Task inputs and outputs
This topic describes the inputs that can be provided to the tasks, and their outputs. Each task can only take a specific set of inputs, indicated under the inputs property of the YAML.
To get the slug needed for many of the procedures on this page, go to My Dashboard on the Broadcom Support Portal. This site requires you to log in.
director config
The config director sets the BOSH tile (director) on Tanzu Operations Manager.
The config input for a director task expects to have a director.yml file. The configuration of the director.yml is IAAS specific for some properties; that is, networking.
There are two ways to build a director config.
Using an already deployed Tanzu Operations Manager, you can extract the config using staged-director-config.
Deploying a new Tanzu Operations Manager requires more effort for a
director.yml. The configuration of director is variables, based on the features enabled. Thisdirector.ymlis a very basic example for vSphere.--- az-configuration: - clusters: - cluster: cluster-name resource_pool: resource-pool-name name: AZ01 properties-configuration: iaas_configuration: vcenter_host: vcenter.example.com vcenter_username: admin vcenter_password: password ...... director_configuration: blobstore_type: local bosh_recreate_on_next_deploy: false custom_ssh_banner: null ...... security_configuration: generate_vm_passwords: true trusted_certificates: syslog_configuration: enabled: false network-assignment: network: name: INFRASTRUCTURE other_availability_zones: [] singleton_availability_zone: name: AZ01 networks-configuration: icmp_checks_enabled: false networks: - name: NETWORK-NAME ...... resource-configuration: compilation: instance_type: id: automatic instances: automatic ......
The IAAS-specific configuration can be found in the Tanzu Operations Manager API documentation.
What follows is a list of properties that can be set in the director.yml and a link to the API documentation explaining any IAAS specific properties.
az-configuration- a list of availability zonesnetworks-configuration- a list of named networksproperties-configuration- BOSH Director configuration and propertiesdirector_configuration- BOSH Director propertiessecurity_configuration- BOSH Director security propertiessyslog_configuration- configure the syslog sinks for the BOSH Director
resource-configuration- IAAS VM flavor for the BOSH Directorvmextensions-configuration- create/update/delete VM extensions
GCP Shared VPC
Support for Shared VPC is done by configuring the iaas_identifier path for the infrastructure subnet, which includes the host project ID, region of the subnet, and the subnet name.
For example:
[HOST_PROJECT_ID]/[NETWORK]/[SUBNET]/[REGION]
download-product-config
The config input for a download product task can be used with a download-config.yml file to download a tile. Here are examples of the configuration of the download-config.yml:
Broadcom Support Portal (formerly Tanzu Network)
---
pivnet-api-token: token
pivnet-file-glob: "*.pivotal" # must be quoted if starting with a *
pivnet-product-slug: product-slug
# Either product-version OR product-version-regex is required
# product-version-regex: ^1\.2\..*$ # must not be quoted
product-version: 1.2.3
# Optional
# pivnet-disable-ssl: true # default - false
# stemcell-iaas: aws # aws|azure|google|openstack|vsphere
# will attempt to download the latest stemcell
# associated with a product by default
# stemcell-version: 90.90 # specific stemcell version to download
# stemcell-heavy: true # will force download of heavy stemcell
# not available on all IaaSes
# blobstore-bucket: bucket # if set, product files will have their slug and
# version prepended. Set if the product will
# ever be stored in a blobstore
S3
---
pivnet-file-glob: "*.pivotal" # must be quoted if starting with a *
pivnet-product-slug: product-slug
blobstore-bucket: bucket-name
s3-region-name: us-west-1 # if NOT using AWS s3, value is 'region'
# Required unless `s3-auth-type: iam`
s3-access-key-id: aws-or-minio-key-id
s3-secret-access-key: aws-or-minio-secret-key
# Optional
# blobstore-product-path: /path/to/product # default - root path of bucket
# blobstore-stemcell-path: /path/to/stemcell # default - root path of bucket
# s3-disable-ssl: true # default - false
# s3-enable-v2-signing: true # available for compatibility
# s3-auth-type: iam # default - accesskey
# s3-endpoint: s3.endpoint.com # required if NOT using AWS S3
GCS
