Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ---
- <%
- director_uuid = "XXXXXXXXXXXXXXXXXXXX-XXXXXXXXXXXX"
- protocol = "https"
- cf_release = "228"
- ip_address = "10.0.0.147"
- common_password = "c1oudc0w"
- root_domain = "cf.test.com"
- cc_api_url = "https://api.cf.test.com"
- deployment_name = "cloudfoundry-DEV"
- %>
- name: <%= deployment_name %>
- director_uuid: <%= director_uuid %>
- releases:
- - name: cf
- version: <%= cf_release %>
- compilation:
- workers: 4
- network: default
- reuse_compilation_vms: true
- cloud_properties:
- instance_type: m1.small
- update:
- canaries: 1
- canary_watch_time: 30000-300000
- update_watch_time: 30000-300000
- max_in_flight: 1
- networks:
- - name: floating
- type: vip
- cloud_properties:
- security_groups:
- - open
- - name: default
- type: dynamic
- cloud_properties:
- security_groups:
- - open
- resource_pools:
- - name: small
- network: default
- size: 11
- stemcell:
- name: bosh-openstack-kvm-ubuntu-trusty-go_agent
- version: 3147
- cloud_properties:
- instance_type: m1.small
- jobs:
- - name: ha_proxy_z1
- templates:
- - name: haproxy
- - name: metron_agent
- - name: consul_agent
- release: cf
- instances: 1
- resource_pool: small
- networks:
- - name: default
- default: [dns, gateway]
- - name: floating
- static_ips:
- - <%= ip_address %>
- properties:
- router:
- servers:
- z1:
- - 10.0.0.172
- z2:
- - 10.0.0.172
- metron_agent:
- zone: z1
- ha_proxy:
- ssl_pem: |
- - name: common1
- templates:
- - name: postgres
- release: cf
- instances: 1
- resource_pool: small
- persistent_disk: 16384
- networks:
- - name: default
- default: [dns, gateway]
- - name: floating
- static_ips:
- - 10.0.0.132
- properties:
- db: databases
- metron_agent:
- zone: z1
- - name: common2
- templates:
- - name: collector
- - name: nats
- - name: uaa
- - name: metron_agent
- - name: statsd-injector
- - name: route_registrar
- - name: consul_agent
- release: cf
- instances: 1
- resource_pool: small
- persistent_disk: 16384
- networks:
- - name: default
- default: [dns, gateway]
- - name: floating
- static_ips:
- - 10.0.0.133
- properties:
- consul:
- agent:
- services:
- uaa: {}
- metron_agent:
- zone: z1
- loggregator_endpoint:
- host: 10.0.0.140
- port: 3456
- shared_secret: ilovesecrets
- route_registrar:
- routes:
- - name: uaa
- port: 8080
- tags:
- component: uaa
- uris:
- - uaa.<%= root_domain %>
- - '*.uaa.<%= root_domain %>'
- - login.<%= root_domain %>
- - '*.login.<%= root_domain %>'
- uaa:
- proxy:
- servers:
- - 10.0.0.172
- - name: dea
- templates:
- - name: dea_next
- - name: dea_logging_agent
- - name: metron_agent
- release: cf
- instances: 1
- resource_pool: small
- networks:
- - name: default
- default: [dns, gateway]
- properties:
- dea_next:
- zone: z1
- metron_agent:
- zone: z1
- networks:
- apps: default
- - name: etcd_z1
- release: cf
- templates:
- - name: etcd
- release: cf
- - name: etcd_metrics_server
- release: cf
- - name: metron_agent
- release: cf
- instances: 1
- persistent_disk: 10024
- resource_pool: small
- networks:
- - name: default
- default: [dns, gateway]
- - name: floating
- static_ips:
- - 10.0.0.212
- properties:
- metron_agent:
- zone: z1
- update:
- max_in_flight: 1
- - name: hm9000_z1
- release: cf
- templates:
- - name: hm9000
- - name: metron_agent
- - name: route_registrar
- instances: 1
- resource_pool: small
- networks:
- - name: default
- default: [dns, gateway]
- properties:
- etcd_ips:
- - 10.0.0.212
- metron_agent:
- zone: z1
- route_registrar:
- routes:
- - name: hm9000
- port: 5155
