Merge pull request #9 from oracle/v120-release

Support for Using existing Service Instance.

Author: naman223

README.md

@@ -38,7 +38,9 @@ Samples for creating Service Instances and Bindings using `oci-service-broker`,
 
 ## Troubleshooting
 
-See [Troubleshooting](charts/oci-service-broker/docs/troubleshoot.md#troubleshooting-guide-for-oci-service-broker) document for details on debugging common and known issues.
+You can use the [diagnostics tool](charts/oci-service-broker/tools/diagnostics_tool.sh) to help identify the common issues in the installation.
+
+Also see [Troubleshooting](charts/oci-service-broker/docs/troubleshoot.md#troubleshooting-guide-for-oci-service-broker) document for details on debugging common and known issues.
 
 ## Changes
 

charts/oci-service-broker/Chart.yaml

@@ -5,4 +5,4 @@
 apiVersion: v1
 description: A Helm chart for installing OCI Service Broker into a Kubernetes cluster
 name: oci-service-broker
-version: 1.1.1
+version: 1.2.0

charts/oci-service-broker/README.md

@@ -16,20 +16,20 @@
       - [Recommended Setup Command](docs/installation.md#recommended-setup-command)
   - [RBAC](docs/installation.md#rbac)
     - [RBAC required for OCI Service Broker](docs/installation.md#rbac-required-for-oci-service-broker)
-    - [RBAC Permissions for registering OCI Service Broker and creating services](docs/installation.md#rbac-permissions-for-registering-service-broker-and-creating-services)
+    - [RBAC Permissions for registering OCI Service Broker](docs/installation.md#rbac-permissions-for-registering-oci-service-broker)
   - [Register OCI Service Broker](docs/installation.md#register-oci-service-broker)
   - [Monitoring OCI Service Broker](docs/installation.md#monitoring-oci-service-broker)
     - [JMX](docs/installation.md#jmx)
-- [Guidelines for Securing OCI Service Broker](docs/security.md#guidelines-for-securing-service-broker)
+- [Guidelines for Securing OCI Service Broker](docs/security.md#guidelines-for-securing-oci-service-broker)
   - [Restrict access to Service Catalog resources using RBAC](docs/security.md#restrict-access-to-service-catalog-resources-using-rbac)
     - [Read-only access](docs/security.md#read-only-access)
-    - [Full acccess](docs/security.md#full-acccess)
+    - [Full access](docs/security.md#full-acccess)
   - [TLS enable endpoint](docs/security.md#tls-enable-endpoint)
-  - [Restrict access of the OCI User used by OCI Service Broker](docs/security.md#restrict-access-of-the-oci-user-used-by-service-broker)
+  - [Restrict access of the OCI User used by OCI Service Broker](docs/security.md#restrict-access-of-the-oci-user-used-by-oci-service-broker)
     - [OCI User Capabilities](docs/security.md#oci-user-capabilities)
     - [Policies to allow access to Services](docs/security.md#policies-to-allow-access-to-services)
     - [Restrict the permissions only to the required Compartments](docs/security.md#restrict-the-permissions-only-to-the-required-compartments)
-  - [Limit access to OCI Service Broker endpoint using Networkpolicy](docs/security.md#limit-access-to-service-broker-endpoint-using-networkpolicy)
+  - [Limit access to OCI Service Broker endpoint using Networkpolicy](docs/security.md#limit-access-to-oci-service-broker-endpoint-using-networkpolicy)
     - [Strategy 1-Allow access only for Service Catalog running in the same namespace](docs/security.md#strategy-1-allow-access-only-for-service-catalog-running-in-the-same-namespace)
