Created
March 14, 2015 19:40
-
-
Save frodenas/3609ad8111bc2cfb4763 to your computer and use it in GitHub Desktop.
CloudFoundry v83 (small) deployment manifest for OpenStack
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <% | |
| director_uuid = 'CHANGE-ME' | |
| floating_ip = 'CHANGE-ME' | |
| root_domain = "#{floating_ip}.xip.io" | |
| net_id = 'CHANGE-ME' | |
| deployment_name = 'cf' | |
| cf_release = '183' | |
| protocol = 'http' | |
| common_password = 'c1oudc0wc1oudc0w' | |
| %> | |
| --- | |
| name: <%= deployment_name %> | |
| director_uuid: <%= director_uuid %> | |
| releases: | |
| - name: cf | |
| version: <%= cf_release %> | |
| compilation: | |
| workers: 5 | |
| network: default | |
| reuse_compilation_vms: true | |
| cloud_properties: | |
| instance_type: m1.medium | |
| update: | |
| canaries: 0 | |
| canary_watch_time: 30000-600000 | |
| update_watch_time: 30000-600000 | |
| max_in_flight: 32 | |
| serial: false | |
| networks: | |
| - name: default | |
| type: dynamic | |
| cloud_properties: | |
| net_id: <%= net_id %> | |
| security_groups: | |
| - default | |
| - bosh | |
| - name: public | |
| type: dynamic | |
| cloud_properties: | |
| net_id: <%= net_id %> | |
| security_groups: | |
| - default | |
| - bosh | |
| - cf-public | |
| - name: floating | |
| type: vip | |
| cloud_properties: {} | |
| resource_pools: | |
| - name: small | |
| network: default | |
| stemcell: | |
| name: bosh-openstack-kvm-ubuntu-trusty-go_agent | |
| version: latest | |
| cloud_properties: | |
| instance_type: m1.small | |
| - name: medium | |
| network: default | |
| stemcell: | |
| name: bosh-openstack-kvm-ubuntu-trusty-go_agent | |
| version: latest | |
| cloud_properties: | |
| instance_type: m1.medium | |
| - name: large | |
| network: default | |
| stemcell: | |
| name: bosh-openstack-kvm-ubuntu-trusty-go_agent | |
| version: latest | |
| cloud_properties: | |
| instance_type: m1.xlarge | |
| jobs: | |
| - name: haproxy | |
| templates: | |
| - name: haproxy | |
| instances: 1 | |
| resource_pool: small | |
| networks: | |
| - name: public | |
| default: [dns, gateway] | |
| - name: floating | |
| static_ips: | |
| - <%= floating_ip %> | |
| properties: | |
| networks: | |
| apps: public | |
| - name: data | |
| templates: | |
| - name: debian_nfs_server | |
| - name: postgres | |
| instances: 1 | |
| resource_pool: medium | |
| persistent_disk: 102400 | |
| networks: | |
| - name: default | |
| - name: core | |
| templates: | |
| - name: nats | |
| - name: nats_stream_forwarder | |
| - name: etcd | |
| - name: etcd_metrics_server | |
| - name: hm9000 | |
| - name: uaa | |
| - name: login | |
| instances: 1 | |
| resource_pool: medium | |
| persistent_disk: 10024 | |
| networks: | |
| - name: default | |
| - name: api | |
| templates: | |
| - name: gorouter | |
| - name: cloud_controller_ng | |
