Add cloud config, concourse (#12)

openware · Sep 15, 2017 · d7bc3ae · d7bc3ae
1 parent c122e07
commit d7bc3ae
Show file tree

Hide file tree

Showing 8 changed files with 198 additions and 7 deletions.
diff --git a/lib/kite/core.rb b/lib/kite/core.rb
@@ -43,6 +43,7 @@ def generate()
         template('gcp/bosh-install.sh.erb',                 'bin/bosh-install.sh')
         template('gcp/bosh-vars.yml.erb',                   'bosh-vars.yml')
         template('gcp/setup-tunnel.sh.erb',                 'bin/setup-tunnel.sh')
+        template('gcp/set-env.sh.erb',                      'bin/set-env.sh')
         chmod('bin/bosh-install.sh', 0755)
         chmod('bin/setup-tunnel.sh', 0755)
 

diff --git a/lib/kite/render.rb b/lib/kite/render.rb
@@ -18,8 +18,8 @@ def manifest(type)
         directory("#{cloud}/deployments",                    'deployments')
 
       when "concourse"
-        template("aws/concourse/aws_cloud.yml.erb",   "aws_cloud.yml")
-        template("aws/concourse/concourse.yml.erb",   "concourse.yml")
+        template("#{options[:cloud]}/deployments/concourse/cloud-config.yml.erb", "deployments/concourse/cloud-config.yml")
+        template("#{options[:cloud]}/deployments/concourse/concourse.yml.erb", "deployments/concourse/concourse.yml")
 
       else
         say "Manifest type not specified"

diff --git a/tpl/gcp/README.md b/tpl/gcp/README.md
@@ -8,15 +8,44 @@ pushd terraform && terraform init && terraform apply && popd
 
 Render bosh deployment
 ```
-kite render bosh --cloud=gcp
+kite render manifest bosh --cloud=gcp
 ```
 
