- CCE 1.9+ with RBAC enabled.
- Helm 2.7.0+ has been installed.
- Kubernetes Service Catalog has been installed.
For convenience we can export environment variables firstly.
export backDatabase_databaseHost=<back database host ip>
export backDatabase_databasePort=<back database port>
export backDatabase_databaseName=<back database name>
export backDatabase_databaseUsername=<back database username>
export backDatabase_databasePassword=<back database password>
export cloudCredentials_authUrl=<auth url for cloud>
export cloudCredentials_username=<username for cloud>
export cloudCredentials_password=<password for cloud>
export cloudCredentials_domainName=<domain name for cloud>
export cloudCredentials_tenantName=<tenant name for cloud>
export cloudCredentials_region=<region name for cloud>
export cloudCredentials_accessKey=<access key for cloud>
export cloudCredentials_secretKey=<secret key for cloud>
export cloudCredentials_rdsVersion="v3"
export catalog_primaryAvailabilityZone=<primary availability zone>
export catalog_secondaryAvailabilityZone=<secondary availability zone>
export catalog_vpcID=<vpc id>
export catalog_subnetID=<subnet id>
export catalog_securityGroupID=<security group id>
note: The catalog_subnetID value is the value of "Network ID" in public cloud console.
Installation of this chart is by helm.
$ git clone https://github.com/huaweicloud/huaweicloud-service-broker.git
$ cd huaweicloud-service-broker
$ helm install cce/charts/ --name service-broker --namespace huaweicloud \
--set-string backDatabase.databaseHost=$backDatabase_databaseHost \
--set-string backDatabase.databasePort=$backDatabase_databasePort \
--set-string backDatabase.databaseName=$backDatabase_databaseName \
--set-string backDatabase.databaseUsername=$backDatabase_databaseUsername \
--set-string backDatabase.databasePassword=$backDatabase_databasePassword \
--set-string cloudCredentials.authUrl=$cloudCredentials_authUrl \
--set-string cloudCredentials.username=$cloudCredentials_username \
--set-string cloudCredentials.password=$cloudCredentials_password \
--set-string cloudCredentials.domainName=$cloudCredentials_domainName \
--set-string cloudCredentials.tenantName=$cloudCredentials_tenantName \
--set-string cloudCredentials.region=$cloudCredentials_region \
--set-string cloudCredentials.accessKey=$cloudCredentials_accessKey \
--set-string cloudCredentials.secretKey=$cloudCredentials_secretKey \
--set-string cloudCredentials.rdsVersion=$cloudCredentials_rdsVersion \
--set-string catalog.primaryAvailabilityZone=$catalog_primaryAvailabilityZone \
--set-string catalog.secondaryAvailabilityZone=$catalog_secondaryAvailabilityZone \
--set-string catalog.vpcID=$catalog_vpcID \
--set-string catalog.subnetID=$catalog_subnetID \
--set-string catalog.securityGroupID=$catalog_securityGroupID
please see the following configurable parameters that can be configured during installation.
| Parameter | Description | Default |
|---|---|---|
| service.replicas | service replicas count | 1 |
| service.image | service image name and version | quay.io/huaweicloud/huaweicloud-service-broker:latest |
| service.imagePullPolicy | service image pull policy: IfNotPresent, Always, or Never | Always |
| service.containerPort | service container port | 3000 |
| brokerConfig.logLevel | broker config log level | "DEBUG" |
| brokerConfig.username | broker auth username | "username" |
| brokerConfig.password | broker auth password | "password" |
| backDatabase.databaseType | back database type | "mysql" |
| backDatabase.databaseHost | back database host ip | "127.0.0.1" |
| backDatabase.databasePort | back database port | 3306 |
| backDatabase.databaseName | back database name | "broker" |
| backDatabase.databaseUsername | back database username | "******" |
| backDatabase.databasePassword | back database password | "******" |
| cloudCredentials.authUrl | auth url for cloud | "https://iam.eu-west-0.prod-cloud-ocb.orange-business.com/v3" |
| cloudCredentials.username | username for cloud | "******" |
| cloudCredentials.password | password for cloud | "******" |
| cloudCredentials.domainName | domain name for cloud | "******" |
| cloudCredentials.tenantName | tenant name for cloud | "eu-west-0" |
| cloudCredentials.region | region name for cloud | "eu-west-0" |
| cloudCredentials.accessKey | access key for cloud | "******" |
| cloudCredentials.secretKey | secret key for cloud | "******" |
| cloudCredentials.rdsVersion | rds version (added after v0.1.2) | "v3" |
| catalog.primaryAvailabilityZone | primary availability zone | "eu-west-0a" |
| catalog.secondaryAvailabilityZone | secondary availability zone | "eu-west-0b" |
| catalog.vpcID | vpc id | "******" |
| catalog.subnetID | subnet id | "******" |
| catalog.securityGroupID | security group id | "******" |
If the service broker is created successfully,
you can find a service broker named cluster-service-broker
by running the following command.
$ kubectl get clusterservicebrokers
You can also find the lastest Services clusterserviceclasses and Service Plans clusterserviceplans by running the following command.
$ kubectl get clusterserviceclasses -o=custom-columns=SERVICE\ NAME:.metadata.name,EXTERNAL\ NAME:.spec.externalName
$ kubectl get clusterserviceplans -o=custom-columns=NAME:.metadata.name,EXTERNAL\ NAME:.spec.externalName,SERVICE\ CLASS:.spec.clusterServiceClassRef.name --sort-by=.spec.clusterServiceClassRef.name
$ helm delete --purge service-broker
$ kubectl delete namespace huaweicloud
Application Developers can start to consume the services
by creating ServiceInstance and ServiceBinding resources.
Take MySQL as an example.
$ cd cce/examples/mysql/
$ vi mysql-service-instance.yaml
The mysql-service-instance.yaml example is using the Service rds-mysql and Service Plan 5-7. About the key parameters, you can find more informations in the rds-mysql.md. Then you can run the following command to create mysql-service-instance.yaml.
$ kubectl create -f mysql-service-instance.yaml
The following command will get more informations about the created mysql-service-instance. Please make sure the Status of mysql-service-instance is OK before going to the next step.
$ kubectl describe serviceinstance mysql-service-instance
$ vi mysql-service-binding.yaml
$ kubectl create -f mysql-service-binding.yaml
This example will store the binding informations into a secret resource named mysql-service-secret.
$ kubectl create -f pod.yaml
The pod.yaml will use mysql-service-secret and mount it as a volume so that the nginx application can use the binding informations as an input.