Tag : author-cweibel

Detect ETCD Split Brain for Cloud Foundry

While upgrading one of the development environments we had a bad configuration of the etcd properties. This resulted in three etcd servers spinning up which each elected themselves as leader. To detect this condition look at the leader key on each etcd server. In the scenario below there are three etcd servers named: etcd_z1/0 etcd_z1/1

Chris Weibel Profile Image

Posted by:
Chris Weibel

Read More ➝
BOSH + UAA with Signed Certificates – Part II

In the second part of configuring UAA with BOSH we’ll cover changes which are needed for Health Monitor which may not be obvious from the tutorial found at http://bosh.io/docs/director-users-uaa.html. Part I of this tutorial is here: https://www.starkandwayne.com//blog/bosh-uaa-with-signed-certificates/ Change Health Manager Authentication In your deployment manifest you should have the user and password defined similar to:

Chris Weibel Profile Image

Posted by:
Chris Weibel

Read More ➝
Verify Order of Signed Certificates for UAA + BOSH

In a previous article (https://www.starkandwayne.com//blog/bosh-uaa-with-signed-certificates/) we discovered how to add a multiple/intermediate level signed certificates to UAA on BOSH. Recently I discovered one of my deployments had the certs in the wrong order and a kind gentleman named Thilak showed me how to verify the order of certificates is correct. While the bosh_cli didn’t complain

Chris Weibel Profile Image

Posted by:
Chris Weibel

Read More ➝
bosh-init on AWS, What Time is it Mr. Fox?

We ran into an interesting problem today while running bosh-init against AWS: CPI ‘has_vm’ method responded with error: CmdError{"type":"Unknown","message":"AWS was not able to validate the provided access credentials","ok_to_retry":false} This is a CPI error so after a bit of investigation confirmed our AWS keys were correct and valid with the awscli. After some more digging we

Chris Weibel Profile Image

Posted by:
Chris Weibel

Read More ➝
BOSH + UAA with Signed Certificates – Part I

Pivotal has done a great job with documenting adding UAA as the authentication and authorization for BOSH instead of relying on local BOSH accounts. This allows you to later integrate with LDAP or SAML later on. The instructions have you generate a series of unsigned certs which works great except now you have to use

Chris Weibel Profile Image

Posted by:
Chris Weibel

Read More ➝
OpenStack Juno Static IP Patch

There is a bug in OpenStack Juno which prevents BOSH from assigning static IPs. This can be quite an issue when trying to install Cloud Foundry on OpenStack. There is a very simple fix: Log into Controller Node From the Mirantis Fuel Dashboard navigate to Nodes > Controller and click on the gear icon. The

Chris Weibel Profile Image

Posted by:
Chris Weibel

Read More ➝
Wait until SSH is available

Ever run into a situation where you need to ssh into a newly created server but you aren’t sure that the server is listening on the ssh port yet? For the Terraform OpenStack install of Cloud Foundry the Bastion server isn’t immediately available for the provision script to run. Below is a short bash script

Chris Weibel Profile Image

Posted by:
Chris Weibel

Read More ➝
Updates to terraform-aws-cf-install and terraform-openstack-cf-install

There have been a couple exciting changes to the two Cloud Foundry provisioning projects for AWS and OpenStack which make deploying Cloud Foundry to these two infrastructures even easier than before. See this link for instructions on deploying Cloud Foundry to AWS, one for OpenStack is coming soon so check the blog again soon. make

Chris Weibel Profile Image

Posted by:
Chris Weibel

Read More ➝
Easy Deployment of Cloud Foundry on AWS using Terraform

Welcome! This manual will guide you through the steps necessary to deploy Cloud Foundry using Terraform on Amazon Web Services. A tremendous amount of automation has been put in place to allow you to quickly deploy Cloud Foundry in an easy and repeatable way. If you know your AWS access key credentials, skip straight to

Chris Weibel Profile Image

Posted by:
Chris Weibel

Read More ➝