Skip to content

Instantly share code, notes, and snippets.

@keymon

keymon/README.md

Last active November 20, 2018 20:22
Show Gist options
  • Save keymon/c11e09d358f121663b35 to your computer and use it in GitHub Desktop.
Save keymon/c11e09d358f121663b35 to your computer and use it in GitHub Desktop.
Download ZIP
Proposal of how to track the cf-release/manifests
Raw
README.md

How to track cf-release/templates files

Different versions of Cloudfoundry can introduce changes in the architecture and requried properties for the manifests:

  • Add/remove/rename jobs, templates, packages
  • Add required configurations, settings
  • change syntax of configutations

The base templates that come with the cf-release/templates are the base example, and are always in sync with the recommended settings, as they are used internally by pivotal.

It is convenient to base your manifests on these templates to get any change when upgrading the versions.But this can be a really big challenge as you evolve and diverge in your architecture, as you need to override and change values that the devs from CloudFoundry did not foresee.

One solution to this is try to merge using spiff and hack around to override the desired values, but the logic and code can get really confusing.

Other idea is just implement your own manifests, and do not merge with upstream. In that case it is convenient to write a minimalist sample stub that can compile the manifest for different versions of cf-release so you can keep track of any change it may occur in a release, so you can change your manifests.

Content of this gist

This gist and describes implements the idea of tracking the cf-release, and includes:

  • a base basic-stub-aws.yml with the minimum required settings (at least for v218)
  • a script generate_manifest.sh which checkouts cf-release and generates the manifest

You only need to generate the manifests and run diff:

./generate_manifest.sh ~/workspace/cf-release-orig v215
./generate_manifest.sh ~/workspace/cf-release-orig v218

diff -Nur v215.yml v218.yml

How to maintain your own manifests

You can keep using spiff or other tool, but I would recommend:

  • Avoid crazy merges and override structures in multiple files.
  • Only allow override if it is required, for instance: terraform outputs, secrets, specific IaaS config, specific environment config...
  • split the files in a sensible way to improve readability: resource_pools.yml, jobs.yml, job_cc_properties.yml, etc.
  • But always track the upstream cf-release/manifest. It would be good not to diverge too much from them

