We'd like to let you know that @bufferoverflow and I in BT have released a Siemens-sanctioned OSS project to showcase DevOps activities with MindSphere. This was announced last week at the Siemens MindSphere Developer Days Berlin.
Between others, we showcase:
- How to create an Angular static web frontend app backed by a NodeJS api server application
- How to expose the server api via OpenAPI and provide a try it out gui
- How to unit and e2e test applications
- How to integrate continuous delivery with gitlab-ci
- How to monitor and measure metrics of apps with prometheus & grafana
- How to proxy internal applications and parse the jwt auth tokens in your application code
We also provide some tooling to make easier remotely connecting via ssh to running applications and services inside of MindSphere (e.g. DBs).
You can find the source code here:
Contributions, issues & feedback are welcome!
First I want to thank you for releasing this showcase!
I've tried to get it running in the MindSphere and had success with the frontend "todo" app (explained here: https://gitlab.com/mindsphere/devops-demo/blob/master/README.md).
Now I want to get the devops admin part running but I'm stuck at deploying grafana (https://gitlab.com/mindsphere/devops-demo/blob/master/devops/grafana/README.md -> Step 5).
I don't know what to insert for the "<db-connection-url>" placeholder whenc calling the deploy.sh script.
Can you give me an example please?
The variable should have the same content as you get from the environment variable `VCAP_SERVICES` `uri` value for postgres with the command `cf env <your-grafana-app>`, something like `postgres://<user>:<password>@<host>:<port>/<db_name>`
It's a bit of an egg-chicken issue with CloudFoundry: you cannot start the app until the service is available, but in order to get the service credentials you first have to bind the app to the service. To do that you have to first start the app with `--no-start`, bind the service, get the uri value, pass it as environment, start the app.
The easiest for you is just pass a dummy value to the env variable to the deploy script, that will execute the flow, the app will fail to start but the db service will be bound, at this point you can extract the uri from `cf env` and then run the deploy script again with the actual value.
thanks for your advice using the command `cf env <your-grafana-app>`! This helped me to find out the database-url for grafana (I deployed it before with a dummy variable) and now almost everything works fine.
At least I see the devops admin page and most of the links are working.
Unfortunately Grafana isn't working yet. When I open the /grafana page, the following message is shown to me:
If you're seeing this Grafana has failed to load its application files 1. This could be caused by your reverse proxy settings. 2. If you host grafana under subpath make sure your grafana.ini root_url setting includes subpath 3. If you have a local dev build make sure you build frontend using: npm run dev, npm run watch, or npm run build 4. Sometimes restarting grafana-server can help
In the Chrome Developer Tools I see a lot of 403 errors and some (blocked:csp) ones.
Maybe I put a wrong url somewhere or I have to adjust the devops admin app's CSP a little bit.
I'll try to figure this out later.
P.S.: One thing I didn't find in the README was, that I have to assign the "mdsp:core:im.userIamAdmin" role to the devopsadmin app to get authorized when I open the app. I figured this out by looking into the "index.js" of the devopsadmin app but it would have been easier if this was explained somewhere I think.
Thanks for the hint about the readme, I've added an issue to the project to track it.
Regarding grafana, there's a CSP configuration documented in the readme, that you need to apply to your devopsadmin application in the mdsp cockpit, please read if you didn't already.
Otherwise, your issue might be incorrect grafana configuration. The easiest path is to ssh to your grafana app and try to trigger some requests to grafana via the command line to make sure that it works and rule out mdsp gateway config. Also take a look a the grafana logs in there.
Ok, I finally managed to connect via SSH to my grafana app in CloudFoundry.
(First I had some problems with it because in the MindSphere Docs to which you relate in the README for your cf-ssh script there is written nowhere, that after you have enabled SSH for the app with "cf enable-ssh APP_NAME", you also have to restart it with "cf restart APP_NAME" to activate SSH eventually.
If it's not enabled you only get the exception "Permission denied, please try again." which doesn't tell you that it occured because SSH is not enabled... )
In the grafana app's machine I tried to call the grafana API by calling "curl localhost:8080/api/dashboards/home" which executed successfully and returned a JSON response similar to the example response in the grafana docs.
Because I don't have a SMTP server, I used dummy values for the SMTP configuration and the SMTP password variable for the grafana app but this shouldn't be problem, right?
Could it be that my "server.domain" in "defaults.custom.ini" is wrong? I used the url of my grafana-app so it looks like this:
# The public facing domain name used to access grafana from a browser domain = https://<my-grafana-app-name>.apps.eu1.mindsphere.io
(in my ini I replaced the "<my-grafana-app-name>" placeholder with the name of my app of course )
Here are the errors from the Chrome console I get when I try to open the /grafana page (I obfuscated the tenant-name):
The CSP of my devops-admin app is the same as the one in your Readme.
The application restart for SSH is news to me, but makes sense, I guess I didn't notice because we restart our apps so often. It's also documented in the official cloudfoundry docs, but not in the mindsphere ones. I'll make an MR to the doc team.
Regarding the app console error, I'm sorry buddy but that's on you :-) The .ini file placeholder says:
# The public facing domain name used to access grafana from a browser domain = <public-domain-address-of-devopsadmin>
Meaning, you have to use the *public* url of your mindsphere app, not the internal grafana endpoint. That's what the browser will be able to reach, since it sits on the client side. It won't hurt to add another note in the readme though, so I'm adding an issue for that.
Just the domain, no prefix needed, something like:
domain = <your-mdsp-app>.eu1.mindsphere.io
Great, it works now! I just removed the https-prefix of the "server.domain" in the "defaults.custom.ini", redeployed it and now Grafana is loading. Nice! Thanks for your help, Diego!