     - [Strategy 2-Allow access only for Service Catalog from any namespace](docs/security.md#strategy-2-allow-access-only-for-service-catalog-from-any-namespace)
     - [Strategy 3-Allow access for any pods running in a certain namespace](docs/security.md#strategy-3-allow-access-for-any-pods-running-in-a-certain-namespace)
@@ -42,33 +42,39 @@
     - [Plans](docs/object-storage.md#plans)
     - [OCI User Permission requirement](docs/object-storage.md#oci-user-permission-requirement)
     - [Service Provision Request Parameters](docs/object-storage.md#service-provision-request-parameters)
+      - [Provisioning a new Object Storage Service Instance](docs/object-storage.md#provisioning-a-new-object-storage-service-instance)
+      - [Using Existing Object Storage Service Instance](docs/object-storage.md#using-an-existing-object-storage-service-instance)
     - [Service Binding](docs/object-storage.md#service-binding)
       - [Request Parameters](docs/object-storage.md#request-parameters)
       - [Response Credentials](docs/object-storage.md#response-credentials)
     - [Example](docs/object-storage.md#example)
       - [Kubernetes](docs/object-storage.md#kubernetes)
-        - [Provisioning](docs/object-storage.md#provisioning)
+        - [Creating a New Object Storage Instance](docs/object-storage.md#creating-a-new-object-storage-instance)
+        - [Using Existing Object Storage Service Instance](docs/object-storage.md#using-an-existing-object-storage-instance)
         - [Binding](docs/object-storage.md#binding)
   - [Autonomous Transaction Processing Service](docs/atp.md#autonomous-transaction-processing-service)
     - [Introduction](docs/atp.md#introduction)
     - [Plans](docs/atp.md#plans)
     - [OCI User Permission requirement](docs/atp.md#oci-user-permission-requirement)
     - [Service Provision Request Parameters](docs/atp.md#service-provision-request-parameters)
+      - [Provisioning a new ADW Service Instance](docs/atp.md#provisioning-a-new-atp-service-instance)
+      - [Using Existing ADW Service Instance](docs/atp.md#using-an-existing-atp-service-instance)
     - [Service Binding Request Parameters](docs/atp.md#service-binding-request-parameters)
     - [Service Binding Response Credentials](docs/atp.md#service-binding-response-credentials)
     - [Examples](docs/atp.md#examples)
       - [Prerequisite](docs/atp.md#prerequisite)
         - [OCI Service Broker](docs/atp.md#oci-service-broker)
         - [Sample files](docs/atp.md#sample-files)
       - [Provisioning](docs/atp.md#provisioning)
-        - [Creating an ATP ServiceInstance](docs/atp.md#creating-an-atp-serviceinstance)
+        - [Creating an ATP Instance](docs/atp.md#creating-a-new-atp-instance)
+        - [Using Existing ATP Instance](docs/atp.md#using-an-existing-atp-instance)
         - [Get instance status](docs/atp.md#get-instance-status)  
       - [Binding](docs/atp.md#binding)
         - [Creating an ATP ServiceBinding resource](docs/atp.md#creating-an-atp-servicebinding-resource)
         - [Get Binding status](docs/atp.md#get-instance-status)
-      - [Sample program to Connect to ATP](docs/atp.md#sample-program-to-connect-to-atp)
+      - [Connecting to a provisioned ATP instance](docs/atp.md#connecting-to-a-provisioned-atp-instance)
         - [Create a Kubernetes Secret with passwords](docs/atp.md#create-a-kubernetes-secret-with-passwords)
