I need to change the ecs-bucket in VCAP_SERIVCE environment variable with new bucket name and secrete key. However, when I add VCAP_SERVICE variable, cloud foundry responds that "Error: Var cannot start with VCAP_". Is there anyway to add new ecs-bucket without changing the whole VCAP_SERVICE variable?
"VCAP_SERVICES": {
"ecs-bucket": [
{
"label": "ecs-bucket",
"provider": null,
"plan": "1gb",
"name": "bucket1",
"tags": [
"s3",
"bucket"
],
"instance_guid": "b72e79d2-9341-455a-a1ca-6b83276bd3e4",
"instance_name": "bucket1",
"binding_guid": "e0f0f992-a41c-408f-807c-ddedeb63112f",
"binding_name": null,
"credentials": {
"bucket": "bucket01",
"endpoint": "https://<end point uri>",
"s3Url": "https://<s3URI>",
"secretKey": "<secrete key>",
"accessKey": "<access key>",
"path-style-access": true,
"namespace": "n0144417-001"
},
"syslog_drain_url": null,
"volume_mounts": []
}
]
}
CodePudding user response:
You cannot modify VCAP_
prefixed environment variables.
The VCAP_SERVICES
environment variable is generated for you and provides your service bindings. If you want to change information in VCAP_SERVICES
then you need to change your service bindings. This could be any number of operations like unbinding, rebinding, deleting the service instance and creating a new one, etc.
I need to change the ecs-bucket in VCAP_SERIVCE environment variable with new bucket name and secrete key.
Exactly how you'd do this depends on the service broker you used to create this service.
For user-provided services you can run
cf update-user-provided-service
USAGE: cf update-user-provided-service SERVICE_INSTANCE [-p CREDENTIALS] [-l SYSLOG_DRAIN_URL] [-r ROUTE_SERVICE_URL] [-t TAGS] Pass comma separated credential parameter names to enable interactive mode: cf update-user-provided-service SERVICE_INSTANCE -p "comma, separated, parameter, names" Pass credential parameters as JSON to create a service non-interactively: cf update-user-provided-service SERVICE_INSTANCE -p '{"key1":"value1","key2":"value2"}' Specify a path to a file containing JSON: cf update-user-provided-service SERVICE_INSTANCE -p PATH_TO_FILE EXAMPLES: cf update-user-provided-service my-db-mine -p '{"username":"admin", "password":"pa55woRD"}' cf update-user-provided-service my-db-mine -p /path/to/credentials.json cf create-user-provided-service my-db-mine -t "list, of, tags" cf update-user-provided-service my-drain-service -l syslog://example.com cf update-user-provided-service my-route-service -r https://example.com
For a broker, I would start by doing a
cf unbind-service
followed by acf bind-service
. Most well-behaved brokers will generate unique credentials for each binding, so by unbinding and rebinding you will often get a new set of credentials. I don't know if that'll give you a whole new bucket, but it should give you new credentials.If your broker does not give unique credentials across bindings, perhaps credentials are scoped to the service instance, then you would need to talk with your Ops Team or the author of the service broker to inquire about how you can reset the credentials without deleting the service instance and creating a new one.
You could delete the service instance and create a new service instance, HOWEVER, this will almost certainly delete your bucket and everything in it, which is probably not what you want. I would avoid this unless there's no other option.
If this is the only option, then what you probably want to do is to create a second service instance. Migrate data to the new service instance and then swap the services (unbind the old one, bind the new one). After you're certain the migration has been successful and your app is up and running using it, you could delete the old service instance.
Don't forget to restart your application after you change bindings or user-provided service info. The changes won't apply until after your app has restarted.
CodePudding user response:
Create a User provided service and add your variables in there. In your app, you can access the variable as ${vcap.services.ecs_service.ecs-bucket}