Container 설치 가이드

1. 문서 개요

1.1. 목적

본 문서(Container 서비스팩 설치 가이드)는 개방형 PaaS 플랫폼 고도화 및 개발자 지원 환경 기반의 Open PaaS에서 제공되는 서비스팩인 Container 서비스팩을 Bosh를 이용하여 설치 및 서비스 등록하는 방법을 기술하였다.
PaaS-TA 3.5 버전부터는 Bosh 2.0 기반으로 배포(deploy)를 진행한다. 기존 Bosh 1.0 기반으로 설치를 원할 경우에는 PaaS-TA 3.1 이하 버전의 문서를 참고한다.

1.2. 범위

설치 범위는 Container 서비스팩을 검증하기 위한 기본 설치를 기준으로 작성하였다.

1.3. 시스템 구성도

본 문서의 설치된 시스템 구성도이다. Container 서비스 Server, Container 서비스 브로커로 최소사항을 구성하였다.
VM명
인스턴스수
vCPU 수
메모리(GB)
디스크(GB)
master
1
1
4G
Root 4G + 영구디스크 20G
worker
N
8
16G
Root 4G + 영구디스크 50G
container-service-api
N
1
1G
Root 4G
container-service-common-api
N
1
1G
Root 4G
container-service-broker
N
1
1G
Root 4G
container-service-dashboard
1
1
1G
Root 4G
DBMS (MariaDB)
1
1
2G
Root 4G + 영구디스크 20G
HAProxy
1
1
2G
Root 4G

1.4. 참고 자료

2. Container 서비스팩 설치

2.1. 설치 전 준비사항

본 설치 가이드는 Linux 환경에서 설치하는 것을 기준으로 하였다. 서비스팩 설치를 위해서는 먼저 BOSH CLI v2가 설치되어 있어야 하고 BOSH에 로그인이 되어 있어야 한다. BOSH CLI v2가 설치 되어 있지 않을 경우, 먼저 BOSH 2.0 설치 가이드 문서를 참고하여 BOSH CLI v2를 설치를 하고 사용법을 숙지해야한다.

2.1.1. Container 서비스 Deployment 및 Release 파일 다운로드

Container 서비스 설치에 필요한 Deployment 및 릴리즈 파일을 다운로드 받아 서비스 설치 작업 경로로 위치시킨다.
  • 설치 파일 다운로드 위치 : https://paas-ta.kr/download/package
  • Release, deployment 파일은 /home/{user_name}/workspace/paasta-4.0 이하에 다운로드 받아야 한다.
  • 설치 작업 경로 생성 및 파일 다운로드
Deployment 파일
paasta-container-service-2.0
Release 파일
bosh-dns-release-1.5.0.tgz bpm-release-0.6.0.tgz cfcr-etcd-release-1.3.tgz docker-32.0.0.tgz kubo-release.tgz paasta-container-service-projects-release.tgz
1
- Deployment 다운로드 파일 위치 경로 생성
2
$ mkdir -p ~/workspace/paasta-4.0/deployment/service-deployment/paasta-container-service-2.0
3
4
- 릴리즈 다운로드 파일 위치 경로 생성
5
$ mkdir -p ~/workspace/paasta-4.0/release/service
Copied!
  • Deployment 파일을 다운로드 받아 ~/workspace/paasta-4.0/deployment/service-deployment/paasta-container-service-2.0 이하 디렉토리에 이동한다.
  • Release 파일을 다운로드 받아 ~/workspace/paasta-4.0/release/service 이하 디렉토리에 이동한다.

2.2. Stemcell 업로드

  • Deploy시 사용할 Stemcell을 확인한다.
    Stemcell 목록이 존재 하지 않을 경우, BOSH 설치 가이드 문서를 참고하여 Stemcell을 업로드를 해야 한다. (Stemcell 3586.26 버전 사용, PaaSTA-Stemcell.zip)
  • Stemcell 다운로드 위치
1
$ bosh -e micro-bosh stemcells
2
Using environment '10.30.40.111' as user 'admin' (openid, bosh.admin)
3
4
Name Version OS CPI CID
5
bosh-vsphere-esxi-ubuntu-trusty-go_agent 3586.26* ubuntu-trusty - sc-109fbdb0-f663-49e8-9c30-8dbdd2e5b9b9
6
~ 3468.51* ubuntu-trusty - sc-bd8fadf2-92f2-495b-b172-d571a388abf5
7
~ 3445.2* ubuntu-trusty - sc-025c70b5-7d6e-4ba3-a12b-7e71c33dad24
8
~ 3309* ubuntu-trusty - sc-22429dba-e5cc-4469-ab3a-882091573277
9
10
(*) Currently deployed
11
12
4 stemcells
13
14
Succeeded
Copied!

