Tetap teratur dengan koleksi
Simpan dan kategorikan konten berdasarkan preferensi Anda.
Kf Cloud Service Broker adalah paket Service Broker yang menyertakan Cloud Service Broker open source dan Google Cloud Brokerpak.
Image ini tersedia sebagai image Docker publik dan siap di-deploy sebagai
layanan Kubernetes di cluster Kf. Setelah
layanan Kf Cloud Service Broker di-deploy di cluster, developer dapat menyediakan
Google Cloud layanan pendukung melalui layanan Kf Cloud Service Broker, dan
mengikat layanan pendukung ke Aplikasi Kf.
Persyaratan
Kf Cloud Service Broker memerlukan instance Cloud SQL untuk MySQL dan akun layanan untuk mengakses instance Cloud SQL untuk MySQL dan Google Cloud layanan pendukung yang akan disediakan. Koneksi dari Kf Cloud Service Broker ke instance Cloud SQL untuk MySQL akan melalui Proxy Auth Cloud SQL.
Brokerpak pada dasarnya adalah rencana Terraform dan dependensi terkait dalam file
tar. Anda dapat memeriksa rencana Terraform untuk melihat setelan default, lalu
Anda dapat memberi tahu Kf Cloud Service Broker untuk menggantinya saat membuat layanan baru.
Misalnya, konfigurasi Terraform untuk Cloud SQL untuk MySQL menyertakan variabel yang disebut authorized_network. Jika tidak diganti, VPC default akan digunakan. Jika ingin mengganti default, Anda dapat meneruskannya selama pembuatan layanan. Berikut beberapa contohnya:
Arsitektur Kf Cloud Service Broker berikut menunjukkan cara instance dibuat.
Kf Cloud Service Broker (CSB) diinstal di namespace-nya sendiri.
Saat penginstalan, instance Cloud SQL untuk MySQL harus disediakan untuk mempertahankan logika bisnis yang digunakan oleh Kf Cloud Service Broker. Permintaan dikirim dengan aman
dari pod Kf Cloud Service Broker ke instance Cloud SQL untuk MySQL melalui
Proxy Auth Cloud SQL untuk MySQL.
Pada penyediaan layanan, resource kustom Layanan Kf
akan dibuat. Penyelesai Layanan Kf menyediakan layanan pendukung Google Cloud menggunakan Open Service Broker API.
Saat permintaan untuk menyediakan/membatalkan penyediaan resource pendukung diterima,
Kf Cloud Service Broker akan mengirimkan permintaan pembuatan/penghapusan resource ke
layanan Google Cloud yang sesuai, dan permintaan ini diautentikasi
dengan Workload Identity. Langkah ini juga mempertahankan logika bisnis (misalnya, pemetaan
layanan Kf ke layanan pendukung, binding layanan) ke
instance Cloud SQL untuk MySQL.
Saat pembuatan layanan pendukung berhasil, layanan pendukung akan terikat ke Aplikasi
melalui VCAP_SERVICES.
[[["Mudah dipahami","easyToUnderstand","thumb-up"],["Memecahkan masalah saya","solvedMyProblem","thumb-up"],["Lainnya","otherUp","thumb-up"]],[["Sulit dipahami","hardToUnderstand","thumb-down"],["Informasi atau kode contoh salah","incorrectInformationOrSampleCode","thumb-down"],["Informasi/contoh yang saya butuhkan tidak ada","missingTheInformationSamplesINeed","thumb-down"],["Masalah terjemahan","translationIssue","thumb-down"],["Lainnya","otherDown","thumb-down"]],["Terakhir diperbarui pada 2025-09-04 UTC."],[],[],null,["# Kf Cloud Service Broker\n\n| **Note:** Kf Cloud Service Broker for Google Cloud is a supported component of Kf.\n\nKf Cloud Service Broker is a Service Broker bundle that includes the open source\n[Cloud Service Broker](https://github.com/cloudfoundry-incubator/cloud-service-broker)\nand [Google Cloud Brokerpak](https://github.com/cloudfoundry-incubator/csb-brokerpak-gcp).\nIt is made available as a public Docker image and ready to deploy as a\nKubernetes service in Kf clusters. Once the\nKf Cloud Service Broker service is deployed in a cluster, developers can provision\nGoogle Cloud backing services through the Kf Cloud Service Broker service, and\nbind the backing services to Kf Apps.\n| **Note:** Kf Cloud Service Broker is not currently customizable, and the default Google Cloud Brokerpak is included. If you would like to use an unsupported custom Brokerpak, you can follow the steps in the [open source Cloud Service Broker Google Cloud installation guide](https://github.com/cloudfoundry/csb-brokerpak-gcp/blob/main/docs/installation.md).\n\nRequirements\n------------\n\n- Kf Cloud Service Broker requires a [Cloud SQL for MySQL](/sql) instance and a service account for accessing the Cloud SQL for MySQL instance and Google Cloud backing services to be provisioned. Connection from the Kf Cloud Service Broker to the Cloud SQL for MySQL instance goes through the [Cloud SQL Auth Proxy](/sql/docs/mysql/sql-proxy).\n- Requests to access Google Cloud services (for example: [Cloud SQL for MySQL](/sql) or [Memorystore](/memorystore)) are authenticated via [Workload Identity](/kubernetes-engine/docs/how-to/workload-identity).\n\nOverride Brokerpak defaults\n---------------------------\n\nBrokerpaks are essentially a Terraform plan and related dependencies in a tar\nfile. You can inspect the Terraform plans to see what the defaults are, and then\nyou can tell Kf Cloud Service Broker to override them when creating new services.\n\nFor example, the [Terraform configuration for Cloud SQL for MySQL](https://github.com/cloudfoundry/csb-brokerpak-gcp/blob/main/terraform/cloudsql/mysql/provision/data.tf) includes a variable called `authorized_network`. If not overridden, the `default` VPC will be used. If you'd like to override the default, you can pass that during service creation. Here are some examples:\n\n1. Override the compute region `config`.\n\n kf create-service csb-google-postgres small spring-music-postgres-db -c '{\"config\":\"\u003cvar translate=\"no\"\u003eYOUR_COMPUTE_REGION\u003c/var\u003e\"}'\n\n2. Override the `authorized_network` and compute region `config`.\n\n kf create-service csb-google-postgres small spring-music-postgres-db -c '{\"config\":\"\u003cvar translate=\"no\"\u003eYOUR_COMPUTE_REGION\u003c/var\u003e\",\"authorized_network\":\"\u003cvar translate=\"no\"\u003eYOUR_CUSTOM_VPC_NAME\u003c/var\u003e\"}'\n\nArchitecture\n------------\n\nThe following Kf Cloud Service Broker architecture shows how instances are created.\n[](/static/migrate/kf/docs/images/kf-csb-architecture.svg)\n\n- The Kf Cloud Service Broker (CSB) is installed in its own namespace.\n- On installation, a Cloud SQL for MySQL instance must be provided to persist business logic used by Kf Cloud Service Broker. Requests are sent securely from the Kf Cloud Service Broker pod to the Cloud SQL for MySQL instance via the Cloud SQL for MySQL Auth Proxy.\n- On service provisioning, a Kf Service custom resource is created. The reconciler of the Kf Service provisions Google Cloud backing services using the Open Service Broker API.\n- When a request to provision/deprovision backing resources is received, Kf Cloud Service Broker sends resource creation/deletion requests to the corresponding Google Cloud service, and these requests are authenticated with Workload Identity. It also persists the business logics (e.g. mapping of Kf services to backing services, service bindings) to the Cloud SQL for MySQL instance.\n- On backing service creation success, the backing service is bound to an App via [VCAP_SERVICES](/migrate/kf/docs/2.11/how-to/app-runtime#vcapservices).\n\nWhat's next?\n------------\n\n- [Deploy Kf Cloud Service Broker](/migrate/kf/docs/2.11/how-to/deploying-cloud-sb).\n- [Learn how to list and provision services](/migrate/kf/docs/2.11/how-to/managed-services)."]]
