This topic describes the inputs that can be provided to the tasks, and their outputs. Each task can only take a specific set of inputs, indicated under the inputs
property of the YAML.
To get the slug needed for many of the procedures on this page, go to My Dashboard on the Broadcom Support Portal. This site requires you to log in.
The config director sets the BOSH tile (director) on Tanzu Operations Manager.
The config
input for a director task expects to have a director.yml
file. The configuration of the director.yml
is IAAS specific for some properties; that is, networking.
There are two ways to build a director config.
Using an already deployed Tanzu Operations Manager, you can extract the config using staged-director-config.
Deploying a new Tanzu Operations Manager requires more effort for a director.yml
. The configuration of director is variables, based on the features enabled. This director.yml
is a very basic example for vSphere.
---
az-configuration:
- clusters:
- cluster: cluster-name
resource_pool: resource-pool-name
name: AZ01
properties-configuration:
iaas_configuration:
vcenter_host: vcenter.example.com
vcenter_username: admin
vcenter_password: password
......
director_configuration:
blobstore_type: local
bosh_recreate_on_next_deploy: false
custom_ssh_banner: null
......
security_configuration:
generate_vm_passwords: true
trusted_certificates:
syslog_configuration:
enabled: false
network-assignment:
network:
name: INFRASTRUCTURE
other_availability_zones: []
singleton_availability_zone:
name: AZ01
networks-configuration:
icmp_checks_enabled: false
networks:
- name: NETWORK-NAME
......
resource-configuration:
compilation:
instance_type:
id: automatic
instances: automatic
......
The IAAS-specific configuration can be found in the Tanzu Operations Manager API documentation.
What follows is a list of properties that can be set in the director.yml
and a link to the API documentation explaining any IAAS specific properties.
az-configuration
- a list of availability zonesnetworks-configuration
- a list of named networksproperties-configuration
- BOSH Director configuration and properties
director_configuration
- BOSH Director propertiessecurity_configuration
- BOSH Director security propertiessyslog_configuration
- configure the syslog sinks for the BOSH Directorresource-configuration
- IAAS VM flavor for the BOSH Directorvmextensions-configuration
- create/update/delete VM extensionsSupport for Shared VPC is done by configuring the iaas_identifier
path for the infrastructure subnet, which includes the host project ID, region of the subnet, and the subnet name.
For example:
[HOST_PROJECT_ID]/[NETWORK]/[SUBNET]/[REGION]
The config
input for a download product task can be used with a download-config.yml
file to download a tile. Here are examples of the configuration of the download-config.yml
:
Broadcom Support Portal (formerly Tanzu Network)
---
pivnet-api-token: token
pivnet-file-glob: "*.pivotal" # must be quoted if starting with a *
pivnet-product-slug: product-slug
# Either product-version OR product-version-regex is required
# product-version-regex: ^1\.2\..*$ # must not be quoted
product-version: 1.2.3
# Optional
# pivnet-disable-ssl: true # default - false
# stemcell-iaas: aws # aws|azure|google|openstack|vsphere
# will attempt to download the latest stemcell
# associated with a product by default
# stemcell-version: 90.90 # specific stemcell version to download
# stemcell-heavy: true # will force download of heavy stemcell
# not available on all IaaSes
# blobstore-bucket: bucket # if set, product files will have their slug and
# version prepended. Set if the product will
# ever be stored in a blobstore
S3
---
pivnet-file-glob: "*.pivotal" # must be quoted if starting with a *
pivnet-product-slug: product-slug
blobstore-bucket: bucket-name
s3-region-name: us-west-1 # if NOT using AWS s3, value is 'region'
# Required unless `s3-auth-type: iam`
s3-access-key-id: aws-or-minio-key-id
s3-secret-access-key: aws-or-minio-secret-key
# Optional
# blobstore-product-path: /path/to/product # default - root path of bucket
# blobstore-stemcell-path: /path/to/stemcell # default - root path of bucket
# s3-disable-ssl: true # default - false
# s3-enable-v2-signing: true # available for compatibility
# s3-auth-type: iam # default - accesskey
# s3-endpoint: s3.endpoint.com # required if NOT using AWS S3
GCS
---
pivnet-file-glob: "*.pivotal" # must be quoted if starting with a *
pivnet-product-slug: product-slug
blobstore-bucket: bucket-name
gcs-project-id: project-id
gcs-service-account-json: |
{
"type": "service_account",
"project_id": "project-id",
"private_key_id": "fake-key-id",
"private_key": "-----BEGIN PRIVATE KEY-----\fake-key-----END PRIVATE KEY-----\n",
"client_email": "[email protected]",
"client_id": "123456789876543212345",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/project%40project-id.iam.gserviceaccount.com"
}
# Optional
# blobstore-product-path: /path/to/product # default - root path of bucket
# blobstore-stemcell-path: /path/to/stemcell # default - root path of bucket
Azure
---
pivnet-file-glob: "*.pivotal" # must be quoted if starting with a *
pivnet-product-slug: product-slug
blobstore-bucket: container-name
azure-storage-account: 1234567890abcdefghij
azure-storage-key: storage-access-key-from-azure-portal
# Optional
# blobstore-product-path: /path/to/product # default - root path of bucket
# blobstore-stemcell-path: /path/to/stemcell # default - root path of bucket
The config
input for a download product task can be used with a download-config.yml
file to download a stemcell. The configuration of the download-config.yml
looks like this:
---
pivnet-api-token: token
pivnet-file-glob: "*vsphere*" # must be quoted if starting with a *
pivnet-product-slug: stemcells-ubuntu-xenial
# Either product-version OR product-version-regex is required
# product-version-regex: ^250\..*$ # must not be quoted
product-version: "250.82"
# Optional
# pivnet-disable-ssl: true # default - false
# blobstore-bucket: bucket # if set, product files will have their slug and
# version prepended. Set if the product will
# ever be stored in a blobstore
The env
input for a task expects to have a env.yml
file. This file contains properties for targeting and logging into the Tanzu Operations Manager API.
basic auth
---
target: https://pcf.example.com
connect-timeout: 30 # default 5
request-timeout: 1800 # default 1800
skip-ssl-validation: false # default false
username: username
password: password
# decryption-passphrase is optional,
# except for use with `import-installation`.
# OpsMan depends on the passphrase
# to decrypt the imported installation.
# For other commands, providing this key allows
# decryption of the OpsMan VM after reboot,
# which would otherwise need to be done manually.
decryption-passphrase: passphrase
uaa auth
---
target: https://pcf.example.com
connect-timeout: 30 # default 5
request-timeout: 1800 # default 1800
skip-ssl-validation: false # default false
client-id: client_id
client-secret: client_secret
# decryption-passphrase is optional,
# except for use with `import-installation`.
# OpsMan depends on the passphrase
# to decrypt the imported installation.
# For other commands, providing this key allows
# decryption of the OpsMan VM after reboot,
# which would otherwise need to be done manually.
decryption-passphrase: passphrase
client-id
and client-secret
Tanzu Operations Manager, by preference, uses Client ID and Client Secret, if these are provided. To create a Client ID and Client Secret:
uaac target https://YOUR_OPSMANAGER/uaa
.uaac token sso get
.uaac token owner get
.opsman
and leave Client Secret blank.uaac client add -i
Client ID: NEW_CLIENT_NAME
New client secret: DESIRED_PASSWORD
Verify new client secret: DESIRED_PASSWORD
scope (list): opsman.admin
authorized grant types (list): client_credentials
authorities (list): opsman.admin
access token validity (seconds): 43200
refresh token validity (seconds): 43200
redirect uri (list):
autoapprove (list):
signup redirect url (url):
The ERRAND_CONFIG_FILE
input is used in the apply-changes
task. This file contains properties for enabling and disabling errands for a particular run of apply-changes
.
To retrieve the default configuration of your product's errands, you can use staged-config
.
The expected format for this errand config is:
errands:
sample-product-1:
run_post_deploy:
smoke_tests: default
push-app: false
run_pre_delete:
smoke_tests: true
sample-product-2:
run_post_deploy:
smoke_tests: default
The file contains the information to restore a Tanzu Operations Manager VM. The installation
input for a opsman VM task expects to have a installation.zip
file.
This file can be exported from a Tanzu Operations Manager VM using the export-installation task. This file can be imported to a Tanzu Operations Manager VM using the import-installation task.
This file cannot be manually created. It is a file that must be generated using the export function of Tanzu Operations Manager.
The config for a Tanzu Operations Manager described IAAS specific information for creating the VM; that is, VM flavor (size) and IP addresses.
The config
input for opsman task expects to have a opsman.yml
file. The configuration of the opsman.yml
is IAAS specific.
---
opsman-configuration:
aws:
region: us-west-2
vpc_subnet_id: subnet-0292bc845215c2cbf
security_group_ids: [ sg-0354f804ba7c4bc41 ]
key_pair_name: ops-manager-key # used to SSH to VM
iam_instance_profile_name: env_ops_manager
# At least one IP address (public or private) needs to be assigned to the
# VM. It is also permissible to assign both.
public_ip: 1.2.3.4 # Reserved Elastic IP
private_ip: 10.0.0.2
# Optional
# vm_name: ops-manager-vm # default - ops-manager-vm
# boot_disk_size: 100 # default - 200 (GB)
# instance_type: m5.large # default - m5.large
# NOTE - not all regions support m5.large
# assume_role: "arn:aws:iam::..." # necessary if a role is needed to authorize
# the OpsMan VM instance profile
# tags: {key: value} # key-value pair of tags assigned to the
# # Ops Manager VM
# Omit if using instance profiles
# And instance profile OR access_key/secret_access_key is required
# access_key_id: ((access-key-id))
# secret_access_key: ((secret-access-key))
# security_group_id: sg-123 # DEPRECATED - use security_group_ids
# use_instance_profile: true # DEPRECATED - will use instance profile for
# execution VM if access_key_id and
# secret_access_key are not set
# Optional Ops Manager UI Settings for upgrade-opsman
# ssl-certificate: ...
# pivotal-network-settings: ...
# banner-settings: ...
# syslog-settings: ...
# rbac-settings: ...
---
opsman-configuration:
azure:
tenant_id: 3e52862f-a01e-4b97-98d5-f31a409df682
subscription_id: 90f35f10-ea9e-4e80-aac4-d6778b995532
client_id: 5782deb6-9195-4827-83ae-a13fda90aa0d
client_secret: ((opsman-client-secret))
location: westus
resource_group: res-group
storage_account: opsman # account name of container
ssh_public_key: ssh-rsa AAAAB3NzaC1yc2EAZ... # ssh key to access VM
# Note that there are several environment-specific details in this path
# This path can reach out to other resource groups if necessary
subnet_id: /subscriptions/
/resourceGroups/
/providers/Microsoft.Network/virtualNetworks/
/subnets/
# At least one IP address (public or private) needs to be assigned # to the VM. It is also permissible to assign both. private_ip: 10.0.0.3 public_ip: 1.2.3.4 # Optional # cloud_name: AzureCloud # default - AzureCloud # storage_key: ((storage-key)) # only required if your client does not # have the needed storage permissions # container: opsmanagerimage # storage account container name # default - opsmanagerimage # network_security_group: ops-manager-security-group # vm_name: ops-manager-vm # default - ops-manager-vm # boot_disk_size: 200 # default - 200 (GB) # use_managed_disk: true # this flag is only respected by the # create-vm and upgrade-opsman commands. # set to false if you want to create # the new opsman VM with an unmanaged # disk (not recommended). default - true # storage_sku: Premium_LRS # this sets the SKU of the storage account # for the disk # Allowed values: Standard_LRS, Premium_LRS, # StandardSSD_LRS, UltraSSD_LRS # vm_size: Standard_DS1_v2 # the size of the Ops Manager VM # default - Standard_DS2_v2 # Allowed values: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/sizes-general # tags: Project=ECommerce # Space-separated tags: key[=value] [key[=value] ...]. Use '' to # clear existing tags. # vpc_subnet: /subscriptions/... # DEPRECATED - use subnet_id # use_unmanaged_disk: false # DEPRECATED - use use_managed_disk # Optional Ops Manager UI Settings for upgrade-opsman # ssl-certificate: ... # pivotal-network-settings: ... # banner-settings: ... # syslog-settings: ... # rbac-settings: ...
