Date   

Re: Error with bosh director deployment

Arpit Sharma
 

Hi Adrian,

I have removed these parameter from file

-v openstack_domain=Default
-v openstack_project=admin

instead of these you need to enter tenant. As these are not available in keystone V2.


bosh resurrection question

강경원 <kyungwon.kang at samsung.com...>
 

Does Bosh resurrect only 1 vm for each interval (time_threshold)?

When we test it's not recreating multiple down instances simultaneously.

 

Name      bosh-test
UUID      e40fc09b-2695-42a0-a10a-3a7e57ac98c0
Version   262.3.0 (00000000)
CPI       aws_cpi
Features  compiled_package_cache: disabled
          config_server: enabled
          dns: disabled
          snapshots: disabled
User      admin

 

 
강경원(Kang, Kyungwon) Marcus Kang
RHCA/PMP/ITIL Master/OCP(Oracle/Solaris)
직급:수석
클라우드기술그룹(클라우드) M.P: 82-10-8998-2092
kyungwon.kang@...
 

 


Re: Error with bosh director deployment

Adrian Monter
 

Hi Arpit,
Could you tell me what change you made in the file? i have the same problem

Thanks.


Re: Error with bosh director deployment

Adrian Monter
 

Hi everyone,

I have the same error "Missing key"
You could correct it?

creating stemcell (bosh-openstack-kvm-ubuntu-trusty-go_agent 3421.9):
CPI 'create_stemcell' method responded with error: CmdError{"type":"InvalidCall","message":"Arguments are not correct, details: 'Invalid OpenStack cloud properties: #\u003cMembrane::SchemaValidationError: { openstack =\u003e { tenant =\u003e Missing key } }\u003e'","ok_to_retry":false}

Thanks


Share samllest manifest stub file for Cloudfoundry on Openstack

Arpit Sharma
 

Dear Team,

Example stub file is too long. It is compulsory to use all things according this stub file? Any other way to make this task easy. I dont want to use blobstorage. Is it compulsory to include this blokc also?

Thanks & Regards:
Arpit Sharma


Re: Creating vm with stemcell failed.... No valid host was found. There are not enough hosts available..Filter ImagePropertiesFilter returned 0 hosts

Arpit Sharma
 

Hi Tyler Schultz,

Thanks for your response. Now I got my point. let me do some efforts with that.


Re: Creating vm with stemcell failed.... No valid host was found. There are not enough hosts available..Filter ImagePropertiesFilter returned 0 hosts

Tyler Schultz
 

Arpit,

More recent versions of the stemcell remove the vcap user's root
privileges.

To gain root access, you can use
[cloudfoundry/os-conf-release/jobs/user_add](
https://github.com/cloudfoundry/os-conf-release/tree/master/jobs/user_add).
This release job will add a user with root privileges.

Alternatively you can use the [cloudfoundry/bosh-deployment](
https://github.com/cloudfoundry/bosh-deployment) repo. This is a routinely
updated way to deploy the latest versions of director. This repo makes
reference to the aforementioned user-add release:
https://github.com/cloudfoundry/bosh-deployment/blob/master/docs/jumpbox-user.md
.

--Tyler

On Tue, Jul 25, 2017 at 7:05 AM, Arpit Sharma <arpitvipulsharma(a)gmail.com>
wrote:

Hi Tushar & Johannes,

This time i have done setup on 8 core srever with ocata version of
openstack. I know ocata is not compatible with bosh right now. But I think
it should work. Bosh director deployment has been done successfully as
shown below message. I am also able to login with vcap user. But still I am
not able to get root access.


