operations/bosh-lite.yml

---
# --- Set Router Static IP ---
- type: replace
  path: /instance_groups/name=router/networks
  value:
  - name: default
    static_ips: [10.244.0.34]

# --- Add Bosh Lite Security Groups ---
- type: replace
  path: /instance_groups/name=api/jobs/name=cloud_controller_ng/properties/cc/default_running_security_groups
  value:
  - public_networks
  - dns
  - load_balancer
- type: replace
  path: /instance_groups/name=api/jobs/name=cloud_controller_ng/properties/cc/security_group_definitions/-
  value:
    name: load_balancer
    rules:
    - destination: 10.244.0.34
      protocol: all

# ----- Combine router VM extensions ----
- type: remove
  path: /instance_groups/name=scheduler/vm_extensions
- type: replace
  path: /instance_groups/name=router/vm_extensions
  value:
  - ssh-proxy-and-router-lb
- type: remove
  path: /instance_groups/name=scheduler/jobs/name=ssh_proxy
- type: replace
  path: /instance_groups/name=router/jobs/-
  value:
    name: ssh_proxy
    release: diego
    properties:
      loggregator: &diego_loggregator_client_properties
        use_v2_api: true
        ca_cert: "((loggregator_ca.certificate))"
        cert: "((loggregator_tls_agent.certificate))"
        key: "((loggregator_tls_agent.private_key))"
      diego:
        ssl:
          skip_cert_verify: true
        ssh_proxy:
          enable_cf_auth: true
          host_key: "((diego_ssh_proxy_host_key.private_key))"
          uaa_secret: "((uaa_clients_ssh-proxy_secret))"
          bbs: &5
            ca_cert: "((service_cf_internal_ca.certificate))"
            client_cert: "((diego_bbs_client.certificate))"
            client_key: "((diego_bbs_client.private_key))"

# ----- Scale Down ------
- type: replace
  path: /instance_groups/name=consul?/instances
  value: 1
- type: replace
  path: /instance_groups/name=nats/instances
  value: 1
- type: replace
  path: /instance_groups/name=diego-api/instances
  value: 1
- type: replace
  path: /instance_groups/name=uaa/instances
  value: 1
- type: replace
  path: /instance_groups/name=scheduler/instances
  value: 1
- type: replace
  path: /instance_groups/name=diego-cell/instances
  value: 1
- type: replace
  path: /instance_groups/name=diego-cell/jobs/name=rep/properties/diego/rep/evacuation_timeout_in_seconds?
  value: 0
- type: replace
  path: /instance_groups/name=router/instances
  value: 1
- type: replace
  path: /instance_groups/name=tcp-router/instances
  value: 1
- type: replace
  path: /instance_groups/name=api/instances
  value: 1
- type: replace
  path: /instance_groups/name=cc-worker/instances
  value: 1
- type: replace
  path: /instance_groups/name=adapter/instances
  value: 1
- type: replace
  path: /instance_groups/name=doppler/instances
  value: 1
- type: replace
  path: /instance_groups/name=log-api/instances
  value: 1

# ----- Reduce default app memory to 256M ------
- type: replace
  path: /instance_groups/name=api/jobs/name=cloud_controller_ng/properties/cc/default_app_memory?
  value: 256

# ----- Improve diego log format ------
- type: replace
  path: /instance_groups/name=scheduler/jobs/name=auctioneer/properties?/logging/format/timestamp
  value: "rfc3339"

- type: replace
  path: /instance_groups/name=diego-api/jobs/name=bbs/properties?/logging/format/timestamp
  value: "rfc3339"

- type: replace
  path: /instance_groups/name=diego-api/jobs/name=locket/properties?/logging/format/timestamp
  value: "rfc3339"

- type: replace
  path: /instance_groups/name=api/jobs/name=file_server/properties?/logging/format/timestamp
  value: "rfc3339"

- type: replace
  path: /instance_groups/name=diego-cell/jobs/name=rep/properties?/logging/format/timestamp
  value: "rfc3339"

- type: replace
  path: /instance_groups/name=diego-cell/jobs/name=route_emitter/properties?/logging/format/timestamp
  value: "rfc3339"

- type: replace
  path: /instance_groups/name=router/jobs/name=ssh_proxy/properties?/logging/format/timestamp
  value: "rfc3339"