-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathproduct-template-reference.html.md.erb
952 lines (763 loc) · 35 KB
/
product-template-reference.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
---
title: Product Template Reference
owner: Ops Manager
---
<strong><%= modified_date %></strong>
This document defines the separate pieces of a product template.
For the purpose of explanation we use the [PCF example tile](https://github.com/pivotal-cf-experimental/ops-manager-example),
a functional tile provided by the Ops Manager engineering team that deploys the NGINX web server.
The product template, a `.yml` file in the tile's `metadata` subdirectory, includes or points to the following:
* Metadata: high level information about your tile
* Dependencies: how to specify product dependencies
* Property Blueprints: the building blocks of representing values
* Form Types: exposing property blueprints into generated forms
* Jobs
## <a id='top-level'></a> Top Level Properties
The following is an example of the properties that appear at the top of a product template. Following this example are definitions of each property.
<pre class="code">
---
name: example-product
product_version: <%= version.inspect %>
minimum_version_for_upgrade: "1.7.0"
metadata_version: "1.11"
label: 'Ops Manager: Example Product'
description: An example product to demonstrate Ops Manager product-author features
rank: 1
service_broker: false # Default value
stemcell_criteria:
os: ubuntu-trusty
version: <%= stemcell_version.inspect %>
enable_patch_security_updates: true
releases:
- name: example-release
file: <%= release_file_name.inspect %>
version: <%= release_file_name.match(/^example-release-(.*)\.tgz$/)[1].inspect %>
variables:
- name: credhub-password
type: password
post_deploy_errands:
- name: example-errand
pre_delete_errands:
- name: example-errand
</pre>
### <a id='top-name'></a> name
String. Required.
The internal name of the product. You must keep the name of your product consistent for migrations to function properly.
Changing the name indicates the installation of a completely different product.
### <a id='top-version'></a> product_version
String. Required.
The version of the product. At present you can only import this version into Ops Manager once.
If you intend to import the same product / version, you must delete the existing one from the /metadata folder and delete the installation files from Ops Manager's disk.
The version number is important for [migrations](./tile-upgrades.html).
### <a id='top-min-version'></a> minimum\_version\_for\_upgrade
String. Optional. Pivotal recommends that you set a minimum version for upgrading to your current product version.
This example shows a current product version of v1.7 that only upgrades from a v1.6.x version of the same product:
```
- product_version: 1.7.0.0
minimum_version_for_upgrade: 1.6.0.0
```
### <a id='top-metadata'></a> metadata_version
String. Required.
The versioned structure of the product template (the file you are editing).
Changing the version number can unlock new properties, and also break properties that changed from previous versions.
The metadata version does not always correlate to Ops Manager version number and depends on what, or if, new metadata properties were introduced.
### <a id='top-label'></a> label
String. Optional.
The label that appears in the product tile when it displays in the Ops Manager Dashboard.
### <a id='top-description'></a> description
String. Optional.
A description of the product. This is not currently used but may be displayed in a future version of Ops Manager.
### <a id='top-rank'></a> rank
Integer. Required.
The order in which a product tile appears on the dashboard.
The Ops Manager Director always appears at rank 100.
For your product to appear to the right of Ops Manager Director (preferable)i, you must set this value to an integer less than 100.
Pivotal recommends that you set it to 1.
Ops Manager sorts tiles alphabetically if all tiles have the same rank.
This is a known weak point.
### <a id='top-service-broker'></a> service_broker
Boolean. Optional, default `false`.
Set `service_broker` to `true` for on-demand service brokers. Setting `service_broker` to `true` does the following:
- Enables the service network selector property type
- Requires the operator to select a service network during tile configuration.
Tile authors can reference the selected service network with `(( $self.service_network ))`.
- Includes a UAA client for the service to use.
Tile authors can reference the UAA client credentials with `(( $self.uaa_client_name ))` and `(( $self.uaa_client_secret ))`.
### <a id='top-stemcell-criteria'></a> stemcell_criteria
Hash. Required.
For a list of stemcells, including OS and version, see [the BOSH hub](https://bosh.io/).
You do not specify which IaaS the Stemcell targets.
This keeps your product template IaaS agnostic so that one product template can be deployed on any IaaS.
At the time of this writing, none of the BOSH stemcells require a Cloud Provider Interface (CPI).
This is expected to change in a future release of BOSH.
