-
Notifications
You must be signed in to change notification settings - Fork 17
/
installing.html.md.erb
180 lines (120 loc) · 9.42 KB
/
installing.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
---
breadcrumb: VMware Tanzu Services
title: Installing and Configuring GCP Service Broker
---
This topic describes how to install the Google Cloud Platform (GCP) Service Broker by configuring your GCP account and importing the product file into VMware Tanzu Operations Manager.
##<a id="setup-project"></a>Step 1: Set up a GCP Project
Follow the steps below to create a project and enable necessary APIs.
1. In a browser, navigate to [https://console.cloud.google.com](https://console.cloud.google.com). If you do not have an account, sign up and use the setup wizard to create an account.
1. From the GCP console, click the dropdown to the left of the search bar and select **Create Project**.
1. Enter a project name and click **Create**.
1. A notification appears confirming the creation of your project. Refresh the page.
##<a id="enable-apis"></a>Step 2: Enable APIs
1. Navigate to **API Manager > Library**.
1. Enable the <a href="https://console.cloud.google.com/apis/api/cloudresourcemanager.googleapis.com/overview">Google Cloud Resource Manager API</a>.
1. Enable the <a href="https://console.cloud.google.com/apis/api/iam.googleapis.com/overview">Google Identity and Access Management (IAM) API</a>.
1. If you want to enable Cloud SQL as a service, enable the <a href="https://console.cloud.google.com/apis/api/sqladmin/overview">Cloud SQL API</a>.
1. If you want to enable BigQuery as a service, enable the <a href="https://console.cloud.google.com/apis/api/bigquery/overview">BigQuery API</a>.
1. If you want to enable Cloud Storage as a service, enable the <a href="https://console.cloud.google.com/apis/api/storage_component/overview">Cloud Storage API</a>.
1. If you want to enable Pub/Sub as a service, enable the <a href="https://console.cloud.google.com/apis/api/pubsub/overview">Cloud Pub/Sub API</a>.
##<a id="service-account"></a>Step 3: Set Up a Root Service Account
Follow the steps below to set up a "root" Service Account.
1. From the GCP console, navigate to **IAM & Admin > Service accounts** and click **Create Service Account**.
1. Enter a Service account name.
1. Select the checkbox to **Furnish a new Private Key**, then click **Create**.
1. Save the automatically downloaded key file to a secure location.
1. Navigate to **IAM & Admin > IAM** and locate your service account.
1. From the dropdown on the right, choose **Project > Owner** and click **Save**.
##<a id="database"></a>Step 4: Create a Service Broker Database
You can use any MySQL database to back the Service Broker. To use GCP Cloud SQL, follow the instructions below:
<p class="note"><strong>Note</strong>: Pivotal recommends using Cloud SQL if your VMware Tanzu deployment runs on GCP.</p>
1. From the GCP console, select **SQL**, and then click **Create instance**.
1. Set up your database instance with the default settings and click **Create**.
1. After the instance boots, click its name in the list of SQL instances.
1. Select **Access Control > SSL**.
1. Click **Allow only SSL Connections**
1. Click **Create Client Certificate**.
1. Enter a name and click **Add**. A popup appears.
1. Download the three certificate files and save them to a secure location.
1. Record the connection string given at the bottom of the popup.
1. Under **Access Control > Authorization**, click **Add Network**.
1. Enter `0.0.0.0/0` in the **Network** field and click **Done**.
1. Under **Access Control > Users**, click the three dot icon to open the menu next to the `root` user, then click **Change Password**.
1. Enter a new password for the `root` user and click **OK**.
1. From a terminal window, connect to the host machine using the connection string that you recorded in an earlier step, using the `root` user and password.
1. In the terminal window, run the following commands:
1. `CREATE DATABASE servicebroker;`
1. `CREATE USER 'USERNAME'@'%' IDENTIFIED BY 'TASSWORD';`
1. `GRANT ALL PRIVILEGES ON servicebroker.* TO 'USERNAME'@'%' WITH GRANT OPTION;`
##<a id="install"></a>Step 5: Install in Ops Manager
To install the GCP Service Broker tile in Ops Manager, complete the following steps:
1. Download the GCP Service Broker product file from [Pivotal Network](https://network.pivotal.io/products/gcp-service-broker).
1. From the Ops Manager Installation Dashboard, click **Import a Product** to upload the product file.
1. Click **Add** next to the uploaded product description in the **Available Products** view to add this product to your staging area.
