Azure
/
meta-azure-service-broker
зеркало из https://github.com/Azure/meta-azure-service-broker.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Vendor nodejs dependencies

This commit is contained in:
Bin Xia 2017-06-09 06:57:19 +00:00
Родитель b7247aad42
Коммит eb381398ef
3 изменённых файлов: 146 добавлений и 139 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

9
.cfignore
Просмотреть файл

@ -1,8 +1,7 @@
test/
docs/
scripts/
examples/
node_modules/
/test
/docs
/scripts
/examples
.vscode/
README.md
.env

274
docs/how-admin-deploy-the-broker.md
Просмотреть файл

@ -33,166 +33,174 @@
In the `mssql` command line, create tables `instances` and `bindings` by loading [schema.sql](../lib/broker/db/sqlserver/schema.sql).
<a name="deploy-meta-azure-service-broker-as-an-app" />
## Deploy the meta Azure service broker as an application in Cloud Foundry
1. Get the source code from Github.
```
git clone https://github.com/Azure/meta-azure-service-broker
cd meta-azure-service-broker
```
git clone https://github.com/Azure/meta-azure-service-broker
cd meta-azure-service-broker
```
2. Update `manifest.yml` with your credentials.
1. Update `manifest.yml` with your credentials.
The contents of `manifest.yml` are:
The contents of `manifest.yml` are:
```
---
applications:
- name: meta-azure-service-broker
buildpack: https://github.com/cloudfoundry/nodejs-buildpack
instances: 1
env:
ENVIRONMENT: REPLACE-ME
SUBSCRIPTION_ID: REPLACE-ME
TENANT_ID: REPLACE-ME
CLIENT_ID: REPLACE-ME
CLIENT_SECRET: REPLACE-ME
SECURITY_USER_NAME: REPLACE-ME
SECURITY_USER_PASSWORD: REPLACE-ME
```
---
applications:
- name: meta-azure-service-broker
buildpack: https://github.com/cloudfoundry/nodejs-buildpack
instances: 1
env:
ENVIRONMENT: REPLACE-ME
SUBSCRIPTION_ID: REPLACE-ME
TENANT_ID: REPLACE-ME
CLIENT_ID: REPLACE-ME
CLIENT_SECRET: REPLACE-ME
SECURITY_USER_NAME: REPLACE-ME
SECURITY_USER_PASSWORD: REPLACE-ME
AZURE_BROKER_DATABASE_PROVIDER: REPLACE-ME
AZURE_BROKER_DATABASE_SERVER: REPLACE-ME
AZURE_BROKER_DATABASE_USER: REPLACE-ME
AZURE_BROKER_DATABASE_PASSWORD: REPLACE-ME
AZURE_BROKER_DATABASE_NAME: REPLACE-ME
AZURE_BROKER_DATABASE_ENCRYPTION_KEY: REPLACE-ME
```
* `ENVIRONMENT`
Two options `AzureCloud` and `AzureChinaCloud` are supported as an `ENVIRONMENT`. For example, if you want to create services in `AzureChinaCloud`, you should specify `AzureChinaCloud` as the `ENVIRONMENT`.
The following table is about the support for each service in different environments.
| Service Name | AzureCloud | AzureChinaCloud |
|:---|:---|:---|
| DocumentDB Service (deprecated) | yes | yes |
| CosmosDB Service | yes | no |
| Event Hub Service | yes | yes |
| Redis Cache Service | yes | yes |
| Service Bus Service | yes | yes |
| Storage Service | yes | yes |
| SQL Database Service | yes | yes |
| Database for MySQL Service (preview) | yes | no |
| Database for PostgreSQL Service (preview) | yes | no |
* `SUBSCRIPTION_ID`
You can list the providers in the subscription, and make sure that the namespace is registered. For example, if you want to enable Service Bus service, `Microsoft.ServiceBus` should be registered. If the specific provider is not registered, you need to run `azure provider register <PROVIDER-NAME>` to register it.
```
$ azure provider list
info: Executing command provider list
+ Getting ARM registered providers
data: Namespace Registered
data: ------------------------- -------------
data: Microsoft.Batch Registered
data: Microsoft.Cache Registered
data: Microsoft.Compute Registered
data: Microsoft.DocumentDB Registered
data: Microsoft.EventHub Registered
data: microsoft.insights Registered
data: Microsoft.KeyVault Registered
data: Microsoft.MySql Registered
data: Microsoft.Network Registering
data: Microsoft.ServiceBus Registered
data: Microsoft.Sql Registered
data: Microsoft.Storage Registered
data: Microsoft.ApiManagement NotRegistered
data: Microsoft.Authorization Registered
data: Microsoft.ClassicCompute NotRegistered
data: Microsoft.ClassicNetwork NotRegistered
data: Microsoft.ClassicStorage NotRegistered
data: Microsoft.Devices NotRegistered
data: Microsoft.Features Registered
data: Microsoft.HDInsight NotRegistered
data: Microsoft.Resources Registered
data: Microsoft.Scheduler Registered
data: Microsoft.ServiceFabric NotRegistered
data: Microsoft.StreamAnalytics NotRegistered
data: Microsoft.Web NotRegistered
info: provider list command OK
```
* `TENANT_ID`, `CLIENT_ID` and `CLIENT_SECRET`
A [service principal](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) is composed of `TENANT_ID`, `CLIENT_ID` and `CLIENT_SECRET`.
In [Azure CPI guidance](https://github.com/cloudfoundry-incubator/bosh-azure-cpi-release/tree/master/docs), the roles `Virtual Machine Contributor` and `Network Contributor` are recommended to deploy Cloud Foundry on Azure. However, for the service broker, these two roles are not enough. You can follow [RBAC: Built-in roles](https://azure.microsoft.com/en-us/documentation/articles/role-based-access-built-in-roles/) to get the appropriate roles.
For example, you can use `Storage Account Contributor` if you only use the service broker to create a storage account.
If you want to create all the services, you may need the role `Contributor`.
* `SECURITY_USER_NAME` and `SECURITY_USER_PASSWORD`
Cloud Controller authenticates with the Broker using HTTP basic authentication (the `Authorization:` header) on every request and will reject any broker registrations that do not contain a username and password. `SECURITY_USER_NAME` and `SECURITY_USER_PASSWORD` are the username and password of HTTP basic authentication. They are maken up by yourself. When you register the service broker using `cf create-service-broker`, the same values should be used.
* Database related configurations
```
AZURE_BROKER_DATABASE_PROVIDER: REPLACE-ME
AZURE_BROKER_DATABASE_SERVER: REPLACE-ME
AZURE_BROKER_DATABASE_USER: REPLACE-ME
AZURE_BROKER_DATABASE_PASSWORD: REPLACE-ME
AZURE_BROKER_DATABASE_NAME: REPLACE-ME
AZURE_BROKER_DATABASE_ENCRYPTION_KEY: REPLACE-ME
```
```
* `ENVIRONMENT`
`AZURE_BROKER_DATABASE_ENCRYPTION_KEY` is used to encrypt the information in the database. It should contain 32 character. **You need to keep it same if you re-deploy the service broker. Otherwise, the information can't be decrypted so that the service broker can't manage the service instances.**
Two options `AzureCloud` and `AzureChinaCloud` are supported as an `ENVIRONMENT`. For example, if you want to create services in `AzureChinaCloud`, you should specify `AzureChinaCloud` as the `ENVIRONMENT`.
Currently, only `sqlserver` is supported for `AZURE_BROKER_DATABASE_PROVIDER`.
The following table is about the support for each service in different environments.
```
AZURE_BROKER_DATABASE_PROVIDER: sqlserver
AZURE_BROKER_DATABASE_SERVER: <sql-server-name>.database.windows.net
AZURE_BROKER_DATABASE_USER: <username>
AZURE_BROKER_DATABASE_PASSWORD: <password>
AZURE_BROKER_DATABASE_NAME: <database-name>
AZURE_BROKER_DATABASE_ENCRYPTION_KEY: <encryption-key-with-32-length>
```
| Service Name | AzureCloud | AzureChinaCloud |
|:---|:---|:---|
| DocumentDB Service (depreciated) | yes | yes |
| CosmosDB Service | yes | no |
| Event Hub Service | yes | yes |
| Redis Cache Service | yes | yes |
| Service Bus Service | yes | yes |
| Storage Service | yes | yes |
| SQL Database Service | yes | yes |
| Database for MySQL Service (preview) | yes | no |
| Database for PostgreSQL Service (preview) | yes | no |
* `SUBSCRIPTION_ID`
* Modules related configurations
You can list the providers in the subscription, and make sure that the namespace is registered. For example, if you want to enable Service Bus service, `Microsoft.ServiceBus` should be registered. If the specific provider is not registered, you need to run `azure provider register <PROVIDER-NAME>` to register it.
Only SQL database service has the configurations for now. The default value of `AZURE_SQLDB_ALLOW_TO_CREATE_SQL_SERVER` is `true`. The default value of `AZURE_SQLDB_ENABLE_TRANSPARENT_DATA_ENCRYPTION` is `false`. `AZURE_SQLDB_SQL_SERVER_POOL` is an array of SQL server credentials. Each element in the array should contain all the five parameters: resourceGroup, location, sqlServerName, administratorLogin and administratorLoginPassword.
```
AZURE_SQLDB_ALLOW_TO_CREATE_SQL_SERVER: true | false
AZURE_SQLDB_ENABLE_TRANSPARENT_DATA_ENCRYPTION: true | false
AZURE_SQLDB_SQL_SERVER_POOL: '[
{
"resourceGroup": "REPLACE-ME",
"location": "REPLACE-ME",
"sqlServerName": "REPLACE-ME",
"administratorLogin": "REPLACE-ME",
"administratorLoginPassword": "REPLACE-ME"
},
{
"resourceGroup": "REPLACE-ME",
"location": "REPLACE-ME",
"sqlServerName": "REPLACE-ME",
"administratorLogin": "REPLACE-ME",
"administratorLoginPassword": "REPLACE-ME"
}
]'
```
1. Install the Node dependencies for production environment.
```
$ azure provider list
info: Executing command provider list
+ Getting ARM registered providers
data: Namespace Registered
data: ------------------------- -------------
data: Microsoft.Batch Registered
data: Microsoft.Cache Registered
data: Microsoft.Compute Registered
data: Microsoft.DocumentDB Registered
data: Microsoft.EventHub Registered
data: microsoft.insights Registered
data: Microsoft.KeyVault Registered
data: Microsoft.MySql Registered
data: Microsoft.Network Registering
data: Microsoft.ServiceBus Registered
data: Microsoft.Sql Registered
data: Microsoft.Storage Registered
data: Microsoft.ApiManagement NotRegistered
data: Microsoft.Authorization Registered
data: Microsoft.ClassicCompute NotRegistered
data: Microsoft.ClassicNetwork NotRegistered
data: Microsoft.ClassicStorage NotRegistered
data: Microsoft.Devices NotRegistered
data: Microsoft.Features Registered
data: Microsoft.HDInsight NotRegistered
data: Microsoft.Resources Registered
data: Microsoft.Scheduler Registered
data: Microsoft.ServiceFabric NotRegistered
data: Microsoft.StreamAnalytics NotRegistered
data: Microsoft.Web NotRegistered
info: provider list command OK
export NODE_ENV=production
npm install
```
* `TENANT_ID`, `CLIENT_ID` and `CLIENT_SECRET`
A [service principal](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) is composed of `TENANT_ID`, `CLIENT_ID` and `CLIENT_SECRET`.
In [Azure CPI guidance](https://github.com/cloudfoundry-incubator/bosh-azure-cpi-release/tree/master/docs), the roles `Virtual Machine Contributor` and `Network Contributor` are recommended to deploy Cloud Foundry on Azure. However, for the service broker, these two roles are not enough. You can follow [RBAC: Built-in roles](https://azure.microsoft.com/en-us/documentation/articles/role-based-access-built-in-roles/) to get the appropriate roles.
For example, you can use `Storage Account Contributor` if you only use the service broker to create a storage account.
If you want to create all the services, you may need the role `Contributor`.
* `SECURITY_USER_NAME` and `SECURITY_USER_PASSWORD`
Cloud Controller authenticates with the Broker using HTTP basic authentication (the `Authorization:` header) on every request and will reject any broker registrations that do not contain a username and password. `SECURITY_USER_NAME` and `SECURITY_USER_PASSWORD` are the username and password of HTTP basic authentication. They are maken up by yourself. When you register the service broker using `cf create-service-broker`, the same values should be used.
* Database related configurations
1. Push the broker to Cloud Foundry
```
AZURE_BROKER_DATABASE_PROVIDER: REPLACE-ME
AZURE_BROKER_DATABASE_SERVER: REPLACE-ME
AZURE_BROKER_DATABASE_USER: REPLACE-ME
AZURE_BROKER_DATABASE_PASSWORD: REPLACE-ME
AZURE_BROKER_DATABASE_NAME: REPLACE-ME
AZURE_BROKER_DATABASE_ENCRYPTION_KEY: REPLACE-ME
cf push
```
`AZURE_BROKER_DATABASE_ENCRYPTION_KEY` is used to encrypt the information in the database. It should contain 32 character. **You need to keep it same if you re-deploy the service broker. Otherwise, the information can't be decrypted so that the service broker can't manage the service instances.**
Currently, only `sqlserver` is supported for `AZURE_BROKER_DATABASE_PROVIDER`.
```
AZURE_BROKER_DATABASE_PROVIDER: sqlserver
AZURE_BROKER_DATABASE_SERVER: <sql-server-name>.database.windows.net
AZURE_BROKER_DATABASE_USER: <username>
AZURE_BROKER_DATABASE_PASSWORD: <password>
AZURE_BROKER_DATABASE_NAME: <database-name>
AZURE_BROKER_DATABASE_ENCRYPTION_KEY: <encryption-key-with-32-length>
```
* Modules related configurations
Only SQL database service has the configurations for now. The default value of `AZURE_SQLDB_ALLOW_TO_CREATE_SQL_SERVER` is `true`. The default value of `AZURE_SQLDB_ENABLE_TRANSPARENT_DATA_ENCRYPTION` is `false`. `AZURE_SQLDB_SQL_SERVER_POOL` is an array of SQL server credentials. Each element in the array should contain all the five parameters: resourceGroup, location, sqlServerName, administratorLogin and administratorLoginPassword.
```
AZURE_SQLDB_ALLOW_TO_CREATE_SQL_SERVER: true | false
AZURE_SQLDB_ENABLE_TRANSPARENT_DATA_ENCRYPTION: true | false
AZURE_SQLDB_SQL_SERVER_POOL: '[
{
"resourceGroup": "REPLACE-ME",
"location": "REPLACE-ME",
"sqlServerName": "REPLACE-ME",
"administratorLogin": "REPLACE-ME",
"administratorLoginPassword": "REPLACE-ME"
},
{
"resourceGroup": "REPLACE-ME",
"location": "REPLACE-ME",
"sqlServerName": "REPLACE-ME",
"administratorLogin": "REPLACE-ME",
"administratorLoginPassword": "REPLACE-ME"
}
]'
```
3. Push the broker to Cloud Foundry
```
cf push
```
## Register a service broker
```

2
pcf-tile/generate-tile.sh
Просмотреть файл

@ -1,7 +1,7 @@
#!/bin/bash
pushd ..
rm -f pcf-tile/resources/meta-azure-service-broker.zip
zip -r pcf-tile/resources/meta-azure-service-broker.zip brokerserver.js index.js lib LICENSE NOTICE package.json
zip -r pcf-tile/resources/meta-azure-service-broker.zip brokerserver.js index.js lib LICENSE NOTICE package.json winston.json node_modules
popd
if [ "$1" = "-major" ]; then
tile build major