- tags:
- component: HM9K
- uris:
- - hm9000.<%= root_domain %>
- - name: controller
- templates:
- - name: cloud_controller_ng
- - name: gorouter
- - name: metron_agent
- - name: statsd-injector
- - name: route_registrar
- - name: consul_agent
- release: cf
- instances: 1
- resource_pool: small
- networks:
- - name: default
- default: [dns, gateway]
- - name: floating
- static_ips:
- - 10.0.0.172
- properties:
- consul:
- agent:
- services:
- cloud_controller_ng: {}
- routing-api: {}
- gorouter: {}
- metron_agent:
- zone: z1
- route_registrar:
- routes:
- - name: api
- tags:
- component: CloudController
- port: 9022
- uris:
- - api.<%= root_domain %>
- - name: controller_worker
- templates:
- - name: cloud_controller_worker
- - name: metron_agent
- - name: consul_agent
- release: cf
- instances: 1
- resource_pool: small
- networks:
- - name: default
- default: [dns, gateway]
- properties:
- metron_agent:
- zone: z1
- - name: controller_clock
- templates:
- - name: cloud_controller_clock
- - name: metron_agent
- release: cf
- instances: 1
- resource_pool: small
- networks:
- - name: default
- default: [dns, gateway]
- properties:
- metron_agent:
- zone: z1
- - name: doppler
- templates:
- - name: doppler
- - name: syslog_drain_binder
- - name: metron_agent
- release: cf
- instances: 1
- resource_pool: small
- networks:
- - name: default
- default: [dns, gateway]
- - name: floating
- static_ips:
- - 10.0.0.141
- properties:
- doppler:
- zone: z1
- metron_agent:
- zone: z1
- - name: loggregator-trafficecontroller
- templates:
- - name: loggregator_trafficcontroller
- - name: metron_agent
- - name: route_registrar
- release: cf
- instances: 1
- resource_pool: small
- networks:
- - name: default
- default: [dns, gateway]
- - name: floating
- static_ips:
- - 10.0.0.140
- properties:
- traffic_controller:
- zone: z1
- metron_agent:
- zone: z1
- route_registrar:
- routes:
- - name: doppler
- port: 8081
- uris:
- - doppler.<%= root_domain %>
- - name: loggregator
- port: 8080
- uris:
- - loggregator.<%= root_domain %>
- properties:
- domain: <%= root_domain %>
- system_domain: <%= root_domain %>
- system_domain_organization: "main"
- app_domains:
- - <%= root_domain %>
- support_address:
- description: "Cloud Foundry v"
- ssl:
- skip_cert_verify: true
- consul:
- require_ssl: false
- log_level: debug
- agent:
- servers:
- lan:
- - 172.21.28.228
- - 172.21.28.148
- - 172.21.28.229
- hm9000:
- port: 5155
- url: <%= protocol %>://hm9000.<%= root_domain %>
- loggregator:
- debug: false
- blacklisted_syslog_ranges: null
- etcd:
- machines:
- - 10.0.0.212
- maxRetainedLogMessages: 100
- outgoing_dropsonde_port: 8081
- tls:
- ca: null
- loggregator_endpoint:
- shared_secret: ilovesecrets
- logger_endpoint:
- port: 4443
- traffic_controller:
- outgoing_port: 8080
- zone: null
- doppler_endpoint:
- shared_secret: ilovesecrets
- metron_agent:
- deployment: cloudfoundry-DEV
- buffer_size: null
- enable_buffer: null
- preferred_protocol: null
- tls_client:
- cert: null
- key: null
- metron_endpoint:
- shared_secret: ilovesecrets
- nats:
- machines:
- - 10.0.0.133
- address: 10.0.0.133
- port: 4222
- user: nats
- password: <%= common_password %>
- authorization_timeout: 10
- use_gnatsd: true
- etcd:
- machines:
- - 10.0.0.212
- require_ssl: false
- peer_require_ssl: false
- etcd_ips:
- - 10.0.0.212
- etcd_metrics_server:
- nats:
- machines:
- - 10.0.0.133
- username: nats
- password: <%= common_password %>
- router:
- ssl_skip_validation: true
- status:
- user: gorouter
- password: <%= common_password %>
