Skip to content
This repository has been archived by the owner on Oct 22, 2021. It is now read-only.

Walkthrough manifests are unusable #412

Open
domdom82 opened this issue Sep 27, 2018 · 3 comments
Open

Walkthrough manifests are unusable #412

domdom82 opened this issue Sep 27, 2018 · 3 comments

Comments

@domdom82
Copy link

domdom82 commented Sep 27, 2018

I tried the walkthrough manifests at https://github.com/cloudfoundry-incubator/fissile/blob/develop/docs/configuration.md and failed multiple times.

Some of the bugs I found:

  • yaml structure no longer complies with what fissile cli expects. variables node must be at top level.
  • bosh_containerization property is required on each job
  • tags: indexed no longer works
  • must use dark-opinions.yml file even though I did not need them for my bosh release
  • can't have empty dark-opinions.yml (or just a properties yml node)
  • variable node structure different. e.g. description must be under options node instead

I finally succeeded by looking at the code and using the test assets as template for my own manifests.

I suggest to add the walkthrough example manifests to daily builds to make sure they work.

@drnic
Copy link
Contributor

drnic commented Oct 11, 2018

@domdom82 could you drop in your working walkthrough manifests and/or PR them into the docs? I was just about to give it a try.

@domdom82
Copy link
Author

@drnic I will provide a PR later, here is what worked for me (tried HAproxy bosh release sniff test):

role-manifest.yml

instance_groups:
- name: haproxy                    # The name of the instance group
  jobs:                            # BOSH jobs this group will have
  - name: haproxy
    release: haproxy               # The name of the BOSH release this is from
    properties:
      bosh_containerization:
        run:
          flight-stage: pre-flight
          memory: 128

  tags:
  run:                             # Runtime configuration
    scaling:                       # Auto-scaling limits
      min: 1
      max: 3
    memory: 256                    # Memory request for each instance (MB)
    virtual-cpus: 4                # CPU request for each instance
    exposed-ports:
    - name: http
      protocol: TCP                # TCP or UDP
      external: 80                 # Port visible outside the container
      internal: 80                 # Port inside the container
      public: false                # Whether to expose to outside the cluster

configuration:
  templates:
    networks.default.dns_record_name: '"((DNS_RECORD_NAME))"'
    networks.default.ip: '"((IP_ADDRESS))"'
    properties.ha_proxy.ssl_pem: '"((SSL_PEM))"'  # <<< your dark opinions here

variables:
- name: SSL_PEM
  options:
    description: server certificate chain
    secret: true
    required: true

opinions.yml:

properties:
  ha_proxy:
    backend_servers: 10.10.10.10 .    # <<< your opinions here

dark-opinions.yml:

properties:
  ha_proxy:
    ssl_pem: # <<< this must match the properties in role-manifest.yml
      - |
        -----BEGIN CERTIFICATE-----
        -----END CERTIFICATE-----
        -----BEGIN CERTIFICATE-----
        -----END CERTIFICATE-----
        -----BEGIN RSA PRIVATE KEY-----
        -----END RSA PRIVATE KEY-----

@viovanov
Copy link
Member

Thanks for going through all this @domdom82.
We're working on this nats containerized release as an example (we plan to keep it up-to-date because we're using it in our new CI pipeline).

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants