pcf-jump-azure

Overview

pcf-jump-azure creates an ubuntu based jumpbox to deploy Pivotal PAS (2.4 and above) on azure
It will pave the infrastructure using Pivotal terraforming-azure.
PCF Operations Manager will be installed and configured using Pivotal om cli.
Optionally, PAS will be deployed using om cli.

features

automated opsman deployment and configuration
pas infrastructure paving
🆕 autopilot for starting pas, mysql, p-rabbitmq and p-spring-services deployment (will take several hours )
certificate generation using selfsigned or let´s encrypt certificates
🆕 sendgrid integration for notifications and user sign up
🆕 dns configuration and check
🆕 cert checking and logging
🆕 manual options improved
🆕 added pcf small runtime (srt) vs. cf
🆕 automated bosh tasks / setup
🆕 specify download location for ops manager

Initial supported Pivotal Cloudfoundry Tiles and Versions

Pivotal Application Service 2.5.x
MySQL 2.6.x
RabbitMQ 1.15.4
Spring Cloud Services 2.0.x, 3.x.x
Microsoft Azure Service Broker 1.11.0 ( MASB )
additional, post install tiles

Changes

###2019.04

reworked installatzion process, implemented "tile deployer" as a unified deployment service
added PAS 2.5 including support for Availability Zones
Istio Mesh Support

2019.01

usage

there are are multiple ways to deploy the ARM template. we will describe Azure Portal Template based and az cli based Method

create a ssh keypair for the admin user ( if not already done )

both methods require an SSH Keypair

ssh-keygen -t rsa -f ~/${JUMPBOX_NAME} -C ${ADMIN_USERNAME}

installation using New Template Deployment

In the Azure Portal, click on Create Resource and enter Template Deployment
Select the template Deployment and click on create.
Select Build your own Template in the Editor
Replace the Content in the Editor Window with the Content of azuredeploy.json file
click save.
fill in all required Parameters ( marked with a red Star )
when done, click Purchase.

Installation using az cli

for az cli install, we put all required Parameters into an env file

create env file

create an .env file using the .env.example
Parameter Explanation in this table
if you need a full parameter set or a minimum depends on your customizations (e.g. sendgrid and others )

source the env file

source .env

check availability of storage account

az storage account check-name --name ${ENV_SHORT_NAME}director

you are now good to go to deploy
with minimum parameters
with full parameters with parameter file also, note that AUTOPILOT is disabled by default now.
you can set the Environment for PAS_AUTOPILOT or use -pasAutopilot=TRUE during deployment.
if not using autopilot, see Post Deployment Steps for more Details

deployment with default parameter set

the default parameter set uses defaults where possible, it is the most convenient way to get started

validate default

source ~/.env
az group create --name ${JUMPBOX_RG} --location ${AZURE_REGION}
az group deployment validate --resource-group ${JUMPBOX_RG} \
    --template-uri https://raw.githubusercontent.com/bottkars/pcf-jump-azure/$BRANCH/azuredeploy.json \
    --parameters \
    adminUsername=${ADMIN_USERNAME} \
    sshKeyData="$(cat ~/${JUMPBOX_NAME}.pub)" \
    JumphostDNSLabelPrefix=${JUMPBOX_NAME} \
    clientSecret=${AZURE_CLIENT_SECRET} \
    clientID=${AZURE_CLIENT_ID} \
    tenantID=${AZURE_TENANT_ID} \
    subscriptionID=${AZURE_SUBSCRIPTION_ID} \
    pivnetToken=${PIVNET_UAA_TOKEN} \
    envName=${ENV_NAME} \
    envShortName=${ENV_SHORT_NAME} \
    PCFDomainName=${PCF_DOMAIN_NAME} \
    PCFSubdomainName=${PCF_SUBDOMAIN_NAME} \
    _artifactsLocation="https://raw.githubusercontent.com/bottkars/pcf-jump-azure/$BRANCH"

deploy default

⚡ do not forget to create ssh key for every environment !

source ~/.env
ssh-keygen -t rsa -f ~/${JUMPBOX_NAME} -C ${ADMIN_USERNAME}

az group create --name ${JUMPBOX_RG} --location ${AZURE_REGION}
az group deployment create --resource-group ${JUMPBOX_RG} \
    --template-uri "https://raw.githubusercontent.com/bottkars/pcf-jump-azure/$BRANCH/azuredeploy.json" \
    --parameters \
    adminUsername=${ADMIN_USERNAME} \
    sshKeyData="$(cat ~/${JUMPBOX_NAME}.pub)" \
    JumphostDNSLabelPrefix=${JUMPBOX_NAME} \
    clientSecret=${AZURE_CLIENT_SECRET} \
    clientID=${AZURE_CLIENT_ID} \
    tenantID=${AZURE_TENANT_ID} \
    subscriptionID=${AZURE_SUBSCRIPTION_ID} \
    pivnetToken=${PIVNET_UAA_TOKEN} \
    envName=${ENV_NAME} \
    envShortName=${ENV_SHORT_NAME} \
    PCFDomainName=${PCF_DOMAIN_NAME} \
    PCFSubdomainName=${PCF_SUBDOMAIN_NAME} \
    _artifactsLocation="https://raw.githubusercontent.com/bottkars/pcf-jump-azure/$BRANCH"

deployment with full param set

the full parameter set´s optional Values like smtp config example parameter file for testing branch is here example parameter file for master branch is here. 6. validate full

source ~/.env
az group create --name ${JUMPBOX_RG} --location ${AZURE_REGION}
az group deployment validate --resource-group ${JUMPBOX_RG} \
    --template-uri "https://raw.githubusercontent.com/bottkars/pcf-jump-azure/$BRANCH/azuredeploy.json" \
    --parameters \
    sshKeyData="$(cat ~/${JUMPBOX_NAME}.pub)" \
    adminUsername=${ADMIN_USERNAME} \
    JumphostDNSLabelPrefix=${JUMPBOX_NAME} \
    clientSecret=${AZURE_CLIENT_SECRET} \
    clientID=${AZURE_CLIENT_ID} \
    tenantID=${AZURE_TENANT_ID} \
    subscriptionID=${AZURE_SUBSCRIPTION_ID} \
    pivnetToken=${PIVNET_UAA_TOKEN} \
    envName=${ENV_NAME} \
    envShortName=${ENV_SHORT_NAME} \
    opsmanImage=${OPS_MANAGER_IMAGE} \
    opsmanImageRegion=${OPS_MANAGER_IMAGE_REGION} \
    PCFDomainName=${PCF_DOMAIN_NAME} \
    PCFSubdomainName=${PCF_SUBDOMAIN_NAME} \
    opsmanUsername=${PCF_OPSMAN_USERNAME} \
    notificationsEmail=${PCF_NOTIFICATIONS_EMAIL} \
    net16bitmask=${NET_16_BIT_MASK} \
    pasAutopilot=${PAS_AUTOPILOT} \
    pasVersion=${PCF_PAS_VERSION} \
    smtpAddress=${SMTP_ADDRESS} \
    smtpIdentity=${SMTP_IDENTITY} \
    smtpPassword=${SMTP_PASSWORD} \
    smtpFrom=${SMTP_FROM} \
    smtpPort=${SMTP_PORT} \
    smtpStarttls=${SMTP_STARTTLS} \
    useSelfCerts=${USE_SELF_CERTS} \
    _artifactsLocation=${ARTIFACTS_LOCATION} \
    vmSize=${VMSIZE} \
    pasEdition=${PAS_EDITION}

deploy full

⚡ do not forget to create ssh key for every environment !

