bits-service job from bits-service/2.26.0
Github source:
8705d6c
or
master branch
Properties¶
bits-service
¶
active_signing_key
¶
key_id
¶This is the key ID Bits-Service uses and clients should use to generate signed URLs. When rotating active signing keys, they should first go to alternative_signing_keys before removing them completely.
- Default
""
secret
¶This is the key secret Bits-Service uses and clients should use to generate signed URLs. When rotating active signing keys, they should first go to alternative_signing_keys before removing them completely.
- Default
""
alternative_signing_keys
¶List of alternative access key ID and secret pairs that can be used to sign and validate URLs. Clients should use active_signing_key.key_id and active_signing_key.secret to generate signed URLs to make sure they don’t use a key that is being removed with the next deployment.
- Default
[]- Example
|+ signing_keys: - key_id: some_key_id secret: some_secret - key_id: some_other_key_id secret: some_other_secret
app_stash
¶
blobstore_type
¶The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]
- Default
fog
directory_key
¶Directory (bucket) used to store app stash blobs.
- Default
app_stash
fog_aws_storage_options
¶Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.
- Default
{}
fog_connection
¶Fog connection properties.
gcp_retry_timeout_seconds
¶Specifies a timeout for calls against Google Cloud Storage. Only used when bucket is in Google Cloud and access method is through Google service account.
- Default
10
max_body_size
¶Maximum body size for nginx
- Default
1536M
maximum_size
¶Maximum size of a resource to cache in App-Stash
- Default
512M
minimum_size
¶Minimum size of a resource to cache in App-Stash
- Default
64K
s3_debug_log_level
¶Specifies log level for low-level S3 logging. Valid values are: LogDebug, LogDebugWithSigning, LogDebugWithHTTPBody, LogDebugWithRequestRetries, LogDebugWithRequestErrors
- Default
""
webdav_config
¶
ca_cert
¶The ca cert to use when communicating with webdav
password
¶The basic auth password that CC uses to connect to the admin endpoint on webdav
- Default
""
private_endpoint
¶The location of the webdav server eg: https://blobstore.internal
- Default
https://blobstore.service.cf.internal
public_endpoint
¶The location of the webdav server eg: https://blobstore.com
- Default
""
username
¶The basic auth user that CC uses to connect to the admin endpoint on webdav
- Default
""
buildpack_cache
¶
max_body_size
¶Maximum body size for nginx
- Default
1536M
buildpacks
¶
blobstore_type
¶The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]
- Default
fog
directory_key
¶Directory (bucket) used to store buildpack blobs.
- Default
buildpacks
fog_aws_storage_options
¶Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.
- Default
{}
fog_connection
¶Fog connection properties.
gcp_retry_timeout_seconds
¶Specifies a timeout for calls against Google Cloud Storage. Only used when bucket is in Google Cloud and access method is through Google service account.
- Default
10
max_body_size
¶Maximum body size for nginx
- Default
1536M
s3_debug_log_level
¶Specifies log level for low-level S3 logging. Valid values are: LogDebug, LogDebugWithSigning, LogDebugWithHTTPBody, LogDebugWithRequestRetries, LogDebugWithRequestErrors
- Default
""
webdav_config
¶
ca_cert
¶The ca cert to use when communicating with webdav
password
¶The basic auth password that CC uses to connect to the admin endpoint on webdav
- Default
""
private_endpoint
¶The location of the webdav server eg: https://blobstore.internal
- Default
https://blobstore.service.cf.internal
public_endpoint
¶The location of the webdav server eg: https://blobstore.com
- Default
""
username
¶The basic auth user that CC uses to connect to the admin endpoint on webdav
- Default
""
cc_updates
¶
ca_cert
¶PEM-encoded CA certificate for secure, mutually authenticated TLS communication
cc_url
¶CloudController endpoint for sending package status updates
- Default
https://cloud-controller-ng.service.cf.internal:9023/internal/v4/packages
client_cert
¶PEM-encoded certificate for secure, mutually authenticated TLS communication
client_key
¶PEM-encoded key for secure, mutually authenticated TLS communication
droplets
¶
blobstore_type
¶The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]
- Default
fog
directory_key
¶Directory (bucket) used to store droplet blobs.
- Default
droplets
fog_aws_storage_options
¶Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.
- Default
{}
fog_connection
¶Fog connection properties.
gcp_retry_timeout_seconds
¶Specifies a timeout for calls against Google Cloud Storage. Only used when bucket is in Google Cloud and access method is through Google service account.
