The Open Service Broker API Server for Azure Services
Clone or download
carolynvs and jeremyrickard Tune service catalog install command for AKS (#619)
* Disable health checks by default to workaround Azure/AKS#417
* Lower logging threshold (from 10 to 2) so that the logs don't include
every successful HTTP request/response (which is what you get at 4 which
unfortunately is where Service Catalog logs its info messages).
Latest commit 818e28c Oct 17, 2018

README.md

Open Service Broker™ for Azure

CircleCI Go Report Card

Open Service Broker for Azure is the open source, Open Service Broker-compatible API server that provisions managed services in the Microsoft Azure public cloud.

Open Service Broker for Azure GIF

CLOUD FOUNDRY and OPEN SERVICE BROKER are trademarks of the CloudFoundry.org Foundation in the United States and other countries.

Supported Services

Stable Services

Preview Services

Experimental Services

Quickstarts

Go from "I have an Azure account that I have never used" to "I just deployed WordPress and know what OSBA means!"

  • The Minikube Quickstart walks through using the Open Service Broker for Azure to deploy WordPress on a local Minikube cluster.
  • The AKS Quickstart walks through using the Open Service Broker for Azure to deploy WordPress on an Azure Managed Kubernetes Cluster (AKS).

Got questions? Ran into trouble? Check out our Frequently Asked Questions.

Getting Started on Kubernetes

Installing

Prerequisites

You'll need a few prerequisites before you run these examples on Kubernetes. Instructions on how to install each prerequisite are linked below:

Service Catalog CLI

Once you've installed the prerequisites, you'll need the Service Catalog CLI, svcat, installed to introspect the Kubernetes cluster. Please refer to the CLI installation instructions for details on how to install it onto your machine.

Helm Chart

Use Helm to install Open Service Broker for Azure onto your Kubernetes cluster. Refer to the OSBA Helm chart for details on how to complete the installation.

OpenShift Project Template

Deploy OSBA using a OpenShift Project Template

  • You must have Service Catalog already installed on OpenShift in order for this to work

Create a new OpenShift project

oc new-project osba

Process the OpenShift Template

oc process -f https://raw.githubusercontent.com/Azure/open-service-broker-azure/master/contrib/openshift/osba-os-template.yaml  \
   -p ENVIRONMENT=AzurePublicCloud \
   -p AZURE_SUBSCRIPTION_ID=$AZURE_SUBSCRIPTION_ID \
   -p AZURE_TENANT_ID=$AZURE_TENANT_ID \
   -p AZURE_CLIENT_ID=$AZURE_CLIENT_ID \
   -p AZURE_CLIENT_SECRET=$AZURE_CLIENT_SECRET \
   | oc create -f -

Provisioning

With the Kubernetes Service Catalog software and Open Service Broker for Azure both installed on your Kubernetes cluster, try creating a ServiceInstance resource to see service provisioning in action.

The following will provision PostgreSQL on Azure:

$ kubectl create -f contrib/k8s/examples/postgresql/postgresql-instance.yaml

After the ServiceInstance resource is submitted, you can view its status:

$ svcat get instance example-postgresql-all-in-one-instance

You'll see output that includes a status indicating that asynchronous provisioning is ongoing. Eventually, that status will change to indicate that asynchronous provisioning is complete.

Binding

Upon provision success, bind to the instance:

$ kubectl create -f contrib/k8s/examples/postgresql/postgresql-binding.yaml

To check the status of the binding:

$ svcat get binding example-postgresql-all-in-one-binding

You'll see some output indicating that the binding was successful. Once it is, a secret named my-postgresql-secret will be written that contains the database connection details in it. You can observe that this secret exists and has been populated:

$ kubectl get secret example-postgresql-all-in-one-secret -o yaml

This secret can be used just as any other.

Unbinding

To unbind:

$ kubectl delete servicebinding my-postgresqldb-binding

Observe that the secret named my-postgresqldb-secret is also deleted:

$ kubectl get secret my-postgresqldb-secret
Error from server (NotFound): secrets "my-postgresqldb-secret" not found

Deprovisioning

To deprovision:

$ kubectl delete serviceinstance my-postgresqldb-instance

You can observe the status to see that asynchronous deprovisioning is ongoing:

$ svcat get instance my-postgresqldb-instance

Getting Started on Cloud Foundry

Installing

To deploy Open Service Broker for Azure to Cloud Foundry, please refer to the CloudFoundry installation documentation for instructions.

Provisioning

The following will create a Postgres service:

cf create-service azure-postgresql-9-6 basic50 mypostgresdb -c '{
  "location": "eastus",
  "resourceGroup": "test",
  "firewallRules" : [
      {
        "name": "AllowAll",
        "startIPAddress": "0.0.0.0",
        "endIPAddress" : "255.255.255.255"
      }
    ]
  }'

You can check the status of the service instance using the cf service command, which will show output similar to the following:

Service instance: mypostgresdb
Service: azure-postgresqldb
Bound apps:
Tags:
Plan: basic50
Description: Azure Database for PostgreSQL Service
Documentation url:
Dashboard:

Last Operation
Status: create in progress
Message: Creating server uf666164eb31.
Started: 2017-10-17T23:30:07Z
Updated: 2017-10-17T23:30:12Z

Binding

Once the service has been successfully provisioned, you can bind to it by using cf bind-service or by including it in a Cloud Foundry manifest.

cf bind-service myapp mypostgresdb

Once bound, the connection details for the service (such as its endpoint and authentication credentials) are available from the VCAP_SERVICES environment variable within the application. You can view the environment variables for a given application using the cf env command:

cf env myapp

Unbinding

To unbind a service from an application, use the cf unbind-service command:

cf unbind-service myapp mypostgresdb

Deprovisioning

To deprovision the service, use the cf delete-service command.

cf delete-service mypostgresdb

Getting started on Service Fabric

Please refer to the example for how to use Service Catalog with Service Fabric.

Contributing

For details on how to contribute to this project, please see contributing.md.

This project welcomes contributions and suggestions. All contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.