shield-agent job from shield/8.7.2
Github source:
d59bf14
or
master branch
Properties¶
agent
¶
key
¶SSH public key used for securing communications between SHIELD Agents and the SHIELD Core.
macs
¶List of message authentication code implementations to allow when negotiating SSH with the core.
- Default
- [email protected] - hmac-sha2-256 - hmac-sha1
core
¶
ca
¶The PEM-encoded certificate of the CA that signed the Shield Certificate. The SHIELD agent needs this so that it can trust the Shield-Core certificate.
env
¶
auto
¶Augment the plugin environment with the appropriate bin/, sbin/, and lib/ directories from all BOSH packages named ‘shield-addon-*’
- Default
true
http_proxy
¶The URL of an upstream HTTP proxy for proxying all unencrypted web communications (pursuant to env.no_proxy).
https_proxy
¶The URL of an upstream HTTP proxy for proxying all encrypted web communications (pursuant to env.no_proxy).
libs
¶A list of paths to append to $LD_LIBRARY_PATH, so that plugins can use tools and utilities when they run.
no_proxy
¶A list of domains, partial domains (i.e. “.example.com”), and IP addresses that should not be routed through env.http_proxy and env.https_proxy.
path
¶A list of paths to append to $PATH, so that plugins can find tools and utilities when they run.
log-level
¶
Log level for shield-agent processes
- Default
error
name
¶
Name of the agent, used for registration. The placeholders ‘(deployment)’, ‘(name)’, ‘(index)’, and ‘(az)’ can be used, to pull information from the BOSH deployment.
- Default
(deployment)/(name)@(az)/(index)
plugin_paths
¶
Map of paths that the binary of the plugins can be found
- Example
-
|+ plugin_paths: atmos: /var/vcap/packages/atmos-plugin/bin
port
¶
port to run agent
- Default
5444
require-shield-core
¶
Require the SHIELD Core (via the ‘shield’ link, or at shield-url
) to be up when we provision. This is on by default, but can be disabled if the operator needs a deployment to continue on even in the event of agent / core miscommunication.
- Default
true
shield-url
¶
The URL of the SHIELD core that this agent should register with. If you use the ‘shield’ link, this property will be ignored.
ulimit
¶
fds
¶The maximum number of open files (including sockets) that the shield-agent process can have.
- Default
default
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/shield-agent/
directory
(learn more).
bin/shield-agent
(frombin/shield-agent
)config/agent.conf
(fromconfig/agent.conf
)config/agent.key
(fromconfig/agent.key
)config/tls/shield.ca
(fromconfig/tls/shield.ca
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.