LATEST VERSION: 1.3 - CHANGELOG
Spring Cloud Services v1.3

Prerequisites to Installing Spring Cloud® Services for Pivotal Cloud Foundry

Page last updated:

Please ensure that your Pivotal Cloud Foundry (PCF) installation meets the below requirements before installing Spring Cloud Services.

Buildpack Requirements

Spring Cloud Services is built using Spring Boot 1.4, which requires version 3.8 or later of the Java Cloud Foundry buildpack. The default Java buildpack—the buildpack at the lowest position of all Java buildpacks—on your PCF installation must therefore be at version 3.8 or later.

You can use the Cloud Foundry Command Line Interface tool (cf CLI) to see the version of the Java buildpack that is currently installed.

$ cf buildpacks
Getting buildpacks...

buildpack                position   enabled   locked   filename
java_buildpack_offline   1          true      false    java-buildpack-offline-v3.8.1.zip
ruby_buildpack           2          true      false    ruby_buildpack-cached-v1.6.19.zip
nodejs_buildpack         3          true      false    nodejs_buildpack-cached-v1.5.15.zip
go_buildpack             4          true      false    go_buildpack-cached-v1.7.10.zip

If the default Java buildpack is older than version 3.8, you can download a newer version from Pivotal Network and update Pivotal Cloud Foundry by following the instructions in the Managing Custom Buildpacks topic. To ensure that the newer buildpack is the default Java buildpack, you may delete or disable the older buildpack or make sure that the newer buildpack is in a lower position.

If the default Java buildpack on the Pivotal Cloud Foundry platform is not at version 3.8 or later, you must specify an alternate buildpack that is at version 3.8 or later when installing the Spring Cloud Services product; see step 4 of the Installation topic.

Product Requirements

Spring Cloud Services requires the following Pivotal Cloud Foundry products to be installed:

If they are not already installed, you can follow the steps listed in the Installation topic to install them along with Spring Cloud Services.

Important: If you enable the RabbitMQ® for Pivotal Cloud Foundry product’s SSL support by providing it with SSL keys and certificates, you must enable the RabbitMQ product’s TLS 1.0 support; otherwise, the Spring Cloud Services service broker will fail to create or update service instances. See the Configuring the RabbitMQ Service topic in the RabbitMQ for Pivotal Cloud Foundry documentation.

Security Requirements

You will need to update your Elastic Runtime SSL certificate as described in the Pivotal Cloud Foundry documentation. Generate one single certificate that includes all of the domains listed below, replacing SYSTEM_DOMAIN.TLD with your system domain and APPLICATION_DOMAIN.TLD with your application domain:

  • *.SYSTEM_DOMAIN.TLD
  • *.APPLICATION_DOMAIN.TLD
  • *.login.SYSTEM_DOMAIN.TLD
  • *.uaa.SYSTEM_DOMAIN.TLD

If any of these domains are not attributed to your Elastic Runtime SSL certificate, the installation of Spring Cloud Services will fail, and the installation logs will contain an error message that lists the missing domain entries:

Missing certs: *.uaa.example.com - exiting install. Please refer to the Security
Requirements section of the Spring Cloud Services prerequisites documentation.

Self-Signed Certificates and Internal CAs

If your Pivotal Cloud Foundry installation is using its own self-signed SSL certificate, you must enable the “Ignore SSL certificate verification” or “Disable SSL certificate verification for this environment” option in the Networking section of the Pivotal Elastic Runtime tile Settings tab. See “Configuring Elastic Runtime for vSphere and vCloud” in the Pivotal Cloud Foundry documentation (PCF 1.6, PCF 1.7).

If you are using an SSL certificate signed by an internal root Certificate Authority (CA), you must use a custom Java buildpack whose keystore contains the internal root CA. Follow the below steps to create and add the custom buildpack.

  1. Create a fork of the Cloud Foundry Java buildpack.
  2. Add your cacerts file to resources/open_jdk_jre/lib/security/cacerts.
  3. Following the instructions in the “Managing Custom Buildpacks” topic (PCF 1.6, PCF 1.7), add your custom buildpack to Pivotal Cloud Foundry.
  4. Using the cf CLI as discussed in the Platform and Product Requirements section above, verify that the custom buildpack is now the default Java buildpack.
Create a pull request or raise an issue on the source for this page in GitHub