├── LICENSE
├── NOTICE
├── README.md
├── bosh-lite
    ├── cloud-config.yml
    └── default-vars.yml
├── cf-mysql-deployment.yml
├── docs
    └── using-cf-mysql.md
├── githooks
    └── pre-push
├── operations
    ├── README.md
    ├── add-broker.yml
    ├── add-roadmin.yml
    ├── add-tls.yml
    ├── add-xenial-default-stemcell.yml
    ├── bosh-dns.yml
    ├── bosh-lite.yml
    ├── configure-broker-load-balancer.yml
    ├── disable-broker-route-registrar-cross-deployment-links.yml
    ├── disable-proxy-consul-cross-deployment-links.yml
    ├── disable-proxy-route-registrar-cross-deployment-links.yml
    ├── disable-smoke-tests-cross-deployment-links.yml
    ├── enable-syslog.yml
    ├── latest-versions.yml
    ├── no-arbitrator.yml
    ├── proxy-consul.yml
    ├── proxy-elb.yml
    ├── register-proxy-route.yml
    ├── syslog-tls.yml
    ├── test
    │   ├── enable-remote-admin-access.yml
    │   └── minimal-mode.yml
    └── xenial-stemcell.yml
└── scripts
    ├── deploy-cf-mysql-to-bosh-lite
    └── deploy-cf-mysql-with-broker-to-bosh-lite


/LICENSE:
--------------------------------------------------------------------------------
  1 | 
  2 |                                  Apache License
  3 |                            Version 2.0, January 2004
  4 |                         http://www.apache.org/licenses/
  5 | 
  6 |    TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
  7 | 
  8 |    1. Definitions.
  9 | 
 10 |       "License" shall mean the terms and conditions for use, reproduction,
 11 |       and distribution as defined by Sections 1 through 9 of this document.
 12 | 
 13 |       "Licensor" shall mean the copyright owner or entity authorized by
 14 |       the copyright owner that is granting the License.
 15 | 
 16 |       "Legal Entity" shall mean the union of the acting entity and all
 17 |       other entities that control, are controlled by, or are under common
 18 |       control with that entity. For the purposes of this definition,
 19 |       "control" means (i) the power, direct or indirect, to cause the
 20 |       direction or management of such entity, whether by contract or
 21 |       otherwise, or (ii) ownership of fifty percent (50%) or more of the
 22 |       outstanding shares, or (iii) beneficial ownership of such entity.
 23 | 
 24 |       "You" (or "Your") shall mean an individual or Legal Entity
 25 |       exercising permissions granted by this License.
 26 | 
 27 |       "Source" form shall mean the preferred form for making modifications,
 28 |       including but not limited to software source code, documentation
 29 |       source, and configuration files.
 30 | 
 31 |       "Object" form shall mean any form resulting from mechanical
 32 |       transformation or translation of a Source form, including but
 33 |       not limited to compiled object code, generated documentation,
 34 |       and conversions to other media types.
 35 | 
 36 |       "Work" shall mean the work of authorship, whether in Source or
 37 |       Object form, made available under the License, as indicated by a
 38 |       copyright notice that is included in or attached to the work
 39 |       (an example is provided in the Appendix below).
 40 | 
 41 |       "Derivative Works" shall mean any work, whether in Source or Object
 42 |       form, that is based on (or derived from) the Work and for which the
 43 |       editorial revisions, annotations, elaborations, or other modifications
 44 |       represent, as a whole, an original work of authorship. For the purposes
 45 |       of this License, Derivative Works shall not include works that remain
 46 |       separable from, or merely link (or bind by name) to the interfaces of,
 47 |       the Work and Derivative Works thereof.
 48 | 
 49 |       "Contribution" shall mean any work of authorship, including
 50 |       the original version of the Work and any modifications or additions
 51 |       to that Work or Derivative Works thereof, that is intentionally
 52 |       submitted to Licensor for inclusion in the Work by the copyright owner
 53 |       or by an individual or Legal Entity authorized to submit on behalf of
 54 |       the copyright owner. For the purposes of this definition, "submitted"
 55 |       means any form of electronic, verbal, or written communication sent
 56 |       to the Licensor or its representatives, including but not limited to
 57 |       communication on electronic mailing lists, source code control systems,
 58 |       and issue tracking systems that are managed by, or on behalf of, the
 59 |       Licensor for the purpose of discussing and improving the Work, but
 60 |       excluding communication that is conspicuously marked or otherwise
 61 |       designated in writing by the copyright owner as "Not a Contribution."
 62 | 
 63 |       "Contributor" shall mean Licensor and any individual or Legal Entity
 64 |       on behalf of whom a Contribution has been received by Licensor and
 65 |       subsequently incorporated within the Work.
 66 | 
 67 |    2. Grant of Copyright License. Subject to the terms and conditions of
 68 |       this License, each Contributor hereby grants to You a perpetual,
 69 |       worldwide, non-exclusive, no-charge, royalty-free, irrevocable
 70 |       copyright license to reproduce, prepare Derivative Works of,
 71 |       publicly display, publicly perform, sublicense, and distribute the
 72 |       Work and such Derivative Works in Source or Object form.
 73 | 
 74 |    3. Grant of Patent License. Subject to the terms and conditions of
 75 |       this License, each Contributor hereby grants to You a perpetual,
 76 |       worldwide, non-exclusive, no-charge, royalty-free, irrevocable
 77 |       (except as stated in this section) patent license to make, have made,
 78 |       use, offer to sell, sell, import, and otherwise transfer the Work,
 79 |       where such license applies only to those patent claims licensable
 80 |       by such Contributor that are necessarily infringed by their
 81 |       Contribution(s) alone or by combination of their Contribution(s)
 82 |       with the Work to which such Contribution(s) was submitted. If You
 83 |       institute patent litigation against any entity (including a
 84 |       cross-claim or counterclaim in a lawsuit) alleging that the Work
 85 |       or a Contribution incorporated within the Work constitutes direct
 86 |       or contributory patent infringement, then any patent licenses
 87 |       granted to You under this License for that Work shall terminate
 88 |       as of the date such litigation is filed.
 89 | 
 90 |    4. Redistribution. You may reproduce and distribute copies of the
 91 |       Work or Derivative Works thereof in any medium, with or without
 92 |       modifications, and in Source or Object form, provided that You
 93 |       meet the following conditions:
 94 | 
 95 |       (a) You must give any other recipients of the Work or
 96 |           Derivative Works a copy of this License; and
 97 | 
 98 |       (b) You must cause any modified files to carry prominent notices
 99 |           stating that You changed the files; and
100 | 
101 |       (c) You must retain, in the Source form of any Derivative Works
102 |           that You distribute, all copyright, patent, trademark, and
103 |           attribution notices from the Source form of the Work,
104 |           excluding those notices that do not pertain to any part of
105 |           the Derivative Works; and
106 | 
107 |       (d) If the Work includes a "NOTICE" text file as part of its
108 |           distribution, then any Derivative Works that You distribute must
109 |           include a readable copy of the attribution notices contained
110 |           within such NOTICE file, excluding those notices that do not
111 |           pertain to any part of the Derivative Works, in at least one
112 |           of the following places: within a NOTICE text file distributed
113 |           as part of the Derivative Works; within the Source form or
114 |           documentation, if provided along with the Derivative Works; or,
115 |           within a display generated by the Derivative Works, if and
116 |           wherever such third-party notices normally appear. The contents
117 |           of the NOTICE file are for informational purposes only and
118 |           do not modify the License. You may add Your own attribution
119 |           notices within Derivative Works that You distribute, alongside
120 |           or as an addendum to the NOTICE text from the Work, provided
121 |           that such additional attribution notices cannot be construed
122 |           as modifying the License.
123 | 
124 |       You may add Your own copyright statement to Your modifications and
125 |       may provide additional or different license terms and conditions
126 |       for use, reproduction, or distribution of Your modifications, or
127 |       for any such Derivative Works as a whole, provided Your use,
128 |       reproduction, and distribution of the Work otherwise complies with
129 |       the conditions stated in this License.
130 | 
131 |    5. Submission of Contributions. Unless You explicitly state otherwise,
132 |       any Contribution intentionally submitted for inclusion in the Work
133 |       by You to the Licensor shall be under the terms and conditions of
134 |       this License, without any additional terms or conditions.
135 |       Notwithstanding the above, nothing herein shall supersede or modify
136 |       the terms of any separate license agreement you may have executed
137 |       with Licensor regarding such Contributions.
138 | 
139 |    6. Trademarks. This License does not grant permission to use the trade
140 |       names, trademarks, service marks, or product names of the Licensor,
141 |       except as required for reasonable and customary use in describing the
142 |       origin of the Work and reproducing the content of the NOTICE file.
143 | 
144 |    7. Disclaimer of Warranty. Unless required by applicable law or
145 |       agreed to in writing, Licensor provides the Work (and each
146 |       Contributor provides its Contributions) on an "AS IS" BASIS,
147 |       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
148 |       implied, including, without limitation, any warranties or conditions
149 |       of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
150 |       PARTICULAR PURPOSE. You are solely responsible for determining the
151 |       appropriateness of using or redistributing the Work and assume any
152 |       risks associated with Your exercise of permissions under this License.
153 | 
154 |    8. Limitation of Liability. In no event and under no legal theory,
155 |       whether in tort (including negligence), contract, or otherwise,
156 |       unless required by applicable law (such as deliberate and grossly
157 |       negligent acts) or agreed to in writing, shall any Contributor be
158 |       liable to You for damages, including any direct, indirect, special,
159 |       incidental, or consequential damages of any character arising as a
160 |       result of this License or out of the use or inability to use the
161 |       Work (including but not limited to damages for loss of goodwill,
162 |       work stoppage, computer failure or malfunction, or any and all
163 |       other commercial damages or losses), even if such Contributor
164 |       has been advised of the possibility of such damages.
165 | 
166 |    9. Accepting Warranty or Additional Liability. While redistributing
167 |       the Work or Derivative Works thereof, You may choose to offer,
168 |       and charge a fee for, acceptance of support, warranty, indemnity,
169 |       or other liability obligations and/or rights consistent with this
170 |       License. However, in accepting such obligations, You may act only
171 |       on Your own behalf and on Your sole responsibility, not on behalf
172 |       of any other Contributor, and only if You agree to indemnify,
173 |       defend, and hold each Contributor harmless for any liability
174 |       incurred by, or claims asserted against, such Contributor by reason
175 |       of your accepting any such warranty or additional liability.
176 | 
177 |    END OF TERMS AND CONDITIONS
178 | 


