https://docs.pivotal.io/pivotalcf/1-11/opsguide/installing-pcf-is.html
In this demo I will show how you can configure your ORGS/spaces to use an isolation segment and then finally show that it is indeed using the isolated Diego Cells assigned to the segment tile at install time.
1. Determine the isolation segment name as per the Ops Manager title
2. Ensure you have CF CLI version as 6.26 or higher as shown below
pasapicella@pas-macbook:~$ cf --version
cf version 6.28.0+9e024bdbd.2017-06-27
3. First, you need to register an Isolation Segment with the cloud controller.
Note: you will need a prividledged user such as admin to perform this task
$ pasapicella@pas-macbook:~$ cf create-isolation-segment segment1
Creating isolation segment segment1 as admin...
OK
4. After registering the Isolation Segment, you can associate it with an Org
pasapicella@pas-macbook:~$ cf enable-org-isolation pas-org segment1
Enabling isolation segment segment1 for org pas-org as admin...
OK
5. List isolation segments against targeted ORGS as follows
pasapicella@pas-macbook:~$ cf isolation-segments
Getting isolation segments as admin...
OK
name orgs
shared
segment1 pas-org
6. After associating an Isolation Segments with an Org, you then set it on a Space
- First target the ORG you wish to use
pasapicella@pas-macbook:~$ cf target -o pas-org
api endpoint: https://api.yyyy.pcfdemo.yyy
api version: 2.82.0
user: admin
org: pas-org
No space targeted, use 'cf target -s SPACE'
- Now set the isolation segment on your desired space
pasapicella@pas-macbook:~$ cf set-space-isolation-segment isolation-segment-space segment1
Updating isolation segment of space isolation-segment-space in org pas-org as admin...
OK
In order to move running applications to this isolation segment, they must be restarted.
7. Log in as a user of the ORG/SPACE now rather then ad admin user. We will be using a
non privileged user now to push our app who has access to the ORG/Space we targeted
above. Below just shows we have switched to a different user here.
pasapicella@pas-macbook:~$ cf target
api endpoint: https://api.yyyy.pcfdemo.yyy
api version: 2.82.0
user: pas
org: pas-org
space: isolation-segment-space
8. Push an application to the space "isolation-segment-space"
pasapicella@pas-macbook:~/piv-projects/PivotalSpringBootJPA$ cf push -f manifest-inmemory-db.yml
Using manifest file manifest-inmemory-db.yml
Creating app pas-albums in org pas-org / space isolation-segment-space as pas...
OK
....
0 of 1 instances running, 1 starting
0 of 1 instances running, 1 starting
1 of 1 instances running
App started
OK
...
state since cpu memory disk details
#0 running 2017-07-24 02:33:38 PM 225.3% 330.1M of 512M 162.8M of 1G
9. Identify IP address of diego CELL the app is running in
pasapicella@pas-macbook:~/piv-projects/PivotalSpringBootJPA$ cf curl /v2/apps/$(cf app pas-albums --guid)/stats | jq '.[].stats.host'
"10.10.10.71"
With this information you can verify the IP address of the Diego Cells you have for the Isolation Segment as follows using Pivotal Ops Manager Tile tabs. From the images below it's clear 10.10.10.71 is a diego cell IP address of our isolation segment.
More Information
No comments:
Post a Comment