Skip to content

policy-server-internal job from cf-networking/2.13.0

Github source: d74cff84 or master branch

Properties

ca_cert

Trusted CA certificate that was used to sign the vxlan policy agent’s client cert and key.

database

connect_timeout_seconds

Connection timeout between the policy server and its database.

Default
120

debug_port

Port for the debug server. Use this to adjust log level at runtime or dump process stats.

Default
31945

disable

Disable container to container networking.

Default
false

health_check_port

The port for the health endpoint

Default
31946

health_check_timeout_seconds

Health check timeout for Consul DNS.

Default
5

internal_listen_port

Port where the policy server will serve its internal API.

Default
4003

listen_ip

IP address where the policy server will serve its API.

Default
0.0.0.0

log_level

Logging level (debug, info, warn, error).

Default
info

max_idle_connections

Maximum number of idle connections to the SQL database

Default
200

max_open_connections

Maximum number of open connections to the SQL database

Default
200

metron_port

Port of metron agent on localhost. This is used to forward metrics.

Default
3457

server_cert

Server certificate for TLS. Must have common name that matches the Consul DNS name of the policy server, eg policy-server.service.cf.internal.

server_key

Server key for TLS.

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/policy-server-internal/ directory (learn more).

  • bin/dns_health_check (from dns_health_check.erb)
  • bin/post-start (from post-start.erb)
  • config/bpm.yml (from bpm.yml.erb)
  • config/certs/ca.crt (from ca.crt.erb)
  • config/certs/database_ca.crt (from database_ca.crt.erb)
  • config/certs/server.crt (from server.crt.erb)
  • config/certs/server.key (from server.key.erb)
  • config/policy-server-internal.json (from policy-server-internal.json.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.