| - name: cloud_controller_clock | |
| - name: cloud_controller_worker | |
| - name: loggregator | |
| - name: loggregator_trafficcontroller | |
| instances: 1 | |
| resource_pool: medium | |
| networks: | |
| - name: default | |
| - name: runner | |
| templates: | |
| - name: dea_next | |
| - name: dea_logging_agent | |
| - name: metron_agent | |
| instances: 1 | |
| resource_pool: large | |
| networks: | |
| - name: default | |
| properties: | |
| networks: | |
| apps: default | |
| domain: <%= root_domain %> | |
| system_domain: <%= root_domain %> | |
| system_domain_organization: admin | |
| app_domains: | |
| - <%= root_domain %> | |
| ssl: | |
| skip_cert_verify: true | |
| request_timeout_in_seconds: 300 | |
| dropsonde: | |
| enabled: true | |
| ha_proxy: | |
| ssl_pem: | | |
| -----BEGIN CERTIFICATE----- | |
| MIIBrTCCARYCCQC8Nv/VzAW5gzANBgkqhkiG9w0BAQsFADAbMQ0wCwYDVQQKDARC | |
| b3NoMQowCAYDVQQDDAEqMB4XDTE0MDcyNDA0MjkzNloXDTI0MDcyMTA0MjkzNlow | |
| GzENMAsGA1UECgwEQm9zaDEKMAgGA1UEAwwBKjCBnzANBgkqhkiG9w0BAQEFAAOB | |
| jQAwgYkCgYEAusGqZW2nSyqSI5RY8Hm8270XfYEuR3kPVYuwwAftEi7BSaR+4fpb | |
| a9kXaJwcPMIecQOsPTByoqyXfseUx1yZVBEnq/7ZjYj1ipfGa99XfQEjCzXaS3Je | |
| NkdwhJf3IZf7XQMhSZMs7NmvZ6aD91st83NCr316fdDoKvRRi66YlOcCAwEAATAN | |
| BgkqhkiG9w0BAQsFAAOBgQCc6HCnAY3PdykXNXLyrnRk31tuHCrwSKSGH+tf24v8 | |
| DO9wUuuja+jGYou5lE+lzRs8KBYR97ENb0hNC0oYrU3XWinWJAdM2Dp3/lWQJF9T | |
| 9yQKNnctjW6U7YbCqkbkZXesZglSjtTnyiVlD59shmDNZZCQnbG7CLkrnlQGuM4n | |
| zg== | |
| -----END CERTIFICATE----- | |
| -----BEGIN CERTIFICATE REQUEST----- | |
| MIIBWjCBxAIBADAbMQ0wCwYDVQQKDARCb3NoMQowCAYDVQQDDAEqMIGfMA0GCSqG | |
| SIb3DQEBAQUAA4GNADCBiQKBgQC6waplbadLKpIjlFjwebzbvRd9gS5HeQ9Vi7DA | |
| B+0SLsFJpH7h+ltr2RdonBw8wh5xA6w9MHKirJd+x5THXJlUESer/tmNiPWKl8Zr | |
| 31d9ASMLNdpLcl42R3CEl/chl/tdAyFJkyzs2a9npoP3Wy3zc0KvfXp90Ogq9FGL | |
| rpiU5wIDAQABoAAwDQYJKoZIhvcNAQELBQADgYEAVpFm7oKKgQsuK1RUxoJ25XO2 | |
| aS9GpengE57N0LH1dKxyHF7g+fPer6YAwpNE7bZNjyPRkng33OJ7N67nvYtFs6eN | |
| CFBf8okWpmFgJ6gC5zNxYQRm1RU7+RUpM2ceMT1g14SmA5ffS48rYaSx2raKphYA | |
| KI1neJFzwM3gQfrwI+s= | |
| -----END CERTIFICATE REQUEST----- | |
| -----BEGIN PRIVATE KEY----- | |
| MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBALrBqmVtp0sqkiOU | |
| WPB5vNu9F32BLkd5D1WLsMAH7RIuwUmkfuH6W2vZF2icHDzCHnEDrD0wcqKsl37H | |
| lMdcmVQRJ6v+2Y2I9YqXxmvfV30BIws12ktyXjZHcISX9yGX+10DIUmTLOzZr2em | |
| g/dbLfNzQq99en3Q6Cr0UYuumJTnAgMBAAECgYEAjQFwcEiMiXpJAMgfJuIjsB1j | |
| QQVqNdi3tTVVbIgPfS0ED2A91M08fX9Z50gHIfDHHzlQsJqF00FQ2Q5DzQqjUMS+ | |
| EJvVQsen71B8LNkKB+8GlJjTN+QoW0UAWtvK6gRYB4VIe+5LrWlioQWHucYH8UzB | |
| veyzthWQBPfxDkYrvdECQQDsR0T/oo0kN3GHcwRe4p4oVMUncu9pci8IRZf7gSKN | |
| 8db+LVTSm7jrhUOmSmCL//A2VnoNpPriFaP573dHH9kLAkEAylg56itY8Kn9AAAk | |
| 1BlFprO0Odecz8Cf8ZNzzpAvnN/AqRSF04PTUCRavJonGirW6tU+qgybMMO3uVHf | |
| 9/W1FQJAQn/Ihp4sVS4ZkMKpTz8+viEln/W0NhxB6nUT0mBE5mhTVxRRFDlpsTe/ | |
