📝 BLOG.IK.AM

@making's memo
(🗃 Categories 🏷 Tags)

BOSH Lite + UAAをインストールする

🗃 {Dev/Infrastructure/BOSH}

🏷 BOSH 🏷 BOSH-Lite 🏷 UAA

🗓 Updated at 2018-01-04T18:49:31+09:00 by Toshiaki Maki  🗓 Created at 2017-07-01T17:29:04+09:00 by Toshiaki Maki  {✒️️ Edit  ⏰ History}


この記事の延長編。

BOSH Directorの認証にUAAを使う方法のメモ。

目次

BOSH Lite作成

uaa.ymlも追加する。

bosh2 create-env bosh.yml \
  --state ./state.json \
  -o virtualbox/cpi.yml \
  -o virtualbox/outbound-network.yml \
  -o bosh-lite.yml \
  -o bosh-lite-runc.yml \
  -o uaa.yml \
  -o jumpbox-user.yml \
  --vars-store ./creds.yml \
  -v director_name="bosh-lite" \
  -v internal_ip=192.168.50.6 \
  -v internal_gw=192.168.50.1 \
  -v internal_cidr=192.168.50.0/24 \
  -v outbound_network_name=NatNetwork

Aliasの設定

export BOSH_ENVIRONMENT=192.168.50.6
export BOSH_CLIENT=admin
export BOSH_CLIENT_SECRET=`bosh2 int ./creds.yml --path /admin_password`
export BOSH_CA_CERT=`bosh2 int ./creds.yml --path /director_ssl/ca`

bosh2 alias-env vbox

BOSH Directorにログイン

$ bosh2 log-in
Successfully authenticated with UAA

Succeeded

UAAにログイン

$ bosh2 int ./creds.yml --path /uaa_ssl/ca > ~/uaa_ca
$ uaac target --ca-cert ~/uaa_ca 192.168.50.6:8443

Target: https://192.168.50.6:8443
$ uaac token client get uaa_admin -s `bosh2 int ./creds.yml --path /uaa_admin_client_secret`

Successfully fetched token via client credentials grant.
Target: https://192.168.50.6:8443
Context: uaa_admin, from client uaa_admin

おまけ UAAC CLIのインストール on Ubuntu

sudo apt-get install ruby-dev  g++
sudo gem install cf-uaac