Date   
Re: Creating vm with stemcell failed.... No valid host was found. There are not enough hosts available..Filter ImagePropertiesFilter returned 0 hosts

sunjingying@...
 

I met the same problem as you, my colleague told me it was instance_type inappropriate, but I changed it and still had that problem.

How to config use-haproxy when your deploy cloudfoundry using bosh

jun zhong
 

bosh -e bosh-1 -d cf deploy cf-deployment/cf-deployment.yml \
--vars-store cf-vars.yml \
-v system_domain=cloudfoundry.com \
-v haproxy_public_ip=xxx.xxx.xxx.xxx  \
-v haproxy_public_network_name= bosh \
-v haproxy_ssl.private_key=./bosh.pem \
-o cf-deployment/operations/openstack.yml \
-o cf-deployment/operations/use-haproxy.yml \
-o cf-deployment/operations/use-haproxy-public-network.yml \

I am a new guy to deploy the cf.
When I run the above command, I got error about  "cf-haproxy-network-properties" doesn't config.

1. Do you know how to config the cf-haproxy-network-properties in use-haproxy-public-network.yml. Is there an example?

2.  Do we have a simplest yml file to deploy the cf in openstack. I don't want to support loadbalancer or something else. I just want to deploy a simplest cloudfoundry in openstack and this cloudfoundry just need to push a simplest application.

Thanks!!!!


rabbitmq LDAP authentication issues

svue3@...
 

I am having an issue with getting my ldap config to work on rabbitmq cluster. We are authenticating against the internal server first then ldap. Heres a copy of our current config:

[

    {rabbit, [ {collect_statistics_interval, 60000}] },

    {rabbitmq_management, [ {rates_mode, basic}] },

    {rabbit,

        [ {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},

          {auth_mechanisms, ['PLAIN','AMQPLAIN']}

        ]

    },

    {rabbitmq_auth_backend_ldap,

        [ {servers, ["ourcompany.com.us"]},

          {dn_lookup_attribute, "cn"},

          {dn_lookup_base, "DC=com,DC=us"},

          {use_ssl, false},

          {port, 636},

          {log, true},

 

          {tag_queries,

                [ {administrator, {in_group, "CN=team,OU=IT,OU=Engineering,OU=Global,DC=ourcompany,DC=com,DC=us"}},

                {administrator, {constant, true}}

                ]

          }

        ]

    }

].

I've checked the logs and saw error messages that LDAP plugin was not installed or is not part of the list in auth_backends but then I confirmed in same log file that it is there and ran rabbitmq-plugins to verify:

home dir       : /var/vcap/store/rabbitmq

config file(s) : /var/vcap/jobs/rabbitmq-server/bin/../etc/rabbitmq.config

log            : /var/vcap/sys/log/rabbitmq-server/rabbit@...

sasl log       : /var/vcap/sys/log/rabbitmq-server/rabbit@...



=WARNING REPORT==== 10-Apr-2018::14:36:54 ===

 

LDAP plugin loaded, but rabbit_auth_backend_ldap is not in the list of auth_backends. LDAP auth will not work.

=INFO REPORT==== 10-Apr-2018::14:36:54 ===

Server startup complete; 9 plugins started.

 * rabbitmq_shovel_management

 * rabbitmq_management

 * rabbitmq_management_agent

 * rabbitmq_web_dispatch

 * cowboy

 * rabbitmq_auth_backend_ldap

 * rabbitmq_shovel

 * cowlib

 

 * amqp_client

Any feedback or suggestions is appreciated!

-Steve

CF Summit EU contributor reg code

Chip Childers
 

Hey all,

Whew... we just got done with CF Summit NA in Boston, but it's time to turn towards Europe! For those that don'e know, we'll be headed back to Basel Switzerland again this year, October 10 to 12.

Contributors (those that have contributed docs, code, bug reports) are welcome to use the following code to register: CFEU18CONT

More info on the website here: https://www.cloudfoundry.org/event/eusummit2018/ 

See you all there!

