开源的PaaS方案:在OpenStack上部署CloudFoundry (四)使用Micro Bosh部署CloudFoundry

时间:2021-06-06 20:01:34
使用bosh部署应用是需要两部分,一个是创建虚拟机使用的模板stemcell,另外一个是应该的Release。所以,部署CloudFoundry之前需要上传stencil和release

  4.1.1 使用spiff 生成 CF 配置文件

  1 安装 spiff

  官方原文 http://docs.cloudfoundry.org/deploying/cf-manifest-spiff.html

  安装  curl

  sudo yum install curl

  安装 brew

  ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

  安装 xoebus

  brew tap xoebus/homebrew-cloudfoundry

  安装 spiff

  brew install spiff

  因为go godep 等 源码都是在google 上的 所以需要修改/etc/hosts 文件

  加入

  216.239.90.113 storage.googleapis.com

  216.239.90.113 go.googlesource.com

  216.239.90.113 code.google.com

  设置环境变量 gopath

$ export GOPATH=/usr/local/go

$ export PATH
=$PATH:$GOPATH/bin

  克隆cloudfoundry

git clone git@github.com:cloudfoundry/cf-release
cd cf-release
./update  

  


 根据实际条件修改配置文件
原文参考
http://docs.cloudfoundry.org/deploying/cf-stub-openstack.html

修改cf-release/spec/fixtures/openstack/cf-stub.yml 文件

# The following line helps maintain current documentation at http://docs.cloudfoundry.org.
#
code_snippet cf-stub-openstack start
---
director_uuid: 90c73a6e
-4fd1-41bb-9282-299eb49af9fc
meta:
openstack:
net_id: 9e5a6fd5
-fa2e-48da-94ce-f85337bc2451
auth_url: http:
//172.24.10.128:5000/v2.0
tenant: demo
username: demo
api_key: openstack
security_groups: [bosh]
floating_static_ips:
- 172.24.10.133
networks:
- name: cf1
subnets:
- cloud_properties:
static:
- 10.0.5.20 - 10.0.5.50
properties:
cc:
droplets:
droplet_directory_key: cloudfoundry
-droplets
buildpacks:
buildpack_directory_key: cloudfoundry
-buildpacks
staging_upload_user: update
staging_upload_password: openstack
bulk_api_password: openstack
db_encryption_key: openstack
ccdb:
roles:
- name: ccadmin
password: openstack
tag: admin
databases:
roles:
- name: ccadmin
password: openstack
- name: uaaadmin
password: openstack
dea_next:
disk_mb:
2048
memory_mb:
1024
domain: example.com
loggregator_endpoint:
shared_secret: openstack
nats:
user: nats
password: openstack
router:
enable_ssl: true
ssl_cert:
|
-----BEGIN CERTIFICATE-----
MIIDBjCCAe4CCQCz3nn1SWrDdTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB
VTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0
cyBQdHkgTHRkMB4XDTE1MDMwMzE4NTMyNloXDTE2MDMwMjE4NTMyNlowRTELMAkG
A1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0
IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKtTK9xq
/ycRO3fWbk1abunYf9CY6sl0Wlqm9UPMkI4j0itY2OyGyn1YuCCiEdM3
b8guGSWB0XSL5PBq33e7ioiaH98UEe
+Ai+TBxnJsro5WQ/TMywzRDhZ4E7gxDBav
88ZY
+y7ts0HznfxqEIn0Gu/UK+s6ajYcIy7d9L988+hA3K1FSdes8MavXhrI4xA1