--------------------------------------------------------------------------------
/NOTICE:
--------------------------------------------------------------------------------
 1 | Copyright (c) 2015-Present CloudFoundry.org Foundation, Inc. All Rights Reserved.
 2 | 
 3 | This project is licensed to you under the Apache License, Version 2.0 (the "License").
 4 | 
 5 | You may not use this project except in compliance with the License.
 6 | 
 7 | This project may include a number of subcomponents with separate copyright notices
 8 | and license terms. Your use of these subcomponents is subject to the terms and 
 9 | conditions of the subcomponent's license, as noted in the LICENSE file.
10 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | DEPRECATED: cf-mysql-release is deprecated and this repo is no longer maintained.
  2 | 
  3 |             See [pxc-release](https://github.com/cloudfoundry/pxc-release)
  4 | 
  5 | # Cloud Foundry MySQL Bosh Deployment
  6 | 
  7 | ## Table of contents
  8 | 
  9 | [Usage](#usage)
 10 | 
 11 | [Deploying](#deploying)
 12 | 
 13 | [Security Groups](#security-groups)
 14 | 
 15 | [Registering the Service Broker](#registering-broker)
 16 | 
 17 | [Smoke Tests](#smoke-tests)
 18 | 
 19 | [Deregistering the Service Broker](#deregistering-broker)
 20 | 
 21 | 
 22 | This repo contains a BOSH 2 manifest that defines tested topologies of cf-mysql-release.
 23 | 
 24 | It serves as the reference for the compatible release and stemcell versions.
 25 | 
 26 | This repo takes advantage of new features such as:
 27 | 
 28 | - [cloud config](https://bosh.io/docs/cloud-config.html)
 29 | - [job links](https://bosh.io/docs/links.html)
 30 | - [new CLI](https://github.com/cloudfoundry/bosh-cli)
 31 |   - The new BOSH CLI must be installed according to the instructions [here](https://bosh.io/docs/cli-v2.html).
 32 | 
 33 | Please refer to BOSH documentation for more details. If you're having troubles
 34 | with the pre-requisites, please contact the BOSH team for help
 35 | (perhaps on [slack](https://slack.cloudfoundry.org/)).
 36 | 
 37 | <a name="usage"></a>
 38 | ## Usage
 39 | 
 40 | ### Prerequisites
 41 | 
 42 | - A deployment of [BOSH](https://github.com/cloudfoundry/bosh)
 43 | - A deployment of [Cloud Foundry](https://github.com/cloudfoundry/cf-release), [final release 193](https://github.com/cloudfoundry/cf-release/tree/v193) or greater
 44 | - Instructions for installing BOSH and Cloud Foundry can be found at http://docs.cloudfoundry.org/.
 45 | - [Routing release](https://github.com/cloudfoundry-incubator/routing-release)
 46 | v0.145.0 or later is required to register the proxy and broker routes with
 47 | Cloud Foundry:
 48 | 
 49 |     ```bash
 50 |     bosh upload release https://bosh.io/d/github.com/cloudfoundry-incubator/cf-routing-release?v=0.145.0
 51 |     ```
 52 | 
 53 |     Standalone deployments (i.e. deployments that do not interact with Cloud Foundry)
 54 |     do not require the routing release.
 55 | 
 56 | <a name="upload_stemcell"></a>
 57 | ### Upload Stemcell
 58 | 
 59 | The latest final release expects the Ubuntu Trusty (14.04) go_agent stemcell version [2859](https://github.com/cloudfoundry/bosh/blob/master/CHANGELOG.md#2859) by default. Older stemcells are not recommended. Stemcells can be downloaded from http://bosh.io/stemcells; choose the appropriate stemcell for your infrastructure ([vsphere esxi](https://d26ekeud912fhb.cloudfront.net/bosh-stemcell/vsphere/bosh-stemcell-2859-vsphere-esxi-ubuntu-trusty-go_agent.tgz),  [aws hvm](https://d26ekeud912fhb.cloudfront.net/bosh-stemcell/aws/light-bosh-stemcell-2859-aws-xen-hvm-ubuntu-trusty-go_agent.tgz), or [openstack kvm](https://d26ekeud912fhb.cloudfront.net/bosh-stemcell/openstack/bosh-stemcell-2859-openstack-kvm-ubuntu-trusty-go_agent.tgz)).
 60 | 
 61 | <a name="upload_release"></a>
 62 | ### Upload Release
 63 | 
 64 | You can use a pre-built final release or build a dev release from any of the branches described in <a href="https://github.com/cloudfoundry/cf-mysql-release/blob/develop/CONTRIBUTING.md#branches">Getting the Code</a>.
 65 | 
 66 | Final releases are stable releases created periodically for completed features. They also contain pre-compiled packages, which makes deployment much faster. To deploy the latest final release, simply check out the **master** branch. This will contain the latest final release and accompanying materials to generate a manifest. If you would like to deploy an earlier final release, use `git checkout <tag>` to obtain both the release and corresponding manifest generation materials. It's important that the manifest generation materials are consistent with the release.
 67 | 
 68 | If you'd like to deploy the latest code, build a release yourself from the **develop** branch.
 69 | 
 70 | #### Create and upload a BOSH Release:
 71 | 
 72 | 1. Build the development release.
 73 | 
 74 |   ```
 75 |   $ cd ~/workspace/cf-mysql-release
 76 |   $ git checkout release-candidate
 77 |   $ ./scripts/update
 78 |   $ bosh2 create-release
 79 |   ```
 80 | 
 81 | 1. Upload the release to your bosh environment:
 82 | 
 83 |   ```
 84 |   $ bosh2 -e YOUR_ENV upload-release
 85 |   ```
 86 | 
 87 | <a name="create_infrastructure"></a>
 88 | ### Create Infrastructure
 89 | 
 90 | #### Define subnets
 91 | 
 92 | Prior to deployment, the operator should define three subnets via their infrastructure provider.
 93 | The MySQL release is designed to be deployed across three subnets to ensure availability in the event of a subnet failure.
 94 | 
 95 | #### Create load balancer
 96 | 
 97 | In order to route requests to both proxies, the operator should create a load balancer.
 98 | Manifest changes required to configure a load balancer can be found in the
 99 | [proxy](https://github.com/cloudfoundry/cf-mysql-release/blob/master/docs/proxy.md#configuring-load-balancer) documentation.
100 | Once a load balancer is configured, the brokers will hand out the address of the load balancer rather than the IP of the first proxy.
101 | 
102 | - **Note:** When using an Elastic Load Balancer (ELB) on Amazon, make sure to create the ELB in the same VPC as your cf-mysql deployment
103 | - **Note:** For all load balancers, take special care to configure health checks to use the health_port of the proxies (default 1936). Do not configure the load balancer health check to use port 3306.
104 | - **You must use the IP address(es) of your load balancer in the p-mysql [security group](#security-groups)**, below. Otherwise, applications will not be able to connect to the database.
105 | 
106 | There are two ways to configure a load balancer, either automatically through your IaaS or by supplying static IPs for the proxies
107 | 
108 | ##### For IaaS native load balancers (AWS elb, GCP target_pool, etc)
109 | 
110 | In order for the MySQL deployment to attach the proxy instances to your configured load balancer, you need to use the [proxy-elb.yml](https://github.com/cloudfoundry/cf-mysql-deployment/blob/develop/operations/proxy-elb.yml) opsfile. This opsfile requires a [vm_extension](https://bosh.io/docs/cloud-config.html#vm-extensions) in your [cloud-config](https://bosh.io/docs/cloud-config.html) which references your load balancer and also defines the specific requirements for your IaaS. You'll need to consult your IaaS documentation as well as your BOSH CPI documentation for the specifics of the `cloud_properties` definitions for use in your `vm_extension`. You can read more specifics about configuration of the proxies [here](https://github.com/cloudfoundry/cf-mysql-release/blob/develop/docs/proxy.md).
111 | 
112 | ##### For custom load balancers (haproxy, f5, etc)
113 | 
114 | If you would like to use a custom load balancer, you can manually configure your proxies to use static IP addresses which your load balancer can point to. To do that, create an operations file that looks like the following, with static IPs that make sense for your network:
115 | ```yaml
116 | - type: replace
117 |   path: /instance_groups/name=proxy/networks
118 |   value:
119 |     - name: default
120 |       static_ips:
121 |       - 10.10.0.1
122 |       - 10.10.0.2
123 | ```
124 | 
125 | <a name="deployment"></a>
126 | ## Deploying
127 | ### Deployment Components
128 | 
129 | #### Database nodes
130 | 
131 | The number of mysql nodes should always be odd, with a minimum count of three, to avoid [split-brain](http://en.wikipedia.org/wiki/Split-brain\_\(computing\)).
132 | When the failed node comes back online, it will automatically rejoin the cluster and sync data from one of the healthy nodes.
133 | 
134 | The MariaDB cluster nodes are configured by default with 10GB of persistent disk. This can be configured using an operations file to change `instance_groups/name=mysql/persistent_disk` and `properties/cf_mysql/mysql/persistent_disk`, however your deployment will fail if this is less than 3GB.
135 | 
136 | #### Proxy nodes
137 | 
138 | There are two proxy instances. The second proxy is intended to be used in a failover capacity.
139 | In the event the first proxy fails, the second proxy will still be able to route requests to the mysql nodes.
140 | 
141 | #### Broker nodes
142 | 
143 | There are also two broker instances.
144 | The brokers each register a route with the router, which load balances requests across the brokers.
145 | 
146 | ### New deployments
147 | 
148 | New deployments will work "out of the box" with little additional configuration.
149 | There are two mechanisms for providing credentials to the deployment:
150 | 
151 | - Credentials can be provided with `-l <path-to-vars-file>` (see below for more
152 | information on variable files).
153 | - variables store file should be provided with
154 | `--vars-store <path-to-vars-store-file>` to let the CLI generate secure passwords
155 | and write them to the provided vars store file.
156 | 
157 | By default the deployment manifest will not deploy brokers, nor try to register
158 | routes for the proxies with a Cloud Foundry router. To enable integration with
159 | Cloud Foundry, operations files are provided to
160 | [add brokers](https://github.com/cloudfoundry/cf-mysql-deployment/tree/master/operations/add-broker.yml)
161 | and
162 | [register proxy routes](https://github.com/cloudfoundry/cf-mysql-deployment/tree/master/operations/register-proxy-route.yml).
163 | 
164 | If you require static IPs for the proxy instance groups, these IPs should be
165 | added to the `networks` section of the cloud-config as well as to an operations file
166 | which will use these IPs for the proxy instance groups. See below for more
167 | information on operations files.
168 | 
169 | ```sh
170 | bosh \
171 |   -e my-director \
172 |   -d cf-mysql \
173 |   deploy \
174 |   ~/workspace/cf-mysql-deployment/cf-mysql-deployment.yml \
175 |   -o <path-to-operations-file>
176 | ```
177 | 
178 | ### Upgrading from previous deployment topologies
179 | 
180 | If you are upgrading an existing deployment of cf-mysql-release with a manifest
181 | that does not take advantage of these new features, for example if the manifest
182 | was generated via the spiff templates and stubs provided in the cf-mysql-release
183 | repository, then be aware:
184 | 
185 | 1. The base manifest refers to AZs called `z1`, `z2`, and `z3`. If your
186 | cloud-config doesn't have those AZs, it will result in an error.
187 | 1. The base manifest will not deploy brokers, nor try to register routes for the proxies with a Cloud Foundry router. If you wish to preserve this behavior you will need to include the [add brokers](https://github.com/cloudfoundry/cf-mysql-deployment/tree/master/operations/add-broker.yml) and [register proxy routes](https://github.com/cloudfoundry/cf-mysql-deployment/tree/master/operations/register-proxy-route.yml) operations files.
188 | 1. Create custom operations files to map any non-default configuration (e.g. the number of maximum connections).
189 | 1. Create a custom operation file to migrate your BOSH 1 `jobs` and static IPs to their new BOSH 2 `instance_groups`. See the section below for [more information](#operations-file-for-migrating-from-bosh-1-style-manifest-to-a-bosh-2-style-manifest).
190 | 1. Create a variables file to contain the credentials of the existing deployment.
191 |  - Using `--vars-store` is not recommended as it will result in credentials being rotated which can cause issues.
192 | 1. Run the following command:
193 | 
194 | ```sh
195 | bosh \
196 |   -e my-director \
197 |   -d my-deployment \
198 |   deploy \
199 |   ~/workspace/cf-mysql-deployment/cf-mysql-deployment.yml \
200 |   -o <path-to-deployment-name-operations> \
201 |   [-o <path-to-additional-operations>] \
202 |   -l <path-to-vars-file> \
203 |   [-l <path-to-additional-vars-files>]
204 | ```
205 | 
206 | #### Operations file for migrating from BOSH 1 style manifest to a BOSH 2 style manifest
207 | Refer to [these docs](https://bosh.io/docs/migrated-from.html) on migrating from a BOSH 1 style manifest, then create an ops file to mix in those migrations into the base deployment manifest. See below for an example:
208 | 
209 | ```yaml
210 | 
211 | ---
212 | - type: replace
213 |   path: /instance_groups/name=mysql/migrated_from?
214 |   value:
215 |   - name: mysql_z1
216 |     az: z1
217 |   - name: mysql_z2
218 |     az: z2
219 |   - name: mysql_z3
220 |     az: z3
221 | 
222 | - type: replace
223 |   path: /instance_groups/name=mysql/networks
224 |   value:
225 |   - name: default
226 |     static_ips:
227 |     - 10.10.0.1
228 |     - 10.10.0.2
229 |     - 10.10.0.3
230 | ```
231 | 
232 | ## Operations files
233 | 
234 | Additional example operations files used for common configurations of `cf-mysql-release` (e.g. adding a broker for
235 | Cloud Foundry integration) can be found in the [operations](https://github.com/cloudfoundry/cf-mysql-deployment/tree/master/operations)
236 | directory. See the README in that directory for a description of which (combinations) of files to use for enabling each common feature set.
237 | 
238 | The [manifest template](https://github.com/cloudfoundry/cf-mysql-deployment/tree/master/cf-mysql-deployment.yml)
239 | is not intended to be modified; any changes you need to make should be added to operations files.
240 | 
241 | The syntax for operations files is detailed
242 | [here](http://bosh.io/docs/cli-ops-files.html).
243 | 
244 | Operations files can be provided at deploy-time as follows:
245 | 
246 | ```sh
247 | bosh \
248 |   deploy \
249 |   -o <path-to-operations-file>
250 | ```
251 | 
252 | ### Variables files
253 | 
254 | Variables files are a flat-format key-value yaml file which contains sensitive
255 | information such as passwords, ssl keys/certs etc.
256 | 
257 | They can be provided at deploy-time as follows:
258 | 
259 | ```sh
260 | bosh \
261 |   deploy \
262 |   -l <path-to-vars-file>
263 | ```
264 | 
265 | We provide a default set of variables intended for a local bosh-lite environment
266 | [here](https://github.com/cloudfoundry/cf-mysql-deployment/tree/master/bosh-lite/default-vars.yml).
267 | 
268 | Use this as an example for your environment-specific variables file.
269 | 
270 | ### Cross-deployment links
271 | 
272 | By default, this deployment assumes that some variables (e.g. nats) are provided
273 | by cross-deployment links from a deployment named `cf`.
274 | This will be true if Cloud Foundry was deployed via
275 | [cf-deployment](https://github.com/cloudfoundry/cf-deployment).
276 | 
277 | If you wish to disable cross-deployment links, use the
278 | `disable-cross-deployment-links.yml` operations file.
279 | 
280 | Disabling cross-deployment links will require these values to be provided
281 | manually (e.g. by passing `-v nats={...}` to the `bosh deploy` command).
282 | 
283 | <a name="security-groups"></a>
284 | ## Security Groups
285 | 
286 | By default, applications cannot to connect to IP addresses on the private network,
287 | preventing applications from connecting to the MySQL service.
288 | To enable access to the service, create a new security group for the IP
289 | configured in your manifest for the property `jobs.cf-mysql-broker.mysql_node.host`.
290 | 
291 | Note: This is not required for CF running on bosh-lite, as these application
292 | groups are pre-configured.
293 | 
294 | 1. Add the rule to a file in the following json format; multiple rules are supported.
295 | 
296 |   ```
297 |   [
298 |    {
299 |      "destination": "10.10.163.1-10.10.163.255",
300 |      "protocol": "all"
301 |     },
302 |    {
303 |      "destination": "10.10.164.1-10.10.164.255",
304 |      "protocol": "all"
305 |     },
306 |    {
307 |      "destination": "10.10.165.1-10.10.165.255",
308 |      "protocol": "all"
309 |     }
310 |  ]
311 |   ```
312 | 
313 | - Create a security group from the rule file.
314 | 
315 |   ```shell
316 |   $ cf create-security-group p-mysql rule.json
317 |   ```
318 | 
319 | - Enable the rule for all apps
320 | 
321 |   ```shell
322 |   $ cf bind-running-security-group p-mysql
323 |   ```
324 | 
325 | Security group changes are only applied to new application containers;
326 | existing apps must be restarted.
327 | 
328 | <a name="registering-broker"></a>
329 | ## Registering the Service Broker
330 | 
331 | After registering the service broker, the MySQL service will be visible in the Services Marketplace; using the [CLI](https://github.com/cloudfoundry/cli), run `cf marketplace`.
332 | 
333 | ### BOSH errand
334 | 
335 | ```
336 | $ bosh2 -e YOUR_ENV -d cf-mysql run-errand broker-registrar
337 | ```
338 | 
339 | ### Manually
340 | 
341 | 1. First register the broker using the `cf` CLI.  You must be logged in as an admin.
342 | 
343 |     ```
344 |     $ cf create-service-broker p-mysql BROKER_USERNAME BROKER_PASSWORD URL
345 |     ```
346 | 
347 |     `BROKER_USERNAME` and `BROKER_PASSWORD` are the credentials Cloud Foundry will use to authenticate when making API calls to the service broker. Use the values for manifest properties `jobs.cf-mysql-broker.properties.auth_username` and `jobs.cf-mysql-broker.properties.auth_password`.
348 | 
349 |     `URL` specifies where the Cloud Controller will access the MySQL broker. Use the value of the manifest property `jobs.cf-mysql-broker.properties.external_host`. By default, this value is set to `p-mysql.<properties.domain>` (in spiff: `"p-mysql." .properties.domain`).
350 | 
351 |     For more information, see [Managing Service Brokers](http://docs.cloudfoundry.org/services/managing-service-brokers.html).
352 | 
353 | 2. Then [make the service plan public](http://docs.cloudfoundry.org/services/managing-service-brokers.html#make-plans-public).
354 | 
355 | 
356 | <a name="smoke-tests"></a>
357 | ## Smoke Tests
358 | 
359 | The smoke tests are useful for verifying a deployment.
360 | The MySQL Release contains an "smoke-tests" job which is deployed as a BOSH errand.
361 | 
362 | ### Running Smoke Tests via BOSH errand
363 | 
364 | Run the smoke tests via bosh errand as follows:
365 | 
366 | ```
367 | $ bosh2 -e YOUR_ENV -d cf-mysql run-errand smoke-tests
368 | ```
369 | 
370 | <a name="deregistering-broker"></a>
371 | ## De-registering the Service Broker
372 | 
373 | The following commands are destructive and are intended to be run in conjuction with deleting your BOSH deployment.
374 | ```
375 | $ bosh2 -e YOUR_ENV -d cf-mysql run-errand deregister-and-purge-instances
376 | ```
377 | 
378 | ### Manually
379 | 
380 | Run the following:
381 | 
382 | ```
383 | $ cf purge-service-offering p-mysql
384 | $ cf delete-service-broker p-mysql
385 | ```
386 | 
387 | 


