The bucc command line utility allows for easy bootstrapping of the BUCC stack (Bosh Uaa Credhub and Concourse). Which is the starting point for many deployments.
-
Install BOSH CLI v2.0.1+ and dependencies.
-
Optionally install
direnv
-
Clone this repository
git clone https://github.com/starkandwayne/bucc.git
cd bucc
source .envrc # if not using direnv
Choose your cpi:
bucc up --help
--cpi Cloud provider: [aws, virtualbox, gcp, docker-desktop, softlayer, openstack, azure, docker, vsphere]
--lite Created bosh will use the warden cpi with garden runc
--recreate Recreate VM in deployment, also when there are no changes
--debug Show arguments passed to 'bosh create-env'
--concourse-ca-certs
--concourse-lb
--concourse-syslog
--ldap
--oauth-providers
--proxy
Optional cpi specific flags:
aws: --auto-assign-public-ip --lb-target-groups --security-groups --spot-instance
virtualbox: --remote
gcp: --ephemeral-external-ip --service-account --target-pool
softlayer: --cpi-dynamic
openstack: --custom-ca --disk-az --dns --floating-ip --ignore-server-availability-zone --keystone-v2 --ntp --root-disk-size --trusted-certs
azure: --load-balancer --managed-disks
docker: --unix-sock
vsphere: --dns --resource-pool
From the repo root run:
$ bucc up --lite
To delete your VM run:
$ bucc down
By default, BUCC will generate self-signed certificates for all components. If you would like to add a true certificate for the Concourse web interface, follow these steps:
- Generate a certificate with the domain name you wish to use for Concourse. This is easily done with Let's Encrypt if you don't have another option.
- Add a variable to
vars.yml
file with the domain name you chose:concourse_domain: concourse.foo.com
- Add your certificate to
vars.yml
as follows:atc_ssl: ca: | -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- certificate: | -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- private_key: | -----BEGIN PRIVATE KEY----- ... -----END PRIVATE KEY-----
- Add the intermediate certificate to
vars.yml
as follows:concourse_ca_certs: | -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----
- Run bucc with the flags
--concourse-lb
and--concourse-ca-certs
$ source <(bucc env) # should not be necessary when using direnv
$ bosh alias-env bucc
Using environment '192.168.50.6' as client 'admin'
Name bosh
UUID 94e87b44-a7eb-4b67-a568-52553f87cd6e
Version 268.6.0 (00000000)
Director Stemcell ubuntu-xenial/170.9
CPI warden_cpi
Features compiled_package_cache: disabled
config_server: enabled
local_dns: enabled
power_dns: disabled
snapshots: disabled
User admin
Succeeded
$ bosh vms
Using environment '192.168.50.6' as client 'admin'
Succeeded
- Use UAA
$ bucc uaa
installing uaa cli '0.0.1' into: /Users/dcarter/fun/tryagain/bucc/bin/
Target set to https://192.168.50.6:8443
Access token successfully fetched and added to context.
$ uaa get-client admin
{
"client_id": "admin",
"scope": [
"uaa.none"
],
"resource_ids": [
"none"
],
"authorized_grant_types": [
"client_credentials"
],
"authorities": [
"bosh.admin"
],
"lastModified": 1549969159011 .
}
$ source <(bucc env) # should not be necessary when using direnv
$ bucc credhub
Setting the target url: https://192.168.50.6:8844
Login Successful
$ credhub api
https://192.168.50.6:8844
$ credhub generate -t password --name test
id: 63947a28-ee47-4d3c-9320-7972c70ec431
name: /test
type: password
value: <redacted>
version_created_at: "2019-02-10T13:35:06Z"
To get the login details for your concourse GUI run:
bucc info
$ bucc fly
logging in to team 'main'
target saved
Example fly commands:
fly -t bucc pipelines
fly -t bucc builds
$ fly -t bucc pipelines
name paused public
BUCC works with BBR.
To make a backup of your deployed BUCC vm, run:
bucc bbr backup
To recreate your environment from a backup run:
cd bucc
last_backup=$(find . -type d -regex ".+_.+Z" | sort -r | head -n1)
tar -xf ${last_backup}/bosh-0-bucc-creds.tar -C state
bucc up # clean BUCC with credentials (creds.yml) from backup
bucc bbr restore --artifact-path=${last_backup}
To use bucc in an offline environment run:
bucc offline --cpi virtualbox --lite --destination /tmp/offline
# copy /tmp/offline/bucc-*.tgz to your offline envrionment
tar -xf bucc-*.tgz && bucc
./bin/bucc up