19.2.3. Use of Virtual Private CF

Virtual Private CF will be used through API, command line tools, etc. This section shows how to deploy an application using the most popular cf command.

19.2.3.1. cf command and API Endpoint

To call API of Cloud Foundry, cf command has to reach the API Endpoint. The API Endpoint is described in the Service Start Notification mail and is actually the IP address of the CF Router of the Cloud Foundry in Service Provider’s tenant. If you consult a DNS on the Internet, the corresponding private IP address will be resolved.

Note

The number of IP addresses of API Endpoint will become the same as the number of CF Routers specified at the time of the subscription order. As all are virtual IP addresses, when a CF Router fails, traffics to the corresponding IP addresses will be automatically relayed to other CF Routers.

If a computer (such as a developer’s PC, and a springboard server for working) is within a private network that can reach API Endpoint of the Virtual Private CF, and is able to use a DNS on the Internet, the API Endpoint described in the Service Start Notification mail can be used as is. If a DNS on the Internet is not used, other means for name resolution such as a DNS operated by yourself or a hosts file is required.

If you use cf command through the Internet, setting is required so that API Endpoint can be reached from the Internet. In case of configuration example described in this Tutorial, the same number of global IP addresses as CF Routers are prepared and NAT setting is made to the vFW in the customer’s tenant, and then API Endpoint names (customer’s discretion) will be registered to a hosts file so that name resolution will become possible. In the hosts file, multiple settings in addition to the API Endpoints described in the Service Start Notice are required as follows.

  • api.<System Domain name>

  • uaa.<System Domain name>

  • doppler.<System Domain name>

  • loggregator.<System Domain name>

  • login.<System Domain name>

  • ssh.<System Domain name>

19.2.3.2. Install cf command

See below for cf command installation.

https://docs.cloudfoundry.org/cf-cli/install-go-cli.html

19.2.3.3. Login by cf command

The Service Start Notification mail will contain login information for the administrator user and general users. The administrator user can create spaces, change/delete names and allocate spaces to users, but cannot deploy applications. General users can deploy, scale out, start, stop and delete applications. * Capability for new user addition will be supported in future.

To deploy applications, log in as a general user. The command line to log in is as follows for both of the administrator and a general user.

$ cf login -a "API endpoint" -u "User Name" -p "Password" --skip-ssl-validation

19.2.3.4. Deploy Applications

Deploying method of applications after you log in by cf command is the same as Shared CF. Please refer to the Tutorials below.

https://ecl.ntt.com/en/documents/tutorials/rsts/Paas/shared/deploy/index.html

19.2.3.5. Access to the deployed application

Access to the deployed application is made by FQDN assigned to the application. By default, it is <Application Name> + <Shared Domain described in the Service Start Notice>. Actually, it will give the same address as the API Endpoint. If you consult a DNS on the Internet, the corresponding IP address will be resolved. If a computer that accesses applications is within a private network that can reach API Endpoint of the Virtual Private CF, and is able to use a DNS on the Internet, the FQDN in the above can be used as is. If a DNS on the Internet is not used, other mean for name resolution such as a DNS operated by yourself or a hosts file is required.

When you access applications from the Internet, you need to prepare FQDN and global IP address for the access and to register it to DNS. You also need to set vFW to do NAT of access to the corresponding global IP address to the IP address above.

Note

If the number of CF Routers is changed, IP addresses will be added/deleted, so they should be reflected into the setting of DNS and NAT of vFW.