Skip to content

Instantly share code, notes, and snippets.

@frodenas

frodenas/cf-170-openstack.yml

Last active August 29, 2015 14:01
Show Gist options
  • Save frodenas/e3a8f04c50b29227332a to your computer and use it in GitHub Desktop.
Save frodenas/e3a8f04c50b29227332a to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. frodenas revised this gist Sep 8, 2014. 1 changed file with 3 additions and 0 deletions.
    3 changes: 3 additions & 0 deletions cf-170-openstack.yml
    View file
    Original file line number Diff line number Diff line change
    @@ -221,6 +221,9 @@ jobs:
    - name: floating
    static_ips:
    - <%= static_ip %>
    properties:
    networks:
    apps: external

    properties:
    domain: <%= root_domain %>
  2. frodenas created this gist May 13, 2014.
    482 changes: 482 additions & 0 deletions cf-170-openstack.yml
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,482 @@
    <%
    director_uuid = 'CHANGEME'
    static_ip = 'CHANGEME'
    root_domain = "#{static_ip}.xip.io"
    deployment_name = 'cf'
    cf_release = '170'
    protocol = 'http'
    common_password = 'c1oudc0wc1oudc0w'
    %>
    ---
    name: <%= deployment_name %>
    director_uuid: <%= director_uuid %>

    releases:
    - name: cf
    version: <%= cf_release %>

    compilation:
    workers: 3
    network: default
    reuse_compilation_vms: true
    cloud_properties:
    instance_type: m1.large

    update:
    canaries: 0
    canary_watch_time: 30000-600000
    update_watch_time: 30000-600000
    max_in_flight: 32
    serial: false

    networks:
    - name: default
    type: dynamic
    cloud_properties:
    security_groups:
    - default
    - bosh
    - cf-private

    - name: external
    type: dynamic
    cloud_properties:
    security_groups:
    - default
    - bosh
    - cf-public

    - name: floating
    type: vip
    cloud_properties: {}

    resource_pools:
    - name: common
    network: default
    size: 14
    stemcell:
    name: bosh-openstack-kvm-ubuntu-lucid
    version: latest
    cloud_properties:
    instance_type: m1.small

    - name: large
    network: default
    size: 3
    stemcell:
    name: bosh-openstack-kvm-ubuntu-lucid
    version: latest
    cloud_properties:
    instance_type: m1.medium

    jobs:
    - name: nats
    templates:
    - name: nats
    - name: nats_stream_forwarder
    instances: 1
    resource_pool: common
    networks:
    - name: default
    default: [dns, gateway]

    - name: syslog_aggregator
    templates:
    - name: syslog_aggregator
    instances: 1
    resource_pool: common
    persistent_disk: 65536
    networks:
    - name: default
    default: [dns, gateway]

    - name: nfs_server
    templates:
    - name: debian_nfs_server
    instances: 1
    resource_pool: common
    persistent_disk: 65535
    networks:
    - name: default
    default: [dns, gateway]

    - name: postgres
    templates:
    - name: postgres
    instances: 1
    resource_pool: common
    persistent_disk: 65536
    networks:
    - name: default
    default: [dns, gateway]
    properties:
    db: databases

    - name: uaa
    templates:
    - name: uaa
    instances: 1
    resource_pool: common
    networks:
    - name: default
    default: [dns, gateway]

    - name: loggregator
    templates:
    - name: loggregator
    instances: 1
    resource_pool: common
    networks:
    - name: default
    default: [dns, gateway]

    - name: trafficcontroller
    templates:
    - name: loggregator_trafficcontroller
    instances: 1
    resource_pool: common
    networks:
    - name: default
    default: [dns, gateway]

    - name: cloud_controller
    templates:
    - name: cloud_controller_ng
    instances: 1
    resource_pool: common
    networks:
    - name: default
    default: [dns, gateway]
    properties:
    ccdb: ccdb

    - name: cloud_controller_worker
    templates:
    - name: cloud_controller_worker
    instances: 1
    resource_pool: common
    networks:
    - name: default
    default: [dns, gateway]
    properties:
    ccdb: ccdb

    - name: clock_global
    templates:
    - name: cloud_controller_clock
    instances: 1
    resource_pool: common
    networks:
    - name: default
    default: [dns, gateway]
    properties:
    ccdb: ccdb

    - name: etcd
    templates:
    - name: etcd
    instances: 1
    resource_pool: common
    persistent_disk: 10024
    networks:
    - name: default
    default: [dns, gateway]

    - name: health_manager
    templates:
    - name: hm9000
    instances: 1
    resource_pool: common
    networks:
    - name: default
    default: [dns, gateway]

    - name: dea
    templates:
    - name: dea_logging_agent
    - name: dea_next
    instances: 3
    resource_pool: large
    networks:
    - name: default
    default: [dns, gateway]

    - name: router
    templates:
    - name: gorouter
    instances: 1
    resource_pool: common
    networks:
    - name: default
    default: [dns, gateway]

    - name: haproxy
    templates:
    - name: haproxy
    instances: 1
    resource_pool: common
    networks:
    - name: external
    default: [dns, gateway]
    - name: floating
    static_ips:
    - <%= static_ip %>

    properties:
    domain: <%= root_domain %>
    system_domain: <%= root_domain %>
    system_domain_organization: 'admin'
    app_domains:
    - <%= root_domain %>

    haproxy: {}

    networks:
    apps: default

    nats:
    user: nats
    password: <%= common_password %>
    address: 0.nats.default.<%= deployment_name %>.microbosh
    port: 4222
    machines:
    - 0.nats.default.<%= deployment_name %>.microbosh

    syslog_aggregator:
    address: 0.syslog-aggregator.default.<%= deployment_name %>.microbosh
    port: 54321

    nfs_server:
    address: 0.nfs-server.default.<%= deployment_name %>.microbosh
    network: "*.<%= deployment_name %>.microbosh"
    idmapd_domain: "localdomain"

    debian_nfs_server:
    no_root_squash: true

    loggregator_endpoint:
    shared_secret: <%= common_password %>
    host: 0.trafficcontroller.default.<%= deployment_name %>.microbosh

    loggregator:
    servers:
    zone:
    - 0.loggregator.default.<%= deployment_name %>.microbosh

    traffic_controller:
    zone: 'zone'

    logger_endpoint:
    use_ssl: <%= protocol == 'https' %>
    port: 80

    ssl:
    skip_cert_verify: true

    router:
    endpoint_timeout: 60
    status:
    port: 8080
    user: gorouter
    password: <%= common_password %>
    servers:
    z1:
    - 0.router.default.<%= deployment_name %>.microbosh
    z2: []

    etcd:
    machines:
    - 0.etcd.default.<%= deployment_name %>.microbosh

    dea: &dea
    disk_mb: 102400
    disk_overcommit_factor: 2
    memory_mb: 15000
    memory_overcommit_factor: 3
    directory_server_protocol: <%= protocol %>
    mtu: 1460
    deny_networks:
    - 169.254.0.0/16 # Google Metadata endpoint

    dea_next: *dea

    disk_quota_enabled: false

    dea_logging_agent:
    status:
    user: admin
    password: <%= common_password %>

    databases: &databases
    db_scheme: postgres
    address: 0.postgres.default.<%= deployment_name %>.microbosh
    port: 5524
    roles:
    - tag: admin
    name: ccadmin
    password: <%= common_password %>
    - tag: admin
    name: uaaadmin
    password: <%= common_password %>
    databases:
    - tag: cc
    name: ccdb
    citext: true
    - tag: uaa
    name: uaadb
    citext: true

    ccdb: &ccdb
    db_scheme: postgres
    address: 0.postgres.default.<%= deployment_name %>.microbosh
    port: 5524
    roles:
    - tag: admin
    name: ccadmin
    password: <%= common_password %>
    databases:
    - tag: cc
    name: ccdb
    citext: true

    ccdb_ng: *ccdb

    uaadb:
    db_scheme: postgresql
    address: 0.postgres.default.<%= deployment_name %>.microbosh
    port: 5524
    roles:
    - tag: admin
    name: uaaadmin
    password: <%= common_password %>
    databases:
    - tag: uaa
    name: uaadb
    citext: true

