This repository has been archived by the owner on Jan 21, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathkeep-etcd-for-transition.yml
149 lines (140 loc) · 3.77 KB
/
keep-etcd-for-transition.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
---
# Add a single etcd instance at a static IP address before doppler
- type: replace
path: /instance_groups/name=doppler:before
value:
migrated_from:
- {name: etcd_z2, az: z2}
name: etcd
azs:
- z2
instances: 1
persistent_disk_type: 5GB
vm_type: minimal
stemcell: default
update:
serial: true
max_in_flight: 1
networks:
- name: default
static_ips: ((etcd_static_ips))
jobs:
- name: consul_agent
release: consul
consumes:
consul_common: {from: consul_common_link}
consul_server: nil
consul_client: {from: consul_client_link}
properties:
consul:
agent:
services:
etcd:
name: cf-etcd
- name: etcd
release: etcd
consumes:
etcd: nil
properties:
etcd:
advertise_urls_dns_suffix: cf-etcd.service.cf.internal
cluster:
- instances: 1
name: etcd
peer_require_ssl: true
require_ssl: true
ca_cert: "((etcd_client.ca))"
client_cert: "((etcd_client.certificate))"
client_key: "((etcd_client.private_key))"
server_cert: "((etcd_server.certificate))"
server_key: "((etcd_server.private_key))"
peer_ca_cert: "((etcd_peer.ca))"
peer_cert: "((etcd_peer.certificate))"
peer_key: "((etcd_peer.private_key))"
- name: etcd_metrics_server
release: etcd
properties:
etcd_metrics_server:
etcd:
dns_suffix: cf-etcd.service.cf.internal
require_ssl: true
ca_cert: "((etcd_server.ca))"
client_cert: "((etcd_client.certificate))"
client_key: "((etcd_client.private_key))"
- type: replace
path: /instance_groups/name=doppler/jobs/name=doppler/properties/doppler?/disable_announce
value: true
- type: replace
path: /instance_groups/name=doppler/jobs/name=doppler/properties/loggregator/disable_syslog_drains?
value: true
- type: replace
path: /variables/name=etcd_ca?
value:
name: etcd_ca
options:
common_name: etcdCA
is_ca: true
type: certificate
- type: replace
path: /variables/name=etcd_server?
value:
name: etcd_server
type: certificate
options:
ca: etcd_ca
common_name: etcd.service.cf.internal
alternative_names:
- "*.etcd.service.cf.internal"
- etcd.service.cf.internal
- "*.cf-etcd.service.cf.internal"
- cf-etcd.service.cf.internal
extended_key_usage:
- server_auth
- type: replace
path: /variables/name=etcd_client?
value:
name: etcd_client
type: certificate
options:
ca: etcd_ca
common_name: clientName
extended_key_usage:
- client_auth
- type: replace
path: /variables/name=etcd_peer_ca?
value:
name: etcd_peer_ca
type: certificate
options:
is_ca: true
common_name: peerCA
- type: replace
path: /variables/name=etcd_peer?
value:
name: etcd_peer
type: certificate
options:
ca: etcd_peer_ca
common_name: etcd.service.cf.internal
alternative_names:
- "*.etcd.service.cf.internal"
- etcd.service.cf.internal
- "*.cf-etcd.service.cf.internal"
- cf-etcd.service.cf.internal
extended_key_usage:
- client_auth
- server_auth
- type: replace
path: /releases/name=etcd?
value:
name: etcd
sha1: 670bf17cea0e6e56bdac33956545b3e302062521
url: https://bosh.io/d/github.com/cloudfoundry-incubator/etcd-release?v=117
version: "117"
- type: replace
path: /releases/name=loggregator?
value:
name: loggregator
sha1: 2080e1e0594591dafa716c69f207eb29929bce3d
url: https://bosh.io/d/github.com/cloudfoundry/loggregator-release?v=99
version: "99"