nats-tls job from nats/40

TLS-secured NATS server providing a publish-subscribe messaging system for Cloud Foundry components.

Github source: b466cef or master branch

Properties¶

nats¶

authorization_timeout¶

After accepting a connection, wait up to this many seconds for credentials.

Default

15

cluster_port¶

The port for the NATS servers to communicate with other servers in the cluster.

Default

4225

debug¶

Enable debug logging output.

Default

false

external¶

tls¶

ca¶

Certificate of the CA for publisher/subscriber traffic. In PEM format.

certificate¶

Certificate for publisher/subscriber traffic. In PEM format.

private_key¶

Private key for publisher/subscriber traffic. In PEM format.

hostname¶

Hostname for nats cluster. Set this to the value of your bosh-dns-alias. See example-manifests/ops-files/enable_nats_tls_for_cf.yml for an example.

internal¶

tls¶

ca¶

Certificate of the CA for cluster-internal traffic. In PEM format.

certificate¶

Certificate for cluster-internal traffic. In PEM format.

enabled¶

Enable mutually authenticated TLS for NATS cluster-internal traffic.

Default

false

private_key¶

Private key for cluster-internal traffic. In PEM format.

machines¶

IP or Domain Name of each NATS cluster member.

monitor_port¶

Port for varz and connz monitoring. 0 means disabled.

Default

0

no_advertise¶

When configured to true, this nats server will not be advertised to any nats clients.

Default

true

nontls_cluster_port¶

The port for the NATS servers to communicate with other servers in the cluster. No default but usually 4223.

password¶

Password for server authentication.

port¶

The port for the NATS server to listen on.

Default

4224

prof_port¶

Port for pprof. 0 means disabled.

Default

0

trace¶

Enable trace logging output.

Default

false

user¶

Username for server authentication.

write_deadline¶

Maximum number of seconds the server will block when writing. Once this threshold is exceeded the connection will be closed and the client will be considered as Slow Consumer.

Default

2s

Templates¶

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/nats-tls/ directory (learn more).

• bin/pre-start (from pre-start.erb)
• config/bpm.yml (from bpm.erb.yml)
• config/external_tls/ca.pem (from external_tls/ca.pem.erb)
• config/external_tls/certificate.pem (from external_tls/certificate.pem.erb)
• config/external_tls/private_key.pem (from external_tls/private_key.pem.erb)
• config/internal_tls/ca.pem (from internal_tls/ca.pem.erb)
• config/internal_tls/certificate.pem (from internal_tls/certificate.pem.erb)
• config/internal_tls/private_key.pem (from internal_tls/private_key.pem.erb)
• config/nats-tls.conf (from nats-tls.conf.erb)

Packages¶

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.

• gnatsd