├── .DS_Store ├── LEGAL.txt ├── LICENSE ├── README.md ├── _c2c_overlay.html.md.erb ├── _default_asg.html.md.erb ├── _gorouter_client_cert_pcf.html.md.erb ├── _lb_health_check.html.md.erb ├── _pcf_sharding.html.md.erb ├── _ssl_termin_gorouter_lb_pcf.html.md.erb ├── _ssl_termin_gorouter_pcf.html.md.erb ├── _ssl_termin_haproxy_pcf.html.md.erb ├── _ssl_termin_lb_only_pcf.html.md.erb ├── _tasks_rec_alloc_pcf.html.md.erb ├── _tcp_port_review.html.md.erb ├── adfs-sso-configuration.html.md.erb ├── auditing-ops-man.html.md.erb ├── config-rbac.html.md.erb ├── images ├── .DS_Store ├── ADFS-PCF-SSO-Runbook.pdf ├── CASM-PivotalCloudFoundryFederationRunbook-ver1.0.pdf ├── PingFederate-PCF-SSO-Runbook.pdf ├── accounting-report.png ├── add-key.png ├── app-usage-service.png ├── cloud-controller.png ├── config-apps-man.png ├── config_tab.psd ├── credhub-db-internal-external.png ├── credhub-external-db-config.png ├── credhub-hsm-config.png ├── credhub-hsm-provider-servers.png ├── credhub.png ├── custombranding.png ├── custombranding2.png ├── custombranding3.png ├── diego │ ├── aws-ami.png │ ├── aws-console-home.png │ ├── cert-warning.png │ ├── config-sec-group.png │ ├── create-remote-desktop.png │ ├── diego-resources.png │ ├── diego-tile.png │ ├── director-public-ip.png │ ├── disable-acceptance-tests.png │ ├── ec2-dashboard.png │ ├── ec2-instances.png │ ├── enable-diego-docker.png │ ├── image1.jpg │ ├── image3.png │ ├── image5.png │ ├── install-dashboard.png │ ├── instance-details.png │ ├── instance-type.png │ ├── key-pair.png │ ├── log-shared-secret.png │ ├── review-launch.png │ ├── ssh-key.png │ ├── windows-password-key-pair.png │ ├── windows-password.png │ └── windows-private-ip.png ├── docker-registry-ert.png ├── docker-registry-ops-man.png ├── domains.png ├── edit-vm.png ├── enable-log-cache.png ├── er-config-app-containers.png ├── er-config-app-vol-svc-smb.png ├── er-config-app-vol-svc.png ├── er-config-auth-enterprise-sso-uaa.png ├── er17-config-authsso-ldap.png ├── er17-config-authsso-saml.png ├── er_network.png ├── ert_haproxy_certs.png ├── file_menu.png ├── firewall.png ├── format_page.png ├── generate-cert.png ├── getting-started-api.png ├── greenhouse │ ├── cloud-formation-form.png │ ├── diego-windows-cloudformation.png │ ├── diego-windows-file-group.png │ ├── diego-windows-msis.png │ ├── diego-windows-setup-files.png │ ├── downloaded-msi-screen.png │ ├── downloading-msi-screen.png │ ├── event-viewer.png │ ├── missing-dlls.png │ ├── no-compatible-cell.png │ ├── restart-rep.png │ ├── rollback-on-failure.png │ ├── running-install-bat.png │ ├── running-services.png │ └── start-unsucessful.png ├── guestos.png ├── haproxy-hsts-enable-fields.png ├── hosts_clusters.png ├── id │ ├── deployment.jpg │ ├── host-cluster.jpg │ ├── job.jpg │ ├── jobs.jpg │ └── vm-tab.jpg ├── import-stemcell.png ├── install-dash-settings.png ├── installation-dashboard-manage-stemcells.png ├── inventory.png ├── log-app-traffic-disable.png ├── log-app-traffic-enable.png ├── logged_in_accounts.png ├── loggregator-vms.png ├── loggregator_config.png ├── login-page.png ├── logs-list.png ├── manage-stemcells.png ├── mapping_page.png ├── max-container-starts.png ├── meta-url.png ├── metrics │ ├── bosh_health_combined.png │ ├── dashboard.png │ ├── dea_status_column.png │ ├── etcd_uptime.png │ ├── nats_delta.png │ ├── req_per_sec.png │ ├── router-column.png │ └── ssh_attempts.png ├── multi-foundation-apps-man-configuration.png ├── name_page.png ├── networking-config.png ├── networking_disable_http_haproxy_gorouter.png ├── networking_haproxy_router_cert_config.png ├── networking_haproxy_router_tls_forward.png ├── networking_max_connections_backend.png ├── networking_min_tls_version.png ├── networking_tls_doppler.png ├── networking_tls_haproxy.png ├── networking_tls_metron.png ├── networking_tls_router.png ├── networking_xforwarded-client-cert-xfcc.png ├── new-domains.png ├── newcd.png ├── nics.png ├── opsman-latest-stemcell.png ├── opsman-view-available-stemcells.png ├── pas-tile.png ├── pivotal_account.png ├── pool_page.png ├── port_forward.png ├── protected-domains.png ├── push_account.png ├── pws_read_ops_upgrade.png ├── pws_write_ops_upgrade.png ├── roles-diagram.png ├── saml-sso.png ├── scaling-ert.png ├── security_config.png ├── service-details.png ├── service-mesh.png ├── servicemesh.png ├── source_page.png ├── ssh-config-ert.png ├── ssl-termination-router.png ├── ssl-termination.png ├── sso-config.png ├── sso-ert.png ├── staging-modal.png ├── storage_page.png ├── switching_domains │ ├── .DS_Store │ ├── er17-switchdomains-after.png │ ├── er17-switchdomains-before.png │ ├── new_domain_config.png │ ├── new_domain_confirmed.png │ ├── new_domain_confirmed1.png │ └── old_domain.png ├── sys-logging.png ├── system-db-tls.png ├── typ-config.png ├── uaa │ ├── .DS_Store │ ├── apply-changes.png │ ├── er-tile.png │ └── ldap-config.png ├── update-proxy-settings.png ├── updated-system-logging.png ├── usage-report-link.png ├── usage-report-spaces.png └── usage-report.png ├── index.html.md.erb ├── managing-stemcells.html.md.erb └── ongoing.html.md.erb /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/.DS_Store -------------------------------------------------------------------------------- /LEGAL.txt: -------------------------------------------------------------------------------- 1 | Copyright (c) 2013-Present VMware, Inc. or its affiliates. All rights reserved. 2 | 3 | Unauthorized use, copying or distribution of this source code or documentation 4 | via any medium is strictly prohibited without the express written consent of 5 | VMware, Inc. or its affiliates. 6 | 7 | THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, 8 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 9 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 10 | IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY 11 | CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 12 | TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 13 | SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | 6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 7 | 8 | 1. Definitions. 9 | 10 | "License" shall mean the terms and conditions for use, reproduction, 11 | and distribution as defined by Sections 1 through 9 of this document. 12 | 13 | "Licensor" shall mean the copyright owner or entity authorized by 14 | the copyright owner that is granting the License. 15 | 16 | "Legal Entity" shall mean the union of the acting entity and all 17 | other entities that control, are controlled by, or are under common 18 | control with that entity. For the purposes of this definition, 19 | "control" means (i) the power, direct or indirect, to cause the 20 | direction or management of such entity, whether by contract or 21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 22 | outstanding shares, or (iii) beneficial ownership of such entity. 23 | 24 | "You" (or "Your") shall mean an individual or Legal Entity 25 | exercising permissions granted by this License. 26 | 27 | "Source" form shall mean the preferred form for making modifications, 28 | including but not limited to software source code, documentation 29 | source, and configuration files. 30 | 31 | "Object" form shall mean any form resulting from mechanical 32 | transformation or translation of a Source form, including but 33 | not limited to compiled object code, generated documentation, 34 | and conversions to other media types. 35 | 36 | "Work" shall mean the work of authorship, whether in Source or 37 | Object form, made available under the License, as indicated by a 38 | copyright notice that is included in or attached to the work 39 | (an example is provided in the Appendix below). 40 | 41 | "Derivative Works" shall mean any work, whether in Source or Object 42 | form, that is based on (or derived from) the Work and for which the 43 | editorial revisions, annotations, elaborations, or other modifications 44 | represent, as a whole, an original work of authorship. For the purposes 45 | of this License, Derivative Works shall not include works that remain 46 | separable from, or merely link (or bind by name) to the interfaces of, 47 | the Work and Derivative Works thereof. 48 | 49 | "Contribution" shall mean any work of authorship, including 50 | the original version of the Work and any modifications or additions 51 | to that Work or Derivative Works thereof, that is intentionally 52 | submitted to Licensor for inclusion in the Work by the copyright owner 53 | or by an individual or Legal Entity authorized to submit on behalf of 54 | the copyright owner. For the purposes of this definition, "submitted" 55 | means any form of electronic, verbal, or written communication sent 56 | to the Licensor or its representatives, including but not limited to 57 | communication on electronic mailing lists, source code control systems, 58 | and issue tracking systems that are managed by, or on behalf of, the 59 | Licensor for the purpose of discussing and improving the Work, but 60 | excluding communication that is conspicuously marked or otherwise 61 | designated in writing by the copyright owner as "Not a Contribution." 62 | 63 | "Contributor" shall mean Licensor and any individual or Legal Entity 64 | on behalf of whom a Contribution has been received by Licensor and 65 | subsequently incorporated within the Work. 66 | 67 | 2. Grant of Copyright License. Subject to the terms and conditions of 68 | this License, each Contributor hereby grants to You a perpetual, 69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 70 | copyright license to reproduce, prepare Derivative Works of, 71 | publicly display, publicly perform, sublicense, and distribute the 72 | Work and such Derivative Works in Source or Object form. 73 | 74 | 3. Grant of Patent License. Subject to the terms and conditions of 75 | this License, each Contributor hereby grants to You a perpetual, 76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 77 | (except as stated in this section) patent license to make, have made, 78 | use, offer to sell, sell, import, and otherwise transfer the Work, 79 | where such license applies only to those patent claims licensable 80 | by such Contributor that are necessarily infringed by their 81 | Contribution(s) alone or by combination of their Contribution(s) 82 | with the Work to which such Contribution(s) was submitted. If You 83 | institute patent litigation against any entity (including a 84 | cross-claim or counterclaim in a lawsuit) alleging that the Work 85 | or a Contribution incorporated within the Work constitutes direct 86 | or contributory patent infringement, then any patent licenses 87 | granted to You under this License for that Work shall terminate 88 | as of the date such litigation is filed. 89 | 90 | 4. Redistribution. You may reproduce and distribute copies of the 91 | Work or Derivative Works thereof in any medium, with or without 92 | modifications, and in Source or Object form, provided that You 93 | meet the following conditions: 94 | 95 | (a) You must give any other recipients of the Work or 96 | Derivative Works a copy of this License; and 97 | 98 | (b) You must cause any modified files to carry prominent notices 99 | stating that You changed the files; and 100 | 101 | (c) You must retain, in the Source form of any Derivative Works 102 | that You distribute, all copyright, patent, trademark, and 103 | attribution notices from the Source form of the Work, 104 | excluding those notices that do not pertain to any part of 105 | the Derivative Works; and 106 | 107 | (d) If the Work includes a "NOTICE" text file as part of its 108 | distribution, then any Derivative Works that You distribute must 109 | include a readable copy of the attribution notices contained 110 | within such NOTICE file, excluding those notices that do not 111 | pertain to any part of the Derivative Works, in at least one 112 | of the following places: within a NOTICE text file distributed 113 | as part of the Derivative Works; within the Source form or 114 | documentation, if provided along with the Derivative Works; or, 115 | within a display generated by the Derivative Works, if and 116 | wherever such third-party notices normally appear. The contents 117 | of the NOTICE file are for informational purposes only and 118 | do not modify the License. You may add Your own attribution 119 | notices within Derivative Works that You distribute, alongside 120 | or as an addendum to the NOTICE text from the Work, provided 121 | that such additional attribution notices cannot be construed 122 | as modifying the License. 123 | 124 | You may add Your own copyright statement to Your modifications and 125 | may provide additional or different license terms and conditions 126 | for use, reproduction, or distribution of Your modifications, or 127 | for any such Derivative Works as a whole, provided Your use, 128 | reproduction, and distribution of the Work otherwise complies with 129 | the conditions stated in this License. 130 | 131 | 5. Submission of Contributions. Unless You explicitly state otherwise, 132 | any Contribution intentionally submitted for inclusion in the Work 133 | by You to the Licensor shall be under the terms and conditions of 134 | this License, without any additional terms or conditions. 135 | Notwithstanding the above, nothing herein shall supersede or modify 136 | the terms of any separate license agreement you may have executed 137 | with Licensor regarding such Contributions. 138 | 139 | 6. Trademarks. This License does not grant permission to use the trade 140 | names, trademarks, service marks, or product names of the Licensor, 141 | except as required for reasonable and customary use in describing the 142 | origin of the Work and reproducing the content of the NOTICE file. 143 | 144 | 7. Disclaimer of Warranty. Unless required by applicable law or 145 | agreed to in writing, Licensor provides the Work (and each 146 | Contributor provides its Contributions) on an "AS IS" BASIS, 147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 148 | implied, including, without limitation, any warranties or conditions 149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 150 | PARTICULAR PURPOSE. You are solely responsible for determining the 151 | appropriateness of using or redistributing the Work and assume any 152 | risks associated with Your exercise of permissions under this License. 153 | 154 | 8. Limitation of Liability. In no event and under no legal theory, 155 | whether in tort (including negligence), contract, or otherwise, 156 | unless required by applicable law (such as deliberate and grossly 157 | negligent acts) or agreed to in writing, shall any Contributor be 158 | liable to You for damages, including any direct, indirect, special, 159 | incidental, or consequential damages of any character arising as a 160 | result of this License or out of the use or inability to use the 161 | Work (including but not limited to damages for loss of goodwill, 162 | work stoppage, computer failure or malfunction, or any and all 163 | other commercial damages or losses), even if such Contributor 164 | has been advised of the possibility of such damages. 165 | 166 | 9. Accepting Warranty or Additional Liability. While redistributing 167 | the Work or Derivative Works thereof, You may choose to offer, 168 | and charge a fee for, acceptance of support, warranty, indemnity, 169 | or other liability obligations and/or rights consistent with this 170 | License. However, in accepting such obligations, You may act only 171 | on Your own behalf and on Your sole responsibility, not on behalf 172 | of any other Contributor, and only if You agree to indemnify, 173 | defend, and hold each Contributor harmless for any liability 174 | incurred by, or claims asserted against, such Contributor by reason 175 | of your accepting any such warranty or additional liability. 176 | 177 | END OF TERMS AND CONDITIONS 178 | 179 | APPENDIX: How to apply the Apache License to your work. 180 | 181 | To apply the Apache License to your work, attach the following 182 | boilerplate notice, with the fields enclosed by brackets "[]" 183 | replaced with your own identifying information. (Don't include 184 | the brackets!) The text should be enclosed in the appropriate 185 | comment syntax for the file format. We also recommend that a 186 | file or class name and description of purpose be included on the 187 | same "printed page" as the copyright notice for easier 188 | identification within third-party archives. 189 | 190 | Copyright [yyyy] [name of copyright owner] 191 | 192 | Licensed under the Apache License, Version 2.0 (the "License"); 193 | you may not use this file except in compliance with the License. 194 | You may obtain a copy of the License at 195 | 196 | http://www.apache.org/licenses/LICENSE-2.0 197 | 198 | Unless required by applicable law or agreed to in writing, software 199 | distributed under the License is distributed on an "AS IS" BASIS, 200 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 201 | See the License for the specific language governing permissions and 202 | limitations under the License. 203 | 204 | ======================================================================= 205 | 206 | CF Docs 09012012 207 | 208 | CF Docs 09012012 : includes a number of subcomponents with 209 | separate copyright notices and license terms. The product that 210 | includes this file does not necessarily use all the open source 211 | subcomponents referred to below. Your use of the source 212 | code for the these subcomponents is subject to the terms and 213 | conditions of the following licenses. 214 | 215 | 216 | SECTION 1: BSD-STYLE, MIT-STYLE, OR SIMILAR STYLE LICENSES 217 | 218 | >>> adsf-1.1.1 219 | >>> clouseau-0.0.1 220 | >>> colored-1.2.0 221 | >>> cri-2.3.0 222 | >>> haml-3.1.7 223 | >>> interact-0.3.0 224 | >>> interact-0.4.8 225 | >>> mothership-0.1.5 226 | >>> multi_json-1.3.6 227 | >>> nanoc-3.4.1 228 | >>> newrelic_rpm-3.3.0 229 | >>> nokogiri-1.4.7 230 | >>> pygmentize-0.0.3 231 | >>> rack-protection-1.1.4 232 | >>> rb-readline-0.4.2 233 | >>> rest-client-1.6.7 234 | >>> sinatra-1.3.1 235 | >>> spruz-0.2.13 236 | >>> terminal-table-1.4.4 237 | >>> cf-0.3.14 238 | 239 | 240 | 241 | SECTION 2: Apache License, V2.0 242 | 243 | >>> addressable-2.2.6 244 | >>> addressable-2.2.8 245 | >>> cfoundry-0.3.40 246 | >>> manifests-cf-plugin-0.4.8 247 | >>> tunnel-dummy-cf-plugin-0.0.1 248 | 249 | 250 | 251 | SECTION 3: GNU General Public License, V3.0 252 | 253 | >>> kramdown-0.13.8 254 | 255 | 256 | 257 | SECTION 4: Ruby Clause-6 258 | 259 | >>> json_pure-1.5.4 260 | >>> rubyzip-0.9.9 261 | >>> rubyzip2-2.0.2 262 | >>> systemu-2.5.2 263 | 264 | 265 | 266 | APPENDIX. Standard License Files 267 | 268 | >>> Ruby Clause-6 269 | 270 | >>> GNU General Public License, V3.0 271 | 272 | 273 | 274 | 275 | 276 | --------------- SECTION 1: BSD-STYLE, MIT-STYLE, OR SIMILAR STYLE LICENSES ---------- 277 | 278 | BSD-STYLE, MIT-STYLE, OR SIMILAR STYLE LICENSES are applicable to the following component(s). 279 | 280 | 281 | >>> adsf-1.1.1 282 | 283 | Copyright (c) 2009 Denis Defreyne 284 | 285 | Permission is hereby granted, free of charge, to any person obtaining a copy 286 | of this software and associated documentation files (the "Software"), to deal 287 | in the Software without restriction, including without limitation the rights 288 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 289 | copies of the Software, and to permit persons to whom the Software is 290 | furnished to do so, subject to the following conditions: 291 | 292 | The above copyright notice and this permission notice shall be included in all 293 | copies or substantial portions of the Software. 294 | 295 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 296 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 297 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 298 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 299 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 300 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 301 | SOFTWARE. 302 | 303 | 304 | >>> clouseau-0.0.1 305 | 306 | Copyright (c)2012, Alex Suraci 307 | 308 | All rights reserved. 309 | 310 | Redistribution and use in source and binary forms, with or without 311 | modification, are permitted provided that the following conditions are met: 312 | 313 | Redistributions of source code must retain the above copyright 314 | notice, this list of conditions and the following disclaimer. 315 | 316 | Redistributions in binary form must reproduce the above 317 | copyright notice, this list of conditions and the following 318 | disclaimer in the documentation and/or other materials provided 319 | with the distribution. 320 | 321 | Neither the name of Alex Suraci nor the names of other 322 | contributors may be used to endorse or promote products derived 323 | from this software without specific prior written permission. 324 | 325 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 326 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 327 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 328 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 329 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 330 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 331 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 332 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 333 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 334 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 335 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 336 | 337 | 338 | >>> colored-1.2.0 339 | 340 | Copyright (c) 2010 Chris Wanstrath 341 | 342 | Permission is hereby granted, free of charge, to any person obtaining 343 | a copy of this software and associated documentation files (the 344 | Software), to deal in the Software without restriction, including 345 | without limitation the rights to use, copy, modify, merge, publish, 346 | distribute, sublicense, and/or sell copies of the Software, and to 347 | permit persons to whom the Software is furnished to do so, subject to 348 | the following conditions: 349 | 350 | The above copyright notice and this permission notice shall be 351 | included in all copies or substantial portions of the Software. 352 | 353 | THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, 354 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 355 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 356 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 357 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 358 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 359 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 360 | 361 | 362 | >>> cri-2.3.0 363 | 364 | Copyright (c) 2009 Denis Defreyne and contributors 365 | 366 | Permission is hereby granted, free of charge, to any person obtaining a copy 367 | of this software and associated documentation files (the "Software"), to deal 368 | in the Software without restriction, including without limitation the rights 369 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 370 | copies of the Software, and to permit persons to whom the Software is 371 | furnished to do so, subject to the following conditions: 372 | 373 | The above copyright notice and this permission notice shall be included in all 374 | copies or substantial portions of the Software. 375 | 376 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 377 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 378 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 379 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 380 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 381 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 382 | SOFTWARE. 383 | 384 | 385 | >>> haml-3.1.7 386 | 387 | Copyright (c) 2011 Travis Tilley 388 | 389 | Permission is hereby granted, free of charge, to any person obtaining 390 | a copy of this software and associated documentation files (the 391 | "Software"), to deal in the Software without restriction, including 392 | without limitation the rights to use, copy, modify, merge, publish, 393 | distribute, sublicense, and/or sell copies of the Software, and to 394 | permit persons to whom the Software is furnished to do so, subject to 395 | the following conditions: 396 | 397 | The above copyright notice and this permission notice shall be 398 | included in all copies or substantial portions of the Software. 399 | 400 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 401 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 402 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 403 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 404 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 405 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 406 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 407 | 408 | 409 | >>> interact-0.3.0 410 | 411 | Copyright (c)2011, Alex Suraci 412 | 413 | All rights reserved. 414 | 415 | Redistribution and use in source and binary forms, with or without 416 | modification, are permitted provided that the following conditions are met: 417 | 418 | Redistributions of source code must retain the above copyright 419 | notice, this list of conditions and the following disclaimer. 420 | 421 | Redistributions in binary form must reproduce the above 422 | copyright notice, this list of conditions and the following 423 | disclaimer in the documentation and/or other materials provided 424 | with the distribution. 425 | 426 | Neither the name of Alex Suraci nor the names of other 427 | contributors may be used to endorse or promote products derived 428 | from this software without specific prior written permission. 429 | 430 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 431 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 432 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 433 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 434 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 435 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 436 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 437 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 438 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 439 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 440 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 441 | 442 | 443 | >>> interact-0.4.8 444 | 445 | Copyright (c)2011, Alex Suraci 446 | 447 | All rights reserved. 448 | 449 | Redistribution and use in source and binary forms, with or without 450 | modification, are permitted provided that the following conditions are met: 451 | 452 | Redistributions of source code must retain the above copyright 453 | notice, this list of conditions and the following disclaimer. 