Skip to content

bits-service job from bits-service/2.25.0

Github source: aa84652 or master branch

Properties

bits-service

active_signing_key

key_id

This is the key ID Bits-Service uses and clients should use to generate signed URLs. When rotating active signing keys, they should first go to alternative_signing_keys before removing them completely.

Default
""
secret

This is the key secret Bits-Service uses and clients should use to generate signed URLs. When rotating active signing keys, they should first go to alternative_signing_keys before removing them completely.

Default
""

alternative_signing_keys

List of alternative access key ID and secret pairs that can be used to sign and validate URLs. Clients should use active_signing_key.key_id and active_signing_key.secret to generate signed URLs to make sure they don’t use a key that is being removed with the next deployment.

Default
[]
Example
|+
  signing_keys:
    - key_id: some_key_id
      secret: some_secret
    - key_id: some_other_key_id
      secret: some_other_secret

app_stash

blobstore_type

The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]

Default
fog
directory_key

Directory (bucket) used to store app stash blobs.

Default
app_stash
fog_aws_storage_options

Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.

Default
{}
fog_connection

Fog connection properties.

gcp_retry_timeout_seconds

Specifies a timeout for calls against Google Cloud Storage. Only used when bucket is in Google Cloud and access method is through Google service account.

Default
10
max_body_size

Maximum body size for nginx

Default
1536M
maximum_size

Maximum size of a resource to cache in App-Stash

Default
512M
minimum_size

Minimum size of a resource to cache in App-Stash

Default
64K
s3_debug_log_level

Specifies log level for low-level S3 logging. Valid values are: LogDebug, LogDebugWithSigning, LogDebugWithHTTPBody, LogDebugWithRequestRetries, LogDebugWithRequestErrors

Default
""
webdav_config
ca_cert

The ca cert to use when communicating with webdav

password

The basic auth password that CC uses to connect to the admin endpoint on webdav

Default
""
private_endpoint

The location of the webdav server eg: https://blobstore.internal

Default
https://blobstore.service.cf.internal
public_endpoint

The location of the webdav server eg: https://blobstore.com

Default
""
username

The basic auth user that CC uses to connect to the admin endpoint on webdav

Default
""

buildpack_cache

max_body_size

Maximum body size for nginx

Default
1536M

buildpacks

blobstore_type

The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]

Default
fog
directory_key

Directory (bucket) used to store buildpack blobs.

Default
buildpacks
fog_aws_storage_options

Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.

Default
{}
fog_connection

Fog connection properties.

gcp_retry_timeout_seconds

Specifies a timeout for calls against Google Cloud Storage. Only used when bucket is in Google Cloud and access method is through Google service account.

Default
10
max_body_size

Maximum body size for nginx

Default
1536M
s3_debug_log_level

Specifies log level for low-level S3 logging. Valid values are: LogDebug, LogDebugWithSigning, LogDebugWithHTTPBody, LogDebugWithRequestRetries, LogDebugWithRequestErrors

Default
""
webdav_config
ca_cert

The ca cert to use when communicating with webdav

password

The basic auth password that CC uses to connect to the admin endpoint on webdav

Default
""
private_endpoint

The location of the webdav server eg: https://blobstore.internal

Default
https://blobstore.service.cf.internal
public_endpoint

The location of the webdav server eg: https://blobstore.com

Default
""
username

The basic auth user that CC uses to connect to the admin endpoint on webdav

Default
""

cc_updates

ca_cert

PEM-encoded CA certificate for secure, mutually authenticated TLS communication

cc_url

CloudController endpoint for sending package status updates

Default
https://cloud-controller-ng.service.cf.internal:9023/internal/v4/packages
client_cert

PEM-encoded certificate for secure, mutually authenticated TLS communication

client_key

PEM-encoded key for secure, mutually authenticated TLS communication

droplets

blobstore_type

The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]

Default
fog
directory_key

Directory (bucket) used to store droplet blobs.

Default
droplets
fog_aws_storage_options

Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.

Default
{}
fog_connection

Fog connection properties.

gcp_retry_timeout_seconds

Specifies a timeout for calls against Google Cloud Storage. Only used when bucket is in Google Cloud and access method is through Google service account.

Default
10
max_body_size

Maximum body size for nginx

Default
1536M
s3_debug_log_level

Specifies log level for low-level S3 logging. Valid values are: LogDebug, LogDebugWithSigning, LogDebugWithHTTPBody, LogDebugWithRequestRetries, LogDebugWithRequestErrors

Default
""
webdav_config
ca_cert

The ca cert to use when communicating with webdav

password

The basic auth password that CC uses to connect to the admin endpoint on webdav

Default
""
private_endpoint

The location of the webdav server eg: https://blobstore.internal

Default
https://blobstore.service.cf.internal
public_endpoint

The location of the webdav server eg: https://blobstore.com

Default
""
username

The basic auth user that CC uses to connect to the admin endpoint on webdav

Default
""

logging

level

Log level for bits-service. See Steno logger for details.

Default
debug

max_body_size

Maximum body size for nginx

Default
1536M

packages

blobstore_type

The type of blobstore backing to use. Valid values: [‘fog’, ‘webdav’]

Default
fog
directory_key

Directory (bucket) used to store package blobs.

Default
packages
fog_aws_storage_options

Storage options passed to fog for aws blobstores. See http://docs.cloudfoundry.org/deploying/common/cc-blobstore-config.html#fog-aws-sse for example configuration.

Default
{}
fog_connection

Fog connection properties.

gcp_retry_timeout_seconds

Specifies a timeout for calls against Google Cloud Storage. Only used when bucket is in Google Cloud and access method is through Google service account.

Default
10
max_body_size

Maximum body size for nginx

Default
1536M
s3_debug_log_level

Specifies log level for low-level S3 logging. Valid values are: LogDebug, LogDebugWithSigning, LogDebugWithHTTPBody, LogDebugWithRequestRetries, LogDebugWithRequestErrors

Default
""
webdav_config
ca_cert

The ca cert to use when communicating with webdav

password

The basic auth password that CC uses to connect to the admin endpoint on webdav

Default
""
private_endpoint

The location of the webdav server eg: https://blobstore.internal

Default
https://blobstore.service.cf.internal
public_endpoint

The location of the webdav server eg: https://blobstore.com

Default
""
username

The basic auth user that CC uses to connect to the admin endpoint on webdav

Default
""

private_endpoint

Private endpoint for the Bits Service. Does not include URI scheme.

proxy_get_requests

When set to true, GET requests get proxied through Bits-Service and not redirected to the backend blobstore (such as S3)

Default
false

public_endpoint

Public endpoint for the Bits Service. Does not include URI scheme.

secret

The secret used for signing URLs. Deprecated: Use active_signing_key and alternative_signing_keys instead and use client side signed URLs through the provided active_signing_key BOSH links.

signing_users

List of Username and Password pairs that are allowed to sign urls. Cloud Controller must use one of these to access the /sign endpoint via HTTP Basic Auth.

Example
|+
  signing_users:
  - username: user1
    password: password1
  - username: user2
    password: password2

tls

cert

The TLS server certificate

key

The TLS server private key

port

Post for https endpoint

Default
443

request_timeout_in_seconds

Timeout for requests in seconds.

Default
900

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/bits-service/ directory (learn more).

  • bin/bits-service_ctl (from bits-service_ctl.erb)
  • bin/blobstore_waiter.sh (from blobstore_waiter.sh.erb)
  • bin/dashboard (from dashboard.erb)
  • bin/dns_health_check (from dns_health_check.erb)
  • bin/syslog_utils.sh (from syslog_utils.sh.erb)
  • config/bits_config.yml (from bits_config.yml.erb)
  • config/certs/app_stash_ca_cert.pem (from app_stash_ca_cert.pem.erb)
  • config/certs/bits_tls.crt (from bits_tls.crt.erb)
  • config/certs/bits_tls.key (from bits_tls.key.erb)
  • config/certs/buildpacks_ca_cert.pem (from buildpacks_ca_cert.pem.erb)
  • config/certs/droplets_ca_cert.pem (from droplets_ca_cert.pem.erb)
  • config/certs/mutual_ca_cert.pem (from mutual_ca_cert.pem.erb)
  • config/certs/mutual_client_cert.pem (from mutual_client_cert.pem.erb)
  • config/certs/mutual_client_key.pem (from mutual_client_key.pem.erb)
  • config/certs/packages_ca_cert.pem (from packages_ca_cert.pem.erb)
  • config/signing_users (from signing_users.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.