Skip to content
Permalink
Browse files
load locations from catalog, strip unnecessary properties
- vagrant-catalog.bom loaded on startup in the systemd service unit
  • Loading branch information
johnmccabe committed Jan 22, 2016
1 parent dc7e8c4 commit 8dee3a62fbbc3ca00a5ded4ed6488c7439621eb4
Showing 3 changed files with 84 additions and 323 deletions.
@@ -1,325 +1,4 @@
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
# This is Brooklyn's dot-properties file.
# It should be located at "~/.brooklyn/brooklyn.properties" for automatic loading,
# or can be specified as a CLI option with --localProperties /path/to/these.properties.

################################## Welcome! ############################################

# It's great to have you here.

# Getting Started options have been pulled to the top. There's a formatting guide at the
# very bottom.

############################ Getting Started Options ####################################

## GUI Security

## NOTE: in production it is highly recommended to set this, as otherwise it will not require login,
## not will it be encrypted (though for safety if security is not set it will only bind to loopback)

## Edit the name(s) and passwords as appropriate to your system:

# brooklyn.webconsole.security.users=admin,bob
# brooklyn.webconsole.security.user.admin.password=password
# brooklyn.webconsole.security.user.bob.password=bobsword

## If you prefer to run with https (on port 8443 by default), uncomment this:

# brooklyn.webconsole.security.https.required=true


# By default we have AWS set up (but with invalid credentials!). Many, many other
# providers are supported.

## Amazon EC2 Credentials
# These should be an "Access Key ID" and "Secret Access Key" for your account.
# This is configured at https://console.aws.amazon.com/iam/home?#security_credential .

brooklyn.location.jclouds.aws-ec2.identity = AKA_YOUR_ACCESS_KEY_ID
brooklyn.location.jclouds.aws-ec2.credential = <access-key-hex-digits>

# Beware of trailing spaces in your cloud credentials. This will cause unexpected
# 401: unauthorized responses.

## Using Other Clouds
# 1. Cast your eyes down this document to find your preferred cloud in the Named Locations
# section, and the examples.
# 2. Uncomment the relevant line(s) for your provider.
# 3. ADD -.identity and -.credential lines for your provider, similar to the AWS ones above,
# replacing 'aws-ec2' with jcloud's id for your cloud.


## Deploying to Localhost
## see: info on locations at brooklyn.io
#
## ~/.ssh/id_rsa is Brooklyn's default location
# brooklyn.location.localhost.privateKeyFile = ~/.ssh/id_rsa
## Passphrases are supported, but not required
# brooklyn.location.localhost.privateKeyPassphrase = s3cr3tpassphrase

## Geoscaling Service - used for the Global Web Fabric demo
## see: the global web example at brooklyn.io
## https://www.geoscaling.com/dns2/
## other services may take similar configuration similarly; or can usually be set in YAML
# brooklyn.geoscaling.username = USERNAME
# brooklyn.geoscaling.password = PASSWORD
# brooklyn.geoscaling.primaryDomain = DOMAIN


########################## Getting Started Complete! ###################################

# That's it, although you may want to read through these options...

################################ Brooklyn Options ########################################

## Brooklyn Management Base Directory: specify where management data should be stored on this server;
## ~/.brooklyn/ is the default but you could use something like /opt/brooklyn/state/
## (provided this process has write permissions)
# brooklyn.base.dir=~/.brooklyn/

## Brooklyn On-Box Directory: specify where data should be stored on managed hosts;
## for most locations a directory off home is the default (but using /tmp/brooklyn-user/ on localhost),
## however you could specify something like /opt/brooklyn-managed-process/ (creation and permissions are handled)
# onbox.base.dir=~/brooklyn-managed-process/

## Additional security: Allow all - if you know what you are doing!
## (Or you can also plug in e.g. LDAP security etc here)
# Disabling security on the Vagrant Brooklyn instance for training purposes
brooklyn.webconsole.security.provider = org.apache.brooklyn.rest.security.provider.AnyoneSecurityProvider

## Optionally disallow deployment to localhost (or any other location)
# brooklyn.location.localhost.enabled=false

## Scripting Behaviour

## keep scripts around after running them (usually in /tmp)
# brooklyn.ssh.config.noDeleteAfterExec = true

## Misc Cloud Settings
## brooklyn will fail a node if the cloud machine doesn't come up, but you can tell it to retry:
# brooklyn.location.jclouds.machineCreateAttempts = 3
## many cloud machines don't have sufficient entropy for lots of encrypted networking, so fake it:
# brooklyn.location.jclouds.installDevUrandom=true