2.3. Container 서비스 릴리즈 Deployment 파일 수정 및 배포

BOSH Deployment manifest는 Components 요소 및 배포의 속성을 정의한 YAML 파일이다.
Deployment 파일에서 사용하는 network, vm_type 등은 Cloud config를 활용하고 해당 가이드는 BOSH 2.0 가이드를 참고한다.
  • Cloud config 내용 조회
1
$ bosh -e micro-bosh cloud-config
2
Using environment '10.30.40.111' as user 'admin' (openid, bosh.admin)
3
4
azs:
5
- cloud_properties:
6
datacenters:
7
- clusters:
8
- PAASTA-HA:
9
resource_pool: CF_BOSH2_Pool
10
name: PAASTA-HA
11
name: z1
12
- cloud_properties:
13
datacenters:
14
- clusters:
15
- PAASTA-HA:
16
resource_pool: CF_BOSH2_Pool
17
name: PAASTA-HA
18
name: z2
19
- cloud_properties:
20
datacenters:
21
- clusters:
22
- PAASTA-HA:
23
resource_pool: CF_BOSH2_Pool
24
name: PAASTA-HA
25
name: z3
26
- cloud_properties:
27
datacenters:
28
- clusters:
29
- PAASTA-HA:
30
resource_pool: CF_BOSH2_Pool
31
name: PAASTA-HA
32
name: z4
33
- cloud_properties:
34
datacenters:
35
- clusters:
36
- PAASTA-HA:
37
resource_pool: CF_BOSH2_Pool
38
name: PAASTA-HA
39
name: z5
40
- cloud_properties:
41
datacenters:
42
- clusters:
43
- PAASTA-HA:
44
resource_pool: CF_BOSH2_Pool
45
name: PAASTA-HA
46
name: z6
47
compilation:
48
az: z1
49
network: default
50
reuse_compilation_vms: true
51
vm_type: large
52
workers: 5
53
disk_types:
54
- disk_size: 1024
55
name: default
56
- disk_size: 1024
57
name: 1GB
58
- disk_size: 2048
59
name: 2GB
60
- disk_size: 4096
61
name: 4GB
62
- disk_size: 5120
63
name: 5GB
64
- disk_size: 8192
65
name: 8GB
66
- disk_size: 10240
67
name: 10GB
68
- disk_size: 20480
69
name: 20GB
70
- disk_size: 30720
71
name: 30GB
72
- disk_size: 51200
73
name: 50GB
74
- disk_size: 102400
75
name: 100GB
76
- disk_size: 1048576
77
name: 1TB
78
networks:
79
- name: default
80
subnets:
81
- azs:
82
- z1
83
- z2
84
- z3
85
- z4
86
- z5
87
- z6
88
cloud_properties:
89
name: Internal
90
dns:
91
- 8.8.8.8
92
gateway: 10.100.20.23
93
range: 10.30.0.0/16
94
reserved:
95
- 10.30.0.0 - 10.30.111.40
96
- name: public
97
subnets:
98
- azs:
99
- z1
100
- z2
101
- z3
102
- z4
103
- z5
104
- z6
105
cloud_properties:
106
name: External
107
dns:
108
- 8.8.8.8
109
gateway: 115.68.46.177
110
range: 115.68.46.176/28
111
reserved:
112
- 115.68.46.176 - 115.68.46.188
113
static:
114
- 115.68.46.189 - 115.68.46.190
115
type: manual
116
- name: service_private
117
subnets:
118
- azs:
119
- z1
120
- z2
121
- z3
122
- z4
123
- z5
124
- z6
125
cloud_properties:
126
name: Internal
127
dns:
128
- 8.8.8.8
129
gateway: 10.100.20.23
130
range: 10.30.0.0/16
131
reserved:
132
- 10.30.0.0 - 10.30.106.255
133
static:
134
- 10.30.107.1 - 10.30.107.255
135
- name: service_public
136
subnets:
137
- azs:
138
- z1
139
- z2
140
- z3
141
- z4
142
- z5
143
- z6
144
cloud_properties:
145
name: External
146
dns:
147
- 8.8.8.8
148
gateway: 115.68.47.161
149
range: 115.68.47.160/24
150
reserved:
151
- 115.68.47.161 - 115.68.47.174
152
static:
153
- 115.68.47.175 - 115.68.47.185
154
type: manual
155
- name: portal_service_public
156
subnets:
157
- azs:
158
- z1
159
- z2
160
- z3
161
- z4
162
- z5
163
- z6
164
cloud_properties:
165
name: External
166
dns:
167
- 8.8.8.8
168
gateway: 115.68.46.209
169
range: 115.68.46.208/28
170
reserved:
171
- 115.68.46.217 - 115.68.46.222
172
static:
173
- 115.68.46.214 - 115.68.46.216
174
type: manual
175
- name: portal_service_public
176
subnets:
177
- azs:
178
- z1
179
- z2
180
- z3
181
- z4
182
- z5
183
- z6
184
cloud_properties:
185
name: External
186
dns:
187
- 8.8.8.8
188
gateway: 115.68.46.209
189
range: 115.68.46.208/28
190
reserved:
191
- 115.68.46.217 - 115.68.46.222
192
static:
193
- 115.68.46.214 - 115.68.46.216
194
type: manual
195
vm_extensions:
196
- cloud_properties:
197
ports:
198
- host: <CLOUD_PROPERTY_PORT_OF_HOST>
199
name: mysql-proxy-lb
200
- name: cf-router-network-properties
201
- name: cf-tcp-router-network-properties
202
- name: diego-ssh-proxy-network-properties
203
- name: cf-haproxy-network-properties
204
- cloud_properties:
205
disk: 51200
206
name: small-50GB
207
- cloud_properties:
208
disk: 102400
209
name: small-highmem-100GB
210
vm_types:
211
- cloud_properties:
212
cpu: 1
213
disk: 8192
214
ram: 1024
215
name: minimal
216
- cloud_properties:
217
cpu: 1
218
disk: 10240
219
ram: 2048
220
name: default
221
- cloud_properties:
222
cpu: 1
223
disk: 30720
224
ram: 4096
225
name: small
226
- cloud_properties:
227
cpu: 2
228
disk: 20480
229
ram: 4096
230
name: medium
231
- cloud_properties:
232
cpu: 2
233
disk: 20480
234
ram: 8192
235
name: medium-memory-8GB
236
- cloud_properties:
237
cpu: 4
238
disk: 20480
239
ram: 8192
240
name: large
241
- cloud_properties:
242
cpu: 8
243
disk: 20480
244
ram: 16384
245
name: xlarge
246
- cloud_properties:
247
cpu: 2
248
disk: 51200
249
ram: 4096