 Setup tunnel
 ```
-./bin/setup-tunnel.sh
+. bin/setup-tunnel.sh
 ```
 
 Install BOSH
 ```
 ./bin/bosh-install.sh
 ```
+
+Connect to the Director
+```
+. bin/set-env.sh
+
+bosh alias-env bosh-1 -e 10.0.0.10 --ca-cert \
+  <(bosh int ./config/creds.yml --path /director_ssl/ca)
+```
+
+Render concourse deployment
+```
+kite render manifest concourse --cloud=gcp
+```
+
+Install concourse
+```
+bosh -e bosh-1 update-cloud-config  deployments/concourse/cloud-config.yml
+
+bosh -e bosh-1 upload-stemcell \
+  https://bosh.io/d/stemcells/bosh-google-kvm-ubuntu-trusty-go_agent?v=3445.7
+
+bosh -e bosh-1 upload-release \
+  https://github.com/concourse/concourse/releases/download/v3.4.1/concourse-3.4.1.tgz
+
+bosh -e bosh-1 upload-release \
+  https://github.com/concourse/concourse/releases/download/v3.4.1/garden-runc-1.6.0.tgz
+
+bosh -e bosh-1 -d concourse deploy deployments/concourse/concourse.yml
+```
diff --git a/tpl/gcp/deployments/concourse/cloud-config.yml.erb b/tpl/gcp/deployments/concourse/cloud-config.yml.erb
@@ -0,0 +1,56 @@
+azs:
+- name: z1
+  cloud_properties:
+    zone: <%= @values['gcp']['zone'] %>
+
+vm_types:
+- name: common
+  cloud_properties:
+    machine_type: n1-standard-2
+    root_disk_size_gb: 20
+    root_disk_type: pd-ssd
+
+- name: worker
+  cloud_properties:
+    machine_type: n1-standard-4
+    root_disk_size_gb: 100
+    root_disk_type: pd-ssd
+
+# vm_extensions:
+# - name: concourse-lb
+#   cloud_properties:
+#     target_pool: concourse-target-pool
+
+compilation:
+  workers: 2
+  network: public
+  reuse_compilation_vms: true
+  az: z1
+  cloud_properties:
+    machine_type: n1-standard-4
+    root_disk_size_gb: 100
+    root_disk_type: pd-ssd
+    preemptible: true
+
+networks:
+  - name: public
+    type: manual
+    subnets:
+    - az: z1
+      range: <%= @values['gcp']['subnet_cidr'] %>
+      gateway: <%= @values['gcp']['internal_gw'] %>
+      static: [10.0.0.2, 10.0.0.10]
+      cloud_properties:
+        network_name: <%= @values['gcp']['vpc_name'] %>
+        subnetwork_name: <%= @values['gcp']['subnet_name'] %>
+        ephemeral_external_ip: true
+        tags:
+          - concourse-public
+          - concourse-internal
+
+  - name: vip
+    type: vip
+
+disk_types:
+- name: database
+  disk_size: 10240
diff --git a/tpl/gcp/deployments/concourse/concourse.yml.erb b/tpl/gcp/deployments/concourse/concourse.yml.erb
@@ -0,0 +1,86 @@
+name: concourse
+
+releases:
+- name: concourse
+  version: 3.4.1
+- name: garden-runc
+  version: 1.6.0
+
+instance_groups:
+- name: web
+  instances: 1
+  vm_type: common
+  azs: [z1]
+  # vm_extensions: [concourse-lb]
+  stemcell: trusty
+  networks:
+  - name: public
+    default: [dns, gateway]
+
+  jobs:
+  - name: atc
+    release: concourse
+    properties:
+      bind_port: 80
+      external_url: <%= @values['concourse']['url'] %>
+      basic_auth_username: <%= @values['concourse']['auth_username'] %>
+      basic_auth_password: <%= @values['concourse']['auth_password'] %>
+      publicly_viewable: true
+
+      postgresql_database: &atc_db atc
+
+  - name: tsa
+    release: concourse
+    properties: {}
+
+- name: db
+  instances: 1
+  vm_type: common
+  azs: [z1]
+  stemcell: trusty
+  persistent_disk_type: database
+  networks: [{name: public}]
+  jobs:
+  - name: postgresql
+    release: concourse
+    properties:
+      databases:
+      - name: *atc_db
+        role: admin
+        password: <%= @values['concourse']['db_password'] %>
+
+- name: worker
+  instances: 1
+  vm_type: worker
+  azs: [z1]
+  stemcell: trusty
+  networks: [{name: public}]
+  jobs:
+  - name: groundcrew
+    release: concourse
+    properties:
+      additional_resource_types:
+      - type: gcs-resource
+        image: docker:///frodenas/gcs-resource
+  - name: baggageclaim
+    release: concourse
+    properties: {}
+  - name: garden
+    release: garden-runc
+    properties:
+      garden:
+        listen_network: tcp
+        listen_address: 0.0.0.0:7777
+        network_mtu: 1432
+
+update:
+  canaries: 1
+  max_in_flight: 1
+  serial: false
+  canary_watch_time: 1000-60000
+  update_watch_time: 1000-60000
+
+stemcells:
+- alias: trusty
+  os: ubuntu-trusty
+  version: latest
diff --git a/tpl/gcp/set-env.sh.erb b/tpl/gcp/set-env.sh.erb
@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+
+BASTION_IP="$(terraform output -state=terraform/terraform.tfstate bastion_ip)"
+
+export BASTION_IP
+export BOSH_ALL_PROXY=socks5://localhost:5000
+export BOSH_CLIENT=admin
+export BOSH_CLIENT_SECRET=`bosh int ./config/creds.yml --path /admin_password`
diff --git a/tpl/gcp/terraform/network.tf b/tpl/gcp/terraform/network.tf
@@ -39,3 +39,14 @@ resource "google_compute_firewall" "platform_internal" {
   target_tags = ["platform-internal"]
   source_tags = ["platform-internal"]
 }
+
+# Allow concourse
+resource "google_compute_firewall" "allow_concourse" {
+  name    = "allow-concourse"
+  network = "${google_compute_network.platform.name}"
+
+  allow {
+    protocol = "all"
+  }
+
+}
diff --git a/tpl/skel/config/cloud.yml b/tpl/skel/config/cloud.yml
@@ -33,8 +33,8 @@ bosh:
   static_ip: "10.0.20.10"
 
 concourse:
-  hostname: "ci.domain.io"
-  url: "http://ci.example.com"
+  hostname: "concourse.example.com"
+  url: "http://concourse.example.com"
   auth_username: "concourse"
   auth_password: "concourse"
-  db_password: "changeme"
+  db_password: "concourse"