Skip to content

Instantly share code, notes, and snippets.

@kushmerick

kushmerick/gist:5294579

Last active December 15, 2015 17:09
Show Gist options
  • Save kushmerick/5294579 to your computer and use it in GitHub Desktop.
Save kushmerick/5294579 to your computer and use it in GitHub Desktop.
Download ZIP
tempest-small.erb
Raw
gistfile1.txt
---
# Registering service tokens ('bosh diff' again if this generated documentation is incomplete):
# $ gem install admin-cf-plugin
<%- GW = "_gateway" -%>
<%- exceptions = {"rabbit" => "rabbitmq"} -%>
<%- find("properties").each do |k,v| -%>
<%- if k =~ /#{GW}$/ -%>
<%- token = v["token"] -%>
<%- next unless token -%>
<%- label = k[0..-GW.length-1] -%>
<%- label = exceptions[label] || label -%>
# $ cf create-service-auth-token --provider core --token <%= token %> --label <%= label %>
<%- end -%>
<%- end -%>
name: Tempest
director_uuid: <%= find("director_uuid") %>
# Create release from the following commits:
# releases repo: vmw-tmpst/releases; commit: d147a46 (a script to generate a pretty summary of the submodules)
# component: tempest/alpha2/bosh; repo: cloudfoundry/bosh; commit: 67ddc1a (aws_registry should use aws region instead of endpoint)
# component: tempest/alpha2/bosh-release; repo: cloudfoundry/bosh-release; commit: 72a7c1f (Update LICENSE and NOTICE)
# component: tempest/alpha2/cf-release; repo: cloudfoundry/cf-release; commit: 34ec9ed (Bumped yetis (now uses parallel_tests))
releases:
- name: appcloud
version: 130.1-dev
compilation:
workers: 2
network: default
cloud_properties:
ram: 2048
disk: 8096
cpu: 2
update:
canaries: 1
canary_watch_time: 3000-90000
update_watch_time: 3000-90000
max_in_flight: 2
max_errors: 1
<%- # Three methods for the admin username/password, HTTP(S) proxies, and secrets. We -%>
<%- # use the existing/custom value, or the value from properties.tempest.manifest_stub, -%>
<%- # or the default value if all else fails. -%>
<%- def admin_username() admin("username") end -%>
<%- def admin_password() admin("password") end -%>
<%- def encrypted_vm_password(rp) custom_encrypted_vm_password(rp) || mkpasswd(admin_password) end -%>
<%- def http_proxy(s = '') getprop("env.http#{s}_proxy") end -%>
<%- def https_proxy() http_proxy('s') end -%>
<%- def secret(path) "\"#{getprop(path) || mksecret}\"" end -%>
<%- # Defaults -%>
<%- DEFAULT_admin_password = "T3@p0+" # tempest in a... -%>
<%- DEFAULT_admin_username = "[email protected]" -%>
<%- # Helpers -%>
<%- def admin(property) eval("custom_admin_#{property} || stub_admin('#{property}') || DEFAULT_admin_#{property}") end -%>
<%- def custom_admin_username() first_scim_user_field(0) end -%>
<%- def custom_admin_password() first_scim_user_field(1) end -%>
<%- def first_scim_user_field(field) getprop("uaa.scim.users")[0].split("|")[field] rescue nil end -%>
<%- def stub_admin(property) getprop("tempest.manifest_stub.admin.#{property}") end -%>
<%- def custom_encrypted_vm_password(rp) find("")["resource_pools"].find{|p|p["name"]==rp}["env"]["bosh"]["password"] rescue nil end -%>
<%- def mkpasswd(password) `mkpasswd -m sha-512 #{password.gsub(/./){|x|"\\#{x}"}}`.strip rescue raise "Please 'apt-get install mkpasswd'" end -%>
<%- def getprop(path) path.split(".").inject(find("properties")) { |obj,prop| obj[prop] rescue obj.first{|o|o["name"]==prop} rescue nil } end -%>
<%- CHARS = ("A".."Z").to_a -%>
<%- def mksecret(length=20) length.times.map{CHARS[rand(CHARS.length)]}.join end -%>
networks:
<%- @networks = find("networks") -%>
<%- def network?(network_name) @networks.any? { |network| network["name"]==network_name } end -%>
<%- for @network in @networks -%>
- name: <%= find_in("name", @network) %>
subnets:
<%- for @subnet in find_in("subnets", @network) -%>