250
name: small-50GB
251
- cloud_properties:
252
cpu: 2
253
disk: 51200
254
ram: 4096
255
name: small-50GB-ephemeral-disk
256
- cloud_properties:
257
cpu: 4
258
disk: 102400
259
ram: 8192
260
name: small-100GB-ephemeral-disk
261
- cloud_properties:
262
cpu: 4
263
disk: 102400
264
ram: 8192
265
name: small-highmem-100GB-ephemeral-disk
266
- cloud_properties:
267
cpu: 8
268
disk: 20480
269
ram: 16384
270
name: small-highmem-16GB
271
- cloud_properties:
272
cpu: 1
273
disk: 4096
274
ram: 2048
275
name: caas_small
276
- cloud_properties:
277
cpu: 1
278
disk: 4096
279
ram: 1024
280
name: caas_small_api
281
- cloud_properties:
282
cpu: 1
283
disk: 4096
284
ram: 4096
285
name: caas_medium
286
- cloud_properties:
287
cpu: 1
288
disk: 4096
289
ram: 256
290
name: service_tiny
291
- cloud_properties:
292
cpu: 1
293
disk: 4096
294
ram: 512
295
name: service_small
296
- cloud_properties:
297
cpu: 1
298
disk: 4096
299
ram: 1024
300
name: service_medium
301
- cloud_properties:
302
cpu: 1
303
disk: 4096
304
ram: 2048
305
name: service_medium_1CPU_2G
306
- cloud_properties:
307
cpu: 2
308
disk: 8192
309
ram: 4096
310
name: service_medium_4G
311
- cloud_properties:
312
cpu: 2
313
disk: 10240
314
ram: 2048
315
name: service_medium_2G
316
- cloud_properties:
317
cpu: 1
318
disk: 4096
319
ram: 256
320
name: portal_tiny
321
- cloud_properties:
322
cpu: 1
323
disk: 4096
324
ram: 512
325
name: portal_small
326
- cloud_properties:
327
cpu: 1
328
disk: 4096
329
ram: 1024
330
name: portal_medium
331
- cloud_properties:
332
cpu: 1
333
disk: 4096
334
ram: 2048
335
name: portal_large
336
337
Succeeded
Copied!
  • Deployment 를 하기 전에 remove-all-addons.sh 을 환경에 맞게 수정한다.
1
$ cd ~/workspace/paasta-4.0/deployment/service-deployment/paasta-container-service-2.0
2
$ vi remove-all-addons.sh
3
4
5
#!/bin/bash
6
7
director_name='micro-bosh'
8
9
bosh -e ${director_name} update-runtime-config manifests/ops-files/paasta-container-service/remove-all-addons.yml
Copied!
  • Deployment YAML에서 사용하는 변수들을 서버 환경에 맞게 수정한다.
vSphere용
1
$ cd ~/workspace/paasta-4.0/deployment/service-deployment/paasta-container-service-2.0
2
$ vi ./manifests/paasta-container-service-vsphere-vars.yml
3
4
# INCEPTION OS USER NAME
5
inception_os_user_name: "inception"
6
7
# RELEASE
8
caas_projects_release_name: "paasta-container-service-projects-release"
9
caas_projects_release_version: "1.0"
10
11
# IAAS
12
vcenter_master_user: "<VCENTER_MASTER_USER>"
13
vcenter_master_password: "<VCENTER_MASTER_PASSWORD>"
14
vcenter_ip: "<VCENTER_IP>"
15
vcenter_dc: "<VCENTER_DC>"
16
vcenter_ds: "<VCENTER_DS>"
17
vcenter_vms: "<VCENTER_VMS>"
18
19
# STEMCELL
20
stemcell_os: "ubuntu-trusty"
21
stemcell_version: "3586.26"
22
stemcell_alias: "trusty"
23
24
# VM_TYPE
25
vm_type_small: "small"
26
vm_type_small_highmem_16GB: "small-highmem-16GB"
27
vm_type_caas_small: "caas_small"
28
vm_type_caas_small_api: "caas_small_api"
29
30
# NETWORK
31
service_private_networks_name: "service_private"
32
service_public_networks_name: "service_public"
33
34
# IPS
35
caas_master_public_url: "115.68.47.178" # CAAS-MASTER-PUBLIC-URL
36
haproxy_public_url: "115.68.47.179" # HAPROXY-PUBLIC-IPS
37
38
# CREDHUB
39
credhub_server_url: "10.30.40.111:8844" # Bosh credhub server URL
40
credhub_admin_client_secret: "<CREDHUB_ADMIN_CLIENT_SECRET>"
41
42
# CF
43
cf_uaa_oauth_uri: "https://uaa.<DOMAIN>"
44
cf_api_url: "https://api.<DOMAIN>"
45
cf_uaa_oauth_client_id: "<CF_UAA_OAUTH_CLIENT_ID>"
46
cf_uaa_oauth_client_secret: "<CF_UAA_OAUTH_CLIENT_SECRET>"
47
48
# HAPROXY
49
haproxy_http_port: 8080
50
haproxy_azs: [z1]
51
52
# MARIADB
53
mariadb_port: "<MARIADB_PORT>"
54
mariadb_azs: [z2]
55
mariadb_persistent_disk_type: "10GB"
56
mariadb_admin_user_id: "<MARIADB_ADMIN_USER_ID>"
57
mariadb_admin_user_password: "<MARIADB_ADMIN_USER_PASSWORD>"
58
mariadb_role_set_administrator_code_name: "Administrator"
59
mariadb_role_set_administrator_code: "RS0001"
60
mariadb_role_set_regular_user_code_name: "Regular User"
61
mariadb_role_set_regular_user_code: "RS0002"
62
mariadb_role_set_init_user_code_name: "Init User"
63
mariadb_role_set_init_user_code: "RS0003"
64
65
# DASHBOARD
66
caas_dashboard_instances: 1
67
caas_dashboard_port: 8091
68
caas_dashboard_azs: [z3]
69
caas_dashboard_management_security_enabled: false
70
caas_dashboard_logging_level: "INFO"
71
72
# API
73
caas_api_instances: 1
74
caas_api_port: 3333
75
caas_api_azs: [z1]
76
caas_api_management_security_enabled: false
77
caas_api_logging_level: "INFO"
78
79
# COMMON API
80
caas_common_api_instances: 1
81
caas_common_api_port: 3334
82
caas_common_api_azs: [z2]
83
caas_common_api_logging_level: "INFO"
84
85
# SERVICE BROKER
86
caas_service_broker_instances: 1
87
caas_service_broker_port: 8888
