Latest Release: v1.0.0, 2025-01-28
The pgo-osb project is an implementation of the Open Service Broker API. This implementation uses the Crunchy PostgreSQL Operator as a means to provision services, in this case the service is a PostgreSQL database cluster.
pgo-osb allows users to also bind to a service instance which when invoked will return PostgreSQL credentials to a user they can use to connect to the PostgreSQL database instance.
Also, users can deprovision a PostgreSQL database cluster using the OSB API.
The pgo-osb broker was developed using the OSB Starter Pack and associated libraries.
See the following:
-
[Open Service Broker API](https://github.com/openservicebrokerapi/servicebroker)
-
[
osb-broker-lib
](https://github.com/pmorie/osb-broker-lib). -
[
go-open-service-broker-client
](https://github.com/pmorie/go-open-service-broker-client) -
[service-catalog](https://github.com/kubernetes-incubator/service-catalog)
golang 1.9 or above is required to build this project.
Running the pgo-osb service broker assumes you have deployed the PostgreSQL Operator to your namespace that you will be deploying the service broker into. See https://github.com/CrunchyData/postgres-operator for documentation on deploying the PostgreSQL Operator.
This example assumes you have created a Kube namespace called demo. Adjust CO_NAMESPACE to suit your specific namespace value. The example also assumes you are using the PostgreSQL Operator default RBAC account called username with a password of password. If this is not the case then you will need to adjust the example service instance service-instance.yaml.
To build the pgo-osb broker…
place these environment variables into your .bashrc as they are used in the various scripts and deployment templates:
export GOPATH=$HOME/odev export GOBIN=$GOPATH/bin export PATH=$PATH:$GOBIN export COROOT=$GOPATH/src/github.com/crunchydata/pgo-osb export CO_BASEOS=centos7 export CO_VERSION=1.0.0 export CO_IMAGE_TAG=$CO_BASEOS-$CO_VERSION export CO_IMAGE_PREFIX=crunchydata export CO_NAMESPACE=demo export CO_CMD=kubectl
Install the dep dependency tool:
curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh
Get the deps:
Install the service catalog into your Kube cluster by following this link:
Instructions on that link are provided to also install the very useful svcat utility for inspecting and working with the service catalog.
Warning
|
we have found issues using Helm 2.10 when installing Service Catalog, we tend to use Helm 2.9.1. |
To deploy the pgo-osb broker…
make image make deploy
You can verify your deployment has been successful with:
kubectl get pod --selector=app=pgo-osb NAME READY STATUS RESTARTS AGE pgo-osb-69c76578b9-v7s9k 1/1 Running 0 16m
To test the pgo-osb broker…
Create an instance:
make provision kubectl get serviceinstance
You should see a pod with that service instance name:
kubectl get pod --selector=name=testinstance
Create a binding:
make bind kubectl get servicebinding
You can view the binding and the generated Postgres credentials using this command:
$ svcat describe binding testinstance-binding Name: testinstance-binding Namespace: demo Status: Ready - Injected bind result @ 2018-08-24 13:44:29 +0000 UTC Secret: testinstance-binding Instance: testinstance Parameters: No parameters defined Secret Data: secrets 111 bytes services 151 bytes [osb@kube11 pgo-osb]$ svcat describe binding testinstance-binding --show-secrets Name: testinstance-binding Namespace: demo Status: Ready - Injected bind result @ 2018-08-24 13:44:29 +0000 UTC Secret: testinstance-binding Instance: testinstance Parameters: No parameters defined Secret Data: secrets [{"data":{"postgres":"mu7BDsFi3X","primaryuser":"FHhQwZAeot","testuser":"My2g9BxjFD"},"name":"somesecretname"}] services [{"name":"testinstance","spec":{"clusterIP":"10.104.162.117","externalIPs":[""],"ports":[{"name":"postgres","port":5432,"targetPort":0}]},"status":""}]
You can also use the svcat Service Catalog CLI to inspect the service catalog.
$ svcat get brokers NAME URL STATUS +---------+-------------------------------------------+--------+ pgo-osb http://pgo-osb.demo.svc.cluster.local:443 Ready
$ svcat get classes NAME DESCRIPTION +-----------------+--------------+ pgo-osb-service The pgo osb!
$ svcat describe class pgo-osb-service Name: pgo-osb-service Description: The pgo osb! UUID: 4be12541-2945-4101-8a33-79ac0ad58750 Status: Active Tags: Broker: pgo-osb Plans: NAME DESCRIPTION +---------+--------------------------------+ default The default plan for the pgo osb service
$ svcat provision -n demo myinstance --class pgo-osb-service --param CO_USERNAME=username --param CO_PASSWORD=password --param CO_CLUSTERNAME=myinstance --plan=default Name: myinstance Namespace: demo Status: Class: pgo-osb-service Plan: default Parameters: CO_CLUSTERNAME: myinstance CO_PASSWORD: password CO_USERNAME: username
$ svcat describe plan pgo-osb-service/default Name: default Description: The default plan for the pgo osb service UUID: 86064792-7ea2-467b-af93-ac9694d96d5c Status: Active Free: true Class: pgo-osb-service Instances: NAME NAMESPACE STATUS +------------+-----------+--------+ myinstance demo Ready testy4 demo Ready
$ svcat get instances -n demo NAME NAMESPACE CLASS PLAN STATUS +------------+-----------+-----------------+---------+--------+ myinstance demo pgo-osb-service default Ready testy4 demo pgo-osb-service default Ready
$ svcat bind -n demo myinstance --name myinstance-binding Name: myinstance-binding Namespace: demo Status: Secret: myinstance-binding Instance: myinstance Parameters: No parameters defined $ svcat describe binding myinstance-binding --show-secrets $ kubectl describe secret myinstance-binding Name: myinstance-binding Namespace: demo Labels: <none> Annotations: <none> Type: Opaque Data ==== postgres: 10 bytes primaryuser: 10 bytes testuser: 10 bytes
Notice in this example that we have 3 Postgres users and their passwords stored in this Secret as a result of the binding being created.