fY21gESfFkD4SsqvrkISC012pa7oVw1f94slIVcAG
+l9MMAkatBGxgWAQO6kxk5o
oH1Z5q2m0afeQBfFqzu5lCITLfgTWCUZUmbF6UpRhmD850
/LqNtryAPrLLqXxdig
OHiWqvFpCusOu
/4z1uGC5xECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAV5RAFVQy
8Krs5c9ebYRseXO6czL9
/Rfrt/weiC1XLcDkE2i2yYsBXazMYr58o4hACJwe2hoC
bihBZ9XnVpASEYHDLwDj3zxFP
/bTuKs7tLhP7wz0lo8i6k5VSPAGBq2kjc/cO9a3
TMmLPks
/Xm42MCSWGDnCEX1854B3+JK3CNEGqSY7FYXU4W9pZtHPZ3gBoy0ymSpg
mpleiY1Tbn5I2X7vviMW7jeviB5ivkZaXtObjyM3vtPLB
+ILpa15ZhDSE5o71sjA
jXqrE1n5o
/GXHX+1M8v3aJc30Az7QAqWohW/tw5SoiSmVQZWd7gFht9vSzaH2WgO
LwcpBC7
+cUJEww==
-----END CERTIFICATE-----
ssl_key:
|
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAq1Mr3Gr
/JxE7d9ZuTVpu6dh/0JjqyXRaWqb1Q8yQjiPSK1jY
7IbKfVi4IKIR0zdvyC4ZJYHRdIvk8Grfd7uKiJof3xQR74CL5MHGcmyujlZD9MzL
DNEOFngTuDEMFq
/zxlj7Lu2zQfOd/GoQifQa79Qr6zpqNhwjLt30v3zz6EDcrUVJ
16zwxq9eGsjjEDV9jbWARJ8WQPhKyq
+uQhILTXalruhXDV/3iyUhVwAb6X0wwCRq
0EbGBYBA7qTGTmigfVnmrabRp95AF8WrO7mUIhMt
+BNYJRlSZsXpSlGGYPznT8uo
22vIA
+ssupfF2KA4eJaq8WkK6w67/jPW4YLnEQIDAQABAoIBAQCDVqpcOoZKK9K8
Bt3eXQKEMJ2ji2cKczFFJ5MEm9EBtoJLCryZbqfSue3Fzpj9pBUEkBpk
/4VT5F7o
0
/Vmc5Y7LHRcbqVlRtV30/lPBPQ4V/eWtly/AZDcNsdfP/J1fgPSvaoqCr2ORLWL
qL
/vEfyIeM4GcWy0+JMcPbmABslw9O6Ptc5RGiP98vCLHQh/++sOtj6PH1pt+2X/
Uecv3b1Hk
/3Oe+M8ySorJD3KA94QTRnKX+zubkxRg/zCAki+as8rQc/d+BfVG698
ylUT5LVLNuwbWnffY2Zt5x5CDqH01mJnHmxzQEfn68rb3bGFaYPEn9EP
+maQijv6
SsUM9A3lAoGBAODRDRn4gEIxjPICp6aawRrMDlRc
+k6IWDF7wudjxJlaxFr2t7FF
rFYm
+jrcG6qMTyq+teR8uHpcKm9X8ax0L6N6gw5rVzIeIOGma/ZuYIYXX2XJx5SW
SOas1xW6qEIbOMv
+Xu9w2SWbhTgyRmtlxxjr2e7gQLz9z/vuTReJpInnAoGBAMMW
sq5lqUfAQzqxlhTobQ7tnB48rUQvkGPE92SlDj2TUt9phek2
/TgRJT6mdcozvimt
JPhxKg3ioxG8NPmN0EytjpSiKqlxS1R2po0fb75vputfpw16Z8
/2Vik+xYqNMTLo
SpeVkHu7fbtNYEK2qcU44OyOZ
/V+5Oo9TuBIFRhHAoGACkqHhwDRHjaWdR2Z/w5m
eIuOvF3lN2MWZm175ouynDKDeoaAsiS2VttB6R
/aRFxX42UHfoYXC8LcTmyAK5zF
8X3SMf7H5wtqBepQVt
+Gm5zGSSqLcEnQ3H5c+impOh105CGoxt0rk4Ui/AeRIalv
C70AJOcvD3eu5aFq9gDe
/1ECgYBAhkVbASzYGnMh+pKVH7rScSxto8v6/XBYT1Ez
7JOlMhD667
/qvtFJtgIHkq7qzepbhnTv5x3tscQVnZY34/u9ILpD1s8dc+dibEvx
6S
/gYLVorB5ois/DLMqaobRcew6Gs+XX9RPwmLahOJpZ9mh4XrOmCgPAYtP71YM9
ExpHCQKBgQCMMDDWGMRdFMJgXbx1uMere7OoniBdZaOexjbglRh1rMVSXqzBoU8
+
yhEuHGAsHGWQdSBHnqRe9O0Bj
/Vlw2VVEaJeL1ewRHb+jXSnuKclZOJgMsJAvgGm
SOWIahDrATA4g1T6yLBWQPhj3ZXD3eCMxT1Q3DvpG1DjgvXwmXQJAA
==
-----END RSA PRIVATE KEY-----
cipher_suites: TLS_RSA_WITH_RC4_128_SHA:TLS_RSA_WITH_AES_128_CBC_SHA
status:
user: router_user
password: openstack
secure_cookies: true
uaa:
admin:
client_secret: openstack
batch:
username: batch
password: openstack
cc:
client_secret: openstack
clients:
app
-direct:
secret: openstack
developer_console:
secret: openstack
notifications:
secret: openstack
login:
secret: openstack
doppler:
secret: openstack
cloud_controller_username_lookup:
secret: cloud_controller_username_lookup_secret
gorouter:
secret: openstack
jwt:
verification_key:
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6WKxiVxx5
+rqoMvj4vk
X5FpipdWaVLpcPhmN8O5ut2bqcU8KV6pMV7
/n+zowITVFHCbS/6J6Uk875NclTC1
UI86Pxn3c
+14KYL6KLe/Gi8McRyqvO5BpkQr3BTtBe9Z0EMgoeq5fAol2Lc/8SNz
/uLdSkMc5CmtpEgZ7isnsc8ExSDCchRmrCmKaxIPxNUZvCYgqqXXduHBln1/MBJV
YjsEXZZSbhLWzVaFOdAKkU9DlWxqI6sRWFSl6qZ3JCuMh3MQqLnFFXPAX8C9hxFV
oC2i7Fe6AIFyECJijgfieqi0PiBdMZ29Kj36gssktVhE
+5TAcGCdFqdfzXOBC2ih
/wIDAQAB
-----END PUBLIC KEY-----
signing_key:
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAw6WKxiVxx5
+rqoMvj4vkX5FpipdWaVLpcPhmN8O5ut2bqcU8
KV6pMV7
/n+zowITVFHCbS/6J6Uk875NclTC1UI86Pxn3c+14KYL6KLe/Gi8McRyq
vO5BpkQr3BTtBe9Z0EMgoeq5fAol2Lc
/8SNz/uLdSkMc5CmtpEgZ7isnsc8ExSDC
chRmrCmKaxIPxNUZvCYgqqXXduHBln1
/MBJVYjsEXZZSbhLWzVaFOdAKkU9DlWxq
I6sRWFSl6qZ3JCuMh3MQqLnFFXPAX8C9hxFVoC2i7Fe6AIFyECJijgfieqi0PiBd
MZ29Kj36gssktVhE
+5TAcGCdFqdfzXOBC2ih/wIDAQABAoIBAFHF3zrya5wEILwk
GLzmu402OeazWmqrPOb6675jED4KYgWTapHf
/tej3TP60U2mN2lTp5UbzoizE8UO
0qOIuD
/znWTCdar+ljrDg8uBAV7wS0L7uGE/NDFKTQqvtGHGqMNjS0Bh2yT9GNR7
wz4Gk3T1XYishGbZBLqlaDEj2HN4V1Yy1Qp4KohqLsJN4B5
+c2Q0HrTejOHeSsou
B7nJndfZm2ljKdoql
++4UZPjWGLGSdtLhzLvYkzbql0GYBYVTOmn/A7AZLz2w769
RmDt28nqOIXIAqDL6qt
/frtDfCknbsk7lSEFDlrRfjjPIuah/1UCo80Kjd3Iv+rb
4NZxiAECgYEA
+X1WCCWIWP4hlSjRtISpjOaStz8d5eDLeSTI14cPYM7cMiyROrEo
SCJm10AYIs5TsBlb5AfQlBV2YrcmdxeG4ARlVOnpki3ZAyQlQi5LQenQh9abqKtY
b2Z0udDmPgwgtPYexdh1FQTzeXptYDED
/sHynj6pN4GBIlZTjZXiCwsCgYEAyMCE
8MEPJZmAQ8vaWjzkzbToUbW5knrEhRNEoxnlbRXXwzXReUIbu
+E22FQjwNNxlsJx
smKFWzPvF5seiChBp7yT9dnDKCm9bJVRRAlVD5oyBIFkqXmCn3QM9ySWW6QHxgEH
4wsoNs0RcpTNW
/CLi7E9tvtzjnoFqdfDIaSbPV0CgYBhv56OcI4cN+1WcHjBHl0D
rG79RshjAZEW9LeP4gW
/ayzQp6967GAY6wmZ+i26rVYSn8zl6b3p1wLcKF/0tw4M
BQzimQb
/U+E7ntTOOi8YMxCVuBqimgd7FgxTpSogU0YZQHjMEUPGKXtvM+1Yi7vB
+6EgKPLJoX7DwkjYJ0o6AwKBgQC842gyn3SBDE2DfOuWvHUMmIt/Vl2lVZ5TGC4c
yOD2IvdA1gKi9XDi9qWEJqb9Z
/YYxBv2nHyds9/jdjDkK/yatvUA/kSCJcP1xwkP
2zgN1if51UXBsHMXVTpd0C8pSs2FoLKrDnRoG8uu5BPVzh9
+8OYApde011s806bm
oNrwgQKBgQCW
/CUPXOrfyIwdFIEqSPB79GuV9e27cm8iB8Fu+Rcc3xlQc+3Ak97X
bLi2C1to
/pMX+q8ksudd1jOMoyhufle8wJaxC0jLgVx4DGUorvA0uiVtEAULreXz
beE4LXyvVu
+tYIl4ATlIyEQSAnNIR6oCX5KvQJu+jHA4i9z+Vg0mpA==
-----END RSA PRIVATE KEY-----
scim:
users:
- admin|openstack|scim.write,scim.read,openid,cloud_controller.admin,doppler.firehose
uaadb:
roles:
- name: uaaadmin
password: openstack
tag: admin