- range: <%= find_in("range", @subnet) %>
<%- if @subnet['reserved'] -%>
reserved:
<%- for @reserved in find_in("reserved", @subnet) -%>
- <%= @reserved %>
<%- end -%>
<%- end -%>
static:
<%- for @static in find_in("static", @subnet) -%>
- <%= @static %>
<%- end -%>
<%- if @subnet['gateway'] -%>
gateway: <%= find_in("gateway", @subnet) %>
<%- end -%>
dns:
<%- for @dns in find_in("dns", @subnet) -%>
- <%= @dns %>
<%- end -%>
cloud_properties:
name: <%= find_in("cloud_properties.name", @subnet) %>
<%- end -%>
<%- end -%>
resource_pools:
- name: infrastructure
network: default
size: 7
stemcell:
name: bosh-stemcell
version: 0.8.0
cloud_properties:
ram: 2048
disk: 4096
cpu: 1
env:
bosh:
password: "<%= encrypted_vm_password('infrastructure') %>"
- name: deas
network: default
size: 1
stemcell:
name: bosh-stemcell
version: 0.8.0
cloud_properties:
ram: 2048
disk: 8192
cpu: 1
env:
bosh:
password: "<%= encrypted_vm_password('deas') %>"
- name: services_3gb_small
network: default
size: 3
stemcell:
name: bosh-stemcell
version: 0.8.0
cloud_properties:
ram: 3072
disk: 4096
cpu: 1
env:
bosh:
password: "<%= encrypted_vm_password('services_3gb_small') %>"
- name: services_4gb_small
network: default
size: 2
stemcell:
name: bosh-stemcell
version: 0.8.0
cloud_properties:
ram: 4096
disk: 4096
cpu: 1
env:
bosh:
password: "<%= encrypted_vm_password('services_4gb_small') %>"
jobs:
- name: nfs_syslog_nats
release: appcloud
template:
- debian_nfs_server
- syslog_aggregator
- nats
instances: 1
resource_pool: infrastructure
persistent_disk: 8192
networks:
- name: default
static_ips:
- <%= ip(0, "default.static") %>
- name: ccdb_hm_login
release: appcloud
template:
- postgres
- health_manager_next
- login
instances: 1
resource_pool: infrastructure
persistent_disk: 512
networks:
- name: default
static_ips:
- <%= ip(1, "default.static") %>
properties:
db: ccdb_ng
- name: tsdb_collector_dashboard
release: appcloud
template:
- opentsdb
- collector
- dashboard
instances: 1
resource_pool: infrastructure
persistent_disk: 2048
networks:
- name: default
static_ips:
- <%= ip(2, "default.static") %>
- name: uaadb_hbase
release: appcloud
template:
- postgres
- hbase_master
- hbase_slave
instances: 1
resource_pool: infrastructure
persistent_disk: 2048
networks:
- name: default
static_ips:
- <%= ip(3, "default.static") %>
properties:
db: uaadb
- name: router
release: appcloud
template: gorouter
instances: 1
resource_pool: infrastructure
networks:
- name: default
<%- if network?('lb') -%>
default: [dns, gateway]
- name: lb
static_ips:
- <%= ip_range(0..0, "lb.static") %>
<%- else -%>
static_ips: <%= find("jobs.router.networks.default.static_ips") %>
<%- end -%>
- name: cloud_controller
release: appcloud
template: cloud_controller_ng
resource_pool: infrastructure
instances: 1
networks:
- name: default
- name: dea
release: appcloud
template: dea_next
resource_pool: deas
instances: 1
networks:
- name: default
- name: uaa_service_gateways
release: appcloud
template:
- uaa
- mysql_gateway
- mongodb_gateway
- redis_gateway
- rabbit_gateway
- postgresql_gateway
resource_pool: infrastructure
instances: 1
networks:
- name: default
properties:
uaa_client_id: "vmc"
uaa_endpoint: https://uaa.<%= find("properties.domain") %>
uaa_client_auth_credentials:
username: "<%= admin_username %>"
password: "<%= admin_password %>"
- name: mysql_node_100
release: appcloud
template: mysql_node_ng
instances: 1
resource_pool: services_3gb_small
persistent_disk: 1315
properties:
plan: "100"
mysql_node:
max_tmp: 256
networks:
- name: default
static_ips:
- <%= ip_range(5..5, "default.static") %>
- name: mongodb_node_100
release: appcloud
template: mongodb_node_ng
instances: 1
resource_pool: services_4gb_small
