vxlan-policy-agent job from cf-networking/1.11.0
Github source:
7f2fca8f
or
master branch
Properties¶
cf_networking
¶
disable
¶Disable container to container networking.
- Default
false
iptables_accepted_udp_logs_per_sec
¶Maximum number of iptables logs per second for accepted UDP packets.
- Default
100
iptables_logging
¶Enables iptables logging for container to container traffic. Logs to the kernel log.
- Default
false
policy_poll_interval_seconds
¶The VXLAN policy agent queries the policy server on this interval in seconds and updates local policy rules.
- Default
5
policy_server
¶
hostname
¶Host name for the policy server. E.g. the service advertised via Consul DNS. Must match common name in the policy_server.server_cert
- Default
policy-server.service.cf.internal
internal_listen_port
¶Policy server handles requests from the vxlan policy agent on this port.
- Default
4003
vxlan_policy_agent
¶
ca_cert
¶Trusted CA certificate that was used to sign the policy server’s server cert and key.
client_cert
¶Client certificate for TLS to access policy server.
client_key
¶Client private key for TLS to access policy server.
debug_server_port
¶Port for the debug server. Use this to adjust log level at runtime or dump process stats.
- Default
44151
log_level
¶Logging level (debug, info, warn, error).
- Default
info
metron_port
¶Port of metron agent on localhost. This is used to forward metrics.
- Default
3457
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/vxlan-policy-agent/
directory
(learn more).
bin/pre-start
(frompre-start.erb
)bin/vxlan-policy-agent_ctl
(fromvxlan-policy-agent_ctl.erb
)config/certs/ca.crt
(fromca.crt.erb
)config/certs/client.crt
(fromclient.crt.erb
)config/certs/client.key
(fromclient.key.erb
)config/vxlan-policy-agent.json
(fromvxlan-policy-agent.json.erb
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.