US flag signifying that this is a United States Federal Government website An official website of the United States government

Introduction

Introduction

You can expand the functionality of your cloud.gov application by making use of services. Before your application can use a service, you must provision the service and supply the credentials for using the service to your application.

There are two ways to provision services:

  • User-provided service instances: You can provision a service manually outside of cloud.gov, then supply the credentials yourself.
  • Managed service instances: You can provision a managed service instance through the marketplace in cloud.gov on demand, and let cloud.gov supply the credentials.

Setting up user-provided service instances

Once you’ve provisioned a service manually, create a user-provided service instance to hold the credentials. Bind the service instance to your application to make the credentials available.

Provisioning managed services through the marketplace

cloud.gov offers a marketplace of FedRAMP-authorized managed services that we operate in a secure and compliant manner on your behalf. You can also extend the marketplace to include additional services run by other organizations.

To list all the managed services and plans available to a given space, you run cf marketplace from your command line. Here is a list of the managed services that are generally available:

Service Name Description Support Status
aws-rds Persistent, relational databases using Amazon RDS Production Ready
cdn-route Custom domains, CDN caching, and TLS certificates with automatic renewal Production Ready
cloud-gov-identity-provider Authenticate cloud.gov users in your app Beta
cloud-gov-service-account cloud.gov service accounts for automated access by programs Production Ready
custom-domains Custom domains and TLS certificates with automatic renewal Production Ready
elasticsearch24 Elasticsearch version 2.4: a distributed, RESTful search and analytics engine Beta
elasticsearch56 Elasticsearch version 5.6: a distributed, RESTful search and analytics engine Beta
redis Redis: an open source in-memory database. Beta
s3 Amazon S3 provides developers with secure, durable, highly-scalable object storage Production Ready
volume-services Existing NFSv3 volumes (see: https://code.cloudfoundry.org/nfs-volume-release/) Experimental

Support Status

  • Production Ready: The service has been tested to ensure it has the resiliency required for a production system.
  • Beta: The service is stable but still requires further development to ensure it can be deployed to production systems.
  • Alpha: The service is under development and some downtime or data loss can occur.

Extending the marketplace

“Brokers” are the invisible integrators that enable you to set up managed service instances in cloud.gov in a consistent and self-service fashion. A broker offers a simple API that manages the service instance lifecycle. You can run your own broker to make a service from outside cloud.gov available through cloud.gov’s marketplace.

Note that when you extend the cloud.gov marketplace with your own broker, the cloud.gov team cannot vouch for the security or compliance of the brokered services. You will need to document and authorize your own brokered services in accordance with your agency’s compliance requirements.

This tutorial includes instructions for integrating your own broker, and demonstrates how to deploy sample brokers into cloud.gov. Once you’ve reviewed this tutorial, you may want to investigate some of the community-supported broker add-ons for Cloud Foundry such as the app-autoscaler.

The Open Service Broker API (OSBAPI) standardizes the way brokers work between Cloud Foundry and Kubernetes. Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure maintain open-source OSBAPI-compliant brokers. These brokers enable you to extend the cloud.gov marketplace with services from these providers.

You can also write your own broker to manage the lifecycle of a service or automate a process unique to your organization. Check out the example service brokers for some interesting use-cases such as provisioning GitHub repositories or virtual machines.

Note: If you’re a vendor with a broker for a FedRAMP-authorized service that you’d like to be made available for all users of cloud.gov, please contact us to discuss whether it can be included in our marketplace.