README ¶
Bosh Release for app-autoscaler service
(This release is under active development)
Purpose
The purpose of this bosh release is to deploy and setup the app-autoscaler service.
Usage
Bosh Lite Deployment
-
Install Bosh-cli-v2
-
Install and start BOSH-Deployment, following its README.
-
Install CF-deployment
-
Create a new autoscaler client
UAA CLI is required to here to create a new UAA client id.
- Install the UAA CLI,
uaac
.
gem install cf-uaac
- Obtain
uaa_admin_client_secret
bosh interpolate --path /uaa_admin_client_secret /path/to/cf-deployment/deployment-vars.yml
- Use the
uaac target uaa.YOUR-DOMAIN
command to target your UAA server and obtain an access token for the admin client.
uaac target uaa.bosh-lite.com --skip-ssl-validation uaac token client get admin -s <uaa_admin_client_secret>
- Create a new autoscaler client
uaac client add "autoscaler_client_id" \ --authorized_grant_types "client_credentials" \ --authorities "cloud_controller.read,cloud_controller.admin,uaa.resource" \ --secret <AUTOSCALE_CLIENT_SECRET>
- Install the UAA CLI,
-
Create and upload App-Autoscaler release
git clone https://github.com/cloudfoundry-incubator/app-autoscaler-release
cd app-autoscaler-release
./scripts/update
bosh create-release
bosh -e YOUR_ENV upload-release
-
Deploy app-autoscaler with the newly created autoscaler client
In the latest App-Autoscaler v2.0 release , App-Autoscaler retrieves application's metrics with loggregator V2 API via gRPC over mutual TLS connection.
So the valid TLS certification to access Loggregator Reverse Log Proxy is required here. When deploying in bosh-lite, the most easy way is to provide loggregator certificates generated by
cf-deployments
.
bosh -e YOUR_ENV -d app-autoscaler \
deploy templates/app-autoscaler-deployment.yml \
--vars-store=bosh-lite/deployments/vars/autoscaler-deployment-vars.yml \
-l <PATH_TO_CF_DEPLOYMENT_VAR_FILES> \
-v system_domain=bosh-lite.com \
-v cf_client_id=autoscaler_client_id \
-v cf_client_secret=<AUTOSCALE_CLIENT_SECRET> \
-v skip_ssl_validation=true
-
Deploy autoscaler with cf deployment mysql database
Notes: It is blocked by the pull request cf-deployment #881 temporarily. If you would like to use the cf mysql, please apply the
set-autoscaler-db.yml
in the pull request when deploy cf deployment.The lastest Autoscaler release add the support for mysql database, Autoscaler can connect the same mysql database with cf deployment. Use the operation file
example/operation/cf-mysql-db.yml
which including the cf database host , password and tls.ca cert.
bosh -e YOUR_ENV -d app-autoscaler \
deploy templates/app-autoscaler-deployment.yml \
--vars-store=bosh-lite/deployments/vars/autoscaler-deployment-vars.yml \
-l <PATH_TO_CF_DEPLOYMENT_VAR_FILES> \
-v system_domain=bosh-lite.com \
-v cf_client_id=autoscaler_client_id \
-v cf_client_secret=<AUTOSCALE_CLIENT_SECRET> \
-v skip_ssl_validation=true \
-o example/operation/cf-mysql-db.yml
- Deploy autoscaler with external postgres database and mysql database
bosh -e YOUR_ENV -d app-autoscaler \
deploy templates/app-autoscaler-deployment.yml \
--vars-store=bosh-lite/deployments/vars/autoscaler-deployment-vars.yml \
-l <PATH_TO_CF_DEPLOYMENT_VAR_FILE> \
-l <PATH_TO_DATABASE_VAR_FILE> \
-v system_domain=bosh-lite.com \
-v cf_client_id=autoscaler_client_id \
-v cf_client_secret=<AUTOSCALE_CLIENT_SECRET> \
-v skip_ssl_validation=true \
-o example/operation/external-db.yml
** The DATABASE_VAR_FILE should look like as below
database:
name: <database_name>
host: <database_host>
port: <database_port>
scheme: <database_scheme>
username: <database_username>
password: <database_password>
sslmode: <database_sslmode>
tls:
ca: |
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
The table below shows the description of all the variables:
Property | Description |
---|---|
database.name | The database name. |
database.host | The database server ip address or hostname. |
database.port | The database server port. |
database.scheme | The database scheme. Currently Autoscaler supports "postgres" and "mysql". |
database.username | The username of the database specified above in "database.name". |
database.password | The password of the user specified above in "database.username". |
database.sslmode | There are 6 values allowed for "postgres": disable, allow, prefer, require, verify-ca and verify-full. Please refer to Postgres SSL definition when define database_sslmode . For "mysql", there are 7 values allowed: false, true, skip-verify, preferred, verify-ca, verify_identity.Please refer to Mysql SSL definition(Golang) and Mysql Connector SSL |
database.tls.ca | PEM-encoded certification authority for secure TLS communication. Only required when sslmode is verify-ca or verify-full(postgres) or verify_identity(mysql) and can be omitted for other sslmode. |
-
Deprecated: App-AutoScaler v1 release and its deployment options.
-
To deploy app-autoscaler V1 release in default collocated approach, use
app-autoscaler-deployment-fewer-v1.yml
bosh -e YOUR_ENV -d app-autoscaler \ deploy templates/app-autoscaler-deployment-fewer-v1.yml \ --vars-store=bosh-lite/deployments/vars/autoscaler-deployment-vars.yml \ -v system_domain=bosh-lite.com \ -v cf_client_id=autoscaler_client_id \ -v cf_client_secret=autoscaler_client_secret \ -v skip_ssl_validation=true
-
Deploy autoscaler V1 release with bosh-dns instead of consul for service registration
bosh -e YOUR_ENV -d app-autoscaler \ deploy templates/app-autoscaler-deployment-fewer-v1.yml \ --vars-store=bosh-lite/deployments/vars/autoscaler-deployment-vars.yml \ -o example/operation/bosh-dns-fewer-v1.yml \ -v system_domain=bosh-lite.com \ -v cf_client_id=autoscaler_client_id \ -v cf_client_secret=autoscaler_client_secret \ -v skip_ssl_validation=true
- Deploy autoscaler V1 release with external postgres database
bosh -e YOUR_ENV -d app-autoscaler \ deploy templates/app-autoscaler-deployment-fewer-v1.yml \ --vars-store=bosh-lite/deployments/vars/autoscaler-deployment-vars.yml \ -v system_domain=bosh-lite.com \ -v cf_client_id=autoscaler_client_id \ -v cf_client_secret=autoscaler_client_secret \ -v skip_ssl_validation=true \ -v database_host=<database_host> \ -v database_port=<database_port> \ -v database_username=<database_username> \ -v database_password=<database_password> \ -v database_name=<database_name> \ -v database_sslmode=<database_sslmode> \ -o example/operation/external-db-fewer-v1.yml
-
Deploy autoscaler V1 release with postgres database enabled TLS
bosh -e YOUR_ENV -d app-autoscaler \ deploy templates/app-autoscaler-deployment-fewer-v1.yml \ --vars-store=bosh-lite/deployments/vars/autoscaler-deployment-vars.yml \ -o example/operation/postgres-ssl-fewer-v1.yml \ -v system_domain=bosh-lite.com \ -v cf_client_id=autoscaler_client_id \ -v cf_client_secret=autoscaler_client_secret \ -v skip_ssl_validation=true
** It's advised not to make skip_ssl_validation=true for non-development environment
-
Register service
Log in to Cloud Foundry with admin user, and use the following commands to register app-autoscaler
service
cf create-service-broker autoscaler <brokerUserName> <brokerPassword> <brokerURL>
brokerUserName
: the user name to authenticate with service broker. It's default value isautoscaler_service_broker_user
.brokerPassword
: the password to authenticate with service broker. It will be stored in the file passed to the --vars-store flag (bosh-lite/deployments/vars/autoscaler-deployment-vars.yml in the example). You can find them by searching forautoscaler_service_broker_password
.brokerURL
: the URL of the service broker
All these parameters are configured in the bosh deployment. If you are using default values of deployment manifest, register the service with the commands below.
cf create-service-broker autoscaler autoscaler_service_broker_user `bosh int ./bosh-lite/deployments/vars/autoscaler-deployment-vars.yml --path /autoscaler_service_broker_password` https://autoscalerservicebroker.bosh-lite.com
Acceptance test
Refer to AutoScaler UAT guide to run acceptance test.
Use service
To use the service to auto-scale your applications, log in to Cloud Foundry with admin user, and use the following command to enable service access to all or specific orgs.
cf enable-service-access autoscaler [-o ORG]
The following commands don't require admin rights, but user needs to be Space Developer. Create the service instance, and then bind your application to the service instance with the policy as parameter.
cf create-service autoscaler autoscaler-free-plan <service_instance_name>
cf bind-service <app_name> <service_instance_name> -c <policy>
Remove the service
Log in to Cloud Foundry with admin user, and use the following commands to remove all the service instances and the service broker of app-autoscaler
from Cloud Foundry.
cf purge-service-offering autoscaler
cf delete-service-broker autoscaler