История

Jeremy Rickard 55d96a2ab7 Update tag to 0.4.0-alpha (#69 ) * Updating chart to use public image Fixes #66 * Update docker tag for osba version 0.4.0-alpha and minStability level Fixes #68 * Bump minor version and added explicit version tag to README * Bump minor version, appVersion added to Chart and added explicit version tag to README * Change impage pull policy and small change to version in docs and appVersion field		2017-12-04 15:18:30 -07:00
..
templates	Updating chart to use public image (#67 )	2017-12-04 14:28:48 -05:00
.helmignore	Renaming ASB -> OSBA (#58 )	2017-12-01 15:05:27 -07:00
Chart.yaml	Update tag to 0.4.0-alpha (#69 )	2017-12-04 15:18:30 -07:00
README.md	Update tag to 0.4.0-alpha (#69 )	2017-12-04 15:18:30 -07:00
requirements.lock	Renaming ASB -> OSBA (#58 )	2017-12-01 15:05:27 -07:00
requirements.yaml	Renaming ASB -> OSBA (#58 )	2017-12-01 15:05:27 -07:00
values.yaml	Update tag to 0.4.0-alpha (#69 )	2017-12-04 15:18:30 -07:00

README.md

Open Service Broker for Azure

Open Service Broker for Azure is the open source, Open Service Broker compatible API server that provisions managed services in the Microsoft Azure public cloud.

This chart bootstraps Open Service Broker for Azure in your Kubernetes cluster.

Prerequisites

Kubernetes 1.7+ with RBAC enabled
The Kubernetes Service Catalog software has been installed
An Azure subscription
The Azure CLI: You can install it locally or use it in the Azure Cloud Shell
A service principal with the Contributor role on your Azure subscription

Obtain Your Subscription ID

$ export AZURE_SUBSCRIPTION_ID=$(az account show --query id | sed s/\"//g)

Creating a Service Principal

$ az ad sp create-for-rbac

The new service principal will be assigned, by default, to the Contributor role. The output of the command above will be similar to the following:

{
  "appId": "redacted",
  "displayName": "azure-cli-xxxxxx",
  "name": "http://azure-cli-xxxxxx",
  "password": "redacted",
  "tenant": "redacted"
}

For convenience in subsequent steps, we will export several of the fields above as environment variables:

$ export AZURE_TENANT_ID=<tenant>
$ export AZURE_CLIENT_ID=<appId>
$ export AZURE_CLIENT_SECRET=<password>

Installing the Chart

Installation of this chart is simple. First, ensure that you've added the azure repository. Then, install from the azure repo:

$ helm install azure/open-service-broker-azure --name osba --namespace osba \
  --set azure.subscriptionId=$AZURE_SUBSCRIPTION_ID \
  --set azure.tenantId=$AZURE_TENANT_ID \
  --set azure.clientId=$AZURE_CLIENT_ID \
  --set azure.clientSecret=$AZURE_CLIENT_SECRET

If you'd like to customize the installation, please see the configuration section to see options that can be configured during installation.

To verify the service broker has been deployed and show installed service classes and plans:

$ kubectl get clusterservicebroker -o yaml

$ kubectl get clusterserviceclasses -o=custom-columns=NAME:.metadata.name,EXTERNAL\ NAME:.spec.externalName

$ kubectl get clusterserviceplans -o=custom-columns=NAME:.metadata.name,EXTERNAL\ NAME:.spec.externalName,SERVICE\ CLASS:.spec.clusterServiceClassRef.name --sort-by=.spec.clusterServiceClassRef.name

Uninstalling the Chart

To uninstall/delete the osba deployment:

$ helm delete osba --purge

The command removes all the Kubernetes components associated with the chart and deletes the release.

Configuration

The following tables lists the configurable parameters of the Azure Service Broker chart and their default values.

Parameter	Description	Default
`image.repository`	Docker image location, without the tag.	`"microsoft/azure-service-broker"`
`image.tag`	Tag / version of the Docker image.	`"v0.4.0-alpha"`
`image.pullPolicy`	`"IfNotPresent"`, `"Always"`, or `"Never"`; When launching a pod, this option indicates when to pull the OSBA Docker image.	`"IfNotPresent"`
`registerBroker`	Whether to register this broker with the Kubernetes Service Catalog. If true, the Kubernetes Service Catalog must already be installed on the cluster. Marking this option false is useful for scenarios wherein one wishes to host the broker in a separate cluster than the Service Catalog (or other client) that will access it.	`true`
`service.type`	Type of service; valid values are `"ClusterIP"`, `"LoadBalancer"`, and `"NodePort"`. `"ClusterIP"` is sufficient in the average case where OSBA only receives traffic from within the cluster-- e.g. from Kubernetes Service Catalog.	`"ClusterIP"`
`service.nodePort.port`	If and only if `service.type` is set to `"NodePort"`, `service.nodePort.port` indicates the port this service should bind to on each Kubernetes node.	`30080`
`azure.environment`	Indicates which Azure public cloud to use. Valid values are `"AzureCloud"` and `"AzureChinaCloud"`.	`"AzureCloud"`
`azure.subscriptionId`	Identifies the Azure subscription into which OSBA will provision services.	none
`azure.tenantId`	Identifies the Azure Active Directory to which the service principal used by OSBA to access the Azure subscription belongs.	none
`azure.clientId`	Identifies the service principal used by OSBA to access the Azure subscription.	none
`azure.clientSecret`	Key/password for the service principal used by OSBA to access the Azure subscription.	none
`basicAuth.username`	Specifies the basic auth username that clients (e.g. the Kubernetes Service Catalog) must use when connecting to OSBA.	`"username"`; Do not use this default value in production!
`basicAuth.password`	Specifies the basic auth password that clients (e.g. the Kubernetes Service Catalog) must use when connecting to OSBA.	`"password"`; Do not use this default value in production!
`encryptionKey`	Specifies the key used by OSBA for applying AES-256 encryption to sensitive (or potentially sensitive) data.	`"This is a key that is 256 bits!!"`; Do not use this default value in production!
`modules.minStability`	Specifies the minimum level of stability an OSBA module must meet for the services and plans it provides to be included in OSBA's catalog of offerings. Valid values are `"ALPHA"`, `"BETA"`, and `"STABLE"`.	`"ALPHA"`; Only use `"STABLE"` modules in production!
`redis.embedded`	OSBA uses Redis for data persistence and as a message queue. This option indicates whether an on-cluster Redis deployment should be included when installing this chart. If set to `false`, connection details for a remote Redis cache must be provided.	`true`; Do not use the embedded Redis cache in production!
`redis.host`	If and only if `redis.embedded` is `false`, this option specifies the location of the remote Redis cache.	none
`redis.port`	If and only if `redis.embedded` is `false`, this option specifies the port to connect to on the remote Redis host.	`6380`
`redis.redisPassword`	Specifies the Redis password. If `redis.embedded` is `true`, this option sets the password on the Redis cache itself and provides it to OSBA. If `redis.embedded` is `false`, this option only provides the password to OSBA. In that case, the value of this option must be the correct password for the remote Redis cache.	`"password"`; Do not use this default value in production!
`redis.enableTls`	If and only if `redis.embedded` is `false`, this option specifies whether to use a secure connection to the remote Redis host.	`true`

Specify a value for each option using the --set <key>=<value> switch on the helm install command. That switch can be invoked multiple times to set multiple options.

Alternatively, copy the charts default values to a file, edit the file to your liking, and reference that file in your helm install command:

$ helm inspect values azure/open-service-broker-azure > values.yaml
$ vim my-values.yaml
$ helm install azure/open-service-broker-azure --name osba --namespace osba --values my-values.yaml