bosh-deployment

This repository is intended to serve as a reference and starting point for developer-friendly configuration of the Bosh Director. Consume the master branch.

How is bosh-deployment updated?

An automatic process updates Bosh, and other releases within bosh-deployment

1. A new release of bosh is created.
2. A CI pipeline updates bosh-deployment on develop with a compiled bosh release.
3. Smoke tests are performed to ensure create-env works with this potential collection of resources and the new release.
4. A commit to master is made.

Other releases such as UAA, CredHub, and various CPIs are also updated automatically.

Using bosh-deployment

• Create an environment

  • On Local machine (BOSH Lite)
  • On Alibaba Cloud
  • On AWS
  • On Azure
  • On OpenStack
  • On vSphere
  • On vCloud
  • On SoftLayer
  • On Google Compute Platform

• Access your BOSH director

  • Through a VPN
    • bosh create-env, OpenVPN option
  • Through a jumpbox
    • bosh create-env option
  • Expose Director on a Public IP (not recommended)

• CLI v2

  • create-env Dependencies
  • Differences between CLI v2 vs v1
  • Global Flags
  • Environments
  • Operations files
  • Variable Interpolation
  • Tunneling

Ops files

• bosh.yml: Base manifest that is meant to be used with different CPI configurations
• [alicloud|aws|azure|docker|gcp|openstack|softlayer|vcloud|vsphere|virtualbox]/cpi.yml: CPI configuration
• [alicloud|aws|azure|docker|gcp|openstack|softlayer|vcloud|vsphere|virtualbox]/cloud-config.yml: Simple cloud configs
• jumpbox-user.yml: Adds user jumpbox for SSH-ing into the Director (see Jumpbox User)
• uaa.yml: Deploys UAA and enables UAA user management in the Director
• credhub.yml: Deploys CredHub and enables CredHub integration in the Director
• bosh-lite.yml: Configures Director to use Garden CPI within the Director VM (see BOSH Lite)
• syslog.yml: Configures syslog to forward logs to some destination
• local-dns.yml: Enables Director DNS beta functionality
• misc/config-server.yml: Deploys config-server (see credhub.yml)
• misc/proxy.yml: Configure HTTP proxy for Director and CPI
• runtime-configs/syslog.yml: Runtime config to enable syslog forwarding
• experimental/remove-registry.yml: Remove the registry for compatible director/CPI/stemcell versions.

See tests/run-checks.sh for example usage of different ops files.

Security Groups

Please ensure you have security groups setup correctly. i.e:

Type                 Protocol Port Range  Source                     Purpose
SSH                  TCP      22          <IP you run bosh CLI from> SSH (if Registry is used)
Custom TCP Rule      TCP      6868        <IP you run bosh CLI from> Agent for bootstrapping
Custom TCP Rule      TCP      25555       <IP you run bosh CLI from> Director API
Custom TCP Rule      TCP      8443        <IP you run bosh CLI from> UAA API (if UAA is used)
Custom TCP Rule      TCP      8844        <IP you run bosh CLI from> CredHub API (if CredHub is used)
SSH                  TCP      22          <((internal_cidr))>        BOSH SSH (optional)
Custom TCP Rule      TCP      4222        <((internal_cidr))>        NATS
Custom TCP Rule      TCP      25250       <((internal_cidr))>        Blobstore
Custom TCP Rule      TCP      25777       <((internal_cidr))>        Registry if enabled