--------------------------------------------------------------------------------
/bosh-lite/cloud-config.yml:
--------------------------------------------------------------------------------
 1 | azs:
 2 | - name: z1
 3 | - name: z2
 4 | - name: z3
 5 | vm_types:
 6 | - name: default
 7 |   cloud_properties:
 8 |     ephemeral_disk:
 9 |       size: 1024
10 |       type: gp2
11 | - name: micro
12 |   cloud_properties:
13 |     ephemeral_disk:
14 |       size: 1024
15 |       type: gp2
16 | compilation:
17 |   workers: 4
18 |   network: default
19 |   az: z1
20 |   reuse_compilation_vms: true
21 |   vm_type: default
22 | networks:
23 | - name: default
24 |   subnets:
25 |   - az: z1
26 |     range: 10.244.7.0/24
27 |     gateway: 10.244.7.1
28 |     cloud_properties:
29 |       name: random
30 |   - az: z2
31 |     range: 10.244.8.0/24
32 |     gateway: 10.244.8.1
33 |     cloud_properties:
34 |       name: random
35 |   - az: z3
36 |     range: 10.244.9.0/24
37 |     gateway: 10.244.9.1
38 |     cloud_properties:
39 |       name: random
40 | vm_extensions:
41 | - name: mysql-proxy-lb
42 |   cloud_properties:
43 |     ports:
44 |     - host: 3306
45 | 


--------------------------------------------------------------------------------
/bosh-lite/default-vars.yml:
--------------------------------------------------------------------------------
1 | ---
2 | cf_mysql_external_host: p-mysql.bosh-lite.com
3 | cf_mysql_host: bosh-lite.com
4 | cf_admin_password: REPLACE_WITH_CF_ADMIN_PASSWORD
5 | cf_api_url: https://api.bosh-lite.com
6 | cf_skip_ssl_validation: true
7 | proxy_vm_extension: mysql-proxy-lb
8 | 


--------------------------------------------------------------------------------
/cf-mysql-deployment.yml:
--------------------------------------------------------------------------------
  1 | name: cf-mysql
  2 | 
  3 | addons:
  4 | - name: bpm
  5 |   jobs:
  6 |   - name: bpm
  7 |     release: bpm
  8 | 
  9 | update:
 10 |   canaries: 1
 11 |   canary_watch_time: 10000-600000
 12 |   update_watch_time: 10000-600000
 13 |   max_in_flight: 1
 14 |   serial: true
 15 | 
 16 | instance_groups:
 17 | - name: mysql
 18 |   instances: 2
 19 |   azs: [z1, z2]
 20 |   networks: [{name: default}]
 21 |   vm_type: default
 22 |   stemcell: default
 23 |   persistent_disk: 10000
 24 |   jobs:
 25 |   - name: mysql
 26 |     release: cf-mysql
 27 |     properties:
 28 |       cf_mysql:
 29 |         mysql:
 30 |           admin_password: ((cf_mysql_mysql_admin_password))
 31 |           cluster_health:
 32 |             password: ((cf_mysql_mysql_cluster_health_password))
 33 |           galera_healthcheck:
 34 |             endpoint_password: ((cf_mysql_mysql_galera_healthcheck_endpoint_password))
 35 |             db_password: ((cf_mysql_mysql_galera_healthcheck_db_password))
 36 |   - name: smoke-tests-user
 37 |     release: cf-mysql
 38 |     properties:
 39 |       cf_mysql:
 40 |         smoke_tests:
 41 |           db_password: ((cf_mysql_smoke_tests_db_password))
 42 | 
 43 | - name: arbitrator
 44 |   instances: 1
 45 |   azs: [z3]
 46 |   networks: [{name: default}]
 47 |   vm_type: default
 48 |   stemcell: default
 49 |   jobs:
 50 |   - release: cf-mysql
 51 |     name: arbitrator
 52 |     properties:
 53 |       cf_mysql:
 54 |         mysql:
 55 |           admin_password: ((cf_mysql_mysql_admin_password))
 56 |           galera_healthcheck:
 57 |             endpoint_password: ((cf_mysql_mysql_galera_healthcheck_endpoint_password))
 58 | 
 59 | - name: proxy
 60 |   instances: 2
 61 |   azs: [z1, z2]
 62 |   networks: [{name: default}]
 63 |   vm_type: default
 64 |   stemcell: default
 65 |   jobs:
 66 |   - name: proxy
 67 |     release: cf-mysql
 68 |     properties:
 69 |       cf_mysql:
 70 |         proxy:
 71 |           api_password: ((cf_mysql_proxy_api_password))
 72 |     provides:
 73 |       mysql-database:
 74 |         as: mysql-database
 75 |         shared: true
 76 | 
 77 | - name: bootstrap-vm
 78 |   instances: 1
 79 |   lifecycle: errand
 80 |   azs: [z1]
 81 |   networks: [{name: default}]
 82 |   vm_type: default
 83 |   stemcell: default
 84 |   jobs:
 85 |   - {release: cf-mysql, name: bootstrap}
 86 | 
 87 | - name: rejoin-unsafe-vm
 88 |   instances: 1
 89 |   lifecycle: errand
 90 |   azs: [z1]
 91 |   networks: [{name: default}]
 92 |   vm_type: default
 93 |   stemcell: default
 94 |   jobs:
 95 |   - {release: cf-mysql, name: rejoin-unsafe}
 96 | 
 97 | - name: verify-cluster-schemas-vm
 98 |   instances: 1
 99 |   lifecycle: errand
100 |   azs: [z1]
101 |   networks: [{name: default}]
102 |   vm_type: default
103 |   stemcell: default
104 |   jobs:
105 |   - name: verify-cluster-schemas
106 |     release: cf-mysql
107 |     properties:
108 |       cf_mysql:
109 |         mysql:
110 |           admin_password: ((cf_mysql_mysql_admin_password))
111 |           galera_healthcheck:
112 |             endpoint_password: ((cf_mysql_mysql_galera_healthcheck_endpoint_password))
113 | 
114 | - name: smoke-tests-vm
115 |   instances: 1
116 |   lifecycle: errand
117 |   azs: [z1]
118 |   networks: [{name: default}]
119 |   vm_type: default
120 |   stemcell: default
121 |   jobs:
122 |   - name: smoke-tests
123 |     release: cf-mysql
124 |     properties:
125 |       cf_mysql:
126 |         mysql:
127 |           admin_password: ((cf_mysql_mysql_admin_password))
128 |         proxy:
129 |           api_password: ((cf_mysql_proxy_api_password))
130 |         smoke_tests:
131 |           db_password: ((cf_mysql_smoke_tests_db_password))
132 |           standalone_tests_only: true
133 | 
134 | variables:
135 | - name: cf_mysql_mysql_admin_password
136 |   type: password
137 | - name: cf_mysql_mysql_cluster_health_password
138 |   type: password
139 | - name: cf_mysql_mysql_galera_healthcheck_db_password
140 |   type: password
141 | - name: cf_mysql_mysql_galera_healthcheck_endpoint_password
142 |   type: password
143 | - name: cf_mysql_proxy_api_password
144 |   type: password
145 | - name: cf_mysql_smoke_tests_db_password
146 |   type: password
147 | 
148 | releases:
149 | - name: cf-mysql
150 |   url: https://bosh.io/d/github.com/cloudfoundry/cf-mysql-release?v=36.19.0
151 |   version: 36.19.0
152 |   sha1: 393a018015fdcb48da40259b6a39b8e30fde9d0c
153 | - name: bpm
154 |   url: ""
155 |   version: latest
156 |   sha1: ""
157 | stemcells:
158 | - alias: default
159 |   os: ubuntu-trusty
160 |   version: "3586.79"
161 | 