Started validating
Downloading release 'bosh'... Skipped [Found in local cache] (00:00:00)
Validating release 'bosh'... Finished (00:00:01)
Downloading release 'bosh-openstack-cpi'... Skipped [Found in local
cache] (00:00:00)
Validating release 'bosh-openstack-cpi'... Finished (00:00:00)
Validating cpi release... Finished (00:00:00)
Validating deployment manifest... Finished (00:00:00)
Downloading stemcell... Skipped [Found in local cache] (00:00:00)
Validating stemcell... Finished (00:00:03)
Finished validating (00:00:06)

Started installing CPI
Compiling package 'ruby_openstack_cpi/6576c0d52231e773f4ad53f5c5a0785c4247696a'...
Finished (00:03:08)
Compiling package 'bosh_openstack_cpi/918abecbb3015ee383d5cb2af23e8dbfed6392d1'...
Finished (00:00:03)
Installing packages... Finished (00:00:00)
Rendering job templates... Finished (00:00:00)
Installing job 'openstack_cpi'... Finished (00:00:00)
Finished installing CPI (00:03:12)

Starting registry... Finished (00:00:00)
Uploading stemcell 'bosh-openstack-kvm-ubuntu-trusty-go_agent/3421.9'...
Finished (00:00:08)

Started deploying
Creating VM for instance 'bosh/0' from stemcell 'b61f7cac-b039-4f8e-b90f-21296d170528'...
Finished (00:00:51)
Waiting for the agent on VM '3b17e4e7-4ccf-4984-a43e-0713e8f9974c' to
be ready... Finished (00:00:52)
Creating disk... Finished (00:00:07)
Attaching disk 'ee06c19f-55fb-413c-b185-12a125433331' to VM
'3b17e4e7-4ccf-4984-a43e-0713e8f9974c'... Finished (00:00:20)
Rendering job templates... Finished (00:00:03)
Compiling package 'ruby_openstack_cpi/6576c0d52231e773f4ad53f5c5a0785c4247696a'...
Finished (00:04:50)
Compiling package 'ruby/c1086875b047d112e46756dcb63d8f19e63b3ac4'...
Skipped [Package already compiled] (00:00:00)
Compiling package 'mysql/b7e73acc0bfe05f1c6cbfd97bf92d39b0d3155d5'...
Skipped [Package already compiled] (00:00:00)
Compiling package 'libpq/661f5817afe24fa2f18946d2757bff63246b1d0d'...
Skipped [Package already compiled] (00:00:00)
Compiling package 's3cli/bb1c1976d221fdadf13a6bc873896cd5e2433580'...
Skipped [Package already compiled] (00:00:00)
Compiling package 'bosh_openstack_cpi/918abecbb3015ee383d5cb2af23e8dbfed6392d1'...
Finished (00:00:04)
Compiling package 'director/e9cd35786422e87bd0571a4423bc947e50fe97e6'...
Skipped [Package already compiled] (00:00:01)
Compiling package 'nginx/2ec2f63293bf6f544e95969bf5e5242bc226a800'...
Skipped [Package already compiled] (00:00:00)
Compiling package 'registry/d81865cf0ad85fd79cb19aeb565bf622f2a17a83'...
Skipped [Package already compiled] (00:00:00)
Compiling package 'nats/63ae42eb73527625307ff522fb402832b407321d'...
Skipped [Package already compiled] (00:00:00)
Compiling package 'verify_multidigest/8fc5d654cebad7725c34bb08b3f60b912db7094a'...
Skipped [Package already compiled] (00:00:00)
Compiling package 'postgres-9.4/ded764a075ae7513d4718b7cf200642fdbf81ae4'...
Skipped [Package already compiled] (00:00:00)
Compiling package 'health_monitor/e9317b2ad349f019e69261558afa587537f06f25'...
Skipped [Package already compiled] (00:00:00)
Compiling package 'postgres/3b1089109c074984577a0bac1b38018d7a2890ef'...
Skipped [Package already compiled] (00:00:00)
Compiling package 'davcli/5f08f8d5ab3addd0e11171f739f072b107b30b8c'...
Skipped [Package already compiled] (00:00:00)
Updating instance 'bosh/0'... Finished (00:00:23)
Waiting for instance 'bosh/0' to be running... Finished (00:01:09)
Running the post-start scripts 'bosh/0'... Finished (00:00:00)
Finished deploying (00:08:53)

Stopping registry... Finished (00:00:00)
Cleaning up rendered CPI jobs... Finished (00:00:00)

Succeeded


Re: Is Bosh is compatible with Openstack Ocata Version?

Arpit Sharma
 

Hi All,

I have deployed bosh director on openstack ocata version. Right now it is working ok. I will update you once I have done with cloudfoundy installation.


Re: Creating vm with stemcell failed.... No valid host was found. There are not enough hosts available..Filter ImagePropertiesFilter returned 0 hosts

Arpit Sharma
 

Hi Tushar & Johannes,

This time i have done setup on 8 core srever with ocata version of openstack. I know ocata is not compatible with bosh right now. But I think it should work. Bosh director deployment has been done successfully as shown below message. I am also able to login with vcap user. But still I am not able to get root access.


Started validating
Downloading release 'bosh'... Skipped [Found in local cache] (00:00:00)
Validating release 'bosh'... Finished (00:00:01)
Downloading release 'bosh-openstack-cpi'... Skipped [Found in local cache] (00:00:00)
Validating release 'bosh-openstack-cpi'... Finished (00:00:00)
Validating cpi release... Finished (00:00:00)
Validating deployment manifest... Finished (00:00:00)
Downloading stemcell... Skipped [Found in local cache] (00:00:00)
Validating stemcell... Finished (00:00:03)
Finished validating (00:00:06)

Started installing CPI
Compiling package 'ruby_openstack_cpi/6576c0d52231e773f4ad53f5c5a0785c4247696a'... Finished (00:03:08)
Compiling package 'bosh_openstack_cpi/918abecbb3015ee383d5cb2af23e8dbfed6392d1'... Finished (00:00:03)
Installing packages... Finished (00:00:00)
Rendering job templates... Finished (00:00:00)
Installing job 'openstack_cpi'... Finished (00:00:00)
Finished installing CPI (00:03:12)

Starting registry... Finished (00:00:00)
Uploading stemcell 'bosh-openstack-kvm-ubuntu-trusty-go_agent/3421.9'... Finished (00:00:08)

Started deploying
Creating VM for instance 'bosh/0' from stemcell 'b61f7cac-b039-4f8e-b90f-21296d170528'... Finished (00:00:51)
Waiting for the agent on VM '3b17e4e7-4ccf-4984-a43e-0713e8f9974c' to be ready... Finished (00:00:52)
Creating disk... Finished (00:00:07)
Attaching disk 'ee06c19f-55fb-413c-b185-12a125433331' to VM '3b17e4e7-4ccf-4984-a43e-0713e8f9974c'... Finished (00:00:20)
Rendering job templates... Finished (00:00:03)
Compiling package 'ruby_openstack_cpi/6576c0d52231e773f4ad53f5c5a0785c4247696a'... Finished (00:04:50)
Compiling package 'ruby/c1086875b047d112e46756dcb63d8f19e63b3ac4'... Skipped [Package already compiled] (00:00:00)
Compiling package 'mysql/b7e73acc0bfe05f1c6cbfd97bf92d39b0d3155d5'... Skipped [Package already compiled] (00:00:00)
Compiling package 'libpq/661f5817afe24fa2f18946d2757bff63246b1d0d'... Skipped [Package already compiled] (00:00:00)
Compiling package 's3cli/bb1c1976d221fdadf13a6bc873896cd5e2433580'... Skipped [Package already compiled] (00:00:00)
Compiling package 'bosh_openstack_cpi/918abecbb3015ee383d5cb2af23e8dbfed6392d1'... Finished (00:00:04)
Compiling package 'director/e9cd35786422e87bd0571a4423bc947e50fe97e6'... Skipped [Package already compiled] (00:00:01)
Compiling package 'nginx/2ec2f63293bf6f544e95969bf5e5242bc226a800'... Skipped [Package already compiled] (00:00:00)
Compiling package 'registry/d81865cf0ad85fd79cb19aeb565bf622f2a17a83'... Skipped [Package already compiled] (00:00:00)
Compiling package 'nats/63ae42eb73527625307ff522fb402832b407321d'... Skipped [Package already compiled] (00:00:00)
Compiling package 'verify_multidigest/8fc5d654cebad7725c34bb08b3f60b912db7094a'... Skipped [Package already compiled] (00:00:00)
Compiling package 'postgres-9.4/ded764a075ae7513d4718b7cf200642fdbf81ae4'... Skipped [Package already compiled] (00:00:00)
Compiling package 'health_monitor/e9317b2ad349f019e69261558afa587537f06f25'... Skipped [Package already compiled] (00:00:00)
Compiling package 'postgres/3b1089109c074984577a0bac1b38018d7a2890ef'... Skipped [Package already compiled] (00:00:00)
Compiling package 'davcli/5f08f8d5ab3addd0e11171f739f072b107b30b8c'... Skipped [Package already compiled] (00:00:00)
Updating instance 'bosh/0'... Finished (00:00:23)
Waiting for instance 'bosh/0' to be running... Finished (00:01:09)
Running the post-start scripts 'bosh/0'... Finished (00:00:00)
Finished deploying (00:08:53)

Stopping registry... Finished (00:00:00)
Cleaning up rendered CPI jobs... Finished (00:00:00)

Succeeded


Re: Is Bosh is compatible with Openstack Ocata Version?

Arpit Sharma
 

Hi Jan,

Thanks for your response. Let me start deployment with Ocata. I will surely update you.

Thanks & Regards:
Arpit Sharma


Re: Is Bosh is compatible with Openstack Ocata Version?

Arpit Sharma
 

Hi Dmitriy Kalinin,

Thanks for your response. Let me start deployment with Ocata. I will surely update you.

Thanks & Regards:
Arpit Sharma


Re: Is Bosh is compatible with Openstack Ocata Version?

Jan von L?wenstein
 

Hi Arpit,

We are not yet actively testing on Ocata but that is on the way. Until then I second Dmitriy, there is no reason to believe it wasn’t supported.

Best
Jan

On 24.07.17, 17:34, "Dmitriy Kalinin" <dkalinin(a)pivotal.io> wrote:

no reasons yet to believe it isnt as far as i know.

Sent from my iPhone

> On Jul 24, 2017, at 7:56 AM, Arpit Sharma <arpitvipulsharma(a)gmail.com> wrote:
>
> Dear Team,
>
> Is bosh is compatilble with Openstack Ocata release? I am planning to deploy bosh on Ocata.
>
> Thanks & Regards:
> Arpit Sharma


Re: Is Bosh is compatible with Openstack Ocata Version?

Dmitriy Kalinin
 

no reasons yet to believe it isnt as far as i know.

Sent from my iPhone

On Jul 24, 2017, at 7:56 AM, Arpit Sharma <arpitvipulsharma(a)gmail.com> wrote:

Dear Team,

Is bosh is compatilble with Openstack Ocata release? I am planning to deploy bosh on Ocata.

Thanks & Regards:
Arpit Sharma


Is Bosh is compatible with Openstack Ocata Version?

Arpit Sharma
 

Dear Team,

Is bosh is compatilble with Openstack Ocata release? I am planning to deploy bosh on Ocata.

Thanks & Regards:
Arpit Sharma


Re: Option -N for bosh no longer available with bosh-cli v2?

Holger Oehm
 

Thanks, I'll do that. I opened an issue on github to request
the feature:
https://github.com/cloudfoundry/bosh-cli/issues/266

And I'll try out that workaround to run the bosh call in the
background, too.

On 07/13/2017 05:58 PM, Tyler Schultz wrote:
You may want to lobby Dmitriy to add the '--no-track' feature to the v2
cli. He is the product owner and prioritizes our backlog.

As a workaround, you can run `$ bosh -e my-env -d my-dep deploy my-dep
*&*`. The ampersand will cause the deploy to run in the background, and
your script will continue on.

On Thu, Jul 13, 2017 at 8:21 AM, Holger Oehm <holger.oehm(a)sap.com
<mailto:holger.oehm(a)sap.com>> wrote:

Well, it was there in bosh cli v1.

And I am aware of the Ctrl-C thing. But what I want to do is run
bosh -nN in a script from concourse. (And it should run asynchronously
because the bosh task will be to update concourse (the same instance
that runs the script)).

On 07/13/2017 04:16 PM, Tyler Schultz wrote:

There is no --no-track option, but you can ctl-c and the task
will continue. 'bosh task 123' will reattach to the output.
--Tyler

On Thu, Jul 13, 2017 at 5:17 AM Holger Oehm <holger.oehm(a)sap.com
<mailto:holger.oehm(a)sap.com> <mailto:holger.oehm(a)sap.com
<mailto:holger.oehm(a)sap.com>>> wrote:

Hi,

is something similar to the -N (--no-track) option in bosh
v1 still
available in bosh-cli v2? I didn't find it in the
documentation or in
the output of bosh help.

Best Regards,
Holger.


Re: Creating vm with stemcell failed.... No valid host was found. There are not enough hosts available..Filter ImagePropertiesFilter returned 0 hosts

Arpit Sharma
 

Hi Tushar,

Thanks for your response. I have tried with this option also. Still same issue.


Re: Creating vm with stemcell failed.... No valid host was found. There are not enough hosts available..Filter ImagePropertiesFilter returned 0 hosts

Tushar Dadlani
 

The new expected behavior is to only allow you to become root if you use
the bosh CLI to perform your ssh since it creates a better audit trails and
prevents unauthorized ssh.

http://bosh.io/jobs/director?source=github.com/cloudfoundry/bosh&version=262.3#p=director.generate_vm_passwords

If the generate_vm_passwords option is set to be true you don't get the
default password on your VM hosts.

Best,
Tushar
On Mon, Jul 17, 2017 at 4:27 AM Arpit Sharma <arpitvipulsharma(a)gmail.com>
wrote:

Hi Johannes,

Today I have tried with other
stemcell(bosh-openstack-kvm-ubuntu-trusty-go_agent-raw). Also created
different security group.I have also mentiond security group rules below.
But still same issue. I am able to login in director with vcap user with
this command
ssh -i /root/.ssh/id_rsa_demokey vcap(a)10.100.10.23

but when I am trying to excute "sudo su -", It is not taking password as
c1oudc0w. I dont know why it is happening.

[root(a)openstack ~(keystone_demo)]# neutron security-group-list

+--------------------------------------+-----------+-----------------------------------------------------------------------------------+
| id | name | security_group_rules
|

+--------------------------------------+-----------+-----------------------------------------------------------------------------------+
| bb412056-6f4e-40d9-a48f-8b1c5c4068eb | boshgroup | egress, IPv4
|
| | | egress, IPv6
|
| | | ingress, IPv4,
1-65535/tcp, remote_group_id: bb412056-6f4e-40d9-a48f-8b1c5c4068eb |
| | | ingress, IPv4,
22/tcp, remote_ip_prefix: 0.0.0.0/0 |
| | | ingress, IPv4,
25555/tcp, remote_ip_prefix: 0.0.0.0/0 |
| | | ingress, IPv4,
6868/tcp, remote_ip_prefix: 0.0.0.0/0 |


Re: Creating vm with stemcell failed.... No valid host was found. There are not enough hosts available..Filter ImagePropertiesFilter returned 0 hosts

Arpit Sharma
 

Hi Johannes,

Today I have tried with other stemcell(bosh-openstack-kvm-ubuntu-trusty-go_agent-raw). Also created different security group.I have also mentiond security group rules below. But still same issue. I am able to login in director with vcap user with this command
ssh -i /root/.ssh/id_rsa_demokey vcap(a)10.100.10.23

but when I am trying to excute "sudo su -", It is not taking password as c1oudc0w. I dont know why it is happening.

[root(a)openstack ~(keystone_demo)]# neutron security-group-list
+--------------------------------------+-----------+-----------------------------------------------------------------------------------+
| id | name | security_group_rules |
+--------------------------------------+-----------+-----------------------------------------------------------------------------------+
| bb412056-6f4e-40d9-a48f-8b1c5c4068eb | boshgroup | egress, IPv4 |
| | | egress, IPv6 |
| | | ingress, IPv4, 1-65535/tcp, remote_group_id: bb412056-6f4e-40d9-a48f-8b1c5c4068eb |
| | | ingress, IPv4, 22/tcp, remote_ip_prefix: 0.0.0.0/0 |
| | | ingress, IPv4, 25555/tcp, remote_ip_prefix: 0.0.0.0/0 |
| | | ingress, IPv4, 6868/tcp, remote_ip_prefix: 0.0.0.0/0 |


Re: BPM Incubation Proposal

Christopher Brown
 

Thanks, Alex.