---
pivnet-file-glob: "*.pivotal" # must be quoted if starting with a *
pivnet-product-slug: product-slug
blobstore-bucket: bucket-name
gcs-project-id: project-id
gcs-service-account-json: |
{
"type": "service_account",
"project_id": "project-id",
"private_key_id": "fake-key-id",
"private_key": "-----BEGIN PRIVATE KEY-----\fake-key-----END PRIVATE KEY-----\n",
"client_email": "[email protected]",
"client_id": "123456789876543212345",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/project%40project-id.iam.gserviceaccount.com"
}
# Optional
# blobstore-product-path: /path/to/product # default - root path of bucket
# blobstore-stemcell-path: /path/to/stemcell # default - root path of bucket
Azure
---
pivnet-file-glob: "*.pivotal" # must be quoted if starting with a *
pivnet-product-slug: product-slug
blobstore-bucket: container-name
azure-storage-account: 1234567890abcdefghij
azure-storage-key: storage-access-key-from-azure-portal
# Optional
# blobstore-product-path: /path/to/product # default - root path of bucket
# blobstore-stemcell-path: /path/to/stemcell # default - root path of bucket
download-stemcell-product-config
The config input for a download product task can be used with a download-config.yml file to download a stemcell. The configuration of the download-config.yml looks like this:
---
pivnet-api-token: token
pivnet-file-glob: "*vsphere*" # must be quoted if starting with a *
pivnet-product-slug: stemcells-ubuntu-xenial
# Either product-version OR product-version-regex is required
# product-version-regex: ^250\..*$ # must not be quoted
product-version: "250.82"
# Optional
# pivnet-disable-ssl: true # default - false
# blobstore-bucket: bucket # if set, product files will have their slug and
# version prepended. Set if the product will
# ever be stored in a blobstore
env
The env input for a task expects to have a env.yml file. This file contains properties for targeting and logging into the Tanzu Operations Manager API.
basic auth
---
target: https://pcf.example.com
connect-timeout: 30 # default 5
request-timeout: 1800 # default 1800
skip-ssl-validation: false # default false
username: username
password: password
# decryption-passphrase is optional,
# except for use with `import-installation`.
# OpsMan depends on the passphrase
# to decrypt the imported installation.
# For other commands, providing this key allows
# decryption of the OpsMan VM after reboot,
# which would otherwise need to be done manually.
decryption-passphrase: passphrase
uaa auth
---
target: https://pcf.example.com
connect-timeout: 30 # default 5
request-timeout: 1800 # default 1800
skip-ssl-validation: false # default false
client-id: client_id
client-secret: client_secret
# decryption-passphrase is optional,
# except for use with `import-installation`.
# OpsMan depends on the passphrase
# to decrypt the imported installation.
# For other commands, providing this key allows
# decryption of the OpsMan VM after reboot,
# which would otherwise need to be done manually.
decryption-passphrase: passphrase
Getting the client-id and client-secret
Tanzu Operations Manager, by preference, uses Client ID and Client Secret, if these are provided. To create a Client ID and Client Secret:
- Add
uaac target https://YOUR_OPSMANAGER/uaa. - If you are using SAML,
uaac token sso get. - If you are using basic auth, add
uaac token owner get. - Specify the Client ID as
opsmanand leave Client Secret blank. - Generate a client ID and secret.
uaac client add -i
Client ID: NEW_CLIENT_NAME
New client secret: DESIRED_PASSWORD
Verify new client secret: DESIRED_PASSWORD
scope (list): opsman.admin
authorized grant types (list): client_credentials
authorities (list): opsman.admin
access token validity (seconds): 43200
refresh token validity (seconds): 43200
redirect uri (list):
autoapprove (list):
signup redirect url (url):
errand config
The ERRAND_CONFIG_FILE input is used in the apply-changes task. This file contains properties for enabling and disabling errands for a particular run of apply-changes.
To retrieve the default configuration of your product's errands, you can use staged-config.
