开源的PaaS方案：在OpenStack上部署CloudFoundry （三）部署BOSH

BOSH是CloudFoundry提供的用来安装部署和升级CloudFoundry的自动化工具，可是说是CloudFoundry的一部分。总体来说，BOSH是Client/Server结构, BOSH客户端称作BOSH CLI，BOSH服务器端由BOSH Director，NATS，HealthMonitor等组件组成， 详见http://docs.cloudfoundry.org/bosh/

完整的BOSH是一个分布式的环境，本文为了简化BOSH的安装，将BOSH所有的组件安装在一个虚拟机上，BOSH的这种部署方式称为MicroBOSH。

将描述如果在CentOS环境下部署BOSH客户端和在OpenStack环境上部署MicroBOSH工具。

3.1 安装ruby环境

3.1.1 作者使用rbenv来管理ruby，所以安装rbenv和ruby 环境 （如果rbenv已经安装完成或者使用rvm可跳过此步）

[python] view plaincopy

1. # rm -rf $HOME/.rbenv
2. # git clone https://github.com/sstephenson/rbenv.git $HOME/.rbenv
3. # git clone https://github.com/sstephenson/ruby-build.git $HOME/.rbenv/plugins/ruby-build
4. # echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile
5. # source ~/.bash_profile
6. # echo 'eval "$(rbenv init -)"' >> ~/.bash_profile
7. # source ~/.bash_profile
8. # rbenv install 1.9.3-p551
9. # rbenv global 1.9.3-p551

如果运行上述命令遇到 compile 问题 或者make 问题 比如 The Ruby openssl extension was not compiled. Missing the OpenSSL lib? 导致安装失败，

参看

https://github.com/sstephenson/ruby-build/wiki

运行相关安装命令

3.1.2 安装bosh客户端

1. rbenv rehash
2. gem sources --remove https://rubygems.org/ # 换淘宝镜像
3. gem sources -a https://ruby.taobao.org/
4. gem sources -l
5. gem update --system
6. gem install rake
7. gem pristine rake
8. gem install bundler
9. gem install nokogiri -- --use-system-libraries
10. gem install pg -- --use-system-libraries
11. gem install bosh_cli bosh_cli_plugin_micro --no-ri --no-rdoc

3.1.3 为安置MicroBosh和CloudFoundry配置SecurityGroup

(1) 创建BOSH security group，允许bosh访问

1. # nova secgroup-create bosh "security group for bosh access”
2. # nova secgroup-add-rule bosh udp 53 53 0.0.0.0/0
3. # nova secgroup-add-rule bosh tcp 4222 4222 0.0.0.0/0
4. # nova secgroup-add-rule bosh udp 68 68 0.0.0.0/0
5. # nova secgroup-add-rule bosh tcp 25555 25555 0.0.0.0/0
6. # nova secgroup-add-group-rule bosh bosh tcp 1 65535
7. # nova secgroup-add-rule bosh tcp 6868 6868 0.0.0.0/0
8. # nova secgroup-add-rule bosh tcp 53 53 0.0.0.0/0
9. # nova secgroup-add-rule bosh tcp 25250 25250 0.0.0.0/0
10. # nova secgroup-add-rule bosh tcp 25777 25777 0.0.0.0/0

(2) 创建security group， 允许SSH 访问

1. # nova secgroup-create ssh "security group for ssh access”
2. # nova secgroup-add-rule ssh icmp -1  -1  0.0.0.0/0
3. # nova secgroup-add-rule ssh tcp 22 22 0.0.0.0/0
4. # nova secgroup-add-rule ssh udp 68 68  0.0.0.0/0

(3) 创建Cloudfoundry内网security group

1. # nova secgroup-create cf-private "cf internal security group"
2. # nova secgroup-add-rule cf-private udp 68 68 0.0.0.0/0
3. # nova secgroup-add-rule cf-private udp 3456 3456 0.0.0.0/0
4. # nova secgroup-add-group-rule cf-private bosh tcp 1 65535

(4) 创建CloudFoundry外网访问security group

1. # nova secgroup-create cf-public "security group for cloudfoundry public access"
2. # nova secgroup-add-rule cf-public tcp 443 443 0.0.0.0/0
3. # nova secgroup-add-rule cf-public udp 68 68 0.0.0.0/0
4. # nova secgroup-add-rule cf-public tcp 80 80 0.0.0.0/0

