-
Notifications
You must be signed in to change notification settings - Fork 50
/
spec
332 lines (332 loc) · 15.1 KB
/
spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
name: golangapiserver
templates:
bpm.yml.erb: config/bpm.yml
apiserver.yml.erb: config/apiserver.yml
bpm-pre-start.erb: bin/bpm-pre-start
liquibase.properties: bin/liquibase.properties
info.json.erb: config/info.json
catalog.json.erb: config/catalog.json
apiserver_ca.crt.erb: config/certs/apiserver/ca.crt
apiserver_server.crt.erb: config/certs/apiserver/server.crt
apiserver_server.key.erb: config/certs/apiserver/server.key
brokerserver_ca.crt.erb: config/certs/brokerserver/ca.crt
brokerserver.crt.erb: config/certs/brokerserver/server.crt
brokerserver.key.erb: config/certs/brokerserver/server.key
healthendpoint_ca.crt.erb: config/certs/healthendpoint/ca.crt
healthendpoint.crt.erb: config/certs/healthendpoint/server.crt
healthendpoint.key.erb: config/certs/healthendpoint/server.key
scalingengine_ca.crt.erb: config/certs/scalingengine/ca.crt
scalingengine_client.crt.erb: config/certs/scalingengine/client.crt
scalingengine_client.key.erb: config/certs/scalingengine/client.key
scheduler_ca.crt.erb: config/certs/scheduler/ca.crt
scheduler_client.crt.erb: config/certs/scheduler/client.crt
scheduler_client.key.erb: config/certs/scheduler/client.key
eventgenerator_ca.crt.erb: config/certs/eventgenerator/ca.crt
eventgenerator_client.crt.erb: config/certs/eventgenerator/client.crt
eventgenerator_client.key.erb: config/certs/eventgenerator/client.key
policy_db_ca.crt.erb: config/certs/policy_db/ca.crt
policy_db.crt.erb: config/certs/policy_db/crt
policy_db.key.erb: config/certs/policy_db/key
binding_db_ca.crt.erb: config/certs/binding_db/ca.crt
binding_db.crt.erb: config/certs/binding_db/crt
binding_db.key.erb: config/certs/binding_db/key
storedprocedure_db_ca.crt.erb: config/certs/storedprocedure_db/ca.crt
storedprocedure_db.crt.erb: config/certs/storedprocedure_db/crt
storedprocedure_db.key.erb: config/certs/storedprocedure_db/key
packages:
- golang-1-linux
- golangapiserver
- db
- openjdk-17
- common
- changeloglockcleaner
properties:
autoscaler.apiserver.logging.level:
description: "the level of logging"
default: "info"
autoscaler.apiserver.broker.server.port:
description: "Port where broker server will run"
default: 6101
autoscaler.apiserver.broker.server.ca_cert:
description: "PEM-encoded CA certificate"
autoscaler.apiserver.broker.server.server_cert:
description: "PEM-encoded server certificate"
autoscaler.apiserver.broker.server.server_key:
description: "PEM-encoded server key"
autoscaler.apiserver.broker.username:
description: "DEPRECATED - username to authenticate with service broker"
autoscaler.apiserver.broker.password:
description: "DEPRECATED - password to authenticate with service broker"
autoscaler.apiserver.broker.broker_credentials:
description: |
The list of credentials to authenticate with service broker. This is useful when credential rotation is required
example:
- broker_username: user1
broker_password: password1
- broker_username: user2
broker_password: password2
default: ''
autoscaler.apiserver.broker.server.catalog:
description: ""
autoscaler.apiserver.broker.server.dashboard_redirect_uri:
description: ""
autoscaler.apiserver.public_api.server.port:
description: "Port where broker server will run"
default: 6102
autoscaler.apiserver.public_api.server.ca_cert:
description: "PEM-encoded CA certificate"
autoscaler.apiserver.public_api.server.server_cert:
description: "PEM-encoded server certificate"
autoscaler.apiserver.public_api.server.server_key:
description: "PEM-encoded server key"
autoscaler.apiserver.health.port:
default: 1080
autoscaler.apiserver.health.ca_cert:
description: "PEM-encoded CA certificate for the health endpoint"
autoscaler.apiserver.health.server_cert:
description: "PEM-encoded server certificate for the health endpoint"
autoscaler.apiserver.health.server_key:
description: "PEM-encoded server key for the health endpoint"
autoscaler.apiserver.info.name:
description: "Name of the autoscaler application to be shown in /info path"
default: "Autoscaler"
autoscaler.apiserver.info.build:
description: "Autoscaler application build number"
default: "13.1.1"
autoscaler.apiserver.info.support_url:
description: "Autoscaler application support page URL"
default: "https://github.com/cloudfoundry/app-autoscaler-release"
autoscaler.apiserver.info.description:
description: "Autoscaler application short description"
default: "Automatically increase or decrease the number of application instances based on a policy you define."
autoscaler.apiserver.scheduler.host:
description: "Host where scheduler is running"
default: "autoscalerscheduler.service.cf.internal"
autoscaler.apiserver.scheduler.port:
description: "Port where scheduler will listen"
default: 6102
autoscaler.apiserver.scheduler.ca_cert:
description: "PEM-encoded CA certificate"
autoscaler.apiserver.scheduler.client_cert:
description: "PEM-encoded client certificate"
autoscaler.apiserver.scheduler.client_key:
description: "PEM-encoded client key"
autoscaler.apiserver.scaling_engine.host:
description: "Host where scalingengine is running"
default: "scalingengine.service.cf.internal"
autoscaler.apiserver.scaling_engine.port:
description: "Port where scalingengine will listen"
default: 6104
autoscaler.apiserver.scaling_engine.ca_cert:
description: "PEM-encoded CA certificate"
autoscaler.apiserver.scaling_engine.client_cert:
description: "PEM-encoded client certificate"
autoscaler.apiserver.scaling_engine.client_key:
description: "PEM-encoded client key"
autoscaler.apiserver.event_generator.host:
description: "Host where eventGenerator is running"
default: "eventgenerator.service.cf.internal"
autoscaler.apiserver.event_generator.port:
description: "Port where eventGenerator will listen"
default: 6105
autoscaler.apiserver.event_generator.ca_cert:
description: "PEM-encoded CA certificate"
autoscaler.apiserver.event_generator.client_cert:
description: "PEM-encoded client certificate"
autoscaler.apiserver.event_generator.client_key:
description: "PEM-encoded client key"
autoscaler.apiserver.metrics_forwarder.host:
description: "Host where metricsforwarder is running"
default: "autoscalermetrics.bosh-lite.com"
autoscaler.apiserver.metrics_forwarder.mtls_host:
description: "Host where metricsforwarder mtls authentication route is available"
default: ""
autoscaler.apiserver.scaling_rules.cpu.lower_threshold:
description: "Allowable lower threshold of the cpu scaling range"
default: 1
autoscaler.apiserver.scaling_rules.cpu.upper_threshold:
description: "Allowable upper threshold of the cpu scaling range"
default: 100
autoscaler.apiserver.scaling_rules.cpuutil.lower_threshold:
description: "Allowable lower threshold of the cpuutil scaling range"
default: 1
autoscaler.apiserver.scaling_rules.cpuutil.upper_threshold:
description: "Allowable upper threshold of the cpuutil scaling range"
default: 100
autoscaler.apiserver.scaling_rules.diskutil.lower_threshold:
description: "Allowable lower threshold of the diskutil scaling range"
default: 1
autoscaler.apiserver.scaling_rules.diskutil.upper_threshold:
description: "Allowable upper threshold of the diskutil scaling range"
default: 100
autoscaler.apiserver.scaling_rules.disk.lower_threshold:
description: "Allowable lower threshold of the disk scaling range"
default: 1
autoscaler.apiserver.scaling_rules.disk.upper_threshold:
description: "Allowable upper threshold of the disk scaling range"
default: 2048 # same default as the maximum app disk size maintained in the cloud controller API release https://github.com/cloudfoundry/capi-release/blob/dd94bda54387eb68a73a01dcb1c1f0102ebcf7b3/jobs/cc_deployment_updater/spec#L200-L201
autoscaler.policy_db.address:
description: "IP address on which the policydb server will listen"
default: "autoscalerpostgres.service.cf.internal"
autoscaler.policy_db.databases:
description: "The list of databases used in policydb database including name"
autoscaler.policy_db.db_scheme:
description: "Database scheme to be used to access policydb"
default: postgres
autoscaler.policy_db.port:
description: "Port on which the policydb server will listen"
autoscaler.policy_db.roles:
description: "The list of database roles used in policydb database including name/password"
autoscaler.policy_db.tls.ca:
default: ''
description: 'PEM-encoded CA certificate for TLS database server'
autoscaler.policy_db.tls.certificate:
default: ''
description: 'PEM-encoded certificate for TLS database client'
autoscaler.policy_db.tls.private_key:
default: ''
description: 'PEM-encoded key for TLS database client'
autoscaler.policy_db.sslmode:
default: disable
description: "sslmode to connect to postgres server"
autoscaler.policy_db_connection_config.max_open_connections:
default: 20
autoscaler.policy_db_connection_config.max_idle_connections:
default: 10
autoscaler.policy_db_connection_config.connection_max_lifetime:
default: 60s
autoscaler.binding_db.address:
description: "IP address on which the bindingdb server will listen"
default: "autoscalerpostgres.service.cf.internal"
autoscaler.binding_db.databases:
description: "The list of databases used in bindingdb database including name"
autoscaler.binding_db.db_scheme:
description: "Database scheme to be used to access bindingdb"
default: postgres
autoscaler.binding_db.port:
description: "Port on which the bindingdb server will listen"
autoscaler.binding_db.roles:
description: "The list of database roles used in bindingdb database including name/password"
autoscaler.binding_db.tls.ca:
default: ''
description: 'PEM-encoded ca certificate for TLS database server'
autoscaler.binding_db.tls.certificate:
default: ''
description: 'PEM-encoded certificate for TLS database client'
autoscaler.binding_db.tls.private_key:
default: ''
description: 'PEM-encoded key for TLS database client'
autoscaler.binding_db.sslmode:
default: disable
description: "sslmode to connect to postgres server"
autoscaler.binding_db_connection_config.max_open_connections:
default: 20
autoscaler.binding_db_connection_config.max_idle_connections:
default: 10
autoscaler.binding_db_connection_config.connection_max_lifetime:
default: 60s
autoscaler.storedprocedure_db.address:
description: "IP address on which the storedproceduredb server will listen"
default: ""
autoscaler.storedprocedure_db.databases:
description: "The list of databases used in storedproceduredb database including name"
autoscaler.storedprocedure_db.db_scheme:
description: "Database scheme to be used to access storedproceduredb"
default: postgres
autoscaler.storedprocedure_db.port:
description: "Port on which the storedproceduredb server will listen"
autoscaler.storedprocedure_db.roles:
description: "The list of database roles used in storedproceduredb database including name/password"
autoscaler.storedprocedure_db.tls.ca:
default: ''
description: 'PEM-encoded ca certificate of tls database server'
autoscaler.storedprocedure_db.tls.certificate:
default: ''
description: 'PEM-encoded certificate of tls database client'
autoscaler.storedprocedure_db.tls.private_key:
default: ''
description: 'PEM-encoded key of tls database client'
autoscaler.storedprocedure_db.sslmode:
default: disable
description: "sslmode to connect to postgres server"
autoscaler.storedprocedure_db_connection_config.max_open_connections:
default: 20
autoscaler.storedprocedure_db_connection_config.max_idle_connections:
default: 10
autoscaler.storedprocedure_db_connection_config.connection_max_lifetime:
default: 60s
#Cf Api client settings
autoscaler.cf.api:
description: "the Cloud Foundry API endpoint"
autoscaler.cf.client_id:
description: "the client id to log in cf"
autoscaler.cf.secret:
description: "the secret to log in cf"
autoscaler.cf.skip_ssl_validation:
description: "Flag to skip ssl validation to connect to CC and UAA"
default: false
autoscaler.cf.max_retries:
description: "The number of retries from the autoscaler to the cf api (cloud controller). 0 turns off the retries."
default: 3
autoscaler.cf.max_retry_wait_ms:
description: "The maximum amount of time in milliseconds to wait between retries. 0 leaves it to the implementation to decide"
default: 0
autoscaler.cf.idle_connection_timeout_ms:
description: "The maximum amount of time an idle (keep-alive) connection will remain idle before closing itself. Zero means no limit."
default: 5000
autoscaler.cf.max_idle_conns_per_host_ms:
description: "Controls the maximum idle (keep-alive) connections to keep pooled per-host. If zero, 2 is used."
default: 200
autoscaler.changeloglock_timeout_seconds:
default: 180
description: "Liquibase changelog lock timeout duration in seconds"
autoscaler.apiserver.rate_limit.valid_duration:
description: "The rate limit evaluation duration"
default: 1s
autoscaler.apiserver.rate_limit.max_amount:
description: "The number of requests accepted by rate limit"
default: 10
autoscaler.apiserver.broker.plan_check:
description: |
The plan check config which consists of
plan_definitions:
example_definition_name:
planCheckEnabled: boolean (true|false)
schedules_count: int (0..)
scaling_rules_count: int (0..)
plan_updateable: boolean (true|false)
Example below:
=======
plan_definitions:
Some-example-uuid-ONE:
planCheckEnabled: true
schedules_count: 2
scaling_rules_count: 4
Some-example-uuid-TWO:
planCheckEnabled: true
schedules_count: 10
scaling_rules_count: 10
default: ''
autoscaler.apiserver.cred_helper.impl:
description: "Either default or stored_procedure which retrieves and manages credentials"
default: "default"
autoscaler.apiserver.cred_helper.stored_procedure_config:
description: |
Configuration to define the stored procedure config if `stored_procedure` is used as the implementation.
NOTE: The procedure_name/function name is case sensitive. This is to secure the configuration quoting identifiers
which makes them case sensitve
stored_procedure_config:
schema_name: string
create_binding_credential_procedure_name: string
drop_binding_credential_procedure_name: string
drop_all_binding_credential_procedure_name: string
validate_binding_credential_procedure_name: string
Example below:
=======
stored_procedure_config:
schema_name: SCHEMA
create_binding_credential_procedure_name: CREATE
drop_binding_credential_procedure_name: DROP
drop_all_binding_credential_procedure_name: dropALL
validate_binding_credential_procedure_name: VALIDATE
default: {}