Public | Automated Build

Last pushed: a year ago
Short Description
A Docker Image for the Containers Service Broker for Cloud Foundry
Full Description

Containers Service Broker for Cloud Foundry

This is a generic Containers broker for the Cloud Foundry v2 services API.

This service broker allows users to provision services that runs inside a
compatible container backend
and bind applications to the service. The management tasks that the broker can perform are:

  • Provision a service container with random credentials and service arbitrary parameters
  • Bind a service container to an application:
    • Expose the credentials to access the provisioned service (see for details)
    • Provide a syslog drain service for your application logs (see for details)
  • Unbind a service container from an application
  • Unprovision a service container
  • Expose a service container management dashboard

More details can be found at this Pivotal P.O.V Blog post.


This is not presently a production ready service broker. This is a work in progress. It is suitable for
experimentation and may not become supported in the future.



This service broker does not include any container backend. Instead, it is meant to be deployed alongside any
compatible container backend, which it manages:

  • Docker: Instructions to configure the service broker with a Docker backend can be found


Configure the application settings according to the instructions found at



Start the service broker:

bundle exec rackup

The service broker will listen by default at port 9292. View the catalog API at http://localhost:9292/v2/catalog. The basic auth username is containers and secret is secret.

As a Docker container

Build the image

This step is optional, you can use the already built Docker image located at the
Docker Hub Registry.

If you want to create locally the image frodenas/cf-containers-broker
(Dockerfile) execute the following
command on a local cloned cf-containers-broker repository:

docker build -t frodenas/cf-containers-broker .
Run the image

To run the image and bind it to host port 80:

docker run -d --name cf-containers-broker \
       --publish 80:80 \
       --volume /var/run:/var/run \

Some aspects of configuration can be overridden with environment variables:

docker run -d --name cf-containers-broker \
       --publish 80:80 \
       --volume /var/run:/var/run \
       -e BROKER_USERNAME=broker \
       -e BROKER_PASSWORD=password \
       -e DOCKER_HOST_IP=${DOCKER_HOST_IP:?required} \

If you want to override the entire configuration, then create a directory with the configuration files, and mount this directory into the container's /config directory:

mkdir -p /tmp/cf-containers-broker/config
cp config/settings.yml /tmp/cf-containers-broker/config
cp config/unicorn.conf.rb /tmp/cf-containers-broker/config
vi /tmp/cf-containers-broker/config/settings.yml
docker run -d --name cf-containers-broker \
       --publish 80:80 \
       --volume /var/run:/var/run \
       --volume /tmp/cf-containers-broker/config:/config \

If you want to expose the application logs, create a host directory and mount the container's directory /app/log
into the previous host directory:

mkdir -p /tmp/cf-containers-broker/logs
docker run -d --name cf-containers-broker \
       --publish 80:80 \
       --volume /var/run:/var/run \
       --volume /tmp/cf-containers-broker/logs:/app/log \


This service broker can be deployed alongside:

Enable the service broker at your Cloud Foundry environment

Add the service broker to Cloud Foundry as described by the service broker documentation.

A quick way to register the service broker and to enable all service offerings is running:

cf create-service-broker docker-broker containers secret http://<BROKER IP ADDRESS>
while read p __; do
    cf enable-service-access "$p";
done < <(cf service-access | awk '/orgs/{y=1;next}y && NF' | sort | uniq)


The way that each service is configured determines how binding credentials are generated.

A service that exposes only a single port and has no other credentials configuration will include the minimal host and port in its credentials:

{ "host": "", "port": 61234, "ports": ["8080/tcp": 61234] }

In the example above, the container exposed an internal port 8080 and it was bound to port 61234 on the host machine

If a service exposes more than a single port, then you must specify the port you want to bind using the credentials.uri.port property,
otherwise the binding will not contain a port.

{ "host": "", "port": 61234, "ports": ["8080/tcp": 61234, "8081/tcp": 61235] }

In the example above, the container exposed internal ports 8080 and 8081, and it was bound to port 61234 on the
host machine because the credentials.uri.port property was set to 8080/tcp.

For more details, see the file.

Updating Containers

When new images become available or configuration of the plans change it can become desirable to restart the running containers to pick up the latest version of their image and/or update their configuration.

bin/update_all_containers will attempt to find all running containers managed by the broker and restart them with the latest configuration.

The mapping between running containers and configured plans is achieved by adding the labels plan_id and instance_id to the containers at create time. Containers that don't have these labels will be ignored by the update script.

If you are updating cf-containers-broker from an older version that didn't add the required labels you can force the broker to recreate the containers via cf update-service <service-id>. After this the labels will be available and the bin/update_all_containers script will be able to identify the containers for automatic updating.

In order for cf update-service <service-id> to work the service must declare plan_updateable: true.


To run all specs:

bundle exec rake spec

Be aware that this project does not yet provide a full set of tests. Contributions are welcomed!


In the spirit of free software, everyone is encouraged to help
improve this project.

Here are some ways you can contribute:

  • by using alpha, beta, and prerelease versions
  • by reporting bugs
  • by suggesting new features
  • by writing or editing documentation
  • by writing specifications
  • by writing code (no patch is too small: fix typos, add comments, clean up inconsistent whitespace)
  • by refactoring code
  • by closing issues
  • by reviewing patches

Submitting an Issue

We use the GitHub issue tracker to track bugs and
features. Before submitting a bug report or feature request, check to make sure it hasn't already been submitted. You
can indicate support for an existing issue by voting it up. When submitting a bug report, please include a
Gist that includes a stack trace and any details that may be necessary to reproduce the bug,
including your gem version, Ruby version, and operating system. Ideally, a bug report should include a pull request
with failing specs.

Submitting a Pull Request

  1. Fork the project.
  2. Create a topic branch.
  3. Implement your feature or bug fix.
  4. Commit and push your changes.
  5. Submit a pull request.


See LICENSE for details.
Copyright (c) 2014 Pivotal Software, Inc.

Docker Pull Command