454 | 455 | Redistributions in binary form must reproduce the above 456 | copyright notice, this list of conditions and the following 457 | disclaimer in the documentation and/or other materials provided 458 | with the distribution. 459 | 460 | Neither the name of Alex Suraci nor the names of other 461 | contributors may be used to endorse or promote products derived 462 | from this software without specific prior written permission. 463 | 464 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 465 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 466 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 467 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 468 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 469 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 470 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 471 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 472 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 473 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 474 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 475 | 476 | 477 | >>> mothership-0.1.5 478 | 479 | Copyright (c)2012, Alex Suraci 480 | 481 | All rights reserved. 482 | 483 | Redistribution and use in source and binary forms, with or without 484 | modification, are permitted provided that the following conditions are met: 485 | 486 | Redistributions of source code must retain the above copyright 487 | notice, this list of conditions and the following disclaimer. 488 | 489 | Redistributions in binary form must reproduce the above 490 | copyright notice, this list of conditions and the following 491 | disclaimer in the documentation and/or other materials provided 492 | with the distribution. 493 | 494 | Neither the name of Alex Suraci nor the names of other 495 | contributors may be used to endorse or promote products derived 496 | from this software without specific prior written permission. 497 | 498 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 499 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 500 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 501 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 502 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 503 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 504 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 505 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 506 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 507 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 508 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 509 | 510 | 511 | >>> multi_json-1.3.6 512 | 513 | Copyright (c) 2010 Michael Bleigh, Josh Kalderimis, Erik Michaels-Ober, and Intridea, Inc. 514 | 515 | Permission is hereby granted, free of charge, to any person obtaining 516 | a copy of this software and associated documentation files (the 517 | "Software"), to deal in the Software without restriction, including 518 | without limitation the rights to use, copy, modify, merge, publish, 519 | distribute, sublicense, and/or sell copies of the Software, and to 520 | permit persons to whom the Software is furnished to do so, subject to 521 | the following conditions: 522 | 523 | The above copyright notice and this permission notice shall be 524 | included in all copies or substantial portions of the Software. 525 | 526 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 527 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 528 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 529 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 530 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 531 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 532 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 533 | 534 | 535 | >>> nanoc-3.4.1 536 | 537 | Copyright (c) 2007-2012 Denis Defreyne and contributors 538 | 539 | Permission is hereby granted, free of charge, to any person obtaining a copy 540 | of this software and associated documentation files (the "Software"), to deal 541 | in the Software without restriction, including without limitation the rights 542 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 543 | copies of the Software, and to permit persons to whom the Software is 544 | furnished to do so, subject to the following conditions: 545 | 546 | The above copyright notice and this permission notice shall be included in all 547 | copies or substantial portions of the Software. 548 | 549 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 550 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 551 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 552 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 553 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 554 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 555 | SOFTWARE. 556 | 557 | 558 | >>> newrelic_rpm-3.3.0 559 | 560 | This product includes jquery written by John Resig 561 | and distributed under an MIT license. 562 | See https://github.com/jquery/jquery/blob/master/MIT-LICENSE.txt 563 | 564 | Copyright (c) 2011 John Resig, http://jquery.com/ 565 | 566 | Permission is hereby granted, free of charge, to any person obtaining 567 | a copy of this software and associated documentation files (the 568 | "Software"), to deal in the Software without restriction, including 569 | without limitation the rights to use, copy, modify, merge, publish, 570 | distribute, sublicense, and/or sell copies of the Software, and to 571 | permit persons to whom the Software is furnished to do so, subject to 572 | the following conditions: 573 | 574 | The above copyright notice and this permission notice shall be 575 | included in all copies or substantial portions of the Software. 576 | 577 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 578 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 579 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 580 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 581 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 582 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 583 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 584 | 585 | 586 | All other components of this product are 587 | Copyright (c) 2008-2011 New Relic, Inc. All rights reserved. 588 | 589 | Certain inventions disclosed in this file may be claimed within 590 | patents owned or patent applications filed by New Relic, Inc. or third 591 | parties. 592 | 593 | Subject to the terms of this notice, New Relic grants you a 594 | nonexclusive, nontransferable license, without the right to 595 | sublicense, to (a) install and execute one copy of these files on any 596 | number of workstations owned or controlled by you and (b) distribute 597 | verbatim copies of these files to third parties. As a condition to the 598 | foregoing grant, you must provide this notice along with each copy you 599 | distribute and you must not remove, alter, or obscure this notice. All 600 | other use, reproduction, modification, distribution, or other 601 | exploitation of these files is strictly prohibited, except as may be set 602 | forth in a separate written license agreement between you and New 603 | Relic. The terms of any such license agreement will control over this 604 | notice. The license stated above will be automatically terminated and 605 | revoked if you exceed its scope or violate any of the terms of this 606 | notice. 607 | 608 | This License does not grant permission to use the trade names, 609 | trademarks, service marks, or product names of New Relic, except as 610 | required for reasonable and customary use in describing the origin of 611 | this file and reproducing the content of this notice. You may not 612 | mark or brand this file with any trade name, trademarks, service 613 | marks, or product names other than the original brand (if any) 614 | provided by New Relic. 615 | 616 | Unless otherwise expressly agreed by New Relic in a separate written 617 | license agreement, these files are provided AS IS, WITHOUT WARRANTY OF 618 | ANY KIND, including without any implied warranties of MERCHANTABILITY, 619 | FITNESS FOR A PARTICULAR PURPOSE, TITLE, or NON-INFRINGEMENT. As a 620 | condition to your use of these files, you are solely responsible for 621 | such use. New Relic will have no liability to you for direct, 622 | indirect, consequential, incidental, special, or punitive damages or 623 | for lost profits or data. 624 | 625 | 626 | >>> nokogiri-1.4.7 627 | 628 | The MIT License) 629 | 630 | Copyright (c) 2008 - 2010: 631 | 632 | * {Aaron Patterson}[http://tenderlovemaking.com] 633 | * {Mike Dalessio}[http://mike.daless.io] 634 | 635 | Permission is hereby granted, free of charge, to any person obtaining 636 | a copy of this software and associated documentation files (the 637 | 'Software'), to deal in the Software without restriction, including 638 | without limitation the rights to use, copy, modify, merge, publish, 639 | distribute, sublicense, and/or sell copies of the Software, and to 640 | permit persons to whom the Software is furnished to do so, subject to 641 | the following conditions: 642 | 643 | The above copyright notice and this permission notice shall be 644 | included in all copies or substantial portions of the Software. 645 | 646 | THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, 647 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 648 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 649 | IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY 650 | CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 651 | TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 652 | SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 653 | 654 | 655 | >>> pygmentize-0.0.3 656 | 657 | Copyright (c) 2010 Damian Janowski & Michel Martens 658 | 659 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 660 | 661 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 662 | 663 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 664 | 665 | 666 | >>> rack-protection-1.1.4 667 | 668 | Copyright (c) 2011 Konstantin Haase 669 | 670 | Permission is hereby granted, free of charge, to any person obtaining 671 | a copy of this software and associated documentation files (the 672 | 'Software'), to deal in the Software without restriction, including 673 | without limitation the rights to use, copy, modify, merge, publish, 674 | distribute, sublicense, and/or sell copies of the Software, and to 675 | permit persons to whom the Software is furnished to do so, subject to 676 | the following conditions: 677 | 678 | The above copyright notice and this permission notice shall be 679 | included in all copies or substantial portions of the Software. 680 | 681 | THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, 682 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 683 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 684 | IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY 685 | CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 686 | TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 687 | SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 688 | 689 | 690 | >>> rb-readline-0.4.2 691 | 692 | Copyright (c) 2009, Park Heesob 693 | All rights reserved. 694 | 695 | Redistribution and use in source and binary forms, with or without 696 | modification, are permitted provided that the following conditions are met: 697 | 698 | * Redistributions of source code must retain the above copyright notice, this 699 | list of conditions and the following disclaimer. 700 | * Redistributions in binary form must reproduce the above copyright notice 701 | this list of conditions and the following disclaimer in the documentation 702 | and/or other materials provided with the distribution. 703 | * Neither the name of Park Heesob nor the names of its contributors 704 | may be used to endorse or promote products derived from this software 705 | without specific prior written permission. 706 | 707 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 708 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 709 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 710 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE 711 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 712 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 713 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 714 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 715 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 716 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 717 | 718 | 719 | >>> rest-client-1.6.7 720 | 721 | Released under the MIT License: http://www.opensource.org/licenses/mit-license.php 722 | 723 | Copyright (c) 2003, 2004 Jim Weirich 724 | 725 | Permission is hereby granted, free of charge, to any person obtaining 726 | a copy of this software and associated documentation files (the 727 | "Software"), to deal in the Software without restriction, including 728 | without limitation the rights to use, copy, modify, merge, publish, 729 | distribute, sublicense, and/or sell copies of the Software, and to 730 | permit persons to whom the Software is furnished to do so, subject to 731 | the following conditions: 732 | 733 | The above copyright notice and this permission notice shall be 734 | included in all copies or substantial portions of the Software. 735 | 736 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 737 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 738 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 739 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 740 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 741 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 742 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 743 | 744 | 745 | >>> sinatra-1.3.1 746 | 747 | Copyright (c) 2007, 2008, 2009, 2010, 2011 Blake Mizerany 748 | 749 | Permission is hereby granted, free of charge, to any person 750 | obtaining a copy of this software and associated documentation 751 | files (the "Software"), to deal in the Software without 752 | restriction, including without limitation the rights to use, 753 | copy, modify, merge, publish, distribute, sublicense, and/or sell 754 | copies of the Software, and to permit persons to whom the 755 | Software is furnished to do so, subject to the following 756 | conditions: 757 | 758 | The above copyright notice and this permission notice shall be 759 | included in all copies or substantial portions of the Software. 760 | 761 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 762 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES 763 | OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 764 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 765 | HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, 766 | WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 767 | FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR 768 | OTHER DEALINGS IN THE SOFTWARE. 769 | 770 | 771 | >>> spruz-0.2.13 772 | 773 | Copyright (c) 2010 Florian Frank 774 | 775 | Permission is hereby granted, free of charge, to any person obtaining a copy of 776 | this software and associated documentation files (the "Software"), to deal in 777 | the Software without restriction, including without limitation the rights to 778 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies 779 | of the Software, and to permit persons to whom the Software is furnished to do 780 | so, subject to the following conditions: 781 | 782 | The above copyright notice and this permission notice shall be included in all 783 | copies or substantial portions of the Software. 784 | 785 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 786 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 787 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE X 788 | CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 789 | ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 790 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 791 | 792 | 793 | >>> terminal-table-1.4.4 794 | 795 | Copyright 2008-2009 TJ Holowaychuk 796 | 797 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the Software), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, an d/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 798 | 799 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 800 | 801 | THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 802 | 803 | 804 | >>> cf-0.3.14 805 | 806 | Copyright (c) 2010-2011 VMware Inc, All Rights Reserved 807 | 808 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 809 | 810 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 811 | 812 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 813 | 814 | This software downloads additional open source software components upon install that are distributed under separate terms and conditions. Please see the license information provided in the individual software components for more information. 815 | 816 | 817 | --------------- SECTION 2: Apache License, V2.0 ---------- 818 | 819 | Apache License, V2.0 is applicable to the following component(s). 820 | 821 | 822 | >>> addressable-2.2.6 823 | 824 | Copyright (C) 2006-2011 Bob Aman 825 | 826 | Licensed under the Apache License, Version 2.0 (the "License"); 827 | you may not use this file except in compliance with the License. 828 | You may obtain a copy of the License at 829 | 830 | http://www.apache.org/licenses/LICENSE-2.0 831 | 832 | Unless required by applicable law or agreed to in writing, software 833 | distributed under the License is distributed on an "AS IS" BASIS, 834 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 835 | See the License for the specific language governing permissions and 836 | limitations under the License. 837 | 838 | 839 | >>> addressable-2.2.8 840 | 841 | Copyright (C) 2006-2011 Bob Aman 842 | 843 | Licensed under the Apache License, Version 2.0 (the "License"); 844 | you may not use this file except in compliance with the License. 845 | You may obtain a copy of the License at 846 | 847 | http://www.apache.org/licenses/LICENSE-2.0 848 | 849 | Unless required by applicable law or agreed to in writing, software 850 | distributed under the License is distributed on an "AS IS" BASIS, 851 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 852 | See the License for the specific language governing permissions and 853 | limitations under the License. 854 | 855 | 856 | >>> cfoundry-0.3.40 857 | 858 | License: Apache 2.0 859 | 860 | 861 | >>> manifests-cf-plugin-0.4.8 862 | 863 | cfoundry 864 | Copyright (c) 2012 VMware, Inc. All Rights Reserved. 865 | 866 | VMware copyrighted code, is licensed to you under the Apache License, Version 2.0 (the "License"). 867 | 868 | In addition to the VMware copyrighted code, CF includes a number of components with separate copyright notices and license terms. Your use of these components is subject to the terms and conditions of the component's license, as noted in the LICENSE file. 869 | 870 | 871 | >>> tunnel-dummy-cf-plugin-0.0.1 872 | 873 | cfoundry 874 | Copyright (c) 2012 VMware, Inc. All Rights Reserved. 875 | 876 | VMware copyrighted code, is licensed to you under the Apache License, Version 2.0 (the "License"). 877 | 878 | In addition to the VMware copyrighted code, CF includes a number of components with separate copyright notices and license terms. Your use of these components is subject to the terms and conditions of the component's license, as noted in the LICENSE file. 879 | 880 | 881 | --------------- SECTION 3: GNU General Public License, V3.0 ---------- 882 | 883 | GNU General Public License, V3.0 is applicable to the following component(s). 884 | 885 | 886 | >>> kramdown-0.13.8 887 | 888 | kramdown - fast, pure-Ruby Markdown-superset converter 889 | Copyright (C) 2009 Thomas Leitner 890 | 891 | kramdown is free software: you can redistribute it and/or modify 892 | it under the terms of the GNU General Public License as published by 893 | the Free Software Foundation, either version 3 of the License, or 894 | (at your option) any later version. 895 | 896 | This program is distributed in the hope that it will be useful, 897 | but WITHOUT ANY WARRANTY; without even the implied warranty of 898 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 899 | GNU General Public License for more details. 900 | 901 | You should have received a copy of the GNU General Public License 902 | along with this program. If not, see . 903 | 904 | Some test cases and the benchmark files are based on test cases from 905 | the MDTest test suite: 906 | 907 | MDTest 908 | Copyright (c) 2007 Michel Fortin 909 | 910 | 911 | 912 | --------------- SECTION 4: Ruby Clause-6 ---------- 913 | 914 | Ruby Clause-6 is applicable to the following component(s). 915 | 916 | 917 | >>> json_pure-1.5.4 918 | 919 | [PLEASE NOTE: VMWARE, INC. ELECTS TO USE AND DISTRIBUTE THIS COMPONENT UNDER THE TERMS OF THE RUBYCLAUSE-6 LICENSE. PLEASE SEE BELOW FOR THE FULL TEXT OF THE RUBYCLAUSE-6 LICENSE. THE ORIGINAL LICENSE TERMS ARE REPRODUCED BELOW ONLY AS A REFERENCE.] 920 | 921 | 922 | JSON-JRuby is copyrighted free software by Daniel Luz , 923 | and is a derivative work of Florian Frank's json library . 924 | You can redistribute it and/or modify it under either the terms of the GPL 925 | version 2 (see the file GPL), or the conditions below: 926 | 927 | 1. You may make and give away verbatim copies of the source form of the 928 | software without restriction, provided that you duplicate all of the 929 | original copyright notices and associated disclaimers. 930 | 931 | 2. You may modify your copy of the software in any way, provided that 932 | you do at least ONE of the following: 933 | 934 | a) place your modifications in the Public Domain or otherwise 935 | make them Freely Available, such as by posting said 936 | modifications to Usenet or an equivalent medium, or by allowing 937 | the author to include your modifications in the software. 938 | 939 | b) use the modified software only within your corporation or 940 | organization. 941 | 942 | c) give non-standard binaries non-standard names, with 943 | instructions on where to get the original software distribution. 944 | 945 | d) make other distribution arrangements with the author. 946 | 947 | 3. You may distribute the software in object code or binary form, 948 | provided that you do at least ONE of the following: 949 | 950 | a) distribute the binaries and library files of the software, 951 | together with instructions (in the manual page or equivalent) 952 | on where to get the original distribution. 953 | 954 | b) accompany the distribution with the machine-readable source of 955 | the software. 956 | 957 | c) give non-standard binaries non-standard names, with 958 | instructions on where to get the original software distribution. 959 | 960 | d) make other distribution arrangements with the author. 961 | 962 | 4. You may modify and include the part of the software into any other 963 | software (possibly commercial). But some files in the distribution 964 | are not written by the author, so that they are not under these terms. 965 | 966 | For the list of those files and their copying conditions, see the 967 | file LEGAL. 968 | 969 | 5. The scripts and library files supplied as input to or produced as 970 | output from the software do not automatically fall under the 971 | copyright of the software, but belong to whomever generated them, 972 | and may be sold commercially, and may be aggregated with this 973 | software. 974 | 975 | 6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR 976 | IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 977 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 978 | PURPOSE. 979 | 980 | 981 | 982 | ADDITIONAL LICENSE INFORMATION: 983 | 984 | 985 | > MIT style 986 | 987 | json_pure-1.5.4.gem\data.tar.gz\data.tar\ext\json\ext\generator\generator.c 988 | 989 | 990 | Copyright 2001-2004 Unicode, Inc. 991 | 992 | Disclaimer 993 | 994 | This source code is provided as is by Unicode, Inc. No claims are 995 | made as to fitness for any particular purpose. No warranties of any 996 | kind are expressed or implied. The recipient agrees to determine 997 | applicability of information provided. If this file has been 998 | purchased on magnetic or optical media from Unicode, Inc., the 999 | sole remedy for any claim will be exchange of defective media 1000 | within 90 days of receipt. 1001 | 1002 | Limitations on Rights to Redistribute This Code 1003 | 1004 | Unicode, Inc. hereby grants the right to freely use the information 1005 | supplied in this file in the creation of products supporting the 1006 | Unicode Standard, and to make copies of this file in any form 1007 | for internal or external distribution as long as this notice 1008 | remains attached. 1009 | 1010 | 1011 | >>> rubyzip-0.9.9 1012 | 1013 | License 1014 | 1015 | rubyzip is distributed under the same license as ruby. See 1016 | http://www.ruby-lang.org/en/LICENSE.txt 1017 | 1018 | [PLEASE NOTE: VMWARE, INC. ELECTS TO USE AND DISTRIBUTE THIS COMPONENT UNDER THE TERMS OF THE Ruby Clause-6. PLEASE SEE THE APPENDIX TO REVIEW THE FULL TEXT OF THE Ruby Clause-6. THE ORIGINAL LICENSE TERMS ARE REPRODUCED BELOW ONLY AS A REFERENCE.] 1019 | 1020 | Ruby is copyrighted free software by Yukihiro Matsumoto . 1021 | You can redistribute it and/or modify it under either the terms of the 1022 | 2-clause BSDL (see the file BSDL), or the conditions below: 1023 | 1024 | 1. You may make and give away verbatim copies of the source form of the 1025 | software without restriction, provided that you duplicate all of the 1026 | original copyright notices and associated disclaimers. 1027 | 1028 | 2. You may modify your copy of the software in any way, provided that 1029 | you do at least ONE of the following: 1030 | 1031 | a) place your modifications in the Public Domain or otherwise 1032 | make them Freely Available, such as by posting said 1033 | modifications to Usenet or an equivalent medium, or by allowing 1034 | the author to include your modifications in the software. 1035 | 1036 | b) use the modified software only within your corporation or 1037 | organization. 1038 | 1039 | c) give non-standard binaries non-standard names, with 1040 | instructions on where to get the original software distribution. 1041 | 1042 | d) make other distribution arrangements with the author. 1043 | 1044 | 3. You may distribute the software in object code or binary form, 1045 | provided that you do at least ONE of the following: 1046 | 1047 | a) distribute the binaries and library files of the software, 1048 | together with instructions (in the manual page or equivalent) 1049 | on where to get the original distribution. 