88
caas_service_broker_azs: [z3]
89
90
# ADDON
91
caas_apply_addons_azs: [z1]
92
93
# MASTER
94
caas_master_backend_port: 8443
95
caas_master_port: 8443
96
caas_master_azs: [z2]
97
caas_master_persistent_disk_type: 5120
98
99
# WORKER
100
caas_worker_instances: 3
101
caas_worker_azs: [z1,z2,z3]
Copied!
AWS용
1
$ cd ~/workspace/paasta-4.0/deployment/service-deployment/paasta-container-service-2.0
2
$ vi ./manifests/paasta-container-service-aws-vars.yml
3
4
# INCEPTION OS USER NAME
5
inception_os_user_name: "ubuntu"
6
7
# RELEASE
8
caas_projects_release_name: "paasta-container-service-projects-release"
9
caas_projects_release_version: "1.0"
10
11
# IAAS
12
aws_access_key_id_master: '<AWS_ACCESS_KEY_ID_MASTER>'
13
aws_secret_access_key_master: '<AWS_SECRET_ACCESS_KEY_MASTER>'
14
aws_access_key_id_worker: '<AWS_ACCESS_KEY_ID_WORKER>'
15
aws_secret_access_key_worker: '<AWS_SECRET_ACCESS_KEY_WORKER>'
16
kubernetes_cluster_tag: 'kubernetes' # Do not update!
17
18
# STEMCELL
19
stemcell_os: "ubuntu-trusty"
20
stemcell_version: "3586.26"
21
stemcell_alias: "trusty"
22
23
# VM_TYPE
24
vm_type_small: "caas_small"
25
vm_type_small_highmem_16GB: "caas_small_highmem"
26
vm_type_caas_small: "small"
27
vm_type_caas_small_api: "minimal"
28
29
# NETWORK
30
service_private_nat_networks_name: "default"
31
service_private_networks_name: "service_private"
32
service_public_networks_name: "service_public"
33
34
# IPS
35
caas_master_public_url: "52.78.21.76" # CAAS-MASTER-PUBLIC-URL
36
haproxy_public_url: "54.180.13.40" # HAPROXY-PUBLIC-IPS
37
38
# CREDHUB
39
credhub_server_url: "10.0.1.6:8844" # Bosh credhub server URL
40
credhub_admin_client_secret: "<CREDHUB_ADMIN_CLIENT_SECRET>"
41
42
# CF
43
cf_uaa_oauth_uri: "https://uaa.<DOMAIN>"
44
cf_api_url: "https://api.<DOMAIN>"
45
cf_uaa_oauth_client_id: "<CF_UAA_OAUTH_CLIENT_ID>"
46
cf_uaa_oauth_client_secret: "<CF_UAA_OAUTH_CLIENT_SECRET>"
47
48
# HAPROXY
49
haproxy_http_port: 8080
50
haproxy_azs: [z1]
51
52
# MARIADB
53
mariadb_port: "<MARIADB_PORT>"
54
mariadb_azs: [z2]
55
mariadb_persistent_disk_type: "10GB"
56
mariadb_admin_user_id: "<MARIADB_ADMIN_USER_ID>"
57
mariadb_admin_user_password: "<MARIADB_ADMIN_USER_PASSWORD>"
58
mariadb_role_set_administrator_code_name: "Administrator"
59
mariadb_role_set_administrator_code: "RS0001"
60
mariadb_role_set_regular_user_code_name: "Regular User"
61
mariadb_role_set_regular_user_code: "RS0002"
62
mariadb_role_set_init_user_code_name: "Init User"
63
mariadb_role_set_init_user_code: "RS0003"
64
65
# DASHBOARD
66
caas_dashboard_instances: 1
67
caas_dashboard_port: 8091
68
caas_dashboard_azs: [z3]
69
caas_dashboard_management_security_enabled: false
70
caas_dashboard_logging_level: "INFO"
71
72
# API
73
caas_api_instances: 1
74
caas_api_port: 3333
75
caas_api_azs: [z1]
76
caas_api_management_security_enabled: false
77
caas_api_logging_level: "INFO"
78
79
# COMMON API
80
caas_common_api_instances: 1
81
caas_common_api_port: 3334
82
caas_common_api_azs: [z2]
83
caas_common_api_logging_level: "INFO"
84
85
# SERVICE BROKER
86
caas_service_broker_instances: 1
87
caas_service_broker_port: 8888
88
caas_service_broker_azs: [z3]
89
90
# ADDON
91
caas_apply_addons_azs: [z1]
92
93
# MASTER
94
caas_master_backend_port: 8443
95
caas_master_port: 8443
96
caas_master_azs: [z2]
97
caas_master_persistent_disk_type: 5120
98
99
# WORKER
100
caas_worker_instances: 3
101
caas_worker_azs: [z1,z2,z3]
Copied!
OpenStack용
1
$ cd ~/workspace/paasta-4.0/deployment/service-deployment/paasta-container-service-2.0
2
$ vi ./manifests/paasta-container-service-openstack-vars.yml
3
4
# INCEPTION OS USER NAME
5
inception_os_user_name: "ubuntu"
6
7
# RELEASE
8
caas_projects_release_name: "paasta-container-service-projects-release"
9
caas_projects_release_version: "1.0"
10
11
# IAAS
12
auth_url: 'http://<IAAS-IP>:5000/v3'
13
openstack_domain: '<OPENSTACK_DOMAIN>'
14
openstack_username: '<OPENSTACK_USERNAME>'
15
openstack_password: '<OPENSTACK_PASSWORD>'
16
openstack_project_id: '<OPENSTACK_PROJECT_ID>'
17
region: '<OPENSTACK_REGION>'
18
ignore-volume-az: true
19
20
# STEMCELL
21
stemcell_os: "ubuntu-trusty"
22
stemcell_version: "3586.26"
23
stemcell_alias: "trusty"
24
25
# VM_TYPE
26
vm_type_small: "small"
27
vm_type_small_highmem_16GB: "small-highmem-16GB"
28
vm_type_caas_small: "small"
29
vm_type_caas_small_api: "minimal"
30
31
# NETWORK
32
service_private_networks_name: "default"
33
service_public_networks_name: "vip"
34
35
# IPS
36
caas_master_public_url: "115.68.151.178" # CAAS-MASTER-PUBLIC-URL
37
haproxy_public_url: "115.68.151.177" # HAPROXY-PUBLIC-IPS
38
39
# CREDHUB
40
credhub_server_url: "10.20.0.7:8844" # Bosh credhub server URL
41
