gorouter job from cf/267
Gorouter maintains a dynamic routing table based on updates received from NATS and (when enabled) the Routing API. This routing table maps URLs to backends. The router finds the URL in the routing table that most closely matches the host header of the request and load balances across the associated backends.
The port used to emit dropsonde messages to the Metron agent.
IPs of each NATS cluster member
- |+ - 192.168.50.123 - 192.168.52.123
Password for NATS authentication
TCP port of NATS servers
User name for NATS authentication
Timeout in seconds for Router -> Endpoint roundtrip.
Algorithm used to distribute requests for a route across backends. Supported values are round-robin and least-connection
An ordered list of golang supported standard SSL cipher suites containing golang tls constants (https://github.com/golang/go/blob/release-branch.go1.7/src/crypto/tls/cipher_suites.go#L269-L285) separated by colons. The cipher suite will be chosen according to this order during SSL handshake
Address at which to serve debug info
Host to ping for confirmation of DNS resolution, only used when Routing API is enabled
Delay in seconds after shut down is initiated before server stops listening. During this time the server will reject requests to the /health endpoint. This accommodates requests forwarded by a load balancer until it considers the router unhealthy.
Enables streaming of access log to syslog.
Enables support for the popular PROXY protocol, allowing downstream load balancers that do not support HTTP to pass along client information.
When enabled, Gorouter will listen on port 443 and terminate TLS for requests received on this port.
An array of headers that access log events will be annotated with
Enables setting X-Forwarded-Proto header if SSL termination happened upstream and incorrectly set the header value. When this property is set to true gorouter sets the header X-Forwarded-Proto to https. When this value set to false, gorouter set the header X-Forwarded-Proto to the protocol of the incoming request
DEPRECATED. Use /health endpoint on port specified by status.port. User-Agent for the health check agent (usually the Load Balancer).
Routes with these isolation segments will be registered. Used in combination with routing_table_sharding_mode.
Time period in seconds to wait until declaring the router instance started after starting the listener socket. This allows an external load balancer time to register the instance as healthy.
Log level for router
The frequency in minutes which logrotate will rotate VM logs
The number of files that logrotate will keep around on the VM
The size at which logrotate will decide to rotate the log file
Maximum total idle keepalive connections to backends. When 0, support for keepalive connections is disabled. Maximum idle connections per backend is 100.
Number of CPUs to utilize, the default (-1) will equal the number of available CPUs
Listening Port for Router.
On startup, the router will delay listening for requests by this duration to increase likelihood that it has a complete routing table before serving requests. The router also broadcasts the same duration as a recommended interval to registering clients via NATS. This must be less than 60, otherwise monit will mark the process as failed.
Route Services are told where to send requests after processing using the X-CF-Forwarded-Url header. When this property is true, the scheme for this URL is https. When false, the scheme is http. As requests from Route Services to applications on CF transit load balancers and gorouter, disable this property for deployments that have TLS termination disabled.
Support for route services is disabled when no value is configured. A robust passphrase is recommended.
To rotate keys, add your new key here and deploy. Then swap this key with the value of route_services_secret and deploy again.
Expiry time of a route service signature in seconds
all: all routes will be registered. shared-and-segments: both routes for the configured isolation segments and those that do not have an isolation segment specified will be registered. segments: only routes for the configured isolation segments will be registered.
Set secure flag on http cookies
The public ssl cert for ssl termination
The private ssl key for ssl termination
Skip validation of TLS certificates received from route services and UAA
Password for HTTP basic auth to the /varz and /routes endpoints.
Port for the /health, /varz, and /routes endpoints.
Username for HTTP basic auth to the /varz and /routes endpoints.
Suspend pruning of routes when NATs is unavailable and maintain the current routing table. WARNING: This strategy favors availability over consistency and there is a possibility of routing to an incorrect endpoint in the case of port re-use. To be used with caution.”
If the X-Vcap-Trace request header is set and has this value, trace headers are added to the response.
Enables the addition of the X-B3-Trace-Id header to incoming requests. If the header already exists on the incoming request, it will not be overwritten.
When false, Routing API requires OAuth tokens for authentication.
When enabled, GoRouter will fetch HTTP routes from the Routing API in addition to routes obtained via NATS.
Port on which Routing API is running.
URL where the routing API can be reached internally
Certificate authority for communication between clients and uaa.
Secure Port on which UAA is running.
UAA token endpoint host name. Do not include a scheme in this value; TCP Router will always use TLS to connect to UAA.
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be