The expected format for this errand config is:
errands:
sample-product-1:
run_post_deploy:
smoke_tests: default
push-app: false
run_pre_delete:
smoke_tests: true
sample-product-2:
run_post_deploy:
smoke_tests: default
installation
The file contains the information to restore a Tanzu Operations Manager VM. The installation input for a opsman VM task expects to have a installation.zip file.
This file can be exported from a Tanzu Operations Manager VM using the export-installation task. This file can be imported to a Tanzu Operations Manager VM using the import-installation task.
This file cannot be manually created. It is a file that must be generated using the export function of Tanzu Operations Manager.
Tanzu Operations Manager config
The config for a Tanzu Operations Manager described IAAS specific information for creating the VM; that is, VM flavor (size) and IP addresses.
The config input for opsman task expects to have a opsman.yml file. The configuration of the opsman.yml is IAAS specific.
AWS
---
opsman-configuration:
aws:
region: us-west-2
vpc_subnet_id: subnet-0292bc845215c2cbf
security_group_ids: [ sg-0354f804ba7c4bc41 ]
key_pair_name: ops-manager-key # used to SSH to VM
iam_instance_profile_name: env_ops_manager
# At least one IP address (public or private) needs to be assigned to the
# VM. It is also permissible to assign both.
public_ip: 1.2.3.4 # Reserved Elastic IP
private_ip: 10.0.0.2
# Optional
# vm_name: ops-manager-vm # default - ops-manager-vm
# boot_disk_size: 100 # default - 200 (GB)
# instance_type: m5.large # default - m5.large
# NOTE - not all regions support m5.large
# assume_role: "arn:aws:iam::..." # necessary if a role is needed to authorize
# the OpsMan VM instance profile
# tags: {key: value} # key-value pair of tags assigned to the
# # Ops Manager VM
# Omit if using instance profiles
# And instance profile OR access_key/secret_access_key is required
# access_key_id: ((access-key-id))
# secret_access_key: ((secret-access-key))
# security_group_id: sg-123 # DEPRECATED - use security_group_ids
# use_instance_profile: true # DEPRECATED - will use instance profile for
# execution VM if access_key_id and
# secret_access_key are not set
# Optional Ops Manager UI Settings for upgrade-opsman
# ssl-certificate: ...
# pivotal-network-settings: ...
# banner-settings: ...
# syslog-settings: ...
# rbac-settings: ...
Azure
---
opsman-configuration:
azure:
tenant_id: 3e52862f-a01e-4b97-98d5-f31a409df682
subscription_id: 90f35f10-ea9e-4e80-aac4-d6778b995532
client_id: 5782deb6-9195-4827-83ae-a13fda90aa0d
client_secret: ((opsman-client-secret))
location: westus
resource_group: res-group
storage_account: opsman # account name of container
ssh_public_key: ssh-rsa AAAAB3NzaC1yc2EAZ... # ssh key to access VM
# Note that there are several environment-specific details in this path
# This path can reach out to other resource groups if necessary
subnet_id: /subscriptions/
/resourceGroups/
/providers/Microsoft.Network/virtualNetworks/
/subnets/
# At least one IP address (public or private) needs to be assigned # to the VM. It is also permissible to assign both. private_ip: 10.0.0.3 public_ip: 1.2.3.4 # Optional # cloud_name: AzureCloud # default - AzureCloud # storage_key: ((storage-key)) # only required if your client does not # have the needed storage permissions # container: opsmanagerimage # storage account container name # default - opsmanagerimage # network_security_group: ops-manager-security-group # vm_name: ops-manager-vm # default - ops-manager-vm # boot_disk_size: 200 # default - 200 (GB) # use_managed_disk: true # this flag is only respected by the # create-vm and upgrade-opsman commands. # set to false if you want to create # the new opsman VM with an unmanaged # disk (not recommended). default - true # storage_sku: Premium_LRS # this sets the SKU of the storage account # for the disk # Allowed values: Standard_LRS, Premium_LRS, # StandardSSD_LRS, UltraSSD_LRS # vm_size: Standard_DS1_v2 # the size of the Ops Manager VM # default - Standard_DS2_v2 # Allowed values: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/sizes-general # tags: Project=ECommerce # Space-separated tags: key[=value] [key[=value] ...]. Use '' to # clear existing tags. # vpc_subnet: /subscriptions/... # DEPRECATED - use subnet_id # use_unmanaged_disk: false # DEPRECATED - use use_managed_disk # Optional Ops Manager UI Settings for upgrade-opsman # ssl-certificate: ... # pivotal-network-settings: ... # banner-settings: ... # syslog-settings: ... # rbac-settings: ...