| k3TJeX2eEN0D2wU86xamIPjpvCXVgwJBAJ+CQ01tFHTLnEz20BF/Rp/uQ+HhLZW8 | |
| pJlcgstQcKg63vaq3gBqiBdCQWEyKCcBpGCE8Bw/Sct8TgXCHEutHy0CQQCv14lC | |
| nM7h6y+I9r3cqZRBDMfWpvAl25doctNWY0McmudIT9FHIBtvayRnBqa9Z554Bk6S | |
| f+4pffb9Gl/e6Fxh | |
| -----END PRIVATE KEY----- | |
| nats: | |
| user: nats | |
| password: <%= common_password %> | |
| address: 0.core.default.<%= deployment_name %>.microbosh | |
| port: 4222 | |
| machines: | |
| - 0.core.default.<%= deployment_name %>.microbosh | |
| etcd: | |
| machines: | |
| - 0.core.default.<%= deployment_name %>.microbosh | |
| etcd_metrics_server: | |
| nats: | |
| machines: | |
| - 0.core.default.<%= deployment_name %>.microbosh | |
| username: nats | |
| password: <%= common_password %> | |
| syslog_aggregator: {} | |
| nfs_server: | |
| address: 0.data.default.<%= deployment_name %>.microbosh | |
| allow_from_entries: | |
| - "*.<%= deployment_name %>.microbosh" | |
| idmapd_domain: openstacklocal | |
| databases: &databases | |
| db_scheme: postgres | |
| address: 0.data.default.<%= deployment_name %>.microbosh | |
| port: 5524 | |
| roles: | |
| - tag: admin | |
| name: ccadmin | |
| password: <%= common_password %> | |
| - tag: admin | |
| name: uaaadmin | |
| password: <%= common_password %> | |
| - tag: admin | |
| name: consoleadmin | |
| password: <%= common_password %> | |
| - tag: admin | |
| name: appusageserviceadmin | |
| password: <%= common_password %> | |
| databases: | |
| - tag: cc | |
| name: ccdb | |
| citext: true | |
| - tag: uaa | |
| name: uaadb | |
| citext: true | |
| - tag: console | |
| name: consoledb | |
| citext: true | |
| - tag: appusageservicedb | |
| name: appusageservicedb | |
| citext: true | |
| ccdb: &ccdb | |
| db_scheme: postgres | |
| address: 0.data.default.<%= deployment_name %>.microbosh | |
| port: 5524 | |
| roles: | |
| - tag: admin | |
| name: ccadmin | |
| password: <%= common_password %> | |
| databases: | |
| - tag: cc | |
| name: ccdb | |
| citext: true | |
| uaadb: | |
| db_scheme: postgresql | |
| address: 0.data.default.<%= deployment_name %>.microbosh | |
| port: 5524 | |
| roles: | |
| - tag: admin | |
| name: uaaadmin | |
| password: <%= common_password %> | |
| databases: | |
| - tag: uaa | |
| name: uaadb | |
| citext: true | |
| cc: &cc | |
| external_host: api | |
| srv_api_uri: <%= protocol %>://api.<%= root_domain %> | |
| jobs: | |
| global: | |
| timeout_in_seconds: 14400 | |
| app_bits_packer: | |
| timeout_in_seconds: null | |
| app_events_cleanup: | |
| timeout_in_seconds: null | |
| app_usage_events_cleanup: | |
| timeout_in_seconds: null | |
| blobstore_delete: | |
| timeout_in_seconds: null | |
| blobstore_upload: | |
| timeout_in_seconds: null | |
| droplet_deletion: | |
| timeout_in_seconds: null | |
| droplet_upload: | |
| timeout_in_seconds: null | |
| model_deletion: | |
| timeout_in_seconds: null | |
| app_events: | |
| cutoff_age_in_days: 31 | |
| app_usage_events: | |
| cutoff_age_in_days: 31 | |
| audit_events: | |
| cutoff_age_in_days: 31 | |
| billing_event_writing_enabled: true | |
| diego: false | |
| diego_docker: false | |
| default_app_memory: 1024 | |
| default_app_disk_in_mb: 1024 | |
| maximum_app_disk_in_mb: 2048 | |
| client_max_body_size: 1536M | |
| bulk_api_password: <%= common_password %> | |
| staging_upload_user: upload | |
| staging_upload_password: <%= common_password %> | |
| db_encryption_key: <%= common_password %> | |
| disable_custom_buildpacks: false | |
| broker_client_timeout_seconds: 120 | |
| development_mode: false | |
| resource_pool: | |
| resource_directory_key: cloudfoundry-resources | |
| fog_connection: | |
| provider: Local | |
| local_root: /var/vcap/nfs/shared | |
| packages: | |
| app_package_directory_key: cloudfoundry-packages | |
| fog_connection: | |
| provider: Local | |
| local_root: /var/vcap/nfs/shared | |
| droplets: | |
| droplet_directory_key: cloudfoundry-droplets | |
| fog_connection: | |
| provider: Local | |
| local_root: /var/vcap/nfs/shared | |
| buildpacks: | |
| buildpack_directory_key: cloudfoundry-buildpacks | |
| fog_connection: | |
| provider: Local | |
| local_root: /var/vcap/nfs/shared | |
| install_buildpacks: | |
| - name: java_buildpack | |
| package: buildpack_java | |
| - name: ruby_buildpack | |
| package: buildpack_ruby | |
| - name: nodejs_buildpack | |
| package: buildpack_nodejs | |
| - name: go_buildpack | |
| package: buildpack_go | |
| - name: python_buildpack | |
| package: buildpack_python | |
| - name: php_buildpack | |
| package: buildpack_php | |
| newrelic: | |
| license_key: null | |
| environment_name: <%= deployment_name %> | |
| quota_definitions: | |
| default: | |
| memory_limit: 10240 | |
| total_services: 100 | |
| non_basic_services_allowed: true | |
| total_routes: 1000 | |
| trial_db_allowed: true | |
| runaway: | |
| memory_limit: 102400 | |
| total_services: -1 | |
| total_routes: 1000 | |
| non_basic_services_allowed: true | |
| security_group_definitions: | |
| - name: public_networks | |
| rules: | |
| - protocol: all | |
| destination: 0.0.0.0-9.255.255.255 | |
| - protocol: all | |
| destination: 11.0.0.0-169.253.255.255 | |
| - protocol: all | |
| destination: 169.255.0.0-172.15.255.255 | |
| - protocol: all | |
| destination: 172.32.0.0-192.167.255.255 | |
| - protocol: all | |
| destination: 192.169.0.0-255.255.255.25 | |
| - name: internal_network | |
| rules: | |
| - protocol: all | |
| destination: 10.0.0.0-10.255.255.255 | |
| - name: dns | |
| rules: | |
| - destination: 0.0.0.0/0 | |
| ports: '53' | |
| protocol: tcp | |
| - destination: 0.0.0.0/0 | |
| ports: '53' | |
| protocol: udp | |
| default_running_security_groups: | |
| - public_networks | |
| - internal_network | |
| - dns | |
| default_staging_security_groups: | |
| - public_networks | |
| - internal_network | |
| - dns | |
| dea: &dea | |
| disk_mb: 102400 | |
| disk_overcommit_factor: 2 | |
| memory_mb: 15000 | |
| memory_overcommit_factor: 3 | |
| staging_disk_inode_limit: 200000 | |
| instance_disk_inode_limit: 200000 | |
| kernel_network_tuning_enabled: true | |
| directory_server_protocol: <%= protocol %> | |
| evacuation_bail_out_time_in_seconds: 600 | |
| logging_level: debug | |
| staging_disk_limit_mb: 4096 | |
| staging_memory_limit_mb: 1024 | |
| mtu: 1460 | |
| deny_networks: | |
| - 169.254.0.0/16 # Metadata endpoint | |
| dea_next: *dea | |
| disk_quota_enabled: true | |
| dea_logging_agent: | |
| status: | |
| user: admin | |
| password: <%= common_password %> | |
| loggregator_endpoint: | |
| shared_secret: <%= common_password %> | |
| host: 0.api.default.<%= deployment_name %>.microbosh | |
| loggregator: | |
| incoming_port: 3456 | |
| outgoing_port: 8081 | |
| zone: 'zone' | |
| servers: | |
| zone: | |
| - 0.api.default.<%= deployment_name %>.microbosh | |
| traffic_controller: | |
| zone: 'zone' | |
| incoming_port: 3457 | |
| outgoing_port: 8082 | |
| logger_endpoint: | |
| use_ssl: <%= protocol == 'https' %> | |
| port: 80 | |
| metron_endpoint: | |
| shared_secret: <%= common_password %> | |
| metron_agent: | |
| zone: 'zone' | |
| login: | |
| enabled: true | |
| protocol: <%= protocol %> | |
| port: 8081 | |
| catalina_opts: -Xmx768m -XX:MaxPermSize=256m | |
| brand: oss | |
| links: | |
| home: <%= protocol %>://console.<%= root_domain %> | |
| passwd: <%= protocol %>://console.<%= root_domain %>/password_resets/new | |
| signup: <%= protocol %>://console.<%= root_domain %>/register | |
| router: | |
| endpoint_timeout: 60 | |
| status: | |
| port: 8080 | |
| user: gorouter | |
| password: <%= common_password %> | |
| servers: | |
| z1: | |
| - 0.api.default.<%= deployment_name %>.microbosh | |
| z2: [] | |
| uaa: | |
| url: <%= protocol %>://uaa.<%= root_domain %> | |
| no_ssl: <%= protocol == 'http' %> | |
| catalina_opts: -Xmx768m -XX:MaxPermSize=256m | |
| cc: | |
| client_secret: <%= common_password %> | |
| admin: | |
| client_secret: <%= common_password %> | |
| batch: | |
| username: batch | |
| password: <%= common_password %> | |
| clients: | |
| cf: | |
| override: true | |
| authorized-grant-types: implicit,password,refresh_token | |
| authorities: uaa.none | |
| scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write | |
| access-token-validity: 7200 | |
| refresh-token-validity: 1209600 | |
| admin: | |
| secret: <%= common_password %> | |
| authorized-grant-types: client_credentials | |
| authorities: clients.read,clients.write,clients.secret,password.write,scim.write,scim.read,uaa.admin | |
| login: | |
| id: login | |
| override: true | |
| autoapprove: true | |
| scope: openid,oauth.approvals | |
| authorities: oauth.login | |
| secret: <%= common_password %> | |
| authorized-grant-types: authorization_code,client_credentials,refresh_token | |
| redirect-uri: <%= protocol %>://login.<%= root_domain %> | |
| portal: | |
| override: true | |
| scope: openid,cloud_controller.read,cloud_controller.write,password.write,console.admin,console.support | |
| authorities: scim.write,scim.read,cloud_controller.read,cloud_controller.write,password.write,uaa.admin,uaa.resource,cloud_controller.admin,billing.admin | |
| secret: <%= common_password %> | |
| authorized-grant-types: authorization_code,client_credentials | |
| access-token-validity: 1209600 | |
| refresh-token-validity: 1209600 | |
| redirect-uri: <%= protocol %>://console.<%= root_domain %>/oauth/callback | |
| cc_service_broker_client: | |
| id: cc_service_broker_client | |
| override: true | |
| autoapprove: true | |
| secret: <%= common_password %> | |
| authorized-grant-types: client_credentials | |
| scope: cloud_controller.write,openid,cloud_controller.read,cloud_controller_service_permissions.read | |
| authorities: clients.read,clients.write,clients.admin | |
| access-token-validity: 1209600 | |
| refresh-token-validity: 1209600 | |
| scim: | |
| users: | |
| - admin|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin,uaa.admin,password.write | |
| - services|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin | |
| jwt: | |
| signing_key: | | |
| -----BEGIN RSA PRIVATE KEY----- | |
| MIICXAIBAAKBgQDHFr+KICms+tuT1OXJwhCUmR2dKVy7psa8xzElSyzqx7oJyfJ1 | |
| JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMXqHxf+ZH9BL1gk9Y6kCnbM5R6 | |
| 0gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBugspULZVNRxq7veq/fzwIDAQAB | |
| AoGBAJ8dRTQFhIllbHx4GLbpTQsWXJ6w4hZvskJKCLM/o8R4n+0W45pQ1xEiYKdA | |
| Z/DRcnjltylRImBD8XuLL8iYOQSZXNMb1h3g5/UGbUXLmCgQLOUUlnYt34QOQm+0 | |
| KvUqfMSFBbKMsYBAoQmNdTHBaz3dZa8ON9hh/f5TT8u0OWNRAkEA5opzsIXv+52J | |
| duc1VGyX3SwlxiE2dStW8wZqGiuLH142n6MKnkLU4ctNLiclw6BZePXFZYIK+AkE | |
| xQ+k16je5QJBAN0TIKMPWIbbHVr5rkdUqOyezlFFWYOwnMmw/BKa1d3zp54VP/P8 | |
| +5aQ2d4sMoKEOfdWH7UqMe3FszfYFvSu5KMCQFMYeFaaEEP7Jn8rGzfQ5HQd44ek | |
| lQJqmq6CE2BXbY/i34FuvPcKU70HEEygY6Y9d8J3o6zQ0K9SYNu+pcXt4lkCQA3h | |
| jJQQe5uEGJTExqed7jllQ0khFJzLMx0K6tj0NeeIzAaGCQz13oo2sCdeGRHO4aDh | |
| HH6Qlq/6UOV5wP8+GAcCQFgRCcB+hrje8hfEEefHcFpyKH+5g1Eu1k0mLrxK2zd+ | |
| 4SlotYRHgPCEubokb2S1zfZDWIXW3HmggnGgM949TlY= | |
| -----END RSA PRIVATE KEY----- | |
| verification_key: | | |
| -----BEGIN PUBLIC KEY----- | |
| MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHFr+KICms+tuT1OXJwhCUmR2d | |
| KVy7psa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX | |
| qHxf+ZH9BL1gk9Y6kCnbM5R60gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBug | |
| spULZVNRxq7veq/fzwIDAQAB | |
| -----END PUBLIC KEY----- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment