Stark & Wayne
  • by Ruben Koster

Doing an initial Cloud Foundry deployment can be hard, keeping it up to date with the weekly releases can be even harder. So together with Swisscom we have developed the bosh-workspace gem to simplify this process.

What better way to introduce a new tool then by having a step by step tutorial. The objective today will be to deploy Cloud Foundry v175 on AWS, with some custom settings and then show how we can use the bosh-workspace to update to v176 (current latest version).

cf upgrade 175-176

Setup Workspace

git clone
cd cf-boshworkspace
bundle install

AWS Setup

Create Keypair
Create a keypair via the aws console. Move the downloaded key into cf-workspace/ssh/ and name it bosh.

ls -l ssh
total 8
-rw-r--r--@ 1 vcap  vcap  1692 Jul 31 10:44 bosh

Allocate Elastic IPs
Allocate 2 elastic ips, one for the microbosh and the other for Cloud Foundry.

Create Security Groups
Create a security group named bosh.

ProtocolPort RangeSource
TCP4222 - 257770.0.0.0/0

Create a security group named cf.

ProtocolPort RangeSource

Deploy microbosh

Create deployment file

With AWS all setup it's time to fill in the blank spots in our microbosh deployment file.

export MICROBOSH_ELASTIC_IP=<first_elastic_ip>
export SUBNET_ID=<default_vpc_subnet_id>
export ACCESS_KEY_ID=<access_key_id>
export SECRET_ACCESS_KEY=<secret_access_key>

Now lets replace the placehorders in micro_bosh.yml

  eval REP=\$$VAR
  perl -pi -e "s/$VAR/$REP/g" microbosh/firstbosh/micro_bosh.yml

Download stemcell
We will be using the light-stemcell which references a public AMI. This way we don't have to up/download the whole stemcell.

mkdir .stemcells
curl \
-o .stemcells/bosh-stemcell-2669-aws-xen-ubuntu-lucid-go_agent.tgz

After setting the deployment we will deploy our microbosh with the stemcell stemcell from the previous step.

cd microbosh
bosh micro deployment firstbosh
bosh micro deploy ../.stemcells/bosh-stemcell-2669-aws-xen-ubuntu-lucid-go_agent.tgz
cd ..

Target director
When the deployment has finished it's time to target the bosh director and login as the default user.

bosh login admin admin

Deploy Cloud Foundry

Create deployment file
Just as with the microbosh deployment file we need to fill in some information in our Cloud Foundry deployment file.

export CF_ELASTIC_IP=<second_elastic_ip>
export SUBNET_ID=<default_vpc_subnet_id>
export DIRECTOR_UUID=$(bosh status | grep UUID | awk '{print $2}')

Now lets replace the placehorders in cf-aws-vpc.yml

  eval REP=\$$VAR
  perl -pi -e "s/$VAR/$REP/g" deployments/cf-aws-vpc.yml

Upload dependencies
Our Cloud Foundry deployment depends on the cf-release and on the bosh-stemcell, before we can deploy we will need to make sure those dependencies have been resolved. Luckily the bosh-workspace has build in support for resolving those depedencies.

bosh deployment cf-aws-vpc
bosh prepare deployment

Alternatively when not using an inception server, you can use a remote release:
bosh upload release

With the dependencies resolved it's time to deploy Cloud Foundry version 175. The following changes have been made to the standard amazon templates:

With the above changes 20 vms of different sizes will be deployed.

bosh deploy

Upgrade Cloud Foundry

We have just deployed Cloud Foundry version 175. Now it's time to upgrade this deployment to version 176.

Update deployment file
First the version reference needs to be changed.

perl -pi -e "s/175/176/g" deployments/cf-aws-vpc.yml

Upload dependencies
We will need to upload release 176.

bosh prepare deployment


bosh deploy

The above step will fail because of a spiff merge error. The cf-properties template requires properties.uaa.clients.notifications.secret since version 176.

To solve this merge issue make the following changes to cf-secrets.yml:

      notifications: (( merge || meta.secret ))
        secret: (( meta.secrets.uaa_secrets.notifications ))

Now we can deploy again.

bosh deploy
Find more great articles with similar tags bosh author-rkoster