_templates )) in dynaml jobs.[25].templates 
  8.  
  9. (( lamb_meta.loggregator_trafficcontroller_templates )) in dynaml jobs.[26].templates 
  10.  
  11. (( merge )) in ./templates/cf-jobs.yml lamb_meta 

这个问题是因为spiff 不能解析相对路径引用的文件

打开templates/cf-lamb.yml 可以看到如下内容

./src/loggregator/manifest-templates/cf-lamb.yml

这个文件引用就是问题的原因

将 ./src/loggregator/manifest-templates/cf-lamb.yml 中的内容拷贝到 templates/cf-lamb.yml 即可。

这个文件需要到https://github.com/cloudfoundry/loggregator/blob/develop/manifest-templates/cf-lamb.yml 去找。

(原文参考https://github.com/cloudfoundry-incubator/diego-release/issues/29)

4.1.2 使用bosh上传Stemcell

  1. # bosh upload stemcell ~/stemcell/bosh-stemcell-2652-openstack-kvm-ubuntu-lucid-go_agent.tgz 
  2.  
  3. # bosh stemcells 
  4.  
  5. +------------------------------------------+---------+--------------------------------------+ 
  6.  
  7. | Name | Version | CID | 
  8.  
  9. +------------------------------------------+---------+--------------------------------------+ 
  10.  
  11. | bosh-openstack-kvm-ubuntu-lucid-go_agent | 2652* | 5a6ddcc0-29e6-4b65-a769-8dd8a99eb5df | 
  12.  
  13. +------------------------------------------+---------+--------------------------------------+ 
  14.  
  15. (*) Currently in-use 
  16.  
  17. Stemcells total: 1 

4.2 使用bosh上传CloudFoundry

  1. # cd ~/bosh-workspace/releases/cf-release 
  2.  
  3. # bosh upload release releases/cf-170.yml 
  4.  
  5. # bosh releases+------+----------+-------------+ 
  6.  
  7. | Name | Versions | Commit Hash | 
  8.  
  9. +------+----------+-------------+ 
  10.  
  11. | cf | 170* | 0c0c72c3+ | 
  12.  
  13. +------+----------+-------------+ 
  14.  
  15. (*) Currently deployed 
  16.  
  17. (+) Uncommitted changes 
  18.  
  19. Releases total: 1 

