Initial NFS broker kit

README.md

@@ -0,0 +1,15 @@
+NFS-Broker Genesis Kit
+======================
+
+This is a Genesis Kit for the [Cloud Foundry NFS Broker][1].
+
+To use it, you don't even need to clone this repository!  Just run
+the following (using Genesis v2):
+
+```
+genesis init --kit nfs-broker nfs-deployments
+```
+
+Ta da!
+
+[1]: https://github.com/cloudfoundry/nfs-volume-release

base/nfs.yml

@@ -0,0 +1,85 @@
+---
+# Contains the configuration for base nfs kit.
+instance_groups:
+- name: nfsbroker
+  instances: 1
+  azs: (( grab params.availability_zones ))
+  persistent_disk_pool: (( grab params.disk_pool ))
+  vm_type: (( grab params.vm_type ))
+  stemcell: default
+  networks:
+  - name: (( grab params.network ))
+    static_ips: (( static_ips(0) ))
+  jobs:
+  - name: nfsbroker
+    release: nfs-volume
+    properties:
+      nfsbroker:
+        plan_desc: broker for exisiting NFS shares
+        username: nfs-broker
+        password: (( vault meta.vault "broker:password" ))
+  - name: route_registrar
+    release: routing
+    consumes:
+      nats:
+        from: nats
+        deployment: (( grab params.cf_deployment ))
+    properties:
+      route_registrar:
+        routes:
+          - name: nfs-broker
+            port: 8999
+            registration_interval: 20s
+            tags:
+              component: nfs-broker
+            uris:
+              - (( concat "nfs-broker." params.system_domain ))
+- name: nfs-broker-registrar
+  instances: 1
+  lifecycle: errand
+  azs: (( grab params.availability_zones ))
+  vm_type: (( grab params.vm_type ))
+  stemcell: default
+  networks:
+  - name: (( grab params.network ))
+  jobs:
+  - name: broker-registrar
+    release: broker-registrar
+    properties:
+      servicebroker:
+        url: (( concat "http://nfs-broker." params.system_domain ))
+        name: nfs-broker
+        username: nfs-broker
+        password: ((vault meta.vault "broker:password" ))
+      cf:
+        api_url: (( concat "api." params.system_domain ))
+        username: (( grab params.cf_admin_user ))
+        password: (( vault params.cf_admin_pass ))
+        skip_ssl_validation: (( grab params.skip_ssl_validation ))
+
+releases:
+- name: nfs-volume
+  version: 1.0.4
+  sha1: b2c22394d30c212a9e6dfcdd0abf5879e931ebfe
+  url: https://bosh.io/d/github.com/cloudfoundry-incubator/nfs-volume-release?v=1.0.4
+- name: broker-registrar
+  version: 3.2.2
+  url: https://bosh.io/d/github.com/cloudfoundry-community/broker-registrar-boshrelease?v=3.2.2
+  sha1: f82c6a346d871ccb9835b8e6341f966cf7ebc7c9
+- name: routing
+  version: 0.156.0
+  url: https://bosh.io/d/github.com/cloudfoundry-incubator/cf-routing-release?v=0.156.0
+  sha1: c0cbf0a4851a36e16a3d8c8cd735d9f64fc4c702
+
+stemcells:
+- alias: default
+  os: (( grab params.stemcell_os ))
+  version: (( grab params.stemcell_version ))
+
+update:
+  serial: false
+  canaries: 1
+  canary_watch_time: 30000-600000
+  update_watch_time: 5000-600000
+  max_in_flight: 1
+  max_errors: 1

base/params.yml

@@ -0,0 +1,21 @@
+---
+meta:
+  vault: (( concat "secret/" params.vault "/" ))
+
+params:
+  system_domain: (( param "What is the system domain of the Cloud Foundry NFS broker should register with?" ))
+  cf_admin_user: admin
+  cf_admin_pass: (( param "What is the vault path to the CF admin user that NFS broker should register with?" ))
+  skip_ssl_validation: false
+
+  cf_deployment: (( concat params.env "-cf" ))
+
+  availability_zones:
+  - z1
+
+  vm_type: small
+  disk_pool: small
+  network: default
+
+  stemcell_os: ubuntu-trusty
+  stemcell_version: latest

kit.yml

@@ -0,0 +1,50 @@
+---
+name: nfs
+author: Geoff Franks <[email protected]>
+homepage: https://github.com/cloudfoundry-incubator/nfs-volume-release
+github: https://github.com/genesis-community/nfs-genesis-kit
+
+subkits:
+  - prompt: "Do you need to deploy an NFS server along side the NFS Broker?"
+    subkit: nfs-server
+    default: no
+
+params:
+  base:
+  - param: vm_type
+    description: VM Type defined in Cloud Config to use as the VM type for the NFS broker
+  - param: disk_pool
+    description: Disk Pool defined in Cloud Config to use as the persistent disk for the NFS broker
+  - param: network
+    description: Network defined in Cloud Config to place the NFS broker VM in
+  - param: availability_zones
+    description: Availability zones to place the NFS broker in
+  - param: system_domain
+    ask: What is the system domain of the Cloud Foundry that the NFS broker will register to?
+    description: The system domain of the Cloud Foundry that the NFS broker is registered to
+  - param: cf_deployment
+    description: |
+      Defines the name of the CF deployment that the NFS Broker will register wtih
+  - param: cf_admin_user
+    description: Admin user for CF used to register the NFS broker
+  - param: cf_admin_pass
+    ask: What is the Vault path to your Cloud Foundry admin user's password?
+    description: The vault path to the password of the CF admin user that the NFS broker will register with
+    validate: vault_path
+    default: secret/${params.vault_prefix}/../cf/admin_user:password
+  - param: skip_ssl_validation
+    description: |
+      Ignores SSL certificates when connecting to Cloud Foundry to register the NFS broker
+  nfs-server:
+  - param: allowed_hosts
+    description: List of CIDR ranges to allow NFS exports from
+    ask: What CIDR ranges should be allowed to access the NFS server?
+    type: list
+
+credentials:
+  base:
+    broker:
+      password: random 64
+
+certificates:
+  base: {}

subkits/nfs-server/params.yml

@@ -0,0 +1,4 @@
+---
+params:
+  no_root_squash: false
+  allowed_hosts: (( param "What hosts should be allowed to talk to NFS?" ))

subkits/nfs-server/server.yml

@@ -0,0 +1,14 @@
+---
+instance_groups:
+- name: nfsbroker
+  jobs:
+    - name: nfstestserver
+      release: nfs-volume
+      properties:
+        export_cidr: (( grab params.allowed_hosts ))
+
+releases:
+- name: nfs
+  url: https://bosh.io/d/github.com/compozed/nfs-boshrelease?v=0.1
+  sha1: 983fb960c13a6ed77ead8fa0332d2b882e384dd4
+  version: 0.1