Pivotal/APIs/Service Broker API
Line 30: | Line 30: | ||
|} | |} | ||
==Credentials== | ==Credentials== | ||
− | In order to manually query the service broker API endpoints, you will need to gather the credentials used to register the service. As of today, PAS 2.3, these credentials are stored within the BOSH credhub instance in Cloud Foundry. | + | In order to manually query the service broker API endpoints, you will need to gather the credentials used to register the service. As of today, PAS 2.3, these credentials are stored within the BOSH credhub instance in Cloud Foundry, however they may be available from Ops Manager UI, PAS > Credentials.<br/> |
+ | ===Credhub CLI=== | ||
+ | Before we can use the Credhub CLI, we need credentials for CredHub. In this instance we will be logging into the Credhub for BOSH, which is on the Bosh director VM.<br/> | ||
+ | To start, you'll need to ssh into the Ops Manager. We can run a remote ssh command from there into the Bosh Director VM to extract the username and password for credhub. | ||
+ | <nowiki>~$ ssh [email protected] 'cat /var/vcap/jobs/director/config/director.yml' | jq '.config_server.uaa.client_id,.config_server.uaa.client_secret' | ||
+ | Unauthorized use is strictly prohibited. All access and activity | ||
+ | is subject to logging and monitoring. | ||
+ | [email protected]'s password: | ||
+ | "director_to_credhub" | ||
+ | "client_secret_password"</nowiki> | ||
+ | Now with the credentials, we can try to connect, again from the Ops Manager vm since it already has the credhub cli installed. | ||
+ | <nowiki>~$ credhub api https://bosh_director_ip:8844 --skip-tls-validation | ||
+ | ~$ credhub login --client-name=director_to_credhub --client-secret=client_secret_password | ||
+ | Login Successful</nowiki> | ||
+ | Or you can call the username and password inline to avoid having to look them up. | ||
+ | <nowiki>~$ credhub login \ | ||
+ | --client-name=`ssh [email protected] 'cat /var/vcap/jobs/director/config/director.yml' | jq '.config_server.uaa.client_id' | sed s'/"//'g` \ | ||
+ | --client-secret=`ssh [email protected] 'cat /var/vcap/jobs/director/config/director.yml' | jq '.config_server.uaa.client_secret' | sed s'/"//'g` | ||
+ | Unauthorized use is strictly prohibited. All access and activity | ||
+ | is subject to logging and monitoring. | ||
+ | [email protected]'s password: | ||
+ | Unauthorized use is strictly prohibited. All access and activity | ||
+ | is subject to logging and monitoring. | ||
+ | [email protected]'s password: | ||
+ | Login Successful</nowiki> |
Revision as of 16:29, 1 November 2018
APIs
Open Service Broker API
Contents |
Overview
The open service broker API is used by service brokers; the brokers of services available to developers to supplement their applications.
It allows service brokers to register services, configure, manage, etc.
Manual Queries
Queries are structured like so:
~$ curl http://username:password@service-broker-url/v2/catalog -H "X-Broker-API-Version: 2.14"
The components are:
component | description |
---|---|
curl
|
command used |
http://username:password
|
username and password for the service broker placed inline with the GET request |
@service-broker-url
|
the service broker URL specific to the service deployed |
/v2/catalog
|
the service broker API endpoint |
-H "X-Broker-API-Version: 2.14"
|
A required header for the request that must declare the version number of the Open Service Broker API that the platform is using |
Credentials
In order to manually query the service broker API endpoints, you will need to gather the credentials used to register the service. As of today, PAS 2.3, these credentials are stored within the BOSH credhub instance in Cloud Foundry, however they may be available from Ops Manager UI, PAS > Credentials.
Credhub CLI
Before we can use the Credhub CLI, we need credentials for CredHub. In this instance we will be logging into the Credhub for BOSH, which is on the Bosh director VM.
To start, you'll need to ssh into the Ops Manager. We can run a remote ssh command from there into the Bosh Director VM to extract the username and password for credhub.
~$ ssh [email protected] 'cat /var/vcap/jobs/director/config/director.yml' | jq '.config_server.uaa.client_id,.config_server.uaa.client_secret' Unauthorized use is strictly prohibited. All access and activity is subject to logging and monitoring. [email protected]'s password: "director_to_credhub" "client_secret_password"
Now with the credentials, we can try to connect, again from the Ops Manager vm since it already has the credhub cli installed.
~$ credhub api https://bosh_director_ip:8844 --skip-tls-validation ~$ credhub login --client-name=director_to_credhub --client-secret=client_secret_password Login Successful
Or you can call the username and password inline to avoid having to look them up.
~$ credhub login \ --client-name=`ssh [email protected] 'cat /var/vcap/jobs/director/config/director.yml' | jq '.config_server.uaa.client_id' | sed s'/"//'g` \ --client-secret=`ssh [email protected] 'cat /var/vcap/jobs/director/config/director.yml' | jq '.config_server.uaa.client_secret' | sed s'/"//'g` Unauthorized use is strictly prohibited. All access and activity is subject to logging and monitoring. [email protected]'s password: Unauthorized use is strictly prohibited. All access and activity is subject to logging and monitoring. [email protected]'s password: Login Successful