Skip to content

Instantly share code, notes, and snippets.

@cweibel

cweibel/gist:83732bf6b21a0463962174b4451e006e

Created May 20, 2016 14:47
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cweibel/83732bf6b21a0463962174b4451e006e to your computer and use it in GitHub Desktop.
Save cweibel/83732bf6b21a0463962174b4451e006e to your computer and use it in GitHub Desktop.
Download ZIP
v231 to v237
Raw
gistfile1.txt
This file has been truncated, but you can view the full file.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
diff --git a/jobs/acceptance-tests/spec b/jobs/acceptance-tests/spec
index 247aa2c..57799d5 100644
--- a/jobs/acceptance-tests/spec
+++ b/jobs/acceptance-tests/spec
@@ -4,10 +4,9 @@ name: acceptance-tests
description: "The acceptance tests errand can be configured to run full acceptance test suite against a specific Cloud Foundry API endpoint. Consider running smoke tests errand for a smaller set of tests."
packages:
- - golang1.4
+ - golang1.6
- cli
- acceptance-tests
- - rtr
templates:
run.erb: bin/run
@@ -25,10 +24,6 @@ properties:
acceptance_tests.skip_ssl_validation:
default: false
description: Toggles cli verification of the Elastic Runtime API SSL certificate
- acceptance_tests.system_domain:
- description: The system domain for your CF release
- acceptance_tests.client_secret:
- description: The client secret for the uaa gorouter client
acceptance_tests.nodes:
default: 2
description: The number of parallel test executors to spawn. The larger the number the higher the stress on the system.
@@ -59,12 +54,6 @@ properties:
acceptance_tests.include_tasks:
default: false
description: Flag to include the v3 task tests dependent on the CC task_creation feature flag.
- acceptance_tests.include_routing:
- default: false
- description: Flag to include the routing test suite.
- acceptance_tests.include_routing_api:
- default: false
- description: Flag to include the routing_api test suite.
acceptance_tests.include_route_services:
default: false
description: Flag to include the route services tests. Diego must be deployed for these tests to pass.
~/projects/ge/cs/cf-release/src/buildpacks ~/projects/ge/cs/cf-release
diff --git a/binary-buildpack-release/jobs/binary-buildpack/spec b/binary-buildpack-release/jobs/binary-buildpack/spec
index 5168874..9d9f8dc 100644
--- a/binary-buildpack-release/jobs/binary-buildpack/spec
+++ b/binary-buildpack-release/jobs/binary-buildpack/spec
@@ -1,7 +1,6 @@
---
name: binary-buildpack
-templates:
- dummy: dummy
+templates: {}
packages:
- binary-buildpack
~/projects/ge/cs/cf-release
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
NEW FILE DETECTED: jobs/blobstore/spec

---
name: blobstore
templates:
nginx_ctl: bin/nginx_ctl
dns_health_check.erb: bin/dns_health_check
signer_ctl.sh.erb: bin/signer_ctl
nginx.conf.erb: config/nginx.conf
blobstore.conf.erb: config/sites/blobstore.conf
mime.types: config/mime.types
write_users.erb: config/write_users
blobstore.crt.erb: ssl/blobstore.crt
blobstore.key.erb: ssl/blobstore.key
packages:
- nginx_webdav
- blobstore_url_signer
- capi_utils
properties:
blobstore.internal_access_rules:
description: >-
List of allow / deny rules for the blobstore internal server. Defaults
to RFC 1918 Private Networks. Will be followed by 'deny all'. See
http://nginx.org/en/docs/http/ngx_http_access_module.html for valid rules
default:
- "allow 10.0.0.0/8;"
- "allow 172.16.0.0/12;"
- "allow 192.168.0.0/16;"
blobstore.port:
description: TCP port on which the blobstore server (nginx) listens
default: 80
blobstore.tls.port:
description: The TCP port on which the internal blobstore server listens
default: 443
blobstore.tls.cert:
description: The PEM-encoded certificate (optionally as a certificate chain) for serving blobs over TLS/SSL
blobstore.tls.private_key:
description: The PEM-encoded private key for signing TLS/SSL traffic
blobstore.admin_users:
description: |
List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
Example:
users:
- username: user1
password: password1
- username: user2
password: password2
blobstore.secure_link.secret:
description: "The secret used for signing URLs"
blobstore.max_upload_size:
description: "Max allowed file size for upload"
default: "5000m"
system_domain:
description: "The system domain. The public server will listen on host 'blobstore.system-domain.tld'"
domain:
description: "DEPRECATED: The system domain. The public server will listen on host 'blobstore.system-domain.tld'"

diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
diff --git a/jobs/blobstore/spec b/jobs/blobstore/spec
deleted file mode 100644
index 35f7f9b..0000000
--- a/jobs/blobstore/spec
+++ /dev/null
@@ -1,38 +0,0 @@
----
-name: blobstore
-
-templates:
- nginx_ctl: bin/nginx_ctl
- dns_health_check.erb: bin/dns_health_check
- nginx.conf.erb: config/nginx.conf
- blobstore.conf.erb: config/sites/blobstore.conf
- mime.types: config/mime.types
- write_users.erb: config/write_users
-
-packages:
-- nginx_webdav
-
-properties:
- blobstore.port:
- description: TCP port blobstore server (ngnix) listens on
- default: 80
-
- blobstore.admin_users:
- description: |
- List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth.
- Example:
- users:
- - username: user1
- password: password1
- - username: user2
- password: password2
-
- blobstore.secure_link.secret:
- description: The secret used for verifying signed URLs
-
- blobstore.max_upload_size:
- description: Max allowed file size for upload
- default: 5000m
-
- domain:
- description: The system domain. The public server will listen on host 'blobstore.system-domain.tld'
NEW FILE DETECTED: jobs/cc_uploader/spec

---
name: cc_uploader
templates:
cc_uploader_ctl.erb: bin/cc_uploader_ctl
packages:
- capi_utils
- cc_uploader
properties:
diego.ssl.skip_cert_verify:
description: "when connecting over https, ignore bad ssl certificates"
default: false
diego.cc_uploader.listen_addr:
description: "Address of interface on which to serve files"
default: "0.0.0.0:9090"
diego.cc_uploader.debug_addr:
description: "address at which to serve debug info"
default: "0.0.0.0:17018"
diego.cc_uploader.cc.job_polling_interval_in_seconds:
description: "the interval between job polling requests"
diego.cc_uploader.log_level:
description: "Log level"
default: "info"
diego.cc_uploader.dropsonde_port:
description: "local metron agent's port"
default: 3457
diego.cc_uploader.consul_agent_port:
description: "local consul agent's port"
default: 8500
diego.cc_uploader.cc.external_port:
description: "External Cloud Controller port"
default: 9022
capi.cc_uploader.listen_addr:
description: "Address of interface on which to serve files"
default: "0.0.0.0:9090"
capi.cc_uploader.debug_addr:
description: "address at which to serve debug info"
default: "0.0.0.0:17018"
capi.cc_uploader.cc.job_polling_interval_in_seconds:
description: "the interval between job polling requests"
capi.cc_uploader.log_level:
description: "Log level"
default: "info"
capi.cc_uploader.dropsonde_port:
description: "local metron agent's port"
default: 3457
capi.cc_uploader.consul_agent_port:
description: "local consul agent's port"
default: 8500
capi.cc_uploader.cc.external_port:
description: "External Cloud Controller port"
default: 9022

diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
NEW FILE DETECTED: jobs/cloud_controller_clock/spec

---
name: cloud_controller_clock
description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
templates:
cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
newrelic.yml.erb: config/newrelic.yml
stacks.yml.erb: config/stacks.yml
ruby_version.sh.erb: bin/ruby_version.sh
console.erb: bin/console
packages:
- capi_utils
- cloud_controller_ng
- nginx
- nginx_newrelic_plugin
- libpq
- libmariadb
- ruby-2.3
properties:
ssl.skip_cert_verify:
description: "specifies that the job is allowed to skip ssl cert verification"
default: false
domain:
description: "Deprecated in favor of system_domain. Domain where cloud_controller will listen (api.domain)"
system_domain:
description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
system_domain_organization:
description: "The User Org that owns the system_domain, required if system_domain is defined"
default: ""
app_domains:
description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
nats.user:
description: "Username for cc client to connect to NATS"
nats.password:
description: "Password for cc client to connect to NATS"
nats.port:
description: "IP port of Cloud Foundry NATS server"
nats.machines:
description: "IP of each NATS cluster member."
request_timeout_in_seconds:
description: "Timeout for requests in seconds."
default: 900
name:
description: "'name' attribute in the /v2/info endpoint"
default: ""
build:
description: "'build' attribute in the /v2/info endpoint"
default: ""
version:
description: "'version' attribute in the /v2/info endpoint"
default: 0
support_address:
description: "'support' attribute in the /v2/info endpoint"
default: ""
description:
description: "'description' attribute in the /v2/info endpoint"
default: ""
cc.external_port:
description: "External Cloud Controller port"
default: 9022
cc.internal_service_hostname:
description: "Internal hostname used to resolve the address of the Cloud Controller"
default: "cloud-controller-ng.service.cf.internal"
cc.jobs.global.timeout_in_seconds:
description: "The longest any job can take before it is cancelled unless overriden per job"
default: 14400 # 4 hours
cc.jobs.app_bits_packer.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.app_events_cleanup.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.blobstore_delete.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.blobstore_upload.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.droplet_deletion.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.droplet_upload.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.app_events.cutoff_age_in_days:
description: "How old an app event should stay in cloud controller database before being cleaned up"
default: 31
cc.app_usage_events.cutoff_age_in_days:
description: "How old an app usage event should stay in cloud controller database before being cleaned up"
default: 31
cc.service_usage_events.cutoff_age_in_days:
description: "How old a service usage event should stay in cloud controller database before being cleaned up"
default: 31
cc.audit_events.cutoff_age_in_days:
description: "How old an audit event should stay in cloud controller database before being cleaned up"
default: 31
cc.failed_jobs.cutoff_age_in_days:
description: "How old a failed job should stay in cloud controller database before being cleaned up"
default: 31
cc.completed_tasks.cutoff_age_in_days:
description: "How long a completed task will stay in cloud controller database before being cleaned up based on last updated time with success or failure."
default: 31
cc.pending_packages.frequency_in_seconds:
description: "How often the package pending cleanup job runs"
default: 300
cc.pending_packages.expiration_in_seconds:
description: "How long packages can remain in pending state before being cleaned up"
default: 1200
cc.external_protocol:
default: "https"
description: "The protocol used to access the CC API from an external entity"
cc.external_host:
default: "api"
description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
cc.cc_partition:
default: "default"
description: "Deprecated. Defines a 'partition' for the health_manager job"
cc.bulk_api_user:
default: "bulk_api"
description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
cc.bulk_api_password:
description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
cc.internal_api_user:
default: "internal_user"
description: "User name used by Diego to access internal endpoints"
cc.internal_api_password:
description: "Password used by Diego to access internal endpoints"
cc.diego.nsync_url:
default: http://nsync.service.cf.internal:8787
description: "URL of the Diego nsync service"
cc.diego.stager_url:
default: http://stager.service.cf.internal:8888
description: "URL of the Diego stager service"
cc.diego.tps_url:
default: http://tps.service.cf.internal:1518
description: "URL of the Diego tps service"
cc.uaa_resource_id:
default: "cloud_controller,cloud_controller_service_permissions"
description: "Name of service to register to UAA"
cc.db_logging_level:
default: "debug2"
description: "Log level for cc database operations"
cc.logging_level:
default: "debug2"
description: "Log level for cc"
cc.logging_max_retries:
default: 1
description: "Passthru value for Steno logger"
cc.staging_timeout_in_seconds:
default: 900
description: "Timeout for staging a droplet"
cc.default_health_check_timeout:
default: 60
description: "Default health check timeout (in seconds) that can be set for the app"
cc.maximum_health_check_timeout:
default: 180
description: "Maximum health check timeout (in seconds) that can be set for the app"
cc.stacks:
default:
- name: "cflinuxfs2"
description: "Cloud Foundry Linux-based filesystem"
description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
cc.default_stack:
default: "cflinuxfs2"
description: "The default stack to use if no custom stack is specified by an app."
cc.staging_upload_user:
default: ""
description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
cc.staging_upload_password:
default: ""
description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
cc.quota_definitions:
description: "Hash of default quota definitions. Overriden by custom quota definitions."
cc.default_quota_definition:
default: default
description: "Local to use a local (NFS) file system. AWS to use AWS."
cc.resource_pool.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.resource_pool.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.resource_pool.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.resource_pool.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.resource_pool.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.resource_pool.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.resource_pool.minimum_size:
description: "Minimum size of a resource to add to the pool"
default: 65536
cc.resource_pool.maximum_size:
description: "Maximum size of a resource to add to the pool"
default: 536870912
cc.resource_pool.resource_directory_key:
description: "Directory (bucket) used store app resources. It does not have be pre-created."
default: "cc-resources"
cc.resource_pool.fog_connection:
description: "Fog connection hash"
cc.resource_pool.cdn.uri:
description: "URI for a CDN to used for resource pool downloads"
default: ""
cc.resource_pool.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.resource_pool.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
cc.packages.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.packages.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.packages.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.packages.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.packages.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.packages.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.packages.app_package_directory_key:
description: "Directory (bucket) used store app packages. It does not have be pre-created."
default: "cc-packages"
cc.packages.max_package_size:
description: "Maximum size of application package"
default: 1073741824
cc.packages.fog_connection:
description: "Fog connection hash"
cc.packages.cdn.uri:
description: "URI for a CDN to used for app package downloads"
default: ""
cc.packages.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.packages.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
cc.droplets.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.droplets.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.droplets.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.droplets.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.droplets.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.droplets.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.droplets.droplet_directory_key:
description: "Directory (bucket) used store droplets. It does not have be pre-created."
default: "cc-droplets"
cc.droplets.fog_connection:
description: "Fog connection hash"
cc.droplets.cdn.uri:
description: "URI for a CDN to used for droplet downloads"
default: ""
cc.droplets.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.droplets.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
cc.buildpacks.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.buildpacks.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.buildpacks.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.buildpacks.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.buildpacks.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.buildpacks.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.buildpacks.buildpack_directory_key:
description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
default: "cc-buildpacks"
cc.buildpacks.fog_connection:
description: "Fog connection hash"
cc.buildpacks.cdn.uri:
description: "URI for a CDN to used for buildpack downloads"
default: ""
cc.buildpacks.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.buildpacks.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
ccdb.databases:
description: "Contains the name of the database on the database server"
ccdb.roles:
description: "Users to create on the database when seeding"
ccdb.db_scheme:
description: "The type of database being used. mysql or postgres"
default: postgres
ccdb.address:
description: "The address of the database server"
ccdb.port:
description: "The port of the database server"
ccdb.max_connections:
default: 25
description: "Maximum connections for Sequel"
ccdb.pool_timeout:
default: 10
description: "The timeout for Sequel pooled connections"
uaa.cc.token_secret:
description: "Symmetric secret used to decode uaa tokens. Used for testing."
uaa.url:
description: "URL of the UAA server"
login.protocol:
description: "http or https"
default: "https"
login.url:
description: "URL of the login server"
hm9000.url:
description: "URL of the hm9000 server"
uaa.jwt.verification_key:
default: ""
description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
login.enabled:
default: true
description: "whether use login as the authorization endpoint or not"
metron_endpoint.host:
description: "The host used to emit messages to the Metron agent"
default: "127.0.0.1"
metron_endpoint.port:
description: "The port used to emit messages to the Metron agent"
default: 3457
logger_endpoint.use_ssl:
description: "Whether to use ssl for logger endpoint listed at /v2/info"
default: true
logger_endpoint.port:
description: "Port for logger endpoint listed at /v2/info"
default: 443
cc.db_encryption_key:
default: ""
description: "key for encrypting sensitive values in the CC database"
cc.default_app_memory:
default: 1024
description: "How much memory given to an app if not specified"
cc.default_app_disk_in_mb:
default: 1024
description: "The default disk space an app gets"
cc.maximum_app_disk_in_mb:
default: 2048
description: "The maximum amount of disk a user can request"
cc.users_can_select_backend:
default: true
description: "Allow non-admin users to switch their apps between DEA and Diego backends"
cc.default_to_diego_backend:
default: false
description: "Use Diego backend by default for new apps"
cc.allow_app_ssh_access:
default: true
description: "Allow users to change the value of the app-level allow_ssh attribute"
cc.flapping_crash_count_threshold:
default: 3
description: "The threshold of crashes after which the app is marked as flapping"
cc.client_max_body_size:
default: "1536M"
description: "Maximum body size for nginx"
cc.disable_custom_buildpacks:
default: false
description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
cc.broker_client_timeout_seconds:
default: 60
description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
cc.newrelic.license_key:
default: ~
description: "The api key for NewRelic"
cc.newrelic.environment_name:
default: "development"
description: "The environment name used by NewRelic"
cc.newrelic.developer_mode:
default: false
description: "Activate NewRelic developer mode"
cc.newrelic.monitor_mode:
default: false
description: "Activate NewRelic monitor mode"
cc.newrelic.log_file_path:
default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
description: "The location for NewRelic to log to"
cc.newrelic.capture_params:
default: false
description: "Capture and send query params to NewRelic"
cc.newrelic.transaction_tracer.enabled:
default: false
description: "Enable transaction tracing in NewRelic"
cc.newrelic.transaction_tracer.record_sql:
default: "off"
description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
dea_next.staging_memory_limit_mb:
description: "Memory limit in mb for staging tasks"
default: 1024
dea_next.staging_disk_limit_mb:
description: "Disk limit in mb for staging tasks"
default: 6144
cc.staging_file_descriptor_limit:
description: "File descriptor limit for staging tasks"
default: 16384
cc.renderer.max_results_per_page:
description: "Maximum number of results returned per page"
default: 100
cc.renderer.default_results_per_page:
description: "Default number of results returned per page if user does not specify"
default: 50
cc.renderer.max_inline_relations_depth:
description: "Maximum depth of inlined relationships in the result"
default: 2
cc.app_bits_upload_grace_period_in_seconds:
description: "Extra token expiry time while uploading big apps."
default: 1200
uaa.clients.cc_service_broker_client.secret:
description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
uaa.clients.cc_service_broker_client.scope:
description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
default: "openid,cloud_controller_service_permissions.read"
uaa.clients.cc-service-dashboards.secret:
description: "Used for generating SSO clients for service brokers."
uaa.clients.cc-service-dashboards.scope:
description: "Used to grant scope for SSO clients for service brokers"
default: "openid,cloud_controller_service_permissions.read"
cc.install_buildpacks:
description: "Set of buildpacks to install during deploy"
cc.security_group_definitions:
description: "Array of security groups that will be seeded into CloudController."
cc.default_running_security_groups:
description: "The default running security groups that will be seeded in CloudController."
cc.default_staging_security_groups:
description: "The default staging security groups that will be seeded in CloudController."
cc.thresholds.api.alert_if_above_mb:
description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
default: 3500
cc.thresholds.api.restart_if_consistently_above_mb:
description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
default: 3500
cc.thresholds.api.restart_if_above_mb:
description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
default: 3750
cc.instance_file_descriptor_limit:
description: "The file descriptors made available to each app instance"
default: 16384
cc.reserved_private_domains:
description: "File location of a list of reserved private domains (for file format, see https://publicsuffix.org/)"
default: ~
cc.system_hostnames:
description: "List of hostnames for which routes cannot be created on the system domain."
default: [api,uaa,login,doppler,loggregator,hm9000]

diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_clock/spec b/jobs/cloud_controller_clock/spec
deleted file mode 100644
index cdcbd82..0000000
--- a/jobs/cloud_controller_clock/spec
+++ /dev/null
@@ -1,493 +0,0 @@
----
-name: cloud_controller_clock
-
-description: "The Cloud Controller clock periodically schedules Cloud Controller clean up tasks for app usage events, audit events, failed jobs, and more. Only single instance of this job is necessary."
-
-templates:
- cloud_controller_clock.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_clock_ctl.erb: bin/cloud_controller_clock_ctl
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
- cc.pending_packages.frequency_in_seconds:
- description: "How often the package pending cleanup job runs"
- default: 300
- cc.pending_packages.expiration_in_seconds:
- description: "How long packages can remain in pending state before being cleaned up"
- default: 1200
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
NEW FILE DETECTED: jobs/cloud_controller_ng/spec

---
name: cloud_controller_ng
description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
templates:
nginx_ctl.erb: bin/nginx_ctl
nginx.conf.erb: config/nginx.conf
drain.rb: bin/drain
restart_drain.rb: bin/restart_drain
mime.types: config/mime.types
cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
stacks.yml.erb: config/stacks.yml
newrelic.yml.erb: config/newrelic.yml
nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
newrelic_plugin.yml.erb: config/newrelic_plugin.yml
ruby_version.sh.erb: bin/ruby_version.sh
console.erb: bin/console
dns_health_check.erb: bin/dns_health_check
blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
buildpacks_ca_cert.pem.erb: config/certs/buildpacks_ca_cert.pem
droplets_ca_cert.pem.erb: config/certs/droplets_ca_cert.pem
packages_ca_cert.pem.erb: config/certs/packages_ca_cert.pem
resource_pool_ca_cert.pem.erb: config/certs/resource_pool_ca_cert.pem
dea_ca.crt.erb: config/certs/dea_ca.crt
dea_client.crt.erb: config/certs/dea_client.crt
dea_client.key.erb: config/certs/dea_client.key
pre-start.sh.erb: bin/pre-start
check_for_domain_overlap.rb: bin/check_for_domain_overlap.rb
packages:
- capi_utils
- cloud_controller_ng
- nginx
- nginx_newrelic_plugin
- libpq
- libmariadb
- ruby-2.3
properties:
ssl.skip_cert_verify:
description: "specifies that the job is allowed to skip ssl cert verification"
default: false
domain:
description: "Deprecated in favor of system_domain. Domain where cloud_controller will listen (api.domain)"
system_domain:
description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
system_domain_organization:
description: "The User Org that owns the system_domain, required if system_domain is defined"
default: ""
app_domains:
description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
app_ssh.host_key_fingerprint:
description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
default: ~
app_ssh.port:
description: "External port for SSH access to application instances"
default: 2222
app_ssh.oauth_client_id:
description: "The oauth client ID of the SSH proxy"
default: ssh-proxy
nats.user:
description: "Username for cc client to connect to NATS"
nats.password:
description: "Password for cc client to connect to NATS"
nats.port:
description: "IP port of Cloud Foundry NATS server"
nats.machines:
description: "IP of each NATS cluster member."
nfs_server.address:
description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
nfs_server.share_path:
description: "The location at which to mount the nfs share"
default: "/var/vcap/nfs"
request_timeout_in_seconds:
description: "Timeout for requests in seconds."
default: 900
name:
description: "'name' attribute in the /v2/info endpoint"
default: ""
build:
description: "'build' attribute in the /v2/info endpoint"
default: ""
version:
description: "'version' attribute in the /v2/info endpoint"
default: 0
support_address:
description: "'support' attribute in the /v2/info endpoint"
default: ""
description:
description: "'description' attribute in the /v2/info endpoint"
default: ""
cc.info.custom:
description: "Custom attribute keys and values for /v2/info endpoint"
cc.external_port:
description: "External Cloud Controller port"
default: 9022
cc.internal_service_hostname:
description: "Internal hostname used to resolve the address of the Cloud Controller"
default: "cloud-controller-ng.service.cf.internal"
cc.jobs.global.timeout_in_seconds:
description: "The longest any job can take before it is cancelled unless overriden per job"
default: 14400 # 4 hours
cc.jobs.app_bits_packer.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.app_events_cleanup.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.blobstore_delete.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.blobstore_upload.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.droplet_deletion.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.droplet_upload.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.app_events.cutoff_age_in_days:
description: "How old an app event should stay in cloud controller database before being cleaned up"
default: 31
cc.app_usage_events.cutoff_age_in_days:
description: "How old an app usage event should stay in cloud controller database before being cleaned up"
default: 31
cc.service_usage_events.cutoff_age_in_days:
description: "How old a service usage event should stay in cloud controller database before being cleaned up"
default: 31
cc.audit_events.cutoff_age_in_days:
description: "How old an audit event should stay in cloud controller database before being cleaned up"
default: 31
cc.failed_jobs.cutoff_age_in_days:
description: "How old a failed job should stay in cloud controller database before being cleaned up"
default: 31
cc.completed_tasks.cutoff_age_in_days:
description: "How long a completed task will stay in cloud controller database before being cleaned up based on last updated time with success or failure."
default: 31
cc.directories.tmpdir:
default: "/var/vcap/data/cloud_controller_ng/tmp"
description: "The directory to use for temporary files"
cc.directories.diagnostics:
default: "/var/vcap/data/cloud_controller_ng/diagnostics"
description: "The directory where operator requested diagnostic files should be placed"
cc.external_protocol:
default: "https"
description: "The protocol used to access the CC API from an external entity"
cc.external_host:
default: "api"
description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
cc.cc_partition:
default: "default"
description: "Deprecated. Defines a 'partition' for the health_manager job"
cc.bulk_api_user:
default: "bulk_api"
description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
cc.bulk_api_password:
description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
cc.internal_api_user:
default: "internal_user"
description: "User name used by Diego to access internal endpoints"
cc.internal_api_password:
description: "Password used by Diego to access internal endpoints"
cc.diego.nsync_url:
default: http://nsync.service.cf.internal:8787
description: "URL of the Diego nsync service"
cc.diego.stager_url:
default: http://stager.service.cf.internal:8888
description: "URL of the Diego stager service"
cc.diego.tps_url:
default: http://tps.service.cf.internal:1518
description: "URL of the Diego tps service"
cc.min_cli_version:
description: "Minimum version of the CF CLI to work with the API."
cc.min_recommended_cli_version:
description: "Minimum recommended version of the CF CLI."
cc.uaa_resource_id:
default: "cloud_controller,cloud_controller_service_permissions"
description: "Name of service to register to UAA"
cc.db_logging_level:
default: "debug2"
description: "Log level for cc database operations"
cc.logging_level:
default: "debug2"
description: "Log level for cc"
cc.logging_max_retries:
default: 1
description: "Passthru value for Steno logger"
cc.staging_timeout_in_seconds:
default: 900
description: "Timeout for staging a droplet"
cc.default_health_check_timeout:
default: 60
description: "Default health check timeout (in seconds) that can be set for the app"
cc.maximum_health_check_timeout:
default: 180
description: "Maximum health check timeout (in seconds) that can be set for the app"
cc.stacks:
default:
- name: "cflinuxfs2"
description: "Cloud Foundry Linux-based filesystem"
description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
cc.default_stack:
default: "cflinuxfs2"
description: "The default stack to use if no custom stack is specified by an app."
cc.staging_upload_user:
default: ""
description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
cc.staging_upload_password:
default: ""
description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
cc.quota_definitions:
description: "Hash of default quota definitions to be used during Cloud Controller database seeding. After seeding, these can be updated using the API but not using the manifest."
cc.default_quota_definition:
default: default
description: "Local to use a local (NFS) file system. AWS to use AWS."
cc.resource_pool.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.resource_pool.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.resource_pool.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.resource_pool.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.resource_pool.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.resource_pool.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.resource_pool.minimum_size:
description: "Minimum size of a resource to add to the pool"
default: 65536
cc.resource_pool.maximum_size:
description: "Maximum size of a resource to add to the pool"
default: 536870912
cc.resource_pool.resource_directory_key:
description: "Directory (bucket) used store app resources. It does not have be pre-created."
default: "cc-resources"
cc.resource_pool.fog_connection:
description: "Fog connection hash"
cc.resource_pool.cdn.uri:
description: "URI for a CDN to used for resource pool downloads"
default: ""
cc.resource_pool.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.resource_pool.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
cc.packages.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.packages.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.packages.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.packages.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.packages.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.packages.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.packages.app_package_directory_key:
description: "Directory (bucket) used store app packages. It does not have be pre-created."
default: "cc-packages"
cc.packages.max_package_size:
description: "Maximum size of application package"
default: 1073741824
cc.packages.max_valid_packages_stored:
description: "Number of recent, valid packages stored per app (not including package for current droplet)"
default: 5
cc.packages.fog_connection:
description: "Fog connection hash"
cc.packages.cdn.uri:
description: "URI for a CDN to used for app package downloads"
default: ""
cc.packages.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.packages.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
cc.droplets.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.droplets.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.droplets.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.droplets.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.droplets.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.droplets.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.droplets.droplet_directory_key:
description: "Directory (bucket) used store droplets. It does not have be pre-created."
default: "cc-droplets"
cc.droplets.max_staged_droplets_stored:
description: "Number of recent, staged droplets stored per app (not including current droplet)"
default: 5
cc.droplets.fog_connection:
description: "Fog connection hash"
cc.droplets.cdn.uri:
description: "URI for a CDN to used for droplet downloads"
default: ""
cc.droplets.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.droplets.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
cc.buildpacks.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.buildpacks.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.buildpacks.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.buildpacks.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.buildpacks.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.buildpacks.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.buildpacks.buildpack_directory_key:
description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
default: "cc-buildpacks"
cc.buildpacks.fog_connection:
description: "Fog connection hash"
cc.buildpacks.cdn.uri:
description: "URI for a CDN to used for buildpack downloads"
default: ""
cc.buildpacks.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.buildpacks.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
ccdb.databases:
description: "Contains the name of the database on the database server"
ccdb.roles:
description: "Users to create on the database when seeding"
ccdb.db_scheme:
description: "The type of database being used. mysql or postgres"
default: postgres
ccdb.address:
description: "The address of the database server"
ccdb.port:
description: "The port of the database server"
ccdb.max_connections:
default: 25
description: "Maximum connections for Sequel"
ccdb.pool_timeout:
default: 10
description: "The timeout for Sequel pooled connections"
uaa.cc.token_secret:
description: "Symmetric secret used to decode uaa tokens. Used for testing."
uaa.url:
description: "URL of the UAA server"
login.protocol:
description: "http or https"
default: "https"
login.url:
description: "URL of the login server"
hm9000.url:
description: "URL of the hm9000 server"
uaa.jwt.verification_key:
default: ""
description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
login.enabled:
default: true
description: "whether use login as the authorization endpoint or not"
metron_endpoint.host:
description: "The host used to emit messages to the Metron agent"
default: "127.0.0.1"
metron_endpoint.port:
description: "The port used to emit messages to the Metron agent"
default: 3457
logger_endpoint.use_ssl:
description: "Whether to use ssl for logger endpoint listed at /v2/info"
default: true
logger_endpoint.port:
description: "Port for logger endpoint listed at /v2/info"
default: 443
doppler.enabled:
description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
default: true
doppler.use_ssl:
description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
default: true
doppler.port:
description: "Port for doppler_logging_endpoint listed at /v2/info"
default: 443
cc.db_encryption_key:
default: ""
description: "key for encrypting sensitive values in the CC database"
cc.default_app_memory:
default: 1024
description: "How much memory given to an app if not specified"
cc.default_app_disk_in_mb:
default: 1024
description: "The default disk space an app gets"
cc.maximum_app_disk_in_mb:
default: 2048
description: "The maximum amount of disk a user can request"
cc.users_can_select_backend:
default: true
description: "Allow non-admin users to switch their apps between DEA and Diego backends"
cc.default_to_diego_backend:
default: false
description: "Use Diego backend by default for new apps"
cc.allow_app_ssh_access:
default: true
description: "Allow users to change the value of the app-level allow_ssh attribute"
cc.flapping_crash_count_threshold:
default: 3
description: "The threshold of crashes after which the app is marked as flapping"
cc.client_max_body_size:
default: "15M"
description: "Maximum body size for nginx"
cc.app_bits_max_body_size:
default: "1536M"
description: "Maximum body size for nginx bits uploads"
cc.disable_custom_buildpacks:
default: false
description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
cc.broker_client_timeout_seconds:
default: 60
description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
cc.broker_client_default_async_poll_interval_seconds:
default: 60
description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
cc.broker_client_max_async_poll_duration_minutes:
default: 10080
description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
cc.development_mode:
default: false
description: "Enable development features for monitoring and insight"
cc.newrelic.license_key:
default: ~
description: "The api key for NewRelic"
cc.newrelic.environment_name:
default: "development"
description: "The environment name used by NewRelic"
cc.newrelic.developer_mode:
default: false
description: "Activate NewRelic developer mode"
cc.newrelic.monitor_mode:
default: false
description: "Activate NewRelic monitor mode"
cc.newrelic.log_file_path:
default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
description: "The location for NewRelic to log to"
cc.newrelic.capture_params:
default: false
description: "Capture and send query params to NewRelic"
cc.newrelic.transaction_tracer.enabled:
default: false
description: "Enable transaction tracing in NewRelic"
cc.newrelic.transaction_tracer.record_sql:
default: "off"
description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
cc.nginx_access_log_destination:
description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
cc.nginx_access_log_format:
description: "The nginx log format string to use when writing to the access log."
default: >
$host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
$proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
cc.nginx_error_log_destination:
description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
cc.nginx_error_log_level:
description: "The lowest severity nginx log level to capture in the error log."
default: error
cc.jobs.local.number_of_workers:
default: 2
description: "Number of local cloud_controller_worker workers"
cc.thresholds.api.alert_if_above_mb:
description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
default: 3500
cc.thresholds.api.restart_if_consistently_above_mb:
description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
default: 3500
cc.thresholds.api.restart_if_above_mb:
description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
default: 3750
dea_next.staging_memory_limit_mb:
description: "Memory limit in mb for staging tasks"
default: 1024
dea_next.staging_disk_limit_mb:
description: "Disk limit in mb for staging tasks"
default: 6144
cc.staging_file_descriptor_limit:
description: "File descriptor limit for staging tasks"
default: 16384
dea_next.advertise_interval_in_seconds:
description: "Advertise interval for DEAs"
default: 5
cc.renderer.max_results_per_page:
description: "Maximum number of results returned per page"
default: 100
cc.renderer.default_results_per_page:
description: "Default number of results returned per page if user does not specify"
default: 50
cc.renderer.max_inline_relations_depth:
description: "Maximum depth of inlined relationships in the result"
default: 2
uaa.clients.cc_service_broker_client.secret:
description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
uaa.clients.cc_service_broker_client.scope:
description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
default: "openid,cloud_controller_service_permissions.read"
uaa.clients.cc-service-dashboards.secret:
description: "Used for generating SSO clients for service brokers."
uaa.clients.cc-service-dashboards.scope:
description: "Used to grant scope for SSO clients for service brokers"
default: "openid,cloud_controller_service_permissions.read"
uaa.clients.cloud_controller_username_lookup.secret:
description: "Used for fetching usernames from UAA."
uaa.clients.cc_routing.secret:
description: "Used for fetching routing information from the Routing API"
cc.install_buildpacks:
description: "Set of buildpacks to install during deploy"
cc.app_bits_upload_grace_period_in_seconds:
description: "Extra token expiry time while uploading big apps."
default: 1200
cc.security_group_definitions:
description: "Array of security groups that will be seeded into CloudController."
cc.default_running_security_groups:
description: "The default running security groups that will be seeded in CloudController."
cc.default_staging_security_groups:
description: "The default staging security groups that will be seeded in CloudController."
cc.feature_disabled_message:
description: "Custom message to use for a disabled feature."
cc.allowed_cors_domains:
description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
default: []
cc.instance_file_descriptor_limit:
description: "The file descriptors made available to each app instance"
default: 16384
cc.statsd_host:
description: "The host for the statsd server, defaults to the local metron agent"
default: "127.0.0.1"
cc.statsd_port:
description: "The port for the statsd server, defaults to the local metron agent"
default: 8125
cc.placement_top_stager_percentage:
description: "The percentage of top stagers considered when choosing a stager"
default: 10
router.route_services_secret:
description: "Support for route services is disabled when no value is configured."
default: ""
routing_api.enabled:
description: "Whether to expose the routing_endpoint listed at /v2/info. Enable this after deploying the Routing API"
default: false
cc.reserved_private_domains:
description: "File location of a list of reserved private domains (for file format, see https://publicsuffix.org/)"
default: ~
cc.dea_use_https:
description: "enable ssl for communication with DEAs"
default: false
dea_next.ca_cert:
description: "PEM-encoded CA certificate"
dea_next.client_cert:
description: "PEM-encoded server certificate"
dea_next.client_key:
description: "PEM-encoded server key"
cc.core_file_pattern:
description: "Filename template for core dump files. Use an empty string if you don't want core files saved."
default: "/var/vcap/sys/cores/core-%e-%s-%p-%t"
cc.security_event_logging.enabled:
description: "Enable logging of all requests made to the Cloud Controller in CEF format."
default: false
cc.volume_services_enabled:
description: "Enable binding to services that provide volume_mount information."
default: false
cc.system_hostnames:
description: "List of hostnames for which routes cannot be created on the system domain."
default: [api,uaa,login,doppler,loggregator,hm9000]

diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
deleted file mode 100644
index a01872c..0000000
--- a/jobs/cloud_controller_ng/spec
+++ /dev/null
@@ -1,613 +0,0 @@
----
-name: cloud_controller_ng
-
-description: "The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced."
-
-templates:
- nginx_ctl.erb: bin/nginx_ctl
- nginx.conf.erb: config/nginx.conf
- drain.rb: bin/drain
- restart_drain.rb: bin/restart_drain
- mime.types: config/mime.types
- cloud_controller_api.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_api_ctl.erb: bin/cloud_controller_ng_ctl
- cloud_controller_api_worker_ctl.erb: bin/cloud_controller_worker_ctl
- cloud_controller_api_migration_ctl.erb: bin/cloud_controller_migration_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- stacks.yml.erb: config/stacks.yml
- newrelic.yml.erb: config/newrelic.yml
- nginx_newrelic_plugin_ctl.erb: bin/nginx_newrelic_plugin_ctl
- newrelic_plugin.yml.erb: config/newrelic_plugin.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- dns_health_check.erb: bin/dns_health_check
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
- - buildpack_java
- - buildpack_java_offline
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- app_ssh.host_key_fingerprint:
- description: "Fingerprint of the host key of the SSH proxy that brokers connections to application instances"
- default: ~
- app_ssh.port:
- description: "External port for SSH access to application instances"
- default: 2222
- app_ssh.oauth_client_id:
- description: "The oauth client ID of the SSH proxy"
- default: ssh-proxy
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.info.custom:
- description: "Custom attribute keys and values for /v2/info endpoint"
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.directories.tmpdir:
- default: "/var/vcap/data/cloud_controller_ng/tmp"
- description: "The directory to use for temporary files"
- cc.directories.diagnostics:
- default: "/var/vcap/data/cloud_controller_ng/diagnostics"
- description: "The directory where operator requested diagnostic files should be placed"
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.min_cli_version:
- description: "Minimum version of the CF CLI to work with the API."
- cc.min_recommended_cli_version:
- description: "Minimum recommended version of the CF CLI."
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.max_valid_packages_stored:
- description: "Number of recent, valid packages stored per app (not including package for current droplet)"
- default: 5
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.max_staged_droplets_stored:
- description: "Number of recent, staged droplets stored per app (not including current droplet)"
- default: 5
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- doppler.enabled:
- description: "Whether to expose the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.use_ssl:
- description: "Whether to use ssl for the doppler_logging_endpoint listed at /v2/info"
- default: true
- doppler.port:
- description: "Port for doppler_logging_endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "15M"
- description: "Maximum body size for nginx"
- cc.app_bits_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx bits uploads"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide."
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week"
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.nginx_access_log_destination:
- description: "The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.access.log"
- cc.nginx_access_log_format:
- description: "The nginx log format string to use when writing to the access log."
- default: >
- $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"
- $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time
- cc.nginx_error_log_destination:
- description: "The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer."
- default: "/var/vcap/sys/log/nginx_cc/nginx.error.log"
- cc.nginx_error_log_level:
- description: "The lowest severity nginx log level to capture in the error log."
- default: error
-
- cc.jobs.local.number_of_workers:
- default: 2
- description: "Number of local cloud_controller_worker workers"
-
- cc.thresholds.api.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 3500
- cc.thresholds.api.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 3750
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- dea_next.advertise_interval_in_seconds:
- description: "Advertise interval for DEAs"
- default: 5
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cloud_controller_username_lookup.secret:
- description: "Used for fetching usernames from UAA."
-
- uaa.clients.cc_routing.secret:
- description: "Used for fetching routing information from the Routing API"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.feature_disabled_message:
- description: "Custom message to use for a disabled feature."
- cc.allowed_cors_domains:
- description: "List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain"
- default: []
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.statsd_host:
- description: "The host for the statsd server, defaults to the local metron agent"
- default: "127.0.0.1"
-
- cc.statsd_port:
- description: "The port for the statsd server, defaults to the local metron agent"
- default: 8125
-
- cc.placement_top_stager_percentage:
- description: "The percentage of top stagers considered when choosing a stager"
- default: 10
-
- router.route_services_secret:
- description: "Support for route services is disabled when no value is configured."
- default: ""
diff --git a/jobs/cloud_controller_worker/spec b/jobs/cloud_controller_worker/spec
deleted file mode 100644
index 2d866f1..0000000
--- a/jobs/cloud_controller_worker/spec
+++ /dev/null
@@ -1,510 +0,0 @@
----
-name: cloud_controller_worker
-
-description: "Cloud Controller worker processes background tasks submitted via the."
-
-templates:
- cloud_controller_worker.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_worker_ctl.erb: bin/cloud_controller_worker_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.jobs.generic.number_of_workers:
- default: 1
- description: "Number of generic cloud_controller_worker workers"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.worker.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 512
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions"
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker. Default is 1 week"
NEW FILE DETECTED: jobs/cloud_controller_worker/spec

---
name: cloud_controller_worker
description: "Cloud Controller worker processes background tasks submitted via the."
templates:
cloud_controller_worker.yml.erb: config/cloud_controller_ng.yml
cloud_controller_worker_ctl.erb: bin/cloud_controller_worker_ctl
handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
newrelic.yml.erb: config/newrelic.yml
stacks.yml.erb: config/stacks.yml
ruby_version.sh.erb: bin/ruby_version.sh
console.erb: bin/console
blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
buildpacks_ca_cert.pem.erb: config/certs/buildpacks_ca_cert.pem
droplets_ca_cert.pem.erb: config/certs/droplets_ca_cert.pem
packages_ca_cert.pem.erb: config/certs/packages_ca_cert.pem
resource_pool_ca_cert.pem.erb: config/certs/resource_pool_ca_cert.pem
packages:
- capi_utils
- cloud_controller_ng
- nginx
- nginx_newrelic_plugin
- libpq
- libmariadb
- ruby-2.3
properties:
ssl.skip_cert_verify:
description: "specifies that the job is allowed to skip ssl cert verification"
default: false
domain:
description: "Deprecated in favor of system_domain. Domain where cloud_controller will listen (api.domain)"
system_domain:
description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
system_domain_organization:
description: "The User Org that owns the system_domain, required if system_domain is defined"
default: ""
app_domains:
description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
nats.user:
description: "Username for cc client to connect to NATS"
nats.password:
description: "Password for cc client to connect to NATS"
nats.port:
description: "IP port of Cloud Foundry NATS server"
nats.machines:
description: "IP of each NATS cluster member."
nfs_server.address:
description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
nfs_server.share_path:
description: "The location at which to mount the nfs share"
default: "/var/vcap/nfs"
request_timeout_in_seconds:
description: "Timeout for requests in seconds."
default: 900
name:
description: "'name' attribute in the /v2/info endpoint"
default: ""
build:
description: "'build' attribute in the /v2/info endpoint"
default: ""
version:
description: "'version' attribute in the /v2/info endpoint"
default: 0
support_address:
description: "'support' attribute in the /v2/info endpoint"
default: ""
description:
description: "'description' attribute in the /v2/info endpoint"
default: ""
cc.external_port:
description: "External Cloud Controller port"
default: 9022
cc.internal_service_hostname:
description: "Internal hostname used to resolve the address of the Cloud Controller"
default: "cloud-controller-ng.service.cf.internal"
cc.jobs.global.timeout_in_seconds:
description: "The longest any job can take before it is cancelled unless overriden per job"
default: 14400 # 4 hours
cc.jobs.app_bits_packer.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.app_events_cleanup.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.blobstore_delete.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.blobstore_upload.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.droplet_deletion.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.jobs.droplet_upload.timeout_in_seconds:
description: "The longest this job can take before it is cancelled"
cc.app_events.cutoff_age_in_days:
description: "How old an app event should stay in cloud controller database before being cleaned up"
default: 31
cc.app_usage_events.cutoff_age_in_days:
description: "How old an app usage event should stay in cloud controller database before being cleaned up"
default: 31
cc.service_usage_events.cutoff_age_in_days:
description: "How old a service usage event should stay in cloud controller database before being cleaned up"
default: 31
cc.audit_events.cutoff_age_in_days:
description: "How old an audit event should stay in cloud controller database before being cleaned up"
default: 31
cc.failed_jobs.cutoff_age_in_days:
description: "How old a failed job should stay in cloud controller database before being cleaned up"
default: 31
cc.completed_tasks.cutoff_age_in_days:
description: "How long a completed task will stay in cloud controller database before being cleaned up based on last updated time with success or failure."
default: 31
cc.external_protocol:
default: "https"
description: "The protocol used to access the CC API from an external entity"
cc.external_host:
default: "api"
description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
cc.cc_partition:
default: "default"
description: "Deprecated. Defines a 'partition' for the health_manager job"
cc.bulk_api_user:
default: "bulk_api"
description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
cc.bulk_api_password:
description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
cc.internal_api_user:
default: "internal_user"
description: "User name used by Diego to access internal endpoints"
cc.internal_api_password:
description: "Password used by Diego to access internal endpoints"
cc.diego.nsync_url:
default: http://nsync.service.cf.internal:8787
description: "URL of the Diego nsync service"
cc.diego.stager_url:
default: http://stager.service.cf.internal:8888
description: "URL of the Diego stager service"
cc.diego.tps_url:
default: http://tps.service.cf.internal:1518
description: "URL of the Diego tps service"
cc.uaa_resource_id:
default: "cloud_controller,cloud_controller_service_permissions"
description: "Name of service to register to UAA"
cc.db_logging_level:
default: "debug2"
description: "Log level for cc database operations"
cc.logging_level:
default: "debug2"
description: "Log level for cc"
cc.logging_max_retries:
default: 1
description: "Passthru value for Steno logger"
cc.staging_timeout_in_seconds:
default: 900
description: "Timeout for staging a droplet"
cc.default_health_check_timeout:
default: 60
description: "Default health check timeout (in seconds) that can be set for the app"
cc.maximum_health_check_timeout:
default: 180
description: "Maximum health check timeout (in seconds) that can be set for the app"
cc.stacks:
default:
- name: "cflinuxfs2"
description: "Cloud Foundry Linux-based filesystem"
description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
cc.default_stack:
default: "cflinuxfs2"
description: "The default stack to use if no custom stack is specified by an app."
cc.staging_upload_user:
default: ""
description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
cc.staging_upload_password:
default: ""
description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
cc.quota_definitions:
description: "Hash of default quota definitions. Overriden by custom quota definitions."
cc.default_quota_definition:
default: default
description: "Local to use a local (NFS) file system. AWS to use AWS."
cc.resource_pool.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.resource_pool.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.resource_pool.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.resource_pool.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.resource_pool.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.resource_pool.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.resource_pool.minimum_size:
description: "Minimum size of a resource to add to the pool"
default: 65536
cc.resource_pool.maximum_size:
description: "Maximum size of a resource to add to the pool"
default: 536870912
cc.resource_pool.resource_directory_key:
description: "Directory (bucket) used store app resources. It does not have be pre-created."
default: "cc-resources"
cc.resource_pool.fog_connection:
description: "Fog connection hash"
cc.resource_pool.cdn.uri:
description: "URI for a CDN to used for resource pool downloads"
default: ""
cc.resource_pool.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.resource_pool.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
cc.packages.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.packages.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.packages.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.packages.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.packages.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.packages.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.packages.app_package_directory_key:
description: "Directory (bucket) used store app packages. It does not have be pre-created."
default: "cc-packages"
cc.packages.max_package_size:
description: "Maximum size of application package"
default: 1073741824
cc.packages.fog_connection:
description: "Fog connection hash"
cc.packages.cdn.uri:
description: "URI for a CDN to used for app package downloads"
default: ""
cc.packages.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.packages.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
cc.droplets.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.droplets.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.droplets.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.droplets.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.droplets.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.droplets.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.droplets.droplet_directory_key:
description: "Directory (bucket) used store droplets. It does not have be pre-created."
default: "cc-droplets"
cc.droplets.fog_connection:
description: "Fog connection hash"
cc.droplets.cdn.uri:
description: "URI for a CDN to used for droplet downloads"
default: ""
cc.droplets.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.droplets.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
cc.buildpacks.blobstore_type:
description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
default: "fog"
cc.buildpacks.webdav_config.public_endpoint:
description: "The location of the webdav server eg: https://blobstore.com"
default: ""
cc.buildpacks.webdav_config.private_endpoint:
description: "The location of the webdav server eg: https://blobstore.internal"
default: "https://blobstore.service.cf.internal"
cc.buildpacks.webdav_config.username:
description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.buildpacks.webdav_config.password:
description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
default: ""
cc.buildpacks.webdav_config.ca_cert:
description: "The ca cert to use when communicating with webdav"
default: ""
cc.buildpacks.buildpack_directory_key:
description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
default: "cc-buildpacks"
cc.buildpacks.fog_connection:
description: "Fog connection hash"
cc.buildpacks.cdn.uri:
description: "URI for a CDN to used for buildpack downloads"
default: ""
cc.buildpacks.cdn.private_key:
description: "Private key for signing download URIs"
default: ""
cc.buildpacks.cdn.key_pair_id:
description: "Key pair name for signed download URIs"
default: ""
ccdb.databases:
description: "Contains the name of the database on the database server"
ccdb.roles:
description: "Users to create on the database when seeding"
ccdb.db_scheme:
description: "The type of database being used. mysql or postgres"
default: postgres
ccdb.address:
description: "The address of the database server"
ccdb.port:
description: "The port of the database server"
ccdb.max_connections:
default: 25
description: "Maximum connections for Sequel"
ccdb.pool_timeout:
default: 10
description: "The timeout for Sequel pooled connections"
uaa.cc.token_secret:
description: "Symmetric secret used to decode uaa tokens. Used for testing."
uaa.url:
description: "URL of the UAA server"
login.protocol:
description: "http or https"
default: "https"
login.url:
description: "URL of the login server"
hm9000.url:
description: "URL of the hm9000 server"
uaa.jwt.verification_key:
default: ""
description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
login.enabled:
default: true
description: "whether use login as the authorization endpoint or not"
metron_endpoint.host:
description: "The host used to emit messages to the Metron agent"
default: "127.0.0.1"
metron_endpoint.port:
description: "The port used to emit messages to the Metron agent"
default: 3457
logger_endpoint.use_ssl:
description: "Whether to use ssl for logger endpoint listed at /v2/info"
default: true
logger_endpoint.port:
description: "Port for logger endpoint listed at /v2/info"
default: 443
cc.db_encryption_key:
default: ""
description: "key for encrypting sensitive values in the CC database"
cc.default_app_memory:
default: 1024
description: "How much memory given to an app if not specified"
cc.default_app_disk_in_mb:
default: 1024
description: "The default disk space an app gets"
cc.maximum_app_disk_in_mb:
default: 2048
description: "The maximum amount of disk a user can request"
cc.users_can_select_backend:
default: true
description: "Allow non-admin users to switch their apps between DEA and Diego backends"
cc.default_to_diego_backend:
default: false
description: "Use Diego backend by default for new apps"
cc.allow_app_ssh_access:
default: true
description: "Allow users to change the value of the app-level allow_ssh attribute"
cc.flapping_crash_count_threshold:
default: 3
description: "The threshold of crashes after which the app is marked as flapping"
cc.client_max_body_size:
default: "1536M"
description: "Maximum body size for nginx"
cc.disable_custom_buildpacks:
default: false
description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
cc.broker_client_timeout_seconds:
default: 60
description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
cc.development_mode:
default: false
description: "Enable development features for monitoring and insight"
cc.newrelic.license_key:
default: ~
description: "The api key for NewRelic"
cc.newrelic.environment_name:
default: "development"
description: "The environment name used by NewRelic"
cc.newrelic.developer_mode:
default: false
description: "Activate NewRelic developer mode"
cc.newrelic.monitor_mode:
default: false
description: "Activate NewRelic monitor mode"
cc.newrelic.log_file_path:
default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
description: "The location for NewRelic to log to"
cc.newrelic.capture_params:
default: false
description: "Capture and send query params to NewRelic"
cc.newrelic.transaction_tracer.enabled:
default: false
description: "Enable transaction tracing in NewRelic"
cc.newrelic.transaction_tracer.record_sql:
default: "off"
description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
cc.jobs.generic.number_of_workers:
default: 1
description: "Number of generic cloud_controller_worker workers"
dea_next.staging_memory_limit_mb:
description: "Memory limit in mb for staging tasks"
default: 1024
dea_next.staging_disk_limit_mb:
description: "Disk limit in mb for staging tasks"
default: 6144
cc.staging_file_descriptor_limit:
description: "File descriptor limit for staging tasks"
default: 16384
cc.renderer.max_results_per_page:
description: "Maximum number of results returned per page"
default: 100
cc.renderer.default_results_per_page:
description: "Default number of results returned per page if user does not specify"
default: 50
cc.renderer.max_inline_relations_depth:
description: "Maximum depth of inlined relationships in the result"
default: 2
cc.app_bits_upload_grace_period_in_seconds:
description: "Extra token expiry time while uploading big apps."
default: 1200
uaa.clients.cc_service_broker_client.secret:
description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
uaa.clients.cc_service_broker_client.scope:
description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
default: "openid,cloud_controller_service_permissions.read"
uaa.clients.cc-service-dashboards.secret:
description: "Used for generating SSO clients for service brokers."
uaa.clients.cc-service-dashboards.scope:
description: "Used to grant scope for SSO clients for service brokers"
default: "openid,cloud_controller_service_permissions.read"
cc.install_buildpacks:
description: "Set of buildpacks to install during deploy"
cc.security_group_definitions:
description: "Array of security groups that will be seeded into CloudController."
cc.default_running_security_groups:
description: "The default running security groups that will be seeded in CloudController."
cc.default_staging_security_groups:
description: "The default staging security groups that will be seeded in CloudController."
cc.thresholds.worker.alert_if_above_mb:
description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
default: 384
cc.thresholds.worker.restart_if_consistently_above_mb:
description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
default: 384
cc.thresholds.worker.restart_if_above_mb:
description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
default: 512
cc.instance_file_descriptor_limit:
description: "The file descriptors made available to each app instance"
default: 16384
cc.broker_client_default_async_poll_interval_seconds:
default: 60
description: "Specifies interval on which the CC will poll a service broker for asynchronous actions"
cc.broker_client_max_async_poll_duration_minutes:
default: 10080
description: "The max duration the CC will fetch service instance state from a service broker. Default is 1 week"
cc.reserved_private_domains:
description: "File location of a list of reserved private domains (for file format, see https://publicsuffix.org/)"
default: ~
cc.system_hostnames:
description: "List of hostnames for which routes cannot be created on the system domain."
default: [api,uaa,login,doppler,loggregator,hm9000]

diff --git a/jobs/cloud_controller_worker/spec b/jobs/cloud_controller_worker/spec
deleted file mode 100644
index 2d866f1..0000000
--- a/jobs/cloud_controller_worker/spec
+++ /dev/null
@@ -1,510 +0,0 @@
----
-name: cloud_controller_worker
-
-description: "Cloud Controller worker processes background tasks submitted via the."
-
-templates:
- cloud_controller_worker.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_worker_ctl.erb: bin/cloud_controller_worker_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.jobs.generic.number_of_workers:
- default: 1
- description: "Number of generic cloud_controller_worker workers"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.worker.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 512
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions"
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker. Default is 1 week"
diff --git a/jobs/cloud_controller_worker/spec b/jobs/cloud_controller_worker/spec
deleted file mode 100644
index 2d866f1..0000000
--- a/jobs/cloud_controller_worker/spec
+++ /dev/null
@@ -1,510 +0,0 @@
----
-name: cloud_controller_worker
-
-description: "Cloud Controller worker processes background tasks submitted via the."