-chip
--
Chip Childers
CTO, Cloud Foundry Foundation
1.267.250.0815

Re: CF Summit EU contributor reg code

Chip Childers
 

Sorry... one correction. The event is Oct 10 and 11, with lots of pre-event activities on the 9th. Sorry about that. :)


On Mon, Apr 30, 2018 at 11:14 AM Chip Childers <cchilders@...> wrote:
Hey all,

Whew... we just got done with CF Summit NA in Boston, but it's time to turn towards Europe! For those that don'e know, we'll be headed back to Basel Switzerland again this year, October 10 to 12.

Contributors (those that have contributed docs, code, bug reports) are welcome to use the following code to register: CFEU18CONT

More info on the website here: https://www.cloudfoundry.org/event/eusummit2018/ 

See you all there!

-chip
--
Chip Childers
CTO, Cloud Foundry Foundation
1.267.250.0815
--
Chip Childers
CTO, Cloud Foundry Foundation
1.267.250.0815

Re: CF Summit EU contributor reg code

Swarna Podila
 

Which means…y’all should plan on joining the Day Zero activities - Cert Exams, User Day (if you’re at an end user organization), unconference, trainings, etc.

-- ​Swarna Podila
​Senior
 Director
​, Community​
 | Cloud Foundry Foundation

On Mon, Apr 30, 2018 at 5:31 PM, Chip Childers <cchilders@...> wrote:
Sorry... one correction. The event is Oct 10 and 11, with lots of pre-event activities on the 9th. Sorry about that. :)

On Mon, Apr 30, 2018 at 11:14 AM Chip Childers <cchilders@...> wrote:
Hey all,

Whew... we just got done with CF Summit NA in Boston, but it's time to turn towards Europe! For those that don'e know, we'll be headed back to Basel Switzerland again this year, October 10 to 12.

Contributors (those that have contributed docs, code, bug reports) are welcome to use the following code to register: CFEU18CONT

More info on the website here: https://www.cloudfoundry.org/event/eusummit2018/ 

See you all there!

-chip
--
Chip Childers
CTO, Cloud Foundry Foundation
1.267.250.0815
--
Chip Childers
CTO, Cloud Foundry Foundation
1.267.250.0815


Announcing BOSH Kube CPI

Michael Maximilien
 

fyi...

As the cool kids do it these days, see:


The gist are in these links:


PDF of presentation: https://bit.ly/bosh-kube-cpi

We'd love to hear your feedback.

Best,

Dmitriy and Max

Using Bosh in "AWS Multiple Account Security Strategy" possible?

heiko.cane@...
 

Hello,

I would like to setup bosh in a multi account setup (as described here: https://aws.amazon.com/de/answers/account-management/aws-multi-account-security-strategy/). I only have direct access to the "main" account and have switch to another account where I can setup the vpc, ec2 instances and so on. 
Using bosh or bosh bootloader I only have the possibilities to add the access key and the secret access key but I can't trigger the "switch account". Also I miss the possibility to use Multi-Factor Authentication on AWS. 

Are there any possibilities to trigger the switch account and use multi factor?

Thank you for your help!

Heiko

Using Bosh in "AWS Multiple Account Security Strategy" possible?

Heiko Cane <heiko.cane@...>
 

Hello,

I would like to setup bosh in a multi account setup (as described here: https://aws.amazon.com/de/answers/account-management/aws-multi-account-security-strategy/). I only have direct access to the "main" account and have switch to another account where I can setup the vpc, ec2 instances and so on. 
Using bosh or bosh bootloader I only have the possibilities to add the access key and the secret access key but I can't trigger the "switch account". Also I miss the possibility to use Multi-Factor Authentication on AWS. 

Are there any possibilities to trigger the switch account and use multi factor?

Thank you for your help!

Heiko

Re: Using Bosh in "AWS Multiple Account Security Strategy" possible?

Dmitriy Kalinin
 

i imagine you would want to provision access key pair in the subaccount (not in the main account) and use that to provision resources in the subaccount.

Also I miss the possibility to use Multi-Factor Authentication on AWS. 

multi-factor typically applies to interactive uses (ie human).

On Tue, May 8, 2018 at 8:29 AM, Heiko Cane <heiko.cane@...> wrote:
Hello,

I would like to setup bosh in a multi account setup (as described here: https://aws.amazon.com/de/answers/account-management/aws-multi-account-security-strategy/). I only have direct access to the "main" account and have switch to another account where I can setup the vpc, ec2 instances and so on. 
Using bosh or bosh bootloader I only have the possibilities to add the access key and the secret access key but I can't trigger the "switch account". Also I miss the possibility to use Multi-Factor Authentication on AWS. 

