aws_cpi job from bosh-aws-cpi/104
Github source:
6573c93
or
master branch
Properties¶
agent
¶
mbus
¶Agent mbus
nats
¶
address
¶Address of the nats server
aws
¶
access_key_id
¶AWS access_key_id for the aws cpi (Required when aws.credentials_source is set to
static
)
connection_options
¶
ca_cert
¶All required custom CA certificates
- Example
'-----BEGIN CERTIFICATE----- MII... -----END CERTIFICATE-----'
credentials_source
¶Where to get AWS credentials for the aws cpi. This can be set to
static
to use anaccess_key_id
andsecret_access_key
orenv_or_profile
to get the credentials from environment variables or an EC2 instance profile.
- Default
static
default_iam_instance_profile
¶Default AWS iam_instance_profile for the aws cpi
default_key_name
¶Default SSH keypair used for new VMs
- Example
- bosh
default_security_groups
¶Default security groups for new VMs (required)
- Example
- bosh-grp
ec2_endpoint
¶AWS EC2 service endpoint, without protocol/scheme (Optional: default endpoint will be constructed from region if not specified)
- Example
ec2.us-east-1.amazonaws.com
elb_endpoint
¶AWS ELB service endpoint, without protocol/scheme (Optional: default endpoint will be constructed from region if not specified)
- Example
elasticloadbalancing.us-east-1.amazonaws.com
encrypted
¶Encrypts all instances’ volumes
- Default
false
kms_key_arn
¶Encrypts all instances’ volumes with the given KMS key. (aws.encrypted) should be true
- Example
arn:aws:kms:us-east-1:XXXXXX:key/e1c1f008-779b-4ebe-8116-0a34b77747dd
max_retries
¶The maximum number of times AWS service errors and throttling errors should be retried. There is an exponential backoff in between retries, so the more retries the longer it can take to fail. This only applies to the AWS client passing calls to the AWS API.
- Default
8
metadata_options
¶Metadata configuration options that are set on a VM during creation. These options should be snake-cased properties accepted by the ModifyInstanceMetadataOptions endpoint (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceMetadataOptions.html). e.g.
http_put_response_hop_limit
.
- Example
aws: metadata_options: http_endpoint: enabled http_tokens: required
region
¶AWS region name (Required unless both ec2_endpoint and elb_endpoint are specified)
- Example
us-east-1
role_arn
¶AWS role_arn to be assumed by the CPI when authenticating (Optional, used when aws.credentials_source is set to
static
)
secret_access_key
¶AWS secret_access_key for the aws cpi (Required when aws.credentials_source is set to
static
)
session_token
¶AWS session_token when using STS credentials for the aws cpi (Optional, used when aws.credentials_source is set to
static
)
stemcell
¶
kernel_id
¶AWS kernel id used by aws cpi
debug
¶
cpi
¶
api_version
¶api_version supported by cpi (can be used as an override for fallback).
env
¶
http_proxy
¶Http proxy to connect to cloud API’s
https_proxy
¶Https proxy to connect to cloud API’s
no_proxy
¶No proxy environment variable
nats
¶
address
¶Address of the nats server
password
¶Password to connect to nats with
port
¶Port that the nats server listens on
- Default
4222
user
¶Username to connect to nats with
- Default
nats
ntp
¶
List of ntp server IPs. pool.ntp.org attempts to return IPs closest to your location, but you can still specify if needed.
- Default
- 0.pool.ntp.org - 1.pool.ntp.org
registry
¶
host
¶Address of the Registry to connect to
password
¶Password to access the Registry
port
¶Port of the Registry to connect to
- Default
25777
username
¶User to access the Registry
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/aws_cpi/
directory
(learn more).
bin/cpi
(fromcpi.erb
)bin/cpi_ctl
(fromcpi_ctl.erb
)config/cacert.pem
(fromcacert.pem.erb
)config/cpi.json
(fromcpi.json.erb
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.