Skip to content

Instantly share code, notes, and snippets.

@gowriln gowriln/cf-manifest-boshv2.yml Secret
Created Aug 22, 2017

Embed
What would you like to do?
---
director_uuid: 88673d95-187f-4a2d-adfa-cb8631f96af1
meta:
environment: CF-OpenstackIN
floating_static_ips:
- my-floating-Ip
networks:
- name: floating
type: vip
cloud_properties:
net_id: my-ext-net-id
security_groups: []
- name: cf1
type: manual
subnets:
- range: 172.10.0.0/24
gateway: 172.10.0.1
reserved:
- 172.10.0.16 - 172.10.0.100
- 172.10.0.200 - 172.10.0.254
dns:
- 8.8.8.8
static:
- 172.10.0.125 - 172.10.0.175
cloud_properties:
net_id: my-internal-netID
security_groups: ["bosh-TestCF","CF-TestCF"]
- name: cf2
type: manual
subnets: (( networks.cf1.subnets )) # cf2 unused by default with the OpenStack template
# but the general upstream templates require this
# to be a semi-valid value, so just copy cf1
properties:
system_domain: domain
system_domain_organization: domain.org
app_domains:
- domain
ssl:
skip_cert_verify: true
cc:
staging_upload_user: username
staging_upload_password: password
bulk_api_password: password
db_encryption_key: somestring
uaa_skip_ssl_validation: true
tls_port: CC_MUTUAL_TLS_PORT
mutual_tls:
ca_cert: |+
-----BEGIN CERTIFICATE-----
MIIFDTCCAvWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtjZi1k
-----END CERTIFICATE-----
public_cert: |+
-----BEGIN CERTIFICATE-----
MIIEQzCCAiugAwIBAgIQZOHgUs6U2jr3WEZn+MJq6TANBgkqhkiG9w0BAQsFADAW
..........
-----END CERTIFICATE-----
private_key: |+
-----BEGIN RSA PRIVATE KEY-----
.....
-----END RSA PRIVATE KEY-----
blobstore:
admin_users:
- username: blobstore-username
password: password
secure_link:
secret: password
tls:
cert: |+
-----BEGIN CERTIFICATE-----
............
-----END CERTIFICATE-----
private_key: |+
-----BEGIN RSA PRIVATE KEY-----
...............
-----END RSA PRIVATE KEY-----
ca_cert: |+
-----BEGIN CERTIFICATE-----
......................
-----END CERTIFICATE-----
consul:
encrypt_keys:
- somekey
ca_cert: |+
-----BEGIN CERTIFICATE-----
...........................
-----END CERTIFICATE-----
server_cert: |+
-----BEGIN CERTIFICATE-----
...........................
-----END CERTIFICATE-----
server_key: |+
-----BEGIN RSA PRIVATE KEY-----
................
-----END RSA PRIVATE KEY-----
agent_cert: |+
-----BEGIN CERTIFICATE-----
................
-----END CERTIFICATE-----
agent_key: |+
-----BEGIN RSA PRIVATE KEY-----
................
-----END RSA PRIVATE KEY-----
etcd:
require_ssl: true
ca_cert: |+
............
-----END CERTIFICATE-----
client_cert: |+
-----BEGIN CERTIFICATE-----
................
-----END CERTIFICATE-----
client_key: |+
-----BEGIN RSA PRIVATE KEY-----
..................
-----END RSA PRIVATE KEY-----
peer_ca_cert: |+
-----BEGIN CERTIFICATE-----
...........
-----END CERTIFICATE-----
peer_cert: |+
-----BEGIN CERTIFICATE-----
............
-----END CERTIFICATE-----
peer_key: |+
-----BEGIN RSA PRIVATE KEY-----
.........................
-----END RSA PRIVATE KEY-----
server_cert: |+
-----BEGIN CERTIFICATE-----
...........
-----END CERTIFICATE-----
server_key: |+
-----BEGIN RSA PRIVATE KEY-----
........
-----END RSA PRIVATE KEY-----
loggregator:
tls:
ca_cert: |+
-----BEGIN CERTIFICATE-----
........
-----END CERTIFICATE-----
doppler:
cert: |+
-----BEGIN CERTIFICATE-----
................
-----END CERTIFICATE-----
key: |+
-----BEGIN RSA PRIVATE KEY-----
..........
