search

concourse / concourse-bosh-deployment

A toolchain for deploying Concourse with BOSH.
Apache License 2.0
86 stars 155 forks source link

Using TLS with Bind Port ops file failure #140

Open king-jam opened 5 years ago

king-jam commented 5 years ago

When trying to use the operation file to override the TLS port, I get the following error that I can resolve by pulling the operations out and hardcoding the port values:

Using deployment 'concourse'

Evaluating manifest:
  Finding variable 'atc_tls.certificate':
    Expected to find a map key 'certificate' for path '/certificate' (found map keys: 'bind_port')

Exit code 1

Failure Scenario Configuration

Deployment Command:

bosh deploy -d concourse concourse-bosh-deployment/cluster/concourse.yml \
  -l concourse-bosh-deployment/versions.yml \
  --vars-store concourse-state/concourse-vars.yml \
  --vars-file=vars/concourse.yml \
  -o concourse-bosh-deployment/cluster/operations/static-web.yml \
  -o concourse-bosh-deployment/cluster/operations/basic-auth.yml \
  -o concourse-bosh-deployment/cluster/operations/tls-vars.yml \
  -o concourse-bosh-deployment/cluster/operations/tls.yml \
  -o concourse-bosh-deployment/cluster/operations/tls-port.yml

with the following vars file:

deployment_name: concourse
local_user:
  username: admin
  password: admin
web_ip: 192.168.1.10
external_url: https://my-url.com
external_host: https://my-url.com
network_name: default
web_vm_type: minimal
db_vm_type: minimal
db_persistent_disk_type: large
worker_vm_type: large

Success Scenario Configuration

Deployment Command:

bosh deploy -d concourse concourse-bosh-deployment/cluster/concourse.yml \
  -l concourse-bosh-deployment/versions.yml \
  --vars-store concourse-state/concourse-vars.yml \
  --vars-file=vars/concourse.yml \
  -o concourse-bosh-deployment/cluster/operations/static-web.yml \
  -o concourse-bosh-deployment/cluster/operations/basic-auth.yml \
  -o concourse-bosh-deployment/cluster/operations/tls-vars.yml \
  -o concourse-bosh-deployment/cluster/operations/tls.yml \
  -o custom/ops/bind-ports.yml

with the following vars file:

deployment_name: concourse
local_user:
  username: admin
  password: admin
web_ip: 192.168.1.10
external_url: https://my-url.com
external_host: https://my-url.com
network_name: default
web_vm_type: minimal
db_vm_type: minimal
db_persistent_disk_type: large
worker_vm_type: large

and this ops file:

- type: replace
  path: /instance_groups/name=web/jobs/name=atc/properties/tls_bind_port?
  value: 443

I'm wondering what the issue is and if we can document this somehow.

jessedye commented 5 years ago

I also had the same problem and worked through it with your help!

king-jam commented 5 years ago

@jessedye happy to help. I've dove into the job templates but can't figure out what's happening with this. It's very weird.