- dea: &dea
- memory_mb: 1396
- disk_mb: 16384
- directory_server_protocol: <%= protocol %>
- memory_overcommit_factor: 4
- disk_overcommit_factor: 4
- default_health_check_timeout: 60
- advertise_interval_in_seconds: 5
- heartbeat_interval_in_seconds: 10
- allow_host_access: true
- dea_next: *dea
- databases: &databases
- db_scheme: postgres
- address: 10.0.0.132
- port: 5524
- roles:
- - tag: admin
- name: ccadmin
- password: <%= common_password %>
- - tag: admin
- name: uaaadmin
- password: <%= common_password %>
- databases:
- - tag: cc
- name: ccdb
- citext: true
- - tag: uaa
- name: uaadb
- citext: true
- ccdb:
- address: 10.0.0.132
- databases:
- - name: ccdb
- tag: cc
- db_scheme: postgres
- port: 5524
- roles:
- - name: ccadmin
- tag: admin
- password: <%= common_password %>
- uaadb:
- db_scheme: postgresql
- address: 10.0.0.132
- port: 5524
- roles:
- - tag: admin
- name: uaaadmin
- password: <%= common_password %>
- databases:
- - tag: uaa
- name: uaadb
- citext: true
- serialization_data_server:
- port: 8080
- logging_level: debug
- upload_token: 8f7COGvThwlmulIzAgOHxMXurBrG364k
- upload_timeout: 10
- collector:
- deployment_name: <%= deployment_name %>
- use_tsdb: false
- use_aws_cloudwatch: false
- use_datadog: false
- service_lifecycle:
- serialization_data_server:
- - 10.0.0.133
- cc_api_version: v2
- cc: &cc
- logging_level: debug2
- db_logging_level: debug2
- cc_partition: default
- db_encryption_key: <%= common_password %>
- bootstrap_admin_email: "mymail"
- bulk_api_password: <%= common_password %>
- internal_api_user: "internal_user"
- internal_api_password: <%= common_password %>
- external_host: api
- external_port: 9022
- srv_api_uri: <%= protocol %>://api.<%= root_domain %>
- uaa_resource_id: cloud_controller
- staging_upload_user: upload
- staging_upload_password: <%= common_password %>
- users_can_select_backend: false
- default_to_diego_backend: false
- allow_app_ssh_access: false
- resource_pool:
- resource_directory_key: <%= root_domain %>-cc-resources-dev
- fog_connection:
- provider: "AWS"
- host: "s3.com"
- scheme: "http"
- port: 80
- aws_signature_version: "2"
- aws_access_key_id: "xxxxxxxxx"
- aws_secret_access_key: "xxxxxxxxxxxx"
- packages:
- app_package_directory_key: <%= root_domain %>-cc-packages-dev
- fog_connection:
- provider: "AWS"
- host: "s3.com"
- scheme: "http"
- port: 80
- aws_signature_version: "2"
- aws_access_key_id: "xxxxxxxxxxxxxxxxxx"
- aws_secret_access_key: "xxxxxxxxxxxx"
- droplets:
- droplet_directory_key: <%= root_domain %>-cc-droplets-dev
- fog_connection:
- provider: "AWS"
- host: "s3.com"
- scheme: "http"
- port: 80
- aws_signature_version: "2"
- aws_access_key_id: "xxxxxxxxxxxxxxxxxxxx"
- aws_secret_access_key: "xxxxxxxxxxxxxxxxxx"
- buildpacks:
- buildpack_directory_key: <%= root_domain %>-cc-buildpacks-dev
- fog_connection:
- provider: "AWS"
- host: "s3.com"
- scheme: "http"
- port: 80
- aws_signature_version: "2"
- aws_access_key_id: "xxxxxxxxxxxxxxxxxxxxxxxxx"
- aws_secret_access_key: "xxxxx+xxxxxxxxxxxxxxxxxxxxx"
- quota_definitions:
- free:
- non_basic_services_allowed: true
- total_services: 4
- total_routes: 1000
- memory_limit: 8192
- paid:
- non_basic_services_allowed: true
- total_services: 32
- total_routes: 1000
- memory_limit: 204800
- runaway:
- non_basic_services_allowed: true
- total_services: 500
- total_routes: 1000
- memory_limit: 204800
- trial:
- non_basic_services_allowed: false
- total_services: 10
- total_routes: 1000
- memory_limit: 2048
- trial_db_allowed: true