Are there any possibilities to trigger the switch account and use multi factor?

Thank you for your help!

Heiko


Re: Using Bosh in "AWS Multiple Account Security Strategy" possible?

Dmitriy Kalinin
 

On Tue, May 8, 2018 at 11:03 AM, Dmitriy Kalinin <dkalinin@...> wrote:
i imagine you would want to provision access key pair in the subaccount (not in the main account) and use that to provision resources in the subaccount.

Also I miss the possibility to use Multi-Factor Authentication on AWS. 

multi-factor typically applies to interactive uses (ie human).

On Tue, May 8, 2018 at 8:29 AM, Heiko Cane <heiko.cane@...> wrote:
Hello,

I would like to setup bosh in a multi account setup (as described here: https://aws.amazon.com/de/answers/account-management/aws-multi-account-security-strategy/). I only have direct access to the "main" account and have switch to another account where I can setup the vpc, ec2 instances and so on. 
Using bosh or bosh bootloader I only have the possibilities to add the access key and the secret access key but I can't trigger the "switch account". Also I miss the possibility to use Multi-Factor Authentication on AWS. 

Are there any possibilities to trigger the switch account and use multi factor?

Thank you for your help!

Heiko



[feedback requested] BOSH network lifecycle management proposal

Ferrran Rodenas <frodenas@...>
 

Hi BOSH community,
 
On behalf the VMware team, I want to propose a new feature to add network lifecycle management capabilities to BOSH. By implementing this new feature, BOSH will be able to dynamically manage (create, update, delete) deployment's network resources.
 
The feature proposal can be found here [1]. Although we have already started working on a spike to demonstrate the feasibility of the proposal, we would like to ask the community to review and comment it.
 
The proposal is articulated as an MVP, it will NOT cover the management of all networking related resources, we want to start with subnetworks, and add more resources (like load balancers, firewalls, ...) in the future.
 

Best,
- Ferran

Re: [feedback requested] BOSH network lifecycle management proposal

Dr Nic Williams
 

Very exciting to see the reach of bosh expanding to managing networking!

Nic


From: cf-bosh@... <cf-bosh@...> on behalf of Ferrran Rodenas <frodenas@...>
Sent: Thursday, May 10, 2018 12:09:32 PM
To: cf-bosh@...
Subject: [cf-bosh] [feedback requested] BOSH network lifecycle management proposal
 
Hi BOSH community,
 
On behalf the VMware team, I want to propose a new feature to add network lifecycle management capabilities to BOSH. By implementing this new feature, BOSH will be able to dynamically manage (create, update, delete) deployment's network resources.
 
The feature proposal can be found here [1]. Although we have already started working on a spike to demonstrate the feasibility of the proposal, we would like to ask the community to review and comment it.
 
The proposal is articulated as an MVP, it will NOT cover the management of all networking related resources, we want to start with subnetworks, and add more resources (like load balancers, firewalls, ...) in the future.
 

Best,
- Ferran

restoring bosh deployment state failing

nshrest6@...
 

Hi ... i had a bosh director running which i updated with current vsphere cpi release 48, which failed due to the issue with ruby2.4, i tried reverting it back with old versions now i am running into issues .... 
```
Started deploying
  Waiting for the agent on VM 'vm-c3e42263-5167-467d-bda5-04e8762f63ec'... Failed (00:00:09)
  Deleting VM 'vm-c3e42263-5167-467d-bda5-04e8762f63ec'... Finished (00:00:08)
  Creating VM for instance 'bosh/0' from stemcell 'sc-5eae3672-c5cb-4351-8bf8-7972b464d0b4'... Finished (00:01:07)
  Waiting for the agent on VM 'vm-dc84d899-5444-483d-aeb6-1a247a04a56d' to be ready... Finished (00:00:27)
  Attaching disk 'disk-22e02c8a-b143-4534-a640-85705067887c' to VM 'vm-dc84d899-5444-483d-aeb6-1a247a04a56d'... Finished (00:00:18)
  Creating disk... Finished (00:00:07)
  Attaching disk 'disk-a8e62197-dfed-4596-b07e-4cf9686e852e' to VM 'vm-dc84d899-5444-483d-aeb6-1a247a04a56d'... Finished (00:00:18)
  Migrating disk content from 'disk-22e02c8a-b143-4534-a640-85705067887c' to 'disk-a8e62197-dfed-4596-b07e-4cf9686e852e'... Finished (00:01:57)
  Detaching disk 'disk-22e02c8a-b143-4534-a640-85705067887c'... Finished (00:00:10)
  Deleting disk 'disk-22e02c8a-b143-4534-a640-85705067887c'... Finished (00:00:04)
  Rendering job templates... Finished (00:00:06)
  Compiling package 'openjdk_1.8.0/a6b85c1cd75382025bbfa49abb737015575aec44'... Skipped [Package already compiled] (00:00:01)
  Compiling package 'ruby/c1086875b047d112e46756dcb63d8f19e63b3ac4'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'mysql/b7e73acc0bfe05f1c6cbfd97bf92d39b0d3155d5'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'libpq/826813f983d38b4b4a95bb8a3df1a2d0efab14b0'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'vsphere_cpi_ruby/14067294a0cd16a61646eedc3de4e9ed22d46076'... Finished (00:02:20)
  Compiling package 'credhub/c113daadcde5f2add56fb8f62313a96c6e98697e'... Skipped [Package already compiled] (00:00:01)
  Compiling package 'vsphere_cpi_mkisofs/72aac8fb0c0089065a00ef38a4e30d7d0e5a16ea'... Finished (00:02:44)
  Compiling package 'verify_multidigest/8fc5d654cebad7725c34bb08b3f60b912db7094a'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'lunaclient/b922e045db5246ec742f0c4d1496844942d6167a'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'bosh-gcscli/83d331c7b6d04de64cd5257a47e1e92021cb4c8a'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'postgres/3b1089109c074984577a0bac1b38018d7a2890ef'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'uaa_utils/20557445bf996af17995a5f13bf5f87000600f2e'... Skipped [Package already compiled] (00:00:00)
  Compiling package 's3cli/bb1c1976d221fdadf13a6bc873896cd5e2433580'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'pg_utils_9.4/dbd00a0758a5e6225e1121bfd444db6ec59204ee'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'davcli/5f08f8d5ab3addd0e11171f739f072b107b30b8c'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'director/ea00c83b4558293b1956564a4532e1af562ea6e0'... Skipped [Package already compiled] (00:00:01)
  Compiling package 'postgres-9.4/1da82648840de67015d379264846a447118261a7'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'nats/63ae42eb73527625307ff522fb402832b407321d'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'vsphere_cpi/e6c27f384060c8d0260f6f0310853d1a886b1128'... Finished (00:00:57)
  Compiling package 'nginx/57ca1d048957399c500e0f5fd3275ed4c6d4f762'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'mariadb_10.1.23/6ab14e132241110cff0dc160137b71a967d29d53'... Skipped [Package already compiled] (00:00:00)
  Compiling package 'uaa/33da697bb3343793c762f06970868565a71d053a'... Skipped [Package already compiled] (00:00:03)
  Compiling package 'health_monitor/aa43dacd332bda1131b141aada0ca45b4302273c'... Skipped [Package already compiled] (00:00:00)
  Updating instance 'bosh/0'... Finished (00:01:18)
  Waiting for instance 'bosh/0' to be running... Failed (00:06:00)
Failed deploying (00:18:44)
 
Stopping registry... Finished (00:00:00)
Cleaning up rendered CPI jobs... Finished (00:00:00)
```
 
i logged to bosh director and monit process shows 
```
/:/var/vcap/sys/log# monit summary 
The Monit daemon 5.2.5 uptime: 5m 
 
Process 'nats'                      running
Process 'postgres'                  running
Process 'blobstore_nginx'           running
Process 'director'                  not monitored
Process 'worker_1'                  not monitored
Process 'worker_2'                  not monitored
Process 'worker_3'                  not monitored
Process 'director_scheduler'        running
Process 'director_nginx'            running
Process 'health_monitor'            running
Process 'uaa'                       running
Process 'credhub'                   Does not exist
System 'system_localhost'           running
```
 
i am confused where do i start troubleshooting ... any idea if someone encountered similar issue during the bosh director restore ?

