This is the home of the Cloud Foundry Service Broker for Google Cloud Platform. For a demo of installing and using the broker, see here
This product is a Cloud Foundry Service Broker. It adheres to v2.8 of the Service Broker API.
GCP is a cloud service provider. In addition to VMs and networking, many other useful services are available. The ones available through this Service Broker are:
- BigQuery
- Bigtable
- Cloud SQL
- Cloud Storage
- Datastore
- ML APIs
- PubSub
- Spanner
- Stackdriver Debugger
- Stackdriver Trace
Requires Go 1.8 and the associated buildpack.
Documentation for installing as a Pivotal Ops Manager tile is available here
- Go to Google Cloud Console and sign up, walking through the setup wizard
- Next to the Google Cloud Platform logo in the upper left-hand corner, click the dropdown and select "Create Project"
- Give your project a name and click "Create"
- When the project is created (a notification will show in the upper right), refresh the page.
Enable the following services in API Manager > Library.
- Enable the Google Cloud Resource Manager API
- Enable the Google Identity and Access Management (IAM) API
- If you want to enable Cloud SQL as a service, enable the Cloud SQL API
- If you want to enable BigQuery as a service, enable the BigQuery API
- If you want to enable Cloud Storage as a service, enable the Cloud Storage API
- If you want to enable Pub/Sub as a service, enable the Cloud Pub/Sub API
- If you want to enable Bigtable as a service, enable the Bigtable Admin API
- If you want to enable Datastore as a service, enable the Datastore API
- From the GCP console, navigate to IAM & Admin > Service accounts and click Create Service Account.
- Enter a Service account name.
- Select the checkbox to Furnish a new Private Key, and then click Create.
- Save the automatically downloaded key file to a secure location.
- Navigate to IAM & Admin > IAM and locate your service account.
- From the dropdown on the right, choose Project > Owner and click Save.
- Create new MySQL instance
- Run
CREATE DATABASE servicebroker;
- Run
CREATE USER '<username>'@'%' IDENTIFIED BY '<password>';
- Run
GRANT ALL PRIVILEGES ON servicebroker.* TO '<username>'@'%' WITH GRANT OPTION;
- (Optional) create SSL certs for the database and save them somewhere secure
Add these to the env section of manifest.yml
ROOT_SERVICE_ACCOUNT_JSON
(the string version of the credentials file created for the Owner level Service Account)SECURITY_USER_NAME
(a username to sign all service broker requests with - the same one used in cf create-service-broker)SECURITY_USER_PASSWORD
(a password to sign all service broker requests with - the same one used in cf create-service-broker)DB_HOST
(the host for the database to back the service broker)DB_USERNAME
(the database username for the service broker to use)DB_PASSWORD
(the database password for the service broker to use)
See https://github.com/GoogleCloudPlatform/gcp-service-broker/blob/master/docs/customization.md for instructions on providing database name and port overrides, ssl certs, and custom service plans for Cloud SQL, Bigtable, and Spanner.
cf push gcp-service-broker
cf create-service-broker <service broker name> <username> <password> <service broker url>
- (for all applicable services, e.g.)
cf enable-service-access google-pubsub
For more information, see the Cloud Foundry docs on managing Service Brokers
It is advisable, if you want to use CloudSQL, to increase the default timeout for provision and
bind operations to 90 seconds. CloudFoundry does not, at this point in time, support asynchronous
binding, and CloudSQL bind operations may exceed 60 seconds. To change this setting, set
broker_client_timeout_seconds
= 90 in your deployment manifest.
See https://github.com/GoogleCloudPlatform/gcp-service-broker/blob/master/docs/use.md for instructions on creating and binding to GCP Services
See the examples folder to understand how to use services once they are created and bound.
The cmd folder contains commands that can be run independent of the broker.
migrate
: migrates the database to the latest schema
Production testing for the GCP Service Broker is administered via a private Concourse pipeline.
To run tests locally, use Ginkgo.
Integration tests require the ROOT_SERVICE_ACCOUNT_JSON
environment variable to be set.
Note: Integration tests create and destroy real project resources and therefore have associated costs to run
see https://github.com/GoogleCloudPlatform/gcp-service-broker/blob/master/CHANGELOG.md
For functional issues with the service broker or feature requests, please file a github issue here:
https://github.com/GoogleCloudPlatform/gcp-service-broker/issues
They will be prioritized and updated here:
https://github.com/GoogleCloudPlatform/gcp-service-broker/projects/1
For discussions and updates, please subscribe to this group:
https://groups.google.com/forum/#!forum/gcp-service-broker
see https://github.com/GoogleCloudPlatform/gcp-service-broker/blob/master/CONTRIBUTING