4.3 创建部署描述文件

  1. <%   
  2. director_uuid = "REPLACE-DIRECTOR_UUID"   
  3. static_ip = "REPLACE-IP-ADDRESS"   
  4. root_domain = "#{static_ip}.xip.io"   
  5. deployment_name = 'cf'   
  6. cf_release = '170'   
  7. protocol = 'http'   
  8. common_password = 'mysecretpassword'   
  9. %>   
  10. ---   
  11. name: <%= deployment_name %>   
  12. director_uuid: <%= director_uuid %>   
  13.    
  14. releases:   
  15.  - name: cf   
  16.    version: <%= cf_release %>   
  17.    
  18. compilation:   
  19.   workers: 3   
  20.   network: default   
  21.   reuse_compilation_vms: true   
  22.   cloud_properties:   
  23.     instance_type: m1.large   
  24.    
  25. update:   
  26.   canaries: 0   
  27.   canary_watch_time: 30000-600000   
  28.   update_watch_time: 30000-600000   
  29.   max_in_flight: 32   
  30.   serial: false   
  31.    
  32. networks:   
  33.   - name: default   
  34.     type: dynamic   
  35.     cloud_properties:   
  36.       security_groups:   
  37.         - default   
  38.         - bosh   
  39.         - cf-private   
  40.    
  41.   - name: external   
  42.     type: dynamic   
  43.     cloud_properties:   
  44.       security_groups:   
  45.         - default   
  46.         - bosh   
  47.         - cf-public   
  48.    
  49.   - name: floating   
  50.     type: vip   
  51.     cloud_properties: {}   
  52.    
  53. resource_pools:   
  54.   - name: common   
  55.     network: default   
  56.     size: 14   
  57.     stemcell:   
  58.       name: bosh-openstack-kvm-ubuntu-lucid   
  59.       version: latest   
  60.     cloud_properties:   
  61.       instance_type: m1.small   
  62.    
  63.   - name: large   
  64.     network: default   
  65.     size: 3   
  66.     stemcell:   
  67.       name: bosh-openstack-kvm-ubuntu-lucid   
  68.       version: latest   
  69.     cloud_properties:   
  70.       instance_type: m1.medium   
  71.    
  72. jobs:   
  73.   - name: nats   
  74.     templates:   
  75.       - name: nats   
  76.       - name: nats_stream_forwarder   
  77.     instances: 1   
  78.     resource_pool: common   
  79.     networks:   
  80.       - name: default   
  81.         default: [dns, gateway]   
  82.    
  83.   - name: syslog_aggregator   
  84.     templates:   
  85.       - name: syslog_aggregator   
  86.     instances: 1   
  87.     resource_pool: common   
  88.     persistent_disk: 65536   
  89.     networks:   
  90.       - name: default   
  91.         default: [dns, gateway]   
  92.    
  93.   - name: nfs_server   
  94.     templates:   
  95.       - name: debian_nfs_server   
  96.     instances: 1   
  97.     resource_pool: common   
  98.     persistent_disk: 65535   
  99.     networks:   
  100.       - name: default   
  101.         default: [dns, gateway]   
  102.    
  103.   - name: postgres   
  104.     templates:   
  105.       - name: postgres   
  106.     instances: 1   
  107.     resource_pool: common   
  108.     persistent_disk: 65536   
  109.     networks:   
  110.       - name: default   
  111.         default: [dns, gateway]   
  112.     properties:   
  113.       db: databases   
  114.    
  115.   - name: uaa   
  116.     templates:   
  117.       - name: uaa   
  118.     instances: 1   
  119.     resource_pool: common   
  120.     networks:   
  121.       - name: default   
  122.         default: [dns, gateway]   
  123.    
  124.   - name: loggregator   
  125.     templates:   
  126.       - name: loggregator   
  127.     instances: 1   
  128.     resource_pool: common   
  129.     networks:   
  130.       - name: default   
  131.         default: [dns, gateway]   
  132.    
  133.   - name: trafficcontroller   
  134.     templates:   
  135.       - name: loggregator_trafficcontroller   
  136.     instances: 1   
  137.     resource_pool: common   
  138.     networks:   
  139.       - name: default   
  140.         default: [dns, gateway]   
  141.    
  142.   - name: cloud_controller   
  143.     templates:   
  144.       - name: cloud_controller_ng   
  145.     instances: 1   
  146.     resource_pool: common   
  147.     networks:   
  148.       - name: default   
  149.         default: [dns, gateway]   
  150.     properties:   
  151.       ccdb: ccdb   
  152.    
  153.   - name: cloud_controller_worker   
  154.     templates:   
  155.       - name: cloud_controller_worker   
  156.     instances: 1   
  157.     resource_pool: common   
  158.     networks:   
  159.       - name: default   
  160.         default: [dns, gateway]   
  161.     properties:   
  162.       ccdb: ccdb   
  163.    
  164.   - name: clock_global   
  165.     templates:   
  166.       - name: cloud_controller_clock   
  167.     instances: 1   
  168.     resource_pool: common   
  169.     networks:   
  170.       - name: default   
  171.         default: [dns, gateway]   
  172.     properties:   
  173.       ccdb: ccdb   
  174.    
  175.   - name: etcd   
  176.     templates:   
  177.       - name: etcd   
  178.     instances: 1   
  179.     resource_pool: common   
  180.     persistent_disk: 10024   
  181.     networks:   
  182.       - name: default   
  183.         default: [dns, gateway]   
  184.    
  185.   - name: health_manager   
  186.     templates:   
  187.       - name: hm9000   
  188.     instances: 1   
  189.     resource_pool: common   
  190.     networks:   
  191.       - name: default   
  192.         default: [dns, gateway]   
  193.    
  194.   - name: dea   
  195.     templates:   
  196.       - name: dea_logging_agent   
  197.       - name: dea_next   
  198.     instances: 3   
  199.     resource_pool: large   
  200.     networks:   
  201.       - name: default   
  202.         default: [dns, gateway]   
  203.    
  204.   - name: router   
  205.     templates:   
  206.       - name: gorouter   
  207.     instances: 1   
  208.     resource_pool: common   
  209.     networks:   
  210.       - name: default   
  211.         default: [dns, gateway]   
  212.    
  213.   - name: haproxy   
  214.     templates:   
  215.       - name: haproxy   
  216.     instances: 1   
  217.     resource_pool: common   
  218.     networks:   
  219.       - name: external   
  220.         default: [dns, gateway]   
  221.       - name: floating   
  222.         static_ips:   
  223.           - <%= static_ip %>   
  224.     properties:   
  225.       networks:   
  226.         apps: external   
  227.    
  228. properties:   
  229.   domain: <%= root_domain %>   
  230.   system_domain: <%= root_domain %>   
  231.   system_domain_organization: 'admin'   
  232.   app_domains:   
  233.     - <%= root_domain %>   
  234.    
  235.   haproxy: {}   
  236.    
  237.   networks:   
  238.     apps: default   
  239.    
  240.   nats:   
  241.     user: nats   
  242.     password: <%= common_password %>   
  243.     address: 0.nats.default.<%= deployment_name %>.microbosh   
  244.     port: 4222   
  245.     machines:   
  246.       - 0.nats.default.<%= deployment_name %>.microbosh   
  247.    
  248.   syslog_aggregator:   
  249.     address: 0.syslog-aggregator.default.<%= deployment_name %>.microbosh   
  250.     port: 54321   
  251.    
  252.   nfs_server:   
  253.     address: 0.nfs-server.default.<%= deployment_name %>.microbosh   
  254.     network: "*.<%= deployment_name %>.microbosh"   
  255.     idmapd_domain: "localdomain"   
  256.    
  257.   debian_nfs_server:   
  258.     no_root_squash: true   
  259.    
  260.   loggregator_endpoint:   
  261.     shared_secret: <%= common_password %>   
  262.     host: 0.trafficcontroller.default.<%= deployment_name %>.microbosh   
  263.    
  264.   loggregator:   
  265.     servers:   
  266.       zone:   
  267.         -  0.loggregator.default.<%= deployment_name %>.microbosh   
  268.    
  269.   traffic_controller:   
  270.     zone: 'zone'   
  271.    
  272.   logger_endpoint:   
  273.     use_ssl: <%= protocol == 'https' %>   
  274.     port: 80   
  275.    
  276.   ssl:   
  277.     skip_cert_verify: true   
  278.    
  279.   router:   
  280.     endpoint_timeout: 60   
  281.     status:   
  282.       port: 8080   
  283.       user: gorouter   
  284.       password: <%= common_password %>   
  285.     servers:   
  286.       z1:   
  287.         - 0.router.default.<%= deployment_name %>.microbosh   
  288.       z2: []   
  289.    
  290.   etcd:   
  291.     machines:   
  292.       - 0.etcd.default.<%= deployment_name %>.microbosh   
  293.    
  294.   dea: &dea   
  295.     disk_mb: 102400   
  296.     disk_overcommit_factor: 2   
  297.     memory_mb: 15000   
  298.     memory_overcommit_factor: 3   
  299.     directory_server_protocol: <%= protocol %>   
  300.     mtu: 1460   
  301.     deny_networks:   
  302.       - 169.254.0.0/16 # Google Metadata endpoint   
  303.    
  304.   dea_next: *dea   
  305.    
  306.   disk_quota_enabled: false   
  307.    
  308.   dea_logging_agent:   
  309.     status:   
  310.       user: admin   
  311.       password: <%= common_password %>   
  312.    
  313.   databases: &databases   
  314.     db_scheme: postgres   
  315.     address: 0.postgres.default.<%= deployment_name %>.microbosh   
  316.     port: 5524   
  317.     roles:   
  318.       - tag: admin   
  319.         name: ccadmin   
  320.         password: <%= common_password %>   
  321.       - tag: admin   
  322.         name: uaaadmin   
  323.         password: <%= common_password %>   
  324.     databases:   
  325.       - tag: cc   
  326.         name: ccdb   
  327.         citext: true   
  328.       - tag: uaa   
  329.         name: uaadb   
  330.         citext: true   
  331.    
  332.   ccdb: &ccdb   
  333.     db_scheme: postgres   
  334.     address: 0.postgres.default.<%= deployment_name %>.microbosh   
  335.     port: 5524   
  336.     roles:   
  337.       - tag: admin   
  338.         name: ccadmin   
  339.         password: <%= common_password %>   
  340.     databases:   
  341.       - tag: cc   
  342.         name: ccdb   
  343.         citext: true   
  344.    
  345.   ccdb_ng: *ccdb   
  346.    
  347.   uaadb:   
  348.     db_scheme: postgresql   
  349.     address: 0.postgres.default.<%= deployment_name %>.microbosh   
  350.     port: 5524   
  351.     roles:   
  352.       - tag: admin   
  353.         name: uaaadmin   
  354.         password: <%= common_password %>   
  355.     databases:   
  356.       - tag: uaa   
  357.         name: uaadb   
  358.         citext: true   
  359.    
  360.   cc: &cc   
  361.     srv_api_uri: <%= protocol %>://api.<%= root_domain %>   
  362.     jobs:   
  363.       local:   
  364.         number_of_workers: 2   
  365.       generic:   
  366.         number_of_workers: 2   
  367.       global:   
  368.         timeout_in_seconds: 14400   
  369.       app_bits_packer:   
  370.         timeout_in_seconds: null   
  371.       app_events_cleanup:   
  372.         timeout_in_seconds: null   
  373.       app_usage_events_cleanup:   
  374.         timeout_in_seconds: null   
  375.       blobstore_delete:   
  376.         timeout_in_seconds: null   
  377.       blobstore_upload:   
  378.         timeout_in_seconds: null   
  379.       droplet_deletion:   
  380.         timeout_in_seconds: null   
  381.       droplet_upload:   
  382.         timeout_in_seconds: null   
  383.       model_deletion:   
  384.         timeout_in_seconds: null   
  385.     bulk_api_password: <%= common_password %>   
  386.     staging_upload_user: upload   
  387.     staging_upload_password: <%= common_password %>   
  388.     quota_definitions:   
  389.       default:   
  390.         memory_limit: 10240   
  391.         total_services: 100   
  392.         non_basic_services_allowed: true   
  393.         total_routes: 1000   
  394.         trial_db_allowed: true   
  395.     resource_pool:   
  396.       resource_directory_key: cloudfoundry-resources   
  397.       fog_connection:   
  398.         provider: Local   
  399.         local_root: /var/vcap/nfs/shared   
  400.     packages:   
  401.       app_package_directory_key: cloudfoundry-packages   
  402.       fog_connection:   
  403.         provider: Local   
  404.         local_root: /var/vcap/nfs/shared   
  405.     droplets:   
  406.       droplet_directory_key: cloudfoundry-droplets   
  407.       fog_connection:   
  408.         provider: Local   
  409.         local_root: /var/vcap/nfs/shared   
  410.     buildpacks:   
  411.       buildpack_directory_key: cloudfoundry-buildpacks   
  412.       fog_connection:   
  413.         provider: Local   
  414.         local_root: /var/vcap/nfs/shared   
  415.     install_buildpacks:   
  416.       - name: java_buildpack   
  417.         package: buildpack_java   
  418.       - name: ruby_buildpack   
  419.         package: buildpack_ruby   
  420.       - name: nodejs_buildpack   
  421.         package: buildpack_nodejs   
  422.       - name: go_buildpack   
  423.         package: buildpack_go   
  424.     db_encryption_key: <%= common_password %>   
  425.     hm9000_noop: false   
  426.     diego: false   
  427.     newrelic:   
  428.       license_key: null   
  429.       environment_name: <%= deployment_name %>   
  430.    
  431.   ccng: *cc   
  432.    
  433.   login:   
  434.     enabled: false   
  435.    
  436.   uaa:   
  437.     url: <%= protocol %>://uaa.<%= root_domain %>   
  438.     no_ssl: <%= protocol == 'http' %>   
  439.     cc:   
  440.       client_secret: <%= common_password %>   
  441.     admin:   
  442.       client_secret: <%= common_password %>   
  443.     batch:   
  444.       username: batch   
  445.       password: <%= common_password %>   
  446.     clients:   
  447.       cf:   
  448.         override: true   
  449.         authorized-grant-types: password,implicit,refresh_token   
  450.         authorities: uaa.none   
  451.         scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write   
  452.         access-token-validity: 7200   
  453.         refresh-token-validity: 1209600   
  454.       admin:   
  455.         secret: <%= common_password %>   
  456.         authorized-grant-types: client_credentials   
  457.         authorities: clients.read,clients.write,clients.secret,password.write,scim.read,uaa.admin   
  458.     scim:   
  459.       users:   
  460.       - admin|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin,uaa.admin,password.write   
  461.       - services|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin   
  462.     jwt:   
  463.       signing_key: |   
  464.         -----BEGIN RSA PRIVATE KEY-----   
  465.         REPLACE+ME+WITH+A+REAL+RSA+PRIVATE+KEY+++++++++++++asdfghj123122   
  466.         123456789+++++REPLACE+ME+WITH+A+REAL+RSA+PRIVATE+KEY++++++++++++   
  467.         asd34++123456789+++++REPLACE+ME+WITH+A+REAL+RSA+PRIVATE+KEY+++++   
  468.         KVy7psa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX   
  469.         sdfvsdfgvKVy7psALKSFOa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJW   
  470.         VfYphNahvZ/7uMXKVy7psa8xzElSyzqx7oJyfJ1JZyOO:9T5SfTIq396agbHJWVf   
  471.         YphNasvZ/7uMXFzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX   
  472.         sedfsyzqx7oJyfJ1JZyOzToj9TDASWDASD5SfTIq396agbHJWVfYphNahvZ/7uMX   
  473.         -----END RSA PRIVATE KEY-----   
  474.       verification_key: |   
  475.         -----BEGIN PUBLIC KEY-----   
  476.         REPLACE+ME+WITH+A+VALID+PUBLIC+KEY++++++++++MIGfMA0GCSqGSIb3DQEBAQUA   
  477.         AASAqHxf+ZH9BL1gk9Y6kCnbM5R60gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBug   
  478.         BUGBUGspULZVNRxq7veq/fzwIDAQAB   
  479.         -----END PUBLIC KEY-----   

其中REPLACE-DIRECTOR_UUID为Bosh Director的UUID,

  1. # bosh status   
  2. Config   
  3.              /root/.bosh_config   
  4.    
  5. Director   
  6.   Name       microbosh-openstack   
  7.   URL        https://172.24.4.227:25555   
  8.   Version    1.2652.0 (00000000)   
  9.   User       admin   
  10.   UUID       04fd1b77-9522-459e-8f56-bfe83b7c5624   
  11.   CPI        openstack   
  12.   dns        enabled (domain_name: microbosh)   
  13.   compiled_package_cache disabled   
  14.   snapshots  disabled   
  15.    
  16. Deployment   
  17.   Manifest   /root/bosh/bosh-workspace/deployments/cf/demo.yml   
  18.    
  19. REPLACE-IP-ADDRESS是预先分配好的floating ip   
  20. # nova floating-ip-create public   

root_domain是部署CloudFoundry使用的域名,部署CloudFoundry必须有一个通配符域名(Wildcard DNS record),例如, 如果使用的域名为example.com,那么example.com和*.example.com都要解析为同一IP地址,即前面申请的 floating ip。 如果没有这样的域名,可以试一下xip.io提供的动态域名,它可以把<ip>.xip.io和*.<ip>.xip.io都解析为<ip>, 例如,login.111.222.111.222.xip.io会被解析为111.222.111.222

在部署CloudFoundry过程中,需要设置很多密码,例如访问各个虚拟机,CloudFoundry默认的管理员账户等,在此例中,同一设置为common_password。在生产环境中,比较合理的做法是设置为不同的密码。

4.4 部署CloudFoundry

  1. # bosh deployment cf/demo.yml   
  2. # bosh deploy   

4.5 部署完成后,可以使用如下命令查看各个虚拟机运行状况

  1. # bosh vms  


【编辑推荐】

  1. 想让PaaS更出彩,请不要再忘记运维
  2. 为 OpenStack 私有云创建 Linux 和 Windows 映像
  3. 开源PaaS:在OpenStack上部署CloudFoundry(一)简介
  4. 在OpenStack上部署CloudFoundry (二)部署OpenStack
  5. 在OpenStack上部署CloudFoundry(三)部署BOSH
【责任编辑:Ophira TEL:(010)68476606】

点赞 0
分享:
大家都在看
猜你喜欢

读 书 +更多

The Ruby Way(第二版)中文版

本书采用“如何解决问题”的方式阐述Ruby编程,涵盖了以下内容:Ruby术语和基本原理;数字、字符串等低级数据类型的操作;正则表达式;国际...

订阅51CTO邮刊

点击这里查看样刊

订阅51CTO邮刊
× Python最火的编程语言