credhub_admin_client_secret: "<CREDHUB_ADMIN_CLIENT_SECRET>"
42
43
# CF
44
cf_uaa_oauth_uri: "https://uaa.<DOMAIN>"
45
cf_api_url: "https://api.<DOMAIN>"
46
cf_uaa_oauth_client_id: "<CF_UAA_OAUTH_CLIENT_ID>"
47
cf_uaa_oauth_client_secret: "<CF_UAA_OAUTH_CLIENT_SECRET>"
48
49
# HAPROXY
50
haproxy_http_port: 8080
51
haproxy_azs: [z1]
52
53
# MARIADB
54
mariadb_port: "<MARIADB_PORT>"
55
mariadb_azs: [z2]
56
mariadb_persistent_disk_type: "10GB"
57
mariadb_admin_user_id: "<MARIADB_ADMIN_USER_ID>"
58
mariadb_admin_user_password: "<MARIADB_ADMIN_USER_PASSWORD>"
59
mariadb_role_set_administrator_code_name: "Administrator"
60
mariadb_role_set_administrator_code: "RS0001"
61
mariadb_role_set_regular_user_code_name: "Regular User"
62
mariadb_role_set_regular_user_code: "RS0002"
63
mariadb_role_set_init_user_code_name: "Init User"
64
mariadb_role_set_init_user_code: "RS0003"
65
66
# DASHBOARD
67
caas_dashboard_instances: 1
68
caas_dashboard_port: 8091
69
caas_dashboard_azs: [z3]
70
caas_dashboard_management_security_enabled: false
71
caas_dashboard_logging_level: "INFO"
72
73
# API
74
caas_api_instances: 1
75
caas_api_port: 3333
76
caas_api_azs: [z1]
77
caas_api_management_security_enabled: false
78
caas_api_logging_level: "INFO"
79
80
# COMMON API
81
caas_common_api_instances: 1
82
caas_common_api_port: 3334
83
caas_common_api_azs: [z2]
84
caas_common_api_logging_level: "INFO"
85
86
# SERVICE BROKER
87
caas_service_broker_instances: 1
88
caas_service_broker_port: 8888
89
caas_service_broker_azs: [z3]
90
91
# ADDON
92
caas_apply_addons_azs: [z1]
93
94
# MASTER
95
caas_master_backend_port: 8443
96
caas_master_port: 8443
97
caas_master_azs: [z2]
98
caas_master_persistent_disk_type: 5120
99
100
# WORKER
101
caas_worker_instances: 3
102
caas_worker_azs: [z1,z2,z3]
Copied!
  • Deploy 스크립트 파일을 서버 환경에 맞게 수정한다.
    • vSphere : deploy_vsphere.sh
    • AWS : deploy_aws.sh
    • OpenStack : deploy_openstack.sh
1
$ cd ~/workspace/paasta-4.0/deployment/service-deployment/paasta-container-service-2.0
2
$ vi deploy-vsphere.sh
3
4
#!/bin/bash
5
6
# SET VARIABLES
7
export CAAS_DEPLOYMENT_NAME='paasta-container-service'
8
export CAAS_BOSH2_NAME='micro-bosh'
9
export CAAS_BOSH2_UUID=`bosh int <(bosh -e ${CAAS_BOSH2_NAME} environment --json) --path=/Tables/0/Rows/0/uuid`
10
11
# DEPLOY
12
bosh -e ${CAAS_BOSH2_NAME} -n -d ${CAAS_DEPLOYMENT_NAME} deploy --no-redact manifests/paasta-container-service-deployment.yml \
13
-l manifests/paasta-container-service-vsphere-vars.yml \
14
-o manifests/ops-files/paasta-container-service/vsphere-network.yml \
15
-o manifests/ops-files/paasta-container-service/use-compiled-releases.yml \
16
-o manifests/ops-files/iaas/vsphere/cloud-provider.yml \
17
-o manifests/ops-files/iaas/vsphere/set-working-dir-no-rp.yml \
18
-o manifests/ops-files/rename.yml \
19
-o manifests/ops-files/misc/single-master.yml \
20
-o manifests/ops-files/misc/first-time-deploy.yml \
21
-v director_uuid=${CAAS_BOSH2_UUID} \
22
-v director_name=${CAAS_BOSH2_NAME} \
23
-v deployment_name=${CAAS_DEPLOYMENT_NAME}
Copied!
※ Private Image Repository 를 사용할 경우
1
* 각 IaaS 환경에 따라 아래 명령어를 추가한다.
2
3
> vSphere
4
manifests/ops-files/paasta-container-service/add-private-image-repository-vsphere.yml
5
6
> AWS
7
manifests/ops-files/paasta-container-service/add-private-image-repository-aws.yml
8
9
> OpenStack
10
manifests/ops-files/paasta-container-service/add-private-image-repository-openstack.yml
Copied!
  • Container 서비스팩을 배포한다.
1
$ cd ~/workspace/paasta-4.0/deployment/service-deployment/paasta-container-service-2.0
2
$ ./remove-all-addons.sh
3
$ ./deploy-vsphere.sh
4
5
Using environment '10.30.40.111' as user 'admin' (openid, bosh.admin)
6
7
Using deployment 'paasta-container-service'
8
9
######################################################### 100.00% 11.43 KiB/s 0s
10
Task 62603
11
12
############################################################ 100.00% 38.92 KiB/s
13
Task 62603 | 01:19:56 | Verifying manifest: Verifying manifest (00:00:00)
14
############################################################ 100.00% 15.33 KiB/sencies (00:00:01)
15
Task 62603 | 01:19:57 | Processing 3 existing packages: Processing 3 existing packages (00:00:00)
16
######################################################### 100.00% 12.16 KiB/s 0s00:00:00)
17
18
########################################################### 100.00% 139.06 KiB/s
19
Task 62603 | 01:19:57 | Release has been created: cfcr-etcd/1.3 (00:00:00)
20
21
Task 62603 Started Tue Nov 13 01:19:56 UTC 2018
22
Task 62603 Finished Tue Nov 13 01:19:57 UTC 2018
23
Task 62603 Duration 00:00:01
24
Task 62603 done
25
############################################################ 100.00% 69.59 KiB/s
26
Task 62604 | 01:19:57 | Extracting release: Extracting release (00:00:01)