-
-templates:
- cloud_controller_worker.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_worker_ctl.erb: bin/cloud_controller_worker_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.jobs.generic.number_of_workers:
- default: 1
- description: "Number of generic cloud_controller_worker workers"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.worker.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 512
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions"
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker. Default is 1 week"
diff --git a/jobs/cloud_controller_worker/spec b/jobs/cloud_controller_worker/spec
deleted file mode 100644
index 2d866f1..0000000
--- a/jobs/cloud_controller_worker/spec
+++ /dev/null
@@ -1,510 +0,0 @@
----
-name: cloud_controller_worker
-
-description: "Cloud Controller worker processes background tasks submitted via the."
-
-templates:
- cloud_controller_worker.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_worker_ctl.erb: bin/cloud_controller_worker_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.jobs.generic.number_of_workers:
- default: 1
- description: "Number of generic cloud_controller_worker workers"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.worker.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 512
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions"
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker. Default is 1 week"
diff --git a/jobs/cloud_controller_worker/spec b/jobs/cloud_controller_worker/spec
deleted file mode 100644
index 2d866f1..0000000
--- a/jobs/cloud_controller_worker/spec
+++ /dev/null
@@ -1,510 +0,0 @@
----
-name: cloud_controller_worker
-
-description: "Cloud Controller worker processes background tasks submitted via the."
-
-templates:
- cloud_controller_worker.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_worker_ctl.erb: bin/cloud_controller_worker_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.jobs.generic.number_of_workers:
- default: 1
- description: "Number of generic cloud_controller_worker workers"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.worker.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 512
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions"
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker. Default is 1 week"
diff --git a/jobs/cloud_controller_worker/spec b/jobs/cloud_controller_worker/spec
deleted file mode 100644
index 2d866f1..0000000
--- a/jobs/cloud_controller_worker/spec
+++ /dev/null
@@ -1,510 +0,0 @@
----
-name: cloud_controller_worker
-
-description: "Cloud Controller worker processes background tasks submitted via the."
-
-templates:
- cloud_controller_worker.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_worker_ctl.erb: bin/cloud_controller_worker_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.jobs.generic.number_of_workers:
- default: 1
- description: "Number of generic cloud_controller_worker workers"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.worker.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 512
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions"
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker. Default is 1 week"
diff --git a/jobs/cloud_controller_worker/spec b/jobs/cloud_controller_worker/spec
deleted file mode 100644
index 2d866f1..0000000
--- a/jobs/cloud_controller_worker/spec
+++ /dev/null
@@ -1,510 +0,0 @@
----
-name: cloud_controller_worker
-
-description: "Cloud Controller worker processes background tasks submitted via the."
-
-templates:
- cloud_controller_worker.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_worker_ctl.erb: bin/cloud_controller_worker_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.jobs.generic.number_of_workers:
- default: 1
- description: "Number of generic cloud_controller_worker workers"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.worker.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 512
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions"
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker. Default is 1 week"
diff --git a/jobs/cloud_controller_worker/spec b/jobs/cloud_controller_worker/spec
deleted file mode 100644
index 2d866f1..0000000
--- a/jobs/cloud_controller_worker/spec
+++ /dev/null
@@ -1,510 +0,0 @@
----
-name: cloud_controller_worker
-
-description: "Cloud Controller worker processes background tasks submitted via the."
-
-templates:
- cloud_controller_worker.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_worker_ctl.erb: bin/cloud_controller_worker_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.jobs.generic.number_of_workers:
- default: 1
- description: "Number of generic cloud_controller_worker workers"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.worker.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 512
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions"
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker. Default is 1 week"
diff --git a/jobs/cloud_controller_worker/spec b/jobs/cloud_controller_worker/spec
deleted file mode 100644
index 2d866f1..0000000
--- a/jobs/cloud_controller_worker/spec
+++ /dev/null
@@ -1,510 +0,0 @@
----
-name: cloud_controller_worker
-
-description: "Cloud Controller worker processes background tasks submitted via the."
-
-templates:
- cloud_controller_worker.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_worker_ctl.erb: bin/cloud_controller_worker_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.buildpacks.buildpack_directory_key:
- description: "Directory (bucket) used store buildpacks. It does not have be pre-created."
- default: "cc-buildpacks"
- cc.buildpacks.fog_connection:
- description: "Fog connection hash"
- cc.buildpacks.cdn.uri:
- description: "URI for a CDN to used for buildpack downloads"
- default: ""
- cc.buildpacks.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.buildpacks.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- ccdb.databases:
- description:
- ccdb.roles:
- description:
- ccdb.db_scheme:
- description:
- default: postgres
- ccdb.address:
- description:
- ccdb.port:
- description:
- ccdb.max_connections:
- default: 25
- description: "Maximum connections for Sequel"
- ccdb.pool_timeout:
- default: 10
- description:
-
- uaa.cc.token_secret:
- description:
- uaa.url:
- description:
- login.protocol:
- description: "http or https"
- default: "https"
- login.url:
- description:
- hm9000.url:
- description:
-
- uaa.jwt.verification_key:
- default: ""
- description: "ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA"
- login.enabled:
- default: true
- description: "whether use login as the authorization endpoint or not"
-
- metron_endpoint.host:
- description: "The host used to emit messages to the Metron agent"
- default: "127.0.0.1"
- metron_endpoint.port:
- description: "The port used to emit messages to the Metron agent"
- default: 3457
-
- logger_endpoint.use_ssl:
- description: "Whether to use ssl for logger endpoint listed at /v2/info"
- default: true
- logger_endpoint.port:
- description: "Port for logger endpoint listed at /v2/info"
- default: 443
-
- cc.db_encryption_key:
- default: ""
- description: "key for encrypting sensitive values in the CC database"
-
- cc.default_app_memory:
- default: 1024
- description: "How much memory given to an app if not specified"
- cc.default_app_disk_in_mb:
- default: 1024
- description: "The default disk space an app gets"
- cc.maximum_app_disk_in_mb:
- default: 2048
- description: "The maximum amount of disk a user can request"
- cc.users_can_select_backend:
- default: true
- description: "Allow non-admin users to switch their apps between DEA and Diego backends"
- cc.default_to_diego_backend:
- default: false
- description: "Use Diego backend by default for new apps"
- cc.allow_app_ssh_access:
- default: true
- description: "Allow users to change the value of the app-level allow_ssh attribute"
- cc.flapping_crash_count_threshold:
- default: 3
- description: "The threshold of crashes after which the app is marked as flapping"
- cc.client_max_body_size:
- default: "1536M"
- description: "Maximum body size for nginx"
-
- cc.disable_custom_buildpacks:
- default: false
- description: "Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)"
-
- cc.broker_client_timeout_seconds:
- default: 60
- description: "For requests to service brokers, this is the HTTP (open and read) timeout setting."
-
- cc.development_mode:
- default: false
- description: "Enable development features for monitoring and insight"
-
- cc.newrelic.license_key:
- default: ~
- description: "The api key for NewRelic"
- cc.newrelic.environment_name:
- default: "development"
- description: "The environment name used by NewRelic"
- cc.newrelic.developer_mode:
- default: false
- description: "Activate NewRelic developer mode"
- cc.newrelic.monitor_mode:
- default: false
- description: "Activate NewRelic monitor mode"
- cc.newrelic.log_file_path:
- default: "/var/vcap/sys/log/cloud_controller_ng/newrelic"
- description: "The location for NewRelic to log to"
- cc.newrelic.capture_params:
- default: false
- description: "Capture and send query params to NewRelic"
- cc.newrelic.transaction_tracer.enabled:
- default: false
- description: "Enable transaction tracing in NewRelic"
- cc.newrelic.transaction_tracer.record_sql:
- default: "off"
- description: "NewRelic's SQL statement recording mode: [off | obfuscated | raw]"
-
- cc.jobs.generic.number_of_workers:
- default: 1
- description: "Number of generic cloud_controller_worker workers"
-
- dea_next.staging_memory_limit_mb:
- description: "Memory limit in mb for staging tasks"
- default: 1024
- dea_next.staging_disk_limit_mb:
- description: "Disk limit in mb for staging tasks"
- default: 6144
- cc.staging_file_descriptor_limit:
- description: "File descriptor limit for staging tasks"
- default: 16384
-
- cc.renderer.max_results_per_page:
- description: "Maximum number of results returned per page"
- default: 100
- cc.renderer.default_results_per_page:
- description: "Default number of results returned per page if user does not specify"
- default: 50
- cc.renderer.max_inline_relations_depth:
- description: "Maximum depth of inlined relationships in the result"
- default: 2
- cc.app_bits_upload_grace_period_in_seconds:
- description: "Extra token expiry time while uploading big apps."
- default: 1200
-
- uaa.clients.cc_service_broker_client.secret:
- description: "(DEPRECATED) - Used for generating SSO clients for service brokers."
- uaa.clients.cc_service_broker_client.scope:
- description: "(DEPRECATED) - Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- uaa.clients.cc-service-dashboards.secret:
- description: "Used for generating SSO clients for service brokers."
- uaa.clients.cc-service-dashboards.scope:
- description: "Used to grant scope for SSO clients for service brokers"
- default: "openid,cloud_controller_service_permissions.read"
-
- cc.install_buildpacks:
- description: "Set of buildpacks to install during deploy"
-
- cc.security_group_definitions:
- description: "Array of security groups that will be seeded into CloudController."
- cc.default_running_security_groups:
- description: "The default running security groups that will be seeded in CloudController."
- cc.default_staging_security_groups:
- description: "The default staging security groups that will be seeded in CloudController."