source ~/.env
ssh-keygen -t rsa -f ~/${JUMPBOX_NAME} -C ${ADMIN_USERNAME}

az group create --name ${JUMPBOX_RG} --location ${AZURE_REGION}                                                                 
az group deployment create --resource-group ${JUMPBOX_RG} \
    --template-uri "https://raw.githubusercontent.com/bottkars/pcf-jump-azure/$BRANCH/azuredeploy.json" \
    --parameters \
    availabilityMode=${AVAILABILITY_MODE} \
    sshKeyData="$(cat ~/${JUMPBOX_NAME}.pub)" \
    adminUsername=${ADMIN_USERNAME} \
    JumphostDNSLabelPrefix=${JUMPBOX_NAME} \
    clientSecret=${AZURE_CLIENT_SECRET} \
    clientID=${AZURE_CLIENT_ID} \
    tenantID=${AZURE_TENANT_ID} \
    subscriptionID=${AZURE_SUBSCRIPTION_ID} \
    pivnetToken=${PIVNET_UAA_TOKEN} \
    envName=${ENV_NAME} \
    envShortName=${ENV_SHORT_NAME} \
    opsmanImage=${OPS_MANAGER_IMAGE} \
    opsmanImageRegion=${OPS_MANAGER_IMAGE_REGION} \
    PCFDomainName=${PCF_DOMAIN_NAME} \
    PCFSubdomainName=${PCF_SUBDOMAIN_NAME} \
    opsmanUsername=${PCF_OPSMAN_USERNAME} \
    notificationsEmail=${PCF_NOTIFICATIONS_EMAIL} \
    net16bitmask=${NET_16_BIT_MASK} \
    pasAutopilot=FALSE \
    PCFPasVersion=${PCF_PAS_VERSION} \
    smtpAddress=${SMTP_ADDRESS} \
    smtpIdentity=${SMTP_IDENTITY} \
    smtpPassword=${SMTP_PASSWORD} \
    smtpFrom=${SMTP_FROM} \
    smtpPort=${SMTP_PORT} \
    smtpStarttls=${SMTP_STARTTLS} \
    useSelfCerts=${USE_SELF_CERTS} \
    _artifactsLocation=${ARTIFACTS_LOCATION} \
    vmSize=${VMSIZE} \
    pasEdition=${PAS_EDITION}

deployment using parameter file

you also might want to deploy the template using an parameter file.
simply create a local azuredeploy.parameter.json file from the example

then run

az group create --name <RG_NAME> --location <AZURE_REGION>
az group deployment create --resource-group <rg_name> \
    --template-uri https://raw.githubusercontent.com/bottkars/pcf-jump-azure/${BRANCH}/azuredeploy.json \
    --parameters @azuredeploy.parameters.json

debugging/ monitoring

it is recommended to check the deployment logs. the azure rm command might timeout as the pas deployment takes time. that will not have an impact on the deployment.
watching the JUMPHost resource group creation

watch az resource list --output table --resource-group ${JUMPBOX_RG}

watching the pcf resource group creation

watch az resource list --output table --resource-group ${ENV_NAME}

ssh into the Jumpbox

 ssh -i ~/${JUMPBOX_NAME} ${ADMIN_USERNAME}@${JUMPBOX_NAME}.${AZURE_REGION}.cloudapp.azure.com

tail the installation log

tail -f ~/install.log

post deploy

finde some 'shortcuts' in advanced

if you do not autodeploy ( default behaviour ), you can kickstart the deployment of all components from the jumphost:

pas

using selfsigned certificates

./create_self_certs.sh
./deploy_pas.sh

or using Let´s encrypt

./create_certs.sh
./deploy_pas.sh

mysql

requires pas deployed

./deploy_mysql.sh

p-rabbitmq

requires pas deployed

./deploy_rabbit.sh

p-spring-services service

requires pas, p-rabbitmq and mysql deployed

./deploy_spring.sh

cleanup

az group delete --name ${JUMPBOX_RG} --yes
az group delete --name ${ENV_NAME} --yes
ssh-keygen -R "${JUMPBOX_NAME}.${AZURE_REGION}.cloudapp.azure.com"

certificates

the deployment uses self-signed certificates by default. to uses automated generation of Let´s encrypt Certificates, set

USE_SELF_CERTS="FALSE"