-----END RSA PRIVATE KEY-----
trafficcontroller:
cert: |+
-----BEGIN CERTIFICATE-----
..........
-----END CERTIFICATE-----
key: |+
-----BEGIN RSA PRIVATE KEY-----
.........
-----END RSA PRIVATE KEY-----
cc_trafficcontroller:
cert: |+
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
key: |+
-----BEGIN RSA PRIVATE KEY-----
.....
-----END RSA PRIVATE KEY-----
metron:
cert: |+
-----BEGIN CERTIFICATE-----
.........
-----END CERTIFICATE-----
key: |+
-----BEGIN RSA PRIVATE KEY-----
..........
-----END RSA PRIVATE KEY-----
syslogdrainbinder:
cert: |+
-----BEGIN CERTIFICATE-----
.......
-----END CERTIFICATE-----
key: |+
-----BEGIN RSA PRIVATE KEY-----
....
-----END RSA PRIVATE KEY-----
# statsd_injector:
# cert: LOGGREGATOR_STATSDINJECTOR_CERT
# key: LOGGREGATOR_STATSDINJECTOR_KEY
loggregator_endpoint:
shared_secret: 1VLrxioVpvr9VnokNgn02QDDgpxMg69e
login:
protocol: http
saml:
# serviceProviderCertificate: SERVICE_PROVIDER_CERTIFICATE
serviceProviderKey: |+
-----BEGIN PRIVATE KEY-----
.......
-----END PRIVATE KEY-----
nats:
user: NATS_USER
password: password
router:
status:
user: ROUTER_USER
password: password
uaa:
admin:
client_secret: password
ca_cert: |+
-----BEGIN CERTIFICATE-----
.........
-----END CERTIFICATE-----
cc:
client_secret: password
clients:
cc_routing:
secret: password
cloud_controller_username_lookup:
secret: password
doppler:
secret: password
gorouter:
secret: password
tcp_emitter:
secret: password
tcp_router:
secret: password
login:
secret: password
notifications:
secret: password
cc-service-dashboards:
secret: password
jwt:
verification_key: |+
-----BEGIN PUBLIC KEY-----
.........
-----END PUBLIC KEY-----
signing_key: |+
-----BEGIN RSA PRIVATE KEY-----
.........
-----END RSA PRIVATE KEY-----
scim:
users:
- name: admin
password: password
groups:
- scim.write
- scim.read
- openid
- cloud_controller.admin
- doppler.firehose
sslCertificate: |+
-----BEGIN CERTIFICATE-----
.....
-----END CERTIFICATE-----
sslPrivateKey: |+
-----BEGIN RSA PRIVATE KEY-----
....
-----END RSA PRIVATE KEY-----
ccdb:
roles:
- name: ccadmin
password: password
uaadb:
roles:
- name: uaaadmin
password: password
databases:
roles:
- name: ccadmin
password: password
- name: uaaadmin
password: password
- name: diego
password: password
jobs:
- name: ha_proxy_z1
networks:
- name: cf1
default:
- dns
- gateway
properties:
ha_proxy:
ssl_pem: |+
-----BEGIN CERTIFICATE-----
..
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
..
-----END RSA PRIVATE KEY-----
- name: api_z1
templates:
- name: consul_agent
release: cf
consumes: {consul_client: nil, consul_server: nil, consul_common: nil}
- name: java-buildpack
release: cf
- name: go-buildpack
release: cf
- name: binary-buildpack
release: cf
- name: nodejs-buildpack
release: cf
- name: ruby-buildpack
release: cf
- name: php-buildpack
release: cf
- name: python-buildpack
release: cf
- name: staticfile-buildpack
release: cf
- name: dotnet-core-buildpack
release: cf
- name: cloud_controller_ng
release: cf
consumes: {nats: nil}
- name: cloud_controller_clock
release: cf
consumes: {nats: nil}
- name: cloud_controller_worker
release: cf
consumes: {nats: nil}
- name: metron_agent
release: cf
- name: statsd_injector
release: cf
- name: route_registrar
release: cf
consumes: {nats: nil}
- name: api_worker_z1
instances: 0
- name: clock_z1
instances: 1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.