1050 | 1051 | b) accompany the distribution with the machine-readable source of 1052 | the software. 1053 | 1054 | c) give non-standard binaries non-standard names, with 1055 | instructions on where to get the original software distribution. 1056 | 1057 | d) make other distribution arrangements with the author. 1058 | 1059 | 4. You may modify and include the part of the software into any other 1060 | software (possibly commercial). But some files in the distribution 1061 | are not written by the author, so that they are not under these terms. 1062 | 1063 | For the list of those files and their copying conditions, see the 1064 | file LEGAL. 1065 | 1066 | 5. The scripts and library files supplied as input to or produced as 1067 | output from the software do not automatically fall under the 1068 | copyright of the software, but belong to whomever generated them, 1069 | and may be sold commercially, and may be aggregated with this 1070 | software. 1071 | 1072 | 6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR 1073 | IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 1074 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 1075 | PURPOSE. 1076 | 1077 | 1078 | >>> rubyzip2-2.0.2 1079 | 1080 | = License 1081 | 1082 | rubyzip is distributed under the same license as ruby. See 1083 | http://www.ruby-lang.org/en/LICENSE.txt 1084 | 1085 | Ruby is copyrighted free software by Yukihiro Matsumoto . 1086 | You can redistribute it and/or modify it under either the terms of the 1087 | 2-clause BSDL (see the file BSDL), or the conditions below: 1088 | 1089 | 1. You may make and give away verbatim copies of the source form of the 1090 | software without restriction, provided that you duplicate all of the 1091 | original copyright notices and associated disclaimers. 1092 | 1093 | 2. You may modify your copy of the software in any way, provided that 1094 | you do at least ONE of the following: 1095 | 1096 | a) place your modifications in the Public Domain or otherwise 1097 | make them Freely Available, such as by posting said 1098 | modifications to Usenet or an equivalent medium, or by allowing 1099 | the author to include your modifications in the software. 1100 | 1101 | b) use the modified software only within your corporation or 1102 | organization. 1103 | 1104 | c) give non-standard binaries non-standard names, with 1105 | instructions on where to get the original software distribution. 1106 | 1107 | d) make other distribution arrangements with the author. 1108 | 1109 | 3. You may distribute the software in object code or binary form, 1110 | provided that you do at least ONE of the following: 1111 | 1112 | a) distribute the binaries and library files of the software, 1113 | together with instructions (in the manual page or equivalent) 1114 | on where to get the original distribution. 1115 | 1116 | b) accompany the distribution with the machine-readable source of 1117 | the software. 1118 | 1119 | c) give non-standard binaries non-standard names, with 1120 | instructions on where to get the original software distribution. 1121 | 1122 | d) make other distribution arrangements with the author. 1123 | 1124 | 4. You may modify and include the part of the software into any other 1125 | software (possibly commercial). But some files in the distribution 1126 | are not written by the author, so that they are not under these terms. 1127 | 1128 | For the list of those files and their copying conditions, see the 1129 | file LEGAL. 1130 | 1131 | 5. The scripts and library files supplied as input to or produced as 1132 | output from the software do not automatically fall under the 1133 | copyright of the software, but belong to whomever generated them, 1134 | and may be sold commercially, and may be aggregated with this 1135 | software. 1136 | 1137 | 6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR 1138 | IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 1139 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 1140 | PURPOSE. 1141 | 1142 | 1143 | >>> systemu-2.5.2 1144 | 1145 | same as Ruby's 1146 | 1147 | http://www.ruby-lang.org/en/LICENSE.txt 1148 | 1149 | [PLEASE NOTE: VMWARE, INC. ELECTS TO USE AND DISTRIBUTE THIS COMPONENT UNDER THE TERMS OF THE Ruby Clause-6. PLEASE SEE THE APPENDIX TO REVIEW THE FULL TEXT OF THE Ruby Clause-6. THE ORIGINAL LICENSE TERMS ARE REPRODUCED BELOW ONLY AS A REFERENCE.] 1150 | 1151 | Ruby is copyrighted free software by Yukihiro Matsumoto . 1152 | You can redistribute it and/or modify it under either the terms of the 1153 | 2-clause BSDL (see the file BSDL), or the conditions below: 1154 | 1155 | 1. You may make and give away verbatim copies of the source form of the 1156 | software without restriction, provided that you duplicate all of the 1157 | original copyright notices and associated disclaimers. 1158 | 1159 | 2. You may modify your copy of the software in any way, provided that 1160 | you do at least ONE of the following: 1161 | 1162 | a) place your modifications in the Public Domain or otherwise 1163 | make them Freely Available, such as by posting said 1164 | modifications to Usenet or an equivalent medium, or by allowing 1165 | the author to include your modifications in the software. 1166 | 1167 | b) use the modified software only within your corporation or 1168 | organization. 1169 | 1170 | c) give non-standard binaries non-standard names, with 1171 | instructions on where to get the original software distribution. 1172 | 1173 | d) make other distribution arrangements with the author. 1174 | 1175 | 3. You may distribute the software in object code or binary form, 1176 | provided that you do at least ONE of the following: 1177 | 1178 | a) distribute the binaries and library files of the software, 1179 | together with instructions (in the manual page or equivalent) 1180 | on where to get the original distribution. 1181 | 1182 | b) accompany the distribution with the machine-readable source of 1183 | the software. 1184 | 1185 | c) give non-standard binaries non-standard names, with 1186 | instructions on where to get the original software distribution. 1187 | 1188 | d) make other distribution arrangements with the author. 1189 | 1190 | 4. You may modify and include the part of the software into any other 1191 | software (possibly commercial). But some files in the distribution 1192 | are not written by the author, so that they are not under these terms. 1193 | 1194 | For the list of those files and their copying conditions, see the 1195 | file LEGAL. 1196 | 1197 | 5. The scripts and library files supplied as input to or produced as 1198 | output from the software do not automatically fall under the 1199 | copyright of the software, but belong to whomever generated them, 1200 | and may be sold commercially, and may be aggregated with this 1201 | software. 1202 | 1203 | 6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR 1204 | IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 1205 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 1206 | PURPOSE. 1207 | 1208 | 1209 | =============== APPENDIX. Standard License Files ============== 1210 | 1211 | 1212 | 1213 | --------------- SECTION 1: Ruby Clause-6 ----------- 1214 | 1215 | Ruby is copyrighted free software by Yukihiro Matsumoto . 1216 | You can redistribute it and/or modify it under either the terms of the GPL 1217 | (see COPYING.txt file), or the conditions below: 1218 | 1219 | 1. You may make and give away verbatim copies of the source form of the 1220 | software without restriction, provided that you duplicate all of the 1221 | original copyright notices and associated disclaimers. 1222 | 1223 | 1224 | 2. You may modify your copy of the software in any way, provided that 1225 | you do at least ONE of the following: 1226 | 1227 | a) place your modifications in the Public Domain or otherwise 1228 | make them Freely Available, such as by posting said 1229 | modifications to Usenet or an equivalent medium, or by allowing 1230 | the author to include your modifications in the software. 1231 | 1232 | b) use the modified software only within your corporation or 1233 | organization. 1234 | 1235 | c) rename any non-standard executables so the names do not conflict 1236 | with standard executables, which must also be provided. 1237 | 1238 | d) make other distribution arrangements with the author. 1239 | 1240 | 1241 | 3. You may distribute the software in object code or executable 1242 | form, provided that you do at least ONE of the following: 1243 | 1244 | a) distribute the executables and library files of the software, 1245 | together with instructions (in the manual page or equivalent) 1246 | on where to get the original distribution. 1247 | 1248 | b) accompany the distribution with the machine-readable source of 1249 | the software. 1250 | 1251 | c) give non-standard executables non-standard names, with 1252 | instructions on where to get the original software distribution. 1253 | 1254 | d) make other distribution arrangements with the author. 1255 | 1256 | 1257 | 4. You may modify and include the part of the software into any other 1258 | software (possibly commercial). But some files in the distribution 1259 | are not written by the author, so that they are not under this terms. 1260 | 1261 | They are gc.c(partly), utils.c(partly), regex.[ch], st.[ch] and some 1262 | files under the ./missing directory. See each file for the copying 1263 | condition. 1264 | 1265 | 1266 | 5. The scripts and library files supplied as input to or produced as 1267 | output from the software do not automatically fall under the 1268 | copyright of the software, but belong to whomever generated them, 1269 | and may be sold commercially, and may be aggregated with this 1270 | software. 1271 | 1272 | 1273 | 6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR 1274 | IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 1275 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 1276 | PURPOSE. 1277 | 1278 | 1279 | 1280 | 1281 | 1282 | --------------- SECTION 2: GNU General Public License, V3.0 ----------- 1283 | 1284 | GNU GENERAL PUBLIC LICENSE 1285 | Version 3, 29 June 2007 1286 | 1287 | Copyright (C) 2007 Free Software Foundation, Inc. 1288 | Everyone is permitted to copy and distribute verbatim copies 1289 | of this license document, but changing it is not allowed. 1290 | 1291 | Preamble 1292 | 1293 | The GNU General Public License is a free, copyleft license for 1294 | software and other kinds of works. 1295 | 1296 | The licenses for most software and other practical works are designed 1297 | to take away your freedom to share and change the works. By contrast, 1298 | the GNU General Public License is intended to guarantee your freedom to 1299 | share and change all versions of a program--to make sure it remains free 1300 | software for all its users. We, the Free Software Foundation, use the 1301 | GNU General Public License for most of our software; it applies also to 1302 | any other work released this way by its authors. You can apply it to 1303 | your programs, too. 1304 | 1305 | When we speak of free software, we are referring to freedom, not 1306 | price. Our General Public Licenses are designed to make sure that you 1307 | have the freedom to distribute copies of free software (and charge for 1308 | them if you wish), that you receive source code or can get it if you 1309 | want it, that you can change the software or use pieces of it in new 1310 | free programs, and that you know you can do these things. 1311 | 1312 | To protect your rights, we need to prevent others from denying you 1313 | these rights or asking you to surrender the rights. Therefore, you have 1314 | certain responsibilities if you distribute copies of the software, or if 1315 | you modify it: responsibilities to respect the freedom of others. 1316 | 1317 | For example, if you distribute copies of such a program, whether 1318 | gratis or for a fee, you must pass on to the recipients the same 1319 | freedoms that you received. You must make sure that they, too, receive 1320 | or can get the source code. And you must show them these terms so they 1321 | know their rights. 1322 | 1323 | Developers that use the GNU GPL protect your rights with two steps: 1324 | (1) assert copyright on the software, and (2) offer you this License 1325 | giving you legal permission to copy, distribute and/or modify it. 1326 | 1327 | For the developers' and authors' protection, the GPL clearly explains 1328 | that there is no warranty for this free software. For both users' and 1329 | authors' sake, the GPL requires that modified versions be marked as 1330 | changed, so that their problems will not be attributed erroneously to 1331 | authors of previous versions. 1332 | 1333 | Some devices are designed to deny users access to install or run 1334 | modified versions of the software inside them, although the manufacturer 1335 | can do so. This is fundamentally incompatible with the aim of 1336 | protecting users' freedom to change the software. The systematic 1337 | pattern of such abuse occurs in the area of products for individuals to 1338 | use, which is precisely where it is most unacceptable. Therefore, we 1339 | have designed this version of the GPL to prohibit the practice for those 1340 | products. If such problems arise substantially in other domains, we 1341 | stand ready to extend this provision to those domains in future versions 1342 | of the GPL, as needed to protect the freedom of users. 1343 | 1344 | Finally, every program is threatened constantly by software patents. 1345 | States should not allow patents to restrict development and use of 1346 | software on general-purpose computers, but in those that do, we wish to 1347 | avoid the special danger that patents applied to a free program could 1348 | make it effectively proprietary. To prevent this, the GPL assures that 1349 | patents cannot be used to render the program non-free. 1350 | 1351 | The precise terms and conditions for copying, distribution and 1352 | modification follow. 1353 | 1354 | TERMS AND CONDITIONS 1355 | 1356 | 0. Definitions. 1357 | 1358 | "This License" refers to version 3 of the GNU General Public License. 1359 | 1360 | "Copyright" also means copyright-like laws that apply to other kinds of 1361 | works, such as semiconductor masks. 1362 | 1363 | "The Program" refers to any copyrightable work licensed under this 1364 | License. Each licensee is addressed as "you". "Licensees" and 1365 | "recipients" may be individuals or organizations. 1366 | 1367 | To "modify" a work means to copy from or adapt all or part of the work 1368 | in a fashion requiring copyright permission, other than the making of an 1369 | exact copy. The resulting work is called a "modified version" of the 1370 | earlier work or a work "based on" the earlier work. 1371 | 1372 | A "covered work" means either the unmodified Program or a work based 1373 | on the Program. 1374 | 1375 | To "propagate" a work means to do anything with it that, without 1376 | permission, would make you directly or secondarily liable for 1377 | infringement under applicable copyright law, except executing it on a 1378 | computer or modifying a private copy. Propagation includes copying, 1379 | distribution (with or without modification), making available to the 1380 | public, and in some countries other activities as well. 1381 | 1382 | To "convey" a work means any kind of propagation that enables other 1383 | parties to make or receive copies. Mere interaction with a user through 1384 | a computer network, with no transfer of a copy, is not conveying. 1385 | 1386 | An interactive user interface displays "Appropriate Legal Notices" 1387 | to the extent that it includes a convenient and prominently visible 1388 | feature that (1) displays an appropriate copyright notice, and (2) 1389 | tells the user that there is no warranty for the work (except to the 1390 | extent that warranties are provided), that licensees may convey the 1391 | work under this License, and how to view a copy of this License. If 1392 | the interface presents a list of user commands or options, such as a 1393 | menu, a prominent item in the list meets this criterion. 1394 | 1395 | 1. Source Code. 1396 | 1397 | The "source code" for a work means the preferred form of the work 1398 | for making modifications to it. "Object code" means any non-source 1399 | form of a work. 1400 | 1401 | A "Standard Interface" means an interface that either is an official 1402 | standard defined by a recognized standards body, or, in the case of 1403 | interfaces specified for a particular programming language, one that 1404 | is widely used among developers working in that language. 1405 | 1406 | The "System Libraries" of an executable work include anything, other 1407 | than the work as a whole, that (a) is included in the normal form of 1408 | packaging a Major Component, but which is not part of that Major 1409 | Component, and (b) serves only to enable use of the work with that 1410 | Major Component, or to implement a Standard Interface for which an 1411 | implementation is available to the public in source code form. A 1412 | "Major Component", in this context, means a major essential component 1413 | (kernel, window system, and so on) of the specific operating system 1414 | (if any) on which the executable work runs, or a compiler used to 1415 | produce the work, or an object code interpreter used to run it. 1416 | 1417 | The "Corresponding Source" for a work in object code form means all 1418 | the source code needed to generate, install, and (for an executable 1419 | work) run the object code and to modify the work, including scripts to 1420 | control those activities. However, it does not include the work's 1421 | System Libraries, or general-purpose tools or generally available free 1422 | programs which are used unmodified in performing those activities but 1423 | which are not part of the work. For example, Corresponding Source 1424 | includes interface definition files associated with source files for 1425 | the work, and the source code for shared libraries and dynamically 1426 | linked subprograms that the work is specifically designed to require, 1427 | such as by intimate data communication or control flow between those 1428 | subprograms and other parts of the work. 1429 | 1430 | The Corresponding Source need not include anything that users 1431 | can regenerate automatically from other parts of the Corresponding 1432 | Source. 1433 | 1434 | The Corresponding Source for a work in source code form is that 1435 | same work. 1436 | 1437 | 2. Basic Permissions. 1438 | 1439 | All rights granted under this License are granted for the term of 1440 | copyright on the Program, and are irrevocable provided the stated 1441 | conditions are met. This License explicitly affirms your unlimited 1442 | permission to run the unmodified Program. The output from running a 1443 | covered work is covered by this License only if the output, given its 1444 | content, constitutes a covered work. This License acknowledges your 1445 | rights of fair use or other equivalent, as provided by copyright law. 1446 | 1447 | You may make, run and propagate covered works that you do not 1448 | convey, without conditions so long as your license otherwise remains 1449 | in force. You may convey covered works to others for the sole purpose 1450 | of having them make modifications exclusively for you, or provide you 1451 | with facilities for running those works, provided that you comply with 1452 | the terms of this License in conveying all material for which you do 1453 | not control copyright. Those thus making or running the covered works 1454 | for you must do so exclusively on your behalf, under your direction 1455 | and control, on terms that prohibit them from making any copies of 1456 | your copyrighted material outside their relationship with you. 1457 | 1458 | Conveying under any other circumstances is permitted solely under 1459 | the conditions stated below. Sublicensing is not allowed; section 10 1460 | makes it unnecessary. 1461 | 1462 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law. 1463 | 1464 | No covered work shall be deemed part of an effective technological 1465 | measure under any applicable law fulfilling obligations under article 1466 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or 1467 | similar laws prohibiting or restricting circumvention of such 1468 | measures. 1469 | 1470 | When you convey a covered work, you waive any legal power to forbid 1471 | circumvention of technological measures to the extent such circumvention 1472 | is effected by exercising rights under this License with respect to 1473 | the covered work, and you disclaim any intention to limit operation or 1474 | modification of the work as a means of enforcing, against the work's 1475 | users, your or third parties' legal rights to forbid circumvention of 1476 | technological measures. 1477 | 1478 | 4. Conveying Verbatim Copies. 1479 | 1480 | You may convey verbatim copies of the Program's source code as you 1481 | receive it, in any medium, provided that you conspicuously and 1482 | appropriately publish on each copy an appropriate copyright notice; 1483 | keep intact all notices stating that this License and any 1484 | non-permissive terms added in accord with section 7 apply to the code; 1485 | keep intact all notices of the absence of any warranty; and give all 1486 | recipients a copy of this License along with the Program. 1487 | 1488 | You may charge any price or no price for each copy that you convey, 1489 | and you may offer support or warranty protection for a fee. 1490 | 1491 | 5. Conveying Modified Source Versions. 1492 | 1493 | You may convey a work based on the Program, or the modifications to 1494 | produce it from the Program, in the form of source code under the 1495 | terms of section 4, provided that you also meet all of these conditions: 1496 | 1497 | a) The work must carry prominent notices stating that you modified 1498 | it, and giving a relevant date. 1499 | 1500 | b) The work must carry prominent notices stating that it is 1501 | released under this License and any conditions added under section 1502 | 7. This requirement modifies the requirement in section 4 to 1503 | "keep intact all notices". 1504 | 1505 | c) You must license the entire work, as a whole, under this 1506 | License to anyone who comes into possession of a copy. This 1507 | License will therefore apply, along with any applicable section 7 1508 | additional terms, to the whole of the work, and all its parts, 1509 | regardless of how they are packaged. This License gives no 1510 | permission to license the work in any other way, but it does not 1511 | invalidate such permission if you have separately received it. 1512 | 1513 | d) If the work has interactive user interfaces, each must display 1514 | Appropriate Legal Notices; however, if the Program has interactive 1515 | interfaces that do not display Appropriate Legal Notices, your 1516 | work need not make them do so. 1517 | 1518 | A compilation of a covered work with other separate and independent 1519 | works, which are not by their nature extensions of the covered work, 1520 | and which are not combined with it such as to form a larger program, 1521 | in or on a volume of a storage or distribution medium, is called an 1522 | "aggregate" if the compilation and its resulting copyright are not 1523 | used to limit the access or legal rights of the compilation's users 1524 | beyond what the individual works permit. Inclusion of a covered work 1525 | in an aggregate does not cause this License to apply to the other 1526 | parts of the aggregate. 1527 | 1528 | 6. Conveying Non-Source Forms. 1529 | 1530 | You may convey a covered work in object code form under the terms 1531 | of sections 4 and 5, provided that you also convey the 1532 | machine-readable Corresponding Source under the terms of this License, 1533 | in one of these ways: 1534 | 1535 | a) Convey the object code in, or embodied in, a physical product 1536 | (including a physical distribution medium), accompanied by the 1537 | Corresponding Source fixed on a durable physical medium 1538 | customarily used for software interchange. 1539 | 1540 | b) Convey the object code in, or embodied in, a physical product 1541 | (including a physical distribution medium), accompanied by a 1542 | written offer, valid for at least three years and valid for as 1543 | long as you offer spare parts or customer support for that product 1544 | model, to give anyone who possesses the object code either (1) a 1545 | copy of the Corresponding Source for all the software in the 1546 | product that is covered by this License, on a durable physical 1547 | medium customarily used for software interchange, for a price no 1548 | more than your reasonable cost of physically performing this 1549 | conveying of source, or (2) access to copy the 1550 | Corresponding Source from a network server at no charge. 1551 | 1552 | c) Convey individual copies of the object code with a copy of the 1553 | written offer to provide the Corresponding Source. This 1554 | alternative is allowed only occasionally and noncommercially, and 1555 | only if you received the object code with such an offer, in accord 1556 | with subsection 6b. 1557 | 1558 | d) Convey the object code by offering access from a designated 1559 | place (gratis or for a charge), and offer equivalent access to the 1560 | Corresponding Source in the same way through the same place at no 1561 | further charge. You need not require recipients to copy the 1562 | Corresponding Source along with the object code. If the place to 1563 | copy the object code is a network server, the Corresponding Source 1564 | may be on a different server (operated by you or a third party) 1565 | that supports equivalent copying facilities, provided you maintain 1566 | clear directions next to the object code saying where to find the 1567 | Corresponding Source. Regardless of what server hosts the 1568 | Corresponding Source, you remain obligated to ensure that it is 1569 | available for as long as needed to satisfy these requirements. 