この記事の延長編。
BOSH Directorの認証にUAAを使う方法のメモ。
目次
BOSH Lite作成
uaa.ymlも追加する。
bosh2 create-env bosh.yml \
--state ./state.json \
-o virtualbox/cpi.yml \
-o virtualbox/outbound-network.yml \
-o bosh-lite.yml \
-o bosh-lite-runc.yml \
-o uaa.yml \
-o jumpbox-user.yml \
--vars-store ./creds.yml \
-v director_name="bosh-lite" \
-v internal_ip=192.168.50.6 \
-v internal_gw=192.168.50.1 \
-v internal_cidr=192.168.50.0/24 \
-v outbound_network_name=NatNetwork
Aliasの設定
export BOSH_ENVIRONMENT=192.168.50.6
export BOSH_CLIENT=admin
export BOSH_CLIENT_SECRET=`bosh2 int ./creds.yml --path /admin_password`
export BOSH_CA_CERT=`bosh2 int ./creds.yml --path /director_ssl/ca`
bosh2 alias-env vbox
BOSH Directorにログイン
$ bosh2 log-in
Successfully authenticated with UAA
Succeeded
UAAにログイン
$ bosh2 int ./creds.yml --path /uaa_ssl/ca > ~/uaa_ca
$ uaac target --ca-cert ~/uaa_ca 192.168.50.6:8443
Target: https://192.168.50.6:8443
$ uaac token client get uaa_admin -s `bosh2 int ./creds.yml --path /uaa_admin_client_secret`
Successfully fetched token via client credentials grant.
Target: https://192.168.50.6:8443
Context: uaa_admin, from client uaa_admin
おまけ UAAC CLIのインストール on Ubuntu
sudo apt-get install ruby-dev g++
sudo gem install cf-uaac