Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Gluon - BOSH, CF, & Kubernetes

Ever wished you could manage your BOSH deployments and Cloud Foundries from a Kubernetes control plane cluster? Gluon might be just the thing for you and your platform operations.

Watch the Introductory Video

Gluon Introductory Video

Installing Gluon on YOUR Kubernetes Cluster

All fired up? Ready to give Gluon a whirl on some Kubernets + IaaS that you control? Awesome. To get started, we're going to assume that you already have a Kubernetes cluster spun up somewhere, that you have the ability to kubectl ... against it, and that you have all the information you need to deploy a new BOSH director. If that last bit is a bit iffy, you can start with the docs for AWS, GCP, Azure, or ESX.

The first thing you'll need to do is install cert-manager. You can do this via Helm, or by applying raw Kubernetes resource specification YAMLs. We personally prefer the latter:

$ kubectl apply --validate=false -f

(from the cert-manager installation docs)

Once cert-manager is up, you'll need to provide it with a certificate issuer. For simplicity's sake, and for development purposes and curiosity, we can just used a self-signed issuer:

$ cat selfsigned-issuer.yml
kind: ClusterIssuer
  name: internal-ca
  namespace: cert-manager
  selfSigned: {}

$ kubectl apply -f selfsigned-issuer.yml

This internal-ca cluster-wide certificate issuer will be used by the validating and defaulting webhooks that you get (for free!) with Gluon. For real-world production use, you probably want something like a real, honest-to-goodness CA, a Vault-backed issuer, or an ACME issuer (à la Let's Encrypt).

Finally, it's time to install the Gluon custom resource definitions (or "CRDs" to those hip Kubernetes cats), by applying yet another YAML from the Internet — this time from this very repository:

$ kubectl apply -f

With that configuration all done, you should be able to see the new Gluon CRDs in the output of kubectl api-resources:

$ kubectl api-resources | grep gluon
boshconfigs      bcc     true   BOSHConfig
boshdeployments  bosh    true   BOSHDeployment
boshstemcells    stemcell,bsc   true   BOSHStemcell

Now, you're all set!


Managing BOSH and CF *from* Kubernetes







No releases published


No packages published