Skip to content

Latest commit

 

History

History
86 lines (67 loc) · 4 KB

pcf-install-guide.md

File metadata and controls

86 lines (67 loc) · 4 KB
Raw

Installation Guide for PCF

Caution

THIS IS AN EXPERIMENTAL RELEASE. DO NOT DEPLOY THIS IN PRODUCTION OR CUSTOMER ENVIRONMENTS. MAKE SURE THE SCOPE APP IS BEHIND A FIREWALL AND NOT PUBLICLY ACCESSIBLE.

Prerequisites

You will need the following information which can be retrieved from the Director and PCF ERT tiles in Ops Manager:

  • Cloud Controller API: $CF_API_URL, e.g. api.<ERT_SYSTEM_DOMAIN>
  • UAA Host: $UAA_HOST, e.g. uaa.<ERT_SYSTEM_DOMAIN>
  • UAA Admin Client Secret: $UAA_ADMIN_CLIENT_SECRET
  • BOSH Director VM Host: $BOSH_HOST
  • BOSH Director PWD: $BOSH_PWD

Procedure

  1. SSH into Ops Manager

  2. Target and log into BOSH

  3. Clone weave-scope-release

    mkdir -p ~/workspace
cd ~/workspace
git clone https://github.com/st3v/weave-scope-release.git
cd weave-scope-release

  4. Upload the latest weave-scope-release to BOSH

    cd ~/workspace/weave-scope-release
bosh upload release releases/weave-scope/weave-scope-$(git describe --abbrev=0 --tags | tr -d 'v').yml

  5. Edit ~/workspace/weave-scope-release/manifests/pcf/scope-app.yml as follows:

    • Replace <SCOPE-APP-AZ> with one of the names in the azs section retrieved from bosh cloud-config
    • Replace <SCOPE-APP-VM-TYPE> with one of the name in the vm_types section retrieved from bosh cloud-config, e.g. medium.cpu:
    • Replace <SCOPE-APP-NETWORK> with one of the names in the networks section retrieved from bosh cloud-config

  6. Deploy the Scope App:

    bosh -d ~/workspace/weave-scope-release/manifests/pcf/scope-app.yml deploy

  7. Verify the Scope App is up and running by pointing your browser at the IP address assigned to the Scope App instance and port 4040. You can obtain the IP via bosh vms weave-scope. If everything went well, you should see the following.

  8. Add a new CF read-only admin client used by the Scope Probe to access the CF API. Note, choose a proper client-secret.

    uaac target $UAA_HOST --skip-ssl-validation
uaac token client get admin -s $UAA_ADMIN_CLIENT_SECRET
uaac client add scope-cf-admin-ro \
  --name scope-cf-admin-ro \
  --secret scope-cf-admin-ro-secret \
  --authorized_grant_types client_credentials,refresh_token \
  --authorities cloud_controller.admin

  9. Edit ~/workspace/weave-scope-release/manifests/pcf/runtime-config.yml as follows:

    • Set property weave.scope.probe.cf.api_url to $CF_API_URL
    • Set properties weave.scope.probe.cf.client_id and weave.scope.probe.cf.client_secret to the credentials chosen for the UAA client created in the previous step.

  10. Check the currently active BOSH runtime-config by executing bosh runtime-config. If the currently active runtime-config is not empty, you will have to merge it with the one specified in ~/workspace/weave-scope-release/manifests/pcf/runtime-config.yml.

    Update the BOSH runtime-config:

    bosh update runtime-config ~/workspace/weave-scope-release/manifests/pcf/runtime-config.yml

    Make sure runtime-config has been set by running bosh runtime-config.

  11. Re-deploy the Scope App:

    bosh -d ~/workspace/weave-scope-release/manifests/pcf/scope-app.yml deploy

  12. In your browser go to the Scope App and verify that it displays a host that represents the Scope App instance.

  13. Assuming all is well, re-deploy ERT by clicking Apply Changes in the Ops Manager UI or doing the following:

    bosh download manifest $(bosh deployments | grep -e 'cf-[[:alnum:]]\{20\}' | cut -d'|' -f2) /tmp/cf.yml
bosh -d /tmp/cf.yml deploy

  14. Watch the CF hosts appear in the Scope App UI.