Skip to main content
Version: 55.0.0

Template Uploader Errand Properties

The template-uploader errand has different properties based on each service. In the first section you can find the general properties, valid for all services. Additionally you can find the properties for each service in the sections below.

PropertyDescription
/backup_manager_apiAPI-Endpoint for the Backup Manager
/backup_manager_usernameUsername for the Backup Manager
/backup_manager_passwordPassword for the Backup Manager
/cdns_encryptTBD
/cdns_ssl.caTBD
/cdns_ssl.certificateTBD
/cdns_ssl.private_keyTBD
stemcell_osThe operating system of the BOSH stemcell
stemcell_aliasStemcell alias configured in the IaaS configuration
stemcell_versionCurrent version of the stemcell
service_networkTBD
consul_domainDomain name for Consul DNS
consul_ipsTBD
add_consul_to_bosh_dns_resolversAdd Consul DNS to BOSH DNS resolvers. true or false
global_graphite_endpointEndpoint for the Graphite API, see Metrics
global_syslog_endpointEndpoint for the Syslog API
use_metrics_prefix_level_2If true, CF org will be sent with the Graphite metrics, see Metrics.
use_metrics_prefix_level_3If true, CF space will be sent with the Graphite metrics, see Metrics.

KeyValue

PropertyDescription
/a9s_private_components_caThe root CA certificate which is used to sign the client certificates used by the framework components to communicate via mTLS with each other
backup_manager_api_endpointThe API endpoint (schema://hostname:port) used by the a9s Backup Agent to communicate with the a9s Backup Manager

LogMe2

PropertyDescription
/a9s_private_components_caThe root CA certificate which is used to sign the client certificates used by the framework components to communicate via mTLS with each other
/logme2_service_dashboard_secretTBD
/cf_nats_ipsIPs of each cluster member of the NATS server deployment
/cf_nats_credentials.usernameUsername for the NATS-TLS user used by the Route Registrar
/cf_nats_credentials.passwordPassword for the NATS-TLS user used by the Route Registrar
/cf_nats_tls_client_cert.certificateClient certificate for the NATS-TLS connection used by the Route Registrar
/cf_nats_tls_client_cert.private_keyClient Key for the NATS-TLS conncection used by the Route Registrar
/cf_nats_tls_client_cert.caCertificate authority for the NATS-TLS connection used by the Route Registrar
cf_system_domainTBD
dashboard_client_idTBD
backup_manager_api_endpointThe API endpoint (schema://hostname:port) used by the a9s Backup Agent to communicate with the a9s Backup Manager

MongoDB

PropertyDescription
/a9s_private_components_caThe root CA certificate which is used to sign the client certificates used by the framework components to communicate via mTLS with each other
backup_manager_api_endpointThe API endpoint (schema://hostname:port) used by the a9s Backup Agent to communicate with the a9s Backup Manager

MariaDB

PropertyDescription
/a9s_private_components_caThe root CA certificate which is used to sign the client certificates used by the framework components to communicate via mTLS with each other
backup_manager_api_endpointThe API endpoint (schema://hostname:port) used by the a9s Backup Agent to communicate with the a9s Backup Manager

PostgreSQL

PropertyDescription
/a9s_private_components_caThe root CA certificate which is used to sign the client certificates used by the framework components to communicate via mTLS with each other
backup_manager_api_endpointThe API endpoint (schema://hostname:port) used by the a9s Backup Agent to communicate with the a9s Backup Manager

Prometheus

PropertyDescription
/prometheus_service_dashboard_secretTBD
/cf_nats_ipsIPs of each cluster member of the NATS server deployment
/cf_nats_credentials.usernameUsername for the NATS-TLS user used by the Route Registrar
/cf_nats_credentials.passwordPassword for the NATS-TLS user used by the Route Registrar
/cf_nats_tls_client_cert.certificateClient certificate for the NATS-TLS connection used by the Route Registrar
/cf_nats_tls_client_cert.private_keyClient Key for the NATS-TLS conncection used by the Route Registrar
/cf_nats_tls_client_cert.caCertificate authority for the NATS-TLS connection used by the Route Registrar

RabbitMQ

PropertyDescription
/a9s_private_components_caThe root CA certificate which is used to sign the client certificates used by the framework components to communicate via mTLS with each other
/cf_nats_ipsIPs of each cluster member of the NATS server deployment
/cf_nats_credentials.usernameUsername for the NATS-TLS user used by the Route Registrar
/cf_nats_credentials.passwordPassword for the NATS-TLS user used by the Route Registrar
/cf_nats_tls_client_cert.certificateClient certificate for the NATS-TLS connection used by the Route Registrar
/cf_nats_tls_client_cert.private_keyClient Key for the NATS-TLS conncection used by the Route Registrar
/cf_nats_tls_client_cert.caCertificate authority for the NATS-TLS connection used by the Route Registrar
backup_manager_api_endpointThe API endpoint (schema://hostname:port) used by the a9s Backup Agent to communicate with the a9s Backup Manager
info

For RabbitMQ the NATS-related properties are needed only if the RabbitMQ Management UI has been enabled.

Redis

PropertyDescription
/a9s_private_components_caThe root CA certificate which is used to sign the client certificates used by the framework components to communicate via mTLS with each other
backup_manager_api_endpointThe API endpoint (schema://hostname:port) used by the a9s Backup Agent to communicate with the a9s Backup Manager
PropertyDescription
/search_service_backup_agent_usernameUsername for the Search Backup Agent
/search_service_backup_agent_passwordPassword for the Search Backup Agent
global_syslog_endpointsEndpoints for the Syslog API. In contrast to global_syslog_endpoint, this parameter supports multiple endpoints, with optional TLS configuration, which must be specified in the following format: Syslog endpoints configuration with TLS support

Syslog Endpoints Configuration With TLS Support

# Example for host without TLS
- host: ndd79a54f-fluentd.service.dc1.dsf2.a9ssvc
port: 514
protocol: udp
rfc: rfc5424
# Example for host with TLS
- host: ndd79a54f-fluentd.service.dc1.dsf2.a9ssvc
port: 6514
protocol: ssl-tcp
rfc: rfc5424
ssl_cacert: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
ssl_cert: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
ssl_key: |
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----

TLS Configuration

The Template Uploader Errand communicates with the a9s Deployer via a TLS protected connection. This is configurable via the property anynines_service_broker.bosh_deployer.

For more details on this property, please refer to the TLS General Configuration documentation.