Pivotal/BOSH

From r00tedvw.com wiki
Jump to: navigation, search

BOSH | BOSH CLI | Quick Reference

Contents

Installing on Mac OSX

The easiest way is to use brew

~$ brew install cloudfoundry/tap/bosh-cli

Alternatively you can download the release and create a symlink to /usr/local/bin/bosh

Installing on Ubuntu

I'm installing BOSH on an Ubuntu 16.04 LTS server vm running on top an ESXi 6.0u2 host.

BOSH v3 CLI

Start by updating your ubuntu vm.

~$ sudo apt update && sudo apt upgrade -y

Next lets install a few dependencies.

~$ sudo apt install -y build-essential zlibc zlib1g-dev ruby ruby-dev openssl libxslt-dev libxml2-dev libssl-dev libreadline6 libreadline6-dev libyaml-dev libsqlite3-dev sqlite3 git gnupg2 libcurl3

update: added libcurl3 to the dependency list as it was needed for bosh-deployment Download the binary, make it executable, and move it to your path. Verify you have it installed.

~$ curl -Lo ./bosh https://s3.amazonaws.com/bosh-cli-artifacts/bosh-cli-3.0.1-linux-amd64
~$ chmod +x ./bosh
~$ sudo mv ./bosh /usr/local/bin/bosh
~$ bosh -v
version 3.0.1-712bfd7-2018-03-13T23:26:43Z

Succeeded

BOSH Director

We are going to use the bosh-deployment tool and deploy bosh onto a vcenter environment.

~$ cd /opt/
~$ sudo mkdir bosh-1 && cd bosh-1
~$ sudo git clone https://github.com/cloudfoundry/bosh-deployment bosh-deployment

Now we need to install the director and specify our vcenter variables.

~$ bosh create-env bosh-deployment/bosh.yml \
    --state=state.json \
    --vars-store=creds.yml \
    -o bosh-deployment/vsphere/cpi.yml \
    -v director_name=bosh-1 \
    -v internal_cidr=10.0.0.0/24 \
    -v internal_gw=10.0.0.1 \
    -v internal_ip=10.0.0.6 \
    -v network_name="VM Network" \
    -v vcenter_dc=my-dc \
    -v vcenter_ds=datastore0 \
    -v vcenter_ip=192.168.0.10 \
    -v vcenter_user=root \
    -v vcenter_password=vmware \
    -v vcenter_templates=bosh-1-templates \
    -v vcenter_vms=bosh-1-vms \
    -v vcenter_disks=bosh-1-disks \
    -v vcenter_cluster=cluster1

Of the variables you see above, the following are required and will not be automatically created:

vcenter_dc
this must match the name of your vcenter datacenter
vcenter_ds
this must match the name of your vcenter datastore or be a regex match.
vcenter_ip
The IP of your vcenter server. hostname is not specified as allowed in the BOSH documentation.
vcenter_user
username of account with admin rights.
vcenter_password
password for the above mentioned username
vcenter_cluster
name of the vcenter cluster that your hosts live in. This is required.

All other options listed above will work fine with the default values. If needed, they will be automatically created if not present.

lab example

An example of the install that I did within the lab environment:

~$ bosh create-env bosh-deployment/bosh.yml \
    --state=state.json \
    --vars-store=creds.yml \
    -o bosh-deployment/vsphere/cpi.yml \
    -o bosh-deployment/vsphere/resource-pool.yml \
    -v director_name=bosh-director-10 \
    -v internal_cidr=10.193.10.0/24 \
    -v internal_gw=10.193.10.1 \
    -v internal_ip=10.193.10.6 \
    -v network_name="Lab-env10" \
    -v vcenter_dc=Datacenter \
    -v vcenter_ds=LUN01 \
    -v vcenter_ip=vcsa-01.haas-59.pez.pivotal.io \
    -v [email protected] \
    -v vcenter_password=password \
    -v vcenter_templates=pcf_env10_templates \
    -v vcenter_vms=pcf_env10_vms \
    -v vcenter_disks=pcf_env10_disks \
    -v vcenter_cluster=Cluster \
    -v vcenter_rp=RP10

SSH into BOSH Director

In order to SSH into the BOSH director, it needs to have been setup with a passwordless user during creation. This is generally defined through the jumpbox-user.yml file during deployment. The below methods assume this was in place during deployment.

Manual

Search creds.yml for the jumpbox private RSA key. Copy everything between -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY-----, including those (2) lines, into a new file called jumpbox.pub.
Make sure that there are no spaces in front of any of the lines. I used the following to remove them:

~$ sed 's/    //g' jumpbox.pub

If the above looks right, then lets write it.

LINUX: ~$ sed -i 's/    //g' jumpbox.pub
MAC: ~$ sed -i '' 's/    //g' jumpbox.pub

Next, set the correct permissions.

~$ sudo chmod 600 ./jumpbox.pub

Finally we should be able to ssh into our BOSH director

~$ ssh [email protected]<director IP> -i <jumpbox rsa key>
ex. ~$ ssh [email protected] -i ~/jumpbox.pub

The BOSH Way

Extract the RSA Key for the jumpbox user

~$ bosh int --path /jumpbox_ssh/private_key <path to creds.yml>
ex. bosh int --path /jumpbox_ssh/private_key ~/Git/workspace/creds.yml

If that looks good, redirect to a file

~$ bosh int --path /jumpbox_ssh/private_key ~/Git/workspace/creds.yml > ~/jumpbox.pub

Finally we should be able to ssh into our BOSH director

~$ ssh [email protected]<director IP> -i <jumpbox rsa key>
ex. ~$ ssh [email protected] -i ~/jumpbox.pub

vSphere

sets up an alias name for the environment from ops man director on vsphere. You may need to ssh into the ops manager first.
bosh alias-env MY-ENV -e DIRECTOR-IP-ADDRESS --ca-cert /var/tempest/workspaces/default/root_ca_certificate

~$ bosh alias-env myenv -e 10.193.81.11 --ca-cert /var/tempest/workspaces/default/root_ca_certificate

Note: you may get an error about an invalid token if you are already logged in. log out first using bosh log-out -e alias

log in to the director. alias is l
bosh -e <env alias> log-in

~$ bosh -e my-env l
User (): admin
Password ():

for bosh cli, use the director credentials found in the bosh director tile


decrypt yml files

In vsphere some of the configurations and credentials are stored within encrypted yml files. In order to decrypt these, ssh into the Ops Manager and run these commands with the admin passphrase

~$ sudo -u tempest-web RAILS_ENV=production /home/tempest-web/tempest/web/scripts/decrypt /var/tempest/workspaces/default/actual-installation.yml /tmp/actual-installation.yml
~$ sudo -u tempest-web RAILS_ENV=production /home/tempest-web/tempest/web/scripts/decrypt /var/tempest/workspaces/default/installation.yml /tmp/installation.yml

Basics

monit

Make sure you are root by either using sudo su - or sudo -i
show running processes related to BOSH

~$ monit summary
The Monit daemon 5.2.5 uptime: 23h 45m

Process 'nats'                      running
Process 'postgres'                  running
Process 'blobstore_nginx'           running
Process 'director'                  running
Process 'worker_1'                  running
Process 'worker_2'                  running
Process 'worker_3'                  running
Process 'worker_4'                  running
Process 'director_scheduler'        running
Process 'director_sync_dns'         running
Process 'director_nginx'            running
Process 'health_monitor'            running
Process 'warden_cpi'                running
Process 'garden'                    running
Process 'uaa'                       running
Process 'credhub'                   running
System 'system_localhost'           running

disk structure

~$ lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda      8:0    0     3G  0 disk                   <<<<<  root disk
└─sda1   8:1    0     3G  0 part /
sdb      8:16   0    16G  0 disk                   <<<<<  ephemeral disk
├─sdb1   8:17   0   3.9G  0 part [SWAP]
└─sdb2   8:18   0  12.1G  0 part /var/vcap/data
sdc      8:32   0    64G  0 disk                   <<<<<  persistent disk
└─sdc1   8:33   0    64G  0 part /var/vcap/store
sr0     11:0    1    48K  0 rom


folder structure

~$ ls -la /var/vcap/
total 40
drwxr-xr-x 10 root root 4096 Jul  9 16:23 .
drwxr-xr-x 12 root root 4096 Jun 18 13:12 ..
drwx------  7 root root 4096 Jul  9 16:23 bosh               <<<<< contain related files, binaries, settings, etc to the bosh agent running on the system.
drwxr-xr-x 22 root root 4096 Jul  9 16:23 data                <<<<< mounted from the ephemeral disk.  contains all the ephemeral data that processes related to bosh use.
drwxr-xr-x  2 root root 4096 Jul  9 16:23 instance          <<<<< contains metadata about the current bosh instance
drwxr-x---  2 root vcap 4096 Jul  9 16:23 jobs           <<<<< jobs related to the bosh director
drwxr-xr-x  3 root root 4096 Jun 18 17:51 micro_bosh       
drwxr-xr-x  5 root root 4096 Jul  9 16:24 monit     <<<<< monit related files
drwxr-xr-x  2 root vcap 4096 Jul  9 16:23 packages     <<<<< releases, packages, and dependencies related to bosh and the installed applications
drwxr-xr-x  8 root root 4096 Jul  9 16:35 store     <<<<< persistent storage for jobs
lrwxrwxrwx  1 root root   18 Jul  9 16:22 sys -> /var/vcap/data/sys .  <<<<< logs for bosh and processes.


Installing on CentOS with virtualbox

Installing on CentOS 7.5.1804x64

Personal tools
Namespaces

Variants
Actions
Navigation
Mediawiki
Confluence
DevOps Tools
Ubuntu
Oracle Linux
AWS
Windows
OpenVPN
Grafana
Pivotal
osTicket
OTRS
phpBB
WordPress
VmWare ESXI 5.1
Crypto currencies
HTML
CSS
Python
Java Script
PHP
Raspberry Pi
Canvas LMS
Kaltura Media Server
MetaSploit
Zoneminder
Photoshop CS2
Fortinet
Uploaded
Certifications
General Info
Games
Meal Plans
NC Statutes
Toolbox