You can expand the functionality of your cloud.gov application by making use of services. Before your application can use a service, you must provision the service and supply the credentials for using the service to your application.
There are two ways to provision services:
- User-provided service instances: You can provision a service manually outside of cloud.gov, then supply the credentials yourself.
- Managed service instances: You can provision a managed service instance through the marketplace in cloud.gov on demand, and let cloud.gov supply the credentials.
Setting up user-provided service instances
Provisioning managed services through the marketplace
cloud.gov offers a marketplace of FedRAMP-authorized managed services that we operate in a secure and compliant manner on your behalf. You can also extend the marketplace to include additional services run by other organizations.
To list all the managed services and plans available to a given space, you run
cf marketplace from your command line. Here is a list of the managed services that are generally available:
|Service Name||Description||Support Status|
|aws-rds||Persistent, relational databases using Amazon RDS||Production Ready|
|cdn-route||Custom domains, CDN caching, and TLS certificates with automatic renewal||Production Ready|
|cloud-gov-identity-provider||Authenticate cloud.gov users in your app||Beta|
|cloud-gov-service-account||cloud.gov service accounts for automated access by programs||Production Ready|
|custom-domains||Custom domains and TLS certificates with automatic renewal||Production Ready|
|elasticsearch24||Elasticsearch version 2.4: a distributed, RESTful search and analytics engine||Beta|
|elasticsearch56||Elasticsearch version 5.6: a distributed, RESTful search and analytics engine||Beta|
|redis||Redis: an open source in-memory database.||Beta|
|s3||Amazon S3 provides developers with secure, durable, highly-scalable object storage||Production Ready|
|volume-services||Existing NFSv3 volumes (see: https://code.cloudfoundry.org/nfs-volume-release/)||Experimental|
- Production Ready: The service has been tested to ensure it has the resiliency required for a production system.
- Beta: The service is stable but still requires further development to ensure it can be deployed to production systems.
- Alpha: The service is under development and some downtime or data loss can occur.
Extending the marketplace
“Brokers” are the invisible integrators that enable you to set up managed service instances in cloud.gov in a consistent and self-service fashion. A broker offers a simple API that manages the service instance lifecycle. You can run your own broker to make a service from outside cloud.gov available through cloud.gov’s marketplace.
Note that when you extend the cloud.gov marketplace with your own broker, the cloud.gov team cannot vouch for the security or compliance of the brokered services. You will need to document and authorize your own brokered services in accordance with your agency’s compliance requirements.
This tutorial includes instructions for integrating your own broker, and demonstrates how to deploy sample brokers into cloud.gov. Once you’ve reviewed this tutorial, you may want to investigate some of the community-supported broker add-ons for Cloud Foundry such as the app-autoscaler.
The Open Service Broker API (OSBAPI) standardizes the way brokers work between Cloud Foundry and Kubernetes. Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure maintain open-source OSBAPI-compliant brokers. These brokers enable you to extend the cloud.gov marketplace with services from these providers.
You can also write your own broker to manage the lifecycle of a service or automate a process unique to your organization. Check out the example service brokers for some interesting use-cases such as provisioning GitHub repositories or virtual machines.
Note: If you’re a vendor with a broker for a FedRAMP-authorized service that you’d like to be made available for all users of cloud.gov, please contact us to discuss whether it can be included in our marketplace.