Improvements

  • A better script, this is too simplistic
  • Better yaml diff
Raw
basic-stub-aws.yml
---
name: "cloudfoundry-reference-manifest"
director_uuid: BOSH_UUID
secrets:
vcap_password: 123abc_vcap_password
postgres_password: 123abc_postgres_password
ccadmin_password: 123abc_ccadmin_password
uuadmin_password: 123abc_uuadmin_password
staging_upload_user: staginguploaduser
staging_upload_password: 123abc_staging_upload_password
bulk_api_password: 123abc_bulk_api_password
cc_db_encryption_key: 123abc_cc_db_encryption_key
nats_user: natsuser
nats_password: 123abc_nats_password
router_ssl_cert: |
-----BEGIN CERTIFICATE-----
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END CERTIFICATE-----
router_ssl_key: |
-----BEGIN RSA PRIVATE KEY-----
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END RSA PRIVATE KEY-----
router_password: 123abc_router_password
uaa_admin_password: 123abc_uaa_admin_password
uaa_admin_client_secret: 123abc_uaa_admin_client_secret
uaa_batch_username: uaabatchusername
uaa_batch_password: 123abc_uaa_batch_password
uaa_cc_client_secret: 123abc_uaa_cc_client_secret
uaa_clients_app_direct_secret: 123abc_uaa_clients_app_direct_secret
uaa_clients_developer_console_secret: 123abc_uaa_clients_developer_console_secret
uaa_clients_login_secret: 123abc_uaa_clients_app_direct_secret
uaa_clients_notifications_secret: 123abc_uaa_clients_notifications_secret
uaa_clients_doppler_secret: 123abc_uaa_clients_doppler_secret
uaa_clients_cloud_controller_username_lookup_secret: 123abc_uaa_clients_cloud_controller_username_lookup_secret
uaa_clients_gorouter_secret: 123abc_uaa_clients_gorouter_secret
uaa_clients_firehose_password: 123abc_uaa_clients_firehose_password
uaa_jwt_signing_key: |
-----BEGIN RSA PRIVATE KEY-----
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END RSA PRIVATE KEY-----
uaa_jwt_verification_key: |
-----BEGIN PUBLIC KEY-----
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END PUBLIC KEY-----
loggregator_endpoint_shared_secret: 123abc_loggregator_endpoint_shared_secret
secret_access_key: abc123_secret_access_key
access_key_id: 123abc_access_key_id
meta:
environment: "reference"
zones:
z1: "__stub__eu-west-1a"
z2: "__stub__eu-west-1b"
fog_config:
region: "__stub__eu-west"
default_env:
bosh:
password: (( secrets.vcap_password ))
update:
serial: false # makes every job deploy at the same time.
networks:
- name: cf1
subnets:
- range: 10.0.10.0/24
gateway: 10.0.10.1
dns: [10.0.0.2]
reserved:
- 10.0.10.2 - 10.0.10.9
static:
- 10.0.10.10 - 10.0.10.40
cloud_properties:
subnet: __stub__subnetid1
- name: cf2
subnets:
- range: 10.0.11.0/24
gateway: 10.0.11.1
dns: [10.0.0.2]
reserved:
- 10.0.11.2 - 10.0.11.9
static:
- 10.0.11.10 - 10.0.11.40
cloud_properties:
subnet: __stub__subnetid1
resource_pools:
- name: router_z1
cloud_properties:
elbs:
- __stub__router_elb_name
- name: router_z2
cloud_properties:
elbs:
- __stub__router_elb_name
properties:
domain: "__stub__reference.cf.paas.alphagov.co.uk"
collector:
graphite:
address: 10.0.10.40
cc:
droplets:
droplet_directory_key: "__stub__reference-cf-droplets"
buildpacks:
buildpack_directory_key: "__stub__reference-cf-buildpacks"
resource_pool:
resource_directory_key: "__stub__reference-cf-resources"
packages:
app_package_directory_key: "__stub__reference-cf-packages"
template_only:
aws:
access_key_id: (( secrets.access_key_id ))
secret_access_key: (( secrets.secret_access_key ))
availability_zone: "__stub__eu-west-1a"
availability_zone2: "__stub__eu-west-1b"
dea_next:
disk_mb: 10240
memory_mb: 4096
cc:
staging_upload_user: (( secrets.staging_upload_user ))
staging_upload_password: (( secrets.staging_upload_password ))
bulk_api_password: (( secrets.bulk_api_password ))
db_encryption_key: (( secrets.cc_db_encryption_key ))
min_cli_version: '6.1.0'
min_recommended_cli_version: '6.10.0'
nats:
user: (( secrets.nats_user ))
password: (( secrets.nats_password ))
router:
enable_ssl: true
ssl_cert: (( secrets.router_ssl_cert ))
ssl_key: (( secrets.router_ssl_key ))
cipher_suites: TLS_RSA_WITH_RC4_128_SHA:TLS_RSA_WITH_AES_128_CBC_SHA
status:
user: router_user
password: (( secrets.router_password ))
uaa:
admin:
client_secret: (( secrets.uaa_admin_client_secret ))
batch:
username: (( secrets.uaa_batch_username ))
password: (( secrets.uaa_batch_password ))
cc:
client_secret: (( secrets.uaa_cc_client_secret ))
clients:
app-direct:
secret: (( secrets.uaa_clients_app_direct_secret ))
developer_console:
secret: (( secrets.uaa_clients_developer_console_secret ))
login:
secret: (( secrets.uaa_clients_login_secret ))
notifications:
secret: (( secrets.uaa_clients_notifications_secret ))
doppler:
secret: (( secrets.uaa_clients_doppler_secret ))
cloud_controller_username_lookup:
secret: (( secrets.uaa_clients_cloud_controller_username_lookup_secret ))
gorouter:
secret: (( secrets.uaa_clients_gorouter_secret ))
jwt:
signing_key: (( secrets.uaa_jwt_signing_key ))
verification_key: (( secrets.uaa_jwt_verification_key ))
scim:
users:
- (( "admin|" secrets.uaa_admin_password "|scim.write,scim.read,openid,cloud_controller.admin,doppler.firehose" ))
login:
links:
network: https://network.gopivotal.com/login
signup-network: https://network.gopivotal.com/registrations/new
smtp:
host: localhost
port: 2525
loggregator_endpoint:
shared_secret: (( secrets.loggregator_endpoint_shared_secret ))
ccdb:
db_scheme: postgres
address: (( properties.databases.address ))
port: (( properties.databases.port ))
roles:
- tag: admin
name: ccadmin
password: (( secrets.ccadmin_password ))
databases:
- tag: cc
name: ccdb
citext: true
uaadb:
db_scheme: postgresql
address: (( properties.databases.address ))
port: (( properties.databases.port ))
roles:
- tag: admin
name: uaaadmin
password: (( secrets.uuadmin_password ))
databases:
- tag: uaa
name: uaadb
citext: true
databases:
db_scheme: postgres
address: "__stub__.db.example.com"
port: 5524
roles:
- tag: admin
name: ccadmin
password: (( secrets.ccadmin_password ))
- tag: admin
name: uaaadmin
password: (( secrets.uuadmin_password ))
databases:
- tag: cc
name: ccdb
citext: true
- tag: uaa
name: uaadb
citext: true
Raw
generate_manifest.sh
#!/bin/sh
SCRIPT_PATH=$(cd $(dirname $0); pwd)
CF_RELEASE_PATH=$1
VERSION=$2
cd $CF_RELEASE_PATH
git checkout $VERSION
if [ -f scripts/generate_deployment_manifest ]; then
generate_script=scripts/generate_deployment_manifest
else
generate_script=./generate_deployment_manifest
fi
$generate_script aws $SCRIPT_PATH/basic-stub-aws.yml > $SCRIPT_PATH/${VERSION}.yml
Raw
v215.yml
compilation:
cloud_properties:
availability_zone: __stub__eu-west-1a
instance_type: c3.large
network: cf1
reuse_compilation_vms: true
workers: 6
director_uuid: BOSH_UUID
jobs:
- instances: 0
name: consul_z1
networks:
- name: cf1
static_ips: []
persistent_disk: 1024
properties:
consul:
agent:
mode: server
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: consul_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
serial: true
- instances: 0
name: consul_z2
networks:
- name: cf2
static_ips: []
persistent_disk: 1024
properties:
consul:
agent:
mode: server
metron_agent:
zone: z2
resource_pool: medium_z2
templates:
- name: consul_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
serial: true
- default_networks:
- name: cf1
static_ips: null
instances: 0
name: ha_proxy_z1
networks:
- name: cf1
static_ips: null
properties:
ha_proxy:
disable_http: false
ssl_ciphers: null
ssl_pem: null
metron_agent:
zone: z1
networks:
apps: cf1
router:
servers:
z1:
- 10.0.10.15
z2:
- 10.0.11.15
resource_pool: router_z1
templates:
- name: haproxy
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
update: {}
- instances: 1
name: nats_z1
networks:
- name: cf1
static_ips:
- 10.0.10.11
properties:
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: medium_z1
templates:
- name: nats
release: cf
- name: nats_stream_forwarder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: nats_z2
networks:
- name: cf2
static_ips:
- 10.0.11.11
properties:
metron_agent:
zone: z2
networks:
apps: cf2
resource_pool: medium_z2
templates:
- name: nats
release: cf
- name: nats_stream_forwarder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 2
name: etcd_z1
networks:
- name: cf1
static_ips:
- 10.0.10.20
- 10.0.10.35
persistent_disk: 10024
properties:
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: medium_z1
templates:
- name: etcd
release: cf
- name: etcd_metrics_server
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 1
name: etcd_z2
networks:
- name: cf2
static_ips:
- 10.0.11.19
persistent_disk: 10024
properties:
metron_agent:
zone: z2
networks:
apps: cf2
resource_pool: medium_z2
templates:
- name: etcd
release: cf
- name: etcd_metrics_server
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 1
name: stats_z1
networks:
- name: cf1
properties:
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: small_z1
templates:
- name: collector
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 0
name: nfs_z1
networks:
- name: cf1
static_ips: null
persistent_disk: 102400
properties:
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: medium_z1
templates:
- name: debian_nfs_server
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 0
name: postgres_z1
networks:
- name: cf1
static_ips: null
persistent_disk: 4096
properties:
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: medium_z1
templates:
- name: postgres
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: uaa_z1
networks:
- name: cf1
properties:
consul:
agent:
services:
uaa: {}
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: medium_z1
templates:
- name: uaa
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
update: {}
- instances: 1
name: uaa_z2
networks:
- name: cf2
properties:
consul:
agent:
services:
uaa: {}
metron_agent:
zone: z2
networks:
apps: cf2
resource_pool: medium_z2
templates:
- name: uaa
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
update: {}
- instances: 1
name: api_z1
networks:
- name: cf1
persistent_disk: 0
properties:
consul:
agent:
services:
cloud_controller_ng: {}
routing-api: {}
metron_agent:
zone: z1
networks:
apps: cf1
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
resource_pool: large_z1
templates:
- name: cloud_controller_ng
release: cf
- name: routing-api
release: cf
- name: metron_agent
release: cf
- name: statsd-injector
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
update: {}
- instances: 1
name: api_z2
networks:
- name: cf2
persistent_disk: 0
properties:
consul:
agent:
services:
cloud_controller_ng: {}
routing-api: {}
metron_agent:
zone: z2
networks:
apps: cf2
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
resource_pool: large_z2
templates:
- name: cloud_controller_ng
release: cf
- name: routing-api
release: cf
- name: metron_agent
