Skip to content

policy-server job from netman/0.10.0

Github source: fcb529d3 or master branch

Properties

policy-server

ca_cert

Trusted CA certificate for clients

ca_cert_file

Trusted CA certificate file for clients

Default
/var/vcap/jobs/policy-server/config/certs/ca.crt

cc_url

Address of Cloud Controller server

Default
http://cloud-controller-ng.service.cf.internal:9022

database

connection_string

DEPRECATED: please instead set username,password,host,port,name

Default
""
host

Host (IP or DNS name) for database server

Default
""
name

Name of logical database to use

Default
""
password

Password for database connection

Default
""
port

Port for database server

Default
""
type

Type of database: postgres or mysql

Default
postgres
username

Username for database connection

Default
""

debug_server_host

Host for the debug server

Default
127.0.0.1

debug_server_port

Port for the debug server

Default
22222

internal_listen_port

Port where the policy server will serve its internal API

Default
4003

listen_host

Host where the policy server will serve its API

Default
0.0.0.0

listen_port

Port where the policy server will serve its external API

Default
4002

log_level

Logging level (debug, info, warn, error)

Default
info

metron_address

Forward metrics to this metron agent

Default
127.0.0.1:3457

server_cert

Server certificate for TLS

server_cert_file

Server certificate for TLS

Default
/var/vcap/jobs/policy-server/config/certs/server.crt

server_key

Server key for TLS

server_key_file

Server key file for TLS

Default
/var/vcap/jobs/policy-server/config/certs/server.key

skip_ssl_validation

Skip verifying ssl certs when speaking to UAA or Cloud Controller

Default
false

tag_length

Length in bytes of the packet tags to generate for policy sources and destinations. Must be greater than 0 and less than 4.

Default
2

uaa_client

UAA client name

Default
network-policy

uaa_client_secret

UAA client secret

Default
network-policy-secret

uaa_url

Address of UAA server

Default
https://uaa.service.cf.internal:8443

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/policy-server/ directory (learn more).

  • bin/policy-server_as_vcap (from policy-server_as_vcap.erb)
  • bin/policy-server_ctl (from policy-server_ctl.erb)
  • bin/pre-start (from pre-start.erb)
  • config/certs/ca.crt (from ca.crt.erb)
  • config/certs/server.crt (from server.crt.erb)
  • config/certs/server.key (from server.key.erb)
  • config/policy-server.json (from policy-server.json.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.