Skip to content
This repository has been archived by the owner on Jan 21, 2022. It is now read-only.

Deploying

Jump to bottom
Pravin Pushkar edited this page Dec 11, 2017 · 7 revisions

The steps below describe the procedure for deploying the Abacus Broker.

  1. Clone the repo in your workspace:

    cd ~/workspace
git clone https://github.com/cloudfoundry-incubator/cf-abacus-broker.git
cd cf-abacus-broker
git submodule update --init --recursive

  2. Build the project

    cd abacus/
npm run provision
cd ..
npm run provision

  3. Change the broker's manifest.yml by changing the values below:

    API: https://api.<mydomain>.com:443
AUTH_SERVER: https://uaa.<mydomain>.com
BROKER_USER: <user>
BROKER_PASSWORD: <password>
COLLECTOR: abacus-usage-collector
CONF: <abacus profile>
DASHBOARD_CLIENT_ID: abacus-service-dashboard
DASHBOARD_CLIENT_SECRET: <secret>
DASHBOARD_REDIRECT_URI: https://*abacus-service-dashboard.<mydomain>/manage/instances/*
DASHBOARD_URI: https://abacus-service-dashboard.<mydomain>/manage/instances/
DEBUG: e-abacus-*
EUREKA: abacus-eureka-plugin
NODE_MODULES_CACHE: false
PROVISIONING: abacus-provisioning-plugin
SERVICE_BROKER_CLIENT_ID: abacus-broker
SERVICE_BROKER_CLIENT_SECRET: <secret>

  4. Change the dashboard manifest.yml using these values:

    AUTH_SERVER: https://uaa.<mydomain>.com
CF_CLIENT_ID: abacus-service-dashboard
CF_CLIENT_SECRET: <secret>
CF_COOKIE_SECRET: <cookie secret>
CONF: <abacus profile>
DEBUG: e-abacus-*
NODE_TLS_REJECT_UNAUTHORIZED: 0
PROVISIONING: abacus-provisioning-plugin

    Deploying Custom Themes for Dashboard (Optional)

  5. Create a security group (optional)

    The broker requires access to Cloud Foundry API. If your Cloud Foundry deployment is not using LB, but rather ha_proxy with a floating IP from a private network you would need to allow access to it. This can be configured in a security group specified in groups.json file.

    [
    {
       "destination": "<floating_ip_address>",
       "ports": "443",
       "protocol": "tcp"
    }
]

  6. Execute the following commands:

    cf create-security-group cf-api-access groups.json
cf bind-security-group cf-api-access <abacus-ext-cf-broker-org> <abacus-ext-cf-broker-space>

    where abacus-ext-cf-broker-org and abacus-ext-cf-broker-space are the organization and space, where you are going to push the application.

  7. Create UAA clients

    We need to add UAA clients for Broker and Dashboard applications:

    uaac client add abacus-broker -s <secret> --authorized_grant_types client_credentials --authorities clients.admin,clients.write --scope clients.write,clients.admin
uaac client add abacus-service-dashboard -s <secret> --authorized_grant_types authorization_code,refresh_token --redirect_uri 'https://*abacus-service-dashboard.<mydomain>/manage/instances/*' --authorities abacus.usage.read,abacus.usage.write,uaa.none --scope openid,cloud_controller_service_permissions.read,cloud_controller.read,abacus.usage.read,abacus.usage.write

    Please take care to update the secrets of the clients above.

    The UAA clients name and secret must match the values provided in the manifest. The dashboard UAA client's redirect_uri must match the host chosen for the dashboard application.

    You can run uaac client add <client_name> -i to create the UAA client interactively.

  8. Run the following commands:

    export ADDITIONAL_PACK_DIR="abacus/lib"
export ABACUS_ROOT=`pwd`
cd lib/cf/broker
npm install
npm run cfpack
npm run cfpush

cf start abacus-ext-cf-broker
cf create-service-broker abacus-ext-cf-broker $BROKER_USER $BROKER_PASSWORD https://abacus-ext-cf-broker.<domain>
cf enable-service-access metering

cf start abacus-service-dashboard

    where $BROKER_USER and $BROKER_PASSWORD are defined in the manifest.yml and <domain> is the landscape apps domain.

Next Step

Using the Project

Abacus Broker: Overview

Clone this wiki locally