nats-tls job from nats/36

TLS-secured NATS server providing a publish-subscribe messaging system for Cloud Foundry components.

Github source: da71b27 or master branch

Properties¶

`nats`¶

authorization_timeout¶

After accepting a connection, wait up to this many seconds for credentials.
Default
15
cluster_port¶

The port for the NATS servers to communicate with other servers in the cluster.
Default
4225
debug¶

Enable debug logging output.
Default
false
external¶

tls¶

ca¶

Certificate of the CA for publisher/subscriber traffic. In PEM format.

certificate¶

Certificate for publisher/subscriber traffic. In PEM format.

private_key¶

Private key for publisher/subscriber traffic. In PEM format.

hostname¶

Hostname for nats cluster. Set this to the value of your bosh-dns-alias. See example-manifests/ops-files/enable_nats_tls_for_cf.yml for an example.

internal¶
tls¶
ca¶

Certificate of the CA for cluster-internal traffic. In PEM format.

certificate¶

Certificate for cluster-internal traffic. In PEM format.

enabled¶

Enable mutually authenticated TLS for NATS cluster-internal traffic.
Default
false
private_key¶

Private key for cluster-internal traffic. In PEM format.
machines¶

IP of each NATS cluster member.

monitor_port¶

Port for varz and connz monitoring. 0 means disabled.
Default
0
no_advertise¶

When configured to true, this nats server will not be advertised to any nats clients.
Default
true
password¶

Password for server authentication.

port¶

The port for the NATS server to listen on.
Default
4224
prof_port¶

Port for pprof. 0 means disabled.
Default
0
trace¶

Enable trace logging output.
Default
false
user¶

Username for server authentication.

Templates¶

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/nats-tls/ directory (learn more).

bin/pre-start (from pre-start.erb)
config/bpm.yml (from bpm.erb.yml)
config/external_tls/ca.pem (from external_tls/ca.pem.erb)
config/external_tls/certificate.pem (from external_tls/certificate.pem.erb)
config/external_tls/private_key.pem (from external_tls/private_key.pem.erb)
config/internal_tls/ca.pem (from internal_tls/ca.pem.erb)
config/internal_tls/certificate.pem (from internal_tls/certificate.pem.erb)
config/internal_tls/private_key.pem (from internal_tls/private_key.pem.erb)
config/nats-tls.conf (from nats-tls.conf.erb)

Packages¶

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.

gnatsd

nats-tls job from nats/36

Properties¶

`nats`¶

`authorization_timeout`¶

`cluster_port`¶

`debug`¶

`external`¶

`tls`¶

`ca`¶

`certificate`¶

`private_key`¶

`hostname`¶

`internal`¶

`tls`¶

`ca`¶

`certificate`¶

`enabled`¶

`private_key`¶

`machines`¶

`monitor_port`¶

`no_advertise`¶

`password`¶

`port`¶

`prof_port`¶

`trace`¶

`user`¶

Templates¶

Packages¶

nats-tls job from nats/36

Properties¶

nats¶

authorization_timeout¶

cluster_port¶

debug¶

external¶

tls¶

ca¶

certificate¶

private_key¶

hostname¶

internal¶

tls¶

ca¶

certificate¶

enabled¶

private_key¶

machines¶

monitor_port¶

no_advertise¶

password¶

port¶

prof_port¶

trace¶

user¶

Templates¶

Packages¶

`nats`¶

`authorization_timeout`¶

`cluster_port`¶

`debug`¶

`external`¶

`tls`¶

`ca`¶

`certificate`¶

`private_key`¶

`hostname`¶

`internal`¶

`tls`¶

`ca`¶

`certificate`¶

`enabled`¶

`private_key`¶

`machines`¶

`monitor_port`¶

`no_advertise`¶

`password`¶

`port`¶

`prof_port`¶

`trace`¶

`user`¶