1570 | 1571 | e) Convey the object code using peer-to-peer transmission, provided 1572 | you inform other peers where the object code and Corresponding 1573 | Source of the work are being offered to the general public at no 1574 | charge under subsection 6d. 1575 | 1576 | A separable portion of the object code, whose source code is excluded 1577 | from the Corresponding Source as a System Library, need not be 1578 | included in conveying the object code work. 1579 | 1580 | A "User Product" is either (1) a "consumer product", which means any 1581 | tangible personal property which is normally used for personal, family, 1582 | or household purposes, or (2) anything designed or sold for incorporation 1583 | into a dwelling. In determining whether a product is a consumer product, 1584 | doubtful cases shall be resolved in favor of coverage. For a particular 1585 | product received by a particular user, "normally used" refers to a 1586 | typical or common use of that class of product, regardless of the status 1587 | of the particular user or of the way in which the particular user 1588 | actually uses, or expects or is expected to use, the product. A product 1589 | is a consumer product regardless of whether the product has substantial 1590 | commercial, industrial or non-consumer uses, unless such uses represent 1591 | the only significant mode of use of the product. 1592 | 1593 | "Installation Information" for a User Product means any methods, 1594 | procedures, authorization keys, or other information required to install 1595 | and execute modified versions of a covered work in that User Product from 1596 | a modified version of its Corresponding Source. The information must 1597 | suffice to ensure that the continued functioning of the modified object 1598 | code is in no case prevented or interfered with solely because 1599 | modification has been made. 1600 | 1601 | If you convey an object code work under this section in, or with, or 1602 | specifically for use in, a User Product, and the conveying occurs as 1603 | part of a transaction in which the right of possession and use of the 1604 | User Product is transferred to the recipient in perpetuity or for a 1605 | fixed term (regardless of how the transaction is characterized), the 1606 | Corresponding Source conveyed under this section must be accompanied 1607 | by the Installation Information. But this requirement does not apply 1608 | if neither you nor any third party retains the ability to install 1609 | modified object code on the User Product (for example, the work has 1610 | been installed in ROM). 1611 | 1612 | The requirement to provide Installation Information does not include a 1613 | requirement to continue to provide support service, warranty, or updates 1614 | for a work that has been modified or installed by the recipient, or for 1615 | the User Product in which it has been modified or installed. Access to a 1616 | network may be denied when the modification itself materially and 1617 | adversely affects the operation of the network or violates the rules and 1618 | protocols for communication across the network. 1619 | 1620 | Corresponding Source conveyed, and Installation Information provided, 1621 | in accord with this section must be in a format that is publicly 1622 | documented (and with an implementation available to the public in 1623 | source code form), and must require no special password or key for 1624 | unpacking, reading or copying. 1625 | 1626 | 7. Additional Terms. 1627 | 1628 | "Additional permissions" are terms that supplement the terms of this 1629 | License by making exceptions from one or more of its conditions. 1630 | Additional permissions that are applicable to the entire Program shall 1631 | be treated as though they were included in this License, to the extent 1632 | that they are valid under applicable law. If additional permissions 1633 | apply only to part of the Program, that part may be used separately 1634 | under those permissions, but the entire Program remains governed by 1635 | this License without regard to the additional permissions. 1636 | 1637 | When you convey a copy of a covered work, you may at your option 1638 | remove any additional permissions from that copy, or from any part of 1639 | it. (Additional permissions may be written to require their own 1640 | removal in certain cases when you modify the work.) You may place 1641 | additional permissions on material, added by you to a covered work, 1642 | for which you have or can give appropriate copyright permission. 1643 | 1644 | Notwithstanding any other provision of this License, for material you 1645 | add to a covered work, you may (if authorized by the copyright holders of 1646 | that material) supplement the terms of this License with terms: 1647 | 1648 | a) Disclaiming warranty or limiting liability differently from the 1649 | terms of sections 15 and 16 of this License; or 1650 | 1651 | b) Requiring preservation of specified reasonable legal notices or 1652 | author attributions in that material or in the Appropriate Legal 1653 | Notices displayed by works containing it; or 1654 | 1655 | c) Prohibiting misrepresentation of the origin of that material, or 1656 | requiring that modified versions of such material be marked in 1657 | reasonable ways as different from the original version; or 1658 | 1659 | d) Limiting the use for publicity purposes of names of licensors or 1660 | authors of the material; or 1661 | 1662 | e) Declining to grant rights under trademark law for use of some 1663 | trade names, trademarks, or service marks; or 1664 | 1665 | f) Requiring indemnification of licensors and authors of that 1666 | material by anyone who conveys the material (or modified versions of 1667 | it) with contractual assumptions of liability to the recipient, for 1668 | any liability that these contractual assumptions directly impose on 1669 | those licensors and authors. 1670 | 1671 | All other non-permissive additional terms are considered "further 1672 | restrictions" within the meaning of section 10. If the Program as you 1673 | received it, or any part of it, contains a notice stating that it is 1674 | governed by this License along with a term that is a further 1675 | restriction, you may remove that term. If a license document contains 1676 | a further restriction but permits relicensing or conveying under this 1677 | License, you may add to a covered work material governed by the terms 1678 | of that license document, provided that the further restriction does 1679 | not survive such relicensing or conveying. 1680 | 1681 | If you add terms to a covered work in accord with this section, you 1682 | must place, in the relevant source files, a statement of the 1683 | additional terms that apply to those files, or a notice indicating 1684 | where to find the applicable terms. 1685 | 1686 | Additional terms, permissive or non-permissive, may be stated in the 1687 | form of a separately written license, or stated as exceptions; 1688 | the above requirements apply either way. 1689 | 1690 | 8. Termination. 1691 | 1692 | You may not propagate or modify a covered work except as expressly 1693 | provided under this License. Any attempt otherwise to propagate or 1694 | modify it is void, and will automatically terminate your rights under 1695 | this License (including any patent licenses granted under the third 1696 | paragraph of section 11). 1697 | 1698 | However, if you cease all violation of this License, then your 1699 | license from a particular copyright holder is reinstated (a) 1700 | provisionally, unless and until the copyright holder explicitly and 1701 | finally terminates your license, and (b) permanently, if the copyright 1702 | holder fails to notify you of the violation by some reasonable means 1703 | prior to 60 days after the cessation. 1704 | 1705 | Moreover, your license from a particular copyright holder is 1706 | reinstated permanently if the copyright holder notifies you of the 1707 | violation by some reasonable means, this is the first time you have 1708 | received notice of violation of this License (for any work) from that 1709 | copyright holder, and you cure the violation prior to 30 days after 1710 | your receipt of the notice. 1711 | 1712 | Termination of your rights under this section does not terminate the 1713 | licenses of parties who have received copies or rights from you under 1714 | this License. If your rights have been terminated and not permanently 1715 | reinstated, you do not qualify to receive new licenses for the same 1716 | material under section 10. 1717 | 1718 | 9. Acceptance Not Required for Having Copies. 1719 | 1720 | You are not required to accept this License in order to receive or 1721 | run a copy of the Program. Ancillary propagation of a covered work 1722 | occurring solely as a consequence of using peer-to-peer transmission 1723 | to receive a copy likewise does not require acceptance. However, 1724 | nothing other than this License grants you permission to propagate or 1725 | modify any covered work. These actions infringe copyright if you do 1726 | not accept this License. Therefore, by modifying or propagating a 1727 | covered work, you indicate your acceptance of this License to do so. 1728 | 1729 | 10. Automatic Licensing of Downstream Recipients. 1730 | 1731 | Each time you convey a covered work, the recipient automatically 1732 | receives a license from the original licensors, to run, modify and 1733 | propagate that work, subject to this License. You are not responsible 1734 | for enforcing compliance by third parties with this License. 1735 | 1736 | An "entity transaction" is a transaction transferring control of an 1737 | organization, or substantially all assets of one, or subdividing an 1738 | organization, or merging organizations. If propagation of a covered 1739 | work results from an entity transaction, each party to that 1740 | transaction who receives a copy of the work also receives whatever 1741 | licenses to the work the party's predecessor in interest had or could 1742 | give under the previous paragraph, plus a right to possession of the 1743 | Corresponding Source of the work from the predecessor in interest, if 1744 | the predecessor has it or can get it with reasonable efforts. 1745 | 1746 | You may not impose any further restrictions on the exercise of the 1747 | rights granted or affirmed under this License. For example, you may 1748 | not impose a license fee, royalty, or other charge for exercise of 1749 | rights granted under this License, and you may not initiate litigation 1750 | (including a cross-claim or counterclaim in a lawsuit) alleging that 1751 | any patent claim is infringed by making, using, selling, offering for 1752 | sale, or importing the Program or any portion of it. 1753 | 1754 | 11. Patents. 1755 | 1756 | A "contributor" is a copyright holder who authorizes use under this 1757 | License of the Program or a work on which the Program is based. The 1758 | work thus licensed is called the contributor's "contributor version". 1759 | 1760 | A contributor's "essential patent claims" are all patent claims 1761 | owned or controlled by the contributor, whether already acquired or 1762 | hereafter acquired, that would be infringed by some manner, permitted 1763 | by this License, of making, using, or selling its contributor version, 1764 | but do not include claims that would be infringed only as a 1765 | consequence of further modification of the contributor version. For 1766 | purposes of this definition, "control" includes the right to grant 1767 | patent sublicenses in a manner consistent with the requirements of 1768 | this License. 1769 | 1770 | Each contributor grants you a non-exclusive, worldwide, royalty-free 1771 | patent license under the contributor's essential patent claims, to 1772 | make, use, sell, offer for sale, import and otherwise run, modify and 1773 | propagate the contents of its contributor version. 1774 | 1775 | In the following three paragraphs, a "patent license" is any express 1776 | agreement or commitment, however denominated, not to enforce a patent 1777 | (such as an express permission to practice a patent or covenant not to 1778 | sue for patent infringement). To "grant" such a patent license to a 1779 | party means to make such an agreement or commitment not to enforce a 1780 | patent against the party. 1781 | 1782 | If you convey a covered work, knowingly relying on a patent license, 1783 | and the Corresponding Source of the work is not available for anyone 1784 | to copy, free of charge and under the terms of this License, through a 1785 | publicly available network server or other readily accessible means, 1786 | then you must either (1) cause the Corresponding Source to be so 1787 | available, or (2) arrange to deprive yourself of the benefit of the 1788 | patent license for this particular work, or (3) arrange, in a manner 1789 | consistent with the requirements of this License, to extend the patent 1790 | license to downstream recipients. "Knowingly relying" means you have 1791 | actual knowledge that, but for the patent license, your conveying the 1792 | covered work in a country, or your recipient's use of the covered work 1793 | in a country, would infringe one or more identifiable patents in that 1794 | country that you have reason to believe are valid. 1795 | 1796 | If, pursuant to or in connection with a single transaction or 1797 | arrangement, you convey, or propagate by procuring conveyance of, a 1798 | covered work, and grant a patent license to some of the parties 1799 | receiving the covered work authorizing them to use, propagate, modify 1800 | or convey a specific copy of the covered work, then the patent license 1801 | you grant is automatically extended to all recipients of the covered 1802 | work and works based on it. 1803 | 1804 | A patent license is "discriminatory" if it does not include within 1805 | the scope of its coverage, prohibits the exercise of, or is 1806 | conditioned on the non-exercise of one or more of the rights that are 1807 | specifically granted under this License. You may not convey a covered 1808 | work if you are a party to an arrangement with a third party that is 1809 | in the business of distributing software, under which you make payment 1810 | to the third party based on the extent of your activity of conveying 1811 | the work, and under which the third party grants, to any of the 1812 | parties who would receive the covered work from you, a discriminatory 1813 | patent license (a) in connection with copies of the covered work 1814 | conveyed by you (or copies made from those copies), or (b) primarily 1815 | for and in connection with specific products or compilations that 1816 | contain the covered work, unless you entered into that arrangement, 1817 | or that patent license was granted, prior to 28 March 2007. 1818 | 1819 | Nothing in this License shall be construed as excluding or limiting 1820 | any implied license or other defenses to infringement that may 1821 | otherwise be available to you under applicable patent law. 1822 | 1823 | 12. No Surrender of Others' Freedom. 1824 | 1825 | If conditions are imposed on you (whether by court order, agreement or 1826 | otherwise) that contradict the conditions of this License, they do not 1827 | excuse you from the conditions of this License. If you cannot convey a 1828 | covered work so as to satisfy simultaneously your obligations under this 1829 | License and any other pertinent obligations, then as a consequence you may 1830 | not convey it at all. For example, if you agree to terms that obligate you 1831 | to collect a royalty for further conveying from those to whom you convey 1832 | the Program, the only way you could satisfy both those terms and this 1833 | License would be to refrain entirely from conveying the Program. 1834 | 1835 | 13. Use with the GNU Affero General Public License. 1836 | 1837 | Notwithstanding any other provision of this License, you have 1838 | permission to link or combine any covered work with a work licensed 1839 | under version 3 of the GNU Affero General Public License into a single 1840 | combined work, and to convey the resulting work. The terms of this 1841 | License will continue to apply to the part which is the covered work, 1842 | but the special requirements of the GNU Affero General Public License, 1843 | section 13, concerning interaction through a network will apply to the 1844 | combination as such. 1845 | 1846 | 14. Revised Versions of this License. 1847 | 1848 | The Free Software Foundation may publish revised and/or new versions of 1849 | the GNU General Public License from time to time. Such new versions will 1850 | be similar in spirit to the present version, but may differ in detail to 1851 | address new problems or concerns. 1852 | 1853 | Each version is given a distinguishing version number. If the 1854 | Program specifies that a certain numbered version of the GNU General 1855 | Public License "or any later version" applies to it, you have the 1856 | option of following the terms and conditions either of that numbered 1857 | version or of any later version published by the Free Software 1858 | Foundation. If the Program does not specify a version number of the 1859 | GNU General Public License, you may choose any version ever published 1860 | by the Free Software Foundation. 1861 | 1862 | If the Program specifies that a proxy can decide which future 1863 | versions of the GNU General Public License can be used, that proxy's 1864 | public statement of acceptance of a version permanently authorizes you 1865 | to choose that version for the Program. 1866 | 1867 | Later license versions may give you additional or different 1868 | permissions. However, no additional obligations are imposed on any 1869 | author or copyright holder as a result of your choosing to follow a 1870 | later version. 1871 | 1872 | 15. Disclaimer of Warranty. 1873 | 1874 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY 1875 | APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT 1876 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY 1877 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, 1878 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 1879 | PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM 1880 | IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF 1881 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 1882 | 1883 | 16. Limitation of Liability. 1884 | 1885 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 1886 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS 1887 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY 1888 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE 1889 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF 1890 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD 1891 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), 1892 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF 1893 | SUCH DAMAGES. 1894 | 1895 | 17. Interpretation of Sections 15 and 16. 1896 | 1897 | If the disclaimer of warranty and limitation of liability provided 1898 | above cannot be given local legal effect according to their terms, 1899 | reviewing courts shall apply local law that most closely approximates 1900 | an absolute waiver of all civil liability in connection with the 1901 | Program, unless a warranty or assumption of liability accompanies a 1902 | copy of the Program in return for a fee. 1903 | 1904 | END OF TERMS AND CONDITIONS 1905 | 1906 | How to Apply These Terms to Your New Programs 1907 | 1908 | If you develop a new program, and you want it to be of the greatest 1909 | possible use to the public, the best way to achieve this is to make it 1910 | free software which everyone can redistribute and change under these terms. 1911 | 1912 | To do so, attach the following notices to the program. It is safest 1913 | to attach them to the start of each source file to most effectively 1914 | state the exclusion of warranty; and each file should have at least 1915 | the "copyright" line and a pointer to where the full notice is found. 1916 | 1917 | 1918 | Copyright (C) 1919 | 1920 | This program is free software: you can redistribute it and/or modify 1921 | it under the terms of the GNU General Public License as published by 1922 | the Free Software Foundation, either version 3 of the License, or 1923 | (at your option) any later version. 1924 | 1925 | This program is distributed in the hope that it will be useful, 1926 | but WITHOUT ANY WARRANTY; without even the implied warranty of 1927 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 1928 | GNU General Public License for more details. 1929 | 1930 | You should have received a copy of the GNU General Public License 1931 | along with this program. If not, see . 1932 | 1933 | Also add information on how to contact you by electronic and paper mail. 1934 | 1935 | If the program does terminal interaction, make it output a short 1936 | notice like this when it starts in an interactive mode: 1937 | 1938 | Copyright (C) 1939 | This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 1940 | This is free software, and you are welcome to redistribute it 1941 | under certain conditions; type `show c' for details. 1942 | 1943 | The hypothetical commands `show w' and `show c' should show the appropriate 1944 | parts of the General Public License. Of course, your program's commands 1945 | might be different; for a GUI interface, you would use an "about box". 1946 | 1947 | You should also get your employer (if you work as a programmer) or school, 1948 | if any, to sign a "copyright disclaimer" for the program, if necessary. 1949 | For more information on this, and how to apply and follow the GNU GPL, see 1950 | . 1951 | 1952 | The GNU General Public License does not permit incorporating your program 1953 | into proprietary programs. If your program is a subroutine library, you 1954 | may consider it more useful to permit linking proprietary applications with 1955 | the library. If this is what you want to do, use the GNU Lesser General 1956 | Public License instead of this License. But first, please read 1957 | . 1958 | 1959 | 1960 | =========================================================================== 1961 | 1962 | To the extent any open source components are licensed under the 1963 | GPL and/or LGPL, or other similar licenses that require the 1964 | source code and/or modifications to source code to be made 1965 | available (as would be noted above), you may obtain a copy of 1966 | the source code corresponding to the binaries for such open 1967 | source components and modifications thereto, if any, (the 1968 | "Source Files"), by downloading the Source Files from VMware's website at 1969 | http://www.vmware.com/download/open_source.html, or by sending a request, with 1970 | your name and address to: VMware, Inc., 3401 Hillview Avenue, 1971 | Palo Alto, CA 94304,United States of America. All such 1972 | requests should clearly specify: OPEN SOURCE FILES REQUEST, 1973 | Attention General Counsel. VMware shall mail a copy of the 1974 | Source Files to you on a CD or equivalent physical medium. This 1975 | offer to obtain a copy of the Source Files is valid for three 1976 | years from the date you acquired this Software product. Alternatively, 1977 | the Source Files may accompany the VMware product. 1978 | 1979 | 1980 | 1981 | 1982 | [CFCFDOCS09012012NV021113] 1983 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | docs-ops-guide 2 | ========== 3 | 4 | Operator docs for Ops Manager v2.6 and earlier. 5 | 6 | **Note**: For Ops Manager v2.7 and later, these docs are located in [docs-ops-manager/opsguide](https://github.com/pivotal-cf/docs-ops-manager/tree/master/opsguide). 7 | 8 | ## Which book repos publish this repo? 9 | 10 | The [docs-book-pivotalcf](https://github.com/pivotal-cf/docs-partials) repo publishes this repo. 11 | 12 | ## Which branch to use? 13 | 14 | **Note**: Provide instructions in your PRs to indicate which branches you want Docs to apply your commits to. 15 | 16 | | Branch name | Use for… | 17 | |-------------| -------| 18 | | master | Not in use | 19 | | 2.6 | EOGS v2.6.x. | 20 | | 2.5 | EOGS v2.5.x. | 21 | | 2.4 | EOGS v2.4.x. | 22 | | 2.3 | EOGS v2.3.x.| 23 | | 2.2 | v2.2.x — PDFed: https://resources.docs.pivotal.io/pdfs/pcf-docs-2.2.pdf | 24 | | 2.1 | v2.1.x — PDFed: https://resources.docs.pivotal.io/pdfs/pcf-docs-2.1.pdf | 25 | | 2.0         | v2.0.x — PDFed: https://resources.docs.pivotal.io/pdfs/pcf-docs-2.0.pdf | 26 | | 1.12        | v2.0.x — PDFed: https://resources.docs.pivotal.io/pdfs/pcf-docs-2.0.pdf | 27 | | 1.11         | v2.0.x — PDFed: https://resources.docs.pivotal.io/pdfs/pcf-docs-2.0.pdf | 28 | | 1.10         | v2.0.x — PDFed: https://resources.docs.pivotal.io/pdfs/pcf-docs-2.0.pdf | 29 | | 1.9         | v2.0.x — PDFed: https://resources.docs.pivotal.io/pdfs/pcf-docs-2.0.pdf | 30 | 31 | ## Partials 32 | 33 | Cross-product and repo partials are single sourced from the [docs-partials](https://github.com/pivotal-cf/docs-partials) repo. 34 | 35 | ## Style Guide 36 | 37 | See [Word and Phrase List](https://docs.google.com/spreadsheets/d/1hkadtxR1hY57kK7h5HN4ITHLJleZixCDH_RJPUpNq_A/edit#gid=0). 38 | 39 | ## Steps for local development 40 | ``` 41 | $ git clone git@github.com:pivotal-cf/docs-layout-repo 42 | $ git clone git@github.com:pivotal-cf/docs-ops-guide 43 | $ cd docs-ops-guide && git checkout && cd - 44 | $ git clone git@github.com:pivotal-cf/docs-book-pivotalcf 45 | $ cd docs-book-pivotalcf && git checkout 46 | $ bundle install 47 | $ bundle exec bookbinder watch 48 | $ open http://127.0.0.1:XXXX/platform//customizing 49 | ``` 50 | -------------------------------------------------------------------------------- /_c2c_overlay.html.md.erb: -------------------------------------------------------------------------------- 1 | ## Configure the Overlay Network 2 | 3 | Container-to-container networking uses an overlay network to manage communication between app instances. By default, each Diego Cell in the overlay network is allocated a /24 range that supports 254 containers per Diego Cell, one container for each of the usable IP addresses, `.1` through `.254`. For more information about the overlay network, see [Overlay Network](../../concepts/understand-cf-networking.html#overlay-network) in _Container-to-Container Networking_. 4 | 5 | ### Configure the Number of Diego Cells 6 | 7 | To modify the number of Diego Cells supported by the overlay network: 8 | 9 | 1. Navigate to the <%= vars.ops_manager %> Installation Dashboard. 10 | 11 | 1. Click the <%= vars.app_runtime_abbr %> tile. 12 | 13 | 1. Select **Networking**. 14 | 15 | 1. Under **Overlay subnet**, enter an IP range for the overlay network. By default, <%= vars.ops_manager %> uses `10.255.0.0/16`. Modifying the subnet range allocated to the overlay network changes the number of Diego Cells supported in your deployment. 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 |
Overlay subnet maskNumber of Diego CellsContainers per Diego Cell
/2015254
/16255254
/124,095254
39 |

Warning: The overlay network IP address range must not conflict with any other IP addresses in the network. If a conflict exists, Diego Cells cannot reach any endpoint that has a conflicting IP address.

40 | -------------------------------------------------------------------------------- /_default_asg.html.md.erb: -------------------------------------------------------------------------------- 1 | <%= vars.app_runtime_abbr %> defines one default ASG, `default_security_group`. This group allows all outbound traffic from app containers on public and private networks except for the link-local range, `169.254.0.0/16`, which is blocked. 2 | 3 |

Warning: For security, <%= vars.app_runtime_abbr %> admins must modify the default ASGs so that outbound network traffic cannot access internal components. For more information, see Restricting App Access to Internal <%= vars.platform_name %> Components.

4 | 5 | The ASG is defined in the Cloud Controller configuration as follows: 6 | 7 | ``` 8 | security_group_definitions: 9 | - name: default_security_group 10 | rules: 11 | - protocol: all 12 | destination: 0.0.0.0-169.253.255.255 13 | - protocol: all 14 | destination: 169.255.0.0-255.255.255.255 15 | ``` 16 | -------------------------------------------------------------------------------- /_gorouter_client_cert_pcf.html.md.erb: -------------------------------------------------------------------------------- 1 | To configure Gorouter behavior for handling client certificates, select one of the options in the **Gorouter behavior for client certificate validation** field of the **Networking** pane in the <%= vars.app_runtime_abbr %> tile: 2 | 3 | * **The Gorouter does not request client certificates:** Client certificates are not requested, so the client does not provide them, and validation of client certificates does not occur. This option is incompatible with the **TLS termination point** options **HAProxy** and **Gorouter** because these options require mutual authentication. 4 | 5 | * **The Gorouter requests but does not require client certificates:** The Gorouter requests client certificates in TLS handshakes and validates them when presented, but does not require them. This is the default configuration. 6 | 7 | * **The Gorouter requires client certificates:** The Gorouter validates that the client certificate is signed by a Certificate Authority that the Gorouter trusts. If the Gorouter cannot validate the client certificate, the TLS handshake fails. 8 | 9 | The behavior controlled by this property is global, meaning it applies to all requests received by Gorouters so configured. 10 | 11 | If the Gorouter is the first point of TLS termination - that is, your load balancer does not terminate TLS, and passes the request through to Gorouter over TCP - consider: 12 | 13 | * You should use only **The Gorouter does not request client certificates** with <%= vars.app_runtime_abbr %>, as the Gorouters in <%= vars.app_runtime_abbr %> receive requests for the system domain. Many clients of <%= vars.platform_name %> platform APIs do not present client certificates in TLS handshakes, so the first point of TLS termination for requests to the system domain must not request them. 14 | 15 | * You may use any of the Gorouter behavior options for Gorouters deployed with the <%= vars.segment_runtime_full %> tile, as these only receive requests for app domains. 16 | 17 | * **The Gorouter requests but does not require client certificates** and **The Gorouter requires client certificates** trigger browsers to prompt users to select a certificate if the browser is not already configured with a certificate signed by one of the CAs configured for the Gorouter. 18 | 19 | If the Gorouter is not the first point of TLS termination, this property can be used to secure communications between the load balancer and Gorouter. The Gorouter must be configured with the CA used to sign the client certification the load balancer presents. 20 | 21 |

Warning: Requests to the platform fail upon upgrade if your load balancer is configured to present a client certificate in the TLS handshake with the Gorouter but the Gorouter has not been configured with the CA used to sign it. To mitigate this issue, select The Gorouter does not request client certificates or configure the Gorouter with the appropriate CA.

