Name: os-conf-release
Owner: Cloud Foundry
Description: Additional Linux OS configuration release
Created: 2016-04-14 19:03:24.0
Updated: 2018-04-23 13:46:33.0
Pushed: 2018-05-02 15:28:55.0
Size: 94
Language: Shell
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Enables configuration of a typical Linux OS:
login_banner
)user_add
)ca_certs
)search_domain
)tcp_keepalive
)sysctl
)enable_ipv6
)See https://github.com/cloudfoundry-incubator/windows-utilities-release for Windows OS configuration.
For a description of these and other functions, see jobs/
.
Include the release:
ases:
me: os-conf
rsion: latest
In this example, we use BOSH's Runtime Config to customize login banner and create two users: first, an operator user with an encrypted password; second, a backup user with an ssh-key:
ns:
name: os-configuration
jobs:
- name: login_banner
release: os-conf
properties:
login_banner:
text: |
Authorized Use Only.
Unauthorized use will be prosecuted to the fullest extent of the law.
- name: user_add
release: os-conf
properties:
persistent_homes: true
users:
- name: backup
public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDbss5XtLYRYDeV8AmouVYOHmYPxPsN4F59fZnY4kJnimM3sk5TbP0ow19GMDppQOPzAQ1TcYH4sYhpnxwq5f32XYtw12rFnO8BatHISWIdjoEjHfdA1qLIMGouWZPbGIQ1qURbfJdR9e2shS7U/WSXD+AJ9Zy0ZKTsIvlukWSX8Nsxvfn7VaAFvhgI3YPmhjV3TCEVMDsWGbBXlMq+qiJt22JEOw+3dnrvfGzRUULGznO/8y4NvVQsQc5KGnJkeQWkmlOIrhUGYwd/hMn6zQEIxkR4elmwp+pjyLR0qYLUFjpMn2GJMG7lvTzF8SzQLhzTVrjW1E3nve2eCuJ5bB6/"
shell: /bin/zsh # OPTIONAL: Defaults to `/bin/bash`
sudo: false # OPTIONAL: Defaults to `true`
In this example, we configure our BOSH deployment manifest to configure the DNS search domain to pivotal.io
and the TCP keepalive kernel settings:
ance_groups:
me: network-infrastructure
bs:
name: tcp_keepalive
release: os-conf
properties:
tcp_keepalive:
time: 120
interval: 30
probes: 8
name: search_domain
release: os-conf
properties:
search_domain: pivotal.io
In this example, we enable the IPv6 protocol (note: there are no properties for the enable_ipv6
job):
ance_groups:
me: network-infrastructure
bs:
name: enable_ipv6
release: os-conf
See manifests/
and jobs/*/spec
for more examples.