Developers normally dont have to SSH into the pcf application or services. they normally view logs using cf logs. However if you really have to ssh into instances to troubleshoot something, then here are the steps.
First you should have access to SSH into the application. Typically this depends upon your role. you can use the following commands to enable or disable ssh. ssh access can be provided at the app level or space level.
Please find the below basic commands for enabling or disabling ssh access.
SSHing directly using CF command
cf enable-ssh <app name>
cf disable-ssh <app name>
cf allow-space-ssh <space name>
cf disallow-space-ssh <space name>
cf ssh-enabled userservice
cf space-ssh-allowed pcfdev-space
Now that you have access to SSH, we can see the following
1. SSH into applications
2. SSH into service instances (such as database services )
1. —— SSH ing into apps ——
There are 2 ways to SSH one using CF CLI and other not using CF CLI (basically other ways).
Accessing SSH without CF CLI
cf ssh <app name> -I <instance number to login> (optional)
$ cf ssh userservice
vcap@6fe377f0-43cd-4631-641f-c87ac239069e:~$ ls
app logs staging_info.yml tmp
Get the GUID of the application.
$ cf app userservice --guid
355aa3f0-2d28-4c52-a537-980e9d02f97e
Get the environmental information.
$ cf curl /v2/info
{
"name": "pcfdev",
"build": "037c3c92eaf4bcab911fb12f09b0cdd464c0a9b2",
"support": "pcfdev@pivotal.io",
"version": 0,
"description": "",
"authorization_endpoint": "https://login.local.pcfdev.io",
"token_endpoint": "https://uaa.local.pcfdev.io",
"min_cli_version": null,
"min_recommended_cli_version": null,
"api_version": "2.65.0",
"app_ssh_endpoint": "ssh.local.pcfdev.io:2222",
"app_ssh_host_key_fingerprint": "a6:d1:08:0b:b0:cb:9b:5f:c4:ba:44:2a:97:26:19:8a",
"app_ssh_oauth_client": "ssh-proxy",
"routing_endpoint": "https://api.local.pcfdev.io/routing",
"logging_endpoint": "wss://loggregator.local.pcfdev.io:443",
"doppler_logging_endpoint": "wss://doppler.local.pcfdev.io:443",
"user": "89bbff6f-bda1-4efe-b38a-2cc6f020217b"
}
Get the ssh-code
$ cf ssh-code
DhqVXotyRA
SSH into the instance provide the guid, and serverinformation, also provide the ssh-code obtained as the password.
$ ssh -p 2222 cf:355aa3f0-2d28-4c52-a537-980e9d02f97e/0@ssh.local.pcfdev.io
cf:355aa3f0-2d28-4c52-a537-980@ssh.local.pcfdev.io's password:
vcap@6fe377f0-43cd-4631-641f-c87ac239069e:~$
Now that we know how to ssh into the application, we can have a look at ssh ing into the services.
—— SSH ing into services ——
View the services
$ cf services
Getting services in org pcfdev-org / space pcfdev-space as user...
OK
name service plan bound apps last operation
user-db p-mysql 512mb userservice create succeeded
Create a service key, mention the service instance id and a service key.
$ cf create-service-key user-db EXTERNAL-ACCESS-KEY
Creating service key EXTERNAL-ACCESS-KEY for service instance user-db as user...
OK
Get the service details using the key.
$ cf service-key user-db EXTERNAL-ACCESS-KEY
Getting key EXTERNAL-ACCESS-KEY for service instance user-db as user...
{
"hostname": "mysql-broker.local.pcfdev.io",
"jdbcUrl": "jdbc:mysql://mysql-broker.local.pcfdev.io:3306/cf_05a179d8_9b8f_470f_9b81_14e4b4877c8b?user=FfbDMZl571mskftA\u0026password=MyfJQwpcq82lyJfh",
"name": "cf_05a179d8_9b8f_470f_9b81_14e4b4877c8b",
"password": "MyfJQwpcq82lyJfh",
"port": 3306,
"uri": "mysql://FfbDMZl571mskftA:MyfJQwpcq82lyJfh@mysql-broker.local.pcfdev.io:3306/cf_05a179d8_9b8f_470f_9b81_14e4b4877c8b?reconnect=true",
"username": "FfbDMZl571mskftA"
}
ssh into the service instance by providing the server details and the app name that it is bound to.
$ cf ssh -L 63306:mysql-broker.local.pcfdev.io:3306 userservice
vcap@6fe377f0-43cd-4631-641f-c87ac239069e:~$ ls
app logs staging_info.yml tmp
vcap@6fe377f0-43cd-4631-641f-c87ac239069e:~$
Happy SSHing into your apps and services.
No comments:
Post a Comment