def bosh_config(stack):
settings = json.load(opsmgr.opsmgr_get(stack, "/api/installation_settings"))
infrastructure = settings["infrastructure"]
infrastructure["iaas_configuration"] = iaas_configuration = infrastructure.get("iaas_configuration", {})
iaas_configuration["access_key_id"] = output(stack, "PcfIamUserAccessKey")
iaas_configuration["secret_access_key"] = output(stack, "PcfIamUserSecretAccessKey")
iaas_configuration["vpc_id"] = output(stack, "PcfVpc")
iaas_configuration["security_group"] = get_security_group_name(output(stack, "PcfVmsSecurityGroupId"))
iaas_configuration["key_pair_name"] = output(stack, "PcfKeyPairName")
iaas_configuration["ssh_private_key"] = get_private_key()
iaas_configuration["region"] = output(stack, "PcfPublicSubnetAvailabilityZone")[:-1]
iaas_configuration["encrypted"] = False
infrastructure["director_configuration"] = director_configuration = infrastructure.get("director_configuration", {})
director_configuration["ntp_servers"] = [
"0.amazon.pool.ntp.org",
"1.amazon.pool.ntp.org",
"2.amazon.pool.ntp.org",
"3.amazon.pool.ntp.org",
]
director_configuration["resurrector_enabled"] = True
director_configuration["blobstore_type"] = "s3"
director_configuration["s3_blobstore_options"] = {
"endpoint": aws.get_s3_endpoint(iaas_configuration["region"]),
"bucket_name": output(stack, "PcfOpsManagerS3Bucket"),
"access_key": output(stack, "PcfIamUserAccessKey"),
"secret_key": output(stack, "PcfIamUserSecretAccessKey"),
}
director_configuration["database_type"] = "external"
director_configuration["external_database_options"] = {
"host": output(stack, "PcfRdsAddress"),
"port": output(stack, "PcfRdsPort"),
"user": output(stack, "PcfRdsUsername"),
"password": output(stack, "PcfRdsPassword"),
"database": output(stack, "PcfRdsDBName"),
}
infrastructure["availability_zones"] = [
{
"guid": get_guid(),
"iaas_identifier": output(stack, "PcfPublicSubnetAvailabilityZone"),
}
]
infrastructure["networks"] = [
{
"guid": get_guid(),
"name": "PCFNetwork",
"iaas_network_identifier": output(stack, "PcfPrivateSubnetId"),
"subnet": "10.0.16.0/20",
"reserved_ip_ranges": "10.0.16.1-10.0.16.9",
"dns": "10.0.0.2",
"gateway": "10.0.16.1",
}
]
for p in settings.get("products", []):
p["singleton_availability_zone_reference"] = infrastructure["availability_zones"][0]["guid"]
p["deployment_network_reference"] = infrastructure["networks"][0]["guid"]
p["infrastructure_network_reference"] = infrastructure["networks"][0]["guid"]
opsmgr.opsmgr_post_yaml(stack, "/api/installation_settings", "installation[file]", settings)
return settings
def cf_config(stack, version=None):
opsmgr.opsmgr_install_if_needed(stack, "cf", "Elastic Runtime", version)
settings = json.load(opsmgr.opsmgr_get(stack, "/api/installation_settings"))
aws_region = output(stack, "PcfPublicSubnetAvailabilityZone")[:-1]
infrastructure = settings["infrastructure"]
elastic_runtime = find(settings["products"], "cf")
elastic_runtime["availability_zone_references"] = [ az["guid"] for az in infrastructure["availability_zones"]]
elastic_runtime["singleton_availability_zone_reference"] = infrastructure["availability_zones"][0]["guid"]
elastic_runtime["network_reference"] = infrastructure["networks"][0]["guid"]
create_cf_databases(stack)
database_configuration = find(elastic_runtime["properties"], "system_database")
database_configuration["value"] = "external"
database_options = find(database_configuration["options"], "external")["properties"]
set(database_options, "host", output(stack, "PcfRdsAddress"))
set(database_options, "port", output(stack, "PcfRdsPort"))
set(database_options, "username", output(stack, "PcfRdsUsername"))
set(database_options, "password", { "secret": output(stack, "PcfRdsPassword") })
blobstore_configuration = find(elastic_runtime["properties"], "system_blobstore")
blobstore_configuration["value"] = "external"
blobstore_options = find(blobstore_configuration["options"], "external")["properties"]
set(blobstore_options, "endpoint", aws.get_s3_endpoint(aws_region))
set(blobstore_options, "access_key", output(stack, "PcfIamUserAccessKey"))
set(blobstore_options, "secret_key", { "secret": output(stack, "PcfIamUserSecretAccessKey") })
# For PCF 1.5 and prior
set(blobstore_options, "bucket", first_of(stack, ["PcfElasticRuntimeS3Bucket", "PcfElasticRuntimeS3ResourcesBucket"]))
# For PCF 1.6 and beyond
set(blobstore_options, "buildpacks_bucket", first_of(stack, ["PcfElasticRuntimeS3BuildpacksBucket", "PcfElasticRuntimeS3Bucket"]))
set(blobstore_options, "droplets_bucket", first_of(stack, ["PcfElasticRuntimeS3DropletsBucket", "PcfElasticRuntimeS3Bucket"]))
set(blobstore_options, "packages_bucket", first_of(stack, ["PcfElasticRuntimeS3PackagesBucket", "PcfElasticRuntimeS3Bucket"]))
set(blobstore_options, "resources_bucket", first_of(stack, ["PcfElasticRuntimeS3ResourcesBucket", "PcfElasticRuntimeS3Bucket"]))
set(elastic_runtime["properties"], "logger_endpoint_port", 4443)
set(elastic_runtime["properties"], "allow_cross_container_traffic", True)
router_configuration = find(elastic_runtime["jobs"], "router")
router_configuration["elb_names"] = find_load_balancer(stack, output(stack, "PcfElbDnsName"))["LoadBalancerName"]
router_settings = router_configuration["properties"]
set(router_settings, "enable_ssl", True)
controller_settings = find(elastic_runtime["jobs"], "cloud_controller")["properties"]
set(controller_settings, "system_domain", config.get("cf", "system-domain", stack=stack["StackName"]))
set(controller_settings, "apps_domain", config.get("cf", "apps-domain", stack=stack["StackName"]))
set(controller_settings, "allow_app_ssh_access", True)
ssh_elb_name = output(stack, "PcfElbSshDnsName")
if ssh_elb_name is not None:
diego_brain_settings = find(elastic_runtime["jobs"], "diego_brain")
if diego_brain_settings is not None:
diego_brain_settings["elb_names"] = find_load_balancer(stack, ssh_elb_name)["LoadBalancerName"]
haproxy_settings = find(elastic_runtime["jobs"], "ha_proxy")["properties"]
set(haproxy_settings, "ssl_rsa_certificate", {
"private_key_pem": get_private_key(stack),
"cert_pem": get_server_certificate(stack)
})
set(haproxy_settings, "skip_cert_verify", True)
set_instances(elastic_runtime, "nfs_server", 0)
set_instances(elastic_runtime, "mysql_proxy", 0)
set_instances(elastic_runtime, "mysql", 0)
set_instances(elastic_runtime, "ccdb", 0)
set_instances(elastic_runtime, "uaadb", 0)
set_instances(elastic_runtime, "consoledb", 0)
set_instances(elastic_runtime, "ha_proxy", 0)
opsmgr.opsmgr_post_yaml(stack, "/api/installation_settings", "installation[file]", settings)
return settings