GCP 3586.18 Stemcell Issues

Michael Xu <mxu@...>
 

Hello Cloud Foundry!

The BOSH team is currently investigating an issue when using  Google Cloud Platform 3586.18 light and full stemcells. BOSH deployments on GCP using either of these stemcells will fail, and result in a timeout with unresponsive agents. In the meantime, please use the 3586.16 version. 

Currently this `unresponsive agent` issue seems to only manifest when deploying to GCP and using this specific version, but if you are experiencing similar deployment failures in other cases, please let us know! Feel free to join us at the #bosh CF Slack channel, we are happy to help.

Thanks,
Michael Xu && BOSH team

post hook into bosh delete vm command

estein@...
 

Hi,

We are interested in deploying a zabbix agent via a bosh package.  We want the package to automatically add the VM once created to the Zabbix monitor, which can be done via post-start or post-deployment I believe.  However, I can't figure out how to do the opposite: namely in the case where a VM is deleted, we need it's entry in the Zabbix monitor to be deleted.  I know the APIs that allows the deletion and we have a Java application that can do it, but is there a way to hook into that delete mechanism?  Drain/post-stop is called regardless of whether the VM is stopped or deleted, so I don't think that will work.

Hoping someone knows.  Thanks.

Re: post hook into bosh delete vm command

adrian.kurt@...
 

Hi

 

First of all I suggest adding your Zabbix integration as a regular bosh-release instead of a package. You can use the runtime-config to add it to all deployed vms.

 

If I remember correctly there are two parameters passed to the drain script and based on those you should be able to find out if the vm is about to be deleted.

 

Kind regards

Adrian

 

From: cf-bosh@... [mailto:cf-bosh@...] On Behalf Of estein@...
Sent: Mittwoch, 20. Juni 2018 22:18
To: cf-bosh@...
Subject: [cf-bosh] post hook into bosh delete vm command

 

Hi,

We are interested in deploying a zabbix agent via a bosh package.  We want the package to automatically add the VM once created to the Zabbix monitor, which can be done via post-start or post-deployment I believe.  However, I can't figure out how to do the opposite: namely in the case where a VM is deleted, we need it's entry in the Zabbix monitor to be deleted.  I know the APIs that allows the deletion and we have a Java application that can do it, but is there a way to hook into that delete mechanism?  Drain/post-stop is called regardless of whether the VM is stopped or deleted, so I don't think that will work.

Hoping someone knows.  Thanks.

Re: post hook into bosh delete vm command

Benjamin Gandon
 

Hi,

I contributed recently the details about this « cluster scale-in » condition in the BOSH documentation:

And there are example here:
and here:

But for detecting BOSH-manged nodes showing up and going, maybe you should see how the prometheus team solves this problem. Especially, look how the node_exporter list all nodes that are managed by the BOSH server in order to feed the Prometheus system with the accurate list.

Best,
/Benjamin GANDON

Le 21 juin 2018 à 07:54, adrian.kurt@... a écrit :

Hi
 
First of all I suggest adding your Zabbix integration as a regular bosh-release instead of a package. You can use the runtime-config to add it to all deployed vms.
 
If I remember correctly there are two parameters passed to the drain script and based on those you should be able to find out if the vm is about to be deleted.
 
Kind regards
Adrian
 
From: cf-bosh@... [mailto:cf-bosh@...] On Behalf Of estein@...
Sent: Mittwoch, 20. Juni 2018 22:18
To: cf-bosh@...
Subject: [cf-bosh] post hook into bosh delete vm command
 
Hi,

We are interested in deploying a zabbix agent via a bosh package.  We want the package to automatically add the VM once created to the Zabbix monitor, which can be done via post-start or post-deployment I believe.  However, I can't figure out how to do the opposite: namely in the case where a VM is deleted, we need it's entry in the Zabbix monitor to be deleted.  I know the APIs that allows the deletion and we have a Java application that can do it, but is there a way to hook into that delete mechanism?  Drain/post-stop is called regardless of whether the VM is stopped or deleted, so I don't think that will work.

Hoping someone knows.  Thanks. 


Re: post hook into bosh delete vm command

estein@...
 

That actually does sound perfect.  I'll check it out.

Re: post hook into bosh delete vm command

estein@...
 

Sorry, yes, I meant as a bosh release.  I'm still getting used to the nomenclature.