- Default
10
max_body_size
¶Maximum body size for nginx
- Default
1536M
s3_debug_log_level
¶Specifies log level for low-level S3 logging. Valid values are: LogDebug, LogDebugWithSigning, LogDebugWithHTTPBody, LogDebugWithRequestRetries, LogDebugWithRequestErrors
- Default
""
webdav_config
¶
ca_cert
¶The ca cert to use when communicating with webdav
password
¶The basic auth password that CC uses to connect to the admin endpoint on webdav
- Default
""
private_endpoint
¶The location of the webdav server eg: https://blobstore.internal
- Default
https://blobstore.service.cf.internal
public_endpoint
¶The location of the webdav server eg: https://blobstore.com
- Default
""
username
¶The basic auth user that CC uses to connect to the admin endpoint on webdav
- Default
""
logging
¶
level
¶Log level for bits-service. See Steno logger for details.
- Default
debug
max_body_size
¶Maximum body size for nginx
- Default
1536M
packages
¶
blobstore_type
¶The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]
- Default
fog
directory_key
¶Directory (bucket) used to store package blobs.
- Default
packages
fog_aws_storage_options
¶Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.
- Default
{}
fog_connection
¶Fog connection properties.
gcp_retry_timeout_seconds
¶Specifies a timeout for calls against Google Cloud Storage. Only used when bucket is in Google Cloud and access method is through Google service account.
- Default
10
max_body_size
¶Maximum body size for nginx
- Default
1536M
s3_debug_log_level
¶Specifies log level for low-level S3 logging. Valid values are: LogDebug, LogDebugWithSigning, LogDebugWithHTTPBody, LogDebugWithRequestRetries, LogDebugWithRequestErrors
- Default
""
webdav_config
¶
ca_cert
¶The ca cert to use when communicating with webdav
password
¶The basic auth password that CC uses to connect to the admin endpoint on webdav
- Default
""
private_endpoint
¶The location of the webdav server eg: https://blobstore.internal
- Default
https://blobstore.service.cf.internal
public_endpoint
¶The location of the webdav server eg: https://blobstore.com
- Default
""
username
¶The basic auth user that CC uses to connect to the admin endpoint on webdav
- Default
""
private_endpoint
¶Private endpoint for the Bits Service. Does not include URI scheme.
proxy_get_requests
¶When set to true, GET requests get proxied through Bits-Service and not redirected to the backend blobstore (such as S3)
- Default
false
public_endpoint
¶Public endpoint for the Bits Service. Does not include URI scheme.
secret
¶The secret used for signing URLs. Deprecated: Use active_signing_key and alternative_signing_keys instead and use client side signed URLs through the provided bits_service_active_signing_key BOSH links.
signing_users
¶List of Username and Password pairs that are allowed to sign urls. Cloud Controller must use one of these to access the /sign endpoint via HTTP Basic Auth.
- Example
|+ signing_users: - username: user1 password: password1 - username: user2 password: password2
tls
¶
cert
¶The TLS server certificate
key
¶The TLS server private key
port
¶Post for https endpoint
- Default
443
request_timeout_in_seconds
¶
Timeout for requests in seconds.
- Default
900
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/bits-service/
directory
(learn more).
bin/bits-service_ctl
(frombits-service_ctl.erb
)bin/blobstore_waiter.sh
(fromblobstore_waiter.sh.erb
)bin/dashboard
(fromdashboard.erb
)bin/dns_health_check
(fromdns_health_check.erb
)bin/syslog_utils.sh
(fromsyslog_utils.sh.erb
)config/bits_config.yml
(frombits_config.yml.erb
)config/certs/app_stash_ca_cert.pem
(fromapp_stash_ca_cert.pem.erb
)config/certs/bits_tls.crt
(frombits_tls.crt.erb
)config/certs/bits_tls.key
(frombits_tls.key.erb
)config/certs/buildpacks_ca_cert.pem
(frombuildpacks_ca_cert.pem.erb
)config/certs/droplets_ca_cert.pem
(fromdroplets_ca_cert.pem.erb
)config/certs/mutual_ca_cert.pem
(frommutual_ca_cert.pem.erb
)config/certs/mutual_client_cert.pem
(frommutual_client_cert.pem.erb
)config/certs/mutual_client_key.pem
(frommutual_client_key.pem.erb
)config/certs/packages_ca_cert.pem
(frompackages_ca_cert.pem.erb
)config/signing_users
(fromsigning_users.erb
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.