index.html

<!DOCTYPE html>
<html>

<head>
  <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>

  <script type="text/javascript" src="fullpage_js/vendors/jquery.slimscroll.min.js"></script>
  <script type="text/javascript" src="fullpage_js/jquery.fullPage.min.js"></script>
  <link rel="stylesheet" type="text/css" href="fullpage_js/jquery.fullPage.css" />
  
  <link rel="stylesheet" type="text/css" href="css/style.css" />

  <script type="text/javascript">
    $(document).ready(function() {
        $('#fullpage').fullpage({
          navigation: true,
          navigationPosition: 'right',
          scrollOverflow: true,
          css3: false,
          anchors: ["introduction", "prepare", "create_google_cloud_project", "create_google_cloud_network_and_security", "create_google_cloud_nat_instance", "create_bosh_jumpbox", "create_bosh_director", "log_in", "deploy", "create_release", "upload_stemcell", "update_cloud_config", "run_deploy", "modify", "modify_release", "scale", "change_properties", "when_something_goes_wrong", "failing_service", "failing_vm", "failing_deploy", "done"],
          navigationTooltips: ["Introduction", "Prepare", "Create Google Cloud Project", "Create Google Cloud Network & Security", "Create Google Cloud NAT Instance", "Create BOSH Jumpbox", "Create BOSH Director", "Log in", "Deploy", "Create release", "Upload stemcell", "Update cloud config", "Run deploy", "Modify deployment", "Modify release", "Scale", "Change properties", "When something goes wrong", "Failing service", "Failing VM", "Failing deploy", "Done!"],
        });
    });
  </script>
  <title>A Guide to Using BOSH on GCP</title>
</head>

<body>
  <div id="fullpage">
    
    <div class="section intro"><div class="center-column"><h2>A Guide to Using</h2>
<h1>BOSH on GCP</h1>

<p>This tutorial aims to give a <i>relatively</i> simple introduction to using BOSH on Google Cloud Platform (GCP).</p>

<p>It is <b>heavily</b> based on the excellent <a href="http://mariash.github.io/learn-bosh/">A Guide to Using BOSH</a> tutorial, written by <a href="https://github.com/mariash">Maria Shaldibina</a>.</p>

<p>Prerequisites:
<ul>
  <li>A GCP account (at the time of writing a <a href="https://cloud.google.com/free/">Free Tier</a> is available). However, EU residents are not currently able to use the Free Tier as individuals. This is discussed in <a href="https://cloud.google.com/free/docs/frequently-asked-questions">Google's Cloud Platform Free Tier FAQ</a> and on <a href="https://www.quora.com/Is-there-any-way-to-use-Google-Cloud-Platform-as-individual-in-Europe">Quora</a>.</li>
  <li>A local installation of <a href="https://cloud.google.com/sdk/">Google Cloud SDK</a> on your environment PATH. Version 183.0.0 is known to work with the instructions in the guide.</li>
  <li>A local installation of <a href="https://bosh.io/docs/cli-v2.html">BOSH CLI v2</a> on your environment PATH. Version 2.0.45 is known to work with the instructions in this guide.</li>
  <li>An environment on which to run BASH scripts.</li>
</ul>
</p>

<p>Learn more: 
<ul>
  <li><a href="https://cloud.google.com/getting-started/">cloud.google.com: Getting Started with Google Cloud Platform</a></li>
  <li><a href="http://bosh.io/docs/about.html">bosh.io: What is BOSH?</a></li>
  <li><a href="http://bosh.io/docs/problems.html">bosh.io: What Problems Does BOSH Solve?</a></li>
</ul>
</p>

<button onClick="$.fn.fullpage.moveSectionDown();" id="start-button">Start</button>
</div></div>
    
    <div class="section prepare"><div class="center-column"><h1>Prepare</h1>

<p>We are going to create a BOSH Environment. First we will create the necessary infrastructure in GCP within a dedicated GCP Project, then create a BOSH Jumpbox using BOSH. We will then create a BOSH Director tunnelling connections through the BOSH Jumpbox executed from your host machine. Once the BOSH Director is running we will use the BOSH CLI to send commands through the BOSH Jumpbox to the BOSH Director.</p>

