Skip to content

service-fabrik-broker job from service-fabrik/3.266.0

Github source: 3f732168 or master branch

Properties

agent_operation_timeout

(milliseconds) Timeout duration for any operation done on broker agent

Default
35000

allow_concurrent_binding_operations

When set to true, it will disable the check for parallel binding/unbinding operation during any OSB operation

Default
true

allow_concurrent_operations

When set to true, it will disable the check for parallel create/update/delete operation of the service instance

Default
true

backup

abort_time_out

Timeout time for abort of backup to complete in ms (defaults to 5 mins)

Default
300000

backup_restore_status_check_every

Status of deployment backup/restore once in every ms

Default
120000

backup_restore_status_poller_timeout

Timeout for backup/restore status checker in ms

Default
8.64e+07

consecutive_backup_failure_sla_count

Max allowed no backup days in a row (defaults to 3 days)

Default
3

lock_check_delay_on_restart

On restart of service fabrik queries all deployments to see if there is a lock on it. This delay ensures each call is spaced with this delay (ms)

Default
5000

max_num_on_demand_backup

Maximum number of on-demand backups

Default
2

num_of_allowed_restores

Number of allowed restore in backup.restore_history_days

Default
10

provider

IaaS-specific backup provider configuration

reschedule_backup_delay_after_restore

Delay to reschedule backup after restore in minutes

Default
3

restore_history_days

Number days to consider for restore quota check

Default
30

retention_period_in_days

Scheduled backups are going to be maintained during this period & cannot be deleted. Beyond this period backups are automatically deleted by backup job

Default
14

retry_delay_on_error

In case of unlock failure 3 retry attempts will be done with this configured delay (milliseconds) in exponential manner

Default
60000

status_check_every

Interval in milliseconds to check the status of service fabrik backup

Default
120000

transaction_logs_delete_buffer_time

Delete transaction logs older than latest successful backup + this buffer time in minutes

Default
30

broker_drain_message

Drain message that is updated into broker maintenance state. If undefined, then during drain maintenance state is not updated

Default
BROKER_DRAIN_INITIATED

cf

identity_provider

Identity provider for the Cloud Foundry cloud controller

password

Admin password for the Cloud Foundry cloud controller

url

URL of the Cloud Foundry cloud controller

username

Admin username for the Cloud Foundry cloud controller

circuit_breaker

Overridden circuit breaker configuration

common

tls_cacert

Trust only remotes providing a certificate signed by the CA given here

tls_client_cert

TLS certificate file

tls_client_key

TLS key file

deployment_action_timeout

Timeout duration for deployment hook actions

Default
80000

directors

URL of the Bosh directors

docker

allocate_docker_host_ports

Allocate Docker host ports when creating a container

Default
true

job

Name of the swarm/docker job

Default
swarm_manager

skip_ssl_validation

Determines whether the broker should verify SSL certificates when communicating with the Swarm Manager

Default
true

url

Docker URL (HTTP address or Unix socket)

Default
https://10.11.252.10:2376

volume_driver

Volume driver used for Docker containers (only local or lvm-volume-driver are currently supported)

Default
local

enable_bosh_rate_limit

Switch used to turn on/off rate limiting against BOSH director

Default
false

enable_circuit_breaker

Switch used to turn on/off circuit breaker

Default
false

enable_cross_organization_sharing

Determines whether instances can be shared across CF organizations

Default
false

enable_service_fabrik_v2

Determines whether to enable service fabrik v20

Default
false

enable_swarm_manager

Determines whether the broker has dependency on swarm manager

Default
true

event

defaults

cf_last_operation

Determines if an HTTP operation is to be additionally treated with cf-last operation semantics

Default
false
http_inprogress_codes

Defines the default in progress HTTP status codes

Default
- 202
http_success_codes

Defines the default HTTP success codes

Default
  - 200
  - 201
ignore_service_fabrik_operation

Determines if a broker API is being invoked via service fabrik API operation

Default
false
include_response_body

Determines wheter HTTP response body is to be logged or not

Default
false
log_inprogress_state

Determines if an in-progress event is to be logged or not

Default
true

delete

http_success_codes

Defines the HTTP success codes for Delete operation

Default
  - 200
  - 410

external

api_requires_admin_scope

Only Administrators of the Cloud Foundry cloud controller are allowed to use the Service Fabrik API endpoint

Default
false

cookie_secret

Unique secret key, used to sign sessions

host

Domain name used for external endpoints such as dashboards or the Service Fabrik API (will be registered at the router)

log_event

Determines whether event logging must be enabled or not

Default
true

port

Port used for external endpoints such as dashboards or the Service Fabrik API

Default
9292

session_expiry

Session expiry time of the session in seconds

Default
86400

ssl

Private key used for external communication

trust_proxy

This is required when running an Express app behind a proxy (see http://expressjs.com/en/guide/behind-proxies.html)

Default
2

feature

AllowInstanceSharing

Switch used to turn on/off sharing instances on CF

Default
true

EnableSecurityGroupsOps

Switch used to enable security groups related operations

Default
true

ServiceInstanceAutoUpdate

Switch used to turn on/off schedule update feature

Default
false

ha_enabled

Switch used to turn on/off the HA support

Default
false

http_timeout

Timeout duration for any request to broker

Default
175000

internal

domain_socket

path

domain socket path used to communicate with broker monitoring agent

Default
/tmp/sfevents

internal_url

Domain name used for internal endpoints such as administration or the service broker API

ip

IP address used for internal endpoints such as administration or the service broker API

log_event

Determines whether event logging must be enabled or not

Default
true

port

Port used for internal endpoints such as administration or the service broker API

Default
9443

ssl

ca

CA for internal app SSL certificate

cert

Signed certificate used for internal communication

key

Private key used for internal communication

lockttl

backup

LockTTL in seconds for backup operation

Default
86400

lifecycle

LockTTL in seconds for lifecycle operations create, update, delete

Default
86400

restore

LockTTL in seconds for restore operation

Default
86400

log_level

Log level of the broker

Default
info

metering

binding

clientid

The client id provided by the metering service

clientsecret

The client secret provided by the metering service

metering_url

The metering url provided by the metering service

region

The region provided by the metering binding

token_url

The token url provided by the metering service

create_metering_events

Create sfevents crds

Default
true

enabled

True if metering in enabled

Default
false

error_threshold_hours

Time in hours after which an error in sending to MaaS is reported to Riemann

mongodb

agent

provider
container

S3/Swift container name where service fabrik’s mongodb backup blobs will be stored

backup

schedule_interval

Cron expression defining the backup interval for service fabrik’s internal mongodb’s backup job

deployment_name

Bosh deployment name of the internal mongo-db

Default
service-fabrik-mongodb

provision

network_index

Network segment index within the service fabrik network where the internal mongodb is to be provisioned

Default
1
plan_id

Mongo Plan Id from the service catalog which is to be used for provisioning internal mongodb by Fabrik

record_max_fetch_count

Max number of records that can be fetched at a time from DB

Default
300

retry_connect

max_attempt

Maximum retry attempts for connecting to DB on errors

Default
8
min_delay

Minimum delay before retry attempt to connect to DB

Default
120000

url

MongoDB connection URL for service-fabrik’s internal needs. ex : mongodb://user:pass@localhost:port/database

monitoring

event_name_prefix

All riemann events originating from service fabrik will have this prefix

Default
CF.service-fabrik

events_logged_in_db

Comma seperated list of event names that are to be logged in DB

Default
create_backup, update_instance

include_response_body

Determines if the riemann event should contain the HTTP method response while logging

Default
false

unauthorized

include_response_body

Determines if the unauthorized event should contain the HTTP method response while logging

Default
true

multi_az_enabled

Switch used to turn on/off the multi-az support

Default
false

name

Name of the service broker as it will be registered at the Cloud Foundry cloud controller

Default
service-fabrik-broker

password

Broker’s basic auth password

Default
secret

quota

enabled

If Quota Management Service is enabled

Default
false

oauthDomain

Oauth domain for quota service

password

Client secret for quota service

serviceDomain

Onboarding Service domain for quota service

username

clientId for quota service

whitelist

List of whitelisted organitions for which quota check should not happen

riemann

enabled

Determines whether events should be forwarded to Riemann

Default
true

host

Riemann Host IP

Default
10.1.3.1

http_status_codes_to_be_skipped

Broker events with http response codes matching this list will be skipped from logging to riemann

Default
  - 400
  - 409

log_additional_event

Boolean configuration to log additional event to Riemann

Default
true

port

Riemann Port

Default
5555

prefix

Riemann Prefix

Default
CF

show_errors

Determines whether Riemann errors are to be logged or not

Default
true

send_binding_metadata

When set to false, any metadata will be omitted from the create_binding response. To be used when metadata contains sensitive information

Default
true

service_addon_jobs

Add on jobs that will be added onto the services deployment

Default
- iptables-manager

services

Services and plans offered by the broker

skip_ssl_validation

Determines whether the broker should verify SSL certificates when communicating with other endpoints such as the cloud controller or the UAA

Default
true

sys_log_level

Log level of the messages that are to be forwarded to ELK via syslog transport

Default
info

syslog

host

Syslog ingestor host IP of ELK stack

Default
10.1.4.3

port

Syslog ingestor Port

Default
5514

username

Broker’s basic auth username

Default
broker

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/service-fabrik-broker/ directory (learn more).

  • bin/drain (from bin/drain.erb)
  • bin/health_check (from bin/health_check.erb)
  • bin/job_properties.sh (from bin/job_properties.sh.erb)
  • bin/service-fabrik-broker_ctl (from bin/service-fabrik-broker_ctl.erb)
  • config/circuit-breaker-config.yml (from config/circuit-breaker-config.yml.erb)
  • config/eventlog-config-internal.yml (from config/eventlog-config-internal.yml.erb)
  • config/settings.yml (from config/settings.yml.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.