`enable_patch_security_updates` allows you to automatically use the latest patched version of a stemcell.
This is by default set to `true`. For products using static compilations, you can disable this feature.
If you set the property to `false`, your product does not receive security patches through automatic stemcell updates.
<pre class="code">
stemcell\_criteria
os: ubuntu-trusty
version: <%= stemcell\_version.inspect %>
enable\_patch\_security\_updates: true
</pre>
This feature increases security by automatically using the latest patched version of a stemcell.
However, operators may experience longer than expected upgrade times.
For more information, see [Understanding Floating Stemcells](http://docs.pivotal.io/pivotalcf/customizing/understanding-stemcells.html).
### <a id='top-release'></a> releases
Array of Hashes. Required.
The list of releases contained in your product's releases directory.
The version of the release must be exactly the same as the version contained in the release (BOSH releases are versioned and signed by BOSH).
### <a id='top-post-deploy'></a> post\_deploy\_errands
Array of Hashes. Optional.
A list of errands that run after a deploy succeeds.
Set the `run_post_deploy_errand_default:` property to `on` or `off` to set the default for the errand's run rule selector in Ops Manager.
See [Lifecycle Errands](./tile-errands.html). If this property is not supplied, the selector defaults to `On`.
### <a id='top-pre-delete'></a> pre\_delete\_errands
Array of Hashes. Optional.
A list of errands that run before a deployment is deleted.
Set the `run_pre_delete_errand_default:` property to `on` or `off` to set the default for the errand's run rule selector in Ops Manager.
See [Lifecycle Errands](./tile-errands.html). If this property is not supplied, the selector defaults to `On`.
## <a id='form-properties'></a> Form Properties
The following is an example of the properties that appear in the `form_types` section of a product template.
These forms appear on the left hand side, as links, after a user clicks on the tile itself.
As shown in a later section, form properties reference `property_blueprints` for the definition of the type of data (URL, IP address, list, etc.) being saved.
Form properties are themselves referenced in the manifest section of the `job_types` section, which will also be explained later in this document.
The eventual purpose of these properties is to hydrate a BOSH manifest, which Ops Manager generates on the user's behalf.
Following this example are definitions of each property.
```
form_types:
- name: example-form
label: Configurable Properties
description: All the properties that you can configure!
markdown: |
## I am markdown, hear me _roar_.
![Alt text](http://placekitten.com/g/400/200)
Things to do:
1. Learn [markdown](https://daringfireball.net/projects/markdown/).
1. ...
1. Profit!
property_inputs:
- reference: .web_server.example_string
label: Example string
description: 'Configure a property of type string'
- reference: .web_server.example_string_with_placeholder
label: Example string containing Placeholder text
description: 'Optional field. Configuration not necessary'
placeholder: 'Ghost text. Spooky!'
- reference: .web_server.example_migrated_integer
label: Example integer
description: 'Configure a property of type integer'
- reference: .web_server.example_boolean
label: Example boolean
description: 'Configure a property of type boolean'
- reference: .web_server.example_dropdown
label: Example dropdown
description: 'Configure a property of type dropdown'
- reference: .web_server.example_domain
label: Example domain
description: 'Configure a property of type domain'
- reference: .web_server.example_wildcard_domain
label: Example wildcard_domain
description: 'Configure a property of type wildcard_domain'
- reference: .web_server.example_string_list
label: Example string_list
description: 'Configure a property of type string_list'
- reference: .web_server.example_text
label: Example text
description: 'Configure a property of type text (setting to "magic value" causes the web server job instance count to go to 0)'
- reference: .web_server.example_ldap_url
label: Example ldap_url
description: 'Configure a property of type ldap_url'
- reference: .web_server.example_email
label: Example email
description: 'Configure a property of type email'
- reference: .web_server.example_http_url
label: Example http_url
description: 'Configure a property of type http_url'
- reference: .web_server.example_ip_address
label: Example ip_address
description: 'Configure a property of type ip_address'
- reference: .web_server.example_ip_ranges
label: Example ip_ranges
description: 'Configure a property of type ip_ranges'
- reference: .web_server.example_multi_select_options
label: Example multi_select_options
description: 'Configure a property of type multi_select_options'
- reference: .web_server.example_network_address_list
label: Example network_address_list
description: 'Configure a property of type network_address_list (this property was marked with freeze_on_deploy, and so will not be editable after changes are first applied)'
- reference: .web_server.example_network_address
label: Example network_address
description: 'Configure a property of type network_address'
- reference: .web_server.example_port
label: Example port
description: 'Configure a property of type port'
- reference: .web_server.example_smtp_authentication
label: Example smtp_authentication
description: 'Configure a property of type smtp_authentication'
- reference: .web_server.client_certificate
label: Example certificate
description: 'Configure a certificate'
```
### <a id='form-name'></a> name
String. Required.
The internal name of the form.
### <a id='form-label'></a> label
String. Required.
The label of the form as it appears as a link on the left hand side of each form.
### <a id='form-description'></a> description
String. Optional.
The description of the form. Appears at the top of the form as a header.
### <a id='form-markdown'></a> markdown
Markdown. Optional.
Provide a block of markdown to display at the top of the form. Includes image support.
You can use this property to document the tile and provide explanations or references.
### <a id='form-property-inputs'></a> property_inputs
Array of Hashes. Required.
References to properties defined in the property_blueprints section of the product template.
### <a id='form-placeholder'></a> placeholder
String. Optional. Specify placeholder text for a field.
The text appears in light gray to show an example value for the user.
The text disappears when the user types in the field and reappears if the user leaves the field empty.
The `placeholder` attribute displays for the following form types:
* string
* integer
* domain
* wildcard_domain
* string_list
* text
* ldap_url
* email
* http_url
* ip_address
* ip_ranges
* network\_address\_list
* network_address
* port
## <a id='simple-vs-complex'></a> Simple vs. Complex Inputs (Selectors and Collections)
Most properties are simple values such as strings, integers, URL addresses, or IP addresses.
Others are complex, such as selectors or collections.
Selectors are a means of giving the user a choice of a set of inputs.
Collections are a means of giving the user the ability to enter an array of values to create a hash.
Selectors appear as follows:
![Selector](img/selector.png)
Collections appear as follows:
![Collection](img/collection.png)
## <a id='property-blueprints'></a> Property Blueprints
The following is an example of the `property_blueprints` that appear in a product template.
These blueprints define anything that will eventually end up in the BOSH manifest generated by Ops Manager.
Note that one of these blueprints references a migrated value, which came from the Example Product v1.6 using [migrations](./tile-upgrades.html).
```
property_blueprints:
- name: example_selector
type: selector
configurable: true
default: Pizza
freeze_on_deploy: true
option_templates:
- name: pizza_option
select_value: Pizza
named_manifests:
- name: my_snippet
manifest: |
pizza_toppings:
pepperoni: (( .properties.example_selector.pizza_option.pepperoni.value ))
pineapple: (( .properties.example_selector.pizza_option.pineapple.value ))
other: (( .properties.example_selector.pizza_option.other_toppings.value ))
- name: provides_section
manifest: |
as: 'pizza_link_web_server_job'
- name: consumes_section
manifest: |
from: 'pizza_link_web_server_job'
property_blueprints:
- name: pepperoni
type: boolean
configurable: true
freeze_on_deploy: true
- name: pineapple
type: boolean
configurable: true
default: true
- name: other_toppings
type: string
configurable: true
optional: true
constraints:
- must_match_regex: '\A[^!@#$%^&*()]*\z'
error_message: 'This name cannot contain special characters.'
- name: filet_mignon_option
select_value: Filet Mignon
named_manifests:
- name: my_snippet
manifest: |
rarity: (( .properties.example_selector.filet_mignon_option.rarity_dropdown.value ))
review: (( .properties.example_selector.filet_mignon_option.review.value ))
secret_sauce: (( .properties.example_selector.filet_mignon_option.secret_sauce.value ))
- name: provides_section
manifest: |
as: 'filet_mignon_link_web_server_job'
- name: consumes_section
manifest: |
from: 'filet_mignon_link_web_server_job'
property_blueprints:
- name: rarity_dropdown
type: dropdown_select
configurable: true
default: rare
options:
- name: rare
label: 'Rare'
- name: medium
label: 'Medium'
- name: well-done
label: 'Well done'
```
### <a id='top-configurable'></a> configurable
No property will be viewable in a form unless `configurable` is set to `true`.
Rather than giving the user the ability to enter a value, the value is generated by Ops Manager.
### <a id='top-must-match'></a> must\_match\_regex
Regular Expression. Optional. Create a validator that runs on the form save event.
If the user input does not match the `must_match_regex` constraint, the form displays the specified `error_message`.
Multiple `must_match_regex` constraints for a single property blueprint are evaluated in the order listed.
## <a id='configurable-props'></a> Configurable Properties
Many of these properties are strings, but can be used with validators in order to check that the user typed in the correct format for a URL, IP, address, domain, etc.
### <a id='configurable-string'></a> string
A string.
### <a id='configurable-integer'></a> integer
An integer.
### <a id='configurable-boolean'></a> boolean
A boolean. Viewed as a checkbox.
### <a id='configurable-dropdown'></a> dropdown_select
A list of options. The user chooses one viewed as an HTML select box.
### <a id='configurable-multiselect'></a> multi\_select\_options
A list of options. The user chooses zero or more, viewed as HTML checkboxes.
### <a id='configurable-domain'></a> domain
A second, third, fourth, etc level domain.
### <a id='configurable-wildcard-domain'></a> wildcard_domain
A domain with a wildcard in front of it. Example: `*.domain.com`
### <a id='configurable-text'></a> text
A string. Appears as an HTML textarea.
### <a id='configurable-ldap-url'></a> ldap_url
A URL prefaced by `ldap://`.
### <a id='configurable-email'></a> email
An email address.
### <a id='configurable-ips'></a> ip_ranges
A range of IP addresses, with dashes and commas allowed. Example: `1.1.1.1-1.1.1.4,2.2.2.1-2.2.2.4`
### <a id='configurable-port'></a> port
An integer representing a network port.
### <a id='configurable-address'></a> network_address
A single IP address or domain. Example: `1.1.1.1`
### <a id='configurable-address-list'></a> network\_address\_list
A list of IP addresses or domains. Example: `1.1.1.1,example.com,2.2.2.2`
### <a id='generated'></a> Generated Properties (can also be configurable)
The following properties are configurable, but can also be generated by Ops Manager if configurable is false or the configurable key is omitted.
The exceptions are the uuid and salted credentials properties, which are never configurable.
### <a id='generated-cert-creds'></a> rsa\_cert\_credentials
An RSA certificate.
### <a id='generated-pkey-creds'></a> rsa\_pkey\_credentials
An RSA private key.
### <a id='generated-salted-creds'></a> salted_credentials
Username and password created using a non-reversible hash algorithm.
### <a id='generated-simple-creds'></a> simple_credentials
Username and password.
### <a id='generated-secret'></a> secret
A random string or password.
### <a id='generated-uuid'></a> uuid
A universal unique identifier.
### <a id='complex'></a> Complex Properties (Selectors and Collections)
The selector and collections inputs are referenced by their selector and collection property blueprints.
These are more complicated than simple properties in that they contain manifest snippets, which are further referenced in other manifest snippets.
We will learn about manifest snippets in the next section.
## <a id='job-types'></a> Job Types
The following is an example of the `job_types` section that appears in a product template.
This section defines the jobs that end up in a BOSH manifest.
Those jobs are defined in your BOSH release.
Jobs require many different settings in order to function properly, and that is the crux of what Ops Manager does for you:
it asks a user for values to those settings and generates a manifest based on what was entered.
Ops Manager does not require product authors to provide `vm_credentials` in the `property_blueprints` for each `job_type`. This is because `vm_credentials` are generated automatically,
and you can find them in the release manifest.
<p class="note"><strong>Note: </strong> Starting in PCF v2.1, Ops Manager ignores <code>static_ip</code> and <code>dynamic_ip</code> keys.</p>
```
job_types:
- name: web_server
resource_label: Web Server
templates:
- name: web_server
release: example-release
- name: time_logger
release: example-release
release: example-release
static_ip: 1
dynamic_ip: 0
max_in_flight: 1
single_az_only: true
instance_definition:
name: instances
type: integer
configurable: true
default: 1
constraints:
max: 1
zero_if:
property_reference: '.web_server.example_text'
property_value: 'magic value'
resource_definitions:
- name: ram
type: integer
configurable: true
default: 1024
- name: ephemeral_disk
type: integer
configurable: true
default: 2048
- name: persistent_disk
type: integer
configurable: true
default: 1024
constraints:
min: 1024
- name: cpu
type: integer
configurable: true
default: 1
property_blueprints:
- name: static_ips
type: ip_ranges
configurable: true
optional: true
- name: generated_rsa_cert_credentials
type: rsa_cert_credentials
- name: generated_rsa_pkey_credentials
type: rsa_pkey_credentials
- name: generated_salted_credentials
type: salted_credentials
- name: generated_simple_credentials
type: simple_credentials
- name: generated_secret
type: secret
- name: generated_uuid
type: uuid
- name: example_string_with_placeholder
type: string
configurable: true
optional: true
placeholder: 'Configure me!'