<p>Learn more:
<ul>
  <li><a href="http://bosh.io/docs/bosh-components.html">bosh.io: Components</a></li>
</ul>
</p>

<button onClick="$.fn.fullpage.moveSectionDown();" id="next-button">Next</button>
</div></div>
    
    <div class="section prepare"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>1</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Create Google Cloud Project</h2>
  </div>
</div> 

<p>Initialize a gcloud session:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ gcloud init</h4>
</div>

<p>Create a GCP Project (the project name must be unique) and assign it to your Billing Account (you may be prompted to install the "alpha" component):</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ gcloud projects create &lt;YOUR_GCP_PROJECT_NAME&gt; \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;--name=&lt;YOUR_GCP_PROJECT_NAME&gt; --set-as-default</h4>
  <h4 class="terminal-code-text">$ gcloud alpha billing projects link &lt;YOUR_GCP_PROJECT_NAME&gt; \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;--billing-account=&lt;YOUR_BILLING_ACCOUNT&gt;</h4>
</div>

<p>NOTE: Your Billing Account can be discovered by using:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ gcloud alpha billing accounts list --format json</h4>
</div>

<p>Enable the compute.googleapis.com, iam.googleapis.com, cloudresourcemanager.googleapis.com and dns.googleapis.com Google Cloud APIs:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ gcloud --project &lt;YOUR_GCP_PROJECT_NAME&gt; \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;services enable compute.googleapis.com</h4>
  <h4 class="terminal-code-text">$ gcloud --project &lt;YOUR_GCP_PROJECT_NAME&gt; \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;services enable iam.googleapis.com</h4>
  <h4 class="terminal-code-text">$ gcloud --project &lt;YOUR_GCP_PROJECT_NAME&gt; \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;services enable cloudresourcemanager.googleapis.com</h4>
  <h4 class="terminal-code-text">$ gcloud --project &lt;YOUR_GCP_PROJECT_NAME&gt; \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;services enable dns.googleapis.com</h4>
</div>

<p>Create a Service Account, e.g. <i>my-service-account</i>, generate keys for that Service Account and make it a Project Owner:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ gcloud iam --project &lt;YOUR_GCP_PROJECT_NAME&gt; \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;service-accounts create my-service-account \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;--display-name=my-service-account</h4>
  <h4 class="terminal-code-text">$ gcloud iam --project &lt;YOUR_GCP_PROJECT_NAME&gt; \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;service-accounts keys create \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;--iam-account=my-service-account@&lt;YOUR_GCP_PROJECT_NAME&gt;.iam.gserviceaccount.com \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;my-service-account.key.json</h4>
  <h4 class="terminal-code-text">$ gcloud projects add-iam-policy-binding &lt;YOUR_GCP_PROJECT_NAME&gt; \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;--member=serviceAccount:my-service-account@&lt;YOUR_GCP_PROJECT_NAME&gt;.iam.gserviceaccount.com \<br/>
    &nbsp;&nbsp;&nbsp;&nbsp;--role=roles/owner</h4>
</div>

<p>Learn more:
<ul>
  <li><a href="https://cloud.google.com/sdk/docs/">cloud.google.com: Cloud SDK</a></li>
</ul>
</p>
</div></div>
    
    <div class="section prepare"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>1</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Create Google Cloud Network & Security</h2>
  </div>
</div> 

<p>This creates a VPC Network and subnetwork within the europe-west2 region.</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ gcloud compute networks create bosh --subnet-mode custom</h4>
  <h4 class="terminal-code-text">$ gcloud compute networks subnets create bosh-europe-west2 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--region=europe-west2 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--range=10.0.0.0/24 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--network=bosh</h4>
</div>

<p>Create a firewall rule allowing ssh access to the jumpbox instance:</p>
<div class="terminal-block">
   <h4 class="terminal-code-text">$ gcloud compute firewall-rules create ssh-to-jumpbox \<br/> 
     &nbsp;&nbsp;&nbsp;&nbsp;--network bosh \<br/>
     &nbsp;&nbsp;&nbsp;&nbsp;--allow tcp:22 \<br/>
     &nbsp;&nbsp;&nbsp;&nbsp;--target-tags jumpbox</h4>
</div>