GCP
---
opsman-configuration:
gcp:
# Either gcp_service_account_name or gcp_service_account json is required
# You must remove whichever you don't use
gcp_service_account_name: [email protected]
gcp_service_account: ((gcp-service-account-key-json))
project: project-id
region: us-central1
zone: us-central1-b
vpc_subnet: infrastructure-subnet
# At least one IP address (public or private) needs to be assigned to the
# VM. It is also permissible to assign both.
public_ip: 1.2.3.4
private_ip: 10.0.0.2
ssh_public_key: ssh-rsa some-public-key... # RECOMMENDED, but not required
tags: ops-manager # RECOMMENDED, but not required
# Optional
# vm_name: ops-manager-vm # default - ops-manager-vm
# custom_cpu: 2 # default - 2
# custom_memory: 8 # default - 8
# boot_disk_size: 100 # default - 100
# scopes: ["my-scope"]
# hostname: custom.hostname # info: https://cloud.google.com/compute/docs/instances/custom-hostname-vm
# Optional Ops Manager UI Settings for upgrade-opsman
# ssl-certificate: ...
# pivotal-network-settings: ...
# banner-settings: ...
# syslog-settings: ...
# rbac-settings: ...
Openstack
---
opsman-configuration:
openstack:
project_name: project
auth_url: http://os.example.com:5000/v2.0
username: ((opsman-openstack-username))
password: ((opsman-openstack-password))
net_id: 26a13112-b6c2-11e8-96f8-529269fb1459
security_group_name: opsman-sec-group
key_pair_name: opsman-keypair
# At least one IP address (public or private) needs to be assigned to the VM.
public_ip: 1.2.3.4 # must be an already allocated floating IP
private_ip: 10.0.0.3
# Optional
# availability_zone: zone-01
# project_domain_name: default
# user_domain_name: default
# vm_name: ops-manager-vm # default - ops-manager-vm
# flavor: m1.xlarge # default - m1.xlarge
# identity_api_version: 2 # default - 3
# insecure: true # default - false
# Optional Ops Manager UI Settings for upgrade-opsman
# ssl-certificate: ...
# pivotal-network-settings: ...
# banner-settings: ...
# syslog-settings: ...
# rbac-settings: ...
vSphere
---
opsman-configuration:
vsphere:
vcenter:
ca_cert: cert # REQUIRED if insecure = 0 (secure)
datacenter: example-dc
datastore: example-ds-1
folder: /example-dc/vm/Folder # RECOMMENDED, but not required
url: vcenter.example.com
username: ((vcenter-username))
password: ((vcenter-password))