--------------------------------------------------------------------------------
/docs/using-cf-mysql.md:
--------------------------------------------------------------------------------
 1 | # Application Developer's Guide to Using cf-mysql
 2 | 
 3 | ## Connecting to cf-mysql
 4 | 
 5 | ### Binding an App
 6 | 
 7 | You can connect apps that are deployed to Cloud Foundry, via `cf push` using the standard instructions on [Delivering Service Credentials to an Application](https://docs.cloudfoundry.org/devguide/services/application-binding.html).
 8 | 
 9 | cf-mysql does not offer any arbitrary parameters.
10 | 
11 | ### Service Keys
12 | 
13 | To connect to cf-mysql from an app which has not been deployed to Cloud Foundry, you can follow the instructions for [creating a service key](https://docs.cloudfoundry.org/devguide/services/service-keys.html).
14 | 
15 | ### Encryption
16 | 
17 | #### Applications Running on Cloud Foundry
18 | 
19 | Most applications, save Java and Spring (see below), can be modified to discover the information necessary to connect to cf-mysql using TLS. When inspecting `VCAP_SERVICES` for username and password, if the additional property, `ca_certificate` is available, your application can connect to cf-mysql using TLS.
20 | 
21 | Here's a Node.js example:
22 | 
23 | ```node
24 | ca_cert = vcap_services["p-mysql"][0]["credentials"]["ca_certificate"] ;
25 | dbClient = mysql.createConnection( {
26 |     host : host,
27 |     user : user,
28 |     password : password,
29 |     port : port,
30 |     database : database,
31 |     ssl : {
32 |         ca : ca_cert
33 |     },
34 | } ) ;
35 | ```
36 | Some languages automatically check the operating system's [trust store](https://docs.cloudfoundry.org/devguide/deploy-apps/trusted-system-certificates.html). In those cases, it is not necessary to parse `VCAP_SERVICES` for the CA certificate.
37 | 
38 | #### Java and Spring Applications
39 | 
40 | To enable apps using the [Java buildpack](https://docs.cloudfoundry.org/buildpacks/java/), you'll need to delete the existing binding and create a new one. This will update the `jdbcUrl` to specify an encrypted connection.
41 | 
42 | **Note:** Should your deployment of cf-mysql turn off encryption in the future, you'll need to **re-bind** all Java applications that use cf-mysql. That will remove the encryption requirement, allowing apps to connect to an instance that does not offer encryption.
43 | 
44 | #### Service Keys
45 | 
46 | When using a service key to establish a connection using TLS (aka SSL) you will need the `ca_certificate` from the service key output. See the [service key documentation](https://docs.cloudfoundry.org/devguide/services/service-keys.html#detail) to view the service key JSON.
47 | 
48 | Save the CA certificate to a file in PEM format. You'll need to replace the "\n" with newlines.
49 | 
50 | To test, you can use any MySQL client. Connect to the hostname given in the service key output with the given credentials. When using the `mysql` CLI, also specify `--ssl-verify-server-cert --ssl-ca=PATH_TO_CA_CERTIFICATE`.
51 | 


--------------------------------------------------------------------------------
/githooks/pre-push:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | branch=$(git rev-parse --abbrev-ref HEAD)
 4 | 
 5 | if [ "${branch}" == "master" ]
 6 | then
 7 |   echo "Refusing to commit to 'master'. Please commit to 'develop' or other branches"
 8 |   exit 1
 9 | fi
10 | 


--------------------------------------------------------------------------------
/operations/README.md:
--------------------------------------------------------------------------------
 1 | # Operations
 2 | 
 3 | This directory contains a list of commonly-used, tested, operations files.
 4 | 
 5 | Unless otherwise stated, they can be combined in any permutation and in any order.
 6 | 
 7 | ### Registering the proxy route
 8 | 
 9 | [This operations file](https://github.com/cloudfoundry/cf-mysql-deployment/tree/master/operations/register-proxy-route.yml)
10 |  registers routes with the Cloud Foundry router which point to the dashboard pages hosted by the proxies deployed as part of `cf-mysql-release`.
11 | 
12 | 
13 | ### Enabling the Service Broker
14 | 
15 | To enable integration of the MySQL database with Cloud Foundry (as a Cloud Foundry service), you should include the
16 | [add a broker](https://github.com/cloudfoundry/cf-mysql-deployment/tree/master/operations/add-broker.yml)
17 | operations file, as well as the [register the proxy route](https://github.com/cloudfoundry/cf-mysql-deployment/tree/master/operations/register-proxy-route.yml)
18 | operations file.
19 | 
20 | 
21 | ### Disabling cross deployment links
22 | 
23 | Used when the dependent deployments (i.e. Cloud Foundry) do not expose properties
24 | via cross-deployment links.
25 | 
26 | For example, many configurations of
27 | [cf-release](https://github.com/cloudfoundry/cf-release)
28 | (including the
29 | [provided spiff manifest generation](https://github.com/cloudfoundry/cf-release/blob/master/scripts/generate_deployment_manifest))
30 | do not support cross-deployment links without manual modifications to the manifest,
31 | whereas deploying Cloud Foundry via
32 | [cf-deployment](https://github.com/cloudfoundry/cf-deployment)
33 | exposes properties like NATS config by default.
34 | 
35 | Using this operations file will require you to provide your own values for these
36 | properties which would otherwise be provided via links, e.g. NATS.
37 | 
38 | Example usage:
39 | 
40 | ```
41 | -o disable-smoke-tests-cross-deployment-links.yml \
42 | -o disable-broker-route-registrar-cross-deployment-links.yml \
43 | -o disable-proxy-route-registrar-cross-deployment-links.yml \
44 | 
45 | -v nats="{password: some-nats-password, user: nats, port: 4222, machines: [10.0.31.191]}" \
46 | -v admin_username=admin \
47 | -v admin_password=password \
48 | -v api_url=api.mycf.com \
49 | -v app_domains=[mycf.com] \
50 | -v skip_ssl_validation=true \
51 | ```
52 | 
53 | ### [configure-broker-load-balancer.yml](https://github.com/cloudfoundry/cf-mysql-deployment/tree/master/operations/configure-broker-load-balancer.yml)
54 | 
55 | Provides a value for the property `cf_mysql.host` property, which is host the
56 | broker provides to applications via service instance bindings.
57 | 
58 | Typically this is a FQDN pointing to a load balancer or some other mechanism to
59 | achieve HA (e.g. DNS, floating virtual IPs etc).
60 | 
61 | Example usage:
62 | 
63 | ```
64 | -o configure-broker-load-balancer.yml \
65 | 
66 | -v cf_mysql_host=my-load-balancer-url
67 | ```
68 | 


