Skip to content

cloud_controller_ng job from cf/256

The Cloud Controller provides primary Cloud Foundry API that is by the CF CLI. The Cloud Controller uses a database to keep tables for organizations, spaces, apps, services, service instances, user roles, and more. Typically multiple instances of Cloud Controller are load balanced.

Github source: b6343b5a or master branch

Properties

app_domains

Array of domains for user apps (example: ‘user.app.space.foo’, a user app called ‘neat’ will listen at ‘http://neat.user.app.space.foo')

Example
|+
  - name: example.com
  - name: tcp.example.com
    router_group_name: default-tcp

app_ssh

host_key_fingerprint

Fingerprint of the host key of the SSH proxy that brokers connections to application instances. Supported fingerprint formats: SHA256 (recommended), SHA1 and MD5 Example fingerprints by format: SHA256: 0KmvfcwFCnwQRviOJEwZtnz5qoi76BVb8dm3/vgilCI SHA1: b8:80:2c:8c:d7:25:ad:2a:b4:8c:02:34:52:06:f7:ba:1f:0d:02:de MD5: d2:d6:b9:d7:f9:c4:15:70:de:af:c7:36:88:3a:60:12

oauth_client_id

The oauth client ID of the SSH proxy

Default
ssh-proxy

port

External port for SSH access to application instances

Default
2222

build

‘build’ attribute in the /v2/info endpoint

Default
""

cc

allow_app_ssh_access

Allow users to change the value of the app-level allow_ssh attribute

Default
true

allowed_cors_domains

List of domains (including scheme) from which Cross-Origin requests will be accepted, a * can be used as a wildcard for any part of a domain

Default
[]

app_bits_max_body_size

Maximum body size for nginx bits uploads

Default
1536M

app_bits_upload_grace_period_in_seconds

Extra token expiry time while uploading big apps.

Default
1200

app_events

cutoff_age_in_days

How old an app event should stay in cloud controller database before being cleaned up

Default
31

app_usage_events

cutoff_age_in_days

How old an app usage event should stay in cloud controller database before being cleaned up

Default
31

audit_events

cutoff_age_in_days

How old an audit event should stay in cloud controller database before being cleaned up

Default
31

bits_service

enabled

Enable integration of the bits-service incubator (experimental)

Default
false
password

Password for the bits-service

Default
""
private_endpoint

Private url for the bits-service service

Default
""
public_endpoint

Public url for the bits-service service

Default
""
username

Username for the bits-service

Default
""

broker_client_default_async_poll_interval_seconds

Specifies interval on which the CC will poll a service broker for asynchronous actions. If the service broker provides a value, this value is the minimum accepted value the broker can provide.

Default
60

broker_client_max_async_poll_duration_minutes

The max duration the CC will fetch service instance state from a service broker (in minutes). Default is 1 week

Default
10080

broker_client_timeout_seconds

For requests to service brokers, this is the HTTP (open and read) timeout setting.

Default
60

buildpacks

blobstore_type

The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]

Default
fog
buildpack_directory_key

Directory (bucket) used store buildpacks. It does not have be pre-created.

Default
cc-buildpacks
cdn
key_pair_id

Key pair name for signed download URIs

Default
""
private_key

Private key for signing download URIs

Default
""
uri

URI for a CDN to used for buildpack downloads

Default
""
fog_aws_storage_options

Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.

Default
{}
fog_connection

Fog connection hash

webdav_config
blobstore_timeout

The timeout in seconds for requests to the blobstore

Default
5
ca_cert

The ca cert to use when communicating with webdav

Default
""
password

The basic auth password that CC uses to connect to the admin endpoint on webdav

Default
""
private_endpoint

The location of the webdav server eg: https://blobstore.internal

Default
https://blobstore.service.cf.internal:4443
public_endpoint

The location of the webdav server eg: https://blobstore.com

Default
""
username

The basic auth user that CC uses to connect to the admin endpoint on webdav

Default
""

bulk_api_password

Password used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS

bulk_api_user

User used to access the bulk_api, health_manager uses it to connect to the cc, announced over NATS

Default
bulk_api

cc_partition

Deprecated. Defines a ‘partition’ for the health_manager job

Default
default

client_max_body_size

Maximum body size for nginx

Default
15M

completed_tasks

cutoff_age_in_days

How long a completed task will stay in cloud controller database before being cleaned up based on last updated time with success or failure.

Default
31

core_file_pattern

Filename template for core dump files. Use an empty string if you don’t want core files saved.

Default
/var/vcap/sys/cores/core-%e-%s-%p-%t

db_encryption_key

key for encrypting sensitive values in the CC database

Default
""

db_logging_level

Log level for cc database operations

Default
debug2

dea_use_https

enable ssl for communication with DEAs

Default
false

default_app_disk_in_mb

The default disk space an app gets

Default
1024

default_app_memory

How much memory given to an app if not specified

Default
1024

default_app_ssh_access

When ssh is allowed and not explicitly set in the application, new applications will start with ssh service enabled

Default
true

default_health_check_timeout

Default health check timeout (in seconds) that can be set for the app

Default
60

default_quota_definition

The name of the quota definition CC will fallback on for org and space limits from the list of quota definitions.

Default
default

default_running_security_groups

The default running security groups that will be seeded in CloudController. Note: security groups are only seeded on the first deploy, after which they should be managed via the API

default_stack

The default stack to use if no custom stack is specified by an app.

Default
cflinuxfs2

default_staging_security_groups

The default staging security groups that will be seeded in CloudController. Note: security groups are only seeded on the first deploy, after which they should be managed via the API

default_to_diego_backend

Use Diego backend by default for new apps

Default
false

development_mode

Enable development features for monitoring and insight

Default
false

diego

bbs
url

URL of the BBS Server

Default
https://bbs.service.cf.internal:8889
cc_uploader_url

URL of cc uploader

Default
http://cc-uploader.service.cf.internal:9090
docker_staging_stack

stack to use for staging Docker applications

Default
cflinuxfs2
file_server_url

URL of file server

Default
http://file-server.service.cf.internal:8080
insecure_docker_registry_list

An array of insecure Docker registries in the form of :PORT

Default
[]
lifecycle_bundles

List of lifecycle bundles arguments for different stacks

Default
  buildpack/cflinuxfs2: buildpack_app_lifecycle/buildpack_app_lifecycle.tgz
  buildpack/windows2012R2: windows_app_lifecycle/windows_app_lifecycle.tgz
  docker: docker_app_lifecycle/docker_app_lifecycle.tgz
nsync_url

URL of the Diego nsync service

Default
http://nsync.service.cf.internal:8787
pid_limit

Maximum pid limit for containerized work running user-provided code

Default
1024
stager_url

URL of the Diego stager service

Default
http://stager.service.cf.internal:8888
temporary_local_apps

Temporary flag to manage app state directly to the bbs from cc

Default
false
temporary_local_staging

Temporary flag to enable staging directly to the bbs from cc

Default
false
temporary_local_sync

Temporary flag to run sync job between cc and bbs

Default
false
temporary_local_tasks

Temporary flag to run tasks directly to the bbs from cc

Default
false
temporary_local_tps

Temporary flag to fetch app instances directly to the bbs from cc

Default
false
tps_url

URL of the Diego tps service

Default
http://tps.service.cf.internal:1518
use_privileged_containers_for_running

Whether or not to use privileged containers for running buildpack apps and tasks.

Default
false
use_privileged_containers_for_staging

Whether or not to use privileged containers for staging tasks.

Default
false

directories

diagnostics

The directory where operator requested diagnostic files should be placed

Default
/var/vcap/data/cloud_controller_ng/diagnostics
tmpdir

The directory to use for temporary files

Default
/var/vcap/data/cloud_controller_ng/tmp

disable_custom_buildpacks

Disable external (i.e. git) buildpacks? (Admin buildpacks and system buildpacks only.)

Default
false

droplets

blobstore_type

The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]

Default
fog
cdn
key_pair_id

Key pair name for signed download URIs

Default
""
private_key

Private key for signing download URIs

Default
""
uri

URI for a CDN to used for droplet downloads

Default
""
droplet_directory_key

Directory (bucket) used store droplets. It does not have be pre-created.

Default
cc-droplets
fog_aws_storage_options

Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.

Default
{}
fog_connection

Fog connection hash

max_staged_droplets_stored

Number of recent, staged droplets stored per app (not including current droplet)

Default
5
webdav_config
blobstore_timeout

The timeout in seconds for requests to the blobstore

Default
5
ca_cert

The ca cert to use when communicating with webdav

Default
""
password

The basic auth password that CC uses to connect to the admin endpoint on webdav

Default
""
private_endpoint

The location of the webdav server eg: https://blobstore.internal

Default
https://blobstore.service.cf.internal:4443
public_endpoint

The location of the webdav server eg: https://blobstore.com

Default
""
username

The basic auth user that CC uses to connect to the admin endpoint on webdav

Default
""

external_host

Host part of the cloud_controller api URI, will be joined with value of ‘domain’

Default
api

external_port

External Cloud Controller port

Default
9022

external_protocol

The protocol used to access the CC API from an external entity

Default
https

failed_jobs

cutoff_age_in_days

How old a failed job should stay in cloud controller database before being cleaned up

Default
31

feature_disabled_message

Custom message to use for a disabled feature.

flapping_crash_count_threshold

The threshold of crashes after which the app is marked as flapping

Default
3

info

custom

Custom attribute keys and values for /v2/info endpoint

install_buildpacks

Set of buildpacks to install during deploy

instance_file_descriptor_limit

The file descriptors made available to each app instance

Default
16384

internal_api_password

Password used by Diego to access internal endpoints

internal_api_user

User name used by Diego to access internal endpoints

Default
internal_user

internal_service_hostname

Internal hostname used to resolve the address of the Cloud Controller

Default
cloud-controller-ng.service.cf.internal

jobs

app_bits_packer
timeout_in_seconds

The longest this job can take before it is cancelled

app_events_cleanup
timeout_in_seconds

The longest this job can take before it is cancelled

app_usage_events_cleanup
timeout_in_seconds

The longest this job can take before it is cancelled

blobstore_delete
timeout_in_seconds

The longest this job can take before it is cancelled

blobstore_upload
timeout_in_seconds

The longest this job can take before it is cancelled

droplet_deletion
timeout_in_seconds

The longest this job can take before it is cancelled

droplet_upload
timeout_in_seconds

The longest this job can take before it is cancelled

global
timeout_in_seconds

The longest any job can take before it is cancelled unless overridden per job

Default
14400
local
number_of_workers

Number of local cloud_controller_worker workers

Default
2

logging_level

Log level for cc

Default
info

logging_max_retries

Passthru value for Steno logger

Default
1

loggregator

internal_url

Internal url used to communicate with traffic_controller

Default
http://loggregator-trafficcontroller.service.cf.internal:8081

maximum_app_disk_in_mb

The maximum amount of disk a user can request

Default
2048

maximum_health_check_timeout

Maximum health check timeout (in seconds) that can be set for the app

Default
180

min_cli_version

Minimum version of the CF CLI to work with the API.

Minimum recommended version of the CF CLI.

minimum_candidate_stagers

Minimum number of candidate deas for staging. Defaults to 5, should be fewer than the total DEAs in the deployment.

Default
5

mutual_tls

ca_cert

PEM-encoded CA certificate for secure, mutually authenticated TLS communication

private_key

PEM-encoded key for secure, mutually authenticated TLS communication

public_cert

PEM-encoded certificate for secure, mutually authenticated TLS communication

newrelic

capture_params

Capture and send query params to NewRelic

Default
false
developer_mode

Activate NewRelic developer mode

Default
false
environment_name

The environment name used by NewRelic

Default
development
license_key

The api key for NewRelic

log_file_path

The location for NewRelic to log to

Default
/var/vcap/sys/log/cloud_controller_ng/newrelic
monitor_mode

Activate NewRelic monitor mode

Default
false
transaction_tracer
enabled

Enable transaction tracing in NewRelic

Default
false
record_sql

NewRelic’s SQL statement recording mode: [off | obfuscated | raw]

Default
"off"

nginx

ip

IP for nginx

Default
""

nginx_access_log_destination

The nginx access log destination. This can be used to route access logs to a file, syslog, or a memory buffer.

Default
/var/vcap/sys/log/nginx_cc/nginx.access.log

nginx_access_log_format

The nginx log format string to use when writing to the access log.

Default
  |+
    $host - [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent" $proxy_add_x_forwarded_for vcap_request_id:$upstream_http_x_vcap_request_id response_time:$upstream_response_time

nginx_error_log_destination

The nginx error log destination. This can be used to route error logs to a file, syslog, or a memory buffer.

Default
/var/vcap/sys/log/nginx_cc/nginx.error.log

nginx_error_log_level

The lowest severity nginx log level to capture in the error log.

Default
error

nginx_rate_limit_general

The rate limiting and burst value to use for ‘/’

Example
|+
  limit: 100r/s
  burst: 500

nginx_rate_limit_zones

Array of zones to do rate limiting for.

Example
|+
  - name: apps
    location: /v2/apps
    limit: 10r/s
    burst: 50
  - name: spaces
    location: ~ ^/v2/spaces/(.*)
    limit: 10r/s
    burst: 100

packages

app_package_directory_key

Directory (bucket) used store app packages. It does not have be pre-created.

Default
cc-packages
blobstore_type

The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]

Default
fog
cdn
key_pair_id

Key pair name for signed download URIs

Default
""
private_key

Private key for signing download URIs

Default
""
uri

URI for a CDN to used for app package downloads

Default
""
fog_aws_storage_options

Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.

Default
{}
fog_connection

Fog connection hash

max_package_size

Maximum size of application package

Default
1.073741824e+09
max_valid_packages_stored

Number of recent, valid packages stored per app (not including package for current droplet)

Default
5
webdav_config
blobstore_timeout

The timeout in seconds for requests to the blobstore

Default
5
ca_cert

The ca cert to use when communicating with webdav

Default
""
password

The basic auth password that CC uses to connect to the admin endpoint on webdav

Default
""
private_endpoint

The location of the webdav server eg: https://blobstore.internal

Default
https://blobstore.service.cf.internal:4443
public_endpoint

The location of the webdav server eg: https://blobstore.com

Default
""
username

The basic auth user that CC uses to connect to the admin endpoint on webdav

Default
""

placement_top_stager_percentage

The percentage of top stagers considered when choosing a stager

Default
10

quota_definitions

Hash of default quota definitions to be seeded. This property can be used to add quotas with subsequent deploys, but not to update existing ones.

Example
|+
  - example-quota:
      memory_limit: 10240
      non_basic_services_allowed: true
      total_routes: 1000
      total_service_keys: 1000
      total_services: 100
      total_reserved_route_ports: 10

rate_limiter

enabled

Enable rate limiting for UAA-authenticated endpoints per user or client

Default
false
general_limit

The number of requests a user or client is allowed to make for all endpoints that do not have a custom limit over the configured interval

Default
2000
reset_interval_in_minutes

The interval in minutes, after which, a user’s available api requests will be reset

Default
60
unauthenticated_limit

The number of requests an unauthenticated client is allowed to make over the configured interval

Default
100

renderer

default_results_per_page

Default number of results returned per page if user does not specify

Default
50
max_inline_relations_depth

Maximum depth of inlined relationships in the result

Default
2
max_results_per_page

Maximum number of results returned per page

Default
100

reserved_private_domains

File location of a list of reserved private domains (for file format, see https://publicsuffix.org/)

resource_pool

blobstore_type

The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]

Default
fog
cdn
key_pair_id

Key pair name for signed download URIs

Default
""
private_key

Private key for signing download URIs

Default
""
uri

URI for a CDN to used for resource pool downloads

Default
""
fog_aws_storage_options

Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.

Default
{}
fog_connection

Fog connection hash

maximum_size

Maximum size of a resource to add to the pool

Default
5.36870912e+08
minimum_size

Minimum size of a resource to add to the pool

Default
65536
resource_directory_key

Directory (bucket) used store app resources. It does not have be pre-created.

Default
cc-resources
webdav_config
blobstore_timeout

The timeout in seconds for requests to the blobstore

Default
5
ca_cert

The ca cert to use when communicating with webdav

Default
""
password

The basic auth password that CC uses to connect to the admin endpoint on webdav

Default
""
private_endpoint

The location of the webdav server eg: https://blobstore.internal

Default
https://blobstore.service.cf.internal:4443
public_endpoint

The location of the webdav server eg: https://blobstore.com

Default
""
username

The basic auth user that CC uses to connect to the admin endpoint on webdav

Default
""

run_prestart_migrations

Run Cloud Controller DB migrations in BOSH pre-start script. Should be changed to false for deployments where the PostgreSQL job is deployed to the same VM as Cloud Controller. Otherwise, the default of true is preferable.

Default
true

security_event_logging

enabled

Enable logging of all requests made to the Cloud Controller in CEF format.

Default
false

security_group_definitions

Array of security groups that will be seeded into CloudController. Note: security groups are only seeded on the first deploy, after which they should be managed via the API

service_usage_events

cutoff_age_in_days

How old a service usage event should stay in cloud controller database before being cleaned up

Default
31

shared_isolation_segment_name

Name of the shared isolation segment created at startup. This field can be updated, but subject to the following caveat: Using the name of an existing IS will cause a deployment to fail. To recover, redeploy using the last valid Shared Isolation Segment name.

Default
shared

stacks

Tag used by the DEA to describe capabilities (i.e. ‘Windows7’, ‘python-linux’). DEA and CC must agree.

Default
  - description: Cloud Foundry Linux-based filesystem
    name: cflinuxfs2

staging_file_descriptor_limit

File descriptor limit for staging tasks

Default
16384

staging_timeout_in_seconds

Timeout for staging a droplet

Default
900

staging_upload_password

User’s password used to access internal endpoints of Cloud Controller to upload files when staging

Default
""

staging_upload_user

User name used to access internal endpoints of Cloud Controller to upload files when staging

Default
""

statsd_host

The host for the statsd server, defaults to the local metron agent

Default
127.0.0.1

statsd_port

The port for the statsd server, defaults to the local metron agent

Default
8125

system_hostnames

List of hostnames for which routes cannot be created on the system domain.

Default
  - api
  - uaa
  - login
  - doppler
  - loggregator
  - hm9000

thresholds

api
alert_if_above_mb

The cc will alert if memory remains above this threshold for 3 monit cycles

Default
3500
restart_if_above_mb

The cc will restart if memory remains above this threshold for 3 monit cycles

Default
3750
restart_if_consistently_above_mb

The cc will restart if memory remains above this threshold for 15 monit cycles

Default
3500

tls_port

Port for internal TLS communication

Default
9023

uaa

internal_url

The internal url used by UAA

Default
uaa.service.cf.internal

uaa_resource_id

Name of service to register to UAA

Default
cloud_controller,cloud_controller_service_permissions

users_can_select_backend

Allow non-admin users to switch their apps between DEA and Diego backends

Default
true

volume_services_enabled

Enable binding to services that provide volume_mount information.

Default
false

ccdb

address

The address of the database server

databases

Contains the name of the database on the database server

db_scheme

The type of database being used. mysql or postgres

Default
postgres

max_connections

Maximum connections for Sequel

Default
25

pool_timeout

The timeout for Sequel pooled connections

Default
10

port

The port of the database server

roles

Users to create on the database when seeding

dea_next

advertise_interval_in_seconds

Advertise interval for DEAs

Default
5

ca_cert

PEM-encoded CA certificate

client_cert

PEM-encoded server certificate

client_key

PEM-encoded server key

staging_disk_limit_mb

Disk limit in mb for staging tasks

Default
4096

staging_memory_limit_mb

Memory limit in mb for staging tasks

Default
1024

description

‘description’ attribute in the /v2/info endpoint

Default
""

domain

Deprecated in favor of system_domain. Domain where cloud_controller will listen (api.domain)

doppler

enabled

Whether to expose the doppler_logging_endpoint listed at /v2/info

Default
true

port

Port for doppler_logging_endpoint listed at /v2/info

Default
443

use_ssl

Whether to use ssl for the doppler_logging_endpoint listed at /v2/info

Default
true

hm9000

port

Port of the hm9000 Api Server

Default
5155

url

URL of the hm9000 server

logger_endpoint

port

Port for logger endpoint listed at /v2/info

Default
443

use_ssl

Whether to use ssl for logger endpoint listed at /v2/info

Default
true

login

enabled

whether use login as the authorization endpoint or not

Default
true

protocol

http or https

Default
https

url

URL of the login server

metron_endpoint

host

The host used to emit messages to the Metron agent

Default
127.0.0.1

port

The port used to emit messages to the Metron agent

Default
3457

name

‘name’ attribute in the /v2/info endpoint

Default
""

nats

machines

IP of each NATS cluster member. Deprecated in favor of nats link, which will be used if this is not provided.

password

Password for cc client to connect to NATS. Deprecated in favor of nats link.

port

IP port of Cloud Foundry NATS server. Deprecated in favor of nats link.

user

Username for cc client to connect to NATS. Deprecated in favor of nats link.

nfs_server

address

NFS server for droplets and apps (not used in an AWS deploy, use s3 instead)

share_path

The location at which to mount the nfs share

Default
/var/vcap/nfs

request_timeout_in_seconds

Timeout for requests in seconds.

Default
900

router

route_services_secret

Support for route services is disabled when no value is configured.

Default
""

routing_api

enabled

Whether to expose the routing_endpoint listed at /v2/info. Enable this after deploying the Routing API

Default
false

ssl

skip_cert_verify

specifies that the job is allowed to skip ssl cert verification

Default
false

support_address

‘support’ attribute in the /v2/info endpoint

Default
""

system_domain

Domain reserved for CF operator, base URL where the login, uaa, and other non-user apps listen

system_domain_organization

An organization that will be created as part of the seeding process. When the system_domain is not shared with (in the list of) app_domains, this is required as the system_domain will be created as a PrivateDomain in this organization.

Default
system

uaa

ca_cert

The certificate authority being used by UAA

cc

token_secret

Symmetric secret used to decode uaa tokens. Used for testing.

clients

cc-service-dashboards
scope

Used to grant scope for SSO clients for service brokers

Default
openid,cloud_controller_service_permissions.read
secret

Used for generating SSO clients for service brokers.

cc_routing
secret

Used for fetching routing information from the Routing API

cc_service_broker_client
scope

(DEPRECATED) - Used to grant scope for SSO clients for service brokers

Default
openid,cloud_controller_service_permissions.read
secret

(DEPRECATED) - Used for generating SSO clients for service brokers.

cloud_controller_username_lookup
secret

Used for fetching usernames from UAA.

port

The port used by UAA for non-ssl connections

ssl

port

The port used by UAA for ssl connections

Default
8443

url

URL of the UAA server

version

‘version’ attribute in the /v2/info endpoint

Default
0

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/cloud_controller_ng/ directory (learn more).

  • bin/blobstore_waiter.sh (from blobstore_waiter.sh.erb)
  • bin/cloud_controller_ng_ctl (from cloud_controller_api_ctl.erb)
  • bin/cloud_controller_worker_ctl (from cloud_controller_api_worker_ctl.erb)
  • bin/console (from console.erb)
  • bin/dns_health_check (from dns_health_check.erb)
  • bin/drain (from drain.rb)
  • bin/migrate_db (from migrate_db.sh.erb)
  • bin/nginx_ctl (from nginx_ctl.erb)
  • bin/nginx_newrelic_plugin_ctl (from nginx_newrelic_plugin_ctl.erb)
  • bin/post-start (from post-start.sh.erb)
  • bin/pre-start (from pre-start.sh.erb)
  • bin/restart_drain (from restart_drain.rb)
  • bin/ruby_version.sh (from ruby_version.sh.erb)
  • bin/seed_db (from seed_db.sh.erb)
  • bin/setup_local_blobstore.sh (from setup_local_blobstore.sh.erb)
  • config/certs/buildpacks_ca_cert.pem (from buildpacks_ca_cert.pem.erb)
  • config/certs/dea_ca.crt (from dea_ca.crt.erb)
  • config/certs/dea_client.crt (from dea_client.crt.erb)
  • config/certs/dea_client.key (from dea_client.key.erb)
  • config/certs/droplets_ca_cert.pem (from droplets_ca_cert.pem.erb)
  • config/certs/mutual_tls.crt (from mutual_tls.crt.erb)
  • config/certs/mutual_tls.key (from mutual_tls.key.erb)
  • config/certs/mutual_tls_ca.crt (from mutual_tls_ca.crt.erb)
  • config/certs/packages_ca_cert.pem (from packages_ca_cert.pem.erb)
  • config/certs/resource_pool_ca_cert.pem (from resource_pool_ca_cert.pem.erb)
  • config/certs/uaa_ca.crt (from uaa_ca.crt.erb)
  • config/cloud_controller_ng.yml (from cloud_controller_api.yml.erb)
  • config/mime.types (from mime.types)
  • config/newrelic.yml (from newrelic.yml.erb)
  • config/newrelic_plugin.yml (from newrelic_plugin.yml.erb)
  • config/nginx.conf (from nginx.conf.erb)
  • config/stacks.yml (from stacks.yml.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.