- name: example_string
type: string
configurable: true
default: 'Hello world'
constraints:
- must_match_regex: '^[^!@#$%^&*()]*$'
error_message: 'This name cannot contain capital digits.'
- must_match_regex: '^[^0-9]*$'
error_message: 'This name cannot contain digits.'
- name: example_migrated_integer
type: integer
configurable: true
default: 1
- name: example_boolean
type: boolean
configurable: true
default: true
- name: example_dropdown
type: dropdown_select
configurable: true
default: kiwi
options:
- name: kiwi
label: 'label for kiwi'
- name: lime
label: 'label for lime'
- name: avocado
label: 'label for avocado'
- name: example_domain
type: domain
configurable: true
default: www.example.com
- name: example_wildcard_domain
type: wildcard_domain
configurable: true
default: 'example.com'
- name: example_string_list
type: string_list
configurable: true
default: 'a,list,of,strings'
- name: example_text
type: text
configurable: true
default: 'some_text'
- name: example_ldap_url
type: ldap_url
configurable: true
default: 'ldap://example.com'
- name: example_email
type: email
configurable: true
default: [email protected]
- name: example_http_url
type: http_url
configurable: true
default: 'http://www.example.com'
- name: example_ip_address
type: ip_address
configurable: true
default: '192.168.0.1'
- name: example_ip_ranges
type: ip_ranges
configurable: true
default: '1.1.1.1-1.1.1.4,2.2.2.1-2.2.2.4'
- name: example_multi_select_options
type: multi_select_options
configurable: true
default: ['earth', 'jupiter']
options:
- name: mercury
label: 'label for mercury'
- name: venus
label: 'label for venus'
- name: earth
label: 'label for earth'
- name: mars
label: 'label for mars'
- name: jupiter
label: 'label for jupiter'
- name: saturn
label: 'label for saturn'
- name: uranus
label: 'label for uranus'
- name: neptune
label: 'label for neptune'
- name: example_network_address_list
type: network_address_list
configurable: true
default: '1.1.1.1,example.com,foo.bar.example.com'
- name: example_network_address
type: network_address
configurable: true
default: '1.1.1.1'
- name: example_port
type: port
configurable: true
default: 1111
- name: example_smtp_authentication
type: smtp_authentication
configurable: true
default: plain
- name: client_certificate
type: ca_certificate
configurable: true
optional: true
manifest: |
generated:
root_rsa_certificate: (( $ops_manager.ca_certificate ))
rsa_cert_credentials:
public_key_pem: (( generated_rsa_cert_credentials.public_key_pem ))
cert_and_private_key_pems: (( generated_rsa_cert_credentials.cert_and_private_key_pems ))
rsa_pkey_credentials:
public_key_pem: (( generated_rsa_pkey_credentials.public_key_pem ))
private_key_pem: (( generated_rsa_pkey_credentials.private_key_pem ))
public_key_openssh: (( generated_rsa_pkey_credentials.public_key_openssh ))
public_key_fingerprint: (( generated_rsa_pkey_credentials.public_key_fingerprint ))
salted_credentials:
sha512_hashed_password: (( generated_salted_credentials.sha512_hashed_password ))
identity: (( generated_salted_credentials.identity ))
salt: (( generated_salted_credentials.salt ))
password: (( generated_salted_credentials.password ))
simple_credentials:
identity: (( generated_simple_credentials.identity ))
password: (( generated_simple_credentials.password ))
secret: (( generated_secret.value ))
uuid: (( generated_uuid.value ))
configured:
string: (( example_string.value ))
integer: (( example_migrated_integer.value ))
...
record_collection: (( .properties.example_collection.value || [] ))
selector: (( .properties.example_selector.selected_option.parsed_manifest(my_snippet) ))
ops_manager_provided_accessors:
name: (( name ))
ram: (( ram ))
ephemeral_disk: (( ephemeral_disk ))
persistent_disk: (( persistent_disk ))
instances: (( instances ))
availability_zone: (( availability_zone ))
bosh_job_partition_stats: (( bosh_job_partition_stats ))
```
### <a id='job-name'></a> name
String. Required.
The name of the job as it will be created in the Ops Manager generated BOSH manifest.
### <a id='job-label'></a> resource_label
String. Required.
The label of the job as it will appear in the resources page of the tile.
### <a id='job-template'></a> templates
Array of Hashes. Required.
Each element has the following fields:
#### <a id='template-name'></a> name
The name of the job template to use. Required.
#### <a id='template-release'></a> release
The name of the release the template is from. Required.
#### <a id='template-consumes'></a> consumes
A YAML string defining [BOSH links](https://bosh.io/docs/links.html) this job consumes. Optional.
#### <a id='template-provides'></a> provides
A YAML string defining [BOSH links](https://bosh.io/docs/links.html) this job provides. Optional.
This is a BOSH feature (creating jobs from different releases). See the [BOSH documentation](https://bosh.io/) for more information.
### <a id='job-release'></a> release
String. Required.
The name of the BOSH release contained in your product archive (.pivotal file).
### <a id='job-single-az'></a> single\_az\_only
Boolean. Required.
You can give users control of balancing jobs across availability zones (AZs) by setting `single_az_only` to `false`.
To limit a job to a single AZ, set this to `true`.
<p class="warning note"><strong>WARNING: </strong> If you change the <code>single_az_only</code> setting, your VMs may switch AZs. This change can cause an orphaned disk.</p>
### <a id='job-max-in-flight'></a> max\_in\_flight
Integer. Required.
A BOSH setting that controls the number of instances of this job that BOSH will deploy in parallel.
### <a id='job-resource-def'></a> resource_definition
Array of Hashes. Required.
A set of resource settings for the job along with max and min constraints, defaults,
and whether or not the user can configure (change) the setting.
The resources that can be set are:
- ram
- ephemeral_disk
- persistent_disk
- cpu
<p class="note"><strong>Note: </strong>If you set the <code>default</code> property for <code>persistent_disk</code> to <code>0</code>,
users cannot edit this value and the <strong>Resource Config</strong> page in <strong>Ops Mananger</strong> displays <strong>None</strong> under the persistent disk field.</p>
### <a id='job-instance-def'></a> instance_definition
Hash. Required.
The number of default instances for a job along with max, min, odd, and the ability to decrease sizing after deploy constraints.
If your product uses an external service that performs the same job as a service in Elastic Runtime,
you can reduce resource usage by setting the instance count of a job to `0` with the `zero_if` property.
For example, your product uses Amazon Relational Database Service (RDS) instead of MySQL, which is the default system database for Elastic Runtime.
Set `property reference` to `.properties.system.database` and `property value` to `magic value` to change the instance counts of all MySQL jobs to `0`.
### <a id='job-manifest'></a> manifest
Text snippet, prefaced by pipe symbol: `|`. Optional.
Ops Manager generates a BOSH manifest that defines properties for each job that the manifest deploys.
Some of these properties are not set until the user clicks **Apply Changes**, because the user configures them in the tile or because Ops Manager has to generate them.
To include these properties in a manifest snippet, use "double-parens" syntax, which consists of a variable name surrounded by two sets of parentheses:
```
manifest: |
pizza_toppings:
pepperoni: (( .properties.example_selector.pizza_option.pepperoni.value ))
```
When Ops Manager parses a product template and BOSH parses a manifest,
they both fill in properties designated by double-parens syntax.
Some property values in a product template, such as CredHub credentials, must be filled in by BOSH on the BOSH Director VM, rather than by Ops Manager.
To include these BOSH deploy-time properties in a manifest snippet, use "triple-parens" notation:
```
manifest: |
credhub:
concatenated_password: prefix-((( credhub-password )))-suffix
password: ((( credhub-password )))
```
Ops Manager strips the outer parentheses from these expressions and
includes the resulting double-parens expressions in the manifest it generates, for BOSH to evaluate at deploy time.
### <a id='named-manifest'></a> named_manifest
Specify a property for collection within the `named_manifest` section of the metadata.
See the [Simple vs. Complex Inputs](#simple-vs-complex) section for more information about collections.
The following example uses a named manifest called `for_routing` that belongs to the `certificate_collection` job:
```
- name: certificate_collection
type: collection
configurable: true
property_blueprints:
- name: some_cert_name
type: string
- name: some_cert
type: rsa_cert_credentials
named_manifests:
- name: for_routing
manifest: |
name: (( current_record.some_cert_name.value ))
private_key: (( current_record.some_cert.private_key_pem ))
public_key: (( current_record.some_cert.public_key_pem ))
certificate: (( current_record.some_cert.cert_pem ))
```
Use the `current_record` property within a collection record to refer to other properties in the same record.
For example, the properties in the `for_routing` named manifest refer to the values for `name`, `private_key`, `public_key`, and `certificate` within this record only.
<p class="note"><strong>Note:</strong> The <code>current_record</code> property is reserved. You cannot create a new property named <code>current_record</code>.</p>
After defining a named manifest, you can reference it using a manifest snippet in the following format:
```
routing_certificates: (( .properties.certificate_collection.parsed_manifest(for_routing) ))
```
Ops Manager renders the following manifest from this example:
```
routing_certificates:
- name: foo_cert
private_key: PRIVATE-KEY
public_key: PUBLIC-KEY
certificate: CERTIFICATE
- name: bar_cert
private_key: PRIVATE-KEY
public_key: PUBLIC-KEY
certificate: CERTIFICATE
```
### <a id='selector-snippets'></a> Selector Manifest Snippets
Selector snippets are evaluated twice. As you saw in the `property_blueprint`,
the selector has a manifest snippet for both sets of inputs that the user might choose.
Only one of these sets is evaluated and inserted into the job's manifest.
### <a id='ops-man-snippets'></a> Ops Manager Provided Snippets
The following double-parens accessors retrieve your job properties:
* name: `(( name ))`
* ram: `(( ram ))`
* ephemeral\_disk: `(( ephemeral_disk ))`
* persistent\_disk: `(( persistent_disk ))`
* instances: `(( instances ))`
* availability\_zone: `(( availability_zone ))` (deprecated)
* bosh\_job\_partition\_stats: `(( bosh_job_partition_stats ))` (deprecated)
* first\_network\_deprecated: `(( first_network_deprecated ))` (deprecated)
* subnet\_cidrs: `(( subnet_cidrs ))`
<p class="note"><strong>Note: </strong> As of PCF v2.1, IP accessors are no longer supported.</p>
The following is a list of all typed values with the accessor "value":
* collection
* ldap\_url
* domain
* wildcard\_domain
* ip\_ranges
* ip\_address
* email
* port
* integer
* string
* boolean
* text
* smtp\_authentication
* network\_address
* network\_address\_list
* string\_list
* ca\_certificate
* multi\_select\_options
* dropdown\_select
* vm\_type\_dropdown
* disk\_type\_dropdown
* uuid
* service\_network\_az\_multi\_select
* service\_network\_az\_single\_select
* secret
The following list shows typed values with multiple accessors:
* simple\_credentials: identity, password
* rsa\_cert\_credentials: private\_key\_pem, cert\_pem, public\_key\_pem, cert\_and\_private\_key\_pems
* rsa\_pkey\_credentials: private\_key\_pem, public\_key\_pem, public\_key\_openssh, public\_key\_fingerprint
* salted\_credentials: salt, identity, password
* selector: value, selected\_option, nested context
In addition, Ops Manager supports accessors that are global to the entire installation rather than job specific.
* $ops\_manager.ca\_certificate: The internal SSL CA certificate used to sign all SSL certificates generated by this Ops Manager instance, such as when the user clicks a **Generate Self-Signed RSA Certificate** link
* $ops\_manager.trusted\_certificates
* $ops\_manager.http\_proxy
* $ops\_manager.https\_proxy
* $ops\_manager.no\_proxy
* $director.deployment\_ip
* $director.hostname
* $director.username
* $director.password
* $director.ntp\_servers
* $director.ca\_public\_key
* $director.tld
* $director.bosh\_metrics\_forwarder\_client\_name
* $director.bosh\_metrics\_forwarder\_client\_secret
* $self.uaa\_client\_name
* $self.uaa\_client\_secret
* $self.service\_network
* $self.stemcell\_version
* ..PRODUCT-NAME.properties
* ..PRODUCT-NAME.deployment\_name