---
opsman-configuration:
gcp:
# Either gcp_service_account_name or gcp_service_account json is required
# You must remove whichever you don't use
gcp_service_account_name: [email protected]
gcp_service_account: ((gcp-service-account-key-json))
project: project-id
region: us-central1
zone: us-central1-b
vpc_subnet: infrastructure-subnet
# At least one IP address (public or private) needs to be assigned to the
# VM. It is also permissible to assign both.
public_ip: 1.2.3.4
private_ip: 10.0.0.2
ssh_public_key: ssh-rsa some-public-key... # RECOMMENDED, but not required
tags: ops-manager # RECOMMENDED, but not required
# Optional
# vm_name: ops-manager-vm # default - ops-manager-vm
# custom_cpu: 2 # default - 2
# custom_memory: 8 # default - 8
# boot_disk_size: 100 # default - 100
# scopes: ["my-scope"]
# hostname: custom.hostname # info: https://cloud.google.com/compute/docs/instances/custom-hostname-vm
# Optional Ops Manager UI Settings for upgrade-opsman
# ssl-certificate: ...
# pivotal-network-settings: ...
# banner-settings: ...
# syslog-settings: ...
# rbac-settings: ...
---
opsman-configuration:
openstack:
project_name: project
auth_url: http://os.example.com:5000/v2.0
username: ((opsman-openstack-username))
password: ((opsman-openstack-password))
net_id: 26a13112-b6c2-11e8-96f8-529269fb1459
security_group_name: opsman-sec-group
key_pair_name: opsman-keypair
# At least one IP address (public or private) needs to be assigned to the VM.
public_ip: 1.2.3.4 # must be an already allocated floating IP
private_ip: 10.0.0.3
# Optional
# availability_zone: zone-01
# project_domain_name: default
# user_domain_name: default
# vm_name: ops-manager-vm # default - ops-manager-vm
# flavor: m1.xlarge # default - m1.xlarge
# identity_api_version: 2 # default - 3
# insecure: true # default - false
# Optional Ops Manager UI Settings for upgrade-opsman
# ssl-certificate: ...
# pivotal-network-settings: ...
# banner-settings: ...
# syslog-settings: ...
# rbac-settings: ...
---
opsman-configuration:
vsphere:
vcenter:
ca_cert: cert # REQUIRED if insecure = 0 (secure)
datacenter: example-dc
datastore: example-ds-1
folder: /example-dc/vm/Folder # RECOMMENDED, but not required
url: vcenter.example.com
username: ((vcenter-username))
password: ((vcenter-password))
resource_pool: /example-dc/host/example-cluster/Resources/example-pool
# resource_pool can use a cluster - /example-dc/host/example-cluster
# Optional
# host: host # DEPRECATED - Platform Automation cannot guarantee
# the location of the VM, given the nature of vSphere
# insecure: 0 # default - 0 (secure) | 1 (insecure)
disk_type: thin # thin|thick
dns: 8.8.8.8
gateway: 192.168.10.1
hostname: ops-manager.example.com
netmask: 255.255.255.192
network: example-virtual-network
ntp: ntp.ubuntu.com
private_ip: 10.0.0.10
ssh_public_key: ssh-rsa ...... # REQUIRED Ops Manager >= 2.6
# Optional
# cpu: 1 # default - 1
# memory: 8 # default - 8 (GB)
# ssh_password: ((ssh-password)) # REQUIRED if ssh_public_key not defined
# (Ops Manager < 2.6 ONLY)
# vm_name: ops-manager-vm # default - ops-manager-vm
# disk_size: 200 # default - 160 (GB), only larger values allowed
# Optional Ops Manager UI Settings for upgrade-opsman
# ssl-certificate: ...
# pivotal-network-settings: ...
# banner-settings: ...
# syslog-settings: ...
# rbac-settings: ...
# These are OPTIONAL settings that can exist in your opsman.yml
# When upgrading an Ops Manager, these are configurations
# that can be updated on the Settings page in the Ops Manager UI.
# These settings can be updated with the upgrade-opsman command
# even if the Ops Manager VM is not recreated.
ssl-certificate:
certificate: |
-----BEGIN CERTIFICATE-----
certificate
-----END CERTIFICATE-----
private_key:
----BEGIN RSA PRIVATE KEY-----
private-key
-----END RSA PRIVATE KEY-----
pivotal-network-settings:
api_token: your-pivnet-token
banner-settings:
ui_banner_contents: UI Banner Contents
ssh_banner_contents: SSH Banner Contents
syslog-settings:
enabled: true
address: 1.2.3.4
port: 999
transport_protocol: tcp
tls_enabled: true
permitted_peer: "*.example.com"
ssl_ca_certificate: |
-----BEGIN CERTIFICATE-----
certificate
-----END CERTIFICATE-----
queue_size: 100000
forward_debug_logs: false
custom_rsyslog_configuration: if $message contains 'test' then stop
rbac-settings: # if your RBAC is SAML, use these settings
rbac_saml_admin_group: example_group_name
rbac_saml_groups_attribute: example_attribute_name
#rbac-settings: # if your RBAC is LDAP, replace the above
# ldap_rbac_admin_group_name: cn=opsmgradmins,ou=groups,dc=mycompany,dc=com
opsman-configuration:
aws: # azure, gcp, openstack, vsphere
...
Specific advice and features for the different IaaSs are documented below.
These required properties are adapted from the instructions outlined in Requirements and prerequisites for Tanzu Operations Manager on AWS.
At least one IP address (public or private) must be assigned to the Tanzu Operations Manager VM. Both can be assigned, if required.
For authentication, you must either set use_instance_profile: true
or provide a secret_key_id
and secret_access_key
. You must remove key information if you're using an instance profile. Using an instance profile allows you to avoid interpolation because this file then contains no secrets.
The required properties are adapted from the instructions outlined in Requirements and prerequisites for Tanzu Operations Manager on Azure.
At least one IP address (public or private) must be assigned to the Tanzu Operations Manager VM. Both can be assigned, if required.
The required properties are adapted from the instructions outlined in Requirements and prerequisites for Tanzu Operations Manager on GCP
At least one IP address (public or private) must be assigned to the Tanzu Operations Manager VM. Both can be assigned, if required.
For authentication either gcp_service_account
or gcp_service_account_name
is required. You must remove the one you are not using. Note that using gcp_service_account_name
allows you to avoid interpolation, because this file then contains no secrets.
Support for Shared VPC is done using configuring the vpc_subnet
path to include the host project id, region of the subnet, and the subnet name.
For example:
projects/[HOST_PROJECT_ID]/regions/[REGION]/subnetworks/[SUBNET]
The required properties are adapted from the instructions in Installing and configuring Tanzu Operations Manager on OpenStack
At least one IP address (public or private) must be assigned to the Tanzu Operations Manager VM. Both can be assigned, if required.
The required properties are adapted from the instructions in Installing and configuring Tanzu Operations Manager on vSphere
This file is an artifact from the Broadcom Support portal, which contains the VM image for a specific IaaS. For vSphere and OpenStack, it's a full disk image. For AWS, GCP, and Azure, it's a YAML file that lists the location of images that are already available on the IaaS.
These are examples to download the image artifact for each IaaS using the download-product task.
