From 19a18ae40f2561e5d0a97c9e817613045b5ad429 Mon Sep 17 00:00:00 2001 From: keaty Date: Fri, 21 Apr 2017 17:21:52 -0400 Subject: [PATCH] Add BOSH troubleshooting: BOSH ssh story --- bosh_troubleshooting.prolific | 19 +++++++++++++++++++ concourse.prolific | 1 + 2 files changed, 20 insertions(+) diff --git a/bosh_troubleshooting.prolific b/bosh_troubleshooting.prolific index e1fbfee..0384daf 100644 --- a/bosh_troubleshooting.prolific +++ b/bosh_troubleshooting.prolific @@ -17,6 +17,25 @@ You should easily be able to scale the number of Diego Cells up or down. What ha [YAML Validator](http://codebeautify.org/yaml-validator) L: bosh operator --- +SSH into a running BOSH job +### What? +To SSH into a BOSH job, you need to use your BOSH Director as a gateway host (like a proxy). + +### How? +Set up your gateway host by passing a few flags into your `bosh ssh` command or by setting environment variables. +* `--gw-user=` or $BOSH_GW_USER should be set to `vcap`. +* `--gw-host=` or $BOSH_GW_HOST should be set to your BOSH Director's IP address. +* `--gw-private-key=` or $BOSH_GW_PRIVATE_KEY is a little more complicated. You'll need to print your BOSH ssh key into a file by running `bbl ssh-key > bosh.pem` and using the path of that file as the environment variable or argument value. + +To remember the required commands/environmental variable names you can run `bosh ssh --help`. + +### Expected Result +Running `bosh -d cf ssh ...` opens a shell in your targetted machine. + +### Resources +[What's the distinction between an HTTP proxy, tunnel, and gateway?](http://stackoverflow.com/questions/10377679/whats-distinction-of-http-proxy-tunnel-gateway) +L: bosh operator +--- Trigger a failing BOSH job ### What? When a BOSH VM is healthy, it is listed with the status "running". Let's use **[Monit](https://mmonit.com/monit/)** to trigger a state change. diff --git a/concourse.prolific b/concourse.prolific index 825c566..1539708 100644 --- a/concourse.prolific +++ b/concourse.prolific @@ -15,6 +15,7 @@ If you're been doing the GCP Development track then you already have a BOSH Dire 1. Is your `tls_bind_port: 443` property nested within the `properties` section of the `atc` job? 1. Did you remember to include `https://` in the domain provided under the `external_url` of the `atc` job? 1. Are you visiting the `https://` address in your browser? +1. Try `bosh ssh`ing into your web VM and curling localhost. It should return the html for your pipeline-less Concourse webpage. If it does, then your problem is with routing/DNS, not with Concourse itself. 1. If you hit an IP quota, go to Home > IAM & Admin > Quotas in your GCP dashboard and click the ✏ button. This will take you to a form where you can request an increased quota. 1. If this ends up being frustrating in a "please, please don't make me do another minute" kind of way, no sweat. Don't waste time on a story you're not getting anything out of, just _Choose Your Own Adventure_ your way out of it by **[spinning up a local VM with Vagrant](http://concourse.ci/vagrant.html)**. Either way, same result →