and use the Full Deployment Method

env variables

variable	azure rm parameter	default value	mandatory	description
JUMPBOX_RG			yes	the name of the ressource group for the JumpBox
JUMPBOX_NAME	JumphostDNSLabelPrefix	-	yes	the JumpBox hostname , must be unique for the region !
ADMIN_USERNAME	adminUsername	ubuntu	no	the jumpbox os username
AZURE_CLIENT_ID	clientID		yes	Azure Service Principal
AZURE_CLIENT_SECRET	clientSecret		yes	Service Principal client secret
AZURE_REGION			yes	used from az resource group command, no default
AZURE_SUBSCRIPTION_ID	subscriptionID		yes	Your Azure Subscription ID,
AZURE_TENANT_ID	tenantID		yes	Your AZURE tenant
PIVNET_UAA_TOKEN	pivnetToken		yes	Your Token from Pivotal Network
PCF_DOMAIN_NAME	PCFDomainName		yes	the domain your PCF subdomain will be hosted in
PCF_SUBDOMAIN_NAME	PCFSubdomainName		yes	the subdomain name that will be created in your resource group
ENV_SHORT_NAME	envShortName		yes	yourshortname will be used as prefix for storage accounts and other azure resources. make sure you check storage account availability, see further down below
ENV_NAME	envName	pcf	no, using default	pcf this name will be prefix for azure resources and you opsman hostname
OPS_MANAGER_IMAGE_URI	opsmanImageUri	opsurl	no	a 2.4 opsman image url
PCF_NOTIFICATIONS_EMAIL	notificationsEmail	user@example.com"	no	wher to sent PCF Notifications
PCF_OPSMAN_USERNAME	opsmanUsername	opsman	no	opsman
NET_16_BIT_MASK	net16bitmask	10.10	no	*16 bit networkdefault 10.10
PAS_AUTOPILOT	pasAutopilot	FALSE		Autoinstall PAS, RABBIT, MYSQL, Spring Service when set to true
PCF_PAS_VERSION	pasVersion	2.4.1	no	the version of PAS, must be 2.4.0 or greater
SMTP_ADDRESS	smtpAddress	null	no	"mysmtp.example.com"
SMTP_IDENTITY	smtpIdentity	null	no	"mysmtpuser"
SMTP_PASSWORD	smtpPassword	null	no	"mysmtppass"
SMTP_FROM	smtpFrom	null	no	"from@example.com"
SMTP_PORT	smtpPort	null	no	"587"
SMTP_STARTTLS	smtpStarttls	false	no	true or false
USE_SELF_CERTS	useSelfcerts	true	no	true or false
PAS_EDITION	pasEdition	cf	no	cf or srt deployment
OPS_MANAGER_IMAGE_REGION	opsmanImageRegion	westeurope	yes	the region where to download opsman from. Values are westeurope, westus, eastus, southeastasia
-	PCFspringVersion	2.0.6	no	2.0.5,2.0.6
-	PCFpasVersion	2.4.3	no	2.4.1,2.4.2,2.4.3
-	PCFmysqlVersion	2.5.3	no	2.5.3
-	PCFrabbitVersion	1.15.4	no	1.15.3,1.15.4
-	PCFmasbVersion	1.11.0	no	1.11.0

required nameserver delegation

make sure that your domain has a ns resource record to your pcf domain.
the following list ALL nameserver entries for Azure, 4 will be picked from the Creation of the DNS Zone

ns1-07.azure-dns.com.
ns2-07.azure-dns.net.
ns3-07.azure-dns.org.
ns4-07.azure-dns.info.
ns1-03.azure-dns.com.
ns2-03.azure-dns.net.
ns3-03.azure-dns.org.
ns4-03.azure-dns.info.
ns1-09.azure-dns.com.
ns2-09.azure-dns.net.
ns3-09.azure-dns.org.
ns4-09.azure-dns.info.
ns4-01.azure-dns.info.
ns4-02.azure-dns.info.
ns4-04.azure-dns.info.
ns4-05.azure-dns.info.
ns4-06.azure-dns.info.
ns4-08.azure-dns.info.
ns4-10.azure-dns.info.
ns1-01.azure-dns.com.
ns1-02.azure-dns.com.
ns1-04.azure-dns.com.
ns1-05.azure-dns.com.
ns1-06.azure-dns.com.
ns1-08.azure-dns.com.
ns1-10.azure-dns.com.
ns2-01.azure-dns.net.
ns2-02.azure-dns.net.
ns2-04.azure-dns.net.
ns2-06.azure-dns.net.
ns2-05.azure-dns.net.
ns2-08.azure-dns.net.
ns2-10.azure-dns.net.
ns3-01.azure-dns.org.
ns3-02.azure-dns.org.
ns3-04.azure-dns.org.
ns3-05.azure-dns.org.
ns3-06.azure-dns.org.
ns3-08.azure-dns.org.
ns3-10.azure-dns.org.

Name		Name	Last commit message	Last commit date
Latest commit History 441 Commits
docs		docs
env		env
patches		patches
scripts		scripts
templates		templates
.DS_Store		.DS_Store
.env.example		.env.example
.env.testing.example		.env.testing.example
.gitignore		.gitignore
README.md		README.md
azuredeploy.json		azuredeploy.json
azuredeploy.parameters.example.json		azuredeploy.parameters.example.json
bosh.md		bosh.md
generate-customdata.json		generate-customdata.json
root_ca_certificate		root_ca_certificate
sendgrid.md		sendgrid.md
testing.md		testing.md

bottkars/pcf-jump-azure

Folders and files

Latest commit

History

Repository files navigation