Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add create-env script for docker cpi #480

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Add create-env script for docker cpi #480

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions docker/bosh-lite.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
- type: replace
path: /instance_groups/name=bosh/jobs/name=garden/properties/garden/apparmor_profile?
value: "" # overwrites garden-default which is the default
- path: /instance_groups/name=bosh/properties/agent/env/bosh/blobstores/provider=dav/options/endpoint
type: replace
value: https://10.254.50.4:25250
144 changes: 144 additions & 0 deletions docker/create-env.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,144 @@
#!/bin/bash

set -eu -o pipefail

STEP() { echo ; echo ; echo "==\\" ; echo "===>" "$@" ; echo "==/" ; echo ; }

bosh_deployment="$(cd "$(dirname "${BASH_SOURCE[0]}")"; cd ..; pwd)"
bosh_deployment_sha="$(cd "${bosh_deployment}"; git rev-parse --short HEAD)"

if [ "${PWD##${bosh_deployment}}" != "${PWD}" ] || [ -e docker/create-env.sh ] || [ -e ../docker/create-env.sh ]; then
echo "It looks like you are running this within the ${bosh_deployment} repository."
echo "To avoid secrets ending up in this repo, run this from another directory."
echo

exit 1
fi

####
STEP "Creating Docker Network"
####

docker_network=bosh
docker_network_ip=10.245.0.10
docker_network_gw=10.245.0.1
docker_network_cidr=10.245.0.0/16

if docker network ls | grep -q "${docker_network}"; then
echo "Creating docker network: ${docker_network} with range: ${docker_network_cidr}"
docker network create -d bridge --subnet=${docker_network_cidr} ${docker_network} --attachable 1>/dev/null
else
echo "Using existing docker network: ${docker_network}"
fi


####
STEP "Creating BOSH Director"
####

docker_host=$(docker context inspect | jq -r '.[0].Endpoints.docker.Host')
docker_tls=$(docker context inspect | jq -r '.[0].Endpoints.docker.SkipTLSVerify')

#time bosh create-env "${bosh_deployment}/bosh.yml" \
time ~/workspace/bosh-cli/out/bosh create-env "${bosh_deployment}/bosh.yml" \
--state "${PWD}/state.json" \
--ops-file "${bosh_deployment}/docker/cpi.yml" \
--ops-file "${bosh_deployment}/docker/localhost.yml" \
--ops-file "${bosh_deployment}/bosh-lite.yml" \
--ops-file "${bosh_deployment}/docker/bosh-lite.yml" \
--ops-file "${bosh_deployment}/uaa.yml" \
--ops-file "${bosh_deployment}/credhub.yml" \
--ops-file "${bosh_deployment}/jumpbox-user.yml" \
--vars-store "${PWD}/creds.yml" \
--var director_name=bosh-lite \
--var docker_host="${docker_host}" \
--var docker_tls="${docker_tls}" \
--var network="${docker_network}" \
--var static_ip="${docker_network_ip}" \
--var internal_ip="localhost" \
--var internal_gw="${docker_network_gw}" \
--var internal_cidr="${docker_network_cidr}" "$@"


####
STEP "Adding Network Routes (sudo is required)"
####

if [ "$(uname)" = "Darwin" ]; then
sudo route add -net 10.244.0.0/16 192.168.56.6
elif [ "$(uname)" = "Linux" ]; then
if type ip > /dev/null 2>&1; then
sudo ip route add 10.244.0.0/16 via 192.168.56.6
elif type route > /dev/null 2>&1; then
sudo route add -net 10.244.0.0/16 gw 192.168.56.6
else
echo "ERROR adding route"
exit 1
fi
fi

####
STEP "Generating .envrc"
####

cat > .envrc <<EOF
export BOSH_ENVIRONMENT=docker
export BOSH_CA_CERT=\$( bosh interpolate ${PWD}/creds.yml --path /director_ssl/ca )
export BOSH_CLIENT=admin
export BOSH_CLIENT_SECRET=\$( bosh interpolate ${PWD}/creds.yml --path /admin_password )

export CREDHUB_SERVER=https://localhost:8844
export CREDHUB_CA_CERT="\$( bosh interpolate ${PWD}/creds.yml --path=/credhub_tls/ca )
\$( bosh interpolate ${PWD}/creds.yml --path=/uaa_ssl/ca )"
export CREDHUB_CLIENT=credhub-admin
export CREDHUB_SECRET=\$( bosh interpolate ${PWD}/creds.yml --path=/credhub_admin_client_secret )

EOF
echo "export BOSH_DEPLOYMENT_SHA=${bosh_deployment_sha}" >> .envrc


source .envrc

echo Succeeded


####
STEP "Configuring Environment Alias"
####

bosh \
--environment localhost \
--ca-cert <( bosh interpolate "${PWD}/creds.yml" --path /director_ssl/ca ) \
alias-env docker


####
STEP "Updating Cloud Config"
####

bosh -n update-cloud-config "${bosh_deployment}/warden/cloud-config.yml" \
> /dev/null

echo Succeeded

####
STEP "Updating Runtime Config"
####

bosh -n update-runtime-config "${bosh_deployment}/runtime-configs/dns.yml" \
> /dev/null

echo Succeeded

####
STEP "Completed"
####

echo "Credentials for your environment have been generated and stored in creds.yml."
echo "Details about the state of your VM have been stored in state.json."
echo "You should keep these files for future updates and to destroy your environment."
echo
echo "BOSH Director is now running. You may need to run the following before using bosh commands:"
echo
echo " source .envrc"
echo
19 changes: 19 additions & 0 deletions docker/localhost.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
- type: replace
path: /resource_pools/name=vms/cloud_properties/PortBindings?
value:
6868/tcp: [{ HostPort: "6868", HostIp: "0.0.0.0" }] # bosh agent
8844/tcp: [{ HostPort: "8844", HostIp: "0.0.0.0" }] # credhub
8443/tcp: [{ HostPort: "8443", HostIp: "0.0.0.0" }] # uaa
25555/tcp: [{ HostPort: "25555", HostIp: "0.0.0.0" }] # director
22/tcp: [{ HostPort: "2222", HostIp: "0.0.0.0" }] # ssh

# disable ipv6 so agent port forwarding works
# when enabled curl -k -I https://localhost:6868/agent results in
# empty response
- type: replace
path: /resource_pools/name=vms/env/bosh/ipv6?/enable
value: false

- type: replace
path: /instance_groups/name=bosh/networks/name=default/static_ips
value: [((static_ip))]