cf-deployment

cf-deployment is a deployment_type that can be either claimed from the shared pool, or created via the API. The UI does not support cf-deployment environment management, but does show the status of the environment. A cf-deployment environment is complete with a BOSH Director and Cloud Foundry. You should be able to immediately bosh target and cf login after your environment finishes deploying.

Claiming a cf-deployment environment

cf-deployment environments are available in a shared pool named cf-deployment. More information on shared pools can be found here.

Creating a Custom GCP environment using the deployment_type of cf-deployment

You will need an API token and a GCP Service account key before you begin.

Then you will need to create and environment using the API. After your environment has been created, you can use the commands below to use your environment.

How do I get the metadata file for my environment?

The metadata file is defined here. You will need to use the metadata endpoint for the type of environment you are using.

• Pooled cf-deployment environment: this endpoint, or use the concourse resource.
• Custom GCP cf-deployment environment: this endpoint

It is recommend to send this output to a file, so that the file can be re-used in later commands.

-- export metatdata:
export TS_G_ENV=replace-me-please
export TOOLSMITHS_API_TOKEN=replace-me-please

curl "[metadata-endpoint]" > $TS_G_ENV.json

How do I target my BOSH Director?

First, export the metadata file named $TS_G_ENV.json using the instructions above. Then use the commands below, bbl 8.4.0 and later will accept the metadata file. You need to replace santaclara with the name of your checked out environment in the example below. You also need to replace your API Token.

-- bosh target example:
export TS_G_ENV=santaclara
export TOOLSMITHS_API_TOKEN=replace-me-please

eval "$(bbl print-env --metadata-file $TS_G_ENV.json)"
bosh deployments

How do I login to my Cloud Foundry?

First, export the metadata file named $TS_G_ENV.json using the instructions above. Then, use the commands below. You will need to pull the cf admin password out of credhub, and then login. You need to replace santaclara with the name of your checked out environment in the example below. You also need to replace your API Token.

-- cf login example:
export TS_G_ENV=santaclara
export TOOLSMITHS_API_TOKEN=replace-me-please

eval "$(bbl print-env --metadata-file $TS_G_ENV.json)"

credhub login --client-name=credhub-admin --client-secret=$CREDHUB_SECRET --server=https://10.0.0.6:8844 --ca-cert="$CREDHUB_CA_CERT"

export CF_USERNAME=admin
export CF_PASSWORD=$(credhub get -n /bosh-${TS_G_ENV}/cf/cf_admin_password -q)

cf api api.${TS_G_ENV}.cf-app.com --skip-ssl-validation
cf auth
cf target

What changes have been made to the 'standard' CF-Deployment environment?

We use the following OpsFiles:

• scale-to-one-az.yml
• use-compiled-releases.yml
• fast-deploy-with-downtime-and-danger.yml

Additionally, we are using the iso-segs-gcp bbl plan-patch to create the environments, which includes changes so that the isolation segments routing and DNS infrastructure is functional in the pooled environments.

We are not planning to let users specify the opsfiles they would like to use, as the support and troubleshooting of that feature would be more than one team could handle. You can use a cf-deployment environment, and re-deploy with your ops files.

We are interested to hear from users if you believe we should change the standard set of opsfiles we use for every environment.

How do I update the cf-deployment environment to use the set of ops files I need?

One option is to claim a pooled environment, and then re-deploy it with the Ops files you need.

export TOOLSMITHS_API_TOKEN=<your token>
curl -X POST "https://environments.toolsmiths.cf-app.com/pooled_gcp_engineering_environments/claim?api_token=$TOOLSMITHS_API_TOKEN&pool_name=cf-deployment&notes=deploying-postgres" > metadata.json

Now that you have the metadata for the environment, you will need to examine the metadata to find the environment name, and the version of cf-deployment that it was deployed with. We recommend re-deploying using the original version so that you minimize the changes you are testing.

export TS_G_ENV=spanishviolet
git checkout tags/v12.20.0

Now you can connect to the BOSH director and the CF

eval "$(bbl print-env --metadata-file metadata.json)"
credhub login --client-name=credhub-admin --client-secret=$CREDHUB_SECRET --server=https://10.0.0.6:8844 --ca-cert="$CREDHUB_CA_CERT"

export CF_USERNAME=admin
export CF_PASSWORD=$(credhub get -n /bosh-${TS_G_ENV}/cf/cf_admin_password -q)

cf api api.${TS_G_ENV}.cf-app.com --skip-ssl-validation
cf auth
cf target

Once you have connected to your environment, you can ask BOSH to re-deploy with a new ops file. The example below shows the default set of ops files, as well as a new one to switch from MySQL to postgres.

bosh -d cf deploy ~/workspace/cf-deployment/cf-deployment.yml -v system_domain=spanishviolet.cf-app.com \
-o ~/workspace/cf-deployment/operations/experimental/fast-deploy-with-downtime-and-danger.yml \
-o ~/workspace/cf-deployment/operations/use-compiled-releases.yml \
-o ~/workspace/cf-deployment/operations/scale-to-one-az.yml \
-o ~/workspace/cf-deployment/operations/use-postgres.yml

What version of cf-deployment will I get?

In general, you should be getting the latest tagged version off of master, such as https://github.com/cloudfoundry/cf-deployment/tree/v12.23.0 The exact version we are deploying at the current time can be found via the versions API Endpoint. We gate-test each tagged release off of master by running smoke-tests and the default CATS suites. If there is an issue, we could be behind what is currently on GitHub.

For pools, environments are deployed whatever version was current when the environment was deployed. It is not possible to request a specific version. The version an environment was deployed with can be found via the cf-deployment_version key in the metadata for the environment.