- default_quota_definition: free
- hm9000_noop: false
- system_buildpacks:
- - name: staticfile_buildpack
- package: buildpack_staticfile
- - name: java_buildpack
- package: buildpack_java
- - name: ruby_buildpack
- package: buildpack_ruby
- - name: nodejs_buildpack
- package: buildpack_nodejs
- - name: go_buildpack
- package: buildpack_go
- - name: python_buildpack
- package: buildpack_python
- - name: php_buildpack
- package: buildpack_php
- - name: binary_buildpack
- package: buildpack_binary
- default_buildpacks:
- - name: staticfile_buildpack
- package: buildpack_staticfile
- - name: java_buildpack
- package: buildpack_java
- - name: ruby_buildpack
- package: buildpack_ruby
- - name: nodejs_buildpack
- package: buildpack_nodejs
- - name: go_buildpack
- package: buildpack_go
- - name: python_buildpack
- package: buildpack_python
- - name: php_buildpack
- package: buildpack_php
- - name: binary_buildpack
- package: buildpack_binary
- install_buildpacks:
- - name: staticfile_buildpack
- package: buildpack_staticfile
- - name: java_buildpack
- package: buildpack_java
- - name: ruby_buildpack
- package: buildpack_ruby
- - name: nodejs_buildpack
- package: buildpack_nodejs
- - name: go_buildpack
- package: buildpack_go
- - name: python_buildpack
- package: buildpack_python
- - name: php_buildpack
- package: buildpack_php
- - name: binary_buildpack
- package: buildpack_binary
- security_group_definitions:
- - name: public_networks
- rules:
- - protocol: all
- destination: 0.0.0.0-9.255.255.255
- - protocol: all
- destination: 11.0.0.0-169.253.255.255
- - protocol: all
- destination: 169.255.0.0-172.15.255.255
- - protocol: all
- destination: 172.32.0.0-192.167.255.255
- - protocol: all
- destination: 192.169.0.0-255.255.255.255
- - protocol: all
- destination: 171.0.0.0-171.255.255.255
- - protocol: all
- destination: 172.0.0.0-175.255.255.255
- - protocol: all
- destination: 10.0.0.0-11.255.255.255
- - name: dns
- rules:
- - protocol: tcp
- destination: 0.0.0.0/0
- ports: '53'
- - protocol: udp
- destination: 0.0.0.0/0
- ports: '53'
- default_running_security_groups: ["public_networks", "dns"]
- default_staging_security_groups: ["public_networks", "dns"]
- ccng: *cc
- login:
- protocol: <%= protocol %>
- links:
- home: <%= protocol %>://console.<%= root_domain %>
- passwd: <%= protocol %>://console.<%= root_domain %>/password_resets/new
- signup: <%= protocol %>://console.<%= root_domain %>/register
- uaa:
- url: <%= protocol %>://uaa.<%= root_domain %>
- no_ssl: null
- require_https: false
- ssl:
- port: -1
- port: 8080
- catalina_opts: -Xmx768m -XX:MaxPermSize=256m
- resource_id: account_manager
- jwt:
- signing_key: |+
- -----BEGIN RSA PRIVATE KEY-----
- MIIEpQIBAAKCAQEAyRRDqBAk7BM4VsXgEcfnORsFw/ujkiCoKJjfSGZxMCSUbrKc
- ZmBvzoTehOxKtGToWXOcve9vImVk7m2j1XSwsOkf33IutN/i0ao8E7Ze4fiflWSt
- MoX5vWuXGcycUSg/BSTXPO4ss94FB5mhqNIDJ1QU9dJS73wrBTqNe66XskGKj9yr
- iGzDkHDMoqlfKspdW6iEHvVbkB1rF7VXnufIA5earf5eIkq5HV+C3YahS6Z16jww
- MnsOfi0w+ThmRHyG2jck89PkenDyNhwkqp93mqgprSmukYkqQbZYpfffIfLpNv5M
- RQgAI60i6vtRQ5Utu9FgEHoX0KqLhf8PldV90wIDAQABAoIBACsKV2EF86FEi+6m
- 9EtaCrhCfH1yw5RnwRbPghuxMdEoQ01elfOj+MqvziGNon/yiXl8MbTGJ3epVG1k
- sojiLV/wxo3BlxXIRniyg6GEi9K6sQ39OsVxv/83pGQ1U9BbWQH03M2B/beScmkq
- DVxhd6NXcBUeK/pvDZZU7ivnNzlERP+IPtdPb3bP33Lec5Wv5XN2lHsxUYZPKYiH
- jpvRXYedQBlNE/fwU4zRMZwu94bD2XbE9Y/IkdLw01jZxU4RoW1Hn1L0RiBoFwtO
- so7L6RDBhv3/GKbo0cYjz5x7TNMrXe3rzt7pJmqADphUZJeWzh99xaPA36kAh0sq
- 1wiHMkECgYEA6yW5/+DpqTqabK1/yFa4Nzxwl0/Z3b7pbYeBsnU2KtNltafU+Cvw
- Nl28ika1up9jeMw7DCO6YbX5y5oOjqlYkA9cXmP8KF3VCaqcI9JQNM4AbbzPL/mX
