Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/dpb587/bosh-env-example
https://github.com/dpb587/bosh-env-example
Last synced: 5 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/dpb587/bosh-env-example
- Owner: dpb587
- License: mit
- Created: 2016-11-28T09:06:27.000Z (about 8 years ago)
- Default Branch: master
- Last Pushed: 2016-12-08T23:42:46.000Z (about 8 years ago)
- Last Synced: 2024-10-30T18:13:32.707Z (about 2 months ago)
- Language: Shell
- Size: 17.6 KB
- Stars: 0
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
For bootstrapping a fresh environment...
* vpn (via [openvpn](https://github.com/dpb587/openvpn-bosh-release))
* nat (via [networking](https://github.com/cloudfoundry/networking-release))
* bosh## Requirements
* [bosh](https://github.com/cloudfoundry/bosh-cli/releases/tag/v0.0.133) - for deploying VMs (patched)
* [direnv](https://direnv.net/) - for automatically setting some environment variables
* [git](https://git-scm.com/) - for cloning this repository
* [jq](https://stedolan.github.io/jq/) - for transforming some JSON data
* [openvpn](https://openvpn.net/index.php/open-source.html) (or [Tunnelblick](https://tunnelblick.net/)) - for securely connecting to the environment
* [terraform](https://www.terraform.io/) - for managing IaaS-specific resources## Configuration
All configuration and generated credentials will be stored in a `state` directory. For a new environment...
$ mkdir state
$ echo 'export iaas=aws' >> state/.envrc
$ echo 'export BOSH_ENVIRONMENT=my-env-name' >> state/.envrc
$ ssh-keygen -t rsa -b 2048 -f state/id_rsa -P ''
$ direnv allowStore the `state` directory securely - it contains credentials. It is `.gitignore`'d.
### Amazon Web Services
For AWS, ensure the following environment variables are configured...
$ export AWS_DEFAULT_REGION=
$ export AWS_ACCESS_KEY_ID=
$ export AWS_SECRET_ACCESS_KEY=## Provision
All provisioning commands are idempotent. Provision shared IaaS-specific resources...
$ provision iaas
> *AWS*: this provisions a VPC, subnets, security groups, routing tables, IAM user/credential
Provision a **VPN server**...
$ provision vpn
> *AWS*: this provisions an EIP and security group.
Once the VPN server is provisioned, create a connection profile and start the VPN connection...
$ interpolate vpn profile.ovpn.yml --path /profile > state/vpn.ovpn
$ open state/vpn.ovpnProvision a **NAT server**...
$ provision nat
> *AWS*: this provisions an EIP and security group.
Provision a **BOSH director**...
$ provision-iaas bosh
$ provision-env bosh \
--vars-file <(
interpolate bosh empty.yml \
--vars-file iaas_vpn=<( iaas vpn ) \
--ops-file env/bosh/iaas/$iaas/manifest-vars.yml
) \
--ops-file env/bosh/iaas/aws/manifest-cheaper.yml # aws!Once the BOSH director is provisioned, connect to the director...
$ source etc/bosh
Configure the **cloud config**...
$ bosh -n update-cloud-config \
<(
interpolate bosh cloud-config.yml \
--ops-file env/bosh/iaas/$iaas/cloud-config.yml
)Deploy something fun like **concourse**...
$ cp -r sample/concourse env/concourse
$ provision concourse## Maintenance
Fork the repository and create your own deployment and resources in `env`. When you're ready to upgrade the core components like the `nat`, `vpn`, or `director`, merge this repository again and rerun the provisioning commands.
## License
[MIT License](LICENSE)