/azure-pcf-opsman-powershell

Install Scripts for automated zero-touch installation of PCF OpsManager on Azure / AzureStack

Primary LanguagePowerShellMIT LicenseMIT

PCF Azure Resource Manager (ARM) Templates and PAS AUTOPILOT

This repository contains ARM templates that help operators deploy Pivotal Cloud Foundry (PCF) to Azurestack (and azure) along with a number of Supported Services ( Tiles )

It features a set of Powershell Scripts to automate beyond what the template can do:

  • Configure required Storage Accounts
  • Download the Pivotal Operation Manager Image
  • Configure Pivotal Operation Manager
  • Auto Deploy Deploy PCF and add on Tiles
  • Uses latest Stemcell by initially loading the latest deploy-pcf

The Powershell script makes use of:

the certificate helper script may require openssl:

  • openssl for certificate creation

The user may also want to deploy my custom AzureStack Dashboard Tiles :

Pivotal Cloud Foundry Dashboard Tile

Additional Repo´s Tile

those will create a dashboard view like this one:
image

Initial supported Pivotal Cloudfoundry Tiles and Versions

  • Pivotal Application Service 2.3.6
  • MySQL 2.4.3
  • RabbitMQ 1.15.3
  • Spring Cloud Services 2.0.5
  • Spring Cloud Dataflow 1.3.1
  • Redis 1.14.4
  • Pivotal Cloud Foundry Metrics ( APM ) 1.5.1
  • Pivotal Cloud Foundry Healthwatch 1.4.4
  • Microsoft Azure Service Broker ( MASB )
    image

requirements

  • Windows 10 or Server 2016 Machine with at least 20GB Disk Space (SSD recommended)
  • Pre Configured Certificates OR openssl ( can be installed with prepare_utils.ps1)
  • Powershell 5
  • AzureStack / ASDK runnin 1811
  • omcli and PIVPOSH ( can be installed with prepare_utils.ps1)
  • a customized env.json file in the users $HOME, see example
  • read the documentation, twice

certificates

when using PAS Autopilot, a SSL Certificate is required for the pcf subdomain, containing wildcars SAN´s for vwarious PCF subdomains. the Cerificate must have the name of the pcfsubdomain.azurestackdomain.crt
if issued from a private / self signed Authority, the ca´s CERT must be appended to the file.
for testing on AzureStack / ASDK, you can use the certificate helper script script. To install OpenSSL, simply run the helper utilities helper script, that will also install PivPosh

Usage

this section desccribes various command options

Basic testing / Opsman Director only

there is one central PS1 Script to deploy OPS Manager.
just enter deploy_pcf-opsman.ps1 will deploy the latest default OpsManager

  1. to get started, clone into the master branch. If you do not have git installed, i recommend

    install-script install-gitscm -scope currentuser
    install-gitscm.ps1

    then clone the Repo:

    git clone --single-branch --branch master https://github.com/bottkars/azure-pcf-opsman-powershell ./pcf
    set-location ./pcf

*to update the repo, just run git pull at any time

  1. Azure Stack CA root certificate for ASDK /Azure Stack the azurestack root ca file must be located in $HOME/root.pem in pem format. In case of ASDK, see AzureStack Documentation on how to obtain

On Integrated Systems, please put the root Cert of the Enterprise PKI / Public Certifiaction Autority used to create the Azurestack Certificate into $HOME/root.pem

! DO NOT USE /var/lib/waagent/Certificates.pem, as this my contan WRONG DATA !

  1. run the helper utility to install omcli, openssh and thge pivposh powershell module
./prepare_utils.ps1
  1. start a deployment with a test parameter this wil make sure we can deploy to the desired resource group and test´s if we can use the storageaccount for opsman images ( note: the storageaccount for the images can be shared between different installations, for test , dev, etc. the deployment will create custom images from that location)
./deploy_pcf-opsman.ps1 -resourceGroup pcftest -location local -subnet 10.30.0.0 -PCF_SUBDOMAIN_NAME pcftest  -dnsdomain azurestack.external -downloadpath E:\PCF\ -TESTONLY
  1. start the deployment once test and download´s are finished, run without test parameter. this is an example for an azure stack. location ( region ) and dnsdomain of the Stack might be omitted, the script will ask you for it anyway
./deploy_pcf-opsman.ps1 -resourceGroup pcftest -location local -subnet 10.30.0.0 -PCF_SUBDOMAIN_NAME pcftest  -dnsdomain azurestack.external -downloadpath E:\PCF\

if the installation succeeds, be happy, everything is fine.

  1. Install the PAS Tile to install the PAS Tile now, run
.\scripts\deploy_pas.ps1 -DIRECTOR_CONF_FILE $HOME\director_pcftest.json

note: the file name is director_rgname.json

youn can use the deloyment_ scripts in the ./scripts folder to deploy all supported tiles manually after install.

  1. Delete the installation
Get-AzureRmResourceGroup pcftest  | Remove-AzureRmResourceGroup -Force

this will remove the PCF installation. the pcfopsmanstorage ResourceGroup will remain, as you might want to re-use the images for the next installation 😎

Advanced Installation Examples

Example 1 Install PCF, Spring Dataflow and Spring Cloud Service

this will include required redis, rabbit and mysql

./deploy_pcf-opsman.ps1 -resourceGroup pcfprod `
 -subnet 10.30.0.0 `
 -PCF_SUBDOMAIN_NAME pcfprod `
 -downloadpath E:\PCF\ `
 -tiles spring,dataflow

Example 2

see example walkthrough

product customizations

the deployment tool uses product specific .json files that degtermine the Product version, and, in some cases ( e.g. srt or cf for pas) Product Names.
If you want to use yoa specific product version, simply copy and customize the corresponding Json File from /examples to $HOME. DO NOT EDIT THE EXAMPLE FILES (as they are managed by git).
the shipped product files always contain the latest and tested running on azurestack ::verifyed_by_azurestack_guy::

Operations Manager Images

opsman images will be first downloaded locally and then uploaded to a dedicated storageaccount outside the PCF resource group. this allows for deleting the complete deployment without the reuirement to upload the OpsmanImage again

Tiles

procucts tile required will be downloaded to $HOME/downloads by default.
to specify a different download directory, use -downloadpath yourpath when calling deploy_pcf-opsman.ps1.
required products will be downloaded automatically using OMCLI when:

  • deploy_pcf-opsman.ps1 is stated with -force_procuct_download
  • no productfile is available in the download location ##- More Deployment EXAMPLES

below are some examples for running and customizing

deploy PCF opsman and Pivotal Application Service (PAS SmallRunTime (SRT) )

./deploy_pcf-opsman.ps1 -PAS_AUTOPILOT

deploy PCF opsman and Pivotal Application Service and FULL CF

-PAS_TYPE allows you to switch from srt ( default) to full CF

./deploy_pcf-opsman.ps1 -PAS_AUTOPILOT -PAS_TYPE cf

Deploy PCF Opsman, SRT, MYSQL, RabbitMq and Spring Cloud Services

./deploy_pcf-opsman.ps1 `
 -resourceGroup pcfprod `
 -subnet 10.30.0.0 `
 -PCF_SUBDOMAIN_NAME pcfprod `
 -downloadpath E:\PCF\ `
 -tiles spring,dataflow

Deploying Opsman only

A Detailed Walkthrough can be found here
Part1 Deploy Ops Manager
Part2 Configure Ops Manager Bosh Director