27
Task 62604 | 01:19:58 | Verifying manifest: Verifying manifest (00:00:00)
28
######################################################### 100.00% 56.67 KiB/s 0sencies
29
30
Task 62605
31
Task 62604 | 01:19:58 | Resolving package dependencies: Resolving package dependencies (00:00:00)
32
Task 62604 | 01:19:58 | Processing 4 existing packages: Processing 4 existing packages (00:00:00)
33
Task 62604 | 01:19:58 | Processing 2 existing jobs: Processing 2 existing jobs (00:00:00)
34
Task 62604 | 01:19:58 | Release has been created: bpm/0.6.0 (00:00:00)
35
36
Task 62604 Started Tue Nov 13 01:19:57 UTC 2018
37
Task 62604 Finished Tue Nov 13 01:19:58 UTC 2018
38
Task 62604 Duration 00:00:01
39
Task 62604 done
40
41
Task 62605 | 01:19:59 | Extracting release: Extracting release (00:00:00)
42
Task 62605 | 01:19:59 | Verifying manifest: Verifying manifest (00:00:00)
43
Task 62605 | 01:19:59 | Resolving package dependencies: Resolving package dependencies (00:00:00)
44
Task 62605 | 01:19:59 | Processing 7 existing packages: Processing 7 existing packages (00:00:00)
45
Task 62605 | 01:19:59 | Processing 6 existing jobs: Processing 6 existing jobs (00:00:00)
46
Task 62605 | 01:19:59 | Release has been created: docker/32.0.0 (00:00:00)
47
48
Task 62605 Started Tue Nov 13 01:19:59 UTC 2018
49
Task 62605 Finished Tue Nov 13 01:19:59 UTC 2018
50
Task 62605 Duration 00:00:00
51
Task 62605 done
52
######################################################## 100.00% 267.40 KiB/s 0s
53
54
Task 62606
55
56
Task 62606 | 01:20:01 | Extracting release: Extracting release (00:00:00)
57
Task 62606 | 01:20:01 | Verifying manifest: Verifying manifest (00:00:00)
58
Task 62606 | 01:20:01 | Resolving package dependencies: Resolving package dependencies (00:00:00)
59
Task 62606 | 01:20:02 | Processing 6 existing packages: Processing 6 existing packages (00:00:00)
60
Task 62606 | 01:20:02 | Processing 4 existing jobs: Processing 4 existing jobs (00:00:00)
61
Task 62606 | 01:20:02 | Release has been created: bosh-dns/1.5.0 (00:00:00)
62
63
Task 62606 Started Tue Nov 13 01:20:01 UTC 2018
64
Task 62606 Finished Tue Nov 13 01:20:02 UTC 2018
65
Task 62606 Duration 00:00:01
66
Task 62606 done
67
######################################################## 100.00% 243.99 KiB/s 0s
68
69
Task 62607
70
71
Task 62607 | 01:20:07 | Extracting release: Extracting release (00:00:00)
72
Task 62607 | 01:20:07 | Verifying manifest: Verifying manifest (00:00:00)
73
Task 62607 | 01:20:07 | Resolving package dependencies: Resolving package dependencies (00:00:00)
74
Task 62607 | 01:20:07 | Processing 12 existing packages: Processing 12 existing packages (00:00:01)
75
Task 62607 | 01:20:08 | Processing 15 existing jobs: Processing 15 existing jobs (00:00:00)
76
Task 62607 | 01:20:08 | Release has been created: kubo/0.19.0 (00:00:00)
77
78
Task 62607 Started Tue Nov 13 01:20:07 UTC 2018
79
Task 62607 Finished Tue Nov 13 01:20:08 UTC 2018
80
Task 62607 Duration 00:00:01
81
Task 62607 done
82
######################################################## 100.00% 168.53 KiB/s 0s
83
84
Task 62608
85
86
Task 62608 | 01:20:14 | Extracting release: Extracting release (00:00:00)
87
Task 62608 | 01:20:14 | Verifying manifest: Verifying manifest (00:00:00)
88
Task 62608 | 01:20:14 | Resolving package dependencies: Resolving package dependencies (00:00:00)
89
Task 62608 | 01:20:14 | Processing 8 existing packages: Processing 8 existing packages (00:00:00)
90
Task 62608 | 01:20:14 | Processing 6 existing jobs: Processing 6 existing jobs (00:00:00)
91
Task 62608 | 01:20:14 | Release has been created: paasta-container-service-projects-release/1.0 (00:00:00)
92
93
Task 62608 Started Tue Nov 13 01:20:14 UTC 2018
94
Task 62608 Finished Tue Nov 13 01:20:14 UTC 2018
95
Task 62608 Duration 00:00:00
96
Task 62608 done
97
+ azs:
98
+ - cloud_properties:
99
+ datacenters:
100
+ - clusters:
101
+ - BD-HA:
102
+ resource_pool: CF_BOSH2_Pool
103
+ name: BD-HA
104
+ name: z1
105
+ - cloud_properties:
106
+ datacenters:
107
+ - clusters:
108
+ - BD-HA:
109
+ resource_pool: CF_BOSH2_Pool
110
+ name: BD-HA
111
+ name: z2
112
+ - cloud_properties:
113
+ datacenters:
114
+ - clusters:
115
+ - BD-HA:
116
+ resource_pool: CF_BOSH2_Pool
117
+ name: BD-HA
118
+ name: z3
119
+ - cloud_properties:
120
+ datacenters:
121
+ - clusters:
122
+ - BD-HA:
123
+ resource_pool: CF_BOSH2_Pool
124
+ name: BD-HA
125
+ name: z4
126
+ - cloud_properties:
127
+ datacenters:
128
+ - clusters:
129
+ - BD-HA:
130
+ resource_pool: CF_BOSH2_Pool
131
+ name: BD-HA
132
+ name: z5
133
+ - cloud_properties:
134
+ datacenters:
135
+ - clusters:
136
+ - BD-HA:
137
+ resource_pool: CF_BOSH2_Pool
138
+ name: BD-HA
139