-
- cc.thresholds.worker.alert_if_above_mb:
- description: "The cc will alert if memory remains above this threshold for 3 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_consistently_above_mb:
- description: "The cc will restart if memory remains above this threshold for 15 monit cycles"
- default: 384
- cc.thresholds.worker.restart_if_above_mb:
- description: "The cc will restart if memory remains above this threshold for 3 monit cycles"
- default: 512
-
- cc.instance_file_descriptor_limit:
- description: "The file descriptors made available to each app instance"
- default: 16384
-
- cc.broker_client_default_async_poll_interval_seconds:
- default: 60
- description: "Specifies interval on which the CC will poll a service broker for asynchronous actions"
-
- cc.broker_client_max_async_poll_duration_minutes:
- default: 10080
- description: "The max duration the CC will fetch service instance state from a service broker. Default is 1 week"
diff --git a/jobs/cloud_controller_worker/spec b/jobs/cloud_controller_worker/spec
deleted file mode 100644
index 2d866f1..0000000
--- a/jobs/cloud_controller_worker/spec
+++ /dev/null
@@ -1,510 +0,0 @@
----
-name: cloud_controller_worker
-
-description: "Cloud Controller worker processes background tasks submitted via the."
-
-templates:
- cloud_controller_worker.yml.erb: config/cloud_controller_ng.yml
- cloud_controller_worker_ctl.erb: bin/cloud_controller_worker_ctl
- handle_local_blobstore.sh.erb: bin/handle_local_blobstore.sh
- newrelic.yml.erb: config/newrelic.yml
- stacks.yml.erb: config/stacks.yml
- ruby_version.sh.erb: bin/ruby_version.sh
- console.erb: bin/console
- blobstore_waiter.sh.erb: bin/blobstore_waiter.sh
-
-packages:
- - common
- - cloud_controller_ng
- - nginx
- - nginx_newrelic_plugin
- - libpq
- - libmariadb
- - ruby-2.2.4
-
-properties:
- ssl.skip_cert_verify:
- description: "specifies that the job is allowed to skip ssl cert verification"
- default: false
-
- domain:
- description: "domain where cloud_controller will listen (api.domain) often the same as the system domain"
- system_domain:
- description: "Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen"
- system_domain_organization:
- description: "The User Org that owns the system_domain, required if system_domain is defined"
- default: ""
- app_domains:
- description: "Array of domains for user apps (example: 'user.app.space.foo', a user app called 'neat' will listen at 'http://neat.user.app.space.foo')"
-
- nats.user:
- description: "Username for cc client to connect to NATS"
- nats.password:
- description: "Password for cc client to connect to NATS"
- nats.port:
- description: "IP port of Cloud Foundry NATS server"
- nats.machines:
- description: "IP of each NATS cluster member."
-
- nfs_server.address:
- description: "NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)"
- nfs_server.share_path:
- description: "The location at which to mount the nfs share"
- default: "/var/vcap/nfs"
-
- request_timeout_in_seconds:
- description: "Timeout for requests in seconds."
- default: 900
-
- name:
- description: "'name' attribute in the /v2/info endpoint"
- default: ""
- build:
- description: "'build' attribute in the /v2/info endpoint"
- default: ""
- version:
- description: "'version' attribute in the /v2/info endpoint"
- default: 0
- support_address:
- description: "'support' attribute in the /v2/info endpoint"
- default: ""
- description:
- description: "'description' attribute in the /v2/info endpoint"
- default: ""
-
- cc.external_port:
- description: "External Cloud Controller port"
- default: 9022
-
- cc.jobs.global.timeout_in_seconds:
- description: "The longest any job can take before it is cancelled unless overriden per job"
- default: 14400 # 4 hours
- cc.jobs.app_bits_packer.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.app_usage_events_cleanup.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_delete.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.blobstore_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_deletion.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
- cc.jobs.droplet_upload.timeout_in_seconds:
- description: "The longest this job can take before it is cancelled"
-
- cc.app_events.cutoff_age_in_days:
- description: "How old an app event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.app_usage_events.cutoff_age_in_days:
- description: "How old an app usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.service_usage_events.cutoff_age_in_days:
- description: "How old a service usage event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.audit_events.cutoff_age_in_days:
- description: "How old an audit event should stay in cloud controller database before being cleaned up"
- default: 31
- cc.failed_jobs.cutoff_age_in_days:
- description: "How old a failed job should stay in cloud controller database before being cleaned up"
- default: 31
-
- cc.external_protocol:
- default: "https"
- description: "The protocol used to access the CC API from an external entity"
- cc.external_host:
- default: "api"
- description: "Host part of the cloud_controller api URI, will be joined with value of 'domain'"
- cc.cc_partition:
- default: "default"
- description: "Deprecated. Defines a 'partition' for the health_manager job"
-
- cc.bulk_api_user:
- default: "bulk_api"
- description: "User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
- cc.bulk_api_password:
- description: "Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS"
-
- cc.internal_api_user:
- default: "internal_user"
- description: "User name used by Diego to access internal endpoints"
- cc.internal_api_password:
- description: "Password used by Diego to access internal endpoints"
- cc.diego.nsync_url:
- default: http://nsync.service.cf.internal:8787
- description: "URL of the Diego nsync service"
- cc.diego.stager_url:
- default: http://stager.service.cf.internal:8888
- description: "URL of the Diego stager service"
- cc.diego.tps_url:
- default: http://tps.service.cf.internal:1518
- description: "URL of the Diego tps service"
-
- cc.uaa_resource_id:
- default: "cloud_controller,cloud_controller_service_permissions"
- description: "Name of service to register to UAA"
-
- cc.db_logging_level:
- default: "debug2"
- description: "Log level for cc database operations"
-
- cc.logging_level:
- default: "debug2"
- description: "Log level for cc"
- cc.logging_max_retries:
- default: 1
- description: "Passthru value for Steno logger"
-
- cc.staging_timeout_in_seconds:
- default: 900
- description: "Timeout for staging a droplet"
- cc.default_health_check_timeout:
- default: 60
- description: "Default health check timeout (in seconds) that can be set for the app"
- cc.maximum_health_check_timeout:
- default: 180
- description: "Maximum health check timeout (in seconds) that can be set for the app"
-
- cc.stacks:
- default:
- - name: "cflinuxfs2"
- description: "Cloud Foundry Linux-based filesystem"
- description: "Tag used by the DEA to describe capabilities (i.e. 'Windows7', 'python-linux'). DEA and CC must agree."
- cc.default_stack:
- default: "cflinuxfs2"
- description: "The default stack to use if no custom stack is specified by an app."
-
- cc.staging_upload_user:
- default: ""
- description: "User name used to access internal endpoints of Cloud Controller to upload files when staging"
- cc.staging_upload_password:
- default: ""
- description: "User's password used to access internal endpoints of Cloud Controller to upload files when staging"
-
- cc.quota_definitions:
- description: "Hash of default quota definitions. Overriden by custom quota definitions."
-
- cc.default_quota_definition:
- default: default
- description: "Local to use a local (NFS) file system. AWS to use AWS."
-
- cc.default_fog_connection.provider:
- description: "Local fog provider (should always be 'Local'), used if fog_connection hash is not provided in the manifest"
- default: "Local"
- cc.default_fog_connection.local_root:
- description: "Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)"
- default: "/var/vcap/nfs/shared"
-
- cc.resource_pool.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.resource_pool.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.resource_pool.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.resource_pool.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.resource_pool.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.resource_pool.minimum_size:
- description: "Minimum size of a resource to add to the pool"
- default: 65536
- cc.resource_pool.maximum_size:
- description: "Maximum size of a resource to add to the pool"
- default: 536870912
- cc.resource_pool.resource_directory_key:
- description: "Directory (bucket) used store app resources. It does not have be pre-created."
- default: "cc-resources"
- cc.resource_pool.fog_connection:
- description: "Fog connection hash"
- cc.resource_pool.cdn.uri:
- description: "URI for a CDN to used for resource pool downloads"
- default: ""
- cc.resource_pool.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.resource_pool.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.packages.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.packages.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.packages.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.packages.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.packages.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.packages.app_package_directory_key:
- description: "Directory (bucket) used store app packages. It does not have be pre-created."
- default: "cc-packages"
- cc.packages.max_package_size:
- description: "Maximum size of application package"
- default: 1073741824
- cc.packages.fog_connection:
- description: "Fog connection hash"
- cc.packages.cdn.uri:
- description: "URI for a CDN to used for app package downloads"
- default: ""
- cc.packages.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.packages.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.droplets.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.droplets.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.droplets.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.droplets.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.droplets.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.droplets.droplet_directory_key:
- description: "Directory (bucket) used store droplets. It does not have be pre-created."
- default: "cc-droplets"
- cc.droplets.fog_connection:
- description: "Fog connection hash"
- cc.droplets.cdn.uri:
- description: "URI for a CDN to used for droplet downloads"
- default: ""
- cc.droplets.cdn.private_key:
- description: "Private key for signing download URIs"
- default: ""
- cc.droplets.cdn.key_pair_id:
- description: "Key pair name for signed download URIs"
- default: ""
-
- cc.buildpacks.blobstore_type:
- description: "The type of blobstore backing to use. Valid values: ['fog', 'webdav']"
- default: "fog"
- cc.buildpacks.webdav_config.public_endpoint:
- description: "The location of the webdav server eg: https://blobstore.com"
- cc.buildpacks.webdav_config.private_endpoint:
- description: "The location of the webdav server eg: http://blobstore.internal"
- default: "http://blobstore.service.cf.internal"
- cc.buildpacks.webdav_config.username:
- description: "The basic auth user that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.password:
- description: "The basic auth password that CC uses to connect to the admin endpoint on webdav"
- cc.buildpacks.webdav_config.secret:
- description: "The secret used for generating signed URLs for webdav downloads"
- cc.b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment