Skip to content

routing-api job from routing/0.190.0

Github source: d2b420e or master branch

Properties

dns_health_check_host

Host to ping for confirmation of DNS resolution

Default
uaa.service.cf.internal

metron

port

The port used to emit dropsonde messages to the Metron agent.

Default
3457

release_level_backup

Include routing api database in backup and restore operations

Default
false

routing_api

admin_port

Local port to listen on with admin endpoint (used for backup/restore locking)

Default
15897

auth_disabled

Disables UAA authentication

Default
false

clients

OAuth client ids and secrets provided via link to jobs in other BOSH deployments that need to read and/or write to Routing API. These clients must be configured in UAA via API or using the property uaa.clients with the desired scopes. For a list of scopes supported see https://github.com/cloudfoundry-incubator/routing-api/blob/master/docs/api_docs.md. Jobs consuming the link should use these credentials to fetch a token from UAA with which to authenticate with Routing API.

Example
cfcr_routing_api_client:
  secret: ((uaa_clients_cfcr_routing_api_client_secret))

debug_address

Address at which to serve debug info

Default
127.0.0.1:17002

enabled_api_endpoints

Protocols that the routing api will listen on. Possible values: ‘mtls’, or ‘both’ (mTLS + HTTP)

Default
both

lock_retry_interval

interval to wait before retrying a failed lock acquisition

Default
5s

lock_ttl

TTL for service lock

Default
10s

locket

api_location

Hostname and port of the Locket server. Used to obtain a lock so only one instance of Routing API is active at a time.

ca_cert

CA cert for the Locket server.

Default
""
client_cert

Client cert for the Locket server.

Default
""
client_key

Client key for the Locket server.

Default
""

log_level

Log level

Default
info

max_ttl

String representing the maximum TTL a client can request for route registration.

Default
120s

metrics_reporting_interval

String representing interval for reporting the following metrics: total_http_subscriptions, total_http_routes, total_tcp_subscriptions, total_tcp_routes, total_token_errors, key_refresh_events. Units: ms, s, m h

Default
30s

mtls_ca

Routing API CA cert

mtls_client_cert

Routing API client cert (provided to clients by bosh link)

mtls_client_key

Routing API client key (provided to clients by bosh link)

mtls_port

Port on which Routing API is running, listening with mTLS.

Default
3001

mtls_server_cert

Routing API server cert

mtls_server_key

Routing API server key

port

Port on which Routing API is running. If this is changed and routing_api.enabled:true in cf-release, it will break management of routes and domains until routing_api.port is updated in cf-release.

Default
3000

router_groups

Array of router groups that will be seeded into routing_api database. Once some value is included with a deploy, subsequent changes to this property will be ignored. TCP Routing requires a router group of type: tcp.

Default
[]
Example
|+
  - name: default-tcp
    reservable_ports: 1024-10000,12000
    type: tcp

sqldb

ca_cert

(optional, string) When present, force database connections via TLS.

host

Host for SQL database

password

Password used for connecting to SQL database

port

Port on which SQL database is listening

schema

Database name for routing api

Example
routing_api
skip_hostname_validation

skip checking the hostname of the server cert when connecting via TLS

Default
false
type

Type of SQL database

Example
mysql
username

Username used for connecting to SQL database

statsd_client_flush_interval

Buffered statsd client flush interval

Default
300ms

statsd_endpoint

The endpoint for the statsd server used to translate the following metrics from statsd to dropsonde: total_http_subscriptions, total_http_routes, total_tcp_subscriptions, total_tcp_routes, total_token_errors, key_refresh_events.

Default
localhost:8125

system_domain

Domain reserved for CF operator; base URL where the UAA, Cloud Controller, and other non-user apps listen

skip_ssl_validation

Skip TLS verification when talking to UAA

Default
false

uaa

ca_cert

Certificate authority for communication between clients and UAA.

Default
""

tls_port

Port on which UAA is listening for TLS connections. This is required for obtaining a key to verify client OAuth tokens.

token_endpoint

UAA token endpoint host name. Do not include a scheme in this value; TCP Router will always use TLS to connect to UAA.

Default
uaa.service.cf.internal

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/routing-api/ directory (learn more).

  • bin/bbr/metadata (from bbr-metadata)
  • bin/bbr/post-backup-unlock (from post-backup-unlock.erb)
  • bin/bbr/post-restore-unlock (from post-restore-unlock.erb)
  • bin/bbr/pre-backup-lock (from pre-backup-lock.erb)
  • bin/bbr/pre-restore-lock (from pre-restore-lock.erb)
  • bin/bpm-pre-start (from bpm-pre-start.erb)
  • bin/dns_health_check (from dns_health_check.erb)
  • config/bpm.yml (from bpm.yml.erb)
  • config/certs/locket/ca.crt (from locket_ca.crt.erb)
  • config/certs/locket/client.crt (from locket_client.crt.erb)
  • config/certs/locket/client.key (from locket_client.key.erb)
  • config/certs/routing-api/client_ca.crt (from api_mtls_client_ca.crt.erb)
  • config/certs/routing-api/server.crt (from api_mtls_server.crt.erb)
  • config/certs/routing-api/server.key (from api_mtls_server.key.erb)
  • config/certs/uaa/ca.crt (from uaa_ca.crt.erb)
  • config/routing-api.yml (from routing-api.yml.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.