3.2 部署MicroBosh

3.2.1 创建microbosh keypair

1. # nova keypair-add microbosh > microbosh.pem
2. # chmod 400 microbosh.pem

3.2.2 创建工作目录

1. # mkdir -p ~/bosh-workspace/deployments/microbosh
2. # cd ~/bosh-workspace/deployments/microbosh

3.2.3 为microbosh创建一个floating ip

1. #  nova floating-ip-create public
2. +--------------+-----------+----------+--------+
3. | Ip           | Server Id | Fixed Ip | Pool   |
4. +--------------+-----------+----------+--------+
5. | 172.24.4.229 |           | -        | public |
6. +--------------+-----------+----------+--------+

3.2.4 创建并且编辑部署描述文件microbosh.yml

---
name: microbosh-openstack

logging:
  level: DEBUG  

network:
  type: dynamic #内网ip的分配方式
  vip: 172.24.10.132 #外网浮动ip

resources:
  persistent_disk: 20000
  cloud_properties:
    instance_type: m1.small  

cloud:
  plugin: openstack
  properties:
    openstack:
      auth_url: http://172.24.10.128:5000/v2.0
      username: demo
      api_key: openstack
      tenant: demo
      default_security_groups: [bosh,ssh]
      default_key_name: demokey
      private_key: ~/bosh-workspace/deployments/demokey.pem  

apply_spec:
  properties:
    director:
      max_threads: 2
    hm:
      resurrector_enabled: true
    ntp:
      - time.asia.apple.com

下面简单介绍一下此部署文件的含义
* network 描述了Openstack中network的属性
在笔者的Openstack环境中，网络为openstack neutron network，所以在内网使用dhcp获取ip， 因此type为dynamic。cloud_properties中的net_id是可以使用dhcp获得ip的内网地址，此id可以使用neutron net-list得到

1. # neutron net-list
2. +--------------------------------------+---------+--------------------------------------------------+
3. | id                                   | name    | subnets                                          |
4. +--------------------------------------+---------+--------------------------------------------------+
5. | 0fbe7f27-e732-4954-9134-5486d7617727 | public  | 110583d9-a905-428a-a494-3c95e4a6bca6             |
6. | 9e5a6fd5-fa2e-48da-94ce-f85337bc2451 | private | 052030e6-626a-4a57-b8dc-b8ab239f419d 10.0.0.0/24 |
7. +--------------------------------------+---------+--------------------------------------------------+

为了能够从外网访问microbosh，我们需要为bosh director指定一个floating ip, bosh会自动把这个ip关联到bosh director

* resource描述了为micro bosh director分配多少资源，instance_type定义了此虚拟机的openstack flavor，persistent_disk定义了为此虚拟机挂接多大的永久磁盘

* cloud描述了如何访问openstack，其中大部分内容可以从安装产生的keystonerc_demo中找到，

1. # cat $HOME/keystonerc_demo
2. export OS_USERNAME=demo
3. export OS_TENANT_NAME=demo
4. export OS_PASSWORD=73b3b497ca3a42d1
5. export OS_AUTH_URL=http://<ip>:35357/v2.0/
6. export PS1='[\u@\h \W(keystone_demo)]\$ '

* apply_spec定义了Micro bosh得属性，这里面我们只需要修改一项，那就是时间服务器的地址<ntp server ip>, 例如修改为time.asia.apple.com

3.2.5 下载microbosh的虚拟机模板（stemcell）

(1) 由于GFW的缘故，把下面这句加到/etc/hosts中

54.231.244.8 s3.amazonaws.com

(2) 创建stemcell目录

1. # mkdir -p ~/bosh-workspace/stemcells
2. # cd ~/bosh-workspace/stemcells

(3) 下载micro bosh的stemcell

1. # bosh public stemcells | grep -i openstack
2. | bosh-stemcell-2427-openstack-kvm-ubuntu.tgz                     |
3. | bosh-stemcell-2624-openstack-kvm-centos.tgz                     |
4. | bosh-stemcell-2624-openstack-kvm-ubuntu-lucid.tgz               |
5. | bosh-stemcell-2749-openstack-kvm-centos-go_agent.tgz            |
6. | bosh-stemcell-2749-openstack-kvm-ubuntu-trusty-go_agent.tgz     |
7. | bosh-stemcell-2652-openstack-kvm-ubuntu-lucid-go_agent.tgz      |
8. | bosh-stemcell-2719.1-openstack-kvm-centos-go_agent.tgz          |
9. | bosh-stemcell-2719.1-openstack-kvm-ubuntu-trusty-go_agent.tgz   |
10. | bosh-stemcell-2719.2-openstack-kvm-centos-go_agent.tgz          |
11. | bosh-stemcell-2719.2-openstack-kvm-ubuntu-trusty-go_agent.tgz   |
12. | bosh-stemcell-2719.3-openstack-kvm-ubuntu-trusty-go_agent.tgz   |

1. # bosh download public stemcell bosh-stemcell-2652-openstack-kvm-ubuntu-lucid-go_agent.tgz

这个stemcell虽然不是最新版，但是笔者验证通过，更新版本的stemcell笔者没有尝试

(4) 部署Micro Bosh

*设置部署描述文件

1. # cd ~/bosh-workspace/deployments
2. # bosh micro deployment microbosh

* 部署Micro Bosh

1. # bosh micro deploy ~/bosh-workspace/stemcells/bosh-stemcell-2652-openstack-kvm-ubuntu-lucid-go_agent.tgz 执行这一句之后会报错错误信息如下

`/home/roger/.gem/ruby/gems/fog-aws-0.1.2/lib/fog/aws/auto_scaling.rb:4:in `<class:AutoScaling>': uninitialized constant Fog::AWS::CredentialFetcher (NameError)
from /home/roger/.gem/ruby/gems/fog-aws-0.1.2/lib/fog/aws/auto_scaling.rb:3:in `<module:AWS>'
from /home/roger/.gem/ruby/gems/fog-aws-0.1.2/lib/fog/aws/auto_scaling.rb:2:in `<module:Fog>'
from /home/roger/.gem/ruby/gems/fog-aws-0.1.2/lib/fog/aws/auto_scaling.rb:1:in `<top (required)>'
from /usr/share/rubygems/rubygems/core_ext/kernel_require.rb:73:in `require'
from /usr/share/rubygems/rubygems/core_ext/kernel_require.rb:73:in `require'
from /home/roger/.gem/ruby/gems/fog-1.27.0/lib/fog/aws.rb:2:in `<top (required)>'
from /usr/share/rubygems/rubygems/core_ext/kernel_require.rb:73:in `require'
from /usr/share/rubygems/rubygems/core_ext/kernel_require.rb:73:in `require'
from /home/roger/.gem/ruby/gems/fog-1.27.0/lib/fog.rb:23:in `<top (required)>'
from /usr/share/rubygems/rubygems/core_ext/kernel_require.rb:73:in `require'
from /usr/share/rubygems/rubygems/core_ext/kernel_require.rb:73:in `require'
from /home/roger/.gem/ruby/gems/bosh-registry-1.2922.0/lib/bosh/registry.rb:10:in `<top (required)>'
from /usr/share/rubygems/rubygems/core_ext/kernel_require.rb:73:in `require'
from /usr/share/rubygems/rubygems/core_ext/kernel_require.rb:73:in `require'
from /home/roger/.gem/ruby/gems/bosh-registry-1.2922.0/bin/bosh-registry:3:in `<top (required)>'
from /home/roger/bin/bosh-registry:23:in `load'
from /home/roger/bin/bosh-registry:23:in `<main>'
bosh-registry -c /tmp/d20150414-92091-1rc0vqs/bosh_registry_yml20150414- 92091-9n3izm` failed, exit status=1``

修改

/home/roger/.gem/ruby/gems/fog-aws-0.1.2/lib/fog/aws/auto_scaling.rb

在第一行之前加上如下语句

require_relative('.') 问题解决

(5) 验证Micro Bosh

1. # bosh target <microbosh ip address>

其中的microbosh ip address是预先申请的floating ip

(6) 使用ssh访问micro bosh

1. # ssh -i <path to microbosh private key> vcap@<microbosh ip>

4.默认的stemcell的账号root，密码是c1oudc0w

5.microBOSH的账号：vcap/c1oudc0w

参考文章 http://blog.csdn.net/mainGalaxy/article/details/41286445