+ name: z6
140
141
+ vm_types:
142
+ - cloud_properties:
143
+ cpu: 1
144
+ disk: 8192
145
+ ram: 1024
146
+ name: minimal
147
+ - cloud_properties:
148
+ cpu: 1
149
+ disk: 10240
150
+ ram: 2048
151
+ name: default
152
+ - cloud_properties:
153
+ cpu: 1
154
+ disk: 30720
155
+ ram: 4096
156
+ name: small
157
+ - cloud_properties:
158
+ cpu: 2
159
+ disk: 20480
160
+ ram: 4096
161
+ name: medium
162
+ - cloud_properties:
163
+ cpu: 2
164
+ disk: 20480
165
+ ram: 8192
166
+ name: medium-memory-8GB
167
+ - cloud_properties:
168
+ cpu: 4
169
+ disk: 20480
170
+ ram: 8192
171
+ name: large
172
+ - cloud_properties:
173
+ cpu: 8
174
+ disk: 20480
175
+ ram: 16384
176
+ name: xlarge
177
+ - cloud_properties:
178
+ cpu: 2
179
+ disk: 51200
180
+ ram: 4096
181
+ name: small-50GB
182
+ - cloud_properties:
183
+ cpu: 2
184
+ disk: 51200
185
+ ram: 4096
186
+ name: small-50GB-ephemeral-disk
187
+ - cloud_properties:
188
+ cpu: 4
189
+ disk: 102400
190
+ ram: 8192
191
+ name: small-100GB-ephemeral-disk
192
+ - cloud_properties:
193
+ cpu: 4
194
+ disk: 102400
195
+ ram: 8192
196
+ name: small-highmem-100GB-ephemeral-disk
197
+ - cloud_properties:
198
+ cpu: 8
199
+ disk: 20480
200
+ ram: 16384
201
+ name: small-highmem-16GB
202
+ - cloud_properties:
203
+ cpu: 1
204
+ disk: 4096
205
+ ram: 2048
206
+ name: caas_small
207
+ - cloud_properties:
208
+ cpu: 1
209
+ disk: 4096
210
+ ram: 1024
211
+ name: caas_small_api
212
+ - cloud_properties:
213
+ cpu: 1
214
+ disk: 4096
215
+ ram: 4096
216
+ name: caas_medium
217
+ - cloud_properties:
218
+ cpu: 1
219
+ disk: 4096
220
+ ram: 256
221
+ name: service_tiny
222
+ - cloud_properties:
223
+ cpu: 1
224
+ disk: 4096
225
+ ram: 512
226
+ name: service_small
227
+ - cloud_properties:
228
+ cpu: 1
229
+ disk: 4096
230
+ ram: 1024
231
+ name: service_medium
232
+ - cloud_properties:
233
+ cpu: 1
234
+ disk: 4096
235
+ ram: 2048
236
+ name: service_medium_1CPU_2G
237
+ - cloud_properties:
238
+ cpu: 2
239
+ disk: 8192
240
+ ram: 4096
241
+ name: service_medium_4G
242
+ - cloud_properties:
243
+ cpu: 2
244
+ disk: 10240
245
+ ram: 2048
246
+ name: service_medium_2G
247
+ - cloud_properties:
248
+ cpu: 1
249
+ disk: 4096
250
+ ram: 256
251
+ name: portal_tiny
252
+ - cloud_properties:
253
+ cpu: 1
254
+ disk: 4096
255
+ ram: 512
256
+ name: portal_small
257
+ - cloud_properties:
258
+ cpu: 1
259
+ disk: 4096
260
+ ram: 1024
261
+ name: portal_medium
262
+ - cloud_properties:
263
+ cpu: 1
264
+ disk: 4096
265
+ ram: 2048
266
+ name: portal_large
267
268
+ vm_extensions:
269
+ - cloud_properties:
270
+ ports:
271
+ - host: <CLOUD_PROPERTY_PORT_OF_HOST>
272
+ name: mysql-proxy-lb
273
+ - name: cf-router-network-properties
274
+ - name: cf-tcp-router-network-properties
275
+ - name: diego-ssh-proxy-network-properties
276
+ - name: cf-haproxy-network-properties
277
+ - cloud_properties:
278
+ disk: 51200
279
+ name: small-50GB
280
+ - cloud_properties:
281
+ disk: 102400
282
+ name: small-highmem-100GB
283
284
+ compilation:
285
+ az: z1
286
+ network: default
287
+ reuse_compilation_vms: true
288
+ vm_type: large
289
+ workers: 5
290
291
+ networks:
292
+ - name: default
293
+ subnets:
294
+ - azs:
295
+ - z1
296
+ - z2
297
+ - z3
298
+ - z4
299
+ - z5
300
+ - z6
301
+ cloud_properties:
302
+ name: Internal
303
+ dns:
304
+ - 8.8.8.8
305
+ gateway: 10.30.20.23
306
+ range: 10.30.0.0/16
307
+ reserved:
308
+ - 10.30.0.0 - 10.30.111.40
309
+ - name: public
310
+ subnets:
311
+ - azs:
312
+ - z1
313
+ - z2
314
+ - z3
315
+ - z4
316
+ - z5
317
+ - z6
318
+ cloud_properties:
319
+ name: External
320
+ dns:
321
+ - 8.8.8.8
322
+ gateway: 115.68.46.177
323
+ range: 115.68.46.176/28
324
+ reserved:
325
+ - 115.68.46.176 - 115.68.46.188
326
+ static:
327
+ - 115.68.46.189 - 115.68.46.190
328
+ type: manual
329
+ - name: service_private
330
+ subnets:
331
+ - azs:
332
+ - z1
333
+ - z2
334
+ - z3
335
+ - z4
336
+ - z5
337
+ - z6
338
+ cloud_properties:
339
+ name: Internal
340
+ dns:
341
+ - 8.8.8.8
342
+ gateway: 10.30.20.23
343
+ range: 10.30.0.0/16
344
+ reserved:
345
+ - 10.30.0.0 - 10.30.106.255
346
+ static:
347
+ - 10.30.107.1 - 10.30.107.255
348
+ - name: service_public
349
+ subnets:
350
+ - azs:
351
+ - z1
352
+ - z2
353
+ - z3
354
+ - z4
355
+ - z5
356
+ - z6
357
+ cloud_properties:
358
+ name: External
359
+ dns:
360
+ - 8.8.8.8
361
+ gateway: 115.68.47.161
362
+ range: 115.68.47.160/24
363
+ reserved:
364
+ - 115.68.47.161 - 115.68.47.174
365
+ static:
366
+ - 115.68.47.175 - 115.68.47.190
367
+ type: manual
368
+ - name: portal_service_public
369
+ subnets:
370
+ - azs:
371
+ - z1
372
+ - z2
373
+ - z3
374
+ - z4
375
+ - z5
376
+ - z6
377
+ cloud_properties:
378
+ name: External
379
+ dns:
