Skip to content

mariash/bosh-101-release

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

75 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

BOSH-101

BOSH-101 Architecture

BOSH-101 environment is deployed to GCP. It is managed by single BOSH director.

That director is accessible via jumpbox (bosh-bastion) created via terraform.

Bosh-101 director manages bosh-101-classroom deployment that consists of N VMs, where N is the number of students in classroom. Each VM has pre-installed local BOSH director with Warden CPI as well as downloaded BOSH CLI binary, simple release and stemcell.

Deploying BOSH-101

  1. Prepare GCP environment and deploy jumpbox (bosh-bastion). See: https://github.com/cloudfoundry-incubator/bosh-google-cpi-release/blob/master/docs/bosh/README.md

    NOTE: Replace hashicorp/terraform:light with hashicorp/terraform:0.9.9 as per this issue: cloudfoundry/bosh-google-cpi-release#222

  2. SSH to jumpbox

    gcloud compute ssh bosh-bastion
    mkdir -p ~/workspace
    cd ~/workspace
    git clone https://github.com/mariash/bosh-101-release
    git clone https://github.com/cloudfoundry/bosh-deployment
    
  3. Get latest bosh cli: http://bosh.io/docs/cli-v2.html

    wget https://s3.amazonaws.com/bosh-cli-artifacts/bosh-cli-2.0.28-linux-amd64
    
    sudo gem uninstall bosh_cli
    sudo rm /usr/bin/bosh2
    sudo mv bosh-cli-2.0.28-linux-amd64 /usr/local/bin/bosh
    sudo chmod +x /usr/local/bin/bosh
    
  4. Deploy BOSH director from jumpbox. See here: http://bosh.io/docs/init-google.html

    mkdir -p ~/deployments/bosh-101
    cd bosh-101-release
    
    ./scripts/create-env
    
  5. Update cloud config:

    ./scripts/update-cloud-config
    
  6. Upload latest stemcell:

    bosh -e bosh-101 upload-stemcell https://bosh.io/d/stemcells/bosh-google-kvm-ubuntu-xenial-go_agent
    
  7. Deploy VMs with BOSH + warden CPI to that BOSH director:

    bosh create-release
    bosh -e bosh-101 upload-release
    
    ./scripts/deploy-classroom 2
    
    • where 2 is the number of students, VMs with BOSH installed on them.
  8. Right before the class on a jumpbox VM (bosh-bastion) create a temporary user:

    sudo useradd --create-home -e 2013-07-30 jumpbox
    sudo passwd jumpbox
    sudo chsh jumpbox -s /bin/bash
    
    • where 2013-07-30 is the expiration date of user.
    • set password to something that will be shared during the class (this VM is open to public, so make it hard, but something users can retype).
  9. Update /etc/ssh/sshd_config:

    PasswordAuthentication yes 
    

    and then restart the sshd:

    sudo service ssh restart
    

    Make sure to switch this back after the class or do full cleanup (see After the class section below).

    Disable sshguard that will block user after N failed attempts for 15 mins for office IP address:

    sudo vim /etc/sshguard/whitelist # add office IP to the list
    sudo service sshguard restart
    
  10. Prepare jumpbox ssh key:

    credhub get -n /bosh-101/bosh-101-classroom/jumpbox_ssh -k private_key > /tmp/jumpbox.key
    sudo chown jumpbox:jumpbox /tmp/jumpbox.key
    sudo -u jumpbox mv /tmp/jumpbox.key /home/jumpbox/.ssh/jumpbox.key
    sudo -u jumpbox chmod 600 /home/jumpbox/.ssh/jumpbox.key
    
  11. Now students can SSH to their BOSH sandbox VM (bosh-lite with CLI) as following:

    ssh jumpbox@JUMPBOX_IP
    ssh -i ~/.ssh/jumpbox.key jumpbox@BOSH_VM_IP
    

After the class

On jumpbox:

bosh -e bosh-101 -d bosh-101-classroom delete-deployment

It is advisable to cleanup your whole GCP environment following these instructions: https://github.com/cloudfoundry-incubator/bosh-google-cpi-release/blob/master/docs/bosh/README.md#delete-resources

It should be easy and fast to spin up new environment following this guide (~15 mins). If you stuck somewhere please open an issue. This guide might become outdates so contributions are welcome.

About

BOSH of BOSHes

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published