Skip to content

director job from bosh/244

Github source: 98f55a5f or master branch

Properties

agent

blobstore

access_key_id

AWS access_key_id for agent used by s3 blobstore plugin

address

Address for agent to connect to blobstore server used by simple blobstore plugin

credentials_source

AWS credentials (static / env_or_profile)

Default
static
host

Host of blobstore server used by simple blobstore plugin

port

Port for agent to connect to blobstore server used by simple blobstore plugin

s3_force_path_style

Whether s3 blobstore plugin will always use path style for bucket access

Default
false
s3_multipart_threshold

Byte threshold at which blob uploads should be broken into multi-part FORM uploads instead of single PUT

Default
1.6777216e+07
s3_region

AWS region for agent used by s3 blobstore plugin

Default
us-east-1
secret_access_key

AWS secret_access_key for agent used by s3 blobstore plugin

ssl_verify_peer

Verify the SSL certificate used on the blobstore?

Default
true
use_ssl

Whether the simple blobstore plugin should use SSL to connect to the blobstore server

Default
true

nats

address

Address for agent to connect to nats

aws

access_key_id

AWS access_key_id for aws cpi

credentials_source

AWS credentials (static / env_or_profile)

Default
static

default_iam_instance_profile

Default IAM profile to be used by aws cpi

default_key_name

Default ssh keypair used by aws cpi when creating vms

default_security_groups

Default security group used by aws cpi

ec2_endpoint

The service endpoint for Amazon EC2 (optional, if not supplied default region endpoint will be used)

elb_endpoint

The service endpoint for Amazon Elastic Load Balancing (optional, if not supplied default region endpoint will be used)

http_read_timeout

The number of seconds before the aws cpi should timeout while waiting for response

Default
60

http_wire_trace

When true aws cpi will log all wire traces

Default
false

max_retries

Max number of retries to connect to AWS

Default
2

region

AWS Region used by aws cpi

secret_access_key

AWS secret_access_key for aws cpi

ssl_ca_file

The path to a CA cert bundle in PEM format

ssl_ca_path

The path the a CA cert directory

ssl_verify_peer

When true the HTTP handler validate server certificates for HTTPS requests

stemcell

kernel_id

AWS kernel id used by aws cpi

blobstore

access_key_id

AWS access_key_id used by s3 blobstore plugin

address

Address of blobstore server used by simple blobstore plugin

agent

password

Password agent uses to connect to blobstore used by simple blobstore plugin

user

Username agent uses to connect to blobstore used by simple blobstore plugin

bucket_name

AWS S3 Bucket used by s3 blobstore plugin

credentials_source

AWS Credential Source (static / env_or_profile)

Default
static

director

password

Password director uses to connect to blobstore used by simple blobstore plugin

user

Username director uses to connect to blobstore used by simple blobstore plugin

host

Host of blobstore server used by simple blobstore plugin

port

Port of blobstore server used by simple blobstore plugin

Default
25250

provider

Provider of the blobstore used by director and agent (dav|simple|s3)

Default
dav

s3_force_path_style

Whether s3 blobstore plugin will always use path style for bucket access

Default
false

s3_multipart_threshold

Byte threshold at which blob uploads should be broken into multi-part FORM uploads instead of single PUT

Default
1.6777216e+07

s3_port

Port of blobstore server used by s3 blobstore plugin

Default
443

s3_region

Region of the blobstore used by s3 blobstore plugin

Default
us-east-1

secret_access_key

AWS secret_access_key used by s3 blobstore plugin

ssl_verify_peer

Verify the SSL certificate used on the blobstore?

Default
true

use_ssl

Whether the simple blobstore plugin should use SSL to connect to the blobstore server

Default
true

compiled_package_cache

options

access_key_id

AWS access_key_id used for the compiled package cache

bucket_name

AWS S3 Bucket used for the compiled package cache

credentials_source

AWS credentials (static / env_or_profile)

Default
static
host

Host of blobstore server used for compiled package cache

port

Port of blobstore server used for compiled package cache

Default
25250
s3_force_path_style

Whether s3 blobstore plugin will always use path style for bucket access

Default
false
s3_multipart_threshold

Byte threshold at which blob uploads should be broken into multi-part FORM uploads instead of single PUT

Default
1.6777216e+07
s3_port

Port of blobstore server used by s3 blobstore plugin

Default
443
secret_access_key

AWS secret_access_key used for the compiled package cache

ssl_verify_peer

Verify the SSL certificate used on the blobstore?

Default
true
use_ssl

Whether the simple blobstore plugin should use SSL to connect to the blobstore server

Default
true

provider

Provider of the blobstore used for the compiled package cache

Default
s3

director

auto_fix_stateful_nodes

Enable/Disable auto resolution for stateful nodes for scan_and_fix (true|false)

Default
true

backend_port

Port that the director listens on

Default
25556

backup_destination

Configuration of the blobstore used by director for backups (dav|simple|s3)

backup_schedule

RufusScheduler cron formatted schedule for backups

cpi_job

Name of cpi job (null to use bundled cpi gems)

db

adapter

The type of database used (mysql2|postgres|sqlite)

Default
postgres
connection_options

Additional options for the database

Default
  max_connections: 32
  pool_timeout: 10
database

Name of the director database

Default
bosh
host

Address of the director database, for example, in the case of AWS RDS: rds-instance-name.coqxxxxxxxxx.us-east-1.rds.amazonaws.com

Default
127.0.0.1
password

Password used for the director database

port

Port of the director database (e.g, msyql2 adapter would generally use 3306)

Default
5432
user

Username used for the director database

Default
bosh

debug

keep_unreachable_vms

When a bosh deploy fails, the failed VM will be kept instead of destroyed

Default
false

default_ssh_options

gateway_host

Default host to use as ssh gateway with bosh ssh command

gateway_user

Default user to use with bosh ssh command

Default
vcap

disks

cleanup_schedule

RufusScheduler cron formatted schedule for cleanup of orphaned disks and orphaned snapshots

Default
0 0,30 * * * * UTC
max_orphaned_age_in_days

Days to keep orphaned disks and orhaned snapshots before cleanup

Default
5

enable_snapshots

Enable/Disable snapshots for persistent disks (true|false)

Default
false

encryption

Enable/Disable agent-director encryption (true|false)

Default
false

env

http_proxy

HTTP proxy that the director, scheduler and workers should use

https_proxy

HTTPS proxy that the director, scheduler and workers should use

no_proxy

List of comma-separated hosts that should skip connecting to the proxy in the director, scheduler and workers

ignore_missing_gateway

Allow gateway to be omitted from subnet configuration. Boshlite vms(containers) do not require gateway.

Default
false

max_tasks

Max number of tasks to keep in disk

Default
500

max_threads

Max number of director concurrent threads

Default
32

max_upload_size

Max allowed file size for upload

Default
10000m

max_vm_create_tries

Max retries when creating VMs

Default
5

name

Name of the director

nginx

ssl_ciphers

List of SSL ciphers to allow (format: https://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT)

Default
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
ssl_prefer_server_ciphers

Prefer server’s cipher priority instead of client’s (true for On, false for Off)

Default
true
ssl_protocols

SSL/TLS protocols to allow

Default
TLSv1 TLSv1.1 TLSv1.2
workers

Number of nginx workers for director

Default
2

port

Port that the director nginx listens on

Default
25555

proxy_timeout

Timeout for proxy connection from nginx to director

Default
900

self_snapshot_schedule

RufusScheduler cron formatted schedule for self snapshots

Default
0 0 6 * * * UTC

snapshot_schedule

RufusScheduler cron formatted schedule for snapshots

Default
0 0 7 * * * UTC

ssl

cert

SSL Certificate for director (PEM encoded)

key

SSL private key for director (PEM encoded)

timeout

Timeout for connection from bosh CLI to nginx

Default
7200

trusted_certs

Cerfiticates that VMs created by this director should trust in addition to those packaged with the stemcell (PEM encoded; zero or more certs allowed)

Default
""

user_management

local
users

List of users that can authenticate with director in non-Uaa mode

provider

User management implementation (local|uaa)

Default
local
uaa
public_key

Public key to verify Uaa token when token is encoded with asymmetric encryption

symmetric_key

Symmetric key to verify Uaa token

url

Uaa URL

dns

address

Address of the powerdns server

db

adapter

DNS Database adapter

Default
postgres
connection_options

Additional options for the powerdns database

Default
  max_connections: 32
  pool_timeout: 10
database

Name of the powerdns database

Default
bosh
host

DNS Database host

Default
127.0.0.1
password

DNS Database password

port

Port that the powerdns database listens on

Default
5432
user

DNS Database user

Default
bosh

domain_name

TLD of the dns zone used by bosh

Default
bosh

nats

address

Address of the nats server

password

Password to connect to nats with

port

Port that the nats server listens on

Default
4222

user

Username to connect to nats with

Default
nats

ntp

List of ntp server IPs. pool.ntp.org attempts to return IPs closest to your location, but you can still specify if needed.

Default
  - 0.pool.ntp.org
  - 1.pool.ntp.org

openstack

api_key

OpenStack API key

auth_url

URL of the OpenStack Identity endpoint to connect to

boot_from_volume

Boot from volume (optional, false by default)

Default
false

boot_volume_cloud_properties

type

Volume type for the boot volume (optional)

config_drive

Config drive device (cdrom or disk) to use as metadata service on OpenStack (optional, nil by default)

connection_options

Hash containing optional connection parameters to the OpenStack API

default_key_name

Default OpenStack keypair to use when spinning up new vms

default_security_groups

Default OpenStack security groups to use when spinning up new vms

domain

OpenStack domain (required for Keystone API version 3)

endpoint_type

OpenStack endpoint type (optional, by default publicURL)

Default
publicURL

ignore_server_availability_zone

When creating disks do not use the servers AZ, default to openstack default

Default
false

project

OpenStack project name (required for Keystone API version 3)

region

OpenStack region (optional)

state_timeout

Timeout (in seconds) for OpenStack resources desired state (optional, by default 300)

Default
300

stemcell_public_visibility

Set public visibility for stemcells (optional, false by default)

Default
false

tenant

OpenStack tenant name (required for Keystone API version 2)

use_dhcp

Whether to use DHCP when configuring networking on VM (for both manual and dynamic)

Default
true

username

OpenStack user name

wait_resource_poll_interval

Changes the delay (in seconds) between each status check to OpenStack when creating a resource (optional, by default 5)

Default
5

redis

address

Address of the redis server

Default
127.0.0.1

loglevel

Level of log messages for Redis connections (fatal, error, warn, info, debug)

Default
info

password

Password of the redis server

port

Port that the redis server listens on

Default
25255

registry

address

Address of the Registry to connect to

http

password

Password to access the Registry

port

Port of the Registry to connect to

Default
25777
user

User to access the Registry

vcd

entities

description

Text associated with the VMs

Default
vcd-cf
media_catalog

The name of the calalog for media files

organization

The organization name

vapp_catalog

The name of the calalog for vapp template

virtual_datacenter

The virtual data center name in vCloud Director

vm_metadata_key

The key name of VM metadata

Default
vcd-cf

password

The password of the target vCloud Director

url

The endpoint of the target vCloud Director

user

The user name of the target vCloud Director

vcenter

address

Address of vCenter server used by vsphere cpi

datacenters

Datacenters in vCenter to use (value is an array of Hashes representing datacenters and clusters, See director.yml.erb.erb)

password

Password to connect to vCenter server used by vspher cpi

user

User to connect to vCenter server used by vsphere cpi

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/director/ directory (learn more).

  • bin/director_ctl (from director_ctl.erb)
  • bin/drain (from drain)
  • bin/nginx_ctl (from nginx_ctl)
  • bin/scheduler_ctl (from scheduler_ctl.erb)
  • bin/stemcell-copy (from stemcell-copy.sh)
  • bin/task_logrotate (from task_logrotate.sh)
  • bin/worker_ctl (from worker_ctl.erb)
  • config/director.yml.erb (from director.yml.erb.erb)
  • config/mime.types (from mime.types)
  • config/nginx.conf (from nginx.conf.erb)
  • config/ssl/director.key (from director.key.erb)
  • config/ssl/director.pem (from director.pem.erb)
  • config/sudoers (from sudoers)
  • config/task_logrotate.cron (from task_logrotate.cron)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.