Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prep for Removal of instance-group-level and global properties #25

Open
jhunt opened this issue Oct 11, 2019 · 1 comment
Open

Prep for Removal of instance-group-level and global properties #25

jhunt opened this issue Oct 11, 2019 · 1 comment
Labels
PRIORITY: Medium Usable workaround, but should get fixed before next minor release TRIAGE: Accepted Ticket has been accepted for work to proceed TYPE: Enhancement New behaviour or feature

Comments

@jhunt
Copy link
Contributor

jhunt commented Oct 11, 2019

As of BOSH 270.5.0, BOSH is done with v1 manifest stuff. We need to migrate all of the global and instance-group-level properties to job-level properties.
@jhunt
Copy link
Contributor Author

jhunt commented Oct 11, 2019

Here's a start:

→  find manifests/ -name '*.yml' | xargs -n1 spruce json | jq -r '[.instance_groups[] | { name: .name, properties: .properties}]'
[
  {
    "name": "blacksmith",
    "properties": {
      "azure": {
        "client_id": "(( vault meta.vault \"/azure:client_id\" ))",
        "client_secret": "(( vault meta.vault \"/azure:client_secret\" ))",
        "default_security_group": "(( grab params.azure_default_sg ))",
        "environment": "(( grab params.azure_environment ))",
        "resource_group_name": "(( grab params.azure_resource_group ))",
        "ssh_public_key": "(( vault meta.vault \"/azure/ssh:public\" ))",
        "ssh_user": "vcap",
        "subscription_id": "(( vault meta.vault \"/azure:subscription_id\" ))",
        "tenant_id": "(( vault meta.vault \"/azure:tenant_id\" ))",
        "use_managed_disks": true
      },
      "director": {
        "cpi_job": "azure_cpi"
      }
    }
  }
]
[
  {
    "name": "blacksmith",
    "properties": {
      "director": {
        "cpi_job": "google_cpi"
      },
      "google": {
        "json_key": "(( vault meta.vault \"/google:json_key\" ))",
        "project": "(( grab params.google_project ))"
      }
    }
  }
]
[
  {
    "name": "blacksmith",
    "properties": {
      "aws": {
        "access_key_id": "(( vault meta.vault \"/aws:access_key\" ))",
        "default_key_name": "(( grab params.aws_key_name ))",
        "default_security_groups": "(( grab params.aws_default_sgs ))",
        "region": "(( grab params.aws_region ))",
        "secret_access_key": "(( vault meta.vault \"/aws:secret_key\" ))"
      },
      "director": {
        "cpi_job": "aws_cpi"
      }
    }
  }
]
[
  {
    "name": "blacksmith",
    "properties": {
      "director": {
        "cpi_job": "vsphere_cpi"
      },
      "vcenter": {
        "address": "(( vault meta.vault \"/vsphere:address\"  ))",
        "datacenters": [
          {
            "clusters": "(( grab params.vsphere_clusters   ))",
            "datastore_pattern": "(( concat \"^(\" meta.vsphere.ephemeral  \")$\" ))",
            "disk_path": "(( concat params.env \"-blacksmith/disks\"     ))",
            "name": "(( grab params.vsphere_datacenter ))",
            "persistent_datastore_pattern": "(( concat \"^(\" meta.vsphere.persistent \")$\" ))",
            "template_folder": "(( concat params.env \"-blacksmith/templates\" ))",
            "vm_folder": "(( concat params.env \"-blacksmith/vms\"       ))"
          }
        ],
        "password": "(( vault meta.vault \"/vsphere:password\" ))",
        "user": "(( vault meta.vault \"/vsphere:user\"     ))"
      }
    }
  }
]
[
  {
    "name": "blacksmith",
    "properties": {
      "director": {
        "cpi_job": "openstack_cpi"
      },
      "openstack": {
        "api_key": "(( grab params.openstack_password ))",
        "auth_url": "(( grab params.openstack_auth_url ))",
        "default_key_name": "(( grab params.openstack_ssh_key ))",
        "default_security_groups": "(( grab params.openstack_default_security_groups ))",
        "domain": "(( grab params.openstack_domain ))",
        "human_readable_vm_names": true,
        "project": "(( grab params.openstack_project ))",
        "region": "(( grab params.openstack_region ))",
        "username": "(( grab params.openstack_username ))"
      }
    }
  }
]
[
  {
    "name": "blacksmith",
    "properties": {
      "registry": {
        "address": "(( grab params.ip ))",
        "db": "(( grab instance_groups.blacksmith.properties.postgres ))",
        "host": "(( grab params.ip ))",
        "password": "(( vault meta.vault \"/registry:password\" ))",
        "port": 25777,
        "username": "registry-user"
      }
    }
  }
]
[
  {
    "name": "blacksmith",
    "properties": {
      "blobstore": {
        "address": "(( grab params.ip ))",
        "agent": {
          "password": "(( vault meta.vault \"/blobstore/agent:password\" ))",
          "user": "agent"
