Table of Contents
With BOSH CLI v2, the Cloud Foundry Foundation invented a new, easy and fast way to deploy a BOSH director on all supported platforms with just one deployment.
BOSH Lite is only supported for local machines. The BOSH CLI v2 provides ways to manipulate manifests without changing them. With a combination of the AWS and the BOSH Lite config it is easy to deploy BOSH Lite on AWS for example.
To apply changes of the structure to a manifest BOSH CLI v2 uses operations files. The files contains single operations which will be serial applied to the original manifest. So it is possible to add, remove or manipulate settings.
How to Prepare the Environment
First of all we need to create an environment on AWS where we can deploy the BOSH director. bosh.io provides a detailed manual to do that. Notice the
- download the private key and remember its location
If you decide to not use a jumphost inside the AWS environment to create the BOSH director, you also need an Elastic IP, see this capture for more information on this topic. In our example we will not use a jumphost.
Deploy the BOSH Director
The main difference between a regular BOSH director and a BOSH Lite is, BOSH Lite creates containers instead of VMs.This is perfect for testing purposes. Do not use this for any production environment.
Simply apply the ops files for BOSH Lite bosh-lite.yml and bosh-lite-runc.yml to the bosh.yml manifest.
$ export ACCESS_KEY_ID=AKI... $ export SECRET_ACCESS_KEY= $ export DIRECTOR_NAME=bosh-lite $ export REGION=eu-west-1 $ export AZ=eu-west-1a $ export DEFAULT_KEY_NAME=aws-bosh-lite $ export PRIVATE_KEY=~/Downloads/aws-bosh-lite.pem $ export DEFAULT_SECURITY_GROUP=sg-.... $ export SUBNET_ID=subnet-..... $ export EXTERNAL_IP=xx.xx.xx.xx $ bosh create-env ../bosh-deployment/bosh.yml \ --state=state.json \ --vars-store=creds.yml \ -o ../bosh-deployment/aws/cpi.yml \ -o ../bosh-deployment/bosh-lite.yml \ -o ../bosh-deployment/bosh-lite-runc.yml \ -o ../bosh-deployment/jumpbox-user.yml \ -o ../bosh-deployment/external-ip-with-registry-not-recommended.yml \ -v director_name=$DIRECTOR_NAME \ -v internal_cidr=10.0.0.0/24 \ -v internal_gw=10.0.0.1 \ -v internal_ip=10.0.0.6 \ -v access_key_id=$ACCESS_KEY_ID \ -v secret_access_key=$SECRET_ACCESS_KEY \ -v region=$REGION \ -v az=$AZ \ -v default_key_name=$DEFAULT_KEY_NAME \ -v default_security_groups='[$DEFAULT_SECURITY_GROUP]' \ --var-file private_key=$PRIVATE_KEY \ -v subnet_id=$SUBNET_ID \ -v external_ip=$EXTERNAL_IP
Using the BOSH Director
After the director is deployed, this will take some minutes, you can start using it. First create an alias for the environment.
$ bosh -e $EXTERNAL_IP --ca-cert < (bosh int creds.yml --path /director_ssl/ca) alias-env aws-lite
Then you can connect to the director and start using it.
$ export BOSH_CLIENTadmin $ export BOSH_CLIENT_SECRET=`bosh int ./creds.yml --path /admin_password` $ export BOSH_ENVIRONMENT=aws-lite
SSH into the BOSH Director VM
You can ssh into the BOSH director VM with a jumpbox user, which is created by this ops file jumpbox-user.yml. See this documentation for further information.
Extract the private key and store it in a file.
$ bosh int creds.yml --path /jumpbox_ssh/private_key > ~/.ssh/aws-bosh-lite-jumpbox.pem $ chmod 600~/.ssh/aws-bosh-lite-jumpbox.pem
Enter the VM with ssh.
$ ssh jumpbox@$EXTERNAL_IP -i ~/.ssh/aws-bosh-lite-jumpbox.pem
Certainly you can add a configuration into your ssh config.
$ vi ~/.ssh/config ... host aws-bosh-lite user jumpbox hostname port 22 identityfile ~/.ssh/aws-bosh-lite-jumpbox.pem ... $ ssh aws-bosh-lite