##<a id="configure"></a>Step 6: Configure in Ops Manager
Click the newly added tile and configure the following sections:
###<a id="root-service-account"></a>Root Service Account
1. Click **Root Service Account**.
2. Paste the contents of your service account private key file from [Step 1](#setup-project) into the text box.
3. Click **Save**.
###<a id="database-properties"></a>Database Properties
1. Click **Database Properties**.
2. For **hostname**, enter the public IP address of your database.
3. Enter the username, password, and ssl-certs for your database.
4. Ensure your database port is set to `3306`. Modify your port configuration if necessary.
5. Click **Save**.
###<a id="plans"></a>Cloud SQL (MySQL) Custom Plans
If you want to enable Cloud SQL MySQL for your developers, you must configure plans in this section. If you do not want to enable Cloud SQL, ignore this section.
1. Click **Cloud SQL MySQL Custom Plans**.
2. To create a plan, click **Add**.
3. Enter a plan name, a display name, and a description to display in the database.
4. Enter a case-sensitive **Tier/Machine Type** value (e.g. `D4` or `db-n1-standard-2`).
See [Cloud SQL Pricing](https://cloud.google.com/sql/pricing) for details.
5. (Optional) If you selected a first generation instance type when creating your Cloud SQL database, you can change your pricing plan.
6. (Optional) If you selected a second generation instance type when creating your Cloud SQL database, enter a maximum disk size in GB.
7. Click **Save**.
###<a id="plans"></a>Cloud SQL (PostgreSQL) Custom Plans
If you want to enable Cloud SQL PostgreSQL for your developers, you must configure plans in this section. If you do not want to enable Cloud SQL, ignore this section.
1. Click **Cloud SQL PostgreSQL Custom Plans**.
2. To create a plan, click **Add**.
3. Enter a plan name, a display name, and a description to display in the database.
4. Enter a case-sensitive **Tier/Machine Type** value of the form "db-custom-<CPUs>-<Memory-MB>", where <Memory-MB> must be at least 3840.
For details, see [Cloud SQL Pricing](https://cloud.google.com/sql/pricing#pg-pricing).
5. (Optional) Enter a maximum disk size in GB.
6. Click **Save**.
###<a id="bt-plans"></a>Bigtable Custom Plans
If you want to enable Bigtable for your developers, follow the steps below.
1. Click **Bigtable Custom Plans**.
2. To create a plan, click **Add**.
3. Enter a **Plan Name**, a **Display Name**, and a **Description** to display in the database.
4. For the **Storage Type**, specify either <code>SSD</code> or <code>HDD</code>. The default is `SSD`. For more information, see [Bigtable Pricing](https://cloud.google.com/bigtable/pricing).
5. For the **Number of Nodes**, specify an integer value between `3` and `30`. The default is `3`. For more information, see [Bigtable Pricing](https://cloud.google.com/bigtable/pricing).
6. Click **Save**.
###<a id="plans"></a>Spanner Custom Plans
If you want to enable Spanner for your developers, follow the steps below.
1. Click **Spanner Custom Plans**.
2. To create a plan, click **Add**.
3. Enter a **Plan Name**, a **Display Name**, and a **Description** to display in the database.
4. For the **Number of Nodes**, specify a positive integer value. The default is `3`. For more information, see [Spanner Pricing](https://cloud.google.com/spanner/pricing).
5. Click **Save**.
###<a id="service-access"></a>Service Access
By default, all orgs and spaces can access all services and plans used by the GCP Service Broker. Follow the instructions below to disable the default access.
1. Click **Service Access**.
2. Clear the **Enable global access to plans of service gcp\_service\_broker** checkbox.
3. Click **Save**.
##<a id="confirm"></a>Step 7: Confirm Installation
<p class="note"><strong>Note</strong>: The GCP Service Broker installs an app named <code>gcp-service-broker</code> in the <code>gcp-service-broker-space</code> space of the <code>system</code> org.</p>
1. After Ops Manager finishes the installation, the **GCP Service Broker** appears as a green tile in the **Installation Dashboard**.
1. In Apps Manager, all orgs and spaces show the new services in the Services Marketplace.
Users can create instances of these services through Apps Manager or by using the Cloud Foundry Command Line Interface (cf CLI).
For more information, see [Using GCP Service Broker](using.html).
##<a id="service-access"></a>Step 8: Confirm Service and Plan Access
The GCP Service Broker installs with all services enabled by default, except for Cloud SQL, which you select to enable or not during configuration.
You can disable or enable any services through the cf CLI using `cf disable-service-access` or `cf enable-service-access`.