    cc: &cc
    srv_api_uri: <%= protocol %>://api.<%= root_domain %>
    jobs:
    local:
    number_of_workers: 2
    generic:
    number_of_workers: 2
    global:
    timeout_in_seconds: 14400
    app_bits_packer:
    timeout_in_seconds: null
    app_events_cleanup:
    timeout_in_seconds: null
    app_usage_events_cleanup:
    timeout_in_seconds: null
    blobstore_delete:
    timeout_in_seconds: null
    blobstore_upload:
    timeout_in_seconds: null
    droplet_deletion:
    timeout_in_seconds: null
    droplet_upload:
    timeout_in_seconds: null
    model_deletion:
    timeout_in_seconds: null
    bulk_api_password: <%= common_password %>
    staging_upload_user: upload
    staging_upload_password: <%= common_password %>
    quota_definitions:
    default:
    memory_limit: 10240
    total_services: 100
    non_basic_services_allowed: true
    total_routes: 1000
    trial_db_allowed: true
    resource_pool:
    resource_directory_key: cloudfoundry-resources
    fog_connection:
    provider: Local
    local_root: /var/vcap/nfs/shared
    packages:
    app_package_directory_key: cloudfoundry-packages
    fog_connection:
    provider: Local
    local_root: /var/vcap/nfs/shared
    droplets:
    droplet_directory_key: cloudfoundry-droplets
    fog_connection:
    provider: Local
    local_root: /var/vcap/nfs/shared
    buildpacks:
    buildpack_directory_key: cloudfoundry-buildpacks
    fog_connection:
    provider: Local
    local_root: /var/vcap/nfs/shared
    install_buildpacks:
    - name: java_buildpack
    package: buildpack_java
    - name: ruby_buildpack
    package: buildpack_ruby
    - name: nodejs_buildpack
    package: buildpack_nodejs
    - name: go_buildpack
    package: buildpack_go
    db_encryption_key: <%= common_password %>
    hm9000_noop: false
    diego: false
    newrelic:
    license_key: null
    environment_name: <%= deployment_name %>

    ccng: *cc

    login:
    enabled: false

    uaa:
    url: <%= protocol %>://uaa.<%= root_domain %>
    no_ssl: <%= protocol == 'http' %>
    cc:
    client_secret: <%= common_password %>
    admin:
    client_secret: <%= common_password %>
    batch:
    username: batch
    password: <%= common_password %>
    clients:
    cf:
    override: true
    authorized-grant-types: password,implicit,refresh_token
    authorities: uaa.none
    scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write
    access-token-validity: 7200
    refresh-token-validity: 1209600
    admin:
    secret: <%= common_password %>
    authorized-grant-types: client_credentials
    authorities: clients.read,clients.write,clients.secret,password.write,scim.read,uaa.admin
    scim:
    users:
    - admin|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin,uaa.admin,password.write
    - services|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin
    jwt:
    signing_key: |
    -----BEGIN RSA PRIVATE KEY-----
    MIICXAIBAAKBgQDHFr+KICms+tuT1OXJwhCUmR2dKVy7psa8xzElSyzqx7oJyfJ1
    JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMXqHxf+ZH9BL1gk9Y6kCnbM5R6
    0gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBugspULZVNRxq7veq/fzwIDAQAB
    AoGBAJ8dRTQFhIllbHx4GLbpTQsWXJ6w4hZvskJKCLM/o8R4n+0W45pQ1xEiYKdA
    Z/DRcnjltylRImBD8XuLL8iYOQSZXNMb1h3g5/UGbUXLmCgQLOUUlnYt34QOQm+0
    KvUqfMSFBbKMsYBAoQmNdTHBaz3dZa8ON9hh/f5TT8u0OWNRAkEA5opzsIXv+52J
    duc1VGyX3SwlxiE2dStW8wZqGiuLH142n6MKnkLU4ctNLiclw6BZePXFZYIK+AkE
    xQ+k16je5QJBAN0TIKMPWIbbHVr5rkdUqOyezlFFWYOwnMmw/BKa1d3zp54VP/P8
    +5aQ2d4sMoKEOfdWH7UqMe3FszfYFvSu5KMCQFMYeFaaEEP7Jn8rGzfQ5HQd44ek
    lQJqmq6CE2BXbY/i34FuvPcKU70HEEygY6Y9d8J3o6zQ0K9SYNu+pcXt4lkCQA3h
    jJQQe5uEGJTExqed7jllQ0khFJzLMx0K6tj0NeeIzAaGCQz13oo2sCdeGRHO4aDh
    HH6Qlq/6UOV5wP8+GAcCQFgRCcB+hrje8hfEEefHcFpyKH+5g1Eu1k0mLrxK2zd+
    4SlotYRHgPCEubokb2S1zfZDWIXW3HmggnGgM949TlY=
    -----END RSA PRIVATE KEY-----
    verification_key: |
    -----BEGIN PUBLIC KEY-----
    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHFr+KICms+tuT1OXJwhCUmR2d
    KVy7psa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX
    qHxf+ZH9BL1gk9Y6kCnbM5R60gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBug
    spULZVNRxq7veq/fzwIDAQAB
    -----END PUBLIC KEY-----