forked from pivotal-cf/docs-pcf-healthwatch
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinstalling.html.md.erb
134 lines (89 loc) · 6.18 KB
/
installing.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
---
title: Installing and Configuring PCF Healthwatch
owner: PCF Healthwatch
---
This topic describes how to install and configure Pivotal Cloud Foundry (PCF) Healthwatch.
##<a id='prereqs'></a> Prerequisites
Before deploying PCF Healthwatch, ensure that you have installed:
* PCF Ops Manager v? or later
* PCF Elastic Runtime v? or later
* the UAA Command Line Interface (UAAC)
##<a id='install'></a> Install PCF Healthwatch
1. Download the product file from [Pivotal Network](https://network.pivotal.io/).
1. Navigate to the Ops Manager Installation Dashboard and click **Import a Product** to upload the product file.
1. Under the **Import a Product** button, click **+** next to the version number of PCF Healthwatch.
This adds the tile to your staging area.
##<a id='configure'></a> Configure PCF Healthwatch
To start using PCF Healthwatch, configure your IaaS, the Ops Manager Director tile, and the PCF Healthwatch tile.
<p class="note"><strong>Note</strong>: These instructions are designed for Google Cloud Platform (GSP) users. If your PCF deployment is running on a different IaaS, perform the equivalent steps.</p>
###<a id='iaas'></a> Step 1. Configure Your IaaS
If your PCF deployment is running on GSP, navigate to your GCP console and do the following:
1. Go to your Ops Manager VPC network.
1. Create a subnet and name it `bosh-health-check`.
1. Add the subnet to the `YOUR-OPSMAN-NAME-cf-internal` firewall rule. This allows BOSH to talk to it.
If your PCF deployment is running on a different IaaS, perform the equivalent steps.
###<a id='ops-man'></a> Step 2. Configure the Ops Manager Director Tile
To configure Ops Manager Director:
1. Click the **Ops Manager Director** tile on the Ops Manager Installation Dashboard.
1. Navigate to **Create Networks** and click **Add Network**.
1. In the **Name** field, enter `bosh-health-check`.
1. Select the **Service Network** checkbox.
1. In the **YOUR-IAAS Network Name** field, enter the Ops Manager network name from [Step 1. Configure Your IaaS](installing.html#iaas).
<p class="note"><strong>Note</strong>: You can find the guidelines on how to format the network name next to the <strong>YOUR-IAAS Network Name</strong> field. The format varies depending on your IaaS.</p>
If your PCF deployment is running on GCP, use the `NETWORK-NAME/SUBNET-NAME/REGION-NAME` format to specify your network name.
<p class="note"><strong>Note</strong>: If your <strong>Create Networks</strong> page does not have <strong>YOUR-IAAS Network Name</strong> field, use its equivalent.</p>
1. Enter a valid **CIDR** for your created subnet.
1. Enter the **Gateway** and **DNS** IPs for this subnet.
1. Include the **Gateway** and **DNS** IPs in **Reserved IP Range**.
1. Click **Save**.
1. Return to the Ops Manager Installation Dashboard and click **Apply Changes**.
###<a id='ops-man'></a> Step 3. Configure the PCF Healthwatch Tile
To configure PCF Healthwatch:
1. Click the **PCF Healthwatch** tile on the Ops Manager Installation Dashboard.
1. Navigate to **Health Check** and do the following:
1. Enter **Ops Manager URL**. The URL should include the protocol.
1. Enter `bosh-health-check` in **BOSH Healthcheck Service Network**.
1. Enter an availability zone in **BOSH Healthcheck Availability Zone**.
1. Enter a VM type in **BOSH Healthcheck VM Type**.
<p class="note"><strong>Note</strong>: You can find the availability zone and VM type values by submitting the <code>YOUR-OPSMAN-URL/api/v0/deployed/cloud_config</code> Ops Manager API request.</p>
1. Click **Save**.
1. Return to the Ops Manager Installation Dashboard and click **Apply Changes**.
##<a id='bosh-metrics'></a> Getting BOSH Health Metrics into PCF Healthwatch
Forwarding BOSH health metrics to PCF Healthwatch requires manual configuration. You must have PCF Admin permissions to configure the BOSH Director.
<p class="note"><strong>Note</strong>: The manual configuration is required for the alpha and beta releases of PCF Healthwatch.</p>
To configure the BOSH Director, follow the instructions in [Healthwatch Release README.md](https://github.com/pivotal-cf/healthwatch-release/tree/master/bosh). You can find the necessary plugins in this repository.
##<a id='uaa-authorities'></a> Configure UAA Authorities
To configure UAA authorities, run the `configure_uaa.sh` script from your terminal. This script configures the UAA client credentials that are needed for the PCF Healthwatch UI to access a token on behalf of your login user.
<p class="note"><strong>Note</strong>: You must have PCF Admin permissions to configure UAA authorities.</p>
You can find the contents of the script below:
```
#!/usr/bin/env bash
UAA_URL=$1 #The URL of the UAA login like login.sys.valentino.gcp.pcf-metrics.com.
UAA_ADMIN_USERNAME=$2 #The UAA admin client credentials username.
UAA_ADMIN_PASSWORD=$3 #The UAA admin client credentials password.
NEW_CLIENT=$4 #The client credentials username provided in Ops Manager for the Healthwatch application.
NEW_CLIENT_SECRET=$5 #The client credentials secret provided in Ops Manager for Healthwatch.
UAA_USER=$6 #The user you want to log in to Healthwatch with. They will get the platform-monitoring.read scope.
APP_URL=$7 #The full URL of the Healthwatch application.
echo $UAA_URL
echo $UAA_ADMIN_USERNAME
echo $NEW_CLIENT
echo $UAA_USER
echo $APP_URL
uaac target $UAA_URL --skip-ssl-validation
uaac token client get $UAA_ADMIN_USERNAME -s $UAA_ADMIN_PASSWORD
uaac group add platform_monitoring.read || true
uaac client add $NEW_CLIENT \
--authorities "uaa.resource" \
--scope "platform_monitoring.read" \
--authorized_grant_types "authorization_code,refresh_token" \
-s $NEW_CLIENT_SECRET \
--redirect_uri $APP_URL \
--access_token_validity 900 \
--refresh_token_validity 2628000 \
--autoapprove true
uaac member add platform_monitoring.read $UAA_USER
```
See the following example:
<pre class="terminal">$ ./configure_uaa.sh login.sys.valentino.gcp.pcf-metrics.com admin UAA-ADMIN-CLIENT-SECRET platform_monitoring PLATFORM_MONITORING-SECRET admin PCF-HEALTHWATCH-URL</pre>
In this example, replace `login.sys.valentino.gcp.pcf-metrics.com` with the URL of your UAA login. `PLATFORM_MONITORING-SECRET` is the password that you enter in Ops Manager when configuring the PCF Healthwatch tile.