Skip to content

cc_deployment_updater job from capi/1.109.0

The Cloud Controller deployment updater periodically updates app deployments (experimental)

Github source: b2e53908 or master branch

Properties

cc

database_encryption

current_key_label

current key label for encrypting values in the CC database

Default
""
keys

label-key pairs for encrypting sensitive values in the CC database; labels must be < 256 characters long

Default
{}

db_encryption_key

key for encrypting sensitive values in the CC database

Default
""

db_logging_level

Level at which cc database operations will be logged if cc.log_db_queries is set to true.

Default
debug2

default_app_disk_in_mb

The default disk space an app gets

Default
1024

default_app_memory

How much memory given to an app if not specified

Default
1024

diego

bbs
connect_timeout

Connect timeout (in seconds) when talking to BBS Server

Default
10
receive_timeout

Receive timeout (in seconds) when talking to BBS Server

Default
10
send_timeout

Send timeout (in seconds) when talking to BBS Server

Default
10
url

URL of the BBS Server

Default
https://bbs.service.cf.internal:8889
cc_uploader_url

URL of cc uploader

Default
http://cc-uploader.service.cf.internal:9090
droplet_destinations

List of destination directories for different stacks

Default
  cflinuxfs3: /home/vcap
  windows: /Users/vcap
  windows2012R2: /
  windows2016: /Users/vcap
enable_declarative_asset_downloads

Enable specifying task and app asset downloads as declarative resources

Default
false
file_server_url

URL of file server

Default
http://file-server.service.cf.internal:8080
lifecycle_bundles

List of lifecycle bundles arguments for different stacks

Default
  buildpack/cflinuxfs3: buildpack_app_lifecycle/buildpack_app_lifecycle.tgz
  buildpack/windows: buildpack_app_lifecycle/buildpack_app_lifecycle.tgz
  buildpack/windows2012R2: windows_app_lifecycle/windows_app_lifecycle.tgz
  buildpack/windows2016: buildpack_app_lifecycle/buildpack_app_lifecycle.tgz
  docker: docker_app_lifecycle/docker_app_lifecycle.tgz
pid_limit

Maximum pid limit for containerized work running user-provided code

Default
1024
temporary_oci_buildpack_mode

Temporary flag to enable OCI buildpack flow. Valid values: ‘oci-phase-1’

use_privileged_containers_for_running

Whether or not to use privileged containers for running buildpack apps and tasks.

Default
false
use_privileged_containers_for_staging

Whether or not to use privileged containers for staging tasks.

Default
false

instance_file_descriptor_limit

The file descriptors made available to each app instance

Default
16384

locket

host

Hostname of the Locket server

Default
locket.service.cf.internal
port

Port of the Locket server

Default
8891

log_db_queries

Log database queries. WARNING: Setting this to true with cc.db_logging_level >= cc.logging_level will log all field values, including encrypted secrets.

Default
false

logging_level

Log level for CC. Valid levels are listed here: https://github.com/cloudfoundry/steno#log-levels.

Default
info

logging_max_retries

Passthru value for Steno logger

Default
1

maximum_app_disk_in_mb

The maximum amount of disk a user can request

Default
2048

mutual_tls

ca_cert

PEM-encoded CA certificate for secure, mutually authenticated TLS communication

private_key

PEM-encoded key for secure, mutually authenticated TLS communication

public_cert

PEM-encoded certificate for secure, mutually authenticated TLS communication

opi

enabled

Set to true to enable running apps on Kubernetes, using Eirini

Default
false
opi_staging

Set to true to enable staging apps on Kubernetes, using Eirini

Default
false
url

URL of the Eirini server

Default
""

readiness_port

deployment_updater

Readiness port used in k8s to check that db migrations are complete before component update

Default
-1

temporary_disable_deployments

Do not allow the API client to create app deployments (temporary)

Default
false

thresholds

api
alert_if_above_mb

The CC will alert if memory remains above this threshold for 3 monit cycles

Default
3500
restart_if_above_mb

The CC will restart if memory remains above this threshold for 3 monit cycles

Default
3750
restart_if_consistently_above_mb

The CC will restart if memory remains above this threshold for 15 monit cycles

Default
3500

ccdb

address

The address of the database server

ca_cert

The CA certificate to use when communicating with the database over SSL

connection_validation_timeout

The period in seconds after which idle connections are validated, passed directly to the Sequel gem - see http://sequel.jeremyevans.net/rdoc-plugins/files/lib/sequel/extensions/connection_validator_rb.html for details. Note that setting this to -1 results in an additional query whenever connections are checked out from the pool, which can have performance implications

Default
3600

databases

Contains the name of the database on the database server

db_scheme

The type of database being used. mysql or postgres

Default
postgres

max_connections

Maximum connections for Sequel

Default
25

max_migration_duration_in_minutes

the maximum time migrations should be allowed to run before job startup should error

Default
20160

pool_timeout

The timeout for Sequel pooled connections

Default
10

port

The port of the database server

read_timeout

The read timeout in seconds for query responses, passed directly to the Sequel gem - see https://github.com/jeremyevans/sequel/blob/master/doc/opening_databases.rdoc for details

Default
3600

roles

Users to create on the database when seeding

ssl_verify_hostname

Verify that the database SSL certificate matches the host to which the connection is attempted

Default
true

deployment_updater

update_frequency_in_seconds

How often to update deployments by rolling instances

Default
5

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/cc_deployment_updater/ directory (learn more).

  • bin/bbr/post-backup-unlock (from post-backup-unlock.sh.erb)
  • bin/bbr/post-restore-unlock (from post-restore-unlock.sh.erb)
  • bin/bbr/pre-backup-lock (from pre-backup-lock.sh.erb)
  • bin/bbr/pre-restore-lock (from pre-restore-lock.sh.erb)
  • bin/cc_deployment_updater (from bin/cc_deployment_updater.erb)
  • bin/cc_deployment_updater_ctl (from cc_deployment_updater_ctl.erb)
  • bin/console (from console.erb)
  • bin/drain (from drain.sh.erb)
  • bin/post-start (from post-start.sh.erb)
  • bin/pre-start (from pre-start.sh.erb)
  • bin/ruby_version.sh (from ruby_version.sh.erb)
  • config/bpm.yml (from bpm.yml.erb)
  • config/certs/buildpacks_ca_cert.pem (from buildpacks_ca_cert.pem.erb)
  • config/certs/copilot.crt (from copilot.crt.erb)
  • config/certs/copilot.key (from copilot.key.erb)
  • config/certs/copilot_ca.crt (from copilot_ca.crt.erb)
  • config/certs/credhub_ca.crt (from credhub_ca.crt.erb)
  • config/certs/db_ca.crt (from db_ca.crt.erb)
  • config/certs/droplets_ca_cert.pem (from droplets_ca_cert.pem.erb)
  • config/certs/mutual_tls.crt (from mutual_tls.crt.erb)
  • config/certs/mutual_tls.key (from mutual_tls.key.erb)
  • config/certs/mutual_tls_ca.crt (from mutual_tls_ca.crt.erb)
  • config/certs/packages_ca_cert.pem (from packages_ca_cert.pem.erb)
  • config/certs/resource_pool_ca_cert.pem (from resource_pool_ca_cert.pem.erb)
  • config/cloud_controller_ng.yml (from cloud_controller_ng.yml.erb)
  • config/stacks.yml (from stacks.yml.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.