#sudo init 5

This article takes you through the steps of sign-in, configuring, writing and deploying a small web application to SpringSource's Cloud Foundry (PAAS) service. But to get started, you will need to obtain Spring Tool Suite (STS), an Eclipse distribution that comes pre-tooled with Spring-Framework specific componentry.

Link to Blog Post.

This is a brief introduction/summary of the Caldecott tool as part of the Cloud Foundry stack.

Caldecott is the ‘proxying’ tunnel program which sits as a deployment in your Cloud hypervisor. Its job is to tunnel traffic between your CF deployment and your local workstation (both are possibly running behind firewalls, and other odd-sorts of network infra). It is invoked through the ‘vmc tunnel’ command which does the heavy lifting of negotiating the session.

Lets say you have CF provisioned with postgresql with instance id ‘postgresql-12345’ and want to access this instance from your workstation to perform backup or initialization. It’s really transparent in how vmc creates the tunnel, just issue a command ‘vmc tunnel postgresql-12345’ and viola!  Caldecott gets deployed into your remote CF then a local port is opened to direct traffic ala’ ip-tunnel to that Caldecott instance. An (interactive) password must also be given so that future connections are protected.

This tunnel invocation connects your local client with the postgres service running on the CF.  It executes a specific client (e.g. psql  -h .. -p .. -d …) command as you would from the command line, which can be duplicated from another local shell.  Additionally, you may setup other clients to access a database in any manner by employing the username/password/db parameters that vmc listed as it was creating the tunnel.

e.g

JDBC can similarly connect through a URL (given port 10001 was used)

jdbc:postgresql://localhost:10001/de1a2b6b327bd4bba95e74893ef8b62f1?user=u37be048a9ef9485a8b2abe20ab2b2b82&password=pbe1977779ddf406586429aaa28fc5f88

This gives only temporary access as the user/password combination changes between vmc logins.  You would ordinarily use this for ad-hoc use-cases where one were initializing a DB, performing one-time queries, or as in the case stated above - making a backup. That pretty much sums up with as little detail as possible how the Caldecott tool provides coverage for network access to your CF instance from afar, without additional infrastructure negotiation.  I hope to see updates in this journal as I discover new things by you, or myself.  Please provide any feedback as I am very appreciative for corrections, embellishments, and suggestion.