Provisioning and integrating service instances

Page last updated:

You can provision service instances and integrate them with apps that you pushed to Cloud Foundry. If you are interested in building services for Cloud Foundry and making them available to end users, see Services.

Services and service instances

Cloud Foundry offers a Marketplace of services, from which users can provision reserved resources on-demand. Examples of resources services provide include databases on a shared or dedicated server, or accounts on a SaaS app. These resources are known as service instances and the systems that deliver and operate these resources are known as Services. Think of a service as a factory that delivers service instances.

For more information about provisioning service instances and other life cycle operations, see Managing service instances.

For a service to be available in the Marketplace, it must be integrated with Cloud Foundry by way of APIs. If you are interested in building services for Cloud Foundry and making them available to end users, see Services.

User-provided service instances

Cloud Foundry allows developers to use services that are not available in the Marketplace using user-provided service instances (UPSI). For more information, see User-provided service instances

Service instance credentials

Cloud Foundry allows users to provision credentials needed to interface with a service instance. You can use app binding to deliver these credentials to your Cloud Foundry app. For external and local clients, you can use service keys to generate credentials to communicate directly with a service instance.

App binding

Service instance credentials can be delivered to apps running on Cloud Foundry in an environment variable. For more information, see Delivering service credentials to an app.

For information about binding to a specific app development framework, see Buildpacks.

Service keys

Credentials managed manually are known as service keys. Use service keys when you want a set of credentials for use by clients other than the app in the same space. For example, you can use service keys to connect to a service instance from a local client, or from an app in another space, or even from outside of Cloud Foundry.

For more information about creating a user-provided service instance with service keys, see User-provided service instances. For more information about service keys, see Managing service keys.

Not all services support service keys. Some services support credentials through app binding only.

Outbound IP addresses

To allow an app to communicate with a service external to Cloud Foundry, you might need to configure the service to accept connections from your app based on its outbound IP address.

In your external service configuration, you must do one of the following:

  • Add the entire IP range for the Diego Cell where the app is deployed to your allowlist.
  • Derive the app IP address from its DNS name using a command-line tool such as dig, host, or nslookup. In your external service configuration, add the IP address or range of the app instance to your allowlist.

Stream app logs to log management services

To learn how your app logs can be streamed to third-party log management services, see Streaming app logs to log management services.

User-provided service instances can be used to drain app logs to a service not available in the Marketplace. This is also known as setting up a syslog drain. For guidance on configuring some third-party log management services, see Service-specific instructions for streaming app logs.

Manage app requests with route services

To learn how Marketplace services (and user-provided service instances) can be used to perform preprocessing on app requests, see Managing app requests with route services.

Migrate a database schema

If your app relies on a relational database, you must apply schema changes periodically. To perform database schema migrations on Cloud Foundry-managed services, run a database migration task with the Cloud Foundry Command Line Interface (cf CLI) tool.

For more information about running cf CLI tasks, see Running tasks in your apps.

To run tasks with the cf CLI, you must install cf CLI v6.23.0 or later. The current supported version is cf CLI v8. For information about downloading, installing, and uninstalling the cf CLI, see the Installing the cf CLI.

To do a database schema migration with cf CLI:

  1. Push the app:

    $ cf push APP-NAME

    Where APP-NAME is the name of the app.

    To run a task without starting the app, push the app with cf push -i 0 and then run the task. You can run the app later by scaling up its instance count.

  2. Do a database schema migration as a task on the app:

    $ cf run-task APP-NAME --command "bin/rails db:migrate" --name TASK-NAME
    Creating task for app APP-NAME in org jdoe-org / space development as [email protected]...
    OK
    Task 1 has been submitted successfully for execution.
    

    Where:

    • APP-NAME is the name of the app.
    • TASK-NAME is the name of the task.
Create a pull request or raise an issue on the source for this page in GitHub