        },
        "director": {
          "password": "(( vault meta.vault \"/blobstore/director:password\" ))",
          "user": "director"
        },
        "port": 25250,
        "provider": "dav",
        "tls": {
          "cert": {
            "ca": "(( vault meta.vault \"/tls/ca:certificate\" ))",
            "certificate": "(( vault meta.vault \"/tls/blobstore:certificate\" ))",
            "private_key": "(( vault meta.vault \"/tls/blobstore:key\" ))"
          }
        }
      },
      "director": {
        "address": "(( grab params.ip ))",
        "db": {
          "adapter": "postgres",
          "database": "bosh",
          "host": "127.0.0.1",
          "listen_address": "127.0.0.1",
          "password": "(( vault meta.vault \"/db:password\" ))",
          "user": "postgres"
        },
        "enable_dedicated_status_worker": true,
        "enable_nats_delivered_templates": true,
        "enable_post_deploy": true,
        "events": {
          "record_events": true
        },
        "flush_arp": true,
        "generate_vm_passwords": true,
        "local_dns": {
          "enabled": true
        },
        "name": "(( concat params.env \"-blacksmith\" ))",
        "ssl": {
          "cert": "(( vault meta.vault \"/tls/director:certificate\" ))",
          "key": "(( vault meta.vault \"/tls/director:key\" ))"
        },
        "user_management": {
          "local": {
            "users": [
              {
                "name": "admin",
                "password": "(( vault meta.vault \"/users/admin:password\" ))"
              },
              {
                "name": "hm",
                "password": "(( vault meta.vault \"/users/hm:password\" ))"
              },
              {
                "name": "blacksmith",
                "password": "(( vault meta.vault \"/users/blacksmith:password\" ))"
              }
            ]
          },
          "provider": "local"
        },
        "workers": 4
      },
      "env": {
        "http_proxy": "(( grab params.http_proxy  || \"\" ))",
        "https_proxy": "(( grab params.https_proxy || \"\" ))",
        "no_proxy": "(( grab params.no_proxy    || \"\" ))"
      },
      "hm": {
        "director_account": {
          "ca_cert": "(( vault meta.vault \"/tls/ca:certificate\" ))",
          "password": "(( vault meta.vault \"/users/hm:password\" ))",
          "user": "hm"
        },
        "resurrector_enabled": true
      },
      "nats": {
        "address": "(( grab params.ip ))",
        "password": "(( vault meta.vault \"/nats:password\" ))",
        "tls": {
          "ca": "(( vault meta.vault \"/tls/nats/ca:certificate\" ))",
          "client_ca": {
            "certificate": "(( vault meta.vault \"/tls/nats/ca:certificate\" ))",
            "private_key": "(( vault meta.vault \"/tls/nats/ca:key\"         ))"
          },
          "director": {
            "certificate": "(( vault meta.vault \"/tls/nats/director:certificate\" ))",
            "private_key": "(( vault meta.vault \"/tls/nats/director:key\"         ))"
          },
          "health_monitor": {
            "certificate": "(( vault meta.vault \"/tls/nats/hm:certificate\" ))",
            "private_key": "(( vault meta.vault \"/tls/nats/hm:key\"         ))"
          },
          "server": {
            "certificate": "(( vault meta.vault \"/tls/nats/server:certificate\" ))",
            "private_key": "(( vault meta.vault \"/tls/nats/server:key\"         ))"
          }
        },
        "user": "nats"
      },
      "postgres": {
        "adapter": "postgres",
        "database": "bosh",
        "host": "127.0.0.1",
        "listen_address": "127.0.0.1",
        "password": "(( vault meta.vault \"/db:password\" ))",
        "user": "postgres"
      }
    }
  }
]
[
  {
    "name": "blacksmith",
    "properties": null
  }
]
[
  {
    "name": "blacksmith",
    "properties": null
  }
]
[
  {
    "name": "blacksmith",
    "properties": null
  }
]
[
  {
    "name": "blacksmith",
    "properties": null
  }
]
[
  {
    "name": "blacksmith",
    "properties": null
  }
]
[
  {
    "name": "blacksmith",
    "properties": null
  }
]

@krutten krutten added TYPE: Enhancement New behaviour or feature PRIORITY: Medium Usable workaround, but should get fixed before next minor release labels Feb 11, 2021
@dennisjbell dennisjbell added the TRIAGE: Accepted Ticket has been accepted for work to proceed label Feb 11, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
PRIORITY: Medium Usable workaround, but should get fixed before next minor release TRIAGE: Accepted Ticket has been accepted for work to proceed TYPE: Enhancement New behaviour or feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@krutten @jhunt @dennisjbell