-        - [Deploy sample application](docs/atp.md#deploy-sample-application)
+        - [Injecting credentials and configurations](docs/atp.md#injecting-credentials-and-configurations)
       - [Deprovision](docs/atp.md#deprovision)
         - [Delete Service Binding](docs/atp.md#delete-service-binding)
         - [Delete Service Instance](docs/atp.md#delete-service-instance)
@@ -78,21 +84,24 @@
     - [Plans](docs/adw.md#plans)
     - [OCI User Permission requirement](docs/adw.md#oci-user-permission-requirement)
     - [Service Provision Request Parameters](docs/adw.md#service-provision-request-parameters)
+      - [Provisioning a new ADW Service Instance](docs/adw.md#provisioning-a-new-adw-service-instance)
+      - [Using Existing ADW Service Instance](docs/adw.md#using-an-existing-adw-service-instance)
     - [Service Binding Request Parameters](docs/adw.md#service-binding-request-parameters)
     - [Service Binding Response Credentials](docs/adw.md#service-binding-response-credentials)
     - [Examples](docs/adw.md#examples)
       - [Prerequisite](docs/adw.md#prerequisite)
         - [OCI Service Broker](docs/adw.md#oci-service-broker)
         - [Sample files](docs/adw.md#sample-files)
       - [Provisioning](docs/adw.md#provisioning)
-        - [Creating an ADW ServiceInstance](docs/adw.md#creating-an-adw-serviceinstance)
+        - [Creating a new ADW Instance](docs/adw.md#creating-a-new-adw-instance)
+        - [Using Existing ADW Instance](docs/adw.md#using-an-existing-adw-instance)   
         - [Get instance status](docs/adw.md#get-instance-status)  
       - [Binding](docs/adw.md#binding)
         - [Creating an ADW ServiceBinding resource](docs/adw.md#creating-an-adw-servicebinding-resource)
         - [Get Binding status](docs/adw.md#get-instance-status)
-      - [Sample program to Connect to ADW](docs/adw.md#sample-program-to-connect-to-adw)
+      - [Connecting to a provisioned ADW instance](docs/adw.md#connecting-to-a-provisioned-adw-instance)
         - [Create a Kubernetes Secret with passwords](docs/adw.md#create-a-kubernetes-secret-with-passwords)
-        - [Deploy sample application](docs/adw.md#deploy-sample-application)
+        - [Injecting credentials and configurations](docs/adw.md#injecting-credentials-and-configurations)
       - [Deprovision](docs/adw.md#deprovision)
         - [Delete Service Binding](docs/adw.md#delete-service-binding)
         - [Delete Service Instance](docs/adw.md#delete-service-instance)
@@ -101,12 +110,15 @@
     - [Introduction](docs/oss.md#introduction)
     - [Plans](docs/oss.md#plans)
     - [Service Provision Request Parameters](docs/oss.md#service-provision-request-parameters)
+        - [Creating a OSS Service Instance](docs/oss.md#creating-a-new-oss-instance)
+        - [Using Existing OSS Service Instance](docs/oss.md#using-an-existing-oss-service-instance)
     - [Service Binding](docs/oss.md#service-binding)
       - [Request Parameters](docs/oss.md#request-parameters)
       - [Response Credentials](docs/oss.md#response-credentials)
     - [Example](docs/oss.md#example)
       - [Kubernetes](docs/oss.md#kubernetes)
-        - [Provisioning](docs/oss.md#provisioning)
+        - [Creating a New OSS Instance](docs/oss.md#creating-a-new-oss-instance)
+        - [Using Existing OSS Service Instance](docs/oss.md#using-an-existing-oss-instance)  
         - [Binding](docs/oss.md#binding)
 
 ## Introduction  
@@ -116,4 +128,6 @@ The OCI Service Broker is an open source implementation of [Open service broker
 - Easy installation.
 - Easy extension.
 - Provide OOTB implementations for common OCI services.
-- OCI Service Broker Installation.
+- OCI Service Broker Installation.
+- [Using an Existing Service Instance](docs/services.md#using-an-existing-service-instance)
+ 

charts/oci-service-broker/docs/adw.md

@@ -4,14 +4,17 @@
 - [Plans](#plans)
 - [OCI User Permission requirement](#oci-user-permission-requirement)
 - [Service Provision Request Parameters](#service-provision-request-parameters)
+    - [Provisioning a new ADW Service Instance](#provisioning-a-new-adw-service-instance)
+    - [Using an Existing ADW Service Instance](#using-an-existing-adw-service-instance)
 - [Service Binding Request Parameters](#service-binding-request-parameters)
 - [Service Binding Response Credentials](#service-binding-response-credentials)
 - [Examples](#examples)
   - [Prerequisite](#prerequisite)
     - [OCI Service Broker](#oci-service-broker)
     - [Sample files](#sample-files)
   - [Provisioning](#provisioning)
-    - [Creating an ADW ServiceInstance](#creating-an-adw-serviceinstance)
+    - [Creating a new ADW Instance](#creating-a-new-adw-instance)
+    - [Using an Existing ADW Instance](#using-an-existing-adw-instance)   
     - [Get instance status](#get-instance-status)  
   - [Binding](#binding)
     - [Creating an ADW ServiceBinding resource](#creating-an-adw-servicebinding-resource)
@@ -42,7 +45,9 @@ The OCI user for OCI Service Broker should have permission `manage` for resource
 Allow group <SERVICE_BROKER_GROUP> to manage autonomous-data-warehouse in compartment <COMPARTMENT_NAME>
 ```
 
-## Service Provision Request Parameters
+### Service Provision Request Parameters
+
+## Provisioning a new ADW Service Instance
 
 To provision, an ADW service user needs to provide the following details:
 
@@ -58,6 +63,20 @@ To provision, an ADW service user needs to provide the following details:
 | `freeFormTags`   | free form tags that are to be used for tagging the ADW instance.    | object | no        |
 | `definedTags`    | The defined tags that are to be used for tagging the ADW instance.  | object | no        |
 
+## Using an Existing ADW Service Instance
+
+For more information about binding to an existing ADW service instance, see [Using an Existing Service Instance](services.md#using-an-existing-service-instance).
+
+To attach to an existing ADW service, the user needs to provide the following details. In this case, OCI Service broker will neither provision a new instance nor update/change the existing instance.
+
+| Parameter        | Description                                                         | Type    | Mandatory |
+| ---------------- | ------------------------------------------------------------------- | ------- | --------- |
+| `name`           | The display name for the ADW instance.                              | string  | yes       |
+| `ocid`           | The OCID for existing ADW Instance.                                 | string  | yes       |
+| `provisioning`   | Set provisioning flag value as false.                               | boolean | yes       |
+
+
+
 ## Service Binding Request Parameters
 
 The user needs to pass the following parameters to get the binding details:
@@ -124,7 +143,7 @@ Providing password in plain text may not be an idle case. Alternatively, the use
 
 Please refer [Use Secret to pass passwords](#use-secret-to-pass-passwords) section for passing the password from secrets.
 
-#### Creating an ADW ServiceInstance
+#### Creating a new ADW Instance
 
 **NOTE:**
 The [`adw-instance-plain.yaml`](../samples/adw/adw-instance-plain.yaml) files contain the compartment OCID in which the user wants to provision the ADW instance. The user needs to update it with their compartment OCID.
@@ -133,6 +152,15 @@ The [`adw-instance-plain.yaml`](../samples/adw/adw-instance-plain.yaml) files co
 kubectl create -f charts/oci-service-broker/samples/adw/adw-instance-plain.yaml
 ```
 
+#### Using an existing ADW Instance
+
+**NOTE:**
+The  [`adw-existing-instance.yaml`](../samples/adw/adw-existing-instance.yaml) files contain the instance OCID and compartment OCID which the user wants to provision as existing ADW instance. The user needs to update it with their instance OCID and compartment OCID.
+
+```bash
+kubectl create -f charts/oci-service-broker/samples/adw/adw-existing-instance.yaml
+```
+
 #### Get instance status
 
 ```bash
@@ -350,7 +378,7 @@ NAME NAMESPACE CLASS PLAN STATUS
 adw-instance-1 catalog adw-service standard Deprovisioning
 ```
 
-It usually takes 5-10 minutes for an instance to get deprovisioned. On successful deprviosining the ServiceInstance will be removed and won't be listed.
+It usually takes 5-10 minutes for an instance to get deprovisioned. On successful deprviosining the ServiceInstance will be removed and won't be listed. In case of the existing instance actual instance won't be removed.
 
 ### Use Secret to pass passwords
 

charts/oci-service-broker/docs/atp.md

@@ -4,14 +4,17 @@
 - [Plans](#plans)
 - [OCI User Permission requirement](#oci-user-permission-requirement)
 - [Service Provision Request Parameters](#service-provision-request-parameters)
+    - [Provisioning a new ATP Service Instance](#provisioning-a-new-atp-service-instance)
+    - [Using an Existing ATP Service Instance](#using-an-existing-atp-service-instance)
 - [Service Binding Request Parameters](#service-binding-request-parameters)
 - [Service Binding Response Credentials](#service-binding-response-credentials)
 - [Examples](#examples)
   - [Prerequisite](#prerequisite)
     - [OCI Service Broker](#oci-service-broker)
     - [Sample files](#sample-files)
   - [Provisioning](#provisioning)
-    - [Creating an ATP ServiceInstance](#creating-an-atp-serviceinstance)
+    - [Creating an ATP Instance](#creating-a-new-atp-instance)
+    - [Using an Existing ATP Instance](#using-an-existing-atp-instance)
     - [Get instance status](#get-instance-status)
   - [Binding](#binding)
     - [Creating an ATP ServiceBinding resource](#creating-an-atp-servicebinding-resource)
@@ -42,7 +45,9 @@ The OCI user for OCI Service Broker should have permission `manage` for resource
 Allow group <SERVICE_BROKER_GROUP> to manage autonomous-database in compartment <COMPARTMENT_NAME>
 ```
 
-## Service Provision Request Parameters
+### Service Provision Request Parameters
+
+## Provisioning a new ATP Service Instance
 
 To provision, an ATP service user needs to provide the following details:
 
@@ -58,6 +63,19 @@ To provision, an ATP service user needs to provide the following details:
 | `freeFormTags`   | free form tags that are to be used for tagging the ATP instance.    | object | no        |
 | `definedTags`    | The defined tags that are to be used for tagging the ATP instance.  | object | no        |
 
+## Using an Existing ATP Service Instance
+
+For more information about binding to an existing ATP service instance, see [Using an Existing Service Instance](services.md#using-an-existing-service-instance).
+
+To attach to an existing ATP service, the user needs to provide the following details. In this case, OCI Service broker will neither provision a new instance nor update/change the existing instance.
+
+| Parameter        | Description                                                         | Type    | Mandatory |
+| ---------------- | ------------------------------------------------------------------- | ------- | --------- |
+| `name`           | The display name for the ATP instance.                              | string  | yes       |
+| `ocid`           | The OCID for existing ATP Instance.                                 | string  | yes       |
+| `provisioning`   | Set provisioning flag value as false.                               | boolean | yes       |
+
+
 ## Service Binding Request Parameters
 
 The user needs to pass the following parameters to get the binding details:
@@ -124,7 +142,7 @@ Providing password in plain text may not be an idle case. Alternatively, the use
 
 Please refer [Use Secret to pass passwords](#use-secret-to-pass-passwords) section for passing the password from secrets.
 
-#### Creating an ATP ServiceInstance
+#### Creating a New ATP Instance
 
 **NOTE:**
 The  [`atp-instance-plain.yaml`](../samples/atp/atp-instance-plain.yaml) files contain the compartment OCID in which the user wants to provision the ATP instance. The user needs to update it with their compartment OCID.
@@ -133,6 +151,15 @@ The  [`atp-instance-plain.yaml`](../samples/atp/atp-instance-plain.yaml) files c
 kubectl create -f charts/oci-service-broker/samples/atp/atp-instance-plain.yaml
 ```
 
+#### Using an existing ATP Instance
+
+**NOTE:**
+The  [`atp-existing-instance.yaml`](../samples/atp/atp-existing-instance.yaml) files contain the instance OCID and compartment OCID which the user wants to provision as existing ATP instance. The user needs to update it with their instance OCID and compartment OCID.
+
+```bash
+kubectl create -f charts/oci-service-broker/samples/atp/atp-existing-instance.yaml
+```
+
 #### Get instance status
 
 ```bash
@@ -349,7 +376,7 @@ NAME NAMESPACE CLASS PLAN STATUS
 atp-instance-1 catalog atp-service standard Deprovisioning
 ```
 
-It usually takes 5-10 minutes for an instance to get deprovisioned. On successful deprviosining the ServiceInstance will be removed and won't be listed.
+It usually takes 5-10 minutes for an instance to get deprovisioned. On successful deprviosining the ServiceInstance will be removed and won't be listed. In case of the existing instance the actual instance won't be removed.
 
 ### Use Secret to pass passwords