--------------------------------------------------------------------------------
/operations/add-broker.yml:
--------------------------------------------------------------------------------
  1 | ---
  2 | - type: replace
  3 |   path: /releases/name=routing?
  4 |   value:
  5 |     name: routing
  6 |     version: "0.180.0"
  7 |     url: https://bosh.io/d/github.com/cloudfoundry-incubator/cf-routing-release?v=0.180.0
  8 |     sha1: 990c2c319e6063573eec18dbeb7c3631a382db7d
  9 | - type: replace
 10 |   path: /releases/name=bpm?
 11 |   value:
 12 |     name: bpm
 13 |     version: "0.9.0"
 14 |     url: https://bosh.io/d/github.com/cloudfoundry-incubator/bpm-release?v=0.9.0
 15 |     sha1: 0cb3242063c95271c95b62de3a6d07072aff0b29
 16 | 
 17 | - type: replace
 18 |   path: /instance_groups/-
 19 |   value:
 20 |     name: broker
 21 |     instances: 2
 22 |     azs: [z1,z2,z3]
 23 |     networks: [{name: default}]
 24 |     vm_type: default
 25 |     stemcell: default
 26 |     jobs:
 27 |     - name: cf-mysql-broker
 28 |       release: cf-mysql
 29 |       properties:
 30 |         cf:
 31 |           api_url: ((cf_api_url))
 32 |           skip_ssl_validation: ((cf_skip_ssl_validation))
 33 |         cf_mysql:
 34 |           broker:
 35 |             auth_password: ((cf_mysql_broker_auth_password))
 36 |             cookie_secret: ((cf_mysql_broker_cookie_secret))
 37 |             db_password: ((cf_mysql_broker_db_password))
 38 |             quota_enforcer:
 39 |               password: ((cf_mysql_broker_quota_enforcer_password))
 40 |             services: &broker_services
 41 |             - name: p-mysql
 42 |               id: 44b26033-1f54-4087-b7bc-da9652c2a539
 43 |               dashboard_client:
 44 |                 id: p-mysql
 45 |                 secret: ((cf_mysql_p_mysql_dashboard_secret))
 46 |               description: MySQL databases on demand
 47 |               metadata:
 48 |                 displayName: MySQL for Pivotal Cloud Foundry
 49 |                 documentationUrl: https://github.com/cloudfoundry/cf-mysql-release/blob/master/README.md
 50 |                 imageUrl: data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAJo5JREFUeNrsXQtsVNeZvvPwzBiD3zyNwxgWhEKqmEibR9skdhQtaao2Rqtks4+qthKp1e5KxKhVCg3BbrKOst3lIW2rrUQVR5W2adgKp92ikG1ik2RbkpWCs4WWQomHVyAY8NhgPDOex97v+F4zHs97zrlz7z3/Jw1j/Ji5c+/9vv9x/v8/DoVgK9Rt7/arT37tv7XqozXT7zorK1clotFgYnp6PMtLDquPoPZ1YKxvd4DOsn3goFNgOYK3asRuUx81SQRvM/hQhpIEYlz7f1AViGG6SiQABH6WHMS+U/u61SKHDxGAp/CxJgzDqjAE6aqSABAyE75NI/iD2rPfZh8xoAnDYdfCquEr218coqtOAiC7K9+hEb5N0tMw5PBUHE5EpgcodCABsDvha5MI36HF8YRbQIgw4PR5D8dD4QEKGUgA7BLHg+yPSWzli7sx3e4hxeV8w11bO3B5y7YAnRESAKtZ+i2KdZJ2pobT6x2Oh8N74SGQZ0ACYFbig/Rf18hPEHGzulzqP44BR0XFq1d39A3QGSEBMIOLD0vfSTG94WIQdHi9/a5FC/dSiEACYCgaXtjeEZ+aImtvnnzBQCIa3auGB0N0NkgARFp8WPqdiv3W6O1xM3s9gUQ40qsKQT+dDRIAXqSHa/+M5uqTm2+R8MBZ6dvrXe3fc+HJpylpSAJAxCchICEgASDikxCQEJAAZCF/DxHf/kJwZfuLPXQ2SACSid+pUHJPnpve6wk4fb7eK8/29pMAyE38No34bUQLCW9+t3vI3VDfe3nLtiESAPni/N3KTAEPQe6wQHF4PP2+tau7ZcwPOCQkf6dGforzCXPzAwurumULCxwSER/x/Ssyufuwbs5K35zvOauqsv5NfHJy7v+nQkoiFpOGEE6fd8hVU9MlS3mxQxLy9yg2zO67Fqpkdjox3FMlu3OG7M75pOcFXRxmRCGuPk8pielp9n+bIeiuq907+u2dPSQA1rf6BxSLt+UyS161gBEd5Hb6fGrcWmGqY2SioIkBhMIOnoOWJLS1N+CwMflRzLPTilYf5Haprroak7Jns5G9EFGIh9THjUklpopCIjJtydyAq66md3Trjj0kANYgfq0W63dY6CZTXNWLLE/4XIAAxCYmlBgEYeK6xXIDvgHfujVddlspcNiM/G2ay296q8+sfHW14q5ZlDMxZ1dABGLjE+zZCuGCw+NBbmCzneoGHDYif4/m8pvb0tfVKupNJCxRR2JgiLfWa5cEocMGxDe9yw/33l1fx54JuREdC86KgWmv6aKFA96WVZYPCRwWJ3+rRn7TZfnh4rvr6hR3Y/3MLDtCUTkDiEF0bMyUCUSH2zXsaVrRdekbW4dJAIwnf4dGflPF+1ib1918Al+vIHrlqulqDpAXUK951+i3nh8gATCO/Fji222mYwLh3fW10ib0jAJqDKY/G2UrCabKC9TVdFtxqdBhQfLD6neaifgVS5fYdunOzOHB9GeXmWdgmnuhvq5f9QS6SADEEN9UyT4ivnmEIHL+gmk8AqvVCzgsRP5BxQTJPsT4FUsXk6tPoUFmEahaMOxb09JuBRFwEPnzPFGqpfc2NxHxTQ4sHUY+vVj2VQOIQHzyZrvZtzJzmJz8ID0q+/xlO0Eul+JubGBWn2AdwBvAqkE5i4rUeyfgWblis5mXCR0mJz8sf9nW01C441mxnOJ8K+cHVG+gnAVFWCb0LF/ablYRcBD507v7ID5V7tkoLDh3oWzegJlFwEHknwvd3afqPZt5Ayr59bCARMCkAlBO8oPwnuYmsvrkDUglAg4TkR+kP6qUIeHHYn2V/GT15fEGIAJlyg2A/KZZHXCaiPyD5SC/Z8Uyxeu/jcgvEXCtcc1x7cuAVmfVgsGm1/aZolnEYSLyG7rOz9b1V91GffmSA81F4TNnDa8bMEuxkBk8AMPbeVHN51u7hshPYPcA7gWjcz/xyZutoZOnXyn35y+r36s19jxp5Hsiy++9baXicDrp7ifMeIPqveCurWEOceq+CEJzEdHo+kWPPeq/+dbgG9IJgNbS+x1D4/3mJqViSSPd8YSMnqHD44F1VtmZMCoEaV20+cvjNw8NHpEmB6AN8zhg2IdE0me1n1x+Qv55gU8Chi0VsnkCNdWbyzFUxFEG8hu61g/Se1Y2EfkJhbnnkWmWHDRqAlG5agScBpNf7+k3jPxk+QnFEbLC0HsnEYnURi58+orRy4NGZ8IMy/jr5Kf1fUKpoSPbg9EIEYjGWsMjZwxdGTCMHdrc/m8a8V6Y1uNBpp/ITyhVBLBCoN5PCAmwzZkBnsD6RV/9kuPmfw8N2SYHoO3YM2gY+Zub6M4lcAfKh42YQajNoGg3YgcihwHkR0wzYkTcT+Qn2EYEPJ5g5fq1LaIrBY3IARiS9NMbeggEkcA9ZsSeD0gKGlEpKDRI1op9nhH9IVjCDw09VN1HMACummpWLCS6f4BVCgouEnIIJL9fmWnvrRVOfsr2F4zmqoXKyqrs9e8TkYhyPHiVTlY6csZirFhIdJ2Ael8H3Y0NGy9v2RYQEjYLPPYDRH7jUV3hUTbUNcwSfENtPftetUf9fm1DSa99fvKGcm5ypof+t6OXVIEIqwJxTf3+dfX7N6Q6z/oSoWgRUIWmNnr1GkKBdst4AEZs1U3lvTO4b8nymcfiZSrpF6mkX1iW45iYVr2FsatMGNjz5Yvse7b3BNQwIHTqtPCyYXddrZAtyR0CyG+I6y9rOy8s+6amVYz0eDYzED4cunBWOXT+jK1DCYN6B4IVS5dwDwVEhADCs/7IxMpG/ida1iqP+9cy4lsFCDnw2LphIwsf9p08prw+csp2ngHuxYoVy9gSoUDUxsbHuYcCXD0A1fp3agIgzhVqbCjXKKeyEX/rhrvK5tqLCBX2nTyu7PvjMdsJAaYOY8NSkXDVVHddeba333QCYETBD2qyEffL4urvuvsBS1n8QgCPoPvDd1muwE4IB84KHTaKVYHKDeu5FQjxXDjfLZL8bLOOVc1SkB9u86FNm21LfgAezf72R5mHYyew6dICd5LCqkDo1Ce7uYUvnKx/m/rUKfLEYoCnLMt9P/7iw2zpTgbAy2m2SXijWWh2r4pEIhLpXLL3pTYzeQBCl/wQ88uS9INFXGkjQuQD5DjsBDaERmCeCqsN0avXdppCALTEX5uoD4u4H4k/WZCrOs+u4YDdgHtW5KThRDTa1vjyzs6yC4BI68+265Ik7ifYD6J3m4qHQjvLKgBaxZ/fqieQQBCdDxDZoZoIR/yNfc/1lEUAtGW/LcJcf9V9oo06CVYH7mGRIWx8KrSllDmCpXgAaPMVsuwnWjkJBCMhcrt5LAuGPwk8Y6gAiLb+5PoTKBQwxgso1gMQZv2R9ZfZ9UcnnXSfOXhNilBA1H1dihdQsACItP5MKVfK7fofunDGduWx2YB+gF3HPpLis3pWLBfm2RbrBRTjAQiz/kiWiCyjtAqeev/XUkziAfkff+egFHMDmIFT721RCcFivYBiBGCLqJODZAnhFjHQNWdXwMvZdOiAdCPHWEJQkJGDF1BwaFKg+9+pCNrO29u8UnF6vcR+DeF4TBm6dJ5N2EGtfLNNKgTRBdgzfETpOfqBNJZ/ntX1eJRYcFyAG5DwVd5/35nQe0fy3l+w0IEgQqr+ZE/85bKUj6sPiMBT6+5gvQJWbBTaP3JKeT1wSqr8Rsb7HQlB9Z6P3Zjk70l7PeBof96/X4D1F7alt2+NX3FWVRHb84Q+Duy+JctKHvQp0tKD7G9qSU1ZrX1Gd31yUgmdDojxMCorN1/d0ZfXVuOFeABfF2X9ify3AAs/Homw1YBsXoFuSeENQBAwCRiDQfFcDg8Bx4PlvN8HZwaC5jslGAK2aeUqaVYCZkmq3vOivIDE9DS4mpcA5OUBaIM+R4RYf0mHe2bC1jvuYjP0QKJdx48W7TJDFPQR4ez/i5fN+VkhQKIOewTMfH2NWXN9FHixI8ER0qAN+HFV8FiYM3hQumuNicJTJ04Kee2KpUta8hkgmq8HICTzjy2WiPyZCbxffYAc+9XYGcM0C7XIQDZPolyf6wn/WkZ82cGWBVUOiNhrMHb9BjjbzUsAOoUIgER9/qUQBo+ejfey8dqIqc1G6nzcfBD+kaZV0g07ycNSCxGARDjcyUUAtOQf98IfFvuT9c8bcOdBIt1ysjzA6KU5+QAzER4JSl28ZBlvVqwXICIXgMKghhe2d+RKBubjAQhJ/lHRDx/PQNmwcTZOR+YdMTr6CRCnixYGEB1bjuE4mhcsZNbdzoNMxXkBi8uWDHTnsP6w/B28DwyWnzL//MnIMuppdgtKTuLBayhKcEpIIhJy8KFqxhvmvsdgItEBDo/17Q4W6wF0iPjAFPtnBjbcFCEOZiYv1QjMcIL3zkLaVmXgcH9G8cnxGtyz/3rmk5Aedtw6Kxfs3POQtwConBDRI+D0erNy2JnF/ferT638P2gdsTyHNew5ekSaz4sSYSoPFseNeDjcumTvS/5iPAAx7j9Z/7y8ALQE290TQKETtgcjiOVGNBjsKEYAHuN9IGiCoH7//IC1/nt/+TNmIe2GmVbgAenKf/MJj4U0xcXiGbnsyOD+Q4rGeB8H5qKRB1A49LJZ1MxbeU0dooZ4n1z+LNZ6LChqm/G6dKsBbqPcf4xCIvIXh3PaTrrVRz3KI6oIYKkv3XKfGYElSHgxIH8xPQMyhgHTn17SM/jc4PR5064GZBKAB0W4/4T8rH0moiAngPyA3hegFwNhjd4sy3vHWTfgrQrFfPIY2T6zjABXeJcHx0PhBwsRAO4egKummq5sHni8ZR1rloHFz+Uqp5YBY70f1XjoANxQWz/bDSgibNDfF4VFekdgoa49iI/dgdnnlrAbMBtXBPQHgNNdOXMAavyPpb+jvN3/yg3r6crmAb0dWCdZMZ2A6ZDcGjwjFqpAeLx5Ex0otvU3FakdgbK2A2fD1PET3MMAFRvH+nYP5/IA+Ft/cv+LJgoeSACiCxCxdLFDNFN7A4xOxMHaI28B0pt1ipHdwwCHpwLczikA/ON/cv9LAtz6p9dtYA80/Ohjtsw+aksXsE1NtxHpTRAGJCLTD+aTA2jj7f6TByBGDAB4BL8fu8ae0QlYriU21oxUV6/cXjuTf6CGIVN6zW1ZBUCN/9t4v6OzagFdTdHEw8ANZe0cdx8twfAWzt28Mc/l19uFC7HkqbkDllNQv8a4chryIU4EYhPXub5mY99zbVe2vziUyQPgXvtP7r/x0AeFzlWKjXRirCYAGBTCWQBiNybB8VkBcAqP/6nvvyDIWCVX7IwC+3sAQoznHI47RXoAqG2m2v/CBcBqM/9KAcKUfX88RhfeOP60phUArf3XT9a//Oj+4F0pRACJSxm6Hk3GIb/W6zPPA/DzfifnQhKAYgBCgBiYC2BXcqApCBugyrY5qEk41JpOANoo/jcfSfSWYLsIATwbtALbWdy4CoBPyOTsWa4nrwLcyTV+cbko/ufkDSR3Aj61boPlimoQ52Nj0P0jJ6npp1ABqPQxLnEuC74znQD4eR84ga8Q6J2Aelmtmefu6/sWYDMTcvNL5xLnseH+dALAdQWAxn4XB73CL9ugTFhR/Fz/ndQqPKM3CAXZZ/YkKLwaUW8MotFg2bnEWQBa5wiA1gHIXbUIhQNVdugGfHrdHcqu4x/l1Qk4QzxY2VPzyJX8rG/eke530pE61QMBudn7aZWEhVYUpr4vPud92v6HBGO5BM6jM1D3ALiP6hGUvJAGK7VeeXQCFhs/z/bsm4Rg8EqsmscoJxwVQnJptckhQBv3g6YEIDchgKXEw4rjtXTSW2mMmQwegMb5IV0Aani+sovW/4WAxfobG9hOwee1CTy/Hb2ouuLXTJNoQ4LydrY56HK2QShZen4iwHnrsJpkD4BvDsDppCtmgGeQvFuw7urrHYA84vRcMbz+rHcGGp18lC4M4CsArckCwFmtKumKlQHZevB1MZjzfy2pl9GapyQNqfW3nB5AJffOQGE5AIeLPIBigbl7omLxVIEwS0x+noqDysEpxnkhTKUlwOLx5vkz0pXIYpWDUB5OObUuQM6v6qIrViRAfjTJyCICW/MYf04QA3AfHgB3ASAPoDQgo2/3Tjm94/H1EbL+eXFKTGWtn4J1E4sA20Dz+FHbeQOoZUCXo0yDT8wKJAG5VgGic4nAD9hBFxNznmhZy8qDrZqF15uZfnzyGHUElsAtzl2BtRAAvk1A5P4LIY/e/MMmAKti8EjTKtOLAY4b3YDYx4CsPR9u8W4KctNptV5ocPzoVTZQA1V3M5uDLldur6sve9Wd3hE4s2nJJWoDtkgIQLAo4EqfG5m7d2DyBqF6IQ/PAp7k6kIUEhW7MSiBBIAgykNQH5lcbngNK6sK23VmIhIha04CkGecQoNAzO81UBLOmjkA/oNBFFoGJBBkFhU6BQSC3AJAUxoIBDlRQx4AgSC5B0AVGgSCnBgnD4BAkNwDIBAIJAB8EJ+cpLNKIAiACG6RB0AgkAdAIBBkBPUCWAzYOxDbh6UiWzMO1fITsgnAMNc4he/sckISdt/9wJx9AOZgw8aiX5ftJZBlGrG+10A6YGAJwaAcAH9usb0BgzxfkfPEEoIyM9J7/0OPCuv3X1m1sOh2YaO2/27Wjk/mRiYB3ApSCCA5+UsFPBIMKBEJjEPDRqm6N4IJQwh5aMpQ6XBoY8FHeL6ob42f2oIlIL9OyHv/62fCXh/7ICLvkQkQAgxOtftAEiwBhk4HeL9si3Osb3eAqEbkLyV8EHGM+Pw//uLDWckPYCQakpyEwgHuC1kGpERgaQCh3tq02TI76/IeTorPDfHLZ+syWH8ZVjhEcUrPAQwpHPcHTMTixOISb36r7LKLEIBnLA6LDsufz+cH8WVZhRDAqaFkAeCsVlPEZAnID/Dc1y852ZcLGEr69Pu/lubeEFVirwvAMFcPYHqa2CwB+QFsWsIDWWsc0rn+quWXaUlQwBLgcLIAjFMOoHyA5UO220rkZ7P/Ry+VvG1ZMclOvDc2SZEJAjg1npoD2Mn7gGmXIL5ur2hgzz7dpTdiWQ2kR7xfSBIRgoMdhYn8fHMAQd6vzsIAEgDLkJ+RfvSiYevpyPDvvueBgr0e2Vx/gSE14zxbBhzr2z3M+9UpDLAW+QGjiIW1/Xwz/cnAaoNsrr8oLumcd6ckBbhtFDqTtVxMTE+DrXfcpWwtoXlHFHo23qPt73ctZwyeDfrWYeni/d6N9xaU7Et2/bs/eFfK+0XACsCswU8WgABXASAPIC0KzXYbCcTkeOQswCmDeIH8pSYcyQOYw3VlNgTQ8DHXuCUWIxGwEPnNjEMSby8ODglYAvw4nQAMcT/4EAkAkb80yOz6C+TQ0DwBqFi6JMD94G/QgFDEvUR+cv1NxqHheQJwecu2QHJswAMxySYEI7mX2r2G2nYif3FAxl/2nn8BHAqM9e2eXfZ3p1EGP7c8QGSaPRyeCqlcfFis10dOzcavKLAhESgMWI2QfdyYzh9R1j81BwAc5q5gExO2d/EPbeqYQ3Cs7yeXtnZ/+K7tB1Zwd/0/lNv1F8idwxkFwLWwintBUMzGeQC9gSddHXvq9596/9c0mbcA158EUxh3MnsAV7a/OMRfxa7b8uIgts/WxALPYNc9989Wu+ntq7JbNXL9y8sdNf4fyhYCACQCOYAy3v3tuVt3dQ9BB0ptH3/nIIlAFjxFIimSM/O4PU8AHJ4K/nmAcfvkAdC2W0gNP0Rgd9LvIwzoOXqEmJ4Gsoz3KiNnDucUgERkeoA8gPTAEl+uIZXpgARh8t9hhYBEYC5kGu9VRs7M47Yr9Ruh945cqrz/vmfUL/n18iYSirOyUnF6vZa+KH+aGFfalq9UlvgWFPy3+LvzN2812nx0dVRprlqkbKhroLtdxdcOv6WMhmiUnE7+6Bj3Dv2gGv935/QAMikFhQHaMIoP3is6RkX4kLo8SC4vuf4GcSUtp9MOBXX6vIfjoXAnhQHpXVUk8rD2Xyj08VebDh2Y7b3Ha1lh/n+yCKLdt7RzeG2OiJLrbwhX0ub2HOm+Wbe9u1Z9GuN9BJ7mJsVdV2uLi1TKQA9dRHQSFDsQFHmEXL37qTg/eV3q/fXMDrj+kXMXRLx0XXIJcFYBAOqf//ZgIhpt43kErupFitd/m20uVimDPVDo8vjgwdn/QwTy9Sr0DjnaG89+CAfOivAAhlTyt6f19jOz1fmGCNdGQG1z+WJX1XXdP1LcXHwUEqUuD+Yz7BLkZyEIkd92ADcEuf8ZuZxRANy1tQMijkRAdrOsKCWRl255MNvMO7zPvb/8GSXMbOz+C0JGLrsy/WDyzbeDVQ+3dSRisWVcVS4UUiqWNNrqwv3i7CclLQ8ijj99fWZrhqFL59MuD8LiU5WcvRE5c44tmXPGsOr+v1ywBwDEw+G93N2cWMx2XkCpy4MYj528CrCTJfduWXmEGUR++1t/AaO/gKwczrU78IDD5eL/Ya/Yz4UFYZ/Kc686NLwgCXhey8bry4PJjUOI8/Fz5AW6P3yXGGJ3ARDHiayhfFZ2h947Eqps+0KrEo+v5+oFRKNoPVYcHo+tLiIIi2q/bFN12XCQwYPK/sBMvA+yIwzwqkKLZ4QT4XiMPfDzQpf5CNYDxn5PX74ihPyq+/9qKR6A4qioeFXEkU1/NmrLi5ktkQcvIdWaJ/e+s8ahex4gRkgGgVzIyd2cAnB1Rx/CAO5BO4Yd2HVsOAp00i0PHrpwNu3vY5NNHWzLrLtJBKSx/ioHBA3+QO3/QMkCwLwAr7ffYnFP2ZGayNNj/XRI/T6WB5+gGYIU+5eGvDiblwC4Fi3cK+TDI/Npo8KgZCQn8nSA1Kk1/yB/OrKjzBjFQgR7W3+BK2J5cTavFD9qAha03889GQigLsAu/QGpQCLvt5cvKY+tWs2SfHjga7S9Vnu8yudVgv/wvoeUxb7KeX/LtupWH3gNgj0ROXdelAFE8u9H+fyiO99XRDIwEY128D5SlguYnFScVVW2vMgs8ffBu2w3XN3i52oiQmKQBobY3Pqr97zAgbl5e+x5L/JPDb53YsHDD3YqsRh3c439z+3qBQCo8su1PKgD6/4/+MP/EUPsbv3PfyrK+gfSDf4oKQcwS9RwpFfEEUMJ7To9WAfc+WyNQyxnMHhwdkMRgn2Be12g9S+Io45CX71+x7fGEgK8AOweVLl+ne0vPkKBVE8AiULaN0AeTJ04Kcr6Y+mvrpA/cBb6Ds5Kn5AVAZwQuxYHJQP5gGSi4+u/OHSAyC8JcI8LXPkqmJsFC4B3tX+PiMIgAGuidl0WnOPqa9OAEBJsOjRATT6SAPe2wHV/cHJPoX9UcKfP9f/8RajqkYcq1Q/Txv8MJdSTFFHctTW2vhGwtIea/9cDFO/LBIz6ioeEVb++rLr/bwr3AER7ASxBYvOEIEBz+eSC4Pu6KOtftABcePLpoKhcgK6UgnqjCQTjXX/1XhY06HM29k838FOYAIj2Agw4YQSCoa6/QINWtPUvSQBEewGyhAIEcv3LZf0BR6nvXt/77EgiHPGL+GSYRuRbv1YRMZWIQDDC9Q+dOCXS+qPqr6WUF3CWegROn69X5AmkUIBArn9GlMw9B4+jELGJSDI8K5Yp7kbaRJNgHWC9P/LpJZFvkXGzD0M9AMDdUN8r0k3HibTr9CCC/YB7VTD5uVh/bgJwecu2IYfH0y/y04bPnKWlQYIl4n7cq4LRr1r/IdMIAOBbu7pb1LIgO7GR6ZmNEwgEM8f96j0quJwdHOvm9WLcBIAtCy6s6hb5ydFCaYBrRSAUHaoKbPPV0V3Ksl8qHLyPruF73xmMh8JtIs+AnbYZJ9gDArf1TgaXxF8y3LyP0FVT0xUPXT6qfimMoTjRTp8Prcl056UBxk3diknjRSdQMaPBqT5m3UWbjm0r+Xwj6See/LD6Xbxf1CHiSBd/v7dHVcSdIs8GVh28q/3SiQDiy8R0hN10M+SeUu9A9TkSMayVekYYPKoiONXzX6leCye7Do4KD/uZbOQPfxIwIkHdq1r/HksIACC6NoBZJPWmgwjYtVIQlhw3GCP79LQR8SUfLxDbvlVUsOvDHjb1HFjGXyW/AUvU3F1/YSHA7As31HdFr1w9KmJ8WKr62kEEGNFD6gNTkkMhS9c9zArV2FyxZmGbKg52CN8MJL8Q11+4B8BCgV0vPBO9cm236DNkRU8A7npsYkIbi35TuhoHXCtn1QLmLbiqqy0VOhhIfgBZ/z2WFACg4XvbDqgWrUP0+2BVAKsDpraM6AwbV0mvuvZ2H31WTF7BpYYKrppqVRAWmfpYkfATuKNPMrDBx2ahvBH9CXzr1nRNnTjVlohEhK7b6RfETCIASzFLemptzukRRSPB2esIEdDFwEyenYHkF+r6G+YBAEv2vtQWvXJ10Ag3t9yeAJGeP8wiBgaSH2jnVe6b9dwa8Ukm33w7sPArmxxqKNAm+r2QQIM1QbLJ4XQadnMgY4+Rz9MXLiqx4Dg2USHm8hJV9VwyUb02pn4dVhxulxoyeAwVdVxXA8mPJb9+Q0IvIy9k40s7DsSu3+gw4r2MSAwya6/eFNMSjDM3Y86gorFBcaken+hrbGDCz5C4fw5PjLxo3pZVXap6DxtikQUWaMDawx2cOn6C1X8T+cuTM8C5Z9cA47YnJ+1A/mEj4v6yeQDAsh/tao1c/GxQdFIw2RPwrGzisu4MFxAW3yoFOdLlCrCkqHoEPPpEWHnv+QtGkj+oxf3DthYAYPG/fK8jNj5xwKi171LLhkH86c8uk6W3UniwdEnRQmBgeW8yNqvkHzBcNMtxgW6+NXhiYceXxuM3px4xxl9MKNFrYyxxlK8I4OJHR68yKwCrr8TixCyrQL1WSBpGtevG+hTyTAjjb8IjZ9g9YyC6jUr6mcIDSPIEXlGJ2Wnke2K2IGYMZr0Jrlyd2cTRYtV5n1vepNyxfIVyW139vJ/97uIF5djFT5WzY9fk8whUD7Bi6eKccyWRUxC4d18mYLpPV9nOTbkvjlGVgqmxomdV87zssRVdfZD+m59/QHn09juUGl9lzt+HAPzPyGnlpx/9r/L+yJ/m/fyLLX+m/OLpv+dybPXf3WqJ0IBNnz5zrhy5HUMz/mkNYrkvCioFQ6dH/PHJm62GeYjqhQ6dOq14V93G3ENkkMMY4Wwh4sPK9z3awYhf6N/h8dd3/TkTgn/4+U+l8QrYyoF6nSHy3uYm1qXI4n3MmzT+2hue8TelAGCUWNNr+9pVERg0UgRwwSECTAAs1nkHK/2Tv+vKy+JnA8IFGUMCdu1PB8p57UH+dp6jvYqF0wwXBCKgkr9dOzGGwmrkh+WGi14q+YGDvz+myAzZyW8KD0AHTsiyH+3qMrJGwGpAvN/35czpkvHQFCO1nvDT8YXVa5TPLWtiz8nC8e+/eZdOqrFgDT5mIb+pBAC49I2tw6oItJMIpMe//eWTGS0/yPzy24eYCKRCT/bhb5EzePahTez/EIp88dV9P0ybNCQURH7DC30sJQAkAtldf3gA6YBEHrL6uQBxwO/BS8j0WgR5yG+aHEA6EfAsX9ru8HiCdO/MQLfaqdj+q4G8yJ8qBGTNifymFYBkEVDKkBg0Y+yfrrgHy3gUx5saw2Ymv6kFQBcBnEBn1QKpRSDTWv9/fPQhUYzIb18BAJAx9a1pkVoEsO6fDoW6/gTDyW/6ENZthbM5Wyx08vQrRpcNmwHNtXVp3X8jgaKhfHA2eE3K4qIkoKOvywrkt4wA6CKgPm0uRwNRuZEu/h+fmjL0GLLVHyTj5XcOseVISVHWxh5bhgCpGP3W813uxvpuu+4GlC9+d+mCQjAVuq1GfksKABOBrTv2uGqqN8u8TMijFJjABcwzFbl5BwlAek9ggNUKGDRj0GygQh5TQE/2DVj1A7itfPaxTIjkYHjkzCtGTRsui7t/8cI8wqdLDIo+holQ7uYZiRKAlkr22VIAgNnk4Pd7e2IT13facY+9c2Nj8wQAiUF8r5B6/lLw3V+9QdWDGhyeit5rPf/cY4fP4rTLRRn99s4ed2ODLcuHMxEP/QEEw+P9druQ31YCAFzesm2ocv3aFqfPN2Cnz3XwD8cyCkC6JUKCMJe/xYjtukgASgwJrj7/0mZtqdAW3oA+xy8VWAn4yd920YqAeKuPJb7NVo/3pRCA2ZBg6449akiw0eF220KxMxXXIA9Q6IQgeA4jO/6JhCM3cO9stOoSXz6wdTXN5JtvB6cO/+bVRV/9EjYmxbxBn1U/C0psQfa1i5fM+9nSRdVK1z2fV3wVFcq54FjaoSD6INB9f/U15W/uulvxuSuUd079kb1uut9LBfoOUn/X5lb/ZRT2hN47YutaE4csV3TJ3pf8sfHxV+KhcJtVPwMsNqx9rhoAhAwQAh1YMkyXK0hXtptpLLhEE4Fg9bG8F5Dhw7plEYDLW7bhgrY3vryzM35jcnciFrPctCFY9n/8+Wss7s+W/NNHf+cC5gQS5sX6/TJ9aKdsV/nKs739lRvWtzgrK/ut2E+Adf8H/+1fuXQD5tvhJwFA+hbZyC+lAABspWBHXxerG7BgkhCewFf2/aCkTT0gIPAmJAeuPUp5u+yY4accQJ5gYUEotDMRjvitePyI2zE1CLmBL7SsyZgXwKhwxPGoK8gkHFmTgPYp80U42CujxScByCYEfc/1xKdCW6yYH5gX36tigKQhle/Oi/P3qsTvoVNBApAWTa/tqw1/EnjGLkJAuEV89bFHVlefBICEgIhPIAEgISDiE0gAikLd9u5Oh9dj2WShBAgolNwjATBACNocbveWRDTaQWfDFECn3l67deqRAJgcrLz4+o0tiXC4k8KDsrj5/RrxA3Q6SADKioYXtnckpqe/riQSHXacSmQya/+qlefwkQDYOzyAJ9Dh9Hq3xMPhVjojXIDhm0jqDVBSjwTAUiFCNBjsUGLxxxLRaBudkYKAeP4NjfTk4pMAWN8zcPq8HfFQ+EF4COqDcgbzY3q49YfJ0pMAyCAIrQ5PRUciMg1BkNU7GEoi/DDdFSQA0qKx77m22I1J5AwgCHj22+wjBrRYHoQfpiU7EgBCjpBBEwJ4B3dqgmCVpOKwRviPNSs/TC49CQCBU+ig5Q8gDDVJomB0GDGURPZx7f9BcuVJAAjlFQh/UvhQy8FrAKF16x2gjLy98P8CDADMneNqQ66ddAAAAABJRU5ErkJggg==
 51 |                 longDescription: Creating a service instance provisions a database. Binding
 52 |                   applications provisions unique credentials for each application to access
 53 |                   the database.
 54 |                 providerDisplayName: Pivotal Software
 55 |                 supportUrl: https://support.pivotal.io
 56 |               plan_updateable: true
 57 |               plans:
 58 |               - description: Shared MySQL Server
 59 |                 id: ab08f1bc-e6fc-4b56-a767-ee0fea6e3f20
 60 |                 max_storage_mb: 10
 61 |                 max_user_connections: 20
 62 |                 name: 10mb
 63 |               - description: Shared MySQL Server
 64 |                 id: 11d0aa36-dcec-4021-85f5-ea4d9a5c8342
 65 |                 max_storage_mb: 20
 66 |                 max_user_connections: 40
 67 |                 name: 20mb
 68 |               tags:
 69 |               - mysql
 70 |           external_host: ((cf_mysql_external_host))
 71 |           mysql:
 72 |             persistent_disk: 10000
 73 |     - name: route_registrar
 74 |       release: routing
 75 |       consumes:
 76 |         nats: {from: nats, deployment: cf}
 77 |       properties:
 78 |         route_registrar:
 79 |           routes:
 80 |           - name: cf-mysql-broker
 81 |             port: 8081 # must match the value of 'cf_mysql.broker.port'
 82 |             registration_interval: 10s
 83 |             uris:
 84 |             - ((cf_mysql_external_host))
 85 |             health_check:
 86 |               name: script
 87 |               script_path: /var/vcap/jobs/cf-mysql-broker/bin/healthcheck.sh
 88 | 
 89 | - type: replace
 90 |   path: /instance_groups/-
 91 |   value:
 92 |     name: broker-registrar-vm
 93 |     instances: 1
 94 |     lifecycle: errand
 95 |     azs: [z1]
 96 |     networks: [{name: default}]
 97 |     vm_type: default
 98 |     stemcell: default
 99 |     jobs:
100 |     - name: broker-registrar
101 |       release: cf-mysql
102 |       properties:
103 |         cf:
104 |           admin_username: admin
105 |           admin_password: ((cf_admin_password))
106 |           api_url: ((cf_api_url))
107 |           skip_ssl_validation: ((cf_skip_ssl_validation))
108 |         cf_mysql:
109 |           broker:
110 |             auth_password: ((cf_mysql_broker_auth_password))
111 |             services: *broker_services
112 |           external_host: ((cf_mysql_external_host))
113 | 
114 | - type: replace
115 |   path: /instance_groups/-
116 |   value:
117 |     name: deregister-and-purge-instances-vm
118 |     instances: 1
119 |     lifecycle: errand
120 |     azs: [z1]
121 |     networks: [{name: default}]
122 |     vm_type: default
123 |     stemcell: default
124 |     jobs:
125 |     - name: deregister-and-purge-instances
126 |       release: cf-mysql
127 |       properties:
128 |         cf:
129 |           admin_username: admin
130 |           admin_password: ((cf_admin_password))
131 |           api_url: ((cf_api_url))
132 |           skip_ssl_validation: ((cf_skip_ssl_validation))
133 |         cf_mysql:
134 |           broker:
135 |             services: *broker_services
136 | 
137 | - type: replace
138 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/properties/cf?/skip_ssl_validation
139 |   value: ((cf_skip_ssl_validation))
140 | 
141 | - type: replace
142 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/properties/cf?/admin_username
143 |   value: admin
144 | 
145 | - type: replace
146 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/properties/cf?/admin_password
147 |   value: ((cf_admin_password))
148 | 
149 | - type: replace
150 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/properties/cf?/api_url
151 |   value: ((cf_api_url))
152 | 
153 | - type: replace
154 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/properties/cf_mysql/smoke_tests/standalone_tests_only?
155 |   value: false
156 | 
157 | - type: replace
158 |   path: /instance_groups/name=mysql/jobs/-
159 |   value:
160 |     name: cf-mysql-broker-user
161 |     release: cf-mysql
162 | 
163 | - type: remove
164 |   path: /instance_groups/name=mysql/jobs/name=smoke-tests-user
165 | 
166 | - type: remove
167 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/properties/cf_mysql/smoke_tests/db_password
168 | 
169 | - type: replace
170 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/properties/cf_mysql/external_host?
171 |   value: ((cf_mysql_external_host))
172 | 
173 | - type: replace
174 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/properties/cf_mysql/smoke_tests/password?
175 |   value: ((cf_mysql_smoke_tests_password))
176 | 
177 | - type: replace
178 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/consumes?
179 |   value:
180 |     cloud_controller: {from: cloud_controller, deployment: cf}
181 | 
182 | - type: replace
183 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/properties/cf_mysql/broker?/services
184 |   value: *broker_services
185 | 
186 | - type: replace
187 |   path: /variables/-
188 |   value:
189 |     name: cf_mysql_broker_auth_password
190 |     type: password
191 | 
192 | - type: replace
193 |   path: /variables/-
194 |   value:
195 |     name: cf_mysql_broker_cookie_secret
196 |     type: password
197 | 
198 | - type: replace
199 |   path: /variables/-
200 |   value:
201 |     name: cf_mysql_broker_db_password
202 |     type: password
203 | 
204 | - type: replace
205 |   path: /variables/-
206 |   value:
207 |     name: cf_mysql_broker_quota_enforcer_password
208 |     type: password
209 | 
210 | - type: replace
211 |   path: /variables/-
212 |   value:
213 |     name: cf_mysql_p_mysql_dashboard_secret
214 |     type: password
215 | 
216 | - type: replace
217 |   path: /variables/-
218 |   value:
219 |     name: cf_mysql_smoke_tests_password
220 |     type: password
221 | 


