You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@brooklyn.apache.org by he...@apache.org on 2014/08/04 16:47:00 UTC

git commit: tidy up of location and security config in docs

Repository: incubator-brooklyn
Updated Branches:
  refs/heads/master 2218b6853 -> 65afbdbcb


tidy up of location and security config in docs


Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/65afbdbc
Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/65afbdbc
Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/65afbdbc

Branch: refs/heads/master
Commit: 65afbdbcb5a2fa169cca965054830febeacd6b99
Parents: 2218b68
Author: Alex Heneveld <al...@cloudsoftcorp.com>
Authored: Mon Aug 4 10:45:55 2014 -0400
Committer: Alex Heneveld <al...@cloudsoftcorp.com>
Committed: Mon Aug 4 10:45:55 2014 -0400

----------------------------------------------------------------------
 docs/use/guide/quickstart/brooklyn.properties | 32 +++++----
 docs/use/guide/quickstart/index.md            | 82 ++++++++++++++++------
 2 files changed, 80 insertions(+), 34 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/65afbdbc/docs/use/guide/quickstart/brooklyn.properties
----------------------------------------------------------------------
diff --git a/docs/use/guide/quickstart/brooklyn.properties b/docs/use/guide/quickstart/brooklyn.properties
index 8fd10fe..59a6f06 100644
--- a/docs/use/guide/quickstart/brooklyn.properties
+++ b/docs/use/guide/quickstart/brooklyn.properties
@@ -29,6 +29,22 @@
 
 ############################ Getting Started Options  ####################################
 
+## GUI Security
+
+## NOTE: in production it is highly recommended to set this, as otherwise it will not require login,
+## not will it be encrypted (though for safety if security is not set it will only bind to loopback)
+
+## Edit the name(s) and passwords as appropriate to your system:
+
+# brooklyn.webconsole.security.users=admin,bob
+# brooklyn.webconsole.security.user.admin.password=password
+# brooklyn.webconsole.security.user.bob.password=bobsword
+
+## If you prefer to run with https (on port 8443 by default), uncomment this:
+
+# brooklyn.webconsole.security.https.required=true
+
+
 # By default we have AWS set up (but with invalid credentials!).  Many, many other
 # providers are supported.
 
@@ -83,16 +99,8 @@ brooklyn.location.jclouds.aws-ec2.credential = <access-key-hex-digits>
 ## however you could specify something like /opt/brooklyn-managed-process/ (creation and permissions are handled)
 # onbox.base.dir=~/brooklyn-managed-process/
 
-
-## GUI Security
-## NOTE: in production it is highly recommended to set this, as otherwise it will not require login,
-## not will it be encrypted (though for safety if security is not set it will only bind to loopback)
-# brooklyn.webconsole.security.https.required=true
-# brooklyn.webconsole.security.users=admin,bob
-# brooklyn.webconsole.security.user.admin.password=password
-# brooklyn.webconsole.security.user.bob.password=bobsword
-
-## GUI Security: Allow all - if you know what you are doing! (You can also plug in e.g. LDAP security.)
+## Additional security: Allow all - if you know what you are doing! 
+## (Or you can also plug in e.g. LDAP security etc here)
 # brooklyn.webconsole.security.provider = brooklyn.rest.security.provider.AnyoneSecurityProvider
 
 ## Optionally disallow deployment to localhost (or any other location)
@@ -177,11 +185,9 @@ brooklyn.location.named.aws-tokyo = jclouds:aws-ec2:ap-northeast-1
 ## Softlayer - need a key from the gui, under "administrative -> user administration -> api-access 
 # brooklyn.location.jclouds.softlayer.identity=username
 # brooklyn.location.jclouds.softlayer.credential=<private-key-hex-digits>
-## A sample good image, available in all regions
-# brooklyn.location.jclouds.softlayer.imageId=13945
 ## locations
-# brooklyn.location.named.Softlayer\ Seattle=jclouds:softlayer:sea01
 # brooklyn.location.named.Softlayer\ Dallas=jclouds:softlayer:dal05
+# brooklyn.location.named.Softlayer\ Seattle=jclouds:softlayer:sea01
 # brooklyn.location.named.Softlayer\ Washington\ DC=jclouds:softlayer:wdc01
 # brooklyn.location.named.Softlayer\ Singapore\ 1=jclouds:softlayer:sng01
 # brooklyn.location.named.Softlayer\ Amsterdam\ 1=jclouds:softlayer:ams01

http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/65afbdbc/docs/use/guide/quickstart/index.md
----------------------------------------------------------------------
diff --git a/docs/use/guide/quickstart/index.md b/docs/use/guide/quickstart/index.md
index 289acd8..b8042bf 100644
--- a/docs/use/guide/quickstart/index.md
+++ b/docs/use/guide/quickstart/index.md
@@ -62,24 +62,25 @@ $ brooklyn launch
 
