Skip to content

bbs job from diego/2.96.0

Github source: 9e1446a5a or master branch

Properties

bpm

enabled

use the BOSH Process Manager to manage the BBS process.

Default
false

cell_registrations

locket

enabled

When set, the BBS will detect Diego cells registered with the Locket API.

Default
true

database

tls

enable_identity_verification

Whether to verify the identity of the database host when connecting with TLS. Set this to false to allow TLS connections to database providers that do not configure the database’s TLS certificate to include its hostname or IP, such as Google Cloud SQL

Default
true

diego

bbs

active_key_label

Label of the encryption key to be used when writing to the database

advertisement_base_hostname

Suffix for the BBS advertised hostname

Default
bbs.service.cf.internal
auctioneer
api_location

Hostname and port of the auctioneer API, without URI scheme.

Default
auctioneer.service.cf.internal:9016
ca_cert

CA cert for communication to the auctioneer.

client_cert

Client cert for communication to the auctioneer.

client_key

Client key for communication to the auctioneer.

require_tls

Whether to require mutual TLS for communication with the auctioneer API. Deprecated, Diego V2 and later require Auctioneer communication to use TLS. This is only relevant when upgrading from V1 to ensure no downtime during the upgrade

Default
false
ca_cert

REQUIRED: PEM-encoded CA certificate

convergence
expire_completed_task_duration_in_seconds

completed, unresolved tasks are deleted after this duration in seconds

Default
120
expire_pending_task_duration_in_seconds

unclaimed tasks are marked as failed, after this duration in seconds

Default
1800
kick_task_duration_in_seconds

the interval, in seconds, between kicks to tasks in seconds

Default
30
repeat_interval_in_seconds

the interval between runs of the converge process

Default
30
debug_addr

address at which to serve debug info

Default
127.0.0.1:17017
enable_access_log

Enable access log, i.e. log every request made to the bbs

Default
false
encryption_keys

List of encryption keys to be used

Default
[]
health_addr

address at which BBS serves ‘/ping’ health-check endpoint

Default
127.0.0.1:8890
listen_addr

address at which to serve API requests

Default
0.0.0.0:8889
locket
api_location

Hostname and port of the Locket server. When set, the BBS attempts to claim a lock from the Locket API and will detect Diego cells registered with the Locket API.

Default
locket.service.cf.internal:8891
client_keepalive_time

Period in seconds after which the locket gRPC client sends keepalive ping requests to the locket server it is connected to.

Default
10
client_keepalive_timeout

Timeout in seconds to receive a response to the keepalive ping. If a response is not received within this time, the locket client will reconnect to another server.

Default
22
log_level

Log level

Default
info
rep
ca_cert

CA cert for communication to the rep.

client_cert

Client cert for communication to the rep.

client_key

Client key for communication to the rep.

client_session_cache_size

capacity of the tls client cache

Default
0
require_tls

Whether to require TLS for communication to the securable rep API server. Deprecated, Diego V2 and later require Rep communication to use TLS. This is only relevant when upgrading from V1 to ensure no downtime during the upgrade

Default
false
server_cert

REQUIRED: PEM-encoded client certificate

server_key

REQUIRED: PEM-encoded client key

sql
ca_cert

Bundle of CA certificates for the BBS to verify the SQL server SSL certificate when connecting via SSL

db_driver

Database driver to use for SQL backend (for example: mysql,postgres)

Default
mysql
db_host

Host for SQL backend

Default
""
db_password

Password to use for connecting to SQL backend

Default
""
db_port

Port for SQL backend

Default
""
db_schema

Database name to use for connecting to SQL backend

Default
""
db_username

Username to use for connecting to SQL backend

Default
""
max_idle_connections

Maximum number of idle connections to the SQL database

Default
200
max_open_connections

Maximum number of open connections to the SQL database

Default
200
require_ssl

Whether to require SSL for BBS communication to the SQL backend

Default
false

limits

open_files

Maximum number of files (including sockets) the BBS process may have open.

Default
100000

locks

locket

enabled

When set, the BBS attempts to claim a lock from the Locket API.

Default
true

logging

format

timestamp

Format for timestamp in component logs. Valid values are ‘unix-epoch’ and ‘rfc3339’.

Default
unix-epoch

max_data_string_length

Length in bytes above which logged strings will be truncated. If set to 0, turns off truncation.

Default
640

loggregator

ca_cert

CA Cert used to communicate with local metron agent over gRPC

cert

Cert used to communicate with local metron agent over gRPC

key

Key used to communicate with local metron agent over gRPC

use_v2_api

True to use local metron agent gRPC v2 API. False to use UDP v1 API.

Default
false

v2_api_port

Local metron agent gRPC port

Default
3458

set_kernel_parameters

Enable tuning /proc/sys kernel parameters. NOTE: set this property to ‘false’ when deploying to BOSH-Lite or other containerized BOSH clouds.

Default
true

tasks

max_retries

The number of times task placement should be retried after pre-execution task failure.

Default
3

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/bbs/ directory (learn more).

  • bin/bbs_as_vcap (from bbs_as_vcap.erb)
  • bin/bbs_ctl (from bbs_ctl.erb)
  • bin/bpm-pre-start (from bpm-pre-start.erb)
  • bin/drain (from drain.erb)
  • bin/post-start (from post-start.erb)
  • bin/set-bbs-kernel-params (from set-bbs-kernel-params.erb)
  • config/bbs.json (from bbs.json.erb)
  • config/bpm.yml (from bpm.yml.erb)
  • config/certs/auctioneer/ca.crt (from auctioneer_ca.crt.erb)
  • config/certs/auctioneer/client.crt (from auctioneer_client.crt.erb)
  • config/certs/auctioneer/client.key (from auctioneer_client.key.erb)
  • config/certs/ca.crt (from bbs_ca.crt.erb)
  • config/certs/loggregator/ca.crt (from loggregator_ca.crt.erb)
  • config/certs/loggregator/client.crt (from loggregator_client.crt.erb)
  • config/certs/loggregator/client.key (from loggregator_client.key.erb)
  • config/certs/rep/ca.crt (from rep_ca.crt.erb)
  • config/certs/rep/client.crt (from rep_client.crt.erb)
  • config/certs/rep/client.key (from rep_client.key.erb)
  • config/certs/server.crt (from bbs_server.crt.erb)
  • config/certs/server.key (from bbs_server.key.erb)
  • config/certs/sql/ca.crt (from sql_ca.crt.erb)
  • config/indicators.yml (from indicators.yml.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.