resource_pool: /example-dc/host/example-cluster/Resources/example-pool
# resource_pool can use a cluster - /example-dc/host/example-cluster
# Optional
# host: host # DEPRECATED - Platform Automation cannot guarantee
# the location of the VM, given the nature of vSphere
# insecure: 0 # default - 0 (secure) | 1 (insecure)
disk_type: thin # thin|thick
dns: 8.8.8.8
gateway: 192.168.10.1
hostname: ops-manager.example.com
netmask: 255.255.255.192
network: example-virtual-network
ntp: ntp.ubuntu.com
private_ip: 10.0.0.10
ssh_public_key: ssh-rsa ...... # REQUIRED Ops Manager >= 2.6
# Optional
# cpu: 1 # default - 1
# memory: 8 # default - 8 (GB)
# ssh_password: ((ssh-password)) # REQUIRED if ssh_public_key not defined
# (Ops Manager < 2.6 ONLY)
# vm_name: ops-manager-vm # default - ops-manager-vm
# disk_size: 200 # default - 160 (GB), only larger values allowed
# Optional Ops Manager UI Settings for upgrade-opsman
# ssl-certificate: ...
# pivotal-network-settings: ...
# banner-settings: ...
# syslog-settings: ...
# rbac-settings: ...
Additional settings
# These are OPTIONAL settings that can exist in your opsman.yml
# When upgrading an Ops Manager, these are configurations
# that can be updated on the Settings page in the Ops Manager UI.
# These settings can be updated with the upgrade-opsman command
# even if the Ops Manager VM is not recreated.
ssl-certificate:
certificate: |
-----BEGIN CERTIFICATE-----
certificate
-----END CERTIFICATE-----
private_key:
----BEGIN RSA PRIVATE KEY-----
private-key
-----END RSA PRIVATE KEY-----
pivotal-network-settings:
api_token: your-pivnet-token
banner-settings:
ui_banner_contents: UI Banner Contents
ssh_banner_contents: SSH Banner Contents
syslog-settings:
enabled: true
address: 1.2.3.4
port: 999
transport_protocol: tcp
tls_enabled: true
permitted_peer: "*.example.com"
ssl_ca_certificate: |
-----BEGIN CERTIFICATE-----
certificate
-----END CERTIFICATE-----
queue_size: 100000
forward_debug_logs: false
custom_rsyslog_configuration: if $message contains 'test' then stop
rbac-settings: # if your RBAC is SAML, use these settings
rbac_saml_admin_group: example_group_name
rbac_saml_groups_attribute: example_attribute_name
#rbac-settings: # if your RBAC is LDAP, replace the above
# ldap_rbac_admin_group_name: cn=opsmgradmins,ou=groups,dc=mycompany,dc=com
opsman-configuration:
aws: # azure, gcp, openstack, vsphere
...
Specific advice and features for the different IaaSs are documented below.
AWS
These required properties are adapted from the instructions outlined in Requirements and prerequisites for Tanzu Operations Manager on AWS.
At least one IP address (public or private) must be assigned to the Tanzu Operations Manager VM. Both can be assigned, if required.
For authentication, you must either set use_instance_profile: true or provide a secret_key_id and secret_access_key. You must remove key information if you're using an instance profile. Using an instance profile allows you to avoid interpolation because this file then contains no secrets.
Azure
The required properties are adapted from the instructions outlined in Requirements and prerequisites for Tanzu Operations Manager on Azure.
At least one IP address (public or private) must be assigned to the Tanzu Operations Manager VM. Both can be assigned, if required.
GCP
The required properties are adapted from the instructions outlined in Requirements and prerequisites for Tanzu Operations Manager on GCP
At least one IP address (public or private) must be assigned to the Tanzu Operations Manager VM. Both can be assigned, if required.
For authentication either gcp_service_account or gcp_service_account_name is required. You must remove the one you are not using. Note that using gcp_service_account_name allows you to avoid interpolation, because this file then contains no secrets.
Support for Shared VPC is done using configuring the vpc_subnet path to include the host project id, region of the subnet, and the subnet name.
For example:
projects/[HOST_PROJECT_ID]/regions/[REGION]/subnetworks/[SUBNET]
OpenStack
The required properties are adapted from the instructions in Installing and configuring Tanzu Operations Manager on OpenStack
At least one IP address (public or private) must be assigned to the Tanzu Operations Manager VM. Both can be assigned, if required.
vSphere
The required properties are adapted from the instructions in Installing and configuring Tanzu Operations Manager on vSphere
opsman image
This file is an artifact from the Broadcom Support portal, which contains the VM image for a specific IaaS. For vSphere and OpenStack, it's a full disk image. For AWS, GCP, and Azure, it's a YAML file that lists the location of images that are already available on the IaaS.
