nats-tls job from nats/38
TLS-secured NATS server providing a publish-subscribe messaging system for Cloud Foundry components.
Github source:
140e2e8
or
master branch
Properties¶
nats
¶
authorization_timeout
¶After accepting a connection, wait up to this many seconds for credentials.
- Default
15
cluster_port
¶The port for the NATS servers to communicate with other servers in the cluster.
- Default
4225
debug
¶Enable debug logging output.
- Default
false
external
¶
tls
¶
ca
¶Certificate of the CA for publisher/subscriber traffic. In PEM format.
certificate
¶Certificate for publisher/subscriber traffic. In PEM format.
private_key
¶Private key for publisher/subscriber traffic. In PEM format.
hostname
¶Hostname for nats cluster. Set this to the value of your bosh-dns-alias. See example-manifests/ops-files/enable_nats_tls_for_cf.yml for an example.
internal
¶
tls
¶
ca
¶Certificate of the CA for cluster-internal traffic. In PEM format.
certificate
¶Certificate for cluster-internal traffic. In PEM format.
enabled
¶Enable mutually authenticated TLS for NATS cluster-internal traffic.
- Default
false
private_key
¶Private key for cluster-internal traffic. In PEM format.
machines
¶IP of each NATS cluster member.
monitor_port
¶Port for varz and connz monitoring. 0 means disabled.
- Default
0
no_advertise
¶When configured to true, this nats server will not be advertised to any nats clients.
- Default
true
password
¶Password for server authentication.
port
¶The port for the NATS server to listen on.
- Default
4224
prof_port
¶Port for pprof. 0 means disabled.
- Default
0
trace
¶Enable trace logging output.
- Default
false
user
¶Username for server authentication.
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/nats-tls/
directory
(learn more).
bin/pre-start
(frompre-start.erb
)config/bpm.yml
(frombpm.erb.yml
)config/external_tls/ca.pem
(fromexternal_tls/ca.pem.erb
)config/external_tls/certificate.pem
(fromexternal_tls/certificate.pem.erb
)config/external_tls/private_key.pem
(fromexternal_tls/private_key.pem.erb
)config/internal_tls/ca.pem
(frominternal_tls/ca.pem.erb
)config/internal_tls/certificate.pem
(frominternal_tls/certificate.pem.erb
)config/internal_tls/private_key.pem
(frominternal_tls/private_key.pem.erb
)config/nats-tls.conf
(fromnats-tls.conf.erb
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.