diff --git a/README.md b/README.md new file mode 100644 index 0000000..884dac1 --- /dev/null +++ b/README.md @@ -0,0 +1,15 @@ +NFS-Broker Genesis Kit +====================== + +This is a Genesis Kit for the [Cloud Foundry NFS Broker][1]. + +To use it, you don't even need to clone this repository! Just run +the following (using Genesis v2): + +``` +genesis init --kit nfs-broker nfs-deployments +``` + +Ta da! + +[1]: https://github.com/cloudfoundry/nfs-volume-release diff --git a/base/nfs.yml b/base/nfs.yml new file mode 100644 index 0000000..f59dff3 --- /dev/null +++ b/base/nfs.yml @@ -0,0 +1,85 @@ +--- +# Contains the configuration for base nfs kit. +instance_groups: +- name: nfsbroker + instances: 1 + azs: (( grab params.availability_zones )) + persistent_disk_pool: (( grab params.disk_pool )) + vm_type: (( grab params.vm_type )) + stemcell: default + networks: + - name: (( grab params.network )) + static_ips: (( static_ips(0) )) + jobs: + - name: nfsbroker + release: nfs-volume + properties: + nfsbroker: + plan_desc: broker for exisiting NFS shares + username: nfs-broker + password: (( vault meta.vault "broker:password" )) + - name: route_registrar + release: routing + consumes: + nats: + from: nats + deployment: (( grab params.cf_deployment )) + properties: + route_registrar: + routes: + - name: nfs-broker + port: 8999 + registration_interval: 20s + tags: + component: nfs-broker + uris: + - (( concat "nfs-broker." params.system_domain )) +- name: nfs-broker-registrar + instances: 1 + lifecycle: errand + azs: (( grab params.availability_zones )) + vm_type: (( grab params.vm_type )) + stemcell: default + networks: + - name: (( grab params.network )) + jobs: + - name: broker-registrar + release: broker-registrar + properties: + servicebroker: + url: (( concat "http://nfs-broker." params.system_domain )) + name: nfs-broker + username: nfs-broker + password: ((vault meta.vault "broker:password" )) + cf: + api_url: (( concat "api." params.system_domain )) + username: (( grab params.cf_admin_user )) + password: (( vault params.cf_admin_pass )) + skip_ssl_validation: (( grab params.skip_ssl_validation )) + +releases: +- name: nfs-volume + version: 1.0.4 + sha1: b2c22394d30c212a9e6dfcdd0abf5879e931ebfe + url: https://bosh.io/d/github.com/cloudfoundry-incubator/nfs-volume-release?v=1.0.4 +- name: broker-registrar + version: 3.2.2 + url: https://bosh.io/d/github.com/cloudfoundry-community/broker-registrar-boshrelease?v=3.2.2 + sha1: f82c6a346d871ccb9835b8e6341f966cf7ebc7c9 +- name: routing + version: 0.156.0 + url: https://bosh.io/d/github.com/cloudfoundry-incubator/cf-routing-release?v=0.156.0 + sha1: c0cbf0a4851a36e16a3d8c8cd735d9f64fc4c702 + +stemcells: +- alias: default + os: (( grab params.stemcell_os )) + version: (( grab params.stemcell_version )) + +update: + serial: false + canaries: 1 + canary_watch_time: 30000-600000 + update_watch_time: 5000-600000 + max_in_flight: 1 + max_errors: 1 diff --git a/base/params.yml b/base/params.yml new file mode 100644 index 0000000..79bedef --- /dev/null +++ b/base/params.yml @@ -0,0 +1,21 @@ +--- +meta: + vault: (( concat "secret/" params.vault "/" )) + +params: + system_domain: (( param "What is the system domain of the Cloud Foundry NFS broker should register with?" )) + cf_admin_user: admin + cf_admin_pass: (( param "What is the vault path to the CF admin user that NFS broker should register with?" )) + skip_ssl_validation: false + + cf_deployment: (( concat params.env "-cf" )) + + availability_zones: + - z1 + + vm_type: small + disk_pool: small + network: default + + stemcell_os: ubuntu-trusty + stemcell_version: latest diff --git a/kit.yml b/kit.yml new file mode 100644 index 0000000..507c7af --- /dev/null +++ b/kit.yml @@ -0,0 +1,50 @@ +--- +name: nfs +author: Geoff Franks +homepage: https://github.com/cloudfoundry-incubator/nfs-volume-release +github: https://github.com/genesis-community/nfs-genesis-kit + +subkits: + - prompt: "Do you need to deploy an NFS server along side the NFS Broker?" + subkit: nfs-server + default: no + +params: + base: + - param: vm_type + description: VM Type defined in Cloud Config to use as the VM type for the NFS broker + - param: disk_pool + description: Disk Pool defined in Cloud Config to use as the persistent disk for the NFS broker + - param: network + description: Network defined in Cloud Config to place the NFS broker VM in + - param: availability_zones + description: Availability zones to place the NFS broker in + - param: system_domain + ask: What is the system domain of the Cloud Foundry that the NFS broker will register to? + description: The system domain of the Cloud Foundry that the NFS broker is registered to + - param: cf_deployment + description: | + Defines the name of the CF deployment that the NFS Broker will register wtih + - param: cf_admin_user + description: Admin user for CF used to register the NFS broker + - param: cf_admin_pass + ask: What is the Vault path to your Cloud Foundry admin user's password? + description: The vault path to the password of the CF admin user that the NFS broker will register with + validate: vault_path + default: secret/${params.vault_prefix}/../cf/admin_user:password + - param: skip_ssl_validation + description: | + Ignores SSL certificates when connecting to Cloud Foundry to register the NFS broker + nfs-server: + - param: allowed_hosts + description: List of CIDR ranges to allow NFS exports from + ask: What CIDR ranges should be allowed to access the NFS server? + type: list + +credentials: + base: + broker: + password: random 64 + +certificates: + base: {} diff --git a/subkits/nfs-server/params.yml b/subkits/nfs-server/params.yml new file mode 100644 index 0000000..fce1211 --- /dev/null +++ b/subkits/nfs-server/params.yml @@ -0,0 +1,4 @@ +--- +params: + no_root_squash: false + allowed_hosts: (( param "What hosts should be allowed to talk to NFS?" )) diff --git a/subkits/nfs-server/server.yml b/subkits/nfs-server/server.yml new file mode 100644 index 0000000..5220b72 --- /dev/null +++ b/subkits/nfs-server/server.yml @@ -0,0 +1,14 @@ +--- +instance_groups: +- name: nfsbroker + jobs: + - name: nfstestserver + release: nfs-volume + properties: + export_cidr: (( grab params.allowed_hosts )) + +releases: +- name: nfs + url: https://bosh.io/d/github.com/compozed/nfs-boshrelease?v=0.1 + sha1: 983fb960c13a6ed77ead8fa0332d2b882e384dd4 + version: 0.1