-
Notifications
You must be signed in to change notification settings - Fork 33
/
Copy pathspec
112 lines (88 loc) · 4.66 KB
/
spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
---
name: silk-daemon
templates:
bootstrap-config.json.erb: config/bootstrap-config.json
bpm.yml.erb: config/bpm.yml
drain.erb: bin/drain
healthchecker.yml.erb: config/healthchecker.yml
pre-start.erb: bin/pre-start
post-start.erb: bin/post-start
ca.crt.erb: config/certs/ca.crt
client.crt.erb: config/certs/client.crt
client.key.erb: config/certs/client.key
client-config.json.erb: config/client-config.json
policy-agent-ca.crt.erb: config/certs/policy-agent/ca.crt
policy-agent-client.crt.erb: config/certs/policy-agent/client.crt
policy-agent-client.key.erb: config/certs/policy-agent/client.key
packages:
- silk-daemon
- silk-ctl-utils
- silk-healthchecker
consumes:
- name: cf_network
type: cf_network
- name: iptables
type: iptables
optional: true
- name: vpa
type: policy-agent
properties:
vtep_port:
description: "Host port used for receiving VXLAN packets"
default: 4789
container_metadata_file_check_timeout:
description: "Timeout in seconds for checking the container metadata file during drain"
default: 600
partition_tolerance_hours:
description: "When silk controller is unavailable, silk daemon will remain healthy and allow creation of new containers for this number of hours. Should be no larger than cf_networking.subnet_lease_expiration_hours."
default: 168
lease_poll_interval_seconds:
description: "The silk daemon queries the silk controller on this interval in seconds to renew its lease and get all routable leases."
default: 30
ca_cert:
description: "Trusted CA certificate that was used to sign the silk controller server cert and key."
client_cert:
description: "Client certificate for TLS to access silk controller."
client_key:
description: "Client private key for TLS to access silk controller."
listen_port:
description: "Silk daemon handles requests from the CNI plugin on this localhost port."
default: 23954
debug_port:
description: "Debug port for silk daemon. Use this to adjust log level at runtime or dump process stats."
default: 22233
metron_port:
description: "Forward metrics to this metron agent, listening on this port on localhost"
default: 3457
silk_controller.hostname:
description: "Host name for the silk controller. E.g. the service advertised via Bosh DNS. Must match common name in the silk_controller.server_cert"
default: "silk-controller.service.cf.internal"
silk_controller.listen_port:
description: "Silk controller handles requests from the silk daemon on this port."
default: 4103
vxlan_network:
description: "The name of the bosh network which container traffic is sent over. If empty, the default gateway network is used."
temporary_vxlan_interface:
description: "Not recommended. Use vxlan_network instead. Name of network interface which container traffic is sent to. If empty, the default network interface is used. This cannot be set when vxlan_network is set."
disable:
description: "Disable this monit job. It will not run. Required for backwards compatability"
default: false
single_ip_only:
description: "When true, this VM will get assigned exactly one IP address on the Silk network. Use this to connect this VM to the Silk network without acquiring a whole block of addresses (as would be required for a Diego Cell)."
default: false
policy_server_url:
description: "The policy server internal hostname and port"
default: https://policy-server.service.cf.internal:4003
logging.level:
description: "Log Level for silk-daemon to start with"
default: info
logging.format.timestamp:
description: |
Format for timestamp in the drain log. Valid values are 'rfc3339' and 'deprecated'.
This property only affects the drain log because other component and bosh lifecycle logs were already in the rfc3339 format.
'rfc3339' is the recommended format. It will result in all timestamps in the drain log controlled by silk-daemon to be in RFC3339 format, which is human readable. This does not include stderr logs from golang libraries.
'deprecated' will result in all timestamps being in the format they were before the rfc3339 flag was introduced for the drain log. We do not recommend using this flag unless you have scripts that expect a particular timestamp format.
default: "rfc3339"
healthchecker.failure_counter_file:
description: "File used by the healthchecker to monitor consecutive failures."
default: /var/vcap/data/silk-daemon/counters/consecutive_healthchecker_failures.count