These are examples to download the image artifact for each IaaS using the download-product task.
opsman.yml
AWS
---
pivnet-api-token: ((pivnet_token))
pivnet-file-glob: "ops-manager-aws*.yml"
pivnet-product-slug: ops-manager
product-version-regex: ^2\.5\.\d+$
Azure
---
pivnet-api-token: ((pivnet_token))
pivnet-file-glob: "ops-manager-azure*.yml"
pivnet-product-slug: ops-manager
product-version-regex: ^2\.5\.\d+$
GCP
---
pivnet-api-token: ((pivnet_token))
pivnet-file-glob: "ops-manager-gcp*.yml"
pivnet-product-slug: ops-manager
product-version-regex: ^2\.5\.\d+$
OpenStack
---
pivnet-api-token: ((pivnet_token))
pivnet-file-glob: "ops-manager-openstack*.raw"
pivnet-product-slug: ops-manager
product-version-regex: ^2\.5\.\d+$
vSphere
---
pivnet-api-token: ((pivnet_token))
pivnet-file-glob: "ops-manager-vsphere*.ova"
pivnet-product-slug: ops-manager
product-version-regex: ^2\.5\.\d+$
The p-automator CLI includes the ability to extract the Tanzu Operations Manager VM configuration (GCP, AWS, Azure, and VSphere). This works for Tanzu Operations Managers that are already running. It is useful when migrating to automation.
Usage:
- Get the Platform Automation Toolkit image from the Broadcom Support portal.
- Import the image into
dockerto run thep-automationlocally. See Running commands locally. - Create a state file that represents your current VM and IAAS.
- Invoke the
p-automatorCLI to get the configuration.
For example, on AWS with an access key and secret key:
docker run -it --rm -v $PWD:/workspace -w /workspace platform-automation-image \
p-automator export-opsman-config \
--state-file=state.yml \
--aws-region=us-west-1 \
--aws-secret-access-key some-secret-key \
--aws-access-key-id some-access-key
The outputted opsman.yml contains the information needed for Platform Automation Toolkit to manage the Tanzu Operations Manager VM.
download-product task
- task: download-opsman-image
image: platform-automation-image
file: platform-automation-tasks/tasks/download-product.yml
params:
CONFIG_FILE: opsman.yml
product
The product input requires a single tile file (.pivotal) as downloaded from the Broadcom Support portal.
Here's an example of how to pull the Tanzu Application Service tile using the download-product task.
product.yml
---
pivnet-api-token: token
pivnet-file-glob: "cf-*.pivotal"
pivnet-product-slug: elastic-runtime
product-version-regex: ^2\.6\..*$
download-product task
- task: download-stemcell
image: platform-automation-image
file: platform-automation-tasks/tasks/download-product.yml
params:
CONFIG_FILE: product.yml
This file cannot be manually created. This file must retrieved from the Broadcom Support portal.
product config
There are two ways to build a product config.
- Using an already deployed product (tile), you can extract the config using staged-config.
- Use an example and fill in the values based on the meta information from the tile. This
product.ymlis a very basic example forhealthwatch.
---
product-properties:
.healthwatch-forwarder.bosh_taskcheck_username:
value: admin
.healthwatch-forwarder.boshhealth_instance_count:
value: 1
.healthwatch-forwarder.boshtasks_instance_count:
value: 2
.healthwatch-forwarder.canary_instance_count:
value: 2
.healthwatch-forwarder.cli_instance_count:
value: 2
.healthwatch-forwarder.health_check_az:
value: AZ01
.healthwatch-forwarder.ingestor_instance_count:
value: 4
.healthwatch-forwarder.opsman_instance_count:
value: 2
.healthwatch-forwarder.publish_to_eva:
value: true
.healthwatch-forwarder.worker_instance_count:
value: 4
.mysql.skip_name_resolve:
value: true
.properties.opsman:
value: enable
.properties.opsman.enable.url:
value: https://pcf.example.com/
network-properties:
network:
name: DEPLOYMENT
other_availability_zones:
- name: AZ01
- name: AZ02
service_network:
name: SERVICES
singleton_availability_zone:
name: AZ01
resource-config:
healthwatch-forwarder:
instances: automatic
persistent_disk:
size_mb: automatic
instance_type:
id: automatic
migrate-v1.1-v1.2:
instances: automatic
instance_type:
id: automatic
mysql:
instances: automatic
persistent_disk:
size_mb: automatic
instance_type:
id: automatic
redis:
instances: automatic
persistent_disk:
size_mb: automatic
instance_type:
id: automatic
The following is a list of properties that can be set in the product.yml and a link to the API documentation explaining the properties.
product-properties- Tanzu Operations Manager tile propertiesnetwork-properties- a list of Tanzu Operations Manager named networks
resource-config- for the jobs of the Tanzu Operations Manager tile
state
This file contains the meta-information needed to manage the Tanzu Operations Manager VM. The state input for a opsman VM task expects to have a state.yml file.
The state.yml file contains two properties:
iaasis the IAAS the Tanzu Operations Manager VM is hosted on. (gcp,vsphere,aws,azure,openstack)vm_idis the VM unique identifier for the VM. For some IAAS, the VM ID is the VM name.Different IaaS uniquely identify VMs differently; here are examples for what this file should look like, depending on your IAAS:
AWS
iaas: aws # Instance ID of the AWS VM vm_id: i-12345678987654321Azure
iaas: azure # Computer Name of the Azure VM vm_id: vm_nameGCP
iaas: gcp # Name of the VM in GCP vm_id: vm_nameOpenStack
iaas: openstack # Instance ID from the OpenStack Overview vm_id: 12345678-9876-5432-1abc-defghijklmnovSphere
iaas: vsphere # Path to the VM in vCenter vm_id: /datacenter/vm/folder/vm_name
stemcell
This stemcell input requires the stemcell tarball (.tgz) as downloaded from the Broadcom Support portal. It must be in the original filename as that is used by Tanzu Operations Manager to parse metadata. The filename might look something like bosh-stemcell-621.76-vsphere-esxi-ubuntu-xenial-go_agent.tgz.
This file cannot be manually created. This file must retrieved from the Broadcom Support portal.
Here's an example of how to pull the vSphere stemcell using the download-product task.
stemcell.yml
AWS
---
pivnet-api-token: token
pivnet-file-glob: "bosh-stemcell-*-aws*.tgz"
pivnet-product-slug: stemcells-ubuntu-xenial
product-version-regex: ^170\..*$
Azure
---
pivnet-api-token: token
pivnet-file-glob: "bosh-stemcell-*-azure*.tgz"
pivnet-product-slug: stemcells-ubuntu-xenial
product-version-regex: ^170\..*$
GCP
---
pivnet-api-token: token
pivnet-file-glob: "bosh-stemcell-*-google*.tgz"
pivnet-product-slug: stemcells-ubuntu-xenial
product-version-regex: ^170\..*$
OpenStack
---
pivnet-api-token: token
pivnet-file-glob: "bosh-stemcell-*-openstack*.tgz"
pivnet-product-slug: stemcells-ubuntu-xenial
product-version-regex: ^170\..*$
vSphere
---
pivnet-api-token: token
pivnet-file-glob: "bosh-stemcell-*-vsphere*.tgz"
pivnet-product-slug: stemcells-ubuntu-xenial
product-version-regex: ^170\..*$
download-product task
- task: download-stemcell
image: platform-automation-image
file: platform-automation-tasks/tasks/download-product.yml
params:
CONFIG_FILE: stemcell.yml
assign-stemcell-task
This artifact is an output of download-product located in the assign-stemcell-config output directory.
This file should resemble the following:
product: cf
stemcell: "97.190"
telemetry
The config input for the collect-telemetry task can be used with a telemetry.yml file to collect data for VMware so that VMware staff can learn and measure results to help put customer experience at the forefront of their product decisions. The configuration of the telemetry.yml looks like this:
---
env-type: sandbox # sandbox|development|qa|pre-production|production
# Usage Service (Recommended)
cf-api-url: # UAA authentication to access Usage Service
usage-service-url:
usage-service-client-id:
usage-service-client-secret:
usage-service-insecure-skip-tls-verify:
# CredHub (Optional)
# with-credhub-info: # include CredHub certificate expiry information