 Brooklyn will output the address of the management interface:
 
-
-`INFO  Starting brooklyn web-console on loopback interface because no security config is set`
-
-`INFO  Started Brooklyn console at http://127.0.0.1:8081/, running classpath://brooklyn.war and []`
-
-But before we really use Brooklyn, we need to setup some Locations.
+    INFO  Starting brooklyn web-console on loopback interface because no security config is set
+    INFO  Started Brooklyn console at http://127.0.0.1:8081/, running classpath://brooklyn.war and []
+
+But before we really use Brooklyn, we need to configure security and locations.
+In particular, if you are running on a remote server, you'll notice that Brooklyn has
+bound only to the loopback device, not a public network interface, and you won't be able
+to access the server. This is for security reasons; you can override by passing `-b 0.0.0.0`,
+or once you have configured security it will automatically bind to all interfaces by default.
  
-Stop Brooklyn with ctrl-c.
-
-## Configuring a Location
-
-Brooklyn deploys applications to Locations.
+Stop Brooklyn with ctrl-c, or in the web-browser (under "Help"), or with `kill`.
+(The PID is written to a file in the directory where you launch.) 
 
-Locations can be clouds, machines with fixed IPs or localhost (for testing).
 
-Brooklyn loads Location configuration  from `~/.brooklyn/brooklyn.properties`. 
+<a name="properties"></a>
+## Configuring Brooklyn with brooklyn.properties
 
-Create a `.brooklyn` folder in your home directory and download the template [brooklyn.properties](brooklyn.properties) to that folder.
+Brooklyn reads startup configuration from a file `~/.brooklyn/brooklyn.properties`, by default.
+You can create this from a template [brooklyn.properties](brooklyn.properties) file which you edit;
+this file can be installed with:
 
 {% highlight bash %}
 $ mkdir ~/.brooklyn
@@ -87,17 +88,56 @@ $ cd ~/.brooklyn
 $ wget {{site.url}}/use/guide/quickstart/brooklyn.properties
 {% endhighlight %}
 
-Open brooklyn.properties in a text editor and add your cloud credentials.
+Open this file in a text editor and follow the instructions there. The main settings are summarized below:
 
-If you would rather test Brooklyn on localhost, follow [these instructions]({{site.url}}/use/guide/locations/) to ensure that your Brooklyn can access your machine.
+<a name="security"></a>
+## Configuring Security
 
-Restart Brooklyn:
+To configure Brooklyn to run on a public IP address, security should be enabled.
+The simplest way is to define a user and password in `~/.brooklyn/brooklyn.properties`
+(described above): 
+
+    brooklyn.webconsole.security.users=admin
+    brooklyn.webconsole.security.user.admin.password=s3cr3t
+
+Other modes, including LDAP, are described in this file.
+
+The other common setting is to run under https (on port 8443 by default):
+
+    brooklyn.webconsole.security.https.required=true
+
+These settings require a restart to Brooklyn.
+
+
+<a name="location"></a>
+## Configuring a Location
+
+Brooklyn deploys applications to ``locations''. These locations
+can be clouds, machines with fixed IPs or localhost (for testing).
+Their configuration can be specified in `~/.brooklyn/brooklyn.properties` (described above),
+and then these locations can be easily selected within Brooklyn.
+Alternatively this information can be specified in the YAML when applications are deployed,
+without needing to set it in `brooklyn.properties`.
+
+Some sample settings for this are:
+
+    brooklyn.location.jclouds.aws-ec2.identity = AKA_YOUR_ACCESS_KEY_ID
+    brooklyn.location.jclouds.aws-ec2.credential = <access-key-hex-digits>
+    brooklyn.location.named.aws-california = jclouds:aws-ec2:us-west-1
+    brooklyn.location.named.aws-california.displayName = AWS US West 1 (CA)
+
+    brooklyn.location.jclouds.softlayer.identity = username
+    brooklyn.location.jclouds.softlayer.credential = <private-key-hex-digits>
+    brooklyn.location.named.softlayer-dal05 = jclouds:softlayer:dal05
+    brooklyn.location.named.softlayer-dal05.displayName = Softlayer Dallas
+
+If you want to test Brooklyn on localhost, follow [these instructions]({{site.url}}/use/guide/locations/) 
+to ensure that your Brooklyn can access your machine.
+
+Once updated, restart Brooklyn (or reload the properties within the web GUI).
 
-{% highlight bash %}
-$ brooklyn launch
-{% endhighlight %}
 
-## Launching an Application
+## Launching an Application in Brooklyn
 
 There are several ways to deploy a YAML blueprint (including specifying the blueprint on the command line or submitting it via the REST API).