22 | -------------------------------------------------------------------------------- /_lb_health_check.html.md.erb: -------------------------------------------------------------------------------- 1 | <%= vars.app_runtime_full %> (<%= vars.app_runtime_abbr %>) uses these properties: 2 | 3 | * **Unhealthy threshold**: Specifies the amount of time, in seconds, that the Gorouter continues to accept connections before shutting down. During this period, the health check reports `unhealthy` to cause load balancers to fail over to other Gorouters. You should set this value greater than or equal to the maximum amount of time it could take your load balancer to consider a Gorouter instance unhealthy, given contiguous failed health checks. 4 | 5 | * **Healthy threshold**: Specifies the amount of time, in seconds, to wait until declaring the Gorouter instance started. This allows an external load balancer time to register the instance as `healthy`. 6 | 7 | You can configure these properties from the **Networking** pane of the <%= vars.app_runtime_abbr %> tile. For more information, see [Configure Networking](../customizing/configure-pas.html#networking) in _Configuring <%= vars.app_runtime_abbr %>_. 8 | -------------------------------------------------------------------------------- /_pcf_sharding.html.md.erb: -------------------------------------------------------------------------------- 1 | You can configure Gorouter sharding for isolation segments depending on your use case: 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 18 | 19 | 20 | 21 | 22 | 28 | 29 |
Use CaseDescriptionHow to Configure
Securing apps that run in an isolation segmentTo provide security guarantees in addition to the firewall rules described above, you can configure sharding of the Gorouter's routing table, resulting in a Gorouter dedicated to an isolation segment that only recognizes routes for apps in the same isolation segment. 13 |
    14 |
  1. In the Networking pane of the <%= vars.app_runtime_full %> (<%= vars.app_runtime_abbr %>) tile, enable the Gorouters reject requests for isolation segments checkbox.
    2. 15 |
  2. Set the Gorouter sharding mode in the <%= vars.segment_runtime_full %> tile to Isolation segment only.
    3. 16 |
17 |
Deploying additional Gorouters for <%= vars.app_runtime_abbr %>The flexibility of the configuration also supports deployment of a Gorouter that excludes all isolation segments. 23 |
    24 |
  1. In the Networking pane of the <%= vars.app_runtime_abbr %> tile, enable the Gorouters reject requests for isolation segments checkbox.
    2. 25 |
  2. Set the Gorouter sharding mode in the <%= vars.segment_runtime_full %> tile to No isolation segment.
    3. 26 |
27 |
30 | 31 |

Note: For compute isolation only, you can leave the Gorouters reject requests for isolation segments checkbox disabled. This is the default setting, which does not require any additional Gorouters for the <%= vars.segment_runtime_full %> tile.

32 | -------------------------------------------------------------------------------- /_ssl_termin_gorouter_lb_pcf.html.md.erb: -------------------------------------------------------------------------------- 1 | To configure SSL termination on the Gorouter and load balancer in <%= vars.app_runtime_abbr %>: 2 | 3 | 1. Create an A record in your DNS that points to your load balancer IP address. The A record associates the **System domain** and **Apps domain** that you configure in the **Domains** pane of the <%= vars.app_runtime_abbr %> tile with the IP address of your load balancer. 4 |
5 |
6 | For example, with `<%= vars.product_name_lc %>.example.com` as the main subdomain for your <%= vars.platform_name %> deployment and a load balancer IP address `198.51.100.1`, you must create an A record in your DNS that serves `example.com` and points `*.<%= vars.product_name_lc %>` to `198.51.100.1`. 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 |
NameTypeDataDomain
*.<%= vars.product_name_lc %>A198.51.100.1example.com
22 | 23 | 1. Navigate to the <%= vars.ops_manager %> Installation Dashboard. 24 | 25 | 1. Click the <%= vars.app_runtime_abbr %> tile. 26 | 27 | 1. Select **Networking**. 28 | 29 | 1. For <%= vars.app_runtime_abbr %> deployments on OpenStack or vSphere, choose IP addresses for the Gorouters from the subnet configured for <%= vars.ops_manager %> and enter them in the **Gorouter IPs** field. Then configure your load balancer to forward requests for the above domains to these IP addresses. For more information, see [Configure Networking](../customizing/configure-pas.html#networking) in _Configuring <%= vars.app_runtime_abbr %>_. 30 | 31 | 1. In the **Certificates and private keys for the Gorouter and HAProxy** field, click the **Add** button to define at least one certificate keypair for the Gorouter and HAProxy. For each certificate keypair that you add, assign a name, enter the PEM-encoded certificate chain and PEM-encoded private key. You can either upload your own certificate or generate an RSA certificate in <%= vars.app_runtime_abbr %>. For options and instructions on creating a certificate for your wildcard domains, see [Creating a Wildcard Certificate for <%= vars.platform_name %> Deployments](https://docs.pivotal.io/application-service/operating/security_config.html#create_or_obtain_certs) in _Providing a Certificate for Your TLS Termination Point_. 32 | 33 | 1. Under **Minimum version of TLS supported by the Gorouter and HAProxy**, select the minimum version of TLS to use in HAProxy and Gorouter communications. The Gorouter uses TLS v1.2 by default. If you need to accommodate clients that use an older version of TLS, select a lower minimum version. For a list of TLS ciphers supported by the Gorouter, see [Cipher Suites](#ciphers). 34 | 35 | 1. If you are using HAProxy: 36 | 1. Under **TLS termination point**, select **Infrastructure load balancer**. 37 | 1. Under **HAProxy forwards requests to the Gorouter over TLS**, select **Enable**. 38 | 1. In the **Certificate authority for HAProxy back end** field, specify the certificate authority (CA) that signed the certificate you configured in the **Certificate and private key for the Gorouter and HAProxy** field. 39 |

Note: If you used the **Generate RSA Certificate** link to generate a self-signed certificate, then the CA to specify is the <%= vars.ops_manager %> CA, which you can locate using the /api/v0/certificate_authorities endpoint in the <%= vars.ops_manager %> API.

40 | 1. To use a specific set of TLS ciphers for HAProxy, configure **TLS cipher suites for HAProxy**. Enter an ordered, colon-separated list of TLS cipher suites in the OpenSSL format. For example, if you have selected support for an earlier version of TLS, you can enter cipher suites supported by this version. Otherwise, leave the default values in this field. 41 | 1. Proceed to step 11. 42 | 43 | 1. To use a specific set of TLS ciphers for the Gorouter, configure **TLS cipher suites for the Gorouter**. Enter an ordered, colon-separated list of TLS cipher suites in the OpenSSL format. For example, if you have selected support for an earlier version of TLS, enter cipher suites supported by this version. For a list of TLS ciphers supported by the Gorouter, see [Cipher Suites](#ciphers). Otherwise, leave the default values in this field. 44 | 45 | 1. If you are not using HAProxy: 46 | 1. Under **TLS termination point**, select any of the available options depending on your client app needs. For more information about XFCC header forwarding, see [Forward Client Certificate to Apps](../concepts/http-routing.html#forward-client-cert) in _HTTP Routing_. 47 | 1. Under **HAProxy forwards requests to the Gorouter over TLS**, select **Disable**. 48 | 1. In the <%= vars.app_runtime_abbr %> tile, select **Resource Config**. 49 | 1. In the **Instances** dropdown for the **HAProxy** job, select `0` instances. 50 | 1. Click **Save**. 51 | 52 | 1. (Optional) If you are not using SSL encryption or if you are using self-signed certificates, you can select the **Disable SSL certificate verification for this environment** checkbox. Selecting this checkbox also disables SSL verification for route services. 53 |

Note: Select this checkbox only for development and testing environments. Do not select it for production environments.

54 | 55 | 1. (Optional) If you do not want the Gorouter to accept any non-encrypted HTTP traffic, select the **Disable HTTP on the Gorouter and HAProxy** checkbox. 56 | 57 | 1. Click **Save**. 58 | 59 | 1. After you complete the configuration in <%= vars.app_runtime_abbr %>, add your certificate or certificates to your load balancer and configure its listening port. The procedures vary depending on your IaaS. 60 | 61 | 1. Configure your load balancer to append the `X-Forwarded-For` and `X-Forwarded-Proto` headers to client requests. 62 |
If you cannot configure the load balancer to provide the `X-Forwarded-For` header, the Gorouter appends it in requests forwarded to apps and system components, set to the IP address of the load balancer. 63 |

Note: If the load balancer accepts unencrypted requests, it must provide the X-Forwarded-Proto header. Conversely, if the load balancer cannot be configured to send the X-Forwarded-Proto header, it should not accept unencrypted requests. Otherwise, apps and platform system components that require encrypted client requests accept unencrypted requests when they should not accept them.

64 | -------------------------------------------------------------------------------- /_ssl_termin_gorouter_pcf.html.md.erb: -------------------------------------------------------------------------------- 1 | To configure SSL termination on the Gorouter in <%= vars.app_runtime_abbr %>: 2 | 3 | 1. Configure your load balancer to pass through TCP requests from the client to the Gorouter. 4 | 5 | 1. Navigate to the <%= vars.ops_manager %> Installation Dashboard. 6 | 7 | 1. Click the <%= vars.app_runtime_abbr %> tile. 8 | 9 | 1. Select **Networking**. 10 | 11 | 1. For <%= vars.app_runtime_abbr %> deployments on OpenStack or vSphere, choose IP addresses for the Gorouters from the subnet configured for <%= vars.ops_manager %> and enter them in the **Gorouter IPs** field. Then configure your load balancer to forward requests for the above domains to these IP addresses. For more information, see [Configure Networking](../customizing/configure-pas.html#networking) in _Configuring <%= vars.app_runtime_abbr %>_. 12 | 13 | 1. In the **Certificates and private keys for the Gorouter and HAProxy** field, click the **Add** button to define at least one certificate keypair for the Gorouter and HAProxy. For each certificate keypair you add, assign a name, enter the PEM-encoded certificate chain and PEM-encoded private key. You can either upload your own certificate or generate an RSA certificate in <%= vars.app_runtime_abbr %>. For options and instructions on creating a certificate for your wildcard domains, see [Creating a Wildcard Certificate for <%= vars.platform_name %> Deployments](https://docs.pivotal.io/application-service/operating/security_config.html#create_or_obtain_certs) in _Providing a Certificate for Your TLS Termination Point_. 14 | 15 | 1. In the **Minimum version of TLS supported by the Gorouter and HAProxy**, select the minimum version of TLS to use in Gorouter communications. The Gorouter uses TLS v1.2 by default. If you need to accommodate clients that use an older version of TLS, select a lower minimum version. For a list of TLS ciphers supported by the Gorouter, see [Cipher Suites](#ciphers). 16 | 17 | 1. Under **TLS termination point**, select **Gorouter**. 18 | 19 | 1. To use a specific set of TLS ciphers for the Gorouter, configure **TLS cipher suites for the Gorouter**. Enter an ordered, colon-separated list of TLS cipher suites in the OpenSSL format. For example, if you have selected support for an earlier version of TLS, enter cipher suites supported by this version. For a list of TLS ciphers supported by the Gorouter, see [Cipher Suites](#ciphers). Otherwise, leave the default values in this field. 20 | 21 | 1. Under **HAProxy forwards requests to the Gorouter over TLS**, select **Disable**. 22 | 23 | 1. (Optional) If you are not using SSL encryption or if you are using self-signed certificates, you can select the **Disable SSL certificate verification for this environment** checkbox. Selecting this checkbox also disables SSL verification for route services. 24 |

Note: Select this checkbox only for development and testing environments. Do not select it for production environments.

25 | 26 | 1. (Optional) If you do not want the Gorouter to accept any non-encrypted HTTP traffic, select the **Disable HTTP on the Gorouter and HAProxy** checkbox. 27 | 28 | 1. Click **Save**. 29 | 30 | 1. Select **Resource Config**. 31 | 32 | 1. In the **Instances** dropdown for the **HAProxy** job, select `0` instances. 33 | 34 | 1. Click **Save**. 35 | -------------------------------------------------------------------------------- /_ssl_termin_haproxy_pcf.html.md.erb: -------------------------------------------------------------------------------- 1 | To configure SSL termination on HAProxy in <%= vars.app_runtime_abbr %>: 2 | 3 | 1. Navigate to the <%= vars.ops_manager %> Installation Dashboard. 4 | 5 | 1. Click the <%= vars.app_runtime_abbr %> tile. 6 | 7 | 1. Select **Networking**. 8 | 9 | 1. Configure these fields based on the IaaS of your <%= vars.app_runtime_abbr %> deployment: 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 34 | 35 | 36 | 37 | 44 | 45 | 46 |
If your <%= vars.app_runtime_abbr %> deployment is on:Then configure:See also:
OpenStack or vSphereDecide whether you want your HAProxy to be highly available. 19 |
    20 |
  • If you need highly available HAProxy: 21 |
      22 |
    1. Choose an IP address for each HAProxy instance on the subnet where you deployed <%= vars.app_runtime_abbr %>.
      2. 23 |
    2. In the **HAProxy IPs** field of the **Networking** pane, enter the IP addresses you have selected for your HAProxy instances.
      3. 24 |
    3. Configure your load balancer, such as F5 or NSX, to forward domain names to the HAProxy IP addresses.
      4. 25 |
    26 |
  • If you do not require high availability, such as if you are setting up a development environment: 27 |
      28 |
    1. Skip setting up the load balancer.
      2. 29 |
    2. Choose one IP address for the single HAProxy instance.
      3. 30 |
    3. Configure DNS to point at the IP address. For more information, see [How to Set Up DNS for HAProxy](#haproxy_dns).
      4. 31 |
    32 |
33 | 		For more information, see [Configure Networking](../customizing/configure-pas.html#networking) in _Configuring <%= vars.app_runtime_abbr %>_.
AWS, GCP, or Azure 38 |
    39 |
  1. Leave the HAProxy IP address blank.
    2. 40 |
  2. In the **Resource Config** pane, locate the HAProxy job.
    3. 41 |
  3. In the **Load Balancer** column for the HAProxy job, specify the appropriate IaaS load balancer resource.
    4. 42 |
43 | 		For more information, see [Configure Networking](../customizing/configure-pas.html#networking) in _Configuring <%= vars.app_runtime_abbr %>_.
47 | 48 | 1. In the **Certificates and private keys for the Gorouter and HAProxy** field, click the **Add** button to define at least one certificate keypair for the Gorouter and HAProxy. For each certificate keypair that you add, assign a name, enter the PEM-encoded certificate chain and PEM-encoded private key. You can either upload your own certificate or generate an RSA certificate in <%= vars.app_runtime_abbr %>. For options and instructions on creating a certificate for your wildcard domains, see [Creating a Wildcard Certificate for <%= vars.app_runtime_abbr %> Deployments](https://docs.pivotal.io/application-service/operating/security_config.html#create_or_obtain_certs) in _Providing a Certificate for Your TLS Termination Point_. 49 | 50 | 1. In the **Minimum version of TLS supported by the Gorouter and HAProxy**, select the minimum version of TLS to use in HAProxy communications. HAProxy use TLS v1.2 by default. If you need to accommodate clients that use an older version of TLS, select a lower minimum version. For a list of TLS ciphers supported by the HAProxy, see [TLS Cipher Suites](https://docs.pivotal.io/platform/<%= vars.current_major_version %>/security/networking/tls-info.html#ciphers) in _TLS Connections in <%= vars.platform_name %>_. 51 | 52 | 1. Under **HAProxy forwards requests to the Gorouter over TLS**, leave **Enable** selected and provide the back end certificate authority. 53 | 54 | 1. To use a specific set of TLS ciphers for HAProxy, configure **TLS cipher suites for HAProxy**. Enter an ordered, colon-separated list of TLS cipher suites in the OpenSSL format. For example, if you have selected support for an earlier version of TLS, enter cipher suites supported by this version. For a list of TLS ciphers supported by the HAProxy, see [TLS Cipher Suites](https://docs.pivotal.io/platform/<%= vars.current_major_version %>/security/networking/tls-info.html#ciphers) in _TLS Connections in <%= vars.platform_name %>_. 55 | 56 | 1. If you expect requests larger than the default maximum of 16.384 KB, enter a new value in bytes for **HAProxy request maximum buffer size**. You may need to do this, for example, to support apps that embed a large cookie or query string values in headers. 57 | 58 | 1. (Optional) To force browsers to use HTTPS when making requests to HAProxy, select **Enable** in the **HAProxy support for HSTS** field and complete these fields: 59 | * **Maximum age** in seconds for the HSTS request. HAProxy forces HTTPS requests from browsers for the duration of this setting. The maximum age is one year, or 31536000 seconds. 60 | * Enable the **Include subdomains** checkbox to force browsers to use HTTPS requests for all component subdomains. 61 | * Select the **Enable preload** checkbox to force instances of Google Chrome, Firefox, and Safari that access your HAProxy to refer to their built-in lists of known hosts that require HTTPS, of which HAProxy is one. This ensures that the first contact a browser has with your HAProxy is an HTTPS request, even if the browser has not yet received an HSTS header from HAProxy. 62 | 63 | 1. (Optional) If you are not using SSL encryption or if you are using self-signed certificates, you can select the **Disable SSL certificate verification for this environment** checkbox. This also disables SSL verification for route services. 64 |

Note: Select this checkbox only for development and testing environments. Do not select it for production environments.

