routing-api job from routing/0.173.0
Github source:
a77a418
or
master branch
Properties¶
consul
¶
servers
¶comma-separated list of consul server URLs (scheme://ip:port)
- Default
http://127.0.0.1:8500
dns_health_check_host
¶
Host to ping for confirmation of DNS resolution
- Default
uaa.service.cf.internal
metron
¶
port
¶The port used to emit dropsonde messages to the Metron agent.
- Default
3457
release_level_backup
¶
Include routing api database in backup and restore operations
- Default
false
routing_api
¶
admin_port
¶Local port to listen on with admin endpoint (used for backup/restore locking)
- Default
15897
auth_disabled
¶Disables UAA authentication
- Default
false
clients
¶OAuth client ids and secrets provided via link to jobs in other BOSH deployments that need to read and/or write to Routing API. These clients must be configured in UAA via API or using the property uaa.clients with the desired scopes. For a list of scopes supported see https://github.com/cloudfoundry-incubator/routing-api/blob/master/docs/api_docs.md. Jobs consuming the link should use these credentials to fetch a token from UAA with which to authenticate with Routing API.
- Example
cfcr_routing_api_client: secret: ((uaa_clients_cfcr_routing_api_client_secret))
debug_address
¶Address at which to serve debug info
- Default
127.0.0.1:17002
lock_retry_interval
¶interval to wait before retrying a failed lock acquisition
- Default
5s
lock_ttl
¶TTL for service lock
- Default
10s
locket
¶
api_location
¶Hostname and port of the Locket server. Used to obtain a lock so only one instance of Routing API is active at a time. Requires Locket, which is not deployed with cf-release by default.
- Default
""
ca_cert
¶CA cert for the Locket server. Requires Locket, which is not deployed with cf-release by default.
- Default
""
client_cert
¶Client cert for the Locket server. Requires Locket, which is not deployed with cf-release by default.
- Default
""
client_key
¶Client key for the Locket server. Requires Locket, which is not deployed with cf-release by default.
- Default
""
log_level
¶Log level
- Default
info
max_ttl
¶String representing the maximum TTL a client can request for route registration.
- Default
120s
metrics_reporting_interval
¶String representing interval for reporting the following metrics: total_http_subscriptions, total_http_routes, total_tcp_subscriptions, total_tcp_routes, total_token_errors, key_refresh_events. Units: ms, s, m h
- Default
30s
port
¶Port on which Routing API is running. If this is changed and routing_api.enabled:true in cf-release, it will break management of routes and domains until routing_api.port is updated in cf-release.
- Default
3000
router_groups
¶Array of router groups that will be seeded into routing_api database. Once some value is included with a deploy, subsequent changes to this property will be ignored. TCP Routing requires a router group of type: tcp.
- Default
[]- Example
|+ - name: default-tcp reservable_ports: 1024-10000,12000 type: tcp
skip_consul_lock
¶When false, Routing API will obtain a lock from both Consul and Locket. When true, Routing API will obtain the lock from Locket only. Requires locket.api_location to be set and Locket, which is not deployed with cf-release by default.
- Default
false
sqldb
¶
ca_cert
¶(optional, string) When present, force database connections via TLS.
host
¶Host for SQL database
password
¶Password used for connecting to SQL database
port
¶Port on which SQL database is listening
schema
¶Database name for routing api
- Example
routing_api
type
¶Type of SQL database
- Example
mysql
username
¶Username used for connecting to SQL database
statsd_client_flush_interval
¶Buffered statsd client flush interval
- Default
300ms
statsd_endpoint
¶The endpoint for the statsd server used to translate the following metrics from statsd to dropsonde: total_http_subscriptions, total_http_routes, total_tcp_subscriptions, total_tcp_routes, total_token_errors, key_refresh_events.
- Default
localhost:8125
system_domain
¶Domain reserved for CF operator; base URL where the UAA, Cloud Controller, and other non-user apps listen
skip_ssl_validation
¶
Skip TLS verification when talking to UAA
- Default
false
uaa
¶
ca_cert
¶Certificate authority for communication between clients and UAA.
- Default
""
tls_port
¶Port on which UAA is listening for TLS connections. This is required for obtaining a key to verify client OAuth tokens.
token_endpoint
¶UAA token endpoint host name. Do not include a scheme in this value; TCP Router will always use TLS to connect to UAA.
- Default
uaa.service.cf.internal
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/routing-api/
directory
(learn more).
bin/bbr/metadata
(frombbr-metadata
)bin/bbr/post-backup-unlock
(frompost-backup-unlock.erb
)bin/bbr/post-restore-unlock
(frompost-restore-unlock.erb
)bin/bbr/pre-backup-lock
(frompre-backup-lock.erb
)bin/bbr/pre-restore-lock
(frompre-restore-lock.erb
)bin/dns_health_check
(fromdns_health_check.erb
)bin/pre-start
(frompre-start
)bin/routing-api_ctl
(fromrouting-api_ctl.erb
)config/certs/locket/ca.crt
(fromlocket_ca.crt.erb
)config/certs/locket/client.crt
(fromlocket_client.crt.erb
)config/certs/locket/client.key
(fromlocket_client.key.erb
)config/certs/uaa/ca.crt
(fromuaa_ca.crt.erb
)config/routing-api.yml
(fromrouting-api.yml.erb
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.