AWS
---
pivnet-api-token: ((pivnet_token))
pivnet-file-glob: "ops-manager-aws*.yml"
pivnet-product-slug: ops-manager
product-version-regex: ^2\.5\.\d+$
Azure
---
pivnet-api-token: ((pivnet_token))
pivnet-file-glob: "ops-manager-azure*.yml"
pivnet-product-slug: ops-manager
product-version-regex: ^2\.5\.\d+$
GCP
---
pivnet-api-token: ((pivnet_token))
pivnet-file-glob: "ops-manager-gcp*.yml"
pivnet-product-slug: ops-manager
product-version-regex: ^2\.5\.\d+$
OpenStack
---
pivnet-api-token: ((pivnet_token))
pivnet-file-glob: "ops-manager-openstack*.raw"
pivnet-product-slug: ops-manager
product-version-regex: ^2\.5\.\d+$
vSphere
---
pivnet-api-token: ((pivnet_token))
pivnet-file-glob: "ops-manager-vsphere*.ova"
pivnet-product-slug: ops-manager
product-version-regex: ^2\.5\.\d+$
The p-automator
CLI includes the ability to extract the Tanzu Operations Manager VM configuration (GCP, AWS, Azure, and VSphere). This works for Tanzu Operations Managers that are already running. It is useful when migrating to automation.
Usage:
docker
to run the p-automation
locally. See Running commands locally.p-automator
CLI to get the configuration.For example, on AWS with an access key and secret key:
docker run -it --rm -v $PWD:/workspace -w /workspace platform-automation-image \
p-automator export-opsman-config \
--state-file=state.yml \
--aws-region=us-west-1 \
--aws-secret-access-key some-secret-key \
--aws-access-key-id some-access-key
The outputted opsman.yml
contains the information needed for Platform Automation Toolkit to manage the Tanzu Operations Manager VM.
- task: download-opsman-image
image: platform-automation-image
file: platform-automation-tasks/tasks/download-product.yml
params:
CONFIG_FILE: opsman.yml
The product
input requires a single tile file (.pivotal
) as downloaded from the Broadcom Support portal.
Here's an example of how to pull the Tanzu Application Service tile using the download-product task.
---
pivnet-api-token: token
pivnet-file-glob: "cf-*.pivotal"
pivnet-product-slug: elastic-runtime
product-version-regex: ^2\.6\..*$
- task: download-stemcell
image: platform-automation-image
file: platform-automation-tasks/tasks/download-product.yml
params:
CONFIG_FILE: product.yml
This file cannot be manually created. This file must retrieved from the Broadcom Support portal.
There are two ways to build a product config.
product.yml
is a very basic example for healthwatch
.
---
product-properties:
.healthwatch-forwarder.bosh_taskcheck_username:
value: admin
.healthwatch-forwarder.boshhealth_instance_count:
value: 1
.healthwatch-forwarder.boshtasks_instance_count:
value: 2
.healthwatch-forwarder.canary_instance_count:
value: 2
.healthwatch-forwarder.cli_instance_count:
value: 2
.healthwatch-forwarder.health_check_az:
value: AZ01
.healthwatch-forwarder.ingestor_instance_count:
value: 4
.healthwatch-forwarder.opsman_instance_count:
value: 2
.healthwatch-forwarder.publish_to_eva:
value: true
.healthwatch-forwarder.worker_instance_count:
value: 4
.mysql.skip_name_resolve:
value: true
.properties.opsman:
value: enable
.properties.opsman.enable.url:
value: https://pcf.example.com/
network-properties:
network:
name: DEPLOYMENT
other_availability_zones:
- name: AZ01
- name: AZ02
service_network:
name: SERVICES
singleton_availability_zone:
name: AZ01
resource-config:
healthwatch-forwarder:
instances: automatic
persistent_disk:
size_mb: automatic
instance_type:
id: automatic
migrate-v1.1-v1.2:
instances: automatic
instance_type:
id: automatic
mysql:
instances: automatic
persistent_disk:
size_mb: automatic
instance_type:
id: automatic
redis:
instances: automatic
persistent_disk:
size_mb: automatic
instance_type:
id: automatic
The following is a list of properties that can be set in the product.yml
and a link to the API documentation explaining the properties.
product-properties
- Tanzu Operations Manager tile properties
network-properties
- a list of Tanzu Operations Manager named networks
resource-config
- for the jobs of the Tanzu Operations Manager tileThis file contains the meta-information needed to manage the Tanzu Operations Manager VM. The state
input for a opsman VM task expects to have a state.yml
file.
The state.yml
file contains two properties:
iaas
is the IAAS the Tanzu Operations Manager VM is hosted on. (gcp
, vsphere
, aws
, azure
, openstack
)
vm_id
is the VM unique identifier for the VM. For some IAAS, the VM ID is the VM name.
Different IaaS uniquely identify VMs differently; here are examples for what this file should look like, depending on your IAAS:
AWS
iaas: aws
# Instance ID of the AWS VM
vm_id: i-12345678987654321
Azure
iaas: azure
# Computer Name of the Azure VM
vm_id: vm_name
GCP
iaas: gcp
# Name of the VM in GCP
vm_id: vm_name
OpenStack
iaas: openstack
# Instance ID from the OpenStack Overview
vm_id: 12345678-9876-5432-1abc-defghijklmno
vSphere
iaas: vsphere
# Path to the VM in vCenter
vm_id: /datacenter/vm/folder/vm_name
This stemcell
input requires the stemcell tarball (.tgz
) as downloaded from the Broadcom Support portal. It must be in the original filename as that is used by Tanzu Operations Manager to parse metadata. The filename might look something like bosh-stemcell-621.76-vsphere-esxi-ubuntu-xenial-go_agent.tgz
.
This file cannot be manually created. This file must retrieved from the Broadcom Support portal.
Here's an example of how to pull the vSphere stemcell using the download-product task.
AWS
---
pivnet-api-token: token
pivnet-file-glob: "bosh-stemcell-*-aws*.tgz"
pivnet-product-slug: stemcells-ubuntu-xenial
product-version-regex: ^170\..*$
Azure
---
pivnet-api-token: token
pivnet-file-glob: "bosh-stemcell-*-azure*.tgz"
pivnet-product-slug: stemcells-ubuntu-xenial
product-version-regex: ^170\..*$
GCP
---
pivnet-api-token: token
pivnet-file-glob: "bosh-stemcell-*-google*.tgz"
pivnet-product-slug: stemcells-ubuntu-xenial
product-version-regex: ^170\..*$
OpenStack
---
pivnet-api-token: token
pivnet-file-glob: "bosh-stemcell-*-openstack*.tgz"
pivnet-product-slug: stemcells-ubuntu-xenial
product-version-regex: ^170\..*$
vSphere
---
pivnet-api-token: token
pivnet-file-glob: "bosh-stemcell-*-vsphere*.tgz"
pivnet-product-slug: stemcells-ubuntu-xenial
product-version-regex: ^170\..*$
- task: download-stemcell
image: platform-automation-image
file: platform-automation-tasks/tasks/download-product.yml
params:
CONFIG_FILE: stemcell.yml
This artifact is an output of download-product
located in the assign-stemcell-config
output directory.
This file should resemble the following:
product: cf
stemcell: "97.190"
The config
input for the collect-telemetry task can be used with a telemetry.yml
file to collect data for VMware so that VMware staff can learn and measure results to help put customer experience at the forefront of their product decisions. The configuration of the telemetry.yml
looks like this:
---
env-type: sandbox # sandbox|development|qa|pre-production|production
# Usage Service (Recommended)
cf-api-url: # UAA authentication to access Usage Service
usage-service-url:
usage-service-client-id:
usage-service-client-secret:
usage-service-insecure-skip-tls-verify:
# CredHub (Optional)
# with-credhub-info: # include CredHub certificate expiry information