65 | 66 | 1. (Optional) If you do not want the Gorouter to accept any non-encrypted HTTP traffic, select the **Disable HTTP on the Gorouter and HAProxy** checkbox. 67 | 68 | 1. Under **TLS termination point**, select **Infrastructure load balancer**. 69 | 70 | 1. (Optional) If your <%= vars.app_runtime_abbr %> deployment uses HAProxy and you want it to receive traffic only from specific sources, configure these fields: 71 | * **HAProxy protected domains**: Enter a comma-separated list of domains from which <%= vars.app_runtime_abbr %> can receive traffic. 72 | * (Optional) **HAProxy trusted CIDRs**: Enter a space-separated list of CIDRs to limit which IP addresses from the protected domains can send traffic to <%= vars.app_runtime_abbr %>. 73 | 74 | 1. Click **Save**. 75 | -------------------------------------------------------------------------------- /_ssl_termin_lb_only_pcf.html.md.erb: -------------------------------------------------------------------------------- 1 | To configure SSL termination on the load balancer only in <%= vars.app_runtime_abbr %>: 2 | 3 | 1. Create an A record in your DNS that points to your load balancer IP address. The A record associates the **System domain** and **Apps domain** that you configure in the **Domains** pane of the <%= vars.app_runtime_abbr %> tile with the IP address of your load balancer. 4 |
5 |
6 | For example, with `<%= vars.product_name_lc %>.example.com` as the main subdomain for your <%= vars.platform_name %> deployment and a load balancer IP address `198.51.100.1`, you must create an A record in your DNS that serves `example.com` and points `*.<%= vars.product_name_lc %>` to `198.51.100.1`. 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 |
NameTypeDataDomain
*.<%= vars.product_name_lc %>A198.51.100.1example.com
22 | 23 | 1. Navigate to the <%= vars.ops_manager %> Installation Dashboard. 24 | 25 | 1. Click the <%= vars.app_runtime_abbr %> tile. 26 | 27 | 1. Select **Networking**. 28 | 29 | 1. For <%= vars.app_runtime_abbr %> deployments on OpenStack or vSphere, choose IP addresses for the Gorouters from the subnet configured for <%= vars.ops_manager %> and enter them in the **Gorouter IPs** field. Then configure your load balancer to forward requests for the above domains to these IP addresses. For more information, see [Configure Networking](../customizing/configure-pas.html#networking) in _Configuring <%= vars.app_runtime_abbr %>_. 30 | 31 | 1. In the **Certificates and private keys for the Gorouter and HAProxy** field, click the **Add** button to define one certificate keypair for the Gorouter and HAProxy. Since you have opted for unencrypted traffic behind the load balancer, then you can generate an RSA certificate in <%= vars.app_runtime_abbr %>. 32 | 33 | 1. In the **Minimum version of TLS supported by the Gorouter and HAProxy**, select the minimum version of TLS to use in HAProxy communications. HAProxy use TLS v1.2 by default. If you need to accommodate clients that use an older version of TLS, select a lower minimum version. For a list of TLS ciphers supported by the HAProxy, see [Cipher Suites](#ciphers). 34 | 35 | 1. Under **TLS termination point**, select **Infrastructure load balancer**. 36 | 37 | 1. To use a specific set of TLS ciphers for HAProxy, configure **TLS cipher suites for HAProxy**. Enter an ordered, colon-separated list of TLS cipher suites in the OpenSSL format. For example, if you have selected support for an earlier version of TLS, enter cipher suites supported by this version. Otherwise, leave the default values in this field. 38 | 39 | 1. Under **HAProxy forwards all requests to the Gorouter over TLS**, select **Disable**. 40 | 41 | 1. (Optional) If you are not using SSL encryption or if you are using self-signed certificates, you can select the **Disable SSL certificate verification for this environment** checkbox. Selecting this checkbox also disables SSL verification for route services. 42 |

Note: Select this checkbox only for development and testing environments. Do not select it for production environments.

43 | 44 | 1. (Optional) If you do not want the Gorouter to accept any non-encrypted HTTP traffic, enable the **Disable HTTP on the Gorouter and HAProxy** checkbox. 45 | 46 | 1. Click **Save**. 47 | 48 | 1. After you complete the configuration in <%= vars.app_runtime_abbr %>, add your certificate or certificates to your load balancer and configure its listening port. The procedures vary depending on your IaaS. 49 | 50 | 1. Configure your load balancer to append the `X-Forwarded-For` and `X-Forwarded-Proto` headers to client requests. 51 |
If the load balancer cannot be configured to provide the `X-Forwarded-For` header, the Gorouter appends it in requests forwarded to apps and system components, set to the IP address of the load balancer. 52 |

Note: If the load balancer accepts unencrypted requests, it must provide the X-Forwarded-Proto header. Conversely, if the load balancer cannot be configured to send the X-Forwarded-Proto header, it should not accept unencrypted requests. Otherwise, apps and platform system components that require encrypted client requests accept unencrypted requests when they should not accept them.

53 | -------------------------------------------------------------------------------- /_tasks_rec_alloc_pcf.html.md.erb: -------------------------------------------------------------------------------- 1 | The default memory and disk allocations are defined using the **Default App Memory** and **Default Disk Quota per App** fields. These fields are available in the **App Developer Controls** pane of the <%= vars.app_runtime_full %> (<%= vars.app_runtime_abbr %>) tile. 2 | -------------------------------------------------------------------------------- /_tcp_port_review.html.md.erb: -------------------------------------------------------------------------------- 1 | To configure your ports for your <%= vars.app_runtime_abbr %> deployment, enable TCP routing in <%= vars.app_runtime_abbr %>. For more information, see [Configure Networking](../customizing/configure-pas.html#networking) in _Configuring <%= vars.app_runtime_abbr %>_. 2 | -------------------------------------------------------------------------------- /adfs-sso-configuration.html.md.erb: -------------------------------------------------------------------------------- 1 | --- 2 | title: Configuring AD FS as an Identity Provider 3 | owner: Identity 4 | --- 5 | 6 | This topic describes configuring Active Directory Federation Services (AD FS) as your identity provider (IDP) in <%= vars.platform_name %> and AD FS. 7 | 8 | 9 | ## Configure SAML Integration in <%= vars.platform_name %> 10 | 11 | You can use AD FS as your SAML IDP for <%= vars.ops_manager_full %> and <%= vars.app_runtime_full %> (<%= vars.app_runtime_abbr %>). 12 | 13 | * To use AD FS as your SAML IDP for <%= vars.ops_manager %>, follow these procedures: 14 | * [Configure SAML Integration in <%= vars.ops_manager %>](#ops-man) 15 | * [Configure SAML Integration in AD FS](#adfs) 16 | 17 | * To use AD FS as your SAML IDP for <%= vars.app_runtime_abbr %>, follow these procedures: 18 | * [Configure SAML Integration in <%= vars.app_runtime_abbr %>](#pas) 19 | * [Configure SAML Integration in AD FS](#adfs) 20 | 21 | ### Configure SAML Integration in <%= vars.ops_manager %> 22 | 23 | To configure <%= vars.ops_manager %> to use AD FS as your SAML IDP: 24 | 25 | 1. Download your IDP metadata from `https://AD-FS-HOSTNAME/federationmetadata/2007-06/federationmetadata.xml`, where `AD-FS-HOSTNAME` is the hostname of your AD FS deployment. 26 | 27 | 1. Follow the procedure in _Use an Identity Provider_ in the BOSH Director configuration topic for your IaaS: 28 | * [Configuring BOSH Director on AWS](/platform/ops-manager/<%= vars.current_major_version %>/aws/config-manual.html#idp) 29 | * [Configuring BOSH Director on Azure Manually](/platform/ops-manager/<%= vars.current_major_version %>/azure/config-manual.html#idp) 30 | * [Configuring BOSH Director on GCP](/platform/ops-manager/<%= vars.current_major_version %>/gcp/config-manual.html#idp) 31 | * [Configuring BOSH Director on OpenStack](/platform/ops-manager/<%= vars.current_major_version %>/openstack/config.html#idp) 32 | * [Configuring BOSH Director on vSphere](/platform/ops-manager/<%= vars.current_major_version %>/vsphere/config.html#idp) 33 | 34 |

Note: You can set up SAML access for <%= vars.ops_manager %> during the initial <%= vars.platform_name %> installation or later by navigating to Settings in the user menu in the <%= vars.ops_manager %> Installation Dashboard, configuring the Authentication Method pane, and then clicking Review Pending Changes and Apply Changes.

35 | 36 | ### Configure SAML Integration in <%= vars.app_runtime_abbr %> 37 | 38 | To configure <%= vars.app_runtime_abbr %> to use AD FS as your SAML IDP: 39 | 40 | 1. Download your IDP metadata from `https://AD-FS-HOSTNAME/federationmetadata/2007-06/federationmetadata.xml`, where `AD-FS-HOSTNAME` is the hostname of your AD FS deployment. 41 | 42 | 1. Follow the procedure in [Configure <%= vars.platform_name %> as a Service Provider for SAML](auth-sso.html#configure-pcf-for-saml) in _Configuring Authentication and Enterprise SSO for <%= vars.app_runtime_abbr %>_. 43 | 44 | 45 | ## Configure SAML Integration in AD FS 46 | 47 | To designate <%= vars.platform_name %> as your SAML service provider (SP) in AD FS: 48 | 49 | 1. Download your SP metadata from `https://login.SYSTEM-DOMAIN/saml/metadata`, where `SYSTEM-DOMAIN` is the system domain of your <%= vars.platform_name %> deployment. 50 | 51 | 1. Open your **ADFS Management** console. 52 | 53 | 1. To add a relying party trust: 54 | 1. Select **Actions**. 55 | 1. Click **Add Relying Party Trust...**. 56 | 1. On the Welcome step, click **Start**. 57 | 1. Select **Import data about the relying party from a file**. 58 | 1. Choose the downloaded SP metadata file. 59 | 1. Click **Next**. 60 | 1. Enter a **Display name** for the new relying party trust. 61 | 1. Click **Next**. 62 | 1. Leave the default multi-factor authentication selection. 63 | 1. Click **Next**. 64 | 1. Select **Permit all users to access this relying party**. 65 | 1. Click **Next**. 66 | 1. Review your settings. 67 | 1. Click **Next**. 68 | 1. Click **Close** to finish the wizard. 69 | 70 | 1. To modify your relying party trust: 71 | 1. Double-click the new relying party trust. 72 | 1. Select the **Encryption** tab. 73 | 1. Click **Remove** to remove the encryption certificate you imported. 74 | 1. Select the **Advanced** tab. 75 | 1. For the **Secure hash algorithm**, select **SHA256**. 76 | 77 | 1. (Optional) If you are using a self-signed certificate and want to disable CRL checks: 78 | 1. Open **Windows Powershell** as an Administrator. 79 | 1. Run: 80 | 81 | ``` 82 | set-ADFSRelyingPartyTrust -TargetName "RELYING-PARTY-TRUST" -SigningCertificateRevocationCheck None 83 | ``` 84 | Where `RELYING-PARTY-TRUST` is the relying party trust for which you want to disable CRL checks. 85 | 86 | 1. To add claim rules for your relying party trust, select your relying party trust and click **Edit Claim Rules...**. 87 | 88 | 1. In the **Issuance Transform Rules** tab, create two claim rules: 89 | 1. Click **Add Rule**. 90 | 1. For **Claim rule template**, select **Send LDAP Attributes as Claims**. 91 | 1. Click **Next**. 92 | 1. Enter a **Claim rule name**. 93 | 1. For **Attribute store**, select **Active Directory**. 94 | 1. For **LDAP Attribute**, select **E-Mail-Addresses**. If you do not have the email attribute configured for users, you can select **User-Principle-Name**. 95 | 1. For **Outgoing Claim Type**, select **E-Mail Address**. 96 | 1. Click **Finish**. 97 |

98 | 1. Click **Add Rule**. 99 | 1. For **Claim rule template**, select **Transform an Incoming Claim**. 100 | 1. Click **Next**. 101 | 1. Enter a **Claim rule name**. 102 | 1. For **Incoming claim type**, select **E-Mail Address**. 103 | 1. For **Outgoing claim type**, select **Name ID**. 104 | 1. For **Outgoing name ID format**, select **Email**. 105 | 1. Click **Finish**. 106 | 107 | 1. To permit access to users based on a security group: 108 | 1. Select the **Issuance Authorization Rules** tab. 109 | 1. Click **Add Rule**. 110 | 1. For **Claim rule template**, select **Permit or Deny Users Based on an Incoming Claim**. 111 | 1. Click **Next**. 112 | 1. Enter a **Claim rule name**. 113 | 1. For **Incoming claim type**, select **Group SID**. 114 | 1. Click **Browse**. 115 | 1. Locate the security group in your domain of which <%= vars.platform_name %> developers are a part. 116 | 1. Click **OK**. 117 | 1. Ensure **Permit access to users with this incoming claim** is selected. 118 | 1. Click **Finish**. 119 | -------------------------------------------------------------------------------- /auditing-ops-man.html.md.erb: -------------------------------------------------------------------------------- 1 | --- 2 | title: Auditing Ops Manager User Activity 3 | owner: Ops Man 4 | --- 5 | 6 | This topic describes how operators can audit the activity of <%= vars.ops_manager_full %> users. The sections in this topic define the relevant logs for auditing user activity and describe how to access and forward the logs. 7 | 8 | 9 | ## Overview 10 | 11 | You can audit <%= vars.ops_manager %> user activity to help improve security practices in your environment. Auditing user activity also helps you ensure that your environment is compliant with existing security standards. 12 | 13 | For example, you can view the timestamp of any requests made in the <%= vars.ops_manager %> UI as well as the username of the user that made the request. 14 | 15 | You can find relevant information for auditing user activity in <%= vars.ops_manager %> in the following <%= vars.ops_manager %> logs: 16 | 17 | * SSH login logs. For more information, see [Logs for Auditing User Activity](#logs). 18 | 19 | * UAA login and failed UAA login logs. For more information, see [Logs for Auditing User Activity](#logs). 20 | 21 | * The <%= vars.ops_manager %> `audit_log.txt` file. For more information, see [Audit Logs Text File](#audit-logs-text-file). 22 | 23 | 24 | ## Access Logs on the <%= vars.ops_manager %> VM 25 | 26 | You can access logs for auditing user activity by logging on to the <%= vars.ops_manager %> VM using SSH. 27 | 28 | To access logs for auditing user activity: 29 | 30 | 1. SSH onto the <%= vars.ops_manager %> VM using your private SSH key. 31 | 32 | 1. Navigate to the location of the logs and open or preview the log file. For example, to view the `audit_log.txt` file, run: 33 | 34 | ``` 35 | cat /var/log/opsmanager/audit_log.txt 36 | ``` 37 | 38 | 39 | ## Logs for Auditing User Activity 40 | 41 | The table below describes the types of user actions that you can audit with logs and the location of the logs. 42 | 43 | For information about how to access the logs in this table, see [Access Logs on the <%= vars.ops_manager %> VM](#access-logs). 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 62 | 63 | 64 | 65 | 66 | 67 | 74 | 75 | 76 | 77 | 78 | 79 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 |
User ActionDescriptionLocation of LogsExample Log Trace
SSH loginsUser logs on to the <%= vars.ops_manager %> VM with SSH./var/log/auth.log 57 | 58 | 2019-06-20T21:58:50.864147+00:00 HOSTNAME sshd[18028]: Accepted publickey for USERNAME from IPADDRESS port PORT ssh2: RSA SHA256:SIGNATURE 59 | 2019-06-20T21:58:50.865750+00:00 HOSTNAME sshd[18028]: pam_unix(sshd:session): session 60 | 61 |
UAA loginsUser logs in to <%= vars.ops_manager %> through UAA./home/tempest-web/uaa/
tomcat/logs/uaa.log		 68 | 69 | [2019-08-01 07:57:45.830] uaa - 5320 [http-nio-127.0.0.1-8080-exec-7] .... INFO --- Audit: IdentityProviderAuthenticationSuccess ('admin'): principal=1df75be4-7875-4e7e-97fa-fe76dbff4a41, origin=[remoteAddress=127.0.0.1, sessionId=], identityZoneId=[uaa], authenticationType=[uaa] 70 | [2019-08-01 07:57:45.832] uaa - 5320 [http-nio-127.0.0.1-8080-exec-7] .... INFO --- Audit: UserAuthenticationSuccess ('admin'): principal=1df75be4-7875-4e7e-97fa-fe76dbff4a41, origin=[remoteAddress=127.0.0.1, sessionId=], identityZoneId=[uaa] 71 | ... 72 | 73 |
Failed UAA loginsUser makes failed login attempt through UAA./home/tempest-web/uaa/
tomcat/logs/uaa.log		 80 | 81 | [2019-07-31 23:13:48.437] uaa - 1184 [http-nio-127.0.0.1-8080-exec-5] .... INFO --- Audit: IdentityProviderAuthenticationFailure ('admin'): principal=null, origin=[remoteAddress=209.234.137.222, sessionId=], identityZoneId=[uaa], authenticationType=[uaa] 82 | [2019-07-31 23:13:48.438] uaa - 1184 [http-nio-127.0.0.1-8080-exec-5] .... INFO --- Audit: UserAuthenticationFailure ('admin'): principal=2bdf7f2a-862d-47d7-bf7f-ba92da6850c0, origin=[remoteAddress=209.234.137.222, sessionId=], identityZoneId=[uaa] 83 | ... 84 | 85 |
User requestsUser makes requests in the <%= vars.ops_manager %> app. The audit_log.txt file includes metadata about user requests in the <%= vars.ops_manager %> app./var/log/opsmanager/
audit_log.txt		For information about the properties in the audit_log.txt file, see <%= vars.ops_manager %> Audit Logs Text File.
94 | 95 | 96 | ## Audit Logs Text File 97 | 98 | The <%= vars.ops_manager %> `audit_log.txt` file includes metadata about actions taken by users in the <%= vars.ops_manager %> app in JSON format. 99 | 100 | Below is an example of the content in the `audit_log.txt` file: 101 | 102 | ``` 103 | { 104 | "timestamp":"2019-07-13T00:43:08.783+00:00", 105 | "component":"<%= vars.ops_manager %> 2.7.0-build.87", 106 | "component_scheme":"https", 107 | "component_host":"<%= vars.product_name_lc %>.example.opsmanager.cf-app.com", 108 | "component_port":443, 109 | "result":200, 110 | "target":"/proxy_settings", 111 | "event_type":"PUT", 112 | "origination":"123.456.789", 113 | "user_identification":"admin", 114 | "uaa_authentication_mechanism":"uaa", 115 | "request_body":{ 116 | "authenticity_token":"[FILTERED]", 117 | "proxy_settings":{ 118 | "http_proxy":"http://example.com", 119 | "https_proxy":"https://example.com", 120 | "no_proxy":"1.2.3.4" 121 | } 122 | } 123 | } 124 | ``` 125 | 126 | The table below describes the properties in the `audit_log.txt` file and provides example values for each property: 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 209 | 210 |
User Action PropertyDescriptionExample Value
user_identificationThe username or client ID that submitted a request.admin
uaa_authentication_mechanismThe authentication method used to make the request. 142 |