--------------------------------------------------------------------------------
/operations/add-roadmin.yml:
--------------------------------------------------------------------------------
 1 | - type: replace
 2 |   path: /instance_groups/name=mysql/jobs/name=mysql/properties/cf_mysql/mysql/roadmin_enabled?
 3 |   value: true
 4 | 
 5 | - type: replace
 6 |   path: /instance_groups/name=mysql/jobs/name=mysql/properties/cf_mysql/mysql/roadmin_password?
 7 |   value: ((cf_mysql_mysql_roadmin_password))
 8 | 
 9 | - type: replace
10 |   path: /variables/-
11 |   value:
12 |     name: cf_mysql_mysql_roadmin_password
13 |     type: password
14 | 


--------------------------------------------------------------------------------
/operations/add-tls.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - type: replace
 3 |   path: /instance_groups/name=mysql/jobs/name=mysql/properties/cf_mysql/mysql/tls?/ca_certificate
 4 |   value: ((cf_mysql_mysql_tls_server_certificate.ca))
 5 | 
 6 | - type: replace
 7 |   path: /instance_groups/name=mysql/jobs/name=mysql/properties/cf_mysql/mysql/tls?/server_certificate
 8 |   value: ((cf_mysql_mysql_tls_server_certificate.certificate))
 9 | 
10 | - type: replace
11 |   path: /instance_groups/name=mysql/jobs/name=mysql/properties/cf_mysql/mysql/tls?/server_key
12 |   value: ((cf_mysql_mysql_tls_server_certificate.private_key))
13 | 
14 | - type: replace
15 |   path: /variables?/-
16 |   value:
17 |     name: cf_mysql_mysql_tls_server_certificate
18 |     type: certificate
19 |     options:
20 |       common_name: ((cf_mysql_host))
21 |       ca: trusted_cert_for_apps
22 | 


--------------------------------------------------------------------------------
/operations/add-xenial-default-stemcell.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - type: replace
 3 |   path: /stemcells/alias=default
 4 |   value:
 5 |     alias: trusty
 6 |     os: ubuntu-trusty
 7 |     version: latest
 8 | 
 9 | - type: replace
10 |   path: /stemcells/-
11 |   value:
12 |     alias: default
13 |     os: ubuntu-xenial
14 |     version: latest
15 | 


--------------------------------------------------------------------------------
/operations/bosh-dns.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - type: replace
3 |   path: /instance_groups/name=proxy/jobs/name=proxy/properties/cf_mysql/proxy/shutdown_delay?
4 |   value: 30
5 | 


--------------------------------------------------------------------------------
/operations/bosh-lite.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - type: replace
3 |   path: /instance_groups/name=mysql/jobs/name=mysql/properties/cf_mysql/mysql/innodb_buffer_pool_size?
4 |   value: 128M
5 | 


--------------------------------------------------------------------------------
/operations/configure-broker-load-balancer.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - type: replace
3 |   path: /instance_groups/name=broker/jobs/name=cf-mysql-broker/properties/cf_mysql/host?
4 |   value: ((cf_mysql_host))
5 | 


--------------------------------------------------------------------------------
/operations/disable-broker-route-registrar-cross-deployment-links.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - type: replace
 3 |   path: /instance_groups/name=broker/jobs/name=route_registrar?/consumes
 4 |   value:
 5 |     nats: nil
 6 | 
 7 | - type: replace
 8 |   path: /instance_groups/name=broker/jobs/name=route_registrar?/properties/nats
 9 |   value: ((nats))
10 | 


--------------------------------------------------------------------------------
/operations/disable-proxy-consul-cross-deployment-links.yml:
--------------------------------------------------------------------------------
 1 | - type: replace
 2 |   path: /instance_groups/name=proxy/jobs/name=consul_agent/consumes?
 3 |   value:
 4 |     consul: nil
 5 |     consul_client: nil
 6 |     consul_common: nil
 7 |     consul_server: nil
 8 | 
 9 | - type: replace
10 |   path: /instance_groups/name=proxy/jobs/name=consul_agent/properties?/consul
11 |   value:
12 |     agent:
13 |       datacenter:
14 |       domain: cf.internal
15 |       log_level:
16 |       servers:
17 |         lan: ((consul_agent_servers_lan))
18 |     agent_cert: ((consul_agent_cert))
19 |     agent_key: ((consul_agent_key))
20 |     ca_cert: ((consul_ca_cert))
21 |     encrypt_keys: ((consul_encrypt_keys))
22 |     server_cert: ((consul_server_cert))
23 |     server_key: ((consul_server_key))
24 | 


--------------------------------------------------------------------------------
/operations/disable-proxy-route-registrar-cross-deployment-links.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - type: replace
 3 |   path: /instance_groups/name=proxy/jobs/name=route_registrar?/consumes
 4 |   value:
 5 |     nats: nil
 6 | 
 7 | - type: replace
 8 |   path: /instance_groups/name=proxy/jobs/name=route_registrar?/properties/nats
 9 |   value: ((nats))
10 | 


--------------------------------------------------------------------------------
/operations/disable-smoke-tests-cross-deployment-links.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - type: replace
 3 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/properties/cf?/app_domains
 4 |   value: ((app_domains))
 5 | 
 6 | - type: replace
 7 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/consumes?
 8 |   value:
 9 |     cloud_controller: nil
10 | 


--------------------------------------------------------------------------------
/operations/enable-syslog.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - type: replace
 3 |   path: /addons?/-
 4 |   value:
 5 |     name: syslog_forwarder
 6 |     jobs:
 7 |     - name: syslog_forwarder
 8 |       release: syslog
 9 |       properties:
10 |         syslog:
11 |           address: ((syslog_address))
12 |           port: ((syslog_port))
13 |           transport: ((syslog_transport))
14 |           forward_files: true
15 | 
16 | - type: replace
17 |   path: /releases/-
18 |   value:
19 |     name: syslog
20 |     url: https://bosh.io/d/github.com/cloudfoundry/syslog-release?v=11
21 |     version: '11'
22 |     sha1: 332ac15609b220a3fdf5efad0e0aa069d8235788
23 | 


--------------------------------------------------------------------------------
/operations/latest-versions.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - type: replace
 3 |   path: /releases/name=cf-mysql
 4 |   value:
 5 |     name: cf-mysql
 6 |     version: latest
 7 | 
 8 | - type: replace
 9 |   path: /stemcells/alias=default
10 |   value:
11 |     alias: default
12 |     os: ubuntu-trusty
13 |     version: latest
14 | 


--------------------------------------------------------------------------------
/operations/no-arbitrator.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - type: remove
 3 |   path: /instance_groups/name=arbitrator
 4 | 
 5 | - type: replace
 6 |   path: /instance_groups/name=mysql/instances
 7 |   value: 3
 8 | 
 9 | - type: replace
10 |   path: /instance_groups/name=mysql/azs/-
11 |   value: z3
12 | 


--------------------------------------------------------------------------------
/operations/proxy-consul.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - type: replace
 3 |   path: /releases/-
 4 |   value:
 5 |     name: consul
 6 |     version: latest
 7 | 
 8 | - type: replace
 9 |   path: /instance_groups/name=proxy/jobs/-
10 |   value:
11 |     release: consul
12 |     name: consul_agent
13 |     consumes:
14 |       consul_common: {from: consul_common_link, deployment: cf}
15 |       consul_server: {from: consul_server_link, deployment: cf}
16 |       consul_client: {from: consul_client_link, deployment: cf}
17 | 
18 | - type: replace
19 |   path: /instance_groups/name=proxy/jobs/name=proxy/properties/cf_mysql/proxy/consul_enabled?
20 |   value: true
21 | - type: replace
22 |   path: /instance_groups/name=proxy/jobs/name=proxy/properties/cf_mysql/proxy/consul_service_name?
23 |   value: mysql
24 | 


--------------------------------------------------------------------------------
/operations/proxy-elb.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - type: replace
3 |   path: /instance_groups/name=proxy/vm_extensions?/-
4 |   value: ((proxy_vm_extension))
5 | 
6 | - type: replace
7 |   path: /instance_groups/name=smoke-tests-vm/jobs/name=smoke-tests/properties/cf_mysql/host?
8 |   value: ((cf_mysql_host))
9 | 


--------------------------------------------------------------------------------
/operations/register-proxy-route.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - type: replace
 3 |   path: /releases/name=routing?
 4 |   value:
 5 |     name: routing
 6 |     version: "0.180.0"
 7 |     url: https://bosh.io/d/github.com/cloudfoundry-incubator/cf-routing-release?v=0.180.0
 8 |     sha1: 990c2c319e6063573eec18dbeb7c3631a382db7d
 9 | 
10 | - type: replace
11 |   path: /releases/name=bpm?
12 |   value:
13 |     name: "bpm"
14 |     version: "0.12.2"
15 |     url: "https://bosh.io/d/github.com/cloudfoundry-incubator/bpm-release?v=0.12.2"
16 |     sha1: "f2edbf3d1417a253205338c9941ca989cd2f8331"
17 | 
18 | - type: replace
19 |   path: /instance_groups/name=proxy/jobs/-
20 |   value:
21 |     release: routing
22 |     name: route_registrar
23 |     consumes:
24 |       nats: {from: nats, deployment: cf}
25 |     properties:
26 |       route_registrar:
27 |         routes:
28 |         - name: cf-mysql-proxy
29 |           port: 8080 # must match the value of 'cf_mysql.proxy.api_port'
30 |           registration_interval: 10s
31 |           uris:
32 |           - &proxy_base_uri proxy-((cf_mysql_external_host))
33 |           prepend_instance_index: true
34 |         - name: cf-mysql-proxy-aggregator
35 |           port: 8082 # must match the value of 'cf_mysql.proxy.api_aggregator_port'
36 |           registration_interval: 10s
37 |           uris:
38 |           - *proxy_base_uri
39 |           # The switchboard aggregator page assumes there is only a single route registered for the proxies
40 | 
41 | # make sure to match what the route_registrar is registering above in cf-mysql-proxy route
42 | - type: replace
43 |   path: /instance_groups/name=proxy/jobs/name=proxy/properties/cf_mysql/proxy/api_uri?
44 |   value: *proxy_base_uri
45 | 


--------------------------------------------------------------------------------
/operations/syslog-tls.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - type: replace
3 |   path: /addons/name=syslog_forwarder/jobs/name=syslog_forwarder/properties/syslog/tls_enabled?
4 |   value: true
5 | 
6 | - type: replace
7 |   path: /addons/name=syslog_forwarder/jobs/name=syslog_forwarder/properties/syslog/permitted_peer?
8 |   value: ((syslog_permitted_peer))
9 | 


--------------------------------------------------------------------------------
/operations/test/enable-remote-admin-access.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - type: replace
3 |   path: /instance_groups/name=mysql/jobs/name=mysql/properties/cf_mysql/mysql/remote_admin_access?
4 |   value: true
5 | 


--------------------------------------------------------------------------------
/operations/test/minimal-mode.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - type: replace
 3 |   path: /instance_groups/name=arbitrator/instances
 4 |   value: 0
 5 | - type: replace
 6 |   path: /instance_groups/name=mysql/instances
 7 |   value: 1
 8 | - type: replace
 9 |   path: /instance_groups/name=proxy/instances
10 |   value: 1
11 | 
12 | 


--------------------------------------------------------------------------------
/operations/xenial-stemcell.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - type: replace
3 |   path: /stemcells/os=ubuntu-trusty
4 |   value:
5 |     alias: default
6 |     os: ubuntu-xenial
7 |     version: latest
8 | 
9 | 


--------------------------------------------------------------------------------
/scripts/deploy-cf-mysql-to-bosh-lite:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -eux
 4 | 
 5 | my_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 6 | root_dir="$( cd "${my_dir}/.." && pwd )"
 7 | 
 8 | export BOSH_ENVIRONMENT="${BOSH_ENVIRONMENT:-192.168.50.6}"
 9 | export BOSH_DEPLOYMENT="${BOSH_DEPLOYMENT:-cf-mysql}"
10 | 
11 | # Strip "api." prefix from the endpoint.
12 | root_endpoint=${CF_API_ENDPOINT#"api."}
13 | 
14 | cf_mysql_host="${root_endpoint}"
15 | cf_mysql_external_host="p-mysql.${root_endpoint}"
16 | 
17 | pushd "${root_dir}" > /dev/null
18 |   bosh \
19 |     deploy \
20 |     "${root_dir}/cf-mysql-deployment.yml" \
21 |     -o "${root_dir}/operations/bosh-lite.yml" \
22 |     -o "${root_dir}/operations/xenial-stemcell.yml" \
23 |     -l "${root_dir}/bosh-lite/default-vars.yml" \
24 |     -v cf_mysql_external_host="${cf_mysql_external_host}" \
25 |     -v cf_mysql_host="${cf_mysql_host}" \
26 |     -v cf_api_url="https://${CF_API_ENDPOINT}" \
27 |     --no-redact \
28 |     "$@"
29 | popd > /dev/null
30 | 


--------------------------------------------------------------------------------
/scripts/deploy-cf-mysql-with-broker-to-bosh-lite:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -eu
 4 | 
 5 | my_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 6 | root_dir="$( cd "${my_dir}/.." && pwd )"
 7 | 
 8 | if [[ -z "${CF_API_ENDPOINT}" ]]; then
 9 |   echo "\$CF_API_ENDPOINT is not set. You probably forgot to target your environment."
10 |   echo "These BOSH variables may need to be changed:"
11 |   echo "  cf_mysql_external_host, cf_mysql_host, cf_api_url"
12 | fi
13 | 
14 | # Strip "api." prefix from the endpoint.
15 | root_endpoint=${CF_API_ENDPOINT#"api."}
16 | 
17 | cf_mysql_host="${root_endpoint}"
18 | cf_mysql_external_host="p-mysql.${root_endpoint}"
19 | 
20 | "${my_dir}/deploy-cf-mysql-to-bosh-lite" \
21 |   -o "${root_dir}/operations/add-broker.yml" \
22 |   -o "${root_dir}/operations/register-proxy-route.yml" \
23 |   -v cf_mysql_external_host="${cf_mysql_external_host}" \
24 |   -v cf_mysql_host="${cf_mysql_host}" \
25 |   -v cf_api_url="https://${CF_API_ENDPOINT}" \
26 |   "$@"
27 | 


--------------------------------------------------------------------------------