broker job from on-demand-service-broker/0.43.0
Github source:
66edbe9
or
master branch
Properties¶
bosh
¶
authentication
¶
basic
¶
password
¶BOSH director password
username
¶BOSH director username
uaa
¶
client_id
¶UAA client ID
client_secret
¶UAA client secret
root_ca_cert
¶Bosh Director Root CA certificate for broker to trust (optional)
url
¶BOSH URL
bosh_credhub_api
¶
authentication
¶
uaa
¶
client_credentials
¶client_id
¶ID of UAA client with permissions to read and write to BOSH CredHub
client_secret
¶Secret of UAA client with permissions to read and write to BOSH CredHub
root_ca_cert
¶Public certificate of root certificate authority used to sign BOSH CredHub’s certificate. Used to authenticate the service.
url
¶Full URL of BOSH CredHub service
cf
¶
authentication
¶(Deprecated) UAA authentication object. See cf.uaa.
root_ca_cert
¶CF Root CA certificate for broker to trust (optional)
uaa
¶
authentication
¶
client_credentials
¶client_id
¶UAA client ID with cloud_controller.read authority
client_secret
¶UAA client secret
user_credentials
¶password
¶CF Admin password
username
¶CF Admin username
client_definition
¶Client to be created by the broker during provision. See example below for valid fields.
- Example
|+ scopes: <comma separated list of scopes> resource_ids: <comma separated list of resource ids> authorized_grant_types: <comma separated list of grant types> authorities: <comma separated list of authorities> name: <name>
url
¶UAA URL for Cloud Foundry
url
¶CF API URL
disable_bosh_configs
¶
Deactivate the feature where when a service adapter returns BOSH configs, ODB applies the configs to BOSH
- Default
false
disable_cf_startup_checks
¶
- Default
false
disable_ssl_cert_verification
¶
Disable SSL certificate verification by the broker when communicating with any CF component. DO NOT USE IN PRODUCTION
- Default
false
enable_plan_schemas
¶
If the service adapter supports service plan schemas and you would like the schema to appear in the service catalog, set this flag to true
- Default
false
enable_secure_manifests
¶
Allow ODB to read and write service instance secrets using the BOSH CredHub. Required for removing plain text secrets from service instance manifests.
- Default
false
enable_telemetry
¶
Enables telemetry logging when set to true. If true, broker id must be set.
- Default
false
expose_operational_errors
¶
The On Demand Broker will return BOSH errors to the platform when a failure occurs
- Default
false
password
¶
Broker basic auth password
port
¶
Port for the broker
- Default
8080
secure_binding_credentials
¶
authentication
¶
uaa
¶
ca_cert
¶Internal UAA certificate
client_id
¶UAA client id for secure binding credential authentication
client_secret
¶UAA client secret for secure binding credential authentication
enabled
¶Flag to activate secure binding
- Default
false
service_adapter
¶
mount_paths
¶Filesystem paths to be mounted for use by the service adapter. This should include the paths to any config files.
- Default
[]
path
¶The path to the service adapter binary located on the host with the broker
- Default
/var/vcap/packages/odb-service-adapter/bin/service-adapter
service_catalog
¶
bindable
¶is service bindable?
dashboard_client
¶client ID for dashboard
global_properties
¶properties applied to every plan. if in conflict, plan properties take precedence
global_quotas
¶
resource_limits
¶deprecated property
- Default
{}
resources
¶hash of resources that will be verified when provisioned by on-demand broker. A resource object contains “limit” as integer.
- Default
{}- Example
global_quotas: resources: any_resource_name: limit: 10
service_instance_limit
¶the maximum number of instances that may be provisioned by on-demand broker
id
¶service ID for CF marketplace
maintenance_info
¶
description
¶maintenance information description of the impact of the maintenance update for all plans. See https://github.com/openservicebrokerapi/servicebroker/blob/master/spec.md#maintenance-info-object
private
¶maintenance information to be returned as a single hashed string in the service catalog for all plans
- Default
{}
public
¶maintenance information to be returned as plain text in the service catalog for all plans
- Default
{}
version
¶maintenance information version for all plans. See https://github.com/openservicebrokerapi/servicebroker/blob/master/spec.md#maintenance-info-object
- Example
1.2.3
metadata
¶service metadata - accepts arbitrary key / value pairs
display_name
¶apps manager display name
- Default
""
documentation_url
¶apps manager documentation url
- Default
""
image_url
¶apps manager image url
- Default
""
long_description
¶apps manager long description
- Default
""
provider_display_name
¶apps manager provider display name
- Default
""
shareable
¶is service shareable?
- Default
false
support_url
¶apps manager support url
- Default
""
plan_updatable
¶are plan migrations allowed?
plans
¶the service plans to be presented to Cloud Foundry
requires
¶string array of permissions required by broker
- Default
[]
service_description
¶service description for CF marketplace
service_name
¶service offering for CF marketplace
tags
¶string array of tags for catalog
- Default
[]
service_deployment
¶
releases
¶releases to deploy for each instance
stemcell
¶
os
¶stemcell OS to use for every job in the service deployment
version
¶stemcell version to use for every job in the service deployment
stemcells
¶stemcells to deploy for each instance
- Default
[]- Example
- os: ubuntu version: 1234
service_instances_api
¶
authentication
¶
basic
¶
password
¶HTTP basic auth password for connections to service instances API provider
username
¶HTTP basic auth username for connections to service instances API provider
disable_ssl_cert_verification
¶Disable SSL certificate verification by the broker when communicating with Service Instances API.
- Default
false
root_ca_cert
¶root CA cert to validate TLS connection to service instances API provider
url
¶service instances API provider URL
shutdown_timeout_in_seconds
¶
In seconds, allow the broker to close open connections before shutting down
- Default
60
startup_banner
¶
- Default
false
support_backup_agent_binding
¶
If the service adapter supports backup agent URL bindings, set this flag to true
- Default
false
tls
¶
certificate
¶a server certificate for the broker to use
private_key
¶the matching private key
use_stdin
¶
Pass arguments to service adapter over standard input instead of as command line arguments. Requires a compatible service adapter.
- Default
true
username
¶
Broker basic auth username
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/broker/
directory
(learn more).
bin/drain
(fromdrain.sh.erb
)bin/post-start
(frompost-start.erb
)config/bpm.yml
(frombpm.yml.erb
)config/broker.yml
(frombroker.yml.erb
)config/indicators.yml
(fromindicators.yml.erb
)certs/broker.crt
(frombroker.crt.erb
)certs/broker.key
(frombroker.key.erb
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.