<p>Create a firewall rule allowing port 6868 to the jumpbox instance (this is used by the bosh client when creating the jumpbox instance):</p>
<div class="terminal-block">
   <h4 class="terminal-code-text">$ gcloud compute firewall-rules create mbus-to-jumpbox \<br/> 
     &nbsp;&nbsp;&nbsp;&nbsp;--network bosh \<br/>
     &nbsp;&nbsp;&nbsp;&nbsp;--allow tcp:6868 \<br/>
     &nbsp;&nbsp;&nbsp;&nbsp;--target-tags jumpbox</h4>
</div>

<p>Create a firewall rule allowing internal traffic (TCP & UDP) on all ports:</p>
<div class="terminal-block">
   <h4 class="terminal-code-text">$ gcloud compute firewall-rules create intra-subnet-subnet-open \<br/>
     &nbsp;&nbsp;&nbsp;&nbsp;--network bosh \<br/>
     &nbsp;&nbsp;&nbsp;&nbsp;--allow tcp:1-65535,udp:1-65535 \</br>
     &nbsp;&nbsp;&nbsp;&nbsp;--source-tags internal</h4>
</div>

<p>Learn more:
<ul>
  <li><a href="https://cloud.google.com/compute/docs/networks-and-firewalls">Google VPC Networks & Firewalls</a></li>
</ul>
</p>
</div></div>
    
    <div class="section prepare"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>1</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Create Google Cloud NAT Instance</h2>
  </div>
</div> 

<p>Create a NAT instance.</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ gcloud compute instances create nat-instance-primary \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--machine-type n1-standard-1 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--zone europe-west2-a \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--tags "nat,internal" \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--image ubuntu-1604-xenial-v20180109 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--image-project ubuntu-os-cloud \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--subnet bosh-europe-west2 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--can-ip-forward \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--tags nat \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--metadata startup-script='#!/bin/bash \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward" \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;iptables -t nat -A POSTROUTING -o ens4 -j MASQUERADE'</h4>
</div>

<p>Create a route through the NAT instance using the 'no-ip' network tag. Instances tagged with 'no-ip' will route traffic through the nat-instance-primary instance.</p>
<div class="terminal-block">
   <h4 class="terminal-code-text">$ gcloud compute routes create nat-primary \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--next-hop-instance nat-instance-primary \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--network bosh \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--tags no-ip \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--priority 800 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--next-hop-instance-zone europe-west2-a \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--destination-range 0.0.0.0/0</h4>
</div>

<p>Learn more:
<ul>
  <li><a href="https://cloud.google.com/vpc/docs/special-configurations#natgateway">Google Compute NAT Instances</a></li>
</ul>
</p>
</div></div>
    
    <div class="section prepare"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>1</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Create BOSH Jumpbox</h2>
  </div>
</div> 

<p>Create an External IP address for the BOSH Jumpbox.</p>
<div class="terminal-block">
   <h4 class="terminal-code-text">$ gcloud compute addresses create jumpbox-ip \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--region europe-west2</h4>
   <h4 class="terminal-code-text">$ gcloud compute addresses list</h4>
</div>

<p>Clone the BOSH jumpbox deployment</p>
<div class="terminal-block">
   <h4 class="terminal-code-text">$ git clone https://github.com/cppforlife/jumpbox-deployment</h4>
</div>

<p>BOSH deploy your jumpbox:</p>
<div class="terminal-block">
   <h4 class="terminal-code-text">$ bosh create-env ./jumpbox-deployment/jumpbox.yml \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--state ./jumpbox-state.json \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--vars-store ./jumpbox-creds.yml \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-o ./jumpbox-deployment/gcp/cpi.yml \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v zone=europe-west2-a \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v network=bosh \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v subnetwork=bosh-europe-west2 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v internal_cidr=10.0.0.0/24 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v internal_gw=10.0.0.1 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v internal_ip=10.0.0.3 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v external_ip=&lt;JUMPBOX_EXTERNAL_IP&gt; \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v tags=[jumpbox,internal] \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v project_id=&lt;PROJECT_ID&gt; \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--var-file gcp_credentials_json=my-service-account.key.json</h4>
</div>

<p>Extract the private key of the jumpbox instance from the credentials file created by BOSH:</p>
<div class="terminal-block">
    <h4 class="terminal-code-text">$ bosh int ./jumpbox-creds.yml --path /jumpbox_ssh/private_key > jumpbox.key \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;&& chmod 600 jumpbox.key</h4>
</div>