release: cf
- name: statsd-injector
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
update: {}
- instances: 1
name: clock_global
networks:
- name: cf1
persistent_disk: 0
properties:
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: medium_z1
templates:
- name: cloud_controller_clock
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: api_worker_z1
networks:
- name: cf1
persistent_disk: 0
properties:
metron_agent:
zone: z1
networks:
apps: cf1
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
resource_pool: small_z1
templates:
- name: cloud_controller_worker
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
update: {}
- instances: 1
name: api_worker_z2
networks:
- name: cf2
persistent_disk: 0
properties:
metron_agent:
zone: z2
networks:
apps: cf2
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
resource_pool: small_z2
templates:
- name: cloud_controller_worker
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
update: {}
- instances: 1
name: hm9000_z1
networks:
- name: cf1
properties:
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: medium_z1
templates:
- name: hm9000
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: hm9000_z2
networks:
- name: cf2
properties:
metron_agent:
zone: z2
networks:
apps: cf2
resource_pool: medium_z2
templates:
- name: hm9000
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: runner_z1
networks:
- name: cf1
static_ips: null
properties:
dea_next:
zone: z1
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: runner_z1
templates:
- name: dea_next
release: cf
- name: dea_logging_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 1
name: runner_z2
networks:
- name: cf2
static_ips: null
properties:
dea_next:
zone: z2
metron_agent:
zone: z2
networks:
apps: cf2
resource_pool: runner_z2
templates:
- name: dea_next
release: cf
- name: dea_logging_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 0
name: loggregator_z1
networks:
- name: cf1
properties:
doppler:
zone: z1
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: medium_z1
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 0
name: loggregator_z2
networks:
- name: cf2
properties:
doppler:
zone: z2
metron_agent:
zone: z2
networks:
apps: cf2
resource_pool: medium_z2
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: doppler_z1
networks:
- name: cf1
properties:
doppler:
zone: z1
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: medium_z1
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: doppler_z2
networks:
- name: cf2
properties:
doppler:
zone: z2
metron_agent:
zone: z2
networks:
apps: cf2
resource_pool: medium_z2
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: loggregator_trafficcontroller_z1
networks:
- name: cf1
properties:
metron_agent:
zone: z1
networks:
apps: cf1
route_registrar:
routes:
- name: doppler
port: 8081
uris:
- doppler.__stub__reference.cf.paas.alphagov.co.uk
- name: loggregator
port: 8080
uris:
- loggregator.__stub__reference.cf.paas.alphagov.co.uk
traffic_controller:
zone: z1
resource_pool: small_z1
templates:
- name: loggregator_trafficcontroller
release: cf
- name: metron_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: loggregator_trafficcontroller_z2
networks:
- name: cf2
properties:
metron_agent:
zone: z2
networks:
apps: cf2
route_registrar:
routes:
- name: doppler
port: 8081
uris:
- doppler.__stub__reference.cf.paas.alphagov.co.uk
- name: loggregator
port: 8080
uris:
- loggregator.__stub__reference.cf.paas.alphagov.co.uk
traffic_controller:
zone: z2
resource_pool: small_z2
templates:
- name: loggregator_trafficcontroller
release: cf
- name: metron_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: router_z1
networks:
- name: cf1
static_ips:
- 10.0.10.15
properties:
consul:
agent:
services:
gorouter: {}
metron_agent:
zone: z1
networks:
apps: cf1
resource_pool: router_z1
templates:
- name: gorouter
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
update: {}
- instances: 1
name: router_z2
networks:
- name: cf2
static_ips:
- 10.0.11.15
properties:
consul:
agent:
services:
gorouter: {}
metron_agent:
zone: z2
networks:
apps: cf2
resource_pool: router_z2
templates:
- name: gorouter
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
update: {}
- instances: 1
lifecycle: errand
name: acceptance_tests
networks:
- name: cf1
resource_pool: small_errand
templates:
- name: acceptance-tests
release: cf
- instances: 1
lifecycle: errand
name: smoke_tests
networks:
- name: cf1
properties:
networks:
apps: cf1
resource_pool: small_errand
templates:
- name: smoke-tests
release: cf
meta:
environment: reference
releases:
- name: cf
version: latest
name: cloudfoundry-reference-manifest
networks:
- name: cf1
subnets:
- cloud_properties:
subnet: __stub__subnetid1
dns:
- 10.0.0.2
gateway: 10.0.10.1
range: 10.0.10.0/24
reserved:
- 10.0.10.2 - 10.0.10.9
static:
- 10.0.10.10 - 10.0.10.40
- name: cf2
subnets:
- cloud_properties:
subnet: __stub__subnetid1
dns:
- 10.0.0.2
gateway: 10.0.11.1
range: 10.0.11.0/24
reserved:
- 10.0.11.2 - 10.0.11.9
static:
- 10.0.11.10 - 10.0.11.40
properties:
acceptance_tests: null
app_domains:
- __stub__reference.cf.paas.alphagov.co.uk
app_ssh: null
cc:
allow_app_ssh_access: true
allowed_cors_domains: []
app_events:
cutoff_age_in_days: 31
app_usage_events:
cutoff_age_in_days: 31
audit_events:
cutoff_age_in_days: 31
broker_client_default_async_poll_interval_seconds: 60
broker_client_max_async_poll_duration_minutes: 10080
broker_client_timeout_seconds: 70
buildpacks:
buildpack_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-buildpacks
cdn: null
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
bulk_api_password: 123abc_bulk_api_password
client_max_body_size: 15M
db_encryption_key: 123abc_cc_db_encryption_key
db_logging_level: debug2
default_app_disk_in_mb: 1024
default_app_memory: 1024
default_buildpacks:
- name: staticfile_buildpack
package: buildpack_staticfile
- name: java_buildpack
package: buildpack_java
- name: ruby_buildpack
package: buildpack_ruby
- name: nodejs_buildpack
package: buildpack_nodejs
- name: go_buildpack
package: buildpack_go
- name: python_buildpack
package: buildpack_python
- name: php_buildpack
package: buildpack_php
- name: binary_buildpack
package: buildpack_binary
default_health_check_timeout: 60
default_quota_definition: default
default_running_security_groups:
- public_networks
- dns
default_staging_security_groups:
- public_networks
- dns
default_to_diego_backend: false
development_mode: false
directories: null
disable_custom_buildpacks: false
droplets:
cdn: null
droplet_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-droplets
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
external_host: api
external_protocol: http
install_buildpacks:
- name: staticfile_buildpack
package: buildpack_staticfile
- name: java_buildpack
package: buildpack_java
- name: ruby_buildpack
package: buildpack_ruby
- name: nodejs_buildpack
package: buildpack_nodejs
- name: go_buildpack
package: buildpack_go
- name: python_buildpack
package: buildpack_python
- name: php_buildpack
package: buildpack_php
- name: binary_buildpack
package: buildpack_binary
internal_api_password: 123abc_bulk_api_password
internal_api_user: internal_user
jobs:
app_bits_packer:
timeout_in_seconds: null
app_events_cleanup:
timeout_in_seconds: null
app_usage_events_cleanup:
timeout_in_seconds: null
blobstore_delete:
timeout_in_seconds: null
blobstore_upload:
timeout_in_seconds: null
droplet_deletion:
timeout_in_seconds: null
droplet_upload:
timeout_in_seconds: null
generic:
number_of_workers: null
global:
timeout_in_seconds: 14400
model_deletion:
timeout_in_seconds: null
logging_level: debug2
maximum_app_disk_in_mb: 2048
maximum_health_check_timeout: 180
min_cli_version: 6.1.0
min_recommended_cli_version: 6.10.0
newrelic:
capture_params: false
developer_mode: false
environment_name: reference
license_key: null
monitor_mode: false
transaction_tracer:
enabled: true
record_sql: obfuscated
packages:
app_package_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-packages
cdn: null
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
max_package_size: 1073741824
quota_definitions:
default:
memory_limit: 10240
non_basic_services_allowed: true
total_routes: 1000
total_services: 100
resource_pool:
cdn: null
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
resource_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-resources
security_group_definitions:
- name: public_networks
rules:
- destination: 0.0.0.0-9.255.255.255
protocol: all
- destination: 11.0.0.0-169.253.255.255
protocol: all
- destination: 169.255.0.0-172.15.255.255
protocol: all
- destination: 172.32.0.0-192.167.255.255
protocol: all
- destination: 192.169.0.0-255.255.255.255
protocol: all
- name: dns
rules:
- destination: 0.0.0.0/0
ports: "53"
protocol: tcp
- destination: 0.0.0.0/0
ports: "53"
protocol: udp
srv_api_uri: https://api.__stub__reference.cf.paas.alphagov.co.uk
stacks: null
staging_upload_password: 123abc_staging_upload_password
staging_upload_user: staginguploaduser
system_buildpacks:
- name: staticfile_buildpack
package: buildpack_staticfile
- name: java_buildpack
package: buildpack_java
- name: ruby_buildpack
package: buildpack_ruby
- name: nodejs_buildpack
package: buildpack_nodejs
- name: go_buildpack
package: buildpack_go
- name: python_buildpack
package: buildpack_python
- name: php_buildpack
package: buildpack_php
- name: binary_buildpack
package: buildpack_binary
thresholds:
api:
alert_if_above_mb: null
restart_if_above_mb: null
restart_if_consistently_above_mb: null
worker:
alert_if_above_mb: null
restart_if_above_mb: null
restart_if_consistently_above_mb: null
user_buildpacks: []
users_can_select_backend: true
ccdb:
address: __stub__.db.example.com
databases:
- citext: true
name: ccdb
tag: cc
db_scheme: postgres
port: 5524
roles:
- name: ccadmin
password: 123abc_ccadmin_password
tag: admin
collector:
graphite:
address: 10.0.10.40
consul:
agent:
log_level: null
servers:
lan: []
databases:
address: __stub__.db.example.com
databases:
- citext: true
name: ccdb
tag: cc
- citext: true
name: uaadb
tag: uaa
db_scheme: postgres
port: 5524
roles:
- name: ccadmin
password: 123abc_ccadmin_password
tag: admin
- name: uaaadmin
password: 123abc_uuadmin_password
tag: admin
dea_next:
advertise_interval_in_seconds: 5
allow_host_access: null
allow_networks:
- 10.10.0.2/32
default_health_check_timeout: 60
deny_networks:
- 169.254.0.0/16
- 10.10.0.0/16
directory_server_protocol: https
disk_mb: 10240
disk_overcommit_factor: 2
evacuation_bail_out_time_in_seconds: 600
heartbeat_interval_in_seconds: 10
instance_disk_inode_limit: 200000
kernel_network_tuning_enabled: true
logging_level: debug
memory_mb: 4096
memory_overcommit_factor: 3
rlimit_core: 0
staging_disk_inode_limit: 200000
staging_disk_limit_mb: 6144
staging_memory_limit_mb: 1024
description: Cloud Foundry sponsored by Pivotal
disk_quota_enabled: true
domain: __stub__reference.cf.paas.alphagov.co.uk
doppler:
blacklisted_syslog_ranges: null
debug: false
enable_tls_transport: null
maxRetainedLogMessages: 100
port: 4443
tls_listener:
cert: null
key: null
port: null
unmarshaller_count: 5
doppler_endpoint:
shared_secret: 123abc_loggregator_endpoint_shared_secret
dropsonde:
enabled: true
etcd:
ca_cert: null
client_cert: null
client_key: null
cluster: null
machines:
- 10.0.10.20
- 10.0.10.35
- 10.0.11.19
peer_require_ssl: null
require_ssl: null
server_cert: null
server_key: null
etcd_metrics_server:
nats:
machines:
- 10.0.10.11
- 10.0.11.11
password: 123abc_nats_password
username: natsuser
hm9000:
url: https://hm9000.__stub__reference.cf.paas.alphagov.co.uk
logger_endpoint:
port: 4443
loggregator:
blacklisted_syslog_ranges:
- end: 10.10.255.255
start: 10.10.0.0
debug: false
etcd: (( merge || ~ ))
maxRetainedLogMessages: 100
outgoing_dropsonde_port: 8081
loggregator_endpoint:
shared_secret: 123abc_loggregator_endpoint_shared_secret
login:
analytics:
code: null
domain: null
asset_base_url: null
brand: oss
catalina_opts: null
enabled: true
invitations_enabled: null
links:
home: https://console.__stub__reference.cf.paas.alphagov.co.uk
network: https://network.gopivotal.com/login
passwd: https://console.__stub__reference.cf.paas.alphagov.co.uk/password_resets/new
signup: https://console.__stub__reference.cf.paas.alphagov.co.uk/register
signup-network: https://network.gopivotal.com/registrations/new
logout: null
messages: null
notifications:
url: null
protocol: https
restricted_ips_regex: 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
saml: null
self_service_links_enabled: null
signups_enabled: null
smtp:
host: localhost
password: null
port: 2525
user: null
spring_profiles: null
tiles: null
uaa_base: null
uaa_certificate: null
url: null
metron_agent:
deployment: reference
metron_endpoint:
shared_secret: 123abc_loggregator_endpoint_shared_secret
nats:
address: 10.0.10.11
debug: false
machines:
- 10.0.10.11
- 10.0.11.11
monitor_port: 0
password: 123abc_nats_password
port: 4222
prof_port: 0
trace: false
user: natsuser
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
request_timeout_in_seconds: 900
router:
cipher_suites: TLS_RSA_WITH_RC4_128_SHA:TLS_RSA_WITH_AES_128_CBC_SHA
enable_ssl: true
requested_route_registration_interval_in_seconds: null
route_service_secret: null
route_service_timeout: null
secure_cookies: null
ssl_cert: |+
-----BEGIN CERTIFICATE-----
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END CERTIFICATE-----
ssl_key: |+
-----BEGIN RSA PRIVATE KEY-----
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END RSA PRIVATE KEY-----
ssl_skip_validation: null
status:
password: 123abc_router_password
user: router_user
smoke_tests: null
ssl:
skip_cert_verify: false
support_address: http://support.cloudfoundry.com
syslog_daemon_config: null
system_domain: __stub__reference.cf.paas.alphagov.co.uk
system_domain_organization: null
template_only:
aws:
access_key_id: 123abc_access_key_id
availability_zone: __stub__eu-west-1a
availability_zone2: __stub__eu-west-1b
secret_access_key: abc123_secret_access_key
traffic_controller:
outgoing_port: 8080
uaa:
admin:
client_secret: 123abc_uaa_admin_client_secret
authentication:
policy:
countFailuresWithinSeconds: null
lockoutAfterFailures: null
lockoutPeriodSeconds: null
batch:
password: 123abc_uaa_batch_password
username: uaabatchusername
catalina_opts: -Xmx768m -XX:MaxPermSize=256m
cc:
client_secret: 123abc_uaa_cc_client_secret
clients:
app-direct:
secret: 123abc_uaa_clients_app_direct_secret
cloud_controller_username_lookup:
authorities: scim.userids
authorized-grant-types: client_credentials
secret: 123abc_uaa_clients_cloud_controller_username_lookup_secret
developer_console:
secret: 123abc_uaa_clients_developer_console_secret
doppler:
authorities: uaa.resource
override: true
secret: 123abc_uaa_clients_doppler_secret
gorouter:
authorities: clients.read,clients.write,clients.admin,route.admin,route.advertise
authorized-grant-types: client_credentials,refresh_token
scope: openid,cloud_controller_service_permissions.read
secret: 123abc_uaa_clients_gorouter_secret
login:
authorities: oauth.login,scim.write,clients.read,notifications.write,critical_notifications.write,emails.write,scim.userids,password.write
authorized-grant-types: authorization_code,client_credentials,refresh_token
override: true
redirect-uri: https://login.__stub__reference.cf.paas.alphagov.co.uk
scope: openid,oauth.approvals
secret: 123abc_uaa_clients_app_direct_secret
notifications:
authorities: cloud_controller.admin,scim.read
authorized-grant-types: client_credentials
secret: 123abc_uaa_clients_notifications_secret
database: null
issuer: https://uaa.__stub__reference.cf.paas.alphagov.co.uk
jwt:
signing_key: |+
-----BEGIN RSA PRIVATE KEY-----
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END RSA PRIVATE KEY-----
verification_key: |+
-----BEGIN PUBLIC KEY-----
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END PUBLIC KEY-----
ldap: null
login: null
newrelic: null
no_ssl: false
restricted_ips_regex: 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
scim:
external_groups: null
userids_enabled: true
users:
- admin|123abc_uaa_admin_password|scim.write,scim.read,openid,cloud_controller.admin,doppler.firehose
spring_profiles: null
url: https://uaa.__stub__reference.cf.paas.alphagov.co.uk
user: null
zones: null
uaadb:
address: __stub__.db.example.com
databases:
- citext: true
name: uaadb
tag: uaa
db_scheme: postgresql
port: 5524
roles:
- name: uaaadmin
password: 123abc_uuadmin_password
tag: admin
releases:
- name: cf
version: latest
resource_pools:
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: small_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: small_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: medium_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: medium_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 65536
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: large_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 65536
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: large_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 102400
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: runner_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 102400
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: runner_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
elbs:
- __stub__router_elb_name
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: router_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
elbs:
- __stub__router_elb_name
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: router_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: small_errand
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
instance_type: c3.xlarge
env:
bosh:
password: 123abc_vcap_password
name: xlarge_errand
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
update:
canaries: 1
canary_watch_time: 30000-600000
max_in_flight: 1
serial: false
update_watch_time: 5000-600000
Raw
v218.yml
compilation:
cloud_properties:
availability_zone: __stub__eu-west-1a
instance_type: c3.large
network: cf1
reuse_compilation_vms: true
workers: 6
director_uuid: BOSH_UUID
jobs:
- instances: 2
name: consul_z1
networks:
- name: cf1
static_ips:
- 10.0.10.37
- 10.0.10.38
persistent_disk: 1024
properties:
consul:
agent:
mode: server
metron_agent:
zone: z1
resource_pool: small_z1
templates:
- name: consul_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
serial: true
- instances: 1
name: consul_z2
networks:
- name: cf2
static_ips:
- 10.0.11.37
persistent_disk: 1024
properties:
consul:
agent:
mode: server
metron_agent:
zone: z2
resource_pool: small_z2
templates:
- name: consul_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
serial: true
- default_networks:
- name: cf1
static_ips: null
instances: 0
name: ha_proxy_z1
networks:
- name: cf1
static_ips: null
properties:
ha_proxy: null
metron_agent:
zone: z1
router:
servers:
z1:
- 10.0.10.15
z2:
- 10.0.11.15
resource_pool: router_z1
templates:
- name: haproxy
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
update: {}
- instances: 1
name: nats_z1
networks:
- name: cf1
static_ips:
- 10.0.10.11
properties:
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: nats
release: cf
- name: nats_stream_forwarder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: nats_z2
networks:
- name: cf2
static_ips:
- 10.0.11.11
properties:
metron_agent:
zone: z2
resource_pool: medium_z2
templates:
- name: nats
release: cf
- name: nats_stream_forwarder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 2
name: etcd_z1
networks:
- name: cf1
static_ips:
- 10.0.10.20
- 10.0.10.35
persistent_disk: 10024
properties:
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: etcd
release: cf
- name: etcd_metrics_server
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 1
name: etcd_z2
networks:
- name: cf2
static_ips:
- 10.0.11.19
persistent_disk: 10024
properties:
metron_agent:
zone: z2
resource_pool: medium_z2
templates:
- name: etcd
release: cf
- name: etcd_metrics_server
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 1
name: stats_z1
networks:
- name: cf1
properties:
metron_agent:
zone: z1
resource_pool: small_z1
templates:
- name: collector
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 0
name: nfs_z1
networks:
- name: cf1
static_ips: null
persistent_disk: 102400
properties:
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: debian_nfs_server
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 0
name: postgres_z1
networks:
- name: cf1
static_ips: null
persistent_disk: 4096
properties:
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: postgres
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: uaa_z1
networks:
- name: cf1
properties:
consul:
agent:
services:
uaa: {}
metron_agent:
zone: z1
route_registrar:
routes:
- name: uaa
port: 8080
uris:
- uaa.__stub__reference.cf.paas.alphagov.co.uk
- '*.uaa.__stub__reference.cf.paas.alphagov.co.uk'
- login.__stub__reference.cf.paas.alphagov.co.uk
- '*.login.__stub__reference.cf.paas.alphagov.co.uk'
router:
servers:
z1:
- 10.0.10.15
z2:
- 10.0.11.15
resource_pool: medium_z1
templates:
- name: uaa
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: uaa_z2
networks:
- name: cf2
properties:
consul:
agent:
services:
uaa: {}
metron_agent:
zone: z2
route_registrar:
routes:
- name: uaa
port: 8080
uris:
- uaa.__stub__reference.cf.paas.alphagov.co.uk
- '*.uaa.__stub__reference.cf.paas.alphagov.co.uk'
- login.__stub__reference.cf.paas.alphagov.co.uk
- '*.login.__stub__reference.cf.paas.alphagov.co.uk'
router:
servers:
z1:
- 10.0.10.15
z2:
- 10.0.11.15
resource_pool: medium_z2
templates:
- name: uaa
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: api_z1
networks:
- name: cf1
persistent_disk: 0
properties:
consul:
agent:
services:
cloud_controller_ng: {}
routing-api: {}
metron_agent:
zone: z1
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
route_registrar:
routes:
- name: api
port: 9022
uris:
- api.__stub__reference.cf.paas.alphagov.co.uk
resource_pool: large_z1
templates:
- name: cloud_controller_ng
release: cf
- name: routing-api
release: cf
- name: metron_agent
release: cf
- name: statsd-injector
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: api_z2
networks:
- name: cf2
persistent_disk: 0
properties:
consul:
agent:
services:
cloud_controller_ng: {}
routing-api: {}
metron_agent:
zone: z2
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
route_registrar:
routes:
- name: api
port: 9022
uris:
- api.__stub__reference.cf.paas.alphagov.co.uk
resource_pool: large_z2
templates:
- name: cloud_controller_ng
release: cf
- name: routing-api
release: cf
- name: metron_agent
release: cf
- name: statsd-injector
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: clock_global
networks:
- name: cf1
persistent_disk: 0
properties:
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: cloud_controller_clock
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: api_worker_z1
networks:
- name: cf1
persistent_disk: 0
properties:
metron_agent:
zone: z1
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
resource_pool: small_z1
templates:
- name: cloud_controller_worker
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
update: {}
- instances: 1
name: api_worker_z2
networks:
- name: cf2
persistent_disk: 0
properties:
metron_agent:
zone: z2
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
resource_pool: small_z2
templates:
- name: cloud_controller_worker
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
update: {}
- instances: 1
name: hm9000_z1
networks:
- name: cf1
properties:
metron_agent:
zone: z1
route_registrar:
routes:
- name: hm9000
port: 5155
uris:
- hm9000.__stub__reference.cf.paas.alphagov.co.uk
resource_pool: medium_z1
templates:
- name: hm9000
release: cf
- name: metron_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: hm9000_z2
networks:
- name: cf2
properties:
metron_agent:
zone: z2
route_registrar:
routes:
- name: hm9000
port: 5155
uris:
- hm9000.__stub__reference.cf.paas.alphagov.co.uk
resource_pool: medium_z2
templates:
- name: hm9000
release: cf
- name: metron_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: runner_z1
networks:
- name: cf1
static_ips: null
properties:
dea_next:
zone: z1
metron_agent:
zone: z1
resource_pool: runner_z1
templates:
- name: dea_next
release: cf
- name: dea_logging_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 1
name: runner_z2
networks:
- name: cf2
static_ips: null
properties:
dea_next:
zone: z2
metron_agent:
zone: z2
resource_pool: runner_z2
templates:
- name: dea_next
release: cf
- name: dea_logging_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 0
name: loggregator_z1
networks:
- name: cf1
properties:
doppler:
zone: z1
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 0
name: loggregator_z2
networks:
- name: cf2
properties:
doppler:
zone: z2
metron_agent:
zone: z2
resource_pool: medium_z2
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: doppler_z1
networks:
- name: cf1
properties:
doppler:
zone: z1
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: doppler_z2
networks:
- name: cf2
properties:
doppler:
zone: z2
metron_agent:
zone: z2
resource_pool: medium_z2
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: loggregator_trafficcontroller_z1
networks:
- name: cf1
properties:
metron_agent:
zone: z1
route_registrar:
routes:
- name: doppler
port: 8081
uris:
- doppler.__stub__reference.cf.paas.alphagov.co.uk
- name: loggregator
port: 8080
uris:
- loggregator.__stub__reference.cf.paas.alphagov.co.uk
traffic_controller:
zone: z1
resource_pool: small_z1
templates:
- name: loggregator_trafficcontroller
release: cf
- name: metron_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: loggregator_trafficcontroller_z2
networks:
- name: cf2
properties:
metron_agent:
zone: z2
route_registrar:
routes:
- name: doppler
port: 8081
uris:
- doppler.__stub__reference.cf.paas.alphagov.co.uk
- name: loggregator
port: 8080
uris:
- loggregator.__stub__reference.cf.paas.alphagov.co.uk
traffic_controller:
zone: z2
resource_pool: small_z2
templates:
- name: loggregator_trafficcontroller
release: cf
- name: metron_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: router_z1
networks:
- name: cf1
static_ips:
- 10.0.10.15
properties:
consul:
agent:
services:
gorouter: {}
metron_agent:
zone: z1
resource_pool: router_z1
templates:
- name: gorouter
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
update: {}
- instances: 1
name: router_z2
networks:
- name: cf2
static_ips:
- 10.0.11.15
properties:
consul:
agent:
services:
gorouter: {}
metron_agent:
zone: z2
resource_pool: router_z2
templates:
- name: gorouter
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
update: {}
- instances: 1
lifecycle: errand
name: acceptance_tests
networks:
- name: cf1
resource_pool: small_errand
templates:
- name: acceptance-tests
release: cf
- instances: 1
lifecycle: errand
name: smoke_tests
networks:
- name: cf1
properties: {}
resource_pool: small_errand
templates:
- name: smoke-tests
release: cf
meta:
environment: reference
releases:
- name: cf
version: latest
name: cloudfoundry-reference-manifest
networks:
- name: cf1
subnets:
- cloud_properties:
subnet: __stub__subnetid1
dns:
- 10.0.0.2
gateway: 10.0.10.1
range: 10.0.10.0/24
reserved:
- 10.0.10.2 - 10.0.10.9
static:
- 10.0.10.10 - 10.0.10.40
- name: cf2
subnets:
- cloud_properties:
subnet: __stub__subnetid1
dns:
- 10.0.0.2
gateway: 10.0.11.1
range: 10.0.11.0/24
reserved:
- 10.0.11.2 - 10.0.11.9
static:
- 10.0.11.10 - 10.0.11.40
properties:
acceptance_tests: null
app_domains:
- __stub__reference.cf.paas.alphagov.co.uk
app_ssh: null
cc:
allow_app_ssh_access: true
allowed_cors_domains: []
app_events:
cutoff_age_in_days: 31
app_usage_events:
cutoff_age_in_days: 31
audit_events:
cutoff_age_in_days: 31
broker_client_default_async_poll_interval_seconds: 60
broker_client_max_async_poll_duration_minutes: 10080
broker_client_timeout_seconds: 70
buildpacks:
buildpack_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-buildpacks
cdn: null
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
bulk_api_password: 123abc_bulk_api_password
client_max_body_size: 15M
db_encryption_key: 123abc_cc_db_encryption_key
db_logging_level: debug2
default_app_disk_in_mb: 1024
default_app_memory: 1024
default_buildpacks:
- name: staticfile_buildpack
package: buildpack_staticfile
- name: java_buildpack
package: buildpack_java
- name: ruby_buildpack
package: buildpack_ruby
- name: nodejs_buildpack
package: buildpack_nodejs
- name: go_buildpack
package: buildpack_go
- name: python_buildpack
package: buildpack_python
- name: php_buildpack
package: buildpack_php
- name: binary_buildpack
package: buildpack_binary
default_health_check_timeout: 60
default_quota_definition: default
default_running_security_groups:
- public_networks
- dns
default_staging_security_groups:
- public_networks
- dns
default_to_diego_backend: false
development_mode: false
directories: null
disable_custom_buildpacks: false
droplets:
cdn: null
droplet_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-droplets
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
external_host: api
external_port: 9022
external_protocol: http
install_buildpacks:
- name: staticfile_buildpack
package: buildpack_staticfile
- name: java_buildpack
package: buildpack_java
- name: ruby_buildpack
package: buildpack_ruby
- name: nodejs_buildpack
package: buildpack_nodejs
- name: go_buildpack
package: buildpack_go
- name: python_buildpack
package: buildpack_python
- name: php_buildpack
package: buildpack_php
- name: binary_buildpack
package: buildpack_binary
internal_api_password: 123abc_bulk_api_password
internal_api_user: internal_user
jobs:
app_bits_packer:
timeout_in_seconds: null
app_events_cleanup:
timeout_in_seconds: null
app_usage_events_cleanup:
timeout_in_seconds: null
blobstore_delete:
timeout_in_seconds: null
blobstore_upload:
timeout_in_seconds: null
droplet_deletion:
timeout_in_seconds: null
droplet_upload:
timeout_in_seconds: null
generic:
number_of_workers: null
global:
timeout_in_seconds: 14400
model_deletion:
timeout_in_seconds: null
logging_level: debug2
maximum_app_disk_in_mb: 2048
maximum_health_check_timeout: 180
min_cli_version: 6.1.0
min_recommended_cli_version: 6.10.0
newrelic:
capture_params: false
developer_mode: false
environment_name: reference
license_key: null
monitor_mode: false
transaction_tracer:
enabled: true
record_sql: obfuscated
packages:
app_package_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-packages
cdn: null
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
max_package_size: 1073741824
quota_definitions:
default:
memory_limit: 10240
non_basic_services_allowed: true
total_routes: 1000
total_services: 100
resource_pool:
cdn: null
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
resource_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-resources
security_group_definitions:
- name: public_networks
rules:
- destination: 0.0.0.0-9.255.255.255
protocol: all
- destination: 11.0.0.0-169.253.255.255
protocol: all
- destination: 169.255.0.0-172.15.255.255
protocol: all
- destination: 172.32.0.0-192.167.255.255
protocol: all
- destination: 192.169.0.0-255.255.255.255
protocol: all
- name: dns
rules:
- destination: 0.0.0.0/0
ports: "53"
protocol: tcp
- destination: 0.0.0.0/0
ports: "53"
protocol: udp
srv_api_uri: https://api.__stub__reference.cf.paas.alphagov.co.uk
stacks: null
staging_upload_password: 123abc_staging_upload_password
staging_upload_user: staginguploaduser
system_buildpacks:
- name: staticfile_buildpack
package: buildpack_staticfile
- name: java_buildpack
package: buildpack_java
- name: ruby_buildpack
package: buildpack_ruby
- name: nodejs_buildpack
package: buildpack_nodejs
- name: go_buildpack
package: buildpack_go
- name: python_buildpack
package: buildpack_python
- name: php_buildpack
package: buildpack_php
- name: binary_buildpack
package: buildpack_binary
thresholds:
api:
alert_if_above_mb: null
restart_if_above_mb: null
restart_if_consistently_above_mb: null
worker:
alert_if_above_mb: null
restart_if_above_mb: null
restart_if_consistently_above_mb: null
user_buildpacks: []
users_can_select_backend: true
ccdb:
address: __stub__.db.example.com
databases:
- citext: true
name: ccdb
tag: cc
db_scheme: postgres
port: 5524
roles:
- name: ccadmin
password: 123abc_ccadmin_password
tag: admin
collector:
graphite:
address: 10.0.10.40
consul:
agent:
log_level: null
servers:
lan:
- 10.0.10.37
- 10.0.10.38
- 10.0.11.37
agent_cert: null
agent_key: null
ca_cert: null
encrypt_keys: []
require_ssl: null
server_cert: null
server_key: null
databases:
address: __stub__.db.example.com
databases:
- citext: true
name: ccdb
tag: cc
- citext: true
name: uaadb
tag: uaa
db_scheme: postgres
port: 5524
roles:
- name: ccadmin
password: 123abc_ccadmin_password
tag: admin
- name: uaaadmin
password: 123abc_uuadmin_password
tag: admin
dea_next:
advertise_interval_in_seconds: 5
allow_host_access: null
allow_networks:
- 10.10.0.2/32
default_health_check_timeout: 60
deny_networks:
- 169.254.0.0/16
- 10.10.0.0/16
directory_server_protocol: https
disk_mb: 10240
disk_overcommit_factor: 2
evacuation_bail_out_time_in_seconds: 600
heartbeat_interval_in_seconds: 10
instance_disk_inode_limit: 200000
kernel_network_tuning_enabled: true
logging_level: debug
memory_mb: 4096
memory_overcommit_factor: 3
rlimit_core: 0
staging_disk_inode_limit: 200000
staging_disk_limit_mb: 6144
staging_memory_limit_mb: 1024
description: Cloud Foundry sponsored by Pivotal
disk_quota_enabled: true
domain: __stub__reference.cf.paas.alphagov.co.uk
doppler:
blacklisted_syslog_ranges: null
debug: false
enable_tls_transport: null
maxRetainedLogMessages: 100
port: 4443
tls_listener:
cert: null
key: null
port: null
unmarshaller_count: 5
doppler_endpoint:
shared_secret: 123abc_loggregator_endpoint_shared_secret
dropsonde:
enabled: true
etcd:
ca_cert: null
client_cert: null
client_key: null
cluster: null
machines:
- 10.0.10.20
- 10.0.10.35
- 10.0.11.19
peer_require_ssl: null
require_ssl: null
server_cert: null
server_key: null
etcd_metrics_server:
nats:
machines:
- 10.0.10.11
- 10.0.11.11
password: 123abc_nats_password
username: natsuser
ha_proxy: null
hm9000:
url: https://hm9000.__stub__reference.cf.paas.alphagov.co.uk
logger_endpoint:
port: 4443
loggregator:
blacklisted_syslog_ranges:
- end: 10.10.255.255
start: 10.10.0.0
debug: false
etcd: (( merge || ~ ))
maxRetainedLogMessages: 100
outgoing_dropsonde_port: 8081
loggregator_endpoint:
shared_secret: 123abc_loggregator_endpoint_shared_secret
login:
analytics:
code: null
domain: null
asset_base_url: null
brand: oss
catalina_opts: null
enabled: true
invitations_enabled: null
links:
home: https://console.__stub__reference.cf.paas.alphagov.co.uk
network: https://network.gopivotal.com/login
passwd: https://console.__stub__reference.cf.paas.alphagov.co.uk/password_resets/new
signup: https://console.__stub__reference.cf.paas.alphagov.co.uk/register
signup-network: https://network.gopivotal.com/registrations/new
logout: null
messages: null
notifications:
url: null
protocol: https
restricted_ips_regex: null
saml: null
self_service_links_enabled: null
signups_enabled: null
smtp:
host: localhost
password: null
port: 2525
user: null
spring_profiles: null
tiles: null
uaa_base: null
uaa_certificate: null
url: null
metron_agent:
deployment: reference
metron_endpoint:
shared_secret: 123abc_loggregator_endpoint_shared_secret
nats:
address: 10.0.10.11
debug: false
machines:
- 10.0.10.11
- 10.0.11.11
monitor_port: 0
password: 123abc_nats_password
port: 4222
prof_port: 0
trace: false
user: natsuser
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
request_timeout_in_seconds: 900
router:
cipher_suites: TLS_RSA_WITH_RC4_128_SHA:TLS_RSA_WITH_AES_128_CBC_SHA
enable_ssl: true
extra_headers_to_log: null
logrotate: null
requested_route_registration_interval_in_seconds: null
route_service_secrets: null
route_service_timeout: null
secure_cookies: null
ssl_cert: |+
-----BEGIN CERTIFICATE-----
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END CERTIFICATE-----
ssl_key: |+
-----BEGIN RSA PRIVATE KEY-----
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END RSA PRIVATE KEY-----
ssl_skip_validation: null
status:
password: 123abc_router_password
user: router_user
smoke_tests: null
ssl:
skip_cert_verify: false
support_address: http://support.cloudfoundry.com
syslog_daemon_config: null
system_domain: __stub__reference.cf.paas.alphagov.co.uk
system_domain_organization: null
template_only:
aws:
access_key_id: 123abc_access_key_id
availability_zone: __stub__eu-west-1a
availability_zone2: __stub__eu-west-1b
secret_access_key: abc123_secret_access_key
traffic_controller:
outgoing_port: 8080
uaa:
admin:
client_secret: 123abc_uaa_admin_client_secret
authentication:
policy:
countFailuresWithinSeconds: null
lockoutAfterFailures: null
lockoutPeriodSeconds: null
batch:
password: 123abc_uaa_batch_password
username: uaabatchusername
catalina_opts: -Xmx768m -XX:MaxPermSize=256m
cc:
client_secret: 123abc_uaa_cc_client_secret
clients:
app-direct:
secret: 123abc_uaa_clients_app_direct_secret
cloud_controller_username_lookup:
authorities: scim.userids
authorized-grant-types: client_credentials
secret: 123abc_uaa_clients_cloud_controller_username_lookup_secret
developer_console:
secret: 123abc_uaa_clients_developer_console_secret
doppler:
authorities: uaa.resource
override: true
secret: 123abc_uaa_clients_doppler_secret
gorouter:
authorities: clients.read,clients.write,clients.admin,route.admin,route.advertise
authorized-grant-types: client_credentials,refresh_token
scope: openid,cloud_controller_service_permissions.read
secret: 123abc_uaa_clients_gorouter_secret
login:
authorities: oauth.login,scim.write,clients.read,notifications.write,critical_notifications.write,emails.write,scim.userids,password.write
authorized-grant-types: authorization_code,client_credentials,refresh_token
override: true
redirect-uri: https://login.__stub__reference.cf.paas.alphagov.co.uk
scope: openid,oauth.approvals
secret: 123abc_uaa_clients_app_direct_secret
notifications:
authorities: cloud_controller.admin,scim.read
authorized-grant-types: client_credentials
secret: 123abc_uaa_clients_notifications_secret
database: null
issuer: https://uaa.__stub__reference.cf.paas.alphagov.co.uk
jwt:
signing_key: |+
-----BEGIN RSA PRIVATE KEY-----
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END RSA PRIVATE KEY-----
verification_key: |+
-----BEGIN PUBLIC KEY-----
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END PUBLIC KEY-----
ldap: null
login: null
newrelic: null
no_ssl: false
port: 8080
require_https: null
restricted_ips_regex: 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
scim:
external_groups: null
userids_enabled: true
users:
- admin|123abc_uaa_admin_password|scim.write,scim.read,openid,cloud_controller.admin,doppler.firehose
spring_profiles: null
url: https://uaa.__stub__reference.cf.paas.alphagov.co.uk
user: null
zones: null
uaadb:
address: __stub__.db.example.com
databases:
- citext: true
name: uaadb
tag: uaa
db_scheme: postgresql
port: 5524
roles:
- name: uaaadmin
password: 123abc_uuadmin_password
tag: admin
releases:
- name: cf
version: latest
resource_pools:
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: small_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: small_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: medium_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: medium_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 65536
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: large_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 65536
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: large_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 102400
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: runner_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 102400
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: runner_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
elbs:
- __stub__router_elb_name
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: router_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
elbs:
- __stub__router_elb_name
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: router_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: small_errand
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
instance_type: c3.xlarge
env:
bosh:
password: 123abc_vcap_password
name: xlarge_errand
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
update:
canaries: 1
canary_watch_time: 30000-600000
max_in_flight: 1
serial: false
update_watch_time: 5000-600000
Raw
v219.yml
compilation:
cloud_properties:
availability_zone: __stub__eu-west-1a
instance_type: c3.large
network: cf1
reuse_compilation_vms: true
workers: 6
director_uuid: BOSH_UUID
jobs:
- instances: 2
name: consul_z1
networks:
- name: cf1
static_ips:
- 10.0.10.37
- 10.0.10.38
persistent_disk: 1024
properties:
consul:
agent:
mode: server
metron_agent:
zone: z1
resource_pool: small_z1
templates:
- name: consul_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
serial: true
- instances: 1
name: consul_z2
networks:
- name: cf2
static_ips:
- 10.0.11.37
persistent_disk: 1024
properties:
consul:
agent:
mode: server
metron_agent:
zone: z2
resource_pool: small_z2
templates:
- name: consul_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
serial: true
- default_networks:
- name: cf1
static_ips: null
instances: 0
name: ha_proxy_z1
networks:
- name: cf1
static_ips: null
properties:
ha_proxy: null
metron_agent:
zone: z1
router:
servers:
z1:
- 10.0.10.15
z2:
- 10.0.11.15
resource_pool: router_z1
templates:
- name: haproxy
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
update: {}
- instances: 1
name: nats_z1
networks:
- name: cf1
static_ips:
- 10.0.10.11
properties:
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: nats
release: cf
- name: nats_stream_forwarder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: nats_z2
networks:
- name: cf2
static_ips:
- 10.0.11.11
properties:
metron_agent:
zone: z2
resource_pool: medium_z2
templates:
- name: nats
release: cf
- name: nats_stream_forwarder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 2
name: etcd_z1
networks:
- name: cf1
static_ips:
- 10.0.10.20
- 10.0.10.35
persistent_disk: 10024
properties:
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: etcd
release: cf
- name: etcd_metrics_server
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 1
name: etcd_z2
networks:
- name: cf2
static_ips:
- 10.0.11.19
persistent_disk: 10024
properties:
metron_agent:
zone: z2
resource_pool: medium_z2
templates:
- name: etcd
release: cf
- name: etcd_metrics_server
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 1
name: stats_z1
networks:
- name: cf1
properties:
metron_agent:
zone: z1
resource_pool: small_z1
templates:
- name: collector
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 0
name: nfs_z1
networks:
- name: cf1
static_ips: null
persistent_disk: 102400
properties:
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: debian_nfs_server
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 0
name: postgres_z1
networks:
- name: cf1
static_ips: null
persistent_disk: 4096
properties:
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: postgres
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: uaa_z1
networks:
- name: cf1
properties:
consul:
agent:
services:
uaa: {}
metron_agent:
zone: z1
route_registrar:
routes:
- name: uaa
port: 8080
tags:
component: uaa
uris:
- uaa.__stub__reference.cf.paas.alphagov.co.uk
- '*.uaa.__stub__reference.cf.paas.alphagov.co.uk'
- login.__stub__reference.cf.paas.alphagov.co.uk
- '*.login.__stub__reference.cf.paas.alphagov.co.uk'
router:
servers:
- 10.0.10.15
- 10.0.11.15
resource_pool: medium_z1
templates:
- name: uaa
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: uaa_z2
networks:
- name: cf2
properties:
consul:
agent:
services:
uaa: {}
metron_agent:
zone: z2
route_registrar:
routes:
- name: uaa
port: 8080
tags:
component: uaa
uris:
- uaa.__stub__reference.cf.paas.alphagov.co.uk
- '*.uaa.__stub__reference.cf.paas.alphagov.co.uk'
- login.__stub__reference.cf.paas.alphagov.co.uk
- '*.login.__stub__reference.cf.paas.alphagov.co.uk'
router:
servers:
- 10.0.10.15
- 10.0.11.15
resource_pool: medium_z2
templates:
- name: uaa
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: api_z1
networks:
- name: cf1
persistent_disk: 0
properties:
consul:
agent:
services:
cloud_controller_ng: {}
routing-api: {}
metron_agent:
zone: z1
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
route_registrar:
routes:
- name: api
port: 9022
uris:
- api.__stub__reference.cf.paas.alphagov.co.uk
resource_pool: large_z1
templates:
- name: cloud_controller_ng
release: cf
- name: routing-api
release: cf
- name: metron_agent
release: cf
- name: statsd-injector
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: api_z2
networks:
- name: cf2
persistent_disk: 0
properties:
consul:
agent:
services:
cloud_controller_ng: {}
routing-api: {}
metron_agent:
zone: z2
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
route_registrar:
routes:
- name: api
port: 9022
uris:
- api.__stub__reference.cf.paas.alphagov.co.uk
resource_pool: large_z2
templates:
- name: cloud_controller_ng
release: cf
- name: routing-api
release: cf
- name: metron_agent
release: cf
- name: statsd-injector
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: clock_global
networks:
- name: cf1
persistent_disk: 0
properties:
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: cloud_controller_clock
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: api_worker_z1
networks:
- name: cf1
persistent_disk: 0
properties:
metron_agent:
zone: z1
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
resource_pool: small_z1
templates:
- name: cloud_controller_worker
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
update: {}
- instances: 1
name: api_worker_z2
networks:
- name: cf2
persistent_disk: 0
properties:
metron_agent:
zone: z2
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
resource_pool: small_z2
templates:
- name: cloud_controller_worker
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: nfs_mounter
release: cf
update: {}
- instances: 1
name: hm9000_z1
networks:
- name: cf1
properties:
metron_agent:
zone: z1
route_registrar:
routes:
- name: hm9000
port: 5155
uris:
- hm9000.__stub__reference.cf.paas.alphagov.co.uk
resource_pool: medium_z1
templates:
- name: hm9000
release: cf
- name: metron_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: hm9000_z2
networks:
- name: cf2
properties:
metron_agent:
zone: z2
route_registrar:
routes:
- name: hm9000
port: 5155
uris:
- hm9000.__stub__reference.cf.paas.alphagov.co.uk
resource_pool: medium_z2
templates:
- name: hm9000
release: cf
- name: metron_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: runner_z1
networks:
- name: cf1
static_ips: null
properties:
dea_next:
zone: z1
metron_agent:
zone: z1
resource_pool: runner_z1
templates:
- name: dea_next
release: cf
- name: dea_logging_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 1
name: runner_z2
networks:
- name: cf2
static_ips: null
properties:
dea_next:
zone: z2
metron_agent:
zone: z2
resource_pool: runner_z2
templates:
- name: dea_next
release: cf
- name: dea_logging_agent
release: cf
- name: metron_agent
release: cf
update:
max_in_flight: 1
- instances: 0
name: loggregator_z1
networks:
- name: cf1
properties:
doppler:
zone: z1
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 0
name: loggregator_z2
networks:
- name: cf2
properties:
doppler:
zone: z2
metron_agent:
zone: z2
resource_pool: medium_z2
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: doppler_z1
networks:
- name: cf1
properties:
doppler:
zone: z1
metron_agent:
zone: z1
resource_pool: medium_z1
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: doppler_z2
networks:
- name: cf2
properties:
doppler:
zone: z2
metron_agent:
zone: z2
resource_pool: medium_z2
templates:
- name: doppler
release: cf
- name: syslog_drain_binder
release: cf
- name: metron_agent
release: cf
update: {}
- instances: 1
name: loggregator_trafficcontroller_z1
networks:
- name: cf1
properties:
metron_agent:
zone: z1
route_registrar:
routes:
- name: doppler
port: 8081
uris:
- doppler.__stub__reference.cf.paas.alphagov.co.uk
- name: loggregator
port: 8080
uris:
- loggregator.__stub__reference.cf.paas.alphagov.co.uk
traffic_controller:
zone: z1
resource_pool: small_z1
templates:
- name: loggregator_trafficcontroller
release: cf
- name: metron_agent
release: cf
- name: route_registrar
release: cf
update: {}
- instances: 1
name: loggregator_trafficcontroller_z2
networks:
- name: cf2
properties:
metron_agent:
zone: z2
route_registrar:
routes:
- name: doppler
port: 8081
uris:
- doppler.__stub__reference.cf.paas.alphagov.co.uk
- name: loggregator
port: 8080
uris:
- loggregator.__stub__reference.cf.paas.alphagov.co.uk
traffic_controller:
zone: z2
resource_pool: small_z2
templates:
- name: loggregator_trafficcontroller
release: cf
- name: metron_agent
release: cf
- name: route_registrar
release: cf
update: {}
- default_networks:
- name: cf1
static_ips: null
instances: 1
name: router_z1
networks:
- name: cf1
static_ips:
- 10.0.10.15
properties:
consul:
agent:
services:
gorouter: {}
metron_agent:
zone: z1
resource_pool: router_z1
templates:
- name: gorouter
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
update: {}
- default_networks:
- name: cf2
static_ips: null
instances: 1
name: router_z2
networks:
- name: cf2
static_ips:
- 10.0.11.15
properties:
consul:
agent:
services:
gorouter: {}
metron_agent:
zone: z2
resource_pool: router_z2
templates:
- name: gorouter
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
update: {}
- instances: 1
lifecycle: errand
name: acceptance_tests
networks:
- name: cf1
resource_pool: small_errand
templates:
- name: acceptance-tests
release: cf
- instances: 1
lifecycle: errand
name: smoke_tests
networks:
- name: cf1
properties: {}
resource_pool: small_errand
templates:
- name: smoke-tests
release: cf
meta:
environment: reference
releases:
- name: cf
version: latest
name: cloudfoundry-reference-manifest
networks:
- name: cf1
subnets:
- cloud_properties:
subnet: __stub__subnetid1
dns:
- 10.0.0.2
gateway: 10.0.10.1
range: 10.0.10.0/24
reserved:
- 10.0.10.2 - 10.0.10.9
static:
- 10.0.10.10 - 10.0.10.40
- name: cf2
subnets:
- cloud_properties:
subnet: __stub__subnetid1
dns:
- 10.0.0.2
gateway: 10.0.11.1
range: 10.0.11.0/24
reserved:
- 10.0.11.2 - 10.0.11.9
static:
- 10.0.11.10 - 10.0.11.40
properties:
acceptance_tests: null
app_domains:
- __stub__reference.cf.paas.alphagov.co.uk
app_ssh: null
cc:
allow_app_ssh_access: true
allowed_cors_domains: []
app_events:
cutoff_age_in_days: 31
app_usage_events:
cutoff_age_in_days: 31
audit_events:
cutoff_age_in_days: 31
broker_client_default_async_poll_interval_seconds: 60
broker_client_max_async_poll_duration_minutes: 10080
broker_client_timeout_seconds: 70
buildpacks:
buildpack_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-buildpacks
cdn: null
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
bulk_api_password: 123abc_bulk_api_password
client_max_body_size: 15M
db_encryption_key: 123abc_cc_db_encryption_key
db_logging_level: debug2
default_app_disk_in_mb: 1024
default_app_memory: 1024
default_buildpacks:
- name: staticfile_buildpack
package: buildpack_staticfile
- name: java_buildpack
package: buildpack_java
- name: ruby_buildpack
package: buildpack_ruby
- name: nodejs_buildpack
package: buildpack_nodejs
- name: go_buildpack
package: buildpack_go
- name: python_buildpack
package: buildpack_python
- name: php_buildpack
package: buildpack_php
- name: binary_buildpack
package: buildpack_binary
default_health_check_timeout: 60
default_quota_definition: default
default_running_security_groups:
- public_networks
- dns
default_staging_security_groups:
- public_networks
- dns
default_to_diego_backend: false
development_mode: false
directories: null
disable_custom_buildpacks: false
droplets:
cdn: null
droplet_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-droplets
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
external_host: api
external_port: 9022
external_protocol: null
install_buildpacks:
- name: staticfile_buildpack
package: buildpack_staticfile
- name: java_buildpack
package: buildpack_java
- name: ruby_buildpack
package: buildpack_ruby
- name: nodejs_buildpack
package: buildpack_nodejs
- name: go_buildpack
package: buildpack_go
- name: python_buildpack
package: buildpack_python
- name: php_buildpack
package: buildpack_php
- name: binary_buildpack
package: buildpack_binary
internal_api_password: 123abc_bulk_api_password
internal_api_user: internal_user
jobs:
app_bits_packer:
timeout_in_seconds: null
app_events_cleanup:
timeout_in_seconds: null
app_usage_events_cleanup:
timeout_in_seconds: null
blobstore_delete:
timeout_in_seconds: null
blobstore_upload:
timeout_in_seconds: null
droplet_deletion:
timeout_in_seconds: null
droplet_upload:
timeout_in_seconds: null
generic:
number_of_workers: null
global:
timeout_in_seconds: 14400
model_deletion:
timeout_in_seconds: null
logging_level: debug2
maximum_app_disk_in_mb: 2048
maximum_health_check_timeout: 180
min_cli_version: 6.1.0
min_recommended_cli_version: 6.10.0
newrelic:
capture_params: false
developer_mode: false
environment_name: reference
license_key: null
monitor_mode: false
transaction_tracer:
enabled: true
record_sql: obfuscated
packages:
app_package_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-packages
cdn: null
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
max_package_size: 1073741824
quota_definitions:
default:
memory_limit: 10240
non_basic_services_allowed: true
total_routes: 1000
total_services: 100
resource_pool:
cdn: null
fog_connection:
aws_access_key_id: 123abc_access_key_id
aws_secret_access_key: abc123_secret_access_key
provider: AWS
region: __stub__eu-west
resource_directory_key: __stub__reference.cf.paas.alphagov.co.uk-cc-resources
security_group_definitions:
- name: public_networks
rules:
- destination: 0.0.0.0-9.255.255.255
protocol: all
- destination: 11.0.0.0-169.253.255.255
protocol: all
- destination: 169.255.0.0-172.15.255.255
protocol: all
- destination: 172.32.0.0-192.167.255.255
protocol: all
- destination: 192.169.0.0-255.255.255.255
protocol: all
- name: dns
rules:
- destination: 0.0.0.0/0
ports: "53"
protocol: tcp
- destination: 0.0.0.0/0
ports: "53"
protocol: udp
srv_api_uri: https://api.__stub__reference.cf.paas.alphagov.co.uk
stacks: null
staging_upload_password: 123abc_staging_upload_password
staging_upload_user: staginguploaduser
system_buildpacks:
- name: staticfile_buildpack
package: buildpack_staticfile
- name: java_buildpack
package: buildpack_java
- name: ruby_buildpack
package: buildpack_ruby
- name: nodejs_buildpack
package: buildpack_nodejs
- name: go_buildpack
package: buildpack_go
- name: python_buildpack
package: buildpack_python
- name: php_buildpack
package: buildpack_php
- name: binary_buildpack
package: buildpack_binary
thresholds:
api:
alert_if_above_mb: null
restart_if_above_mb: null
restart_if_consistently_above_mb: null
worker:
alert_if_above_mb: null
restart_if_above_mb: null
restart_if_consistently_above_mb: null
user_buildpacks: []
users_can_select_backend: true
ccdb:
address: __stub__.db.example.com
databases:
- citext: true
name: ccdb
tag: cc
db_scheme: postgres
port: 5524
roles:
- name: ccadmin
password: 123abc_ccadmin_password
tag: admin
collector:
graphite:
address: 10.0.10.40
consul:
agent:
log_level: null
servers:
lan:
- 10.0.10.37
- 10.0.10.38
- 10.0.11.37
agent_cert: null
agent_key: null
ca_cert: null
encrypt_keys: []
require_ssl: null
server_cert: null
server_key: null
databases:
address: __stub__.db.example.com
databases:
- citext: true
name: ccdb
tag: cc
- citext: true
name: uaadb
tag: uaa
db_scheme: postgres
port: 5524
roles:
- name: ccadmin
password: 123abc_ccadmin_password
tag: admin
- name: uaaadmin
password: 123abc_uuadmin_password
tag: admin
dea_next:
advertise_interval_in_seconds: 5
allow_host_access: null
allow_networks:
- 10.10.0.2/32
default_health_check_timeout: 60
deny_networks:
- 169.254.0.0/16
- 10.10.0.0/16
directory_server_protocol: https
disk_mb: 10240
disk_overcommit_factor: 2
evacuation_bail_out_time_in_seconds: 600
heartbeat_interval_in_seconds: 10
instance_disk_inode_limit: 200000
kernel_network_tuning_enabled: true
logging_level: debug
memory_mb: 4096
memory_overcommit_factor: 3
rlimit_core: 0
staging_disk_inode_limit: 200000
staging_disk_limit_mb: 6144
staging_memory_limit_mb: 1024
description: Cloud Foundry sponsored by Pivotal
disk_quota_enabled: true
domain: __stub__reference.cf.paas.alphagov.co.uk
doppler:
blacklisted_syslog_ranges: null
debug: false
enable_tls_transport: null
maxRetainedLogMessages: 100
port: 4443
tls_listener:
cert: null
key: null
port: null
unmarshaller_count: 5
doppler_endpoint:
shared_secret: 123abc_loggregator_endpoint_shared_secret
dropsonde:
enabled: true
etcd:
ca_cert: null
client_cert: null
client_key: null
cluster: null
machines:
- 10.0.10.20
- 10.0.10.35
- 10.0.11.19
peer_require_ssl: null
require_ssl: null
server_cert: null
server_key: null
etcd_metrics_server:
nats:
machines:
- 10.0.10.11
- 10.0.11.11
password: 123abc_nats_password
username: natsuser
ha_proxy: null
hm9000:
url: https://hm9000.__stub__reference.cf.paas.alphagov.co.uk
logger_endpoint:
port: 4443
loggregator:
blacklisted_syslog_ranges:
- end: 10.10.255.255
start: 10.10.0.0
debug: false
etcd: (( merge || ~ ))
maxRetainedLogMessages: 100
outgoing_dropsonde_port: 8081
loggregator_endpoint:
shared_secret: 123abc_loggregator_endpoint_shared_secret
login:
analytics:
code: null
domain: null
asset_base_url: null
brand: oss
catalina_opts: null
enabled: true
invitations_enabled: null
links:
home: https://console.__stub__reference.cf.paas.alphagov.co.uk
network: https://network.gopivotal.com/login
passwd: https://console.__stub__reference.cf.paas.alphagov.co.uk/password_resets/new
signup: https://console.__stub__reference.cf.paas.alphagov.co.uk/register
signup-network: https://network.gopivotal.com/registrations/new
logout: null
messages: null
notifications:
url: null
protocol: null
restricted_ips_regex: null
saml: null
self_service_links_enabled: null
signups_enabled: null
smtp:
host: localhost
password: null
port: 2525
user: null
spring_profiles: null
tiles: null
uaa_base: null
uaa_certificate: null
url: null
metron_agent:
deployment: reference
metron_endpoint:
shared_secret: 123abc_loggregator_endpoint_shared_secret
nats:
address: 10.0.10.11
debug: false
machines:
- 10.0.10.11
- 10.0.11.11
monitor_port: 0
password: 123abc_nats_password
port: 4222
prof_port: 0
trace: false
user: natsuser
nfs_server:
address: null
allow_from_entries:
- 10.0.10.0/24
- 10.0.11.0/24
share: null
request_timeout_in_seconds: 900
router:
cipher_suites: TLS_RSA_WITH_RC4_128_SHA:TLS_RSA_WITH_AES_128_CBC_SHA
enable_ssl: true
extra_headers_to_log: null
logrotate: null
requested_route_registration_interval_in_seconds: null
route_service_timeout: null
route_services_secret: null
route_services_secret_decrypt_only: null
secure_cookies: null
ssl_cert: |+
-----BEGIN CERTIFICATE-----
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_certAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END CERTIFICATE-----
ssl_key: |+
-----BEGIN RSA PRIVATE KEY-----
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
router_ssl_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END RSA PRIVATE KEY-----
ssl_skip_validation: null
status:
password: 123abc_router_password
user: router_user
smoke_tests: null
ssl:
skip_cert_verify: false
support_address: http://support.cloudfoundry.com
syslog_daemon_config: null
system_domain: __stub__reference.cf.paas.alphagov.co.uk
system_domain_organization: null
template_only:
aws:
access_key_id: 123abc_access_key_id
availability_zone: __stub__eu-west-1a
availability_zone2: __stub__eu-west-1b
secret_access_key: abc123_secret_access_key
traffic_controller:
outgoing_port: 8080
uaa:
admin:
client_secret: 123abc_uaa_admin_client_secret
authentication:
policy:
countFailuresWithinSeconds: null
lockoutAfterFailures: null
lockoutPeriodSeconds: null
batch:
password: 123abc_uaa_batch_password
username: uaabatchusername
catalina_opts: -Xmx768m -XX:MaxPermSize=256m
cc:
client_secret: 123abc_uaa_cc_client_secret
clients:
app-direct:
secret: 123abc_uaa_clients_app_direct_secret
cloud_controller_username_lookup:
authorities: scim.userids
authorized-grant-types: client_credentials
secret: 123abc_uaa_clients_cloud_controller_username_lookup_secret
developer_console:
secret: 123abc_uaa_clients_developer_console_secret
doppler:
authorities: uaa.resource
override: true
secret: 123abc_uaa_clients_doppler_secret
gorouter:
authorities: clients.read,clients.write,clients.admin,routing.routes.write,routing.routes.read
authorized-grant-types: client_credentials,refresh_token
scope: openid,cloud_controller_service_permissions.read
secret: 123abc_uaa_clients_gorouter_secret
login:
authorities: oauth.login,scim.write,clients.read,notifications.write,critical_notifications.write,emails.write,scim.userids,password.write
authorized-grant-types: authorization_code,client_credentials,refresh_token
override: true
redirect-uri: https://login.__stub__reference.cf.paas.alphagov.co.uk
scope: openid,oauth.approvals
secret: 123abc_uaa_clients_app_direct_secret
notifications:
authorities: cloud_controller.admin,scim.read
authorized-grant-types: client_credentials
secret: 123abc_uaa_clients_notifications_secret
database: null
issuer: https://uaa.__stub__reference.cf.paas.alphagov.co.uk
jwt:
signing_key: |+
-----BEGIN RSA PRIVATE KEY-----
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_signing_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END RSA PRIVATE KEY-----
verification_key: |+
-----BEGIN PUBLIC KEY-----
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
uaa_jwt_verification_keyAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBBAAAABBBB
-----END PUBLIC KEY-----
ldap: null
login: null
newrelic: null
no_ssl: null
port: 8080
require_https: null
restricted_ips_regex: 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
scim:
external_groups: null
userids_enabled: true
users:
- admin|123abc_uaa_admin_password|scim.write,scim.read,openid,cloud_controller.admin,doppler.firehose
spring_profiles: null
url: https://uaa.__stub__reference.cf.paas.alphagov.co.uk
user: null
zones: null
uaadb:
address: __stub__.db.example.com
databases:
- citext: true
name: uaadb
tag: uaa
db_scheme: postgresql
port: 5524
roles:
- name: uaaadmin
password: 123abc_uuadmin_password
tag: admin
releases:
- name: cf
version: latest
resource_pools:
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: small_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: small_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: medium_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: medium_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 65536
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: large_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 65536
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: large_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 102400
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: runner_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
ephemeral_disk:
size: 102400
type: gp2
instance_type: m3.large
env:
bosh:
password: 123abc_vcap_password
name: runner_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
elbs:
- __stub__router_elb_name
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: router_z1
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1b
elbs:
- __stub__router_elb_name
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: router_z2
network: cf2
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
ephemeral_disk:
size: 10240
type: gp2
instance_type: c3.large
env:
bosh:
password: 123abc_vcap_password
name: small_errand
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
- cloud_properties:
availability_zone: __stub__eu-west-1a
instance_type: c3.xlarge
env:
bosh:
password: 123abc_vcap_password
name: xlarge_errand
network: cf1
stemcell:
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
version: latest
update:
canaries: 1
canary_watch_time: 30000-600000
max_in_flight: 1
serial: false
update_watch_time: 5000-600000
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment