I previously blogged about "Installing Spinnaker on Pivotal Container Service (PKS) with NSX-T running on vSphere" and then how to invoke UI using a "kubectl port-forward".
http://theblasfrompas.blogspot.com/2019/02/installing-spinnaker-on-pivotal.html
http://theblasfrompas.blogspot.com/2019/02/exposing-spinnaker-ui-endpoint-from.html
Steps
1. Exec into hal pod using a command as follows:
$ kubectl exec --namespace default -it myspinnaker-spinnaker-halyard-0 bash
Note: You can get the POD name as follows
papicella@papicella:~$ kubectl get pods | grep halyard
myspinnaker-spinnaker-halyard-0 1/1 Running 0 6d
2. Create a file settings-local.js in the directory ~/.hal/default/profiles/
window.spinnakerSettings.providers.cloudfoundry = {
defaults: {account: 'my-cloudfoundry-account'}
};
3. Create a file clouddriver-local.yml with contents as follows. You can add multiple accounts but in this example I am just adding one
cloudfoundry:
enabled: true
accounts:
- name: PWS
user: papicella-pas@pivotal.io
password: yyyyyyy
api: api.run.pivotal.io
4. If you are working with an existing installation of Spinnaker, apply your changes:
spinnaker@myspinnaker-spinnaker-halyard-0:~/.hal/default/profiles$ hal deploy apply
+ Get current deployment
Success
+ Prep deployment
Success
Problems in halconfig:
- WARNING There is a newer version of Halyard available (1.15.0),
please update when possible
? Run 'sudo apt-get update && sudo apt-get install
spinnaker-halyard -y' to upgrade
+ Preparation complete... deploying Spinnaker
+ Get current deployment
Success
+ Apply deployment
Success
+ Run `hal deploy connect` to connect to Spinnaker.
5. Once this is done in the UI you will see any applications in your Organisations appear in this example it's a single application called "Spring" as shown below
6. In the example below when "Creating an Application" we can select the ORGS/Spaces we wish to use as shown below
More Information
Cloud Foundry Integration
https://www.spinnaker.io/setup/install/providers/cf/
Cloud Foundry Resource Mapping
https://www.spinnaker.io/reference/providers/cf/
Search This Blog
Thursday, 14 February 2019
Thursday, 7 February 2019
Spring Cloud GCP and authentication from your Spring Boot Application
When using Spring Cloud GCP you will need to authenticate at some point in order to use the GCP services. In this example below using a GCP Cloud SQL instance you really only need to do 3 things to access it externally from your Spring Boot application as follows.
1. Enable the Google Cloud SQL API which is detailed here
https://cloud.google.com/sql/docs/mysql/admin-api/
2. Ensure that your GCP SDK can login to your Google Cloud SQL. This command will take you to a web page asking which google account you want to use
$ gcloud auth application-default login
3. Finally some application properties in your Spring Boot application detailing the Google Cloud SQL instance name and database name as shown below.
spring.cloud.gcp.sql.instance-connection-name=fe-papicella:australia-southeast1:apples-db
spring.cloud.gcp.sql.database-name=employees
Now when you do that and your application starts up you will see a log message as follows below clearly warning you this this method of authentication can have implications at some point.
2019-02-07 09:10:26.700 WARN 2477 --- [ main] c.g.a.oauth2.DefaultCredentialsProvider : Your application has authenticated using end user credentials from Google Cloud SDK. We recommend that most server applications use service accounts instead. If your application continues to use end user credentials from Cloud SDK, you might receive a "quota exceeded" or "API not enabled" error. For more information about service accounts, see https://cloud.google.com/docs/authentication/.
Clearly that's something we have to resolve. To do that we simply can add another Spring Boot application property pointing to a service account JSON file for us to authenticate against to remove the warning.
spring.cloud.gcp.credentials.location=file:/Users/papicella/piv-projects/GCP/fe-papicella-8077fe1126b2.json
Note: You can also use an ENV variable as follows
export GOOGLE_APPLICATION_CREDENTIALS="[PATH]"
You can get a JSON key generated from the GCP console "IAM and Admin -> Service Accounts" page
For more information on authentication visit this link https://cloud.google.com/docs/authentication/getting-started
1. Enable the Google Cloud SQL API which is detailed here
https://cloud.google.com/sql/docs/mysql/admin-api/
2. Ensure that your GCP SDK can login to your Google Cloud SQL. This command will take you to a web page asking which google account you want to use
$ gcloud auth application-default login
3. Finally some application properties in your Spring Boot application detailing the Google Cloud SQL instance name and database name as shown below.
spring.cloud.gcp.sql.instance-connection-name=fe-papicella:australia-southeast1:apples-db
spring.cloud.gcp.sql.database-name=employees
Now when you do that and your application starts up you will see a log message as follows below clearly warning you this this method of authentication can have implications at some point.
2019-02-07 09:10:26.700 WARN 2477 --- [ main] c.g.a.oauth2.DefaultCredentialsProvider : Your application has authenticated using end user credentials from Google Cloud SDK. We recommend that most server applications use service accounts instead. If your application continues to use end user credentials from Cloud SDK, you might receive a "quota exceeded" or "API not enabled" error. For more information about service accounts, see https://cloud.google.com/docs/authentication/.
Clearly that's something we have to resolve. To do that we simply can add another Spring Boot application property pointing to a service account JSON file for us to authenticate against to remove the warning.
spring.cloud.gcp.credentials.location=file:/Users/papicella/piv-projects/GCP/fe-papicella-8077fe1126b2.json
Note: You can also use an ENV variable as follows
export GOOGLE_APPLICATION_CREDENTIALS="[PATH]"
You can get a JSON key generated from the GCP console "IAM and Admin -> Service Accounts" page
For more information on authentication visit this link https://cloud.google.com/docs/authentication/getting-started
Subscribe to:
Posts (Atom)