<p>Open a socks5 tunnel and export the tunnel configuration for BOSH CLI to use:</p>
<div class="terminal-block">
    <h4 class="terminal-code-text">$ ssh -4 -D 5000 -fNC jumpbox@&lt;JUMPBOX_EXTERNAL_IP&gt; -i jumpbox.key</h4>
</div>

<p>Export BOSH_ALL_PROXY to ensure bosh commands go via the BOSH Jumpbox</p>
<div class="terminal-block">
    <h4 class="terminal-code-text">$ export BOSH_ALL_PROXY=socks5://localhost:5000</h4>
</div>

<p>Learn more:
<ul>
  <li><a href="https://bosh.io/docs/cli-tunnel.html">BOSH CLI Tunneling</a></li>
  <li><a href="https://github.com/cppforlife/jumpbox-deployment">BOSH Jumpbox Deployment</a></li>
</ul>
</p>
</div></div>
    
    <div class="section prepare"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>3</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Create BOSH Director</h2>
  </div>
</div> 

<p>To create the BOSH Director, execute the following commands:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ git clone https://github.com/cloudfoundry/bosh-deployment</h4>
</div>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh int bosh-deployment/bosh.yml \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--vars-store=./director-creds.yml \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-o ./bosh-deployment/gcp/cpi.yml \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v director_name=gcpbosh \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v internal_cidr=10.0.0.0/24 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v internal_gw=10.0.0.1 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v internal_ip=10.0.0.6 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--var-file gcp_credentials_json=./my-service-account.key.json \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v project_id=&lt;PROJECT_ID&gt; \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v zone=europe-west2-a \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v tags=[internal,no-ip] \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v network=bosh \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v subnetwork=bosh-europe-west2</h4>

  <h4 class="terminal-code-text">$ bosh create-env bosh-deployment/bosh.yml \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--state=./director-state.json \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--vars-store=./director-creds.yml \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-o ./bosh-deployment/gcp/cpi.yml \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v director_name=gcpbosh \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v internal_cidr=10.0.0.0/24 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v internal_gw=10.0.0.1 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v internal_ip=10.0.0.6 \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;--var-file gcp_credentials_json=./my-service-account.key.json \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v project_id=&lt;PROJECT_ID&gt; \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v zone=europe-west2-a \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v tags=[internal,no-ip] \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v network=bosh \<br/>
      &nbsp;&nbsp;&nbsp;&nbsp;-v subnetwork=bosh-europe-west2</h4>
</div>

<p>Learn more:
<ul>
  <li><a href="https://bosh.io/docs/cli-v2.html#create-env">bosh.io: bosh create-env</a></li>
</ul>
</p>
</div></div>
    
    <div class="section prepare"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>4</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Log in</h2>
  </div>
</div> 

<p>Create the BOSH_ENVIRONMENT, BOSH_CLIENT and BOSH_CLIENT_SECRET environment variables, which make it easier to interact with:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh alias-env bosh-director -e 10.0.0.6 --ca-cert <(bosh int ./director-creds.yml --path /director_ssl/ca)</h4>
  <h4 class="terminal-code-text">$ export BOSH_ENVIRONMENT=bosh-director</h4>
  <h4 class="terminal-code-text">$ export BOSH_CLIENT=admin</h4>
  <h4 class="terminal-code-text">$ export BOSH_CLIENT_SECRET=$(bosh int ./director-creds.yml --path /admin_password)</h4>
</div>

<p>Running bosh env should return details of the BOSH Director, similar to:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh env</h4>
  <h4 class="terminal-printout-text">Using environment '10.0.0.6' as client 'admin'

Name      gcpbosh
UUID      a5c4d96f-6812-4310-a2e6-a890f8d1aaf2
Version   262.3.0 (00000000)
CPI       google_cpi
Features  compiled_package_cache: disabled
          config_server: disabled
          dns: disabled
          snapshots: disabled
User      admin

Succeeded</h4>
</div>

<p>We are now ready to deploy!</p>
</div></div>
    
    <div class="section deploy"><div class="center-column"><h1>Deploy</h1>

<p>Before we proceed we need to understand what BOSH needs to deploy software.</p>

