The fastest way to get a BUCC (BOSH, UAA Credhub and Concourse)
The bucc command line utility allows for easy bootstrapping of the BUCC stack (Bosh Uaa Credhub and Concourse). Which is the starting point for many deployments.
Install BOSH CLI v2.0.1+ and dependencies.
Optionally install direnv
Clone this repository
git clone https://github.com/starkandwayne/bucc.git
cd bucc
source .envrc # if not using direnv
Choose your cpi:
bucc up --help
--cpi Cloud provider: [aws, virtualbox, gcp, docker-desktop, softlayer, openstack, azure, docker, vsphere]
--lite Created bosh will use the warden cpi with garden runc
--recreate Recreate VM in deployment, also when there are no changes
--debug Show arguments passed to 'bosh create-env'
--concourse-ca-certs
--concourse-lb
--concourse-syslog
--ldap
--oauth-providers
--proxy
Optional cpi specific flags:
aws: --auto-assign-public-ip --lb-target-groups --security-groups --spot-instance
virtualbox: --remote
gcp: --ephemeral-external-ip --service-account --target-pool
softlayer: --cpi-dynamic
openstack: --custom-ca --disk-az --dns --floating-ip --ignore-server-availability-zone --keystone-v2 --ntp --root-disk-size --trusted-certs
azure: --load-balancer --managed-disks
docker: --unix-sock
vsphere: --dns --resource-pool
From the repo root run:
$ bucc up --lite
To delete your VM run:
$ bucc down
By default, BUCC will generate self-signed certificates for all components. If you would like to add a true certificate for the Concourse web interface, follow these steps:
vars.yml
file with the domain name you chose:
concourse_domain: concourse.foo.com
vars.yml
as follows:
atc_ssl:
ca: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
certificate: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
private_key: |
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
vars.yml
as follows:
concourse_ca_certs: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
--concourse-lb
and --concourse-ca-certs
$ source <(bucc env) # should not be necessary when using direnv
$ bosh alias-env bucc
Using environment '192.168.50.6' as client 'admin'
Name bosh
UUID 94e87b44-a7eb-4b67-a568-52553f87cd6e
Version 268.6.0 (00000000)
Director Stemcell ubuntu-xenial/170.9
CPI warden_cpi
Features compiled_package_cache: disabled
config_server: enabled
local_dns: enabled
power_dns: disabled
snapshots: disabled
User admin
Succeeded
$ bosh vms
Using environment '192.168.50.6' as client 'admin'
Succeeded
$ bucc uaa
installing uaa cli '0.0.1' into: /Users/dcarter/fun/tryagain/bucc/bin/
Target set to https://192.168.50.6:8443
Access token successfully fetched and added to context.
$ uaa get-client admin
{
"client_id": "admin",
"scope": [
"uaa.none"
],
"resource_ids": [
"none"
],
"authorized_grant_types": [
"client_credentials"
],
"authorities": [
"bosh.admin"
],
"lastModified": 1549969159011 .
}
$ source <(bucc env) # should not be necessary when using direnv
$ bucc credhub
Setting the target url: https://192.168.50.6:8844
Login Successful
$ credhub api
https://192.168.50.6:8844
$ credhub generate -t password --name test
id: 63947a28-ee47-4d3c-9320-7972c70ec431
name: /test
type: password
value: <redacted>
version_created_at: "2019-02-10T13:35:06Z"
To get the login details for your concourse GUI run:
bucc info
$ bucc fly
logging in to team 'main'
target saved
Example fly commands:
fly -t bucc pipelines
fly -t bucc builds
$ fly -t bucc pipelines
name paused public
BUCC works with BBR.
To make a backup of your deployed BUCC vm, run:
bucc bbr backup
To recreate your environment from a backup run:
cd bucc
last_backup=$(find . -type d -regex ".+_.+Z" | sort -r | head -n1)
tar -xf ${last_backup}/bosh-0-bucc-creds.tar -C state
bucc up # clean BUCC with credentials (creds.yml) from backup
bucc bbr restore --artifact-path=${last_backup}
To use bucc in an offline environment run:
bucc offline --cpi virtualbox --lite --destination /tmp/offline
# copy /tmp/offline/bucc-*.tgz to your offline envrionment
tar -xf bucc-*.tgz && bucc
./bin/bucc up