380
+ - 8.8.8.8
381
+ gateway: 115.68.46.209
382
+ range: 115.68.46.208/28
383
+ reserved:
384
+ - 115.68.46.217 - 115.68.46.222
385
+ static:
386
+ - 115.68.46.214 - 115.68.46.216
387
+ type: manual
388
389
+ disk_types:
390
+ - disk_size: 1024
391
+ name: default
392
+ - disk_size: 1024
393
+ name: 1GB
394
+ - disk_size: 2048
395
+ name: 2GB
396
+ - disk_size: 4096
397
+ name: 4GB
398
+ - disk_size: 5120
399
+ name: 5GB
400
+ - disk_size: 8192
401
+ name: 8GB
402
+ - disk_size: 10240
403
+ name: 10GB
404
+ - disk_size: 20480
405
+ name: 20GB
406
+ - disk_size: 30720
407
+ name: 30GB
408
+ - disk_size: 51200
409
+ name: 50GB
410
+ - disk_size: 102400
411
+ name: 100GB
412
+ - disk_size: 1048576
413
+ name: 1TB
414
415
+ stemcells:
416
+ - alias: trusty
417
+ os: ubuntu-trusty
418
+ version: '3586.26'
419
420
+ releases:
421
+ - name: kubo
422
+ url: file://./releases/kubo-release.tgz
423
+ version: 0.19.0
424
+ - name: cfcr-etcd
425
+ sha1: 72a9753b08980229c73b623c4ddeea59a5afc96f
426
+ url: file://./releases/cfcr-etcd-release-1.3.tgz
427
+ version: '1.3'
428
+ - name: docker
429
+ sha1: f192296243e68150ae66656fc9134a2b2a023184
430
+ url: file://./releases/docker-32.0.0.tgz
431
+ version: 32.0.0
432
+ - name: bosh-dns
433
+ sha1: 66e74bb601b691ea4836f859c556de8a5c6c1264
434
+ url: file://./releases/bosh-dns-release-1.5.0.tgz
435
+ version: 1.5.0
436
+ - name: bpm
437
+ sha1: 4f0f239abdc801d71de9063625aa56e3c42634b5
438
+ url: file://./releases/bpm-release-0.6.0.tgz
439
+ version: 0.6.0
440
+ - name: paasta-container-service-projects-release
441
+ url: file://./releases/paasta-container-service-projects-release.tgz
442
+ version: '1.0'
443
444
+ update:
445
+ canaries: 1
446
+ canary_watch_time: 10000-300000
447
+ max_in_flight: 100%
448
+ update_watch_time: 10000-300000
449
450
+ addons:
451
+ - include:
452
+ stemcells:
453
+ - os: ubuntu-trusty
454
+ jobs:
455
+ - name: bosh-dns
456
+ properties:
457
+ api:
458
+ client:
459
+ tls: "((/dns_api_client_tls))"
460
+ server:
461
+ tls: "((/dns_api_server_tls))"
462
+ cache:
463
+ enabled: true
464
+ health:
465
+ client:
466
+ tls: "((/dns_healthcheck_client_tls))"
467
+ enabled: true
468
+ server:
469
+ tls: "((/dns_healthcheck_server_tls))"
470
+ release: bosh-dns
471
+ name: bosh-dns
472
+ - jobs:
473
+ - name: kubo-dns-aliases
474
+ release: kubo
475
+ name: bosh-dns-aliases
476
477
+ variables:
478
+ - name: kubo-admin-password
479
+ type: password
480
+ - name: kubelet-password
481
+ type: password
482
+ - name: kubelet-drain-password
483
+ type: password
484
+ - name: kube-proxy-password
485
+ type: password
486
+ - name: kube-controller-manager-password
487
+ type: password
488
+ - name: kube-scheduler-password
489
+ type: password
490
+ - name: route-sync-password
491
+ type: password
492
+ - name: kubo_ca
493
+ options:
494
+ common_name: ca
495
+ is_ca: true
496
+ type: certificate
497
+ - name: tls-kubelet
498
+ options:
499
+ alternative_names: []
500
+ ca: kubo_ca
501
+ common_name: kubelet.cfcr.internal
502
+ organization: system:nodes
503
+ type: certificate
504
+ - name: tls-kubelet-client
505
+ options:
506
+ ca: kubo_ca
507
+ common_name: kube-apiserver.cfcr.internal
508
+ extended_key_usage:
509
+ - client_auth
510
+ organization: system:masters
511
+ type: certificate
512
+ - name: tls-kubernetes
513
+ options:
514
+ alternative_names:
515
+ - 115.68.47.178
516
+ - 10.100.200.1
517
+ - kubernetes
518
+ - kubernetes.default
519
+ - kubernetes.default.svc
520
+ - kubernetes.default.svc.cluster.local
521
+ - master.cfcr.internal
522
+ ca: kubo_ca
523
+ common_name: master.cfcr.internal
524
+ organization: system:masters
525
+ type: certificate
526
+ - name: service-account-key
527
+ type: rsa
528
+ - name: tls-docker
529
+ options:
530
+ ca: kubo_ca
531
+ common_name: docker.cfcr.internal
532
+ type: certificate
533
+ - name: tls-etcd-v0-17-0
534
+ options:
535
+ ca: kubo_ca
536
+ common_name: "*.etcd.cfcr.internal"
537
+ extended_key_usage:
538
+ - client_auth
539
+ - server_auth
540
+ type: certificate
541
+ - name: tls-etcdctl
542
+ options:
543
+ ca: kubo_ca
544
+ common_name: etcdClient
545
+ extended_key_usage:
546
+ - client_auth
547
+ type: certificate
548
+ - name: tls-heapster
549
+ options:
550
+ alternative_names:
551
+ - heapster.kube-system.svc.cluster.local
552
+ ca: kubo_ca
553
+ common_name: heapster
554
+ type: certificate
555
+ - name: tls-influxdb
556
+ options:
557
+ alternative_names: []
558
+ ca: kubo_ca
559
+ common_name: monitoring-influxdb
560
+ type: certificate
561
+ - name: kubernetes-dashboard-ca
562
+ options:
563
+ common_name: ca
564
+ is_ca: true
565
+ type: certificate
566
+ - name: tls-kubernetes-dashboard