Skip to content

aws_cpi job from bosh-aws-cpi/104

Github source: 6573c93 or master branch

Properties

agent

mbus

Agent mbus

nats

address

Address of the nats server

aws

access_key_id

AWS access_key_id for the aws cpi (Required when aws.credentials_source is set to static)

connection_options

ca_cert

All required custom CA certificates

Example
'-----BEGIN CERTIFICATE----- MII... -----END CERTIFICATE-----'

credentials_source

Where to get AWS credentials for the aws cpi. This can be set to static to use an access_key_id and secret_access_key or env_or_profile to get the credentials from environment variables or an EC2 instance profile.

Default
static

default_iam_instance_profile

Default AWS iam_instance_profile for the aws cpi

default_key_name

Default SSH keypair used for new VMs

Example
- bosh

default_security_groups

Default security groups for new VMs (required)

Example
- bosh-grp

ec2_endpoint

AWS EC2 service endpoint, without protocol/scheme (Optional: default endpoint will be constructed from region if not specified)

Example
ec2.us-east-1.amazonaws.com

elb_endpoint

AWS ELB service endpoint, without protocol/scheme (Optional: default endpoint will be constructed from region if not specified)

Example
elasticloadbalancing.us-east-1.amazonaws.com

encrypted

Encrypts all instances’ volumes

Default
false

kms_key_arn

Encrypts all instances’ volumes with the given KMS key. (aws.encrypted) should be true

Example
arn:aws:kms:us-east-1:XXXXXX:key/e1c1f008-779b-4ebe-8116-0a34b77747dd

max_retries

The maximum number of times AWS service errors and throttling errors should be retried. There is an exponential backoff in between retries, so the more retries the longer it can take to fail. This only applies to the AWS client passing calls to the AWS API.

Default
8

metadata_options

Metadata configuration options that are set on a VM during creation. These options should be snake-cased properties accepted by the ModifyInstanceMetadataOptions endpoint (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceMetadataOptions.html). e.g. http_put_response_hop_limit.

Example
aws:
  metadata_options:
    http_endpoint: enabled
    http_tokens: required

region

AWS region name (Required unless both ec2_endpoint and elb_endpoint are specified)

Example
us-east-1

role_arn

AWS role_arn to be assumed by the CPI when authenticating (Optional, used when aws.credentials_source is set to static)

secret_access_key

AWS secret_access_key for the aws cpi (Required when aws.credentials_source is set to static)

session_token

AWS session_token when using STS credentials for the aws cpi (Optional, used when aws.credentials_source is set to static)

stemcell

kernel_id

AWS kernel id used by aws cpi

debug

cpi

api_version

api_version supported by cpi (can be used as an override for fallback).

env

http_proxy

Http proxy to connect to cloud API’s

https_proxy

Https proxy to connect to cloud API’s

no_proxy

No proxy environment variable

nats

address

Address of the nats server

password

Password to connect to nats with

port

Port that the nats server listens on

Default
4222

user

Username to connect to nats with

Default
nats

ntp

List of ntp server IPs. pool.ntp.org attempts to return IPs closest to your location, but you can still specify if needed.

Default
  - 0.pool.ntp.org
  - 1.pool.ntp.org

registry

host

Address of the Registry to connect to

password

Password to access the Registry

port

Port of the Registry to connect to

Default
25777

username

User to access the Registry

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/aws_cpi/ directory (learn more).

  • bin/cpi (from cpi.erb)
  • bin/cpi_ctl (from cpi_ctl.erb)
  • config/cacert.pem (from cacert.pem.erb)
  • config/cpi.json (from cpi.json.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.