doppler job from cf/270
Github source:
86d5a4f4
or
master branch
Properties¶
doppler
¶
blacklisted_syslog_ranges
¶Blacklist for IPs that should not be used as syslog drains, e.g. internal ip addresses.
container_metric_ttl_seconds
¶TTL (in seconds) for container usage metrics
- Default
120
disable_announce
¶Disable doppler announcing via etcd
- Default
false
dropsonde_incoming_port
¶Port for incoming udp messages
- Default
3457
etcd
¶
client_cert
¶PEM-encoded client certificate
- Default
""
client_key
¶PEM-encoded client key
- Default
""
grpc_port
¶Port for outgoing log messages via GRPC
- Default
8082
health_addr
¶The host:port to expose health metrics for doppler
- Default
localhost:14825
locked_memory_limit
¶Size (KB) of shell’s locked memory limit. Set to ‘kernel’ to use the kernel’s default. Non-numeric values other than ‘kernel’, ‘soft’, ‘hard’, and ‘unlimited’ will result in an error.
- Default
unlimited
maxRetainedLogMessages
¶number of log messages to retain per application
- Default
100
message_drain_buffer_size
¶Size of the internal buffer used by doppler to store messages for output to firehose or ‘cf logs’. If the buffer gets full doppler will drop the messages.
- Default
10000
outgoing_port
¶Port for outgoing log messages via websockets
- Default
8081
pprof_port
¶The pprof port for runtime profiling data
- Default
0
sink_dial_timeout_seconds
¶Dial timeout for sinks
- Default
1
sink_inactivity_timeout_seconds
¶Interval before removing a sink due to inactivity
- Default
3600
sink_io_timeout_seconds
¶I/O Timeout on sinks
- Default
60
syslog_skip_cert_verify
¶When connecting over TLS, don’t verify certificates for syslog sink
- Default
true
unmarshaller_count
¶Number of parallel unmarshallers to run within Doppler
- Default
5
websocket_host
¶Host for websocket server
- Default
0.0.0.0
websocket_write_timeout_seconds
¶Interval before a websocket write is aborted if it does not succeed
- Default
60
zone
¶Zone of the doppler server
- Default
""
doppler_endpoint
¶
shared_secret
¶Shared secret used to verify cryptographically signed dropsonde messages
loggregator
¶
disable_syslog_drains
¶Disable syslog drain capability in Loggregator. This is meant to be used when migrating to scalable-syslog-release.
- Default
false
etcd
¶
ca_cert
¶PEM-encoded CA certificate
- Default
""
machines
¶IPs pointing to the ETCD cluster
- Default
[]
require_ssl
¶Enable ssl for all communication with etcd
- Default
false
tls
¶
ca_cert
¶CA root required for key/cert verification
cipher_suites
¶An ordered list of supported SSL cipher suites. Allowed cipher suites are TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384.
- Default
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
doppler
¶
cert
¶TLS certificate for doppler
key
¶TLS key for doppler
metron_endpoint
¶
dropsonde_port
¶The port used to emit dropsonde messages to the Metron agent
- Default
3457
grpc_port
¶The port used to emit grpc messages to the Metron agent
- Default
3458
host
¶The host used to emit messages to the Metron agent
- Default
127.0.0.1
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/doppler/
directory
(learn more).
bin/dns_health_check
(fromdns_health_check.erb
)bin/doppler_ctl
(fromdoppler_ctl.erb
)config/certs/doppler.crt
(fromdoppler.crt.erb
)config/certs/doppler.key
(fromdoppler.key.erb
)config/certs/etcd-ca.crt
(frometcd-ca.crt.erb
)config/certs/etcd-client.crt
(frometcd-client.crt.erb
)config/certs/etcd-client.key
(frometcd-client.key.erb
)config/certs/loggregator_ca.crt
(fromloggregator_ca.crt.erb
)config/doppler.json
(fromdoppler.json.erb
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.