- oOGOUtEG6NeWxB8FoszWKRJhuMcwadoPRhxVgdDyWXf8qt+HXYyWq2sCgYEA2ukg
- lVNOISfvObrzBAd4XDlse9m7ah1mNxcnLa2sMApCQEvs3Fg8qhKxhrBauXTLonr1
- Ty9qlREmNvz2Vw+8ZAP98vhO/fFIC4V7hDZI1viNUFmmXOfGdLyKnA3TX98ycZIi
- 6ag56yXoVn8hUL87fV7iMGowAxNBeMgB1p57uTkCgYEAydRA2IJ4q/sT7rHgWtks
- FqT20rkD+9NQUeWcCcuXKZz20Lt0DWrRLCi6mkjk1IDYBSfuipXj9NgXxoy9b++k
- h0nX82CIXzFimIBqskhi9V/XeFk10Cy/26Od4DFvZ80bp8wkrz53lxsi61F0mXZD
- 496P+fOY//f/0742VrJD5G8CgYEAxxDwPFpA1g3GkSzcCHHylYryh717nAeYB8ja
- K8OerSDnFij0/3qNz+qn3N9J4RPAicReht+LgHrT0XU/XfRFUH4A1I3Q50QeS7va
- kmP64OGtP8AGdL2fzlAVi8tWx/vjlztY3DnKUXdrTBzXYuJDasJ51aT6fBFqnDbk
- 1RHRWKECgYEAuYBkkwB1gUWSyHsYFkdvTBG7rOwZmTiraZnMkdkHpwfjN4TSXg8y
- sPW3XeHrT6qFtbD++BFEJbipIvCLQt1S+le/zwPbMzK5iOcVNqe/SdJXqyz8h0vK
- z/J8npVJV6Y64F1ilr7KBegMxxnI4WqFbJ7pw6ZYExkQsqPZ/i9EeW4=
- -----END RSA PRIVATE KEY-----
- verification_key: |+
- -----BEGIN PUBLIC KEY-----
- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRRDqBAk7BM4VsXgEcfn
- ORsFw/ujkiCoKJjfSGZxMCSUbrKcZmBvzoTehOxKtGToWXOcve9vImVk7m2j1XSw
- sOkf33IutN/i0ao8E7Ze4fiflWStMoX5vWuXGcycUSg/BSTXPO4ss94FB5mhqNID
- J1QU9dJS73wrBTqNe66XskGKj9yriGzDkHDMoqlfKspdW6iEHvVbkB1rF7VXnufI
- A5earf5eIkq5HV+C3YahS6Z16jwwMnsOfi0w+ThmRHyG2jck89PkenDyNhwkqp93
- mqgprSmukYkqQbZYpfffIfLpNv5MRQgAI60i6vtRQ5Utu9FgEHoX0KqLhf8PldV9
- 0wIDAQAB
- -----END PUBLIC KEY-----
- cc:
- client_secret: <%= common_password %>
- admin:
- client_secret: <%= common_password %>
- batch:
- username: batch
- password: <%= common_password %>
- client:
- autoapprove:
- - cf
- - vmc
- - my
- - micro
- - support-signon
- - login
- - styx
- clients:
- cc_routing:
- authorities: routing.router_groups.read
- authorized-grant-types: client_credentials
- secret: <%= common_password %>
- cf:
- access-token-validity: 600
- authorities: uaa.none
- authorized-grant-types: implicit,password,refresh_token
- autoapprove: true
- override: true
- refresh-token-validity: 2592000
- scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write,doppler.firehose,uaa.user,routing.router_groups.read
- cloud_controller_username_lookup:
- authorities: scim.userids
- authorized-grant-types: client_credentials
- secret: <%= common_password %>
- doppler:
- authorities: uaa.resource
- override: true
- secret: <%= common_password %>
- gorouter:
- authorities: routing.routes.read
- authorized-grant-types: client_credentials,refresh_token
- secret: <%= common_password %>
- login:
- authorities: oauth.login,scim.write,clients.read,notifications.write,critical_notifications.write,emails.write,scim.userids,password.write
- authorized-grant-types: authorization_code,client_credentials,refresh_token
- autoapprove: true
- override: true
- redirect-uri: <%= protocol %>://login.<%= root_domain %>
- scope: openid,oauth.approvals
- secret: <%= common_password %>
- notifications:
- authorities: cloud_controller.admin,scim.read
- authorized-grant-types: client_credentials
- secret: <%= common_password %>
- tcp_emitter:
- authorities: routing.routes.write,routing.routes.read
- authorized-grant-types: client_credentials,refresh_token
- secret: <%= common_password %>
- tcp_router:
- authorities: routing.routes.read
- authorized-grant-types: client_credentials,refresh_token
- secret: <%= common_password %>
- scim:
- userids_enabled: true
- users:
- - admin|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin,uaa.admin,password.write
- - services|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin
- - cloudfoundry|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