# code_snippet cf-stub-openstack end
#
The previous line helps maintain current documentation at http://docs.cloudfoundry.org.

 

将cf-stub 复制到cf-release 文件夹下

运行
./generate_deployment_manifest openstack cf-stub.yml > cf-deployment.yml

 可能会遇到out of memory 错误,如果遇到这个错误,请参看我在* 中提交的问题

http://*.com/questions/29742497/out-of-memory-when-generate-cloudfoundry-deploy-manifest-file-cf-deployment-yml/29791331#29791331

 还可能遇到下面的问题

2015/04/22 15:50:22 error generating manifest: unresolved nodes:
(( lamb_meta.loggregator_templates )) in dynaml jobs.[23].templates
(( lamb_meta.loggregator_templates )) in dynaml jobs.[24].templates
(( lamb_meta.loggregator_trafficcontroller_templates )) in dynaml jobs.[25].templates
(( lamb_meta.loggregator_trafficcontroller_templates )) in dynaml jobs.[26].templates
(( merge )) in ./templates/cf-jobs.yml lamb_meta

  这个问题是因为spiff 不能解析相对路径引用的文件

打开templates/cf-lamb.yml 可以看到如下内容

./src/loggregator/manifest-templates/cf-lamb.yml

这个文件引用就是问题的原因

 将 ./src/loggregator/manifest-templates/cf-lamb.yml 中的内容拷贝到 templates/cf-lamb.yml 即可。

这个文件需要到https://github.com/cloudfoundry/loggregator/blob/develop/manifest-templates/cf-lamb.yml 去找。

原文参考https://github.com/cloudfoundry-incubator/diego-release/issues/29

 




4.1.2 使用bosh上传Stemcell

[python]  view plain copy
 
 
  1. # bosh upload stemcell ~/stemcell/bosh-stemcell-2652-openstack-kvm-ubuntu-lucid-go_agent.tgz  
  2. # bosh stemcells  
  3. +------------------------------------------+---------+--------------------------------------+  
  4. | Name                                     | Version | CID                                  |  
  5. +------------------------------------------+---------+--------------------------------------+  
  6. | bosh-openstack-kvm-ubuntu-lucid-go_agent | 2652*   | 5a6ddcc0-29e6-4b65-a769-8dd8a99eb5df |  
  7. +------------------------------------------+---------+--------------------------------------+  
  8.   
  9. (*) Currently in-use  
  10.   
  11. Stemcells total: 1  


4.2 使用bosh上传CloudFoundry

[python]  view plain copy
 
 
  1. # cd ~/bosh-workspace/releases/cf-release  
  2. # bosh upload release releases/cf-170.yml  
  3. # bosh releases+------+----------+-------------+  
  4. | Name | Versions | Commit Hash |  
  5. +------+----------+-------------+  
  6. | cf   | 170*     | 0c0c72c3+   |  
  7. +------+----------+-------------+  
  8. (*) Currently deployed  
  9. (+) Uncommitted changes  
  10.   
  11. Releases total: 1  


4.3 创建部署描述文件

[ruby]  view plain copy
 
 
  1. <%  
  2. director_uuid = "REPLACE-DIRECTOR_UUID"  
  3. static_ip = "REPLACE-IP-ADDRESS"  
  4. root_domain = "#{static_ip}.xip.io"  
  5. deployment_name = 'cf'  
  6. cf_release = '170'  
  7. protocol = 'http'  
  8. common_password = 'mysecretpassword'  
  9. %>  
  10. ---  
  11. name: <%= deployment_name %>  
  12. director_uuid: <%= director_uuid %>  
  13.   
  14. releases:  
  15.  - name: cf  
  16.    version: <%= cf_release %>  
  17.   
  18. compilation:  
  19.   workers: 3  
  20.   network: default  
  21.   reuse_compilation_vms: true  
  22.   cloud_properties:  
  23.     instance_type: m1.large  
  24.   
  25. update:  
  26.   canaries: 0  
  27.   canary_watch_time: 30000-600000  
  28.   update_watch_time: 30000-600000  
  29.   max_in_flight: 32  
  30.   serial: false  
  31.   
  32. networks:  
  33.   - name: default  
  34.     type: dynamic  
  35.     cloud_properties:  
  36.       security_groups:  
  37.         - default  
  38.         - bosh  
  39.         - cf-private  
  40.   
  41.   - name: external  
  42.     type: dynamic  
  43.     cloud_properties:  
  44.       security_groups:  
  45.         - default  
  46.         - bosh  
  47.         - cf-public  
  48.   
  49.   - name: floating  
  50.     type: vip  
  51.     cloud_properties: {}  
  52.   
  53. resource_pools:  
  54.   - name: common  
  55.     network: default  
  56.     size: 14  
  57.     stemcell:  
  58.       name: bosh-openstack-kvm-ubuntu-lucid  
  59.       version: latest  
  60.     cloud_properties:  
  61.       instance_type: m1.small  
  62.   
  63.   - name: large  
  64.     network: default  
  65.     size: 3  
  66.     stemcell:  
  67.       name: bosh-openstack-kvm-ubuntu-lucid  
  68.       version: latest  
  69.     cloud_properties:  
  70.       instance_type: m1.medium  
  71.   
  72. jobs:  
  73.   - name: nats  
  74.     templates:  
  75.       - name: nats  
  76.       - name: nats_stream_forwarder  
  77.     instances: 1  
  78.     resource_pool: common  
  79.     networks:  
  80.       - name: default  
  81.         default: [dns, gateway]  
  82.   
  83.   - name: syslog_aggregator  
  84.     templates:  
  85.       - name: syslog_aggregator  
  86.     instances: 1  
  87.     resource_pool: common  
  88.     persistent_disk: 65536  
  89.     networks:  
  90.       - name: default  
  91.         default: [dns, gateway]  
  92.   
  93.   - name: nfs_server  
  94.     templates:  
  95.       - name: debian_nfs_server  
  96.     instances: 1  
  97.     resource_pool: common  
  98.     persistent_disk: 65535  
  99.     networks:  
  100.       - name: default  
  101.         default: [dns, gateway]  
  102.   
  103.   - name: postgres  
  104.     templates:  
  105.       - name: postgres  
  106.     instances: 1  
  107.     resource_pool: common  
  108.     persistent_disk: 65536  
  109.     networks:  
  110.       - name: default  
  111.         default: [dns, gateway]  
  112.     properties:  
  113.       db: databases  
  114.   
  115.   - name: uaa  
  116.     templates:  
  117.       - name: uaa  
  118.     instances: 1  
  119.     resource_pool: common  
  120.     networks:  
  121.       - name: default  
  122.         default: [dns, gateway]  
  123.   
  124.   - name: loggregator  
  125.     templates:  
  126.       - name: loggregator  
  127.     instances: 1  
  128.     resource_pool: common  
  129.     networks:  
  130.       - name: default  
  131.         default: [dns, gateway]  
  132.   
  133.   - name: trafficcontroller  
  134.     templates:  
  135.       - name: loggregator_trafficcontroller  
  136.     instances: 1  
  137.     resource_pool: common  
  138.     networks:  
  139.       - name: default  
  140.         default: [dns, gateway]  
  141.   
  142.   - name: cloud_controller  
  143.     templates:  
  144.       - name: cloud_controller_ng  
  145.     instances: 1  
  146.     resource_pool: common  
  147.     networks:  
  148.       - name: default  
  149.         default: [dns, gateway]  
  150.     properties:  
  151.       ccdb: ccdb  
  152.   
  153.   - name: cloud_controller_worker  
  154.     templates:  
  155.       - name: cloud_controller_worker  
  156.     instances: 1  
  157.     resource_pool: common  
  158.     networks:  
  159.       - name: default  
  160.         default: [dns, gateway]  
  161.     properties:  
  162.       ccdb: ccdb  
  163.   
  164.   - name: clock_global  
  165.     templates:  
  166.       - name: cloud_controller_clock  
  167.     instances: 1  
  168.     resource_pool: common  
  169.     networks:  
  170.       - name: default  
  171.         default: [dns, gateway]  
  172.     properties:  
  173.       ccdb: ccdb  
  174.   
  175.   - name: etcd  
  176.     templates:  
  177.       - name: etcd  
  178.     instances: 1  
  179.     resource_pool: common  
  180.     persistent_disk: 10024  
  181.     networks:  
  182.       - name: default  
  183.         default: [dns, gateway]  
  184.   
  185.   - name: health_manager  
  186.     templates:  
  187.       - name: hm9000  
  188.     instances: 1  
  189.     resource_pool: common  
  190.     networks:  
  191.       - name: default  
  192.         default: [dns, gateway]  
  193.   
  194.   - name: dea  
  195.     templates:  
  196.       - name: dea_logging_agent  
  197.       - name: dea_next  
  198.     instances: 3  
  199.     resource_pool: large  
  200.     networks:  
  201.       - name: default  
  202.         default: [dns, gateway]  
  203.   
  204.   - name: router  
  205.     templates:  
  206.       - name: gorouter  
  207.     instances: 1  
  208.     resource_pool: common  
  209.     networks:  
  210.       - name: default  
  211.         default: [dns, gateway]  
  212.   
  213.   - name: haproxy  
  214.     templates:  
  215.       - name: haproxy  
  216.     instances: 1  
  217.     resource_pool: common  
  218.     networks:  
  219.       - name: external  
  220.         default: [dns, gateway]  
  221.       - name: floating  
  222.         static_ips:  
  223.           - <%= static_ip %>  
  224.     properties:  
  225.       networks:  
  226.         apps: external  
  227.   
  228. properties:  
  229.   domain: <%= root_domain %>  
  230.   system_domain: <%= root_domain %>  
  231.   system_domain_organization: 'admin'  
  232.   app_domains:  
  233.     - <%= root_domain %>  
  234.   
  235.   haproxy: {}  
  236.   
  237.   networks:  
  238.     apps: default  
  239.   
  240.   nats:  
  241.     user: nats  
  242.     password: <%= common_password %>  
  243.     address: 0.nats.default.<%= deployment_name %>.microbosh  
  244.     port: 4222  
  245.     machines:  
  246.       - 0.nats.default.<%= deployment_name %>.microbosh  
  247.   
  248.   syslog_aggregator:  
  249.     address: 0.syslog-aggregator.default.<%= deployment_name %>.microbosh  
  250.     port: 54321  
  251.   
  252.   nfs_server:  
  253.     address: 0.nfs-server.default.<%= deployment_name %>.microbosh  
  254.     network: "*.<%= deployment_name %>.microbosh"  
  255.     idmapd_domain: "localdomain"  
  256.   
  257.   debian_nfs_server:  
  258.     no_root_squash: true  
  259.   
  260.   loggregator_endpoint:  
  261.     shared_secret: <%= common_password %>  
  262.     host: 0.trafficcontroller.default.<%= deployment_name %>.microbosh  
  263.   
  264.   loggregator:  
  265.     servers:  
  266.       zone:  
  267.         -  0.loggregator.default.<%= deployment_name %>.microbosh  
  268.   
  269.   traffic_controller:  
  270.     zone: 'zone'  
  271.   
  272.   logger_endpoint:  
  273.     use_ssl: <%= protocol == 'https' %>  
  274.     port: 80  
  275.   
  276.   ssl:  
  277.     skip_cert_verify: true  
  278.   
  279.   router:  
  280.     endpoint_timeout: 60  
  281.     status:  
  282.       port: 8080  
  283.       user: gorouter  
  284.       password: <%= common_password %>  
  285.     servers:  
  286.       z1:  
  287.         - 0.router.default.<%= deployment_name %>.microbosh  
  288.       z2: []  
  289.   
  290.   etcd:  
  291.     machines:  
  292.       - 0.etcd.default.<%= deployment_name %>.microbosh  
  293.   
  294.   dea: &dea  
  295.     disk_mb: 102400  
  296.     disk_overcommit_factor: 2  
  297.     memory_mb: 15000  
  298.     memory_overcommit_factor: 3  
  299.     directory_server_protocol: <%= protocol %>  
  300.     mtu: 1460  
  301.     deny_networks:  
  302.       - 169.254.0.0/16 # Google Metadata endpoint  
  303.   
  304.   dea_next: *dea  
  305.   
  306.   disk_quota_enabled: false  
  307.   
  308.   dea_logging_agent:  
  309.     status:  
  310.       user: admin  
  311.       password: <%= common_password %>  
  312.   
  313.   databases: &databases  
  314.     db_scheme: postgres  
  315.     address: 0.postgres.default.<%= deployment_name %>.microbosh  
  316.     port: 5524  
  317.     roles:  
  318.       - tag: admin  
  319.         name: ccadmin  
  320.         password: <%= common_password %>  
  321.       - tag: admin  
  322.         name: uaaadmin  
  323.         password: <%= common_password %>  
  324.     databases:  
  325.       - tag: cc  
  326.         name: ccdb  
  327.         citext: true  
  328.       - tag: uaa  
  329.         name: uaadb  
  330.         citext: true  
  331.   
  332.   ccdb: &ccdb  
  333.     db_scheme: postgres  
  334.     address: 0.postgres.default.<%= deployment_name %>.microbosh  
  335.     port: 5524  
  336.     roles:  
  337.       - tag: admin  
  338.         name: ccadmin  
  339.         password: <%= common_password %>  
  340.     databases:  
  341.       - tag: cc  
  342.         name: ccdb  
  343.         citext: true  
  344.   
  345.   ccdb_ng: *ccdb  
  346.   
  347.   uaadb:  
  348.     db_scheme: postgresql  
  349.     address: 0.postgres.default.<%= deployment_name %>.microbosh  
  350.     port: 5524  
  351.     roles:  
  352.       - tag: admin  
  353.         name: uaaadmin  
  354.         password: <%= common_password %>  
  355.     databases:  
  356.       - tag: uaa  
  357.         name: uaadb  
  358.         citext: true  
  359.   
  360.   cc: &cc  
  361.     srv_api_uri: <%= protocol %>://api.<%= root_domain %>  
  362.     jobs:  
  363.       local:  
  364.         number_of_workers: 2  
  365.       generic:  
  366.         number_of_workers: 2  
  367.       global:  
  368.         timeout_in_seconds: 14400  
  369.       app_bits_packer:  
  370.         timeout_in_seconds: null  
  371.       app_events_cleanup:  
  372.         timeout_in_seconds: null  
  373.       app_usage_events_cleanup:  
  374.         timeout_in_seconds: null  
  375.       blobstore_delete:  
  376.         timeout_in_seconds: null  
  377.       blobstore_upload:  
  378.         timeout_in_seconds: null  
  379.       droplet_deletion:  
  380.         timeout_in_seconds: null  
  381.       droplet_upload:  
  382.         timeout_in_seconds: null  
  383.       model_deletion:  
  384.         timeout_in_seconds: null  
  385.     bulk_api_password: <%= common_password %>  
  386.     staging_upload_user: upload  
  387.     staging_upload_password: <%= common_password %>  
  388.     quota_definitions:  
  389.       default:  
  390.         memory_limit: 10240  
  391.         total_services: 100  
  392.         non_basic_services_allowed: true  
  393.         total_routes: 1000  
  394.         trial_db_allowed: true  
  395.     resource_pool:  
  396.       resource_directory_key: cloudfoundry-resources  
  397.       fog_connection:  
  398.         provider: Local  
  399.         local_root: /var/vcap/nfs/shared  
  400.     packages:  
  401.       app_package_directory_key: cloudfoundry-packages  
  402.       fog_connection:  
  403.         provider: Local  
  404.         local_root: /var/vcap/nfs/shared  
  405.     droplets:  
  406.       droplet_directory_key: cloudfoundry-droplets  
  407.       fog_connection:  
  408.         provider: Local  
  409.         local_root: /var/vcap/nfs/shared  
  410.     buildpacks:  
  411.       buildpack_directory_key: cloudfoundry-buildpacks  
  412.       fog_connection:  
  413.         provider: Local  
  414.         local_root: /var/vcap/nfs/shared  
  415.     install_buildpacks:  
  416.       - name: java_buildpack  
  417.         package: buildpack_java  
  418.       - name: ruby_buildpack  
  419.         package: buildpack_ruby  
  420.       - name: nodejs_buildpack  
  421.         package: buildpack_nodejs  
  422.       - name: go_buildpack  
  423.         package: buildpack_go  
  424.     db_encryption_key: <%= common_password %>  
  425.     hm9000_noop: false  
  426.     diego: false  
  427.     newrelic:  
  428.       license_key: null  
  429.       environment_name: <%= deployment_name %>  
  430.   
  431.   ccng: *cc  
  432.   
  433.   login:  
  434.     enabled: false  
  435.   
  436.   uaa:  
  437.     url: <%= protocol %>://uaa.<%= root_domain %>  
  438.     no_ssl: <%= protocol == 'http' %>  
  439.     cc:  
  440.       client_secret: <%= common_password %>  
  441.     admin:  
  442.       client_secret: <%= common_password %>  
  443.     batch:  
  444.       username: batch  
  445.       password: <%= common_password %>  
  446.     clients:  
  447.       cf:  
  448.         override: true  
  449.         authorized-grant-types: password,implicit,refresh_token  
  450.         authorities: uaa.none  
  451.         scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write  
  452.         access-token-validity: 7200  
  453.         refresh-token-validity: 1209600  
  454.       admin:  
  455.         secret: <%= common_password %>  
  456.         authorized-grant-types: client_credentials  
  457.         authorities: clients.read,clients.write,clients.secret,password.write,scim.read,uaa.admin  
  458.     scim:  
  459.       users:  
  460.       - admin|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin,uaa.admin,password.write  
  461.       - services|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin  
  462.     jwt:  
  463.       signing_key: |  
  464.         -----BEGIN RSA PRIVATE KEY-----  
  465.         REPLACE+ME+WITH+A+REAL+RSA+PRIVATE+KEY+++++++++++++asdfghj123122  
  466.         123456789+++++REPLACE+ME+WITH+A+REAL+RSA+PRIVATE+KEY++++++++++++  
  467.         asd34++123456789+++++REPLACE+ME+WITH+A+REAL+RSA+PRIVATE+KEY+++++  
  468.         KVy7psa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX  
  469.         sdfvsdfgvKVy7psALKSFOa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJW  
  470.         VfYphNahvZ/7uMXKVy7psa8xzElSyzqx7oJyfJ1JZyOO:9T5SfTIq396agbHJWVf  
  471.         YphNasvZ/7uMXFzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX  
  472.         sedfsyzqx7oJyfJ1JZyOzToj9TDASWDASD5SfTIq396agbHJWVfYphNahvZ/7uMX  
  473.         -----END RSA PRIVATE KEY-----  
  474.       verification_key: |  
  475.         -----BEGIN PUBLIC KEY-----  
  476.         REPLACE+ME+WITH+A+VALID+PUBLIC+KEY++++++++++MIGfMA0GCSqGSIb3DQEBAQUA  
  477.         AASAqHxf+ZH9BL1gk9Y6kCnbM5R60gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBug  
  478.         BUGBUGspULZVNRxq7veq/fzwIDAQAB  
  479.         -----END PUBLIC KEY-----  