## Sets a minimium ram property for all jclouds locations. Recommended to avoid getting m1.micros on AWS!
brooklyn.location.jclouds.minRam = 2048

## When setting up a new cloud machine Brooklyn creates a user with the same name as the user running
## Brooklyn on the management server, but you can force a different user here:
# brooklyn.location.jclouds.user=brooklyn
## And you can force a password or key (by default it will use the keys in ~/.ssh/id_rsa{,.pub}
# brooklyn.location.jclouds.password=s3cr3t

################################ Named Locations ########################################

# Named locations appear in the web console. If using the command line or YAML it may be
# just as easy to use the jclouds:<provider> locations and specify additional properties there.

## Example: AWS Virginia using Rightscale 6.3 64bit Centos AMI and Large Instances
# brooklyn.location.named.aws-va-centos-large = jclouds:aws-ec2:us-east-1
# brooklyn.location.named.aws-va-centos-large.imageId=us-east-1/ami-7d7bfc14
# brooklyn.location.named.aws-va-centos-large.user=brooklyn
# brooklyn.location.named.aws-va-centos-large.minRam=4096

## You can also nest these:
# brooklyn.location.named.aws-acct-two = jclouds:aws-ec2
# brooklyn.location.named.aws-acct-two.identity = AKA_ACCT_TWO
# brooklyn.location.named.aws-acct-two.credential = <access-key-hex-digits>
# brooklyn.location.named.aws-acct-two-singapore = named:aws-acct-two
# brooklyn.location.named.aws-acct-two-singapore.region = ap-southeast-1
# brooklyn.location.named.aws-acct-two-singapore.displayName = AWS Singapore (Acct Two)

# For convenience some common defaults:
brooklyn.location.named.aws-california = jclouds:aws-ec2:us-west-1
brooklyn.location.named.aws-oregon = jclouds:aws-ec2:us-west-2
brooklyn.location.named.aws-ireland = jclouds:aws-ec2:eu-west-1
brooklyn.location.named.aws-tokyo = jclouds:aws-ec2:ap-northeast-1

## Google Compute
## The credentials for GCE come from the "APIs & auth -> Credentials" page,
## creating a "Service Account" of type JSON, then extracting
## the client_email as the identity and private_key as the identity,
## keeping new lines as \n (exactly as in the JSON supplied)
# brooklyn.location.jclouds.google-compute-engine.identity=1234567890-somet1mesArand0mU1Dhere@developer.gserviceaccount.com
# brooklyn.location.jclouds.google-compute-engine.credential=-----BEGIN PRIVATE KEY----- \nMIIblahablahblah \nblahblahblah \n-----END PRIVATE KEY-----
# brooklyn.location.named.Google\ US = jclouds:google-compute-engine
# brooklyn.location.named.Google\ US.region=us-central1-a
# brooklyn.location.named.Google\ EU = jclouds:google-compute-engine
# brooklyn.location.named.Google\ EU.region=europe-west1-a
## the following flags for GCE are recommended
## specify the network to use - otherwise it creates new networks each time and you hit quotas pretty quickly
## you may have to manually create this network AND enable a firewall rule EG tcp:1-65535;udp:1-65535;icmp
## (fix for this is in progress)
# brooklyn.location.jclouds.google-compute-engine.networkName=brooklyn-default-network
## gce images have bad entropy, this ensures they have noisy /dev/random (even if the "randomness" is not quite as random)
# brooklyn.location.jclouds.google-compute-engine.installDevUrandom=true
## gce images often start with iptables turned on; turn it off unless your blueprints are iptables-aware
# brooklyn.location.jclouds.google-compute-engine.stopIptables=true

## HP Cloud - also Ubuntu 12.04 LTS
## You specify your HP Credentials like this:
# brooklyn.location.jclouds.hpcloud-compute.identity = projectname:username
# brooklyn.location.jclouds.hpcloud-compute.credential = password
## where username and password are the same as logging in to the web console, and
## projectname can be found here: https://account.hpcloud.com/projects
#�brooklyn.location.named.HP\ Cloud\ Arizona-1 = jclouds:hpcloud-compute:az-1.region-a.geo-1
# brooklyn.location.named.HP\ Cloud\ Arizona-1.imageId = az-1.region-a.geo-1/75845
# brooklyn.location.named.HP\ Cloud\ Arizona-1.user = ubuntu

## Softlayer - need a key from the gui, under "administrative -> user administration -> api-access
# brooklyn.location.jclouds.softlayer.identity=username
# brooklyn.location.jclouds.softlayer.credential=<private-key-hex-digits>
## locations
# brooklyn.location.named.Softlayer\ Dallas=jclouds:softlayer:dal05
# brooklyn.location.named.Softlayer\ Seattle=jclouds:softlayer:sea01
# brooklyn.location.named.Softlayer\ Washington\ DC=jclouds:softlayer:wdc01
# brooklyn.location.named.Softlayer\ Singapore\ 1=jclouds:softlayer:sng01
# brooklyn.location.named.Softlayer\ Amsterdam\ 1=jclouds:softlayer:ams01


## Brooklyn uses the jclouds multi-cloud library to access many clouds.
## http://www.jclouds.org/documentation/reference/supported-providers/

## Templates for many other clouds, but remember to add identity and credentials:

# brooklyn.location.named.Bluelock = jclouds:bluelock-vcloud-zone01

# brooklyn.location.named.CloudSigma\ Nevada = jclouds:cloudsigma-lvs
# brooklyn.location.named.CloudSigma\ Zurich = jclouds:cloudsigma-zrh

# brooklyn.location.named.ElasticHosts\ London = jclouds:elastichosts-lon-p
# brooklyn.location.named.ElasticHosts\ Texas = jclouds:elastichosts-sat-p

# brooklyn.location.named.GleSYS = jclouds:glesys

# brooklyn.location.named.Go2Cloud = jclouds:go2cloud-jhb1

# brooklyn.location.named.GoGrid = jclouds:gogrid

# brooklyn.location.named.Green\ House\ Data = jclouds:greenhousedata-element-vcloud

# brooklyn.location.named.Ninefold = jclouds:ninefold-compute

# brooklyn.location.named.OpenHosting = jclouds:openhosting-east1

# brooklyn.location.named.Rackspace\ Chicago\ (ord) = jclouds:rackspace-cloudservers-us:ORD
# brooklyn.location.named.Rackspace\ Dallas\ (dfw) = jclouds:rackspace-cloudservers-us:DFW
# brooklyn.location.named.Rackspace\ Hong\ Kong\ (hkg) = jclouds:rackspace-cloudservers-us:HKG
# brooklyn.location.named.Rackspace\ Northern\ Virginia\ (iad) = jclouds:rackspace-cloudservers-us:IAD
# brooklyn.location.named.Rackspace\ Sydney\ (syd) = jclouds:rackspace-cloudservers-us:SYD
## for UK you will need a separate account with rackspace.co.uk
# brooklyn.location.named.Rackspace\ London\ (lon) = jclouds:rackspace-cloudservers-uk

## if you need to use Rackspace "first gen" API
## (note the "next gen" api configured above seems to be faster)
# brooklyn.location.jclouds.cloudservers-us.identity = YOURAPIKEY
# brooklyn.location.jclouds.cloudservers-us.credential = YOURSECRETKEY
# brooklyn.location.named.Rackspace\ US\ (First Gen) = jclouds:cloudservers-us
## and as with next gen, first gen requires a separate acct for the UK:
# brooklyn.location.jclouds.cloudservers-uk.identity = YOURAPIKEY
# brooklyn.location.jclouds.cloudservers-uk.credential = YOURSECRETKEY
# brooklyn.location.named.Rackspace\ UK\ (First Gen) = jclouds:cloudservers-uk

# brooklyn.location.named.SeverLove = jclouds:serverlove-z1-man

# brooklyn.location.named.SkaliCloud = jclouds:skalicloud-sdg-my

# brooklyn.location.named.Stratogen = jclouds:stratogen-vcloud-mycloud

# brooklyn.location.named.TryStack\ (Openstack) = jclouds:trystack-nova


## Production pool of machines for my application (deploy to named:On-Prem\ Iron\ Example)
# brooklyn.location.named.On-Prem\ Iron\ Example=byon:(hosts="10.9.1.1,10.9.1.2,produser2@10.9.2.{10,11,20-29}")
# brooklyn.location.named.On-Prem\ Iron\ Example.user=produser1
# brooklyn.location.named.On-Prem\ Iron\ Example.privateKeyFile=~/.ssh/produser_id_rsa
# brooklyn.location.named.On-Prem\ Iron\ Example.privateKeyPassphrase=s3cr3tpassphrase

## Various Private Clouds

## Example: OpenStack Nova

## openstack identity and credential are random strings of letters and numbers (TBC - still the case?)
# brooklyn.location.named.My\ Openstack=jclouds:openstack-nova:https://9.9.9.9:9999/v2.0/

## OpenStack Nova access information can be downloaded from the openstack web interface; for example, as openrc.sh file
# brooklyn.location.named.My\ Openstack=jclouds:openstack-nova:keystone-url
# brooklyn.location.named.My\ OpenStack.identity=your-tenant-name:your-user-name
# brooklyn.location.named.My\ OpenStack.credential=your-password
# brooklyn.location.named.My\ OpenStack.endpoint=your-keystone-url

## The ID of the image must be configured according to the local OpenStack settings
## Use the command nova image-list to list all the available images
## Use the command nova show <image-name> to get more details
# brooklyn.location.named.My\ OpenStack.imageId=the-region-name/the-image-id

## Virtual Machine flavors must match the ones created upfront according to the local OpenStack settings
## Use the command nova flavor-list to list all the available options
## Use the command nova flavor-show <flavor-name> to get more details
# brooklyn.location.named.My\ OpenStack.hardwareId=the-region-name/the-flavor-id

## (Optional) Configurations

# brooklyn.location.named.My\ OpenStack.user=user-name-inside-the-instance

## The keyPair must by created upfront. Both the following two options are required at the same time.
# brooklyn.location.named.My\ OpenStack.keyPair=the-key-pair-name
# brooklyn.location.named.My\ OpenStack.loginUser.privateKeyFile=/path/to/keypair.pem

## Security groups must be created upfront (TBC - How to specify many security groups at one ?)
# brooklyn.location.named.My\ OpenStack.securityGroups=universal

# brooklyn.location.named.My\ OpenStack.openIptables=true
# brooklyn.location.named.My\ OpenStack.selinux.disabled=true
# brooklyn.location.named.My\ OpenStack.auto-create-floating-ips=true
# brooklyn.location.named.My\ OpenStack.openstack-nova.auto-generate-keypairs=false

## cloudstack identity and credential are rather long random strings of letters and numbers
## you generate this in the cloudstack gui, under accounts, then "view users", then "generate key"
## use the "api key" as the identity and "secret key" as the credential
# brooklyn.location.named.My\ Cloudstack=jclouds:cloudstack:http://9.9.9.9:9999/client/api/

## abiquo identity and credential are your login username/passed
# brooklyn.location.named.My\ Abiquo=jclouds:abiquo:http://demonstration.abiquo.com/api/

############################### Formatting Guide #######################################

! Both # and ! mark lines as comments
# The follow syntax are ALL valid.
# example_key example_value
# example_key : example_value
# example_key = example_value
# example_key=example_value

# The backslash below tells Brooklyn to continue reading the value onto the next line.
# example_key = A very \
# long string!
# Note all white space before 'long...' is ignored. Also '!' is kept as part of the string


# Keys with spaces should be escaped with backslashes.
# This is useful for named locations, as the name displayed in Brooklyn's web
# interface is derived from the key name.
# key\ with\ spaces = some\ value

# Encoding for .properties must be ISO-8859-1, aka Latin-1.
# All non-latin1 characters must be entered using unicode escape characters
# polish_pangram = P\u00F3jd\u017A\u017Ce, ki\u0144 \
# t\u0119 chmurno\u015B\u0107 w g\u0142\u0105b flaszy!
# Note: BYON locations are loaded from the files/vagrant-catalog.bom on startup
@@ -3,7 +3,7 @@ Description=Apache Brooklyn service
Documentation=http://brooklyn.apache.org/documentation/index.html

[Service]
ExecStart=/home/vagrant/apache-brooklyn/bin/brooklyn launch --persist auto --persistenceDir /vagrant/brooklyn-persisted-state
ExecStart=/home/vagrant/apache-brooklyn/bin/brooklyn launch --persist auto --persistenceDir /vagrant/brooklyn-persisted-state --catalogAdd /vagrant/files/vagrant-catalog.bom
WorkingDirectory=/home/vagrant/apache-brooklyn
Restart=on-abort
User=vagrant

0 comments on commit 8dee3a6

Please sign in to comment.