director job from bosh/190
Github source:
e6ccd171
or
master branch
Properties¶
agent
¶
blobstore
¶
access_key_id
¶AWS access_key_id for agent used by s3 blobstore plugin
address
¶Address for agent to connect to blobstore server used by simple blobstore plugin
host
¶Host of blobstore server used by simple blobstore plugin
port
¶Port for agent to connect to blobstore server used by simple blobstore plugin
s3_force_path_style
¶Whether s3 blobstore plugin will always use path style for bucket access
- Default
false
s3_multipart_threshold
¶Byte threshold at which blob uploads should be broken into multi-part FORM uploads instead of single PUT
- Default
1.6777216e+07
secret_access_key
¶AWS secret_access_key for agent used by s3 blobstore plugin
ssl_verify_peer
¶Verify the SSL certificate used on the blobstore?
- Default
true
use_ssl
¶Whether the simple blobstore plugin should use SSL to connect to the blobstore server
- Default
true
nats
¶
address
¶Address for agent to connect to nats
aws
¶
access_key_id
¶AWS access_key_id for aws cpi
default_key_name
¶Default ssh keypair used by aws cpi when creating vms
default_security_groups
¶Default security group used by aws cpi
ec2_endpoint
¶The service endpoint for Amazon EC2 (optional, if not supplied default region endpoint will be used)
elb_endpoint
¶The service endpoint for Amazon Elastic Load Balancing (optional, if not supplied default region endpoint will be used)
http_read_timeout
¶The number of seconds before the aws cpi should timeout while waiting for response
- Default
60
http_wire_trace
¶When true aws cpi will log all wire traces
- Default
false
max_retries
¶Max number of retries to connect to AWS
- Default
2
region
¶AWS Region used by aws cpi
secret_access_key
¶AWS secret_access_key for aws cpi
ssl_ca_file
¶The path to a CA cert bundle in PEM format
ssl_ca_path
¶The path the a CA cert directory
ssl_verify_peer
¶When true the HTTP handler validate server certificates for HTTPS requests
stemcell
¶
kernel_id
¶AWS kernel id used by aws cpi
blobstore
¶
access_key_id
¶AWS access_key_id used by s3 blobstore plugin
address
¶Address of blobstore server used by simple blobstore plugin
agent
¶
password
¶Password agent uses to connect to blobstore used by simple blobstore plugin
user
¶Username agent uses to connect to blobstore used by simple blobstore plugin
bucket_name
¶AWS S3 Bucket used by s3 blobstore plugin
director
¶
password
¶Password director uses to connect to blobstore used by simple blobstore plugin
user
¶Username director uses to connect to blobstore used by simple blobstore plugin
host
¶Host of blobstore server used by simple blobstore plugin
port
¶Port of blobstore server used by simple blobstore plugin
- Default
25250
provider
¶Provider of the blobstore used by director and agent (dav|simple|s3)
- Default
dav
s3_force_path_style
¶Whether s3 blobstore plugin will always use path style for bucket access
- Default
false
s3_multipart_threshold
¶Byte threshold at which blob uploads should be broken into multi-part FORM uploads instead of single PUT
- Default
1.6777216e+07
s3_port
¶Port of blobstore server used by s3 blobstore plugin
- Default
443
secret_access_key
¶AWS secret_access_key used by s3 blobstore plugin
ssl_verify_peer
¶Verify the SSL certificate used on the blobstore?
- Default
true
use_ssl
¶Whether the simple blobstore plugin should use SSL to connect to the blobstore server
- Default
true
compiled_package_cache
¶
options
¶
access_key_id
¶AWS access_key_id used for the compiled package cache
bucket_name
¶AWS S3 Bucket used for the compiled package cache
container_name
¶Name of the container
host
¶Host of blobstore server used for compiled package cache
hp_access_key
¶HP Object Storage Access Key
hp_avl_zone
¶HP Object Storage Availability Zone (region-a.geo-1 or region-b.geo-1)
hp_secret_key
¶HP Object Storage Secret Key
hp_tenant_id
¶HP Object Storage Project ID
openstack_api_key
¶OpenStack API key
openstack_auth_url
¶URL of the OpenStack Identity endpoint to connect to
openstack_region
¶OpenStack region (optional)
openstack_tenant
¶OpenStack tenant name
openstack_username
¶OpenStack user name
port
¶Port of blobstore server used for compiled package cache
- Default
25250
rackspace_api_key
¶Rackspace Cloud Files API Key
rackspace_region
¶Rackspace Cloud Files Region (optional, dfw or ord)
rackspace_username
¶Rackspace Cloud Files Username
s3_force_path_style
¶Whether s3 blobstore plugin will always use path style for bucket access
- Default
false
s3_multipart_threshold
¶Byte threshold at which blob uploads should be broken into multi-part FORM uploads instead of single PUT
- Default
1.6777216e+07
s3_port
¶Port of blobstore server used by s3 blobstore plugin
- Default
443
secret_access_key
¶AWS secret_access_key used for the compiled package cache
ssl_verify_peer
¶Verify the SSL certificate used on the blobstore?
- Default
true
swift_provider
¶OpenStack Swift provider (supported providers are hp, openstack and rackspace)
use_ssl
¶Whether the simple blobstore plugin should use SSL to connect to the blobstore server
- Default
true
provider
¶Provider of the blobstore used for the compiled package cache
- Default
s3
director
¶
auto_fix_stateful_nodes
¶Enable/Disable auto resolution for stateful nodes for scan_and_fix (true|false)
- Default
true
backend_port
¶Port that the director listens on
- Default
25556
backup_destination
¶Configuration of the blobstore used by director for backups (dav|simple|s3)
backup_schedule
¶RufusScheduler cron formatted schedule for backups
cpi_job
¶Name of cpi job (null to use bundled cpi gems)
db
¶
adapter
¶The type of database used
- Default
postgres
connection_options
¶Additional options for the database
- Default
max_connections: 32 pool_timeout: 10
database
¶Name of the director database
- Default
bosh
host
¶Address of the director database
password
¶Password used for the director database
port
¶Port of the director database
- Default
5432
user
¶Username used for the director database
- Default
bosh
enable_snapshots
¶Enable/Disable snapshots for persistent disks (true|false)
- Default
false
encryption
¶Enable/Disable agent-director encryption (true|false)
- Default
false
env
¶
http_proxy
¶HTTP proxy that the director, scheduler and workers should use
https_proxy
¶HTTPS proxy that the director, scheduler and workers should use
no_proxy
¶List of comma-separated hosts that should skip connecting to the proxy in the director, scheduler and workers
max_tasks
¶Max number of tasks to keep in disk
- Default
500
max_threads
¶Max number of director concurrent threads
- Default
32
max_upload_size
¶Max allowed file size for upload
- Default
10000m
max_vm_create_tries
¶Max retries when creating VMs
- Default
5
name
¶Name of the director
nginx
¶
ssl_ciphers
¶List of SSL ciphers to allow (format: https://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT)
- Default
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
ssl_prefer_server_ciphers
¶Prefer server’s cipher priority instead of client’s (true for On, false for Off)
- Default
true
ssl_protocols
¶SSL/TLS protocols to allow
- Default
TLSv1 TLSv1.1 TLSv1.2
workers
¶Number of nginx workers for director
- Default
2
port
¶Port that the director nginx listens on
- Default
25555
proxy_timeout
¶Timeout for proxy connection from nginx to director
- Default
900
self_snapshot_schedule
¶RufusScheduler cron formatted schedule for self snapshots
- Default
0 0 6 * * * UTC
snapshot_schedule
¶RufusScheduler cron formatted schedule for snapshots
- Default
0 0 7 * * * UTC
ssl
¶
cert
¶SSL Certificate for director (PEM encoded)
key
¶SSL private key for director (PEM encoded)
timeout
¶Timeout for connection from bosh CLI to nginx
- Default
7200
trusted_certs
¶Cerfiticates that VMs created by this director should trust in addition to those packaged with the stemcell (PEM encoded; zero or more certs allowed)
- Default
""
user_management
¶
local
¶
users
¶List of users that can authenticate with director in non-Uaa mode
provider
¶User management implementation (local|uaa)
- Default
local
uaa
¶
public_key
¶Public key to verify Uaa token when token is encoded with asymmetric encryption
symmetric_key
¶Symmetric key to verify Uaa token
url
¶Uaa URL
dns
¶
address
¶Address of the powerdns server
db
¶
adapter
¶DNS Database adapter
- Default
postgres
connection_options
¶Additional options for the powerdns database
- Default
max_connections: 32 pool_timeout: 10
database
¶Name of the powerdns database
- Default
bosh
host
¶DNS Database host
password
¶DNS Database password
port
¶Port that the powerdns database listens on
- Default
5432
user
¶DNS Database user
- Default
bosh
domain_name
¶TLD of the dns zone used by bosh
- Default
bosh
nats
¶
address
¶Address of the nats server
password
¶Password to connect to nats with
port
¶Port that the nats server listens on
- Default
4222
user
¶Username to connect to nats with
- Default
nats
ntp
¶
List of ntp server IPs. pool.ntp.org attempts to return IPs closest to your location, but you can still specify if needed.