其中REPLACE-DIRECTOR_UUID为Bosh Director的UUID,
[python]  view plain copy
 
 
  1. # bosh status  
  2. Config  
  3.              /root/.bosh_config  
  4.   
  5. Director  
  6.   Name       microbosh-openstack  
  7.   URL        https://172.24.4.227:25555  
  8.   Version    1.2652.0 (00000000)  
  9.   User       admin  
  10.   UUID       04fd1b77-9522-459e-8f56-bfe83b7c5624  
  11.   CPI        openstack  
  12.   dns        enabled (domain_name: microbosh)  
  13.   compiled_package_cache disabled  
  14.   snapshots  disabled  
  15.   
  16. Deployment  
  17.   Manifest   /root/bosh/bosh-workspace/deployments/cf/demo.yml  
  18.   
  19. REPLACE-IP-ADDRESS是预先分配好的floating ip  
  20. # nova floating-ip-create public  


root_domain是部署CloudFoundry使用的域名,部署CloudFoundry必须有一个通配符域名(Wildcard DNS record),例如, 如果使用的域名为example.com,那么example.com和*.example.com都要解析为同一IP地址,即前面申请的floating ip。 如果没有这样的域名,可以试一下xip.io提供的动态域名,它可以把<ip>.xip.io和*.<ip>.xip.io都解析为<ip>, 例如,login.111.222.111.222.xip.io会被解析为111.222.111.222
 
在部署CloudFoundry过程中,需要设置很多密码,例如访问各个虚拟机,CloudFoundry默认的管理员账户等,在此例中,同一设置为common_password。在生产环境中,比较合理的做法是设置为不同的密码。
 

4.4 部署CloudFoundry

[python]  view plain copy
 
 
  1. # bosh deployment cf/demo.yml  
  2. # bosh deploy  

4.5 部署完成后,可以使用如下命令查看各个虚拟机运行状况

[python]  view plain copy
 
 
  1. # bosh vms