Skip to content

azure_cpi job from bosh-azure-cpi/37.5.0

Github source: f10d573 or master branch

Properties

agent

blobstore

access_key_id

AWS access_key_id for agent used by s3 blobstore plugin

address

Address for agent to connect to blobstore server used by simple blobstore plugin

secret_access_key

AWS secret_access_key for agent used by s3 blobstore plugin

mbus

Agent mbus

nats

address

Address of the nats server

azure

azure_stack

authentication

The authentication type for your AzureStack deployment. AzureAD, AzureChinaCloudAD or ADFS

Default
AzureAD
ca_cert

All required custom CA certificates for AzureStack

Example
'-----BEGIN CERTIFICATE----- MII... -----END CERTIFICATE-----'
domain

The domain for your AzureStack deployment

Default
local.azurestack.external
endpoint_prefix

The endpoint prefix for your AzureStack deployment

Default
management
resource

The token resource for your AzureStack deployment

certificate

The certificate for the azure cpi (One of client_id or certificate is required when azure.credentials_source is set to static)

Example
'-----BEGIN PRIVATE KEY----- MII... -----END PRIVATE KEY----- -----BEGIN CERTIFICATE-----
  MII... -----END CERTIFICATE-----'

client_id

The client ID for the azure cpi (Required when azure.credentials_source is set to static)

client_secret

The client secret for the azure cpi (One of client_id or certificate is required when azure.credentials_source is set to static)

credentials_source

Where to get Azure credentials for the azure cpi. This can be set to static to use tenant_id, client_id and client_secret/certificate, or set to managed_identity to get the credentials from Azure managed service identity.

Default
static

debug_mode

Enable debug mode to log all raw HTTP requests/responses

Default
false

default_managed_identity

type

The type of managed identity used for the VM. The type SystemAssigned includes an implicitly created identity and the type UserAssigned includes a set of user assigned identities. For the type specified here to be used, azure.credentials_source has to be set to managed_identity.

user_assigned_identity_name

The user-assigned identity name associated with the VM. For the user-assigned identity specified here to be used, azure.credentials_source has to be set to managed_identity.

default_security_group

The name of the default security group that will be applied to all created VMs

enable_telemetry

Enable telemetry on CPI calls

Default
false

enable_vm_boot_diagnostics

Enable VM boot diagnostics

Default
false

environment

The environment for Azure Management Service. AzureCloud, AzureChinaCloud, AzureUSGovernment, AzureGermanCloud or AzureStack

Default
AzureCloud

isv_tracking_guid

ISV tracking GUID for usage association

keep_failed_vms

Enable keeping the VM which failed in provisioning for troubleshooting

Default
false

location

Azure region name

Example
eastus

parallel_upload_thread_num

The number of threads to upload stemcells in parallel

Default
16

pip_idle_timeout_in_minutes

Idle timeouts in minutes for dynamic public IPs

Default
4

resource_group_name

Resource group name to use when spinning up new vms

ssh_public_key

The content of the SSH public key for new vms

ssh_user

Default ssh user for new vms

Default
vcap

storage_account_name

Azure storage account name. This property is required when use_managed_disks is false or upgrading from an existing deployment whose use_managed_disks is false.

subscription_id

Azure Subscription ID

tenant_id

The tenant ID for the azure cpi (Required when azure.credentials_source is set to static)

use_default_account_for_cleaning

Use the default storage account when cleaning stemcells, to get around the issue where all subscription storage accounts cannot be listed or read from. If multiple accounts are being used by BOSH, this will cause stemcells to be not fully deleted and leak storage space.

Default
false

use_managed_disks

Enable managed disks

Default
false

blobstore

access_key_id

AWS access_key_id used by s3 blobstore plugin

address

Address of blobstore server used by simple blobstore plugin

agent

password

Password agent uses to connect to blobstore used by simple blobstore plugin

user

Username agent uses to connect to blobstore used by simple blobstore plugin

bucket_name

AWS S3 Bucket used by s3 blobstore plugin

host

Host of blobstore server used by simple blobstore plugin

path

local blobstore path

port

Port of blobstore server used by simple blobstore plugin

Default
25250

provider

Provider of the blobstore used by director and agent (dav|simple|s3)

Default
dav

s3_force_path_style

Whether s3 blobstore plugin will always use path style for bucket access

Default
false

s3_port

Port of blobstore server used by s3 blobstore plugin

Default
443

secret_access_key

AWS secret_access_key used by s3 blobstore plugin

use_ssl

Whether the simple blobstore plugin should use SSL to connect to the blobstore server

Default
true

env

http_proxy

Http proxy to connect to cloud API’s

https_proxy

Https proxy to connect to cloud API’s

no_proxy

No proxy environment variable

nats

address

Address of the nats server

password

Password to connect to nats with

port

Port that the nats server listens on

Default
4222

user

Username to connect to nats with

Default
nats

ntp

List of ntp server IPs. pool.ntp.org attempts to return IPs closest to your location, but you can still specify if needed.

Default
  - 0.pool.ntp.org
  - 1.pool.ntp.org

registry

endpoint

Full URL for the registry endpoint that may include basic auth credentials

Example
http://admin:admin-password@some-ip:port

host

Address of the Registry to connect to

password

Password to access the Registry

port

Port of the Registry to connect to

Default
25777

username

User to access the Registry

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/azure_cpi/ directory (learn more).

  • bin/cpi (from cpi.erb)
  • config/azure_stack_ca_cert.pem (from azure_stack_ca_cert.pem.erb)
  • config/cpi.json (from cpi.json.erb)
  • config/service_principal_certificate.pem (from service_principal_certificate.pem.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.