The current design doesn't require any BOSH changes in order for it to
work. Keeping it separate from BOSH in the meantime has the advantages that
we can make experimental changes and try them out without waiting for the
BOSH release cycle.

It may eventually find its way into BOSH but I'm not responsible for making
that decision. We haven't discussed it in detail. It's still early days and
that decision would rely heavily on whether or not people find it useful.

On Fri, Jul 14, 2017 at 3:44 AM, Alex Ley <aley(a)pivotal.io> wrote:

Hi Chris,

Very cool!

What is the thinking of having this as an additional release and not part
core BOSH as an experimental feature? Do you see this being moved into core
BOSH at some point?

On 14 July 2017 at 01:40, Dmitriy Kalinin <dkalinin(a)pivotal.io> wrote:

Is there an example release that uses bpm rather than monit etc?
im sure there is going to be one very soon but here is a commit on
diego-release that makes it optional configuration for a trial run (
https://github.com/cloudfoundry/diego-release/commit/27ee06
ecdfccb3d19026a3d7f7d36ad480def84e).

note that bpm is working under monit, not as a replacement.

On Thu, Jul 13, 2017 at 4:33 PM, Dr Nic Williams <drnicwilliams(a)gmail.com
wrote:
This seems super cool. Is there an example release that uses bpm rather
than monit etc?

------------------------------
*From:* Christopher Brown <cbrown(a)pivotal.io>
*Sent:* Wednesday, July 12, 2017 8:24:20 AM
*To:* cf-bosh(a)lists.cloudfoundry.org
*Subject:* [cf-bosh] BPM Incubation Proposal

Hi all,

We’ve been working internally on experiments to isolate BOSH jobs from
one another and providing a friendlier and less error-prone interface than
the current boilerplate bash control scripts. We call this project BPM
(initially BOSH Process Manager).

We’ve successfully written an internal proof-of-concept of this project.
It is able to run many of the Cloud Foundry runtime jobs (CC, Diego,
Loggregator, UAA) inside containers. BPM manages the lifecycle of the jobs,
isolates the jobs from one another, and restricts the job’s capabilities
such that they are only allowed to perform actions crucial to their
function. At the same time we were able to remove the vast majority of the
surrounding duplicative, error prone bash control scripts. We are now in
the process of rebuilding this proof of concept into the production-ready
end product.

You can follow the development here: https://github.com/pivotal-cf/
bpm-release

I’d like to propose the incubation of this project under the BOSH PMC.
We’d like to start by adding this functionality behind a feature flag to
the Diego release. Once this has been successfully completed then we’d be
interested in expanding the deployment if there is demand.

Thanks!

Christopher Brown
PCF Security


Re: Question on Bosh Director using CredHub to generate passwords

Dmitriy Kalinin
 

Generate password properties exist in the manifest file for the
identifier.

if variables section contains a variable name, the director will try to ask
credhub to generate value if one doesnt exist.

Please confirm these are the processing steps invoked by the Director.
sounds about right.

Also confirm that if no generate password properties are present in the
manifest file for the identifier then no POST call is made to CredHub.

if variables section doesnt have cred with the name, then director will not
attempt to generate it.

specific apis may change over time; however, general variable section
declaration will remain.

On Fri, Jul 14, 2017 at 1:19 PM, Michael Stancampiano <mstancamp(a)gmail.com>
wrote:

Wanted to verify the steps that Bosh Director and CredHub perform to
generate a password during a deployment. Here are the assumed steps:
1) Director does a CredHub REST API GET call to obtain the value for an
identifier in a manifest file.
2) CredHub returns a status code of not found (404).
3) Generate password properties exist in the manifest file for the
identifier. So Director makes a CredHub REST API POST call to generate the
password value passing in the specified password properties from the
manifest file.
4) CredHub returns a generated password value.

Please confirm these are the processing steps invoked by the Director.
Also confirm that if no generate password properties are present in the
manifest file for the identifier then no POST call is made to CredHub.

Thanks.

401 - 420 of 2757