- Default
- 0.pool.ntp.org - 1.pool.ntp.org
openstack
¶
api_key
¶OpenStack API key
auth_url
¶URL of the OpenStack Identity endpoint to connect to
boot_from_volume
¶Boot from volume (optional, false by default)
- Default
false
boot_volume_cloud_properties
¶
type
¶Volume type for the boot volume (optional)
config_drive
¶Config drive device (cdrom or disk) to use as metadata service on OpenStack (optional, nil by default)
connection_options
¶Hash containing optional connection parameters to the OpenStack API
default_key_name
¶Default OpenStack keypair to use when spinning up new vms
default_security_groups
¶Default OpenStack security groups to use when spinning up new vms
endpoint_type
¶OpenStack endpoint type (optional, by default publicURL)
- Default
publicURL
ignore_server_availability_zone
¶When creating disks do not use the servers AZ, default to openstack default
- Default
false
region
¶OpenStack region (optional)
state_timeout
¶Timeout (in seconds) for OpenStack resources desired state (optional, by default 300)
- Default
300
stemcell_public_visibility
¶Set public visibility for stemcells (optional, false by default)
- Default
false
tenant
¶OpenStack tenant name
use_dhcp
¶Whether to use DHCP when configuring networking on VM (for both manual and dynamic)
- Default
true
username
¶OpenStack user name
wait_resource_poll_interval
¶Changes the delay (in seconds) between each status check to OpenStack when creating a resource (optional, by default 5)
- Default
5
redis
¶
address
¶Address of the redis server
loglevel
¶Level of log messages for Redis connections (fatal, error, warn, info, debug)
- Default
info
password
¶Password of the redis server
port
¶Port that the redis server listens on
- Default
25255
registry
¶
address
¶Address of the Registry to connect to
http
¶
password
¶Password to access the Registry
port
¶Port of the Registry to connect to
- Default
25777
user
¶User to access the Registry
vcd
¶
entities
¶
description
¶Text associated with the VMs
- Default
vcd-cf
media_catalog
¶The name of the calalog for media files
organization
¶The organization name
vapp_catalog
¶The name of the calalog for vapp template
virtual_datacenter
¶The virtual data center name in vCloud Director
vm_metadata_key
¶The key name of VM metadata
- Default
vcd-cf
password
¶The password of the target vCloud Director
url
¶The endpoint of the target vCloud Director
user
¶The user name of the target vCloud Director
vcenter
¶
address
¶Address of vCenter server used by vsphere cpi
datacenters
¶Datacenters in vCenter to use (value is an array of Hashes representing datacenters and clusters, See director.yml.erb.erb)
password
¶Password to connect to vCenter server used by vspher cpi
user
¶User to connect to vCenter server used by vsphere cpi
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/director/
directory
(learn more).
bin/director_ctl
(fromdirector_ctl.erb
)bin/drain
(fromdrain
)bin/nginx_ctl
(fromnginx_ctl
)bin/scheduler_ctl
(fromscheduler_ctl.erb
)bin/stemcell-copy
(fromstemcell-copy.sh
)bin/task_logrotate
(fromtask_logrotate.sh
)bin/worker_ctl
(fromworker_ctl.erb
)config/director.yml.erb
(fromdirector.yml.erb.erb
)config/mime.types
(frommime.types
)config/nginx.conf
(fromnginx.conf.erb
)config/ssl/director.key
(fromdirector.key.erb
)config/ssl/director.pem
(fromdirector.pem.erb
)config/sudoers
(fromsudoers
)config/task_logrotate.cron
(fromtask_logrotate.cron
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.