persistent_disk: 7053
properties:
plan: "100"
mongodb_node:
max_tmp: 256
networks:
- name: default
static_ips:
- <%= ip_range(6..6, "default.static") %>
- name: redis_node_100
release: appcloud
template: redis_node_ng
instances: 1
resource_pool: services_3gb_small
persistent_disk: 1310
properties:
plan: "100"
networks:
- name: default
static_ips:
- <%= ip_range(7..7, "default.static") %>
- name: rabbit_node_100
release: appcloud
template: rabbit_node_ng
instances: 1
resource_pool: services_4gb_small
persistent_disk: 1184
properties:
plan: "100"
networks:
- name: default
static_ips:
- <%= ip_range(8..8, "default.static") %>
- name: postgresql_node_100
release: appcloud
template: postgresql_node_ng
instances: 1
resource_pool: services_3gb_small
persistent_disk: 1691
properties:
plan: "100"
networks:
- name: default
static_ips:
- <%= ip_range(9..9, "default.static") %>
properties:
<%- if http_proxy || https_proxy -%>
env:
<%- if http_proxy -%>
http_proxy: <%= http_proxy %>
<%- end -%>
<%- if https_proxy -%>
https_proxy: <%= https_proxy %>
<%- end -%>
<%- end -%>
domain: <%= find("properties.domain") %>
networks:
apps: default
management: default
nats:
user: nats
password: "z2b3ij3122"
address: <%= ip(0, "default.static") %>
port: 4222
ccdb: &ccdb
address: <%= ip(1, "default.static") %>
port: 5524
pool_size: 10
roles:
- tag: admin
name: ccadmin
password: "tauBauWauZZb2"
databases:
- tag: cc
name: appcloud
citext: true
ccdb_ng: *ccdb
uaadb:
address: <%= ip(3, "default.static") %>
port: 2544
roles:
- tag: admin
name: root
password: "33139c8e3f34bc201351ba7a"
databases:
- tag: uaa
name: uaa
cc: &cc
srv_api_uri: http://api.<%= find("properties.domain") %>
external_host: api
logging_level: debug
uaa_resource_id: cloud_controller
staging_upload_user: dummy
staging_upload_password: "dummy"
bulk_api_password: zbTuuLaap44jadlas2l312lk
bootstrap_admin_email: <%= admin_username %>
ccng: *cc
router:
status:
port: 8080
user: sBNUxXlS0pc71wVef
password: "7nTmaIf9vPV4mJyBe"
dea_next:
memory_mb: 4096
memory_overcommit_factor: 2
disk_mb: 8192
disk_overcommit_factor: 2
num_instances: 100
nfs_server:
address: <%= ip(0, "default.static") %>
network: <%= get_network_and_mask("default") %>
hbase_master:
address: <%= ip(3, "default.static") %>
hbase_master:
port: 60000
webui_port: 60010
heap_size: 1024
hbase_zookeeper:
heap_size: 1024
hadoop_namenode:
port: 9000
opentsdb:
address: <%= ip(2, "default.static") %>
port: 4242
hbase_slave:
hbase_regionserver:
port: 60020
heap_size: 1024
addresses:
- <%= ip(3, "default.static") %>
# workaround for dashboard bug https://www.pivotaltracker.com/projects/166935/stories/47255731
dashboard:
uaa:
client_id: dashboard
client_secret: dashboard_client_secret_xyzzy
service_plans:
mysql:
"100":
description: "Shared server, shared VM, 1MB memory, 10MB storage, 10 connections"
free: true
job_management:
high_water: 8
low_water: 2
configuration:
capacity: 10
max_db_size: 10
key_buffer: 512
innodb_buffer_pool_size: 512
max_allowed_packet: 16
thread_cache_size: 128
query_cache_size: 128
max_long_query: 3
max_long_tx: 30
max_clients: 10
max_connections: 40
table_open_cache: 80
innodb_tables_per_database: 50
connection_pool_size:
min: 5
max: 10
warden:
enable: false
postgresql:
"100":
description: "Shared server, shared VM, 1MB memory, 10MB storage, 10 connections"
free: true
job_management:
high_water: 8
low_water: 2
configuration:
capacity: 10
max_db_size: 10
max_long_query: 3
max_long_tx: 10
max_clients: 10
max_connections: 40
shared_buffers: 312
effective_cache_size: 1115
shmmax: 371195904
checkpoint_segments: 3
checkpoint_segments_max: 3
maintenance_work_mem: 30
enable_xlog_enforcer: true
xlog_enforce_tolerance: 5
warden:
enable: false
mongodb:
"100":
description: "Dedicated server, shared VM, 250MB storage, 10 connections"
free: true
job_management:
high_water: 8
low_water: 2
configuration:
capacity: 10
max_clients: 10
quota_files: 4
quota_data_size: 240
enable_journaling: true
redis:
"100":
description: "Dedicated server, shared VM, 20MB memory, 50 connections"
free: true
job_management:
high_water: 8
low_water: 2
configuration:
capacity: 10
max_memory: 20
memory_overhead: 5
max_clients: 50
persistent: true
rabbit:
"100":
description: "Dedicated server, shared VM, 1MB messages/day, 10 connections"
free: true
job_management:
high_water: 8
low_water: 2
configuration:
capacity: 10
max_disk: 10
max_clients: 10
vm_memory_high_watermark: 0.03080
free_disk_low_water: 0.01832
bandwidth_quotas:
per_day: 1
per_second: 0.01
filesystem_quota: true
mysql_gateway:
cc_api_version: v2
token: <%= secret("mysql_gateway.token") %>
default_plan: "100"
supported_versions: ["5.5"]
version_aliases:
current: "5.5"
mysql_node:
supported_versions: ["5.5"]
default_version: "5.5"
password: "zb213djkas"
redis_gateway:
cc_api_version: v2
token: <%= secret("redis_gateway.token") %>
default_plan: "100"
supported_versions: ["2.6"]
version_aliases:
current: "2.6"
redis_node:
command_rename_prefix: foobar
supported_versions: ["2.6"]
default_version: "2.6"
mongodb_gateway:
cc_api_version: v2
token: <%= secret("mongodb_gateway.token") %>
default_plan: "100"
supported_versions: ["2.2"]
version_aliases:
current: "2.2"
mongodb_node:
supported_versions: ["2.2"]
default_version: "2.2"
rabbit_gateway:
cc_api_version: v2
token: <%= secret("rabbit_gateway.token") %>
default_plan: "100"
supported_versions: ["3.0"]
version_aliases:
current: "3.0"
rabbit_node:
supported_versions: ["3.0"]
default_version: "3.0"
postgresql_gateway:
cc_api_version: v2
token: <%= secret("postgresql_gateway.token") %>
default_plan: "100"
supported_versions: ["9.2"]
version_aliases:
current: "9.2"
postgresql_node:
password: <%= secret("postgresql_node.password") %>
supported_versions: ["9.2"]
default_version: "9.2"
# workaround for CCNG bug https://www.pivotaltracker.com/story/show/41486951
serialization_data_server:
upload_token: "dummy"
upload_timeout: 9999
port: dummy
service_lifecycle:
serialization_data_server: []
syslog_aggregator:
address: <%= ip(0, "default.static") %>
port: 54321
uaa:
catalina_opts: -Xmx768m -XX:MaxPermSize=256m
url: http://uaa.<%= find("properties.domain") %>
client_secret: <%= secret("uaa.client_secret") %>
token_secret: <%= secret("uaa.token_secret") %>
cc:
token_secret: <%= secret("uaa.cc.token_secret") %>
client_secret: <%= secret("uaa.cc.client_secret") %>
admin:
client_secret: <%= secret("uaa.admin.client_secret") %>
client:
override: true
clients:
login:
id: login
autoapprove: true
scope: openid
authorities: oauth.login
secret: <%= secret("uaa.clients.login.secret") %>
authorized-grant-types: authorization_code,client_credentials,refresh_token
dashboard:
autoapprove: true
secret: dashboard_client_secret_xyzzy
scope: openid,dashboard.user
authorities: uaa.admin,uaa.resource,tokens.read,scim.read,scim.write
authorized-grant-types: client_credentials,authorization_code,refresh_token
vmc:
override: true
autoapprove: true
authorized-grant-types: implicit,password,refresh_token
authorities: uaa.none
scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write
cf:
override: true
autoapprove: true
authorized-grant-types: implicit,password,refresh_token
authorities: uaa.none
scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write
scim:
users:
- <%= admin_username %>|<%= admin_password %>|scim.write,scim.read,openid,cloud_controller.admin,dashboard.user
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment