Cloud Foundry service broker for Google Cloud Platform services
Go Shell HTML JavaScript
Permalink
Failed to load latest commit information.
auth initial commit Sep 21, 2016
brokerapi update dependencies and change dependency manager to glide. Jan 10, 2017
cmd/migrate initial commit Sep 21, 2016
db_service per Jeff's comments, sorting by an id I have direct control over and … Dec 21, 2016
examples/spring/awwvision Add awwvision spring boot example Dec 29, 2016
fakes migrations were not, in fact, idempotent, because using .First reorde… Dec 21, 2016
integration_tests small integration test fix Jan 10, 2017
product new tile build and changelog update for version 3.0.0 Jan 12, 2017
release/gcp-service-broker new tile build and changelog update for version 3.0.0 Jan 12, 2017
utils based on feedback from @wendorf and @johnsonj , renaming MergeCredent… Dec 6, 2016
vendor update dependencies and change dependency manager to glide. Jan 10, 2017
.cfignore added cfignore to cut down on the amount uploaded when using the serv… Nov 18, 2016
.envrc.template Add .envrc Nov 22, 2016
.gitignore Add .envrc Nov 22, 2016
AUTHORS initial commit Sep 21, 2016
CHANGELOG.md new tile build and changelog update for version 3.0.0 Jan 12, 2017
CONTRIBUTING update to contributing doc to clarify when new tile builds should happen Dec 21, 2016
LICENSE initial commit Sep 21, 2016
NOTICE adding notice file Oct 3, 2016
Procfile initial commit Sep 21, 2016
README.md updates to documentation. This fixes #68 fixes #71 fixes #44 fixes #55 Dec 12, 2016
gcp-service-broker update dependencies and change dependency manager to glide. Jan 10, 2017
gcp_logo.png initial develop commit, including tests, tile file, documentation, an… Sep 26, 2016
glide.lock update dependencies and change dependency manager to glide. Jan 10, 2017
glide.yaml update dependencies and change dependency manager to glide. Jan 10, 2017
manifest.yml temporarily fixing a recurring out of memory issue by upping the app … Sep 28, 2016
missing-properties.yml initial develop commit, including tests, tile file, documentation, an… Sep 26, 2016
server.go Move name_generator into a Singleton Nov 28, 2016
tile-history.yml new tile build and changelog update for version 3.0.0 Jan 12, 2017
tile.yml change org to system. This fixes #77 Jan 12, 2017

README.md

Cloud Foundry Service Broker for Google Cloud Platform

Depends on lager and gorilla/mux.

Requires go 1.6 and the associated buildpack

Prerequisites

Set up a GCP Project

  1. go to console.cloud.google.com and sign up, walking through the setup wizard
  2. next to the Google Cloud Platform logo in the upper left-hand corner, click the dropdown and select "Create Project"
  3. give your project a name and click "Create"
  4. when the project is created (a notification will show in the upper right), refresh the page.

Enable APIS

  1. Navigate to API Manager > Library.
  2. Enable the Google Cloud Resource Manager API
  3. Enable the Google Identity and Access Management (IAM) API
  4. If you want to enable Cloud SQL as a service, enable the Cloud SQL API
  5. If you want to enable BigQuery as a service, enable the BigQuery API
  6. If you want to enable Cloud Storage as a service, enable the Cloud Storage API
  7. If you want to enable Pub/Sub as a service, enable the Cloud Pub/Sub API

Create a root service account

  1. From the GCP console, navigate to IAM & Admin > Service accounts and click Create Service Account.
  2. Enter a Service account name.
  3. Select the checkbox to Furnish a new Private Key, and then click Create.
  4. Save the automatically downloaded key file to a secure location.
  5. Navigate to IAM & Admin > IAM and locate your service account.
  6. From the dropdown on the right, choose Project > Owner and click Save.

Set up a backing database

  1. create new MySQL instance
  2. run CREATE DATABASE servicebroker;
  3. run CREATE USER '<username>'@'%' IDENTIFIED BY '<password>';
  4. run GRANT ALL PRIVILEGES ON servicebroker.* TO '<username>'@'%' WITH GRANT OPTION;
  5. (optional) create ssl certs for the database and save them somewhere secure

Set required env vars - if deploying as an app, add these to missing-properties.yml

  • ROOT_SERVICE_ACCOUNT_JSON (the string version of the credentials file created for the Owner level Service Account)
  • SECURITY_USER_NAME (a username to sign all service broker requests with - the same one used in cf create-service-broker)
  • SECURITY_USER_PASSWORD (a password to sign all service broker requests with - the same one used in cf create-service-broker)
  • DB_HOST (the host for the database to back the service broker)
  • DB_USERNAME (the database username for the service broker to use)
  • DB_PASSWORD (the database password for the service broker to use)

optional env vars - if deploying as an app, optionally add these to missing-properties.yml

  • DB_PORT (defaults to 3306)
  • CA_CERT
  • CLIENT_CERT
  • CLIENT_KEY
  • CLOUDSQL_CUSTOM_PLANS (A map of plan names to string maps with fields guid, name, description, tier, pricing_plan, max_disk_size, display_name, and service (Cloud SQL's service id)) - if unset, the service will be disabled. e.g.
{
    "test_plan": {
        "name": "test_plan",
        "description": "testplan",
        "tier": "D8",
        "pricing_plan": "PER_USE",
        "max_disk_size": "15",
        "display_name": "FOOBAR",
        "service": "4bc59b9a-8520-409f-85da-1c7552315863"
    }
}

Usage

As an App

Update the manifest with ENV vars

  1. replace any blank variables that are in manifest.yml with your own ENV vars

Push the service broker to CF and enable services

  1. cf push gcp-service-broker
  2. cf create-service-broker
  3. (for all applicable services, e.g.) cf enable-service-access google-pubsub

As a Tile

Import the product into Ops Manager

  1. Click "Import a Product" and upload the .pivotal file from the product directory

Add the product to your Dashboard

  1. Click the plus icon next to the uploaded product

Configure the Service Broker

  1. Click on the tile and fill in any required fields (tabs will be orange if updates are needed)
  2. Once the tile is green and updates are applied, review the service/plan access and update if necessary using cf disable-service-access. By default, all services and plans are enabled except CloudSQL (unless plans have been saved for it). If you wish to change this, you'll need to use the cf cli's service-access commands.

(Optional) Increase the default provision/bind timeout

It is advisable, if you want to use CloudSQL, to increase the default timeout for provision and bind operations to 90 seconds. CloudFoundry does not, at this point in time, support asynchronous binding, and CloudSQL bind operations may exceed 60 seconds. To change this setting, set broker_client_timeout_seconds = 90

Use!

e.g. cf create-service pubsub default foobar e.g. cf bind-service myapp foobar -c '{"role": "pubsub.admin"}'

create-service calls take the following optional custom parameters, all as strings: bind-service calls require a role except for Cloud SQL

  • PubSub

    • Provison
      • topic_name (defaults to a generated value)
      • subscription_name
      • is_push (defaults to false, to set use "true")
      • endpoint (for when is_push == "true", defaults to nil)
      • ack_deadline (in seconds, defaults to 10, max 600)
    • Bind

      Example Binding credentials

      "credentials": {
           "Email": "redacted",
           "Name": "redacted",
           "PrivateKeyData": "redacted",
           "UniqueId": "redacted",
           "topic_name": "foobar",
           "subscription_name": "empty_if_not_set",
      }
      
  • Cloud Storage

  • BigQuery

    • Provison
      • name (defaults to a generated value)
    • Bind

      Example Binding credentials

      "credentials": {
           "Email": "redacted",
           "Name": "redacted",
           "PrivateKeyData": "redacted",
           "UniqueId": "redacted",
           "dataset_id": "foobar",
      }
      
  • CloudSQL

    • Provison
      • instance_name (defaults to a generated value)
      • database_name (defaults to a generated value)
      • version (defaults to 5.6)
      • disk_size in GB (only for 2nd gen, defaults to 10)
      • region (defaults to us-central)
      • zone (for 2nd gen)
      • disk_type (for 2nd gen, defaults to ssd)
      • failover_replica_name (only for 2nd gen, if specified creates a failover replica, defaults to "")
      • maintenance_window_day (for 2nd gen only, defaults to 1 (Sunday))
      • maintenance_window_hour (for 2nd gen only, defaults to 0)
      • backups_enabled (defaults to true, set to "false" to disable)
      • backup_start_time (defaults to 06:00)
      • binlog (defaults to false for 1st gen, true for 2nd gen, set to "true" to use)
      • activation_policy (defaults to on demand)
      • replication_type (defaults to synchronous)
      • auto_resize (2nd gen only, defaults to false, set to "true" to use)
    • Bind

      • username (defaults to a generated value)
      • password (defaults to a generated value)

      Example Binding credentials

      "credentials": {
           "CaCert": "-----BEGIN CERTIFICATE-----\nredacted\n-----END CERTIFICATE-----",
           "ClientCert": "-----BEGIN CERTIFICATE-----\nredacted\n-----END CERTIFICATE-----",
           "ClientKey": "-----BEGIN RSA PRIVATE KEY-----\redacted\n-----END RSA PRIVATE KEY-----",
           "Password": "unencoded-redacted",
           "Sha1Fingerprint": "redacted",
           "Username": "redacted",
           "database_name": "redacted",
           "host": "255.255.255.255",
           "instance_name": "redacted",
           "last_master_operation_id": "some-guid",
           "uri": "mysql://username:encodedpassword@host/databasename?ssl_mode=required"
      }
      
  • ML APIs

Change Notes

see https://github.com/GoogleCloudPlatform/gcp-service-broker/blob/master/CHANGELOG.md

Support

For functional issues with the service broker or feature requests, please file a github issue here:

https://github.com/GoogleCloudPlatform/gcp-service-broker/issues

They will be prioritized and updated here:

https://github.com/GoogleCloudPlatform/gcp-service-broker/projects/1

For discussions and updates, please subscribe to this group:

https://groups.google.com/forum/#!forum/gcp-service-broker

This is not an official Google product.