Skip to content

cloud_controller_ng job from cf/206

The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced.

Github source: 3c790dfd or master branch

Properties

app_domains

Array of domains for user apps (example: ‘user.app.space.foo’, a user app called ‘neat’ will listen at ‘http://neat.user.app.space.foo')

build

Default
"2222"

cc

allowed_cors_domains

List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain

Default
[]

app_bits_upload_grace_period_in_seconds

Extra token expiry time while uploading big apps.

Default
1200

app_events

cutoff_age_in_days

How old an app event should stay in cloud controller database before being cleaned up

Default
31

app_usage_events

cutoff_age_in_days

How old an app usage event should stay in cloud controller database before being cleaned up

Default
31

audit_events

cutoff_age_in_days

How old an audit event should stay in cloud controller database before being cleaned up

Default
31

billing_event_writing_enabled

If true, billing events are written to the CCDB.

Default
false

broker_client_default_async_poll_interval_seconds

Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide.

Default
60

broker_client_max_async_poll_attempts

The max number of attempts the CC will fetch service instance state from a service broker. 24 hours times this value is the maximum time a service broker can asynchronous provision an instance.

Default
25

broker_client_timeout_seconds

For requests to service brokers, this is the HTTP (open and read) timeout setting.

Default
60

buildpacks

buildpack_directory_key

Directory (bucket) used store buildpacks. It does not have be pre-created.

Default
cc-buildpacks
cdn
key_pair_id

Key pair name for signed download URIs

Default
""
private_key

Private key for signing download URIs

Default
""
uri

URI for a CDN to used for buildpack downloads

Default
""
fog_connection

Fog connection hash

bulk_api_password

Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS

bulk_api_user

User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS

Default
bulk_api

cc_partition

Deprecated. Defines a ‘partition’ for the health_manager job

Default
default

client_max_body_size

Maximum body size for nginx

Default
1536M

db_encryption_key

key for encrypting sensitive values in the CC database

Default
""

db_logging_level

Log level for cc database operations

Default
debug2

default_app_disk_in_mb

The default disk space an app gets

Default
1024

default_app_memory

How much memory given to an app if not specified

Default
1024

default_fog_connection

local_root

Local root when fog provider is not overridden (should be an NFS mount if using more than one cloud controller)

Default
/var/vcap/nfs/shared
provider

Local fog provider (should always be ‘Local’), used if fog_connection hash is not provided in the manifest

Default
Local

default_health_check_timeout

Default health check timeout (in seconds) that can be set for the app

Default
60

default_quota_definition

Local to use a local (NFS) file system. AWS to use AWS.

Default
default

default_running_security_groups

The default running security groups that will be seeded in CloudController.

default_stack

The default stack to use if no custom stack is specified by an app.

Default
lucid64

default_staging_security_groups

The default staging security groups that will be seeded in CloudController.

default_to_diego_backend

Use Diego backend by default for new apps

Default
false

development_mode

Enable development features for monitoring and insight

Default
false

diego_docker

Enable diego docker support

Default
false

directories

diagnostics

The directory where operator requested diagnostic files should be placed

Default
/var/vcap/data/cloud_controller_ng/diagnostics
tmpdir

The directory to use for temporary files

Default
/var/vcap/data/cloud_controller_ng/tmp

disable_custom_buildpacks

Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)

Default
false

droplets

cdn
key_pair_id

Key pair name for signed download URIs

Default
""
private_key

Private key for signing download URIs

Default
""
uri

URI for a CDN to used for droplet downloads

Default
""
droplet_directory_key

Directory (bucket) used store droplets. It does not have be pre-created.

Default
cc-droplets
fog_connection

Fog connection hash

external_host

Host part of the cloud_controller api URI, will be joined with value of ‘domain’

Default
api

external_port

External Cloud Controller port

Default
9022

external_protocol

The protocol used to access the CC API from an external entity

Default
http

failed_jobs

cutoff_age_in_days

How old a failed job should stay in cloud controller database before being cleaned up

Default
31

feature_disabled_message

Custom message to use for a disabled feature.

flapping_crash_count_threshold

The threshold of crashes after which the app is marked as flapping

Default
3

info

build

build attribute in the /info endpoint

custom

Custom values for /v2/info endpoint

description

free form description for attribute in the /info endpoint

name

name attribute in the /info endpoint

support_address

URL for the support attribute in the /info endpoint

version

version attribute in the /info endpoint

install_buildpacks

Set of buildpacks to install during deploy

instance_file_descriptor_limit

The file descriptors made available to each app instance

Default
16384

internal_api_password

Password used by Diego to access internal endpoints

internal_api_user

User name used by Diego to access internal endpoints

Default
internal_user

internal_service_hostname

DNS hostname that can resolve to any CC within the deployment

jobs

app_bits_packer
timeout_in_seconds

The longest this job can take before it is cancelled

app_events_cleanup
timeout_in_seconds

The longest this job can take before it is cancelled

app_usage_events_cleanup
timeout_in_seconds

The longest this job can take before it is cancelled

blobstore_delete
timeout_in_seconds

The longest this job can take before it is cancelled

blobstore_upload
timeout_in_seconds

The longest this job can take before it is cancelled

droplet_deletion
timeout_in_seconds

The longest this job can take before it is cancelled

droplet_upload
timeout_in_seconds

The longest this job can take before it is cancelled

global
timeout_in_seconds

The longest any job can take before it is cancelled unless overriden per job

Default
14400
local
number_of_workers

Number of local cloud_controller_worker workers

Default
2
model_deletion
timeout_in_seconds

The longest this job can take before it is cancelled

logging_level

Log level for cc

Default
debug2

logging_max_retries

Passthru value for Steno logger

Default
1

maximum_app_disk_in_mb

The maximum amount of disk a user can request

Default
2048

maximum_health_check_timeout

Maximum health check timeout (in seconds) that can be set for the app

Default
180

min_cli_version

Minimum version of the CF CLI to work with the API.

Minimum recommended version of the CF CLI.

newrelic

capture_params

Capture and send query params to NewRelic

Default
false
developer_mode

Activate NewRelic developer mode

Default
false
environment_name

The environment name used by NewRelic

Default
development
license_key

The api key for NewRelic

log_file_path

The location for NewRelic to log to

Default
/var/vcap/sys/log/cloud_controller_ng/newrelic
monitor_mode

Activate NewRelic monitor mode

Default
false
transaction_tracer
enabled

Enable transaction tracing in NewRelic

Default
false
record_sql

NewRelic’s SQL statement recording mode: [off | obfuscated | raw]

Default
"off"

packages

app_package_directory_key

Directory (bucket) used store app packages. It does not have be pre-created.

Default
cc-packages
cdn
key_pair_id

Key pair name for signed download URIs

Default
""
private_key

Private key for signing download URIs

Default
""
uri

URI for a CDN to used for app package downloads

Default
""
fog_connection

Fog connection hash

max_package_size

Maximum size of application package

Default
1.073741824e+09

quota_definitions

Hash of default quota definitions. Overriden by custom quota definitions.

renderer

default_results_per_page

Default number of results returned per page if user does not specify

Default
50
max_inline_relations_depth

Maximum depth of inlined relationships in the result

Default
2
max_results_per_page

Maximum number of results returned per page

Default
100

resource_pool

cdn
key_pair_id

Key pair name for signed download URIs

Default
""
private_key

Private key for signing download URIs

Default
""
uri

URI for a CDN to used for resource pool downloads

Default
""
fog_connection

Fog connection hash

maximum_size

Maximum size of a resource to add to the pool

Default
5.36870912e+08
minimum_size

Minimum size of a resource to add to the pool

Default
65536
resource_directory_key

Directory (bucket) used store app resources. It does not have be pre-created.

Default
cc-resources

security_group_definitions

Array of security groups that will be seeded into CloudController.

service_name

Service name to be advertised by Cloud Controller to consul

stacks

Tag used by the DEA to describe capabilities (i.e. ‘Windows7’, ‘python-linux’). DEA and CC must agree.

Default
  - description: Ubuntu 10.04 on x86-64
    name: lucid64
  - description: Cloud Foundry Linux-based filesystem
    name: cflinuxfs2

staging_file_descriptor_limit

File descriptor limit for staging tasks

Default
16384

staging_timeout_in_seconds

Timeout for staging a droplet

Default
900

staging_upload_password

S3 Secure Access Key for staging droplets on AWS installs; Blobstore password for other IaaSs

Default
""

staging_upload_user

S3 Access key for staging droplets on AWS installs; Blobstore user for other IaaSs

Default
""

thresholds

api
alert_if_above_mb

The cc will alert if memory remains above this threshold for 3 monit cycles

Default
2250
restart_if_above_mb

The cc will restart if memory remains above this threshold for 3 monit cycles

Default
2450
restart_if_consistently_above_mb

The cc will restart if memory remains above this threshold for 15 monit cycles

Default
2250

uaa_resource_id

Name of service to register to UAA

Default
cloud_controller,cloud_controller_service_permissions

users_can_select_backend

Allow non-admin users to switch their apps between DEA and Diego backends

Default
true

ccdb

address

databases

db_scheme

Default
postgres

max_ar_connections

Maximum connections for ActiveRecord

Default
5

max_connections

Maximum connections for Sequel

Default
25

pool_timeout

Default
10

port

roles

consul

domain

Domain name to be used for consul

dea_next

advertise_interval_in_seconds

Advertise interval for DEAs

Default
5

staging_disk_limit_mb

Disk limit in mb for staging tasks

Default
6144

staging_memory_limit_mb

Memory limit in mb for staging tasks

Default
1024

description

Default
Cloud Foundry sponsored by Pivotal

domain

domain where cloud_controller will listen (api.domain) often the same as the system domain

hm9000

url

logger_endpoint

port

Port for logger endpoint listed at /v2/info

Default
443

use_ssl

Whether to use ssl for logger endpoint listed at /v2/info

Default
true

login

enabled

whether use login as the authorization endpoint or not

Default
true

url

metron_endpoint

host

The host used to emit messages to the Metron agent

Default
127.0.0.1

port

The port used to emit messages to the Metron agent

Default
3456

shared_secret

The key used to sign log messages

name

Default
vcap

nats

machines

IP of each NATS cluster member.

password

Password for cc client to connect to NATS

port

IP port of Cloud Foundry NATS server

user

Username for cc client to connect to NATS

networks

apps

Cloud controller network information.

nfs_server

address

NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)

request_timeout_in_seconds

Timeout for requests in seconds.

Default
900

ssl

skip_cert_verify

specifies that the job is allowed to skip ssl cert verification

Default
false

support_address

Default
http://support.cloudfoundry.com

system_domain

Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen

system_domain_organization

The User Org that owns the system_domain, required if system_domain is defined

Default
""

uaa

cc

token_secret

clients

cc-service-dashboards
scope

Used to grant scope for SSO clients for service brokers

Default
openid,cloud_controller_service_permissions.read
secret

Used for generating SSO clients for service brokers.

cc_service_broker_client
scope

(DEPRECATED) - Used to grant scope for SSO clients for service brokers

Default
openid,cloud_controller_service_permissions.read
secret

(DEPRECATED) - Used for generating SSO clients for service brokers.

cloud_controller_username_lookup
client

Used for fetching usernames from UAA.

secret

Used for fetching usernames from UAA.

jwt

verification_key

ssl cert defined in the manifest by the UAA, required by the cc to communicate with UAA

Default
""

no_ssl

when true, uaa uses http, otherwise it uses https

Default
false

url

version

Default
"2"

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/cloud_controller_ng/ directory (learn more).

  • bin/cloud_controller_ng_ctl (from cloud_controller_api_ctl.erb)
  • bin/cloud_controller_worker_ctl (from cloud_controller_api_worker_ctl.erb)
  • bin/console (from console.erb)
  • bin/dns_health_check (from dns_health_check.erb)
  • bin/drain (from drain.rb)
  • bin/handle_local_blobstore.sh (from handle_local_blobstore.sh.erb)
  • bin/nginx_ctl (from nginx_ctl.erb)
  • bin/nginx_newrelic_plugin_ctl (from nginx_newrelic_plugin_ctl.erb)
  • bin/restart_drain (from restart_drain.rb)
  • bin/ruby_version.sh (from ruby_version.sh.erb)
  • config/cloud_controller_ng.yml (from cloud_controller_api.yml.erb)
  • config/mime.types (from mime.types)
  • config/newrelic.yml (from newrelic.yml.erb)
  • config/newrelic_plugin.yml (from newrelic_plugin.yml.erb)
  • config/nginx.conf (from nginx.conf.erb)
  • config/stacks.yml (from stacks.yml.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.