This is the README for Experimental Ops-files. To learn more about cf-deployment, go to the main README.
- For General Ops-files, check out the Ops-file README.
- For Addons Ops-files that can be applied to manifests or runtime configs, check out the Addons Ops-file README.
- For Backup and Restore Ops-files (for configuring your deployment for use with BBR), checkout the Backup and Restore Ops-files README.
- For Community Ops-files, check out the Community Ops-file README.
"Experimental" Ops-file represent configurations that we expect to promote to blessed configuration eventually, meaning that, once the configurations have been sufficiently validated, they will either become default (inlined into the base manifest), or GA'd as an optional feature (promoted from experimental to operations directory). Please follow the ops file workflows
| Name | Purpose | Notes | Currently validated in Release Integration CI pipelines? |
|---|---|---|---|
add-cflinuxfs4.yml |
Add cflinuxfs4 stack. | NO | |
add-metric-store.yml |
PROMOTED: use ../use-metric-store.yml |
NO | |
add-system-metrics-agent.yml |
Add agent to all vms with the purpose of egressing system metrics | NO | |
add-system-metrics-agent-windows2019.yml |
Add agent to windows2019 Diego cells for the purpose of egressing system metrics | NO | |
colocate-smoke-tests-on-cc-worker.yml |
Colocate the smoke_tests job on the cc-worker instance | A number of other operations files reference this instance group and may be incompatible with this operations file. Use `find ./operations/ -name "*.yml" | xargs grep "/instance_groups/name=smoke-tests"` to locate said files. |
disable-interpolate-service-bindings.yml |
Disables the interpolation of CredHub service credentials by Cloud Controller. | NO | |
enable-app-log-rate-limiting.yml |
Enable rate limiting for number of logs generated by the application. | Introduces variable app_log_rate_limit. |
NO |
enable-app-log-rate-limiting-windows2019.yml |
Enable rate limiting for number of logs generated by the application. | Introduces variable app_log_rate_limit. Requires ../windows2019-cell.yml |
NO |
enable-bpm-garden.yml |
Enables the BOSH Process Manager for Garden. | This ops file cannot be deployed in conjunction with enable-oci-phase-1.yml. |
NO |
enable-containerd-for-processes.yml |
Configure Garden to run processes via containerd. | This ops file cannot be deployed in conjunction with rootless-containers.yml. |
YES |
enable-cpu-throttling.yml |
PROMOTED: use ../enable-cpu-throttling.yml |
NO | |
enable-direct-io-grootfs.yml |
Configure Garden to enable directIO for grootfs. | NO | |
enable-iptables-logger.yml |
Enables iptables logger. | Does not yet work on AWS Jammy stemcells, see cloudfoundry/bosh-linux-stemcell-builder#241 | NO |
enable-nginx-routing-integrity-windows2019.yml |
Enables container proxy on the Windows 2019 Diego Cell rep and configures gorouter to opt into TLS-enabled connections to the backend. |
Warning: this is very experimental Requires ../windows2019-cell.yml |
NO |
enable-oci-phase-1.yml |
Configure CC, Diego, and Garden to create app and task containers more efficiently via OCI image specs. | This ops file cannot be deployed in conjunction with rootless-containers.yml. |
NO |
enable-tls-cloud-controller-postgres.yml |
Enables the usage of TLS to secure the connection between Cloud Controller and its Postgres database | Requires capi-release >= 1.41.0 and use-postgres.yml |
NO |
enable-traffic-to-internal-networks.yml |
Allows traffic from app containers to internal networks. Required to allow applications to communicate with the running CredHub in non-assisted mode. | NO | |
fast-deploy-with-downtime-and-danger.yml |
Risky, but fast. Disable canaries, increase the max number of vms bosh will update simultaneously, and remove serial: true from most instance groups to enable faster, but probably downtimeful, deploys. |
NO | |
infrastructure-metrics.yml |
Add the Prometheus node exporter and Loggregator Prom Scraper to addons. This puts infrastructure metrics into Loggregator's metric stream. | NO | |
rootless-containers.yml |
Enable rootless garden-runc containers. | Requires garden-runc 1.9.5 or later and grootfs 0.27.0 or later. This ops file cannot be deployed in conjunction with enable-oci-phase-1.yml. |
NO |
set-cflinuxfs4-default-stack.yml |
Set the default stack to cflinuxfs4. | Requires ./add-cflinuxfs4.yml. |
NO |
set-cpu-weight.yml |
PROMOTED: use ../set-cpu-weight.yml |
NO | |
set-cpu-weight-windows2019.yml |
CPU shares for each garden container are proportional to its memory limits. | Requires ../windows2019-cell.yml and ../use-online-windows2019fs.yml |
NO |
use-compiled-releases-windows.yml |
Reverts to source version of releases required for Windows cells | Intended for use with use-compiled-releases.yml and any of windows*-cell.yml |
YES |
use-create-swap-delete-vm-strategy.yml |
Configures the default vm_strategy to be create-swap-delete. |
Requires BOSH director v267.7+ |
NO |
disable-v2-api.yml |
Disable v2 Cloud Controller API endpoints | NO | |
disable-logs-in-firehose.yml |
Logs are not sent to dopplers, only metrics | NO | |
disable-logs-in-firehose-windows2019.yml |
Logs are not sent to dopplers, only metrics | NO | |
use-native-garden-runc-runner.yml |
Configure Garden to not create containers via containerd, using the native runner instead. | NO | |
use-trusted-ca-cert-for-apps-cflinuxfs4.yml |
Same as use-trusted-ca-cert-for-apps.yml, but for cflinuxfs4 stack |
NO |