<h3>What to deploy</h3>
<p>Software that is deployed with BOSH needs to be packaged in a special format called a <b>release</b>. For each service that will be deployed, a release needs to contain source files, configuration files, installation scripts, etc. For example, a redis release would contain the source code for redis, redis configuration defaults and redis init scripts.</p>

<h3>How to deploy</h3>
<p>Each BOSH deployment needs to provide a specially structured configuration file - <b>deployment manifest</b>. This file defines what resources are going to be deployed, what services are going to be running on each of resources and properties that will be passed to services configuration files. For example, for a redis deployment manifest, there are entries for how many and what size redis VMs there should be and how redis should be configured.</p>

<p>Learn more:
<ul>
  <li><a href="http://bosh.io/docs/release.html">bosh.io: Release</a></li>
  <li><a href="http://bosh.io/docs/deployment.html">bosh.io: Deployment</a></li>
</ul>
</p>

<button onClick="$.fn.fullpage.moveSectionDown();" id="next-button">Next</button>
</div></div>
    
    <div class="section deploy"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>1</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Create BOSH release</h2>
  </div>
</div> 

<p>We are going to use a simple BOSH release that deploys an http server.</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ git clone https://github.com/finkit/learn-bosh-on-gcp-release</h4>
  <h4 class="terminal-code-text">$ cd learn-bosh-on-gcp-release</h4>
  <h4 class="terminal-code-text">$ bosh create-release</h4>
</div>

<p>Upload generated release to BOSH Director:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh upload-release</h4>
</div>

<p>Check uploaded releases:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh releases</h4>
  <h4 class="terminal-printout-text">Using environment '10.0.0.6' as client 'admin'

Name               Version  Commit Hash
learn-bosh-on-gcp  0+dev.1  [your commit hash]

1 releases</h4>
</div>

<p>Learn more:
<ul>
  <li><a href="http://bosh.io/docs/create-release.html">bosh.io: Creating a Release</a></li>
</ul>
</p>
</div></div>
    
    <div class="section deploy"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>2</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Upload stemcell</h2>
  </div>
</div> 

<p>A Stemcell is an operating system image that BOSH uses to create VMs. Official BOSH stemcells are maintained with security updates at <a href="https://bosh.io">bosh.io</a>.</p>

<p>Upload stemcell to BOSH Director:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh upload-stemcell https://s3.amazonaws.com/bosh-core-stemcells/google/bosh-stemcell-3431.10-google-kvm-ubuntu-trusty-go_agent.tgz</h4>
</div>

<p>The attempt to upload the stemcell may fail due to the Cloud Storage JSON API not being enabled for your project. In this case, the response from the upload-stemcell command should include a link to the Google Developer Console, which can be used to enable this API. Alternatively, run the command <code>"gcloud service-management enable storage-api.googleapis.com"</code>.</p>

<p>Check uploaded stemcells:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh stemcells</h4>
  <h4 class="terminal-printout-text">Using environment '10.0.0.6' as client 'admin'

Name                                         Version
bosh-warden-google-kvm-ubuntu-trusty-go_agent  [your stemcell version]

1 stemcells</h4>
</div>

<p>Learn more:
<ul>
  <li><a href="http://bosh.io/docs/stemcell.html">bosh.io: What is a Stemcell?</a></li>
  <li><a href="http://bosh.io/stemcells">bosh.io: Full list of available stemcells</a></li>
</ul>
</p>
</div></div>
    
    <div class="section deploy"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>3</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Update cloud config</h2>
  </div>
</div> 

<p>The newly created BOSH Director will not have any cloud config defined:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh cloud-config</h4>
  <h4 class="terminal-printout-text">Using environment '10.0.0.6' as client 'admin'

No cloud config

Exit code 1</h4>
</div>

<p>Update cloud config on BOSH Director:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh update-cloud-config cloud-config.yml</h4>
</div>

<p>Check cloud config:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh cloud-config</h4>
  <h4 class="terminal-printout-text">Using environment '10.0.0.6' as client 'admin'

azs:
...

Succeeded</h4>
</div>

<p>Learn more:
<ul>
  <li><a href="http://bosh.io/docs/cloud-config.html">bosh.io: Cloud Config</a></li>
</ul>
</p>
</div></div>
    
    <div class="section deploy"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>4</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>And deploy</h2>
  </div>
</div> 

<p>Run deploy by providing path to deployment manifest. Deployment manifest specifies what services to deploy, their properties and resources configuration.</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh -d learn-bosh-on-gcp deploy manifest.yml</h4>
</div>

<p>See the list of deployed instances as it was specified in manifest:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh instances</h4>
  <h4 class="terminal-printout-text">Using environment '10.0.0.6' as client 'admin'
...
Deployment 'learn-bosh-on-gcp'

Instance                Process State  AZ  IPs
learn-bosh-on-gcp/guid  running        z1  10.0.0.10

1 instances

Succeeded</h4>
</div>

<p>See that our service is up and running.</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ curl http://10.0.0.10:8080 --proxy socks5://127.0.0.1:5000</h4>
  <h4 class="terminal-printout-text">Hello, Anonymous from &lt;uuid&gt;</h4>
</div>

<p>Learn more:
<ul>
  <li><a href="http://bosh.io/docs/deployment-manifest.html">bosh.io: Deployment Manifest Schema</a></li>
  <li><a href="http://bosh.io/docs/deploying-step-by-step.html">bosh.io: Deploying Step-by-step</a></li>
</ul>
</p>
</div></div>
    
    <div class="section modify"><div class="center-column"><h1>Modify Deployment</h1>

<p>Now we will update our deployment with new version of software. We will modify some properties. And we are going to scale our deployment.</p>

<button onClick="$.fn.fullpage.moveSectionDown();" id="next-button">Next</button>
</div></div>
    
    <div class="section modify"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>1</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Modify release</h2>
  </div>
</div> 

<p>BOSH makes it easy to modify and deploy new versions of software. Let's modify our release source files.</p>

<p>In release folder open src/simple_server/app.rb and change the name to yours.</p>

<p>Create new version of release (force option is used to ignore warning about local changes), upload new version of release to the BOSH Director and deploy:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh create-release --force</h4>
  <h4 class="terminal-code-text">$ bosh upload-release</h4>
  <h4 class="terminal-code-text">$ bosh -d learn-bosh-on-gcp deploy manifest.yml</h4>
</div>

<p>See that the updated version was deployed:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ curl http://10.0.0.10:8080 --proxy socks5://127.0.0.1:5000</h4>
  <h4 class="terminal-printout-text">Hello, [your name] from &lt;uuid&gt;</h4>
</div>
</div></div>
    
    <div class="section modify"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>2</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Scale deployment</h2>
  </div>
</div> 

<p>With BOSH it is easy to scale deployments. All you need to do is modify number of instances in manifest file.</p>

<p>Open manifest.yml and change number of instances under instance_groups from 1 to 2. Add another IP to list of static_ips: 10.0.0.11</ma>.</p>

<p>Run deploy:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh -d learn-bosh-on-gcp deploy manifest.yml</h4>
</div>

<p>Check that 2 instances were deployed:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh instances</h4>
  <h4 class="terminal-printout-text">Using environment '10.0.0.6' as client 'admin'

Deployment 'learn-bosh-on-gcp'

Instance                  Process  State  AZ  IPs
learn-bosh-on-gcp/guid-1  running         z1  10.0.0.10
learn-bosh-on-gcp/guid-2  running         z1  10.0.0.11

2 instances

Succeeded</h4>
</div>

<p>See that we have 2 instances of our service running:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ curl http://10.0.0.10:8080 --proxy socks5://127.0.0.1:5000</h4>
  <h4 class="terminal-printout-text">Hello, [your name] from &lt;uuid-1&gt;</h4>
  <h4 class="terminal-code-text">$ curl http://10.0.0.11:8080 --proxy socks5://127.0.0.1:5000</h4>
  <h4 class="terminal-printout-text">Hello, [your name] from &lt;uuid-2&gt;</h4>
</div>
</div></div>
    
    <div class="section modify"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>3</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Change properties</h2>
  </div>
</div> 

<p>Every release can specify a set of properties that need to be set in deployment manifest and provided to service. For example, that can be database credentials, address of another service, etc.</p>

<p>Our release allows to change property port on which server is listening. You can see the list of properties that can be modified in learn-bosh-release/jobs/app/spec. Let's open manifest.yml and under the section properties set the value of port to 8888 - not forgetting to remove the curly brackets after properties (representing the formerly empty set):</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">...
  jobs:
    - name: app
      release: learn-bosh-on-gcp
      properties:
        port: 8888
...</h4>
</div>

<p>Now we can just re-deploy our manifest changes. Note, we don't need to build new release version, configuration files will be regenerated with new properties:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh -d learn-bosh-on-gcp deploy manifest.yml</h4>
</div>

<p>Let's see that our property was changed:</p>
<div class="terminal-block">
  <h4 class="terminal-code-text">$ curl http://10.0.0.10:8888 --proxy socks5://127.0.0.1:5000</h4>
  <h4 class="terminal-printout-text">Hello, [your name] from &lt;uuid-1&gt;</h4>
  <h4 class="terminal-code-text">$ curl http://10.0.0.11:8888 --proxy socks5://127.0.0.1:5000</h4>
  <h4 class="terminal-printout-text">Hello, [your name] from &lt;uuid-1&gt;</h4>
</div>
</div></div>
    
    <div class="section recover"><div class="center-column"><h1>When something goes wrong</h1>

<p>BOSH provides a set of recovery mechanisms. Let's break our deployment and find ways to fix it.</p>

<button onClick="$.fn.fullpage.moveSectionDown();" id="next-button">Next</button>
</div></div>
    
    <div class="section recover"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>1</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Failing service</h2>
  </div>
</div> 

<p>BOSH is using <a href="https://mmonit.com/monit/">monit</a> to monitor running services. If the service goes down it will bring it up. Let's watch how this works. SSH to one of instances:</p>

<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh -d learn-bosh-on-gcp ssh learn-bosh-on-gcp/0</h4>
  <h4 class="terminal-code-text">$ sudo -i</h4>
  <h4 class="terminal-code-text"># watch monit summary</h4>
  <h4 class="terminal-printout-text">The Monit daemon 5.2.5 uptime: 2m

Process 'app'                       running
System 'system_localhost'           running
</h4>
</div>

<p>In a separate window (on host) let's kill our runnning server:</p>

<div class="terminal-block">
  <h4 class="terminal-code-text">$ curl http://10.0.0.10:8888/kill --proxy socks5://127.0.0.1:5000</h4>
</div>

<p>Back in the instance window notice that monit will report process as 'Does not exist' and after some period service will be brought back up by monit again.</p>

<p>Learn more:
<ul>
<li><a href="http://bosh.io/docs/vm-monit.html">bosh.io: Process monitoring with Monit</a></li>
</p>
</div></div>
    
    <div class="section recover"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>2</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Failing VM</h2>
  </div>
</div> 

<p>What if there is a problem with instance that is running our service? BOSH offers manual and automatic recovery when there are problems with infrastructure resources like VMs or disks. In this exercise we are going to kill one of our instances and use manual recovery option.</p>

<p>Lets destroy one of our instances.</p>
<p>Delete the second instance - the name of this VM instance can be found under the NAME column from the output of the first command below.</p>

<div class="terminal-block">
  <h4 class="terminal-code-text">$ gcloud compute instances list</h4>
  <h4 class="terminal-code-text">$ gcloud compute instances delete NAME_OF_SECOND_VM_INSTANCE</h4>
</div>

<p>Let's see that one of the instances is in a bad state:</p>

<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh instances</h4>
  <h4 class="terminal-printout-text">...
Instance    Process State       IPs
app/guid-1  running             10.0.0.10
app/guid-2  unresponsive agent  10.0.0.11
...</h4>
</div>

<p>One of the components in BOSH is the Health Monitor. It independently watches system health and will bring missing instances back up by instructing infrastructure to recreate missing resources like VMs with the required persistent disk. Keep running <b>bosh instances</b> and see that instance is brought up and service is running eventually.</p>

<p>Now let's turn off automatic repair and manually resolve the issue.</p>

<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh update-resurrection off</h4>
</div>

<p>Kill one of the containers again as described above. Run cloud check and select option "Recreate VM and wait for processes to start".</p>

<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh -d learn-bosh-on-gcp cloud-check</h4>
</div>

<p>Cloud check command allows to manually resolve issues when resources (VMs and persistent disks) are in a bad state. Run <b>bosh instances</b> to see all instances running again.</p>

<p>Now let's re-enable automatic repair for completeness.</p>

<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh update-resurrection on</h4>
</div>

<p>Learn more:
<ul>
<li><a href="http://bosh.io/docs/resurrector.html">bosh.io: Automatic repair with Resurrector</a></li>
<li><a href="http://bosh.io/docs/cck.html">bosh.io: Manual repair with Cloud Check</a></li>
<li><a href="http://bosh.io/docs/vm-config.html">bosh.io: Configuration and file locations of BOSH VMs</a></li>
</p>
</div></div>
    
    <div class="section recover"><div class="center-column"><div class="view-heading">
  <div class="circle-container">
    <div class="circle-number">
      <h2>3</h2>
    </div>
  </div>
  <div class="view-heading-text-container">
    <h2>Debugging failing deploy</h2>
  </div>
</div> 

<p>When deploy command fails there are could be a number of reasons:</p>
<ul>
<li>Invalid network configuration in deployment manifest (e.g. IP address is in use or out of subnet range)</li>
<li>Infrastructure provider failed to create VM or disk (e.g. quota exceeded, instance type is not available)</li>
<li>Properties required by release were not provided in manifest</li>

<p>Let's add another job to our manifest and call it <b>router</b>. It will balance requests between the app servers in a round-robin fashion. Since the uploaded release already contains the router job, we don't need to update the release.</p>

<p>To do this, we'll create a new instance group and give it the <b>router</b> job. Add the following text to the bottom of <b>manifest.yml</b>:</p>

<div class="terminal-block">
  <h4 class="terminal-printout-text">- name: router
  azs:
  - z1
  templates:
  - name: router
  instances: 1
  vm_type: g1-small
  stemcell: default
  networks:
  - name: default
    static_ips: [10.0.0.12]</h4>
</div>

<p>Re-deploy with the new job.</p>

<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh -d learn-bosh-on-gcp deploy manifest.yml</h4>
  <h4 class="terminal-printout-warning">...Failed: `router/0 (...)' is not running after update.
  </h4>
</div>

<p>Oh-oh, looks like the deployment failed. Let's get our service logs, untar them and check stderr log.</p>

<div class="terminal-block">
  <h4 class="terminal-code-text">$ bosh -d learn-bosh-on-gcp logs router/0</h4>
</div>

<p>We should find this error: "At least one server must be provided". The router fails to route because there are no servers specified.</p>

<p>Let's add a property to the router job to specify our servers pointing to their static IPs and ports.</p>

<div class="terminal-block">
  <h4 class="terminal-printout-text">- name: router
  azs:
  - z1
  templates:
  - name: router
  instances: 1
  vm_type: g1-small
  stemcell: default
  networks:
  - name: default
    static_ips: [10.0.0.12]
  properties:
    servers: ["http://10.0.0.10:8888", "http://10.0.0.11:8888"]</h4>
</div>

<p>Re-deploy and see that it now succeeds.</p>

<p>Now running <b>curl -L http://10.0.0.12:8080 --proxy socks5://127.0.0.1:5000</b> should give us responses from different servers.</p>
</div></div>
    
    <div class="section last"><div class="center-column"><h1>Done!</h1>

<p>In this tutorial we created the necessary infrastructure in Google Cloud Platform and used the BOSH CLI to create the BOSH Jumpbox in order to create a BOSH Director. We deployed a release, updated our deployment with source changes, scaled the number of services and changed their properties on that BOSH Director. We also recovered a failing service, failing VM and failing deploy.</p>

<p>The BOSH Director can work with any CPI (Cloud Provider Interface) that implements a certain API to manage IaaS resources. There are several supported CPIs for different IaaS providers: AWS, GCP, Openstack, vSphere, vCloud and VirtualBox (a.k.a. BOSH Lite). You can read more about CPIs here: <a href="http://bosh.io/docs/cpi-api-v1.html">http://bosh.io/docs/cpi-api-v1.html</a>.</p>

<p><b>To avoid consuming credits from your GCP account, don't forget to tear down all the instances in your project.</b></p>

<p>Learn more:
<ul>
  <li><a href="https://bosh.io/docs">bosh.io: Docs</a></li>
</ul>
</p>
</div></div>
    
  </div>
</body>
</html>