143 | (unauthenticated) for unauthenticated requests, uaa for a UAA user login, or client_authenticated for an API-only client.		uaa
originationThe IP address that made the request to the server.198.10.1.25
timestampThe time that the server received the request.2019-07-21 08:34:00
targetThe relative URL path associated with the request./infrastructure/director/resource_config/edit
event_typeThe HTTP verb associated with the request.GET
resultThe HTTP response code associated with the request. 169 |

170 | Results beginning with 2 indicate a successful request. Results beginning with 4 indicate a failed request due to user error. Results beginning with 5 indicate a server error.		200
componentThe version of <%= vars.ops_manager %> on which the request was made.<%= vars.ops_manager %> 2.7.0-build.234
component_schemeThe transport protocol used for the request.HTTPS
component_hostThe domain name used for the request.<%= vars.product_name_lc %>.ops-manager-domain.com
component_portThe port used for the request.443
request_bodyA JSON object that contains the contents of the query paramaters, request body, and routing parameters for the request. Any credentials sent within the request are replaced with the value [FILTERED]. Any file uploads are excluded. 197 | 198 | { "authenticity_token": "[FILTERED]", 199 | "director_configuration": { 200 | "ntp_servers_string": "ntp-server", 201 | "encryption": { 202 | "keys": "[FILTERED]" 203 | }, 204 | "blobstore_type": "local" 205 | } 206 | } 207 | 208 |
211 | 212 | 213 | ## Forward Logs 214 | 215 | You can forward some <%= vars.ops_manager %> logs using syslog forwarding. This allows you to forward logs to a syslog server or other third-party destination for storage and analysis. 216 | 217 | These logs contain relevant information for auditing user activity and can be forwarded using syslog forwarding: 218 | 219 | * `audit_log.txt` 220 | * `uaa.log` 221 | * `uaa_events.logs` 222 | 223 | When syslog forwarding is enabled, <%= vars.ops_manager %> automatically forwards BOSH Director access events. These events allow you to audit BOSH Director access and the execution of BOSH CLI commands. For more information about BOSH Director access events, see [Logging API Access](https://bosh.io/docs/director-access-events/) in the BOSH documentation. 224 | 225 | For more information about syslog forwarding in <%= vars.ops_manager %>, see [Syslog](../customizing/pcf-interface.html#syslog) in _Using the <%= vars.ops_manager %> Interface_. 226 | -------------------------------------------------------------------------------- /config-rbac.html.md.erb: -------------------------------------------------------------------------------- 1 | --- 2 | title: Configuring Role-Based Access Control (RBAC) in Ops Manager 3 | owner: Ops Manager 4 | --- 5 | 6 | This topic describes how to customize role-based access control (RBAC) in <%= vars.ops_manager_full %>. 7 | 8 | 9 | ## Overview 10 | 11 | You can use RBAC to manage which operators in your organization can make deployment changes, view credentials, and manage user roles in <%= vars.ops_manager %>. 12 | 13 | For information about configuring <%= vars.ops_manager %> to use internal authentication or SAML authentication, see the BOSH Manager configuration topic for your IaaS: 14 | 15 | * [Configuring BOSH Director on AWS](/platform/ops-manager/<%= vars.current_major_version %>/aws/config-terraform.html#access-om) 16 | 17 | * [Configuring BOSH Director on Azure Manually](/platform/ops-manager/<%= vars.current_major_version %>/azure/config-manual.html#access-om) 18 | 19 | * [Configuring BOSH Director on GCP](/platform/ops-manager/<%= vars.current_major_version %>/gcp/config-manual.html#access-om) 20 | 21 | * [Configuring BOSH Director on OpenStack](/platform/ops-manager/<%= vars.current_major_version %>/openstack/config.html#log-in) 22 | 23 | * [Configuring BOSH Director on vSphere](/platform/ops-manager/<%= vars.current_major_version %>/vsphere/config.html#set-up) 24 | 25 | 26 | ## Roles in <%= vars.ops_manager %> 27 | 28 | The diagram below illustrates the roles you can assign to determine which operators in your organization make deployment changes, view credentials, and manage user roles in <%= vars.ops_manager %>: 29 | 30 | Ops Manager roles diagram 31 | 32 | <%= vars.ops_manager %> admins can use these roles to meet the security needs of their organization. The roles provide a range of privileges that are appropriate for different types of users. For example, assign either **Restricted Control** or **Restricted View** to an operator to prevent access to all <%= vars.ops_manager %> credentials. 33 | 34 | For more information about each role, see the table below: 35 | 36 | | <%= vars.ops_manager %> Role | Role Definition | UAA Scope | 37 | | ---------------------------- | --------------- | --------- | 38 | | **<%= vars.ops_manager %> Administrator** | Admins can make configuration changes and click **Review Pending Changes** and **Apply Changes** in <%= vars.ops_manager %>, view credentials in the **Credentials** tab and <%= vars.ops_manager %> API endpoints, change the authentication method, and assign roles to other operators. | `opsman.admin` | 39 | | **Full Control** | Operators can make configuration changes and click **Review Pending Changes** and **Apply Changes** in <%= vars.ops_manager %>, and view credentials in the **Credentials** tab and <%= vars.ops_manager %> API endpoints. | `opsman.full_control` | 40 | | **Restricted Control** | Operators can make configuration changes and click **Review Pending Changes** and **Apply Changes** in <%= vars.ops_manager %>. They cannot view credentials in the **Credentials** tab or <%= vars.ops_manager %> API endpoints. | `opsman.restricted_control` | 41 | | **Full View** | Operators can view <%= vars.ops_manager %> configuration settings and view credentials in the **Credentials** tab and <%= vars.ops_manager %> API endpoints. They cannot make configuration changes or click **Apply Changes**. | `opsman.full_view` | 42 | | **Restricted View** | Operators can view <%= vars.ops_manager %> configuration settings. They cannot make configuration changes or view credentials in the **Credentials** tab or <%= vars.ops_manager %> API endpoints. | `opsman.restricted_view` | 43 | 44 | To assign one of the above roles to an operator, see [Manage Roles with Internal Authentication](#write-internal) or [Manage Roles with SAML Authentication](#write-saml). 45 | 46 | When you install a new <%= vars.ops_manager %> instance, all existing users have the <%= vars.ops_manager %> Administrator role by default. 47 | 48 | 49 | ## Simultaneous <%= vars.ops_manager %> Admins 50 | 51 | <%= vars.ops_manager %> allows multiple admins to log in to <%= vars.ops_manager %> simultaneously and make changes. 52 | 53 | The interface does not provide visibility to other admins that are logged in. <%= vars.recommended_by %> recommends that admins communicate with each other and coordinate their changes. 54 | 55 | ### Precedence for Apply Changes 56 | 57 | Only one deployment takes precedence when two admins try to deploy around the same time. 58 | 59 | If two admins are working at the same time, the admin who first clicks **Apply Changes** takes precedence. <%= vars.ops_manager %> overwrites all configurations made by other admins during deployment. 60 | 61 | <%= vars.recommended_by %> recommends coordinating changes between admins to avoid overwriting configurations. 62 | 63 |

Note: If you are having deployment issues or changes to your <%= vars.ops_manager %> are not persisting correctly, confirm that your work is not conflicting with an automated admin.

64 | 65 | 66 | ## Enable RBAC in <%= vars.ops_manager %> After Upgrade 67 | 68 | When you install a new instance of <%= vars.ops_manager %>, RBAC is permanently enabled by default. 69 | 70 | If your organization has operators who are devoted to managing certain services like VMware Tanzu SQL [MySQL], you can use RBAC to assign those services operators a more restricted role. 71 | 72 | If you upgrade from an older <%= vars.ops_manager %> instance, you must enable RBAC and assign roles to users before they can access <%= vars.ops_manager %>. If you do not assign any roles to a user, they cannot log in to <%= vars.ops_manager %>. 73 | 74 |

Warning: Do not assign roles before you enable RBAC.

75 | 76 | ### Enable RBAC with Internal Authentication 77 | 78 | If you are upgrading from an older version of <%= vars.ops_manager %> and use internal authentication: 79 | 80 | 1. Log in to the <%= vars.ops_manager %> Installation Dashboard. 81 | 82 | 1. From the user account menu, click **Settings**. 83 | 84 | 1. Click **Advanced**. 85 | 86 | 1. Click **Enable RBAC**. When the confirmation dialog box appears, click **Confirm and Logout**. 87 |
Notes: 88 |
    89 |
  • Enabling RBAC is permanent. You cannot undo this action. When you upgrade <%= vars.ops_manager %>, your RBAC settings remain configured.
    • 90 |
  • This dialog box does not appear if RBAC is already configured. With new instances of <%= vars.ops_manager %>, RBAC is permanently configured by default.
    • 91 | 92 |
93 | 94 | ### Enable RBAC with SAML Authentication 95 | 96 | If you are upgrading from an older version of <%= vars.ops_manager %> and use SAML authentication, follow the procedures in these sections to enable RBAC. To enable RBAC in <%= vars.ops_manager %> when using SAML authentication, you must configure groups in SAML for admins and non-admins and then map the admin group to <%= vars.ops_manager %>. 97 | 98 | #### Step 1: Configure SAML Groups 99 | 100 | To gather information from your SAML dashboard: 101 | 102 | 1. Log in to your SAML provider dashboard. 103 | 104 | 1. Create or identify the name of the SAML group that contains <%= vars.ops_manager %> admin users. 105 | 106 | 1. Identify the groups attribute tag you configured for your SAML server. 107 | 108 | #### Step 2: Enable RBAC in <%= vars.ops_manager %> 109 | 110 | Follow the procedure in [Enable RBAC with Internal Authentication](#enable-internal) to configure <%= vars.ops_manager %> to recognize your SAML admin user group. 111 | 112 |

Note: When RBAC is enabled, only users with the <%= vars.ops_manager %> Administrator role can edit SAML configuration.

113 | 114 | 115 | ## Create User Accounts in <%= vars.ops_manager %> 116 | 117 | To assign RBAC roles to operators, you must first create user accounts for them. For more information about creating user accounts in <%= vars.ops_manager %> with the User Account and Authentication (UAA) module, see [Creating and Managing <%= vars.ops_manager %> User Accounts](../customizing/opsman-users.html). 118 | 119 | In addition to user accounts, you can create a client account to add to <%= vars.ops_manager %>. Client accounts manage automation tasks, such as upgrade scripts, log management, and other behaviors that might be negatively impacted if managed by a user account. You can add a client account either before initial deployment or to an existing deployment. 120 | 121 | For more information about client accounts, see [Creating and Managing <%= vars.ops_manager %> User and Client Accounts](../customizing/opsman-users.html). 122 | 123 | 124 | ## Manage RBAC Roles in <%= vars.ops_manager %> 125 | 126 | You can assign the roles defined in [Roles in <%= vars.ops_manager %>](#about) to determine which operators in your organization make deployment changes, view credentials, and manage user roles in <%= vars.ops_manager %>. 127 | 128 | ### Manage Roles with Internal Authentication 129 | 130 | If you configured <%= vars.ops_manager %> to use internal authentication, you can configure roles using the UAA Command Line Interface (UAAC). For more information, see [Creating and Managing Users with the UAA CLI (UAAC)](../uaa/uaa-user-management.html). 131 | 132 | To use the UAAC to configure roles: 133 | 134 | 1. Target your UAA server and log in as an admin by running: 135 | 136 | ``` 137 | uaac target https://OPS-MANAGER-DOMAIN/uaa 138 | uaac token owner get 139 | ``` 140 | Where `OPS-MANAGER-DOMAIN` is the domain of your <%= vars.ops_manager %> deployment. 141 | 142 | 1. When prompted, enter these credentials, leaving **Client secret** blank: 143 | 144 | ``` 145 | Client ID: opsman 146 | Client secret: 147 | User name: USERNAME 148 | Password: PASSWORD 149 | ``` 150 | Where: 151 | * `USERNAME` is your username. 152 | * `PASSWORD` is your password. 153 | 154 | 1. To assign a role to a user, run one of these commands: 155 | * **<%= vars.ops_manager %> Administrator:** 156 | 157 | ``` 158 | uaac member add opsman.admin USERNAME 159 | ``` 160 | Where `USERNAME` is the user to which you want to assign the role. 161 | * **Full Control:** 162 | 163 | ``` 164 | uaac member add opsman.full_control USERNAME 165 | ``` 166 | Where `USERNAME` is the user to which you want to assign the role. 167 | * **Restricted Control:** 168 | 169 | ``` 170 | uaac member add opsman.restricted_control USERNAME 171 | ``` 172 | Where `USERNAME` is the user to which you want to assign the role. 173 | * **Full View:** 174 | 175 | ``` 176 | uaac member add opsman.full_view USERNAME 177 | ``` 178 | Where `USERNAME` is the user to which you want to assign the role. 179 | * **Restricted View:** 180 | 181 | ``` 182 | uaac member add opsman.restricted_view USERNAME 183 | ``` 184 | Where `USERNAME` is the user to which you want to assign the role. 185 | 186 | ### Manage Roles with SAML Authentication 187 | 188 | If you configured <%= vars.ops_manager %> with SAML authentication, you can assign non-admin user roles using UAAC. To assign non-admin user roles: 189 | 190 | 1. Target your UAA server and log in as an admin by running: 191 | 192 | ``` 193 | uaac target https://OPS-MANAGER-DOMAIN/uaa 194 | uaac token sso get 195 | ``` 196 | Where `OPS-MANAGER-DOMAIN` is the domain of your <%= vars.ops_manager %> deployment. 197 | 198 | 1. When prompted, enter **Client ID** and **Passcode**, leaving **Client secret** blank: 199 | 200 | ``` 201 | Client ID: opsman 202 | Client secret: 203 | Passcode: UAA-PASSCODE 204 | ``` 205 | Where `UAA-PASSCODE` is the passcode you retrieved in the previous step. 206 | 207 | 1. Run: 208 | 209 | ``` 210 | uaac group map SAML-GROUP --name 'OPS-MANAGER-SCOPE' --origin 'saml' 211 | ``` 212 | Where: 213 | * `SAML-GROUP` is the name of the SAML group to which the user belongs. 214 | * `OPS-MANAGER-SCOPE` is the <%= vars.ops_manager %> UAA scope you want to assign to the user. To determine which UAA scope to use, see the table in [Roles in <%= vars.ops_manager %>](#about). 215 | 216 | 1. Add new and existing users to the appropriate SAML groups in the SAML provider dashboard. Users must log out of both <%= vars.ops_manager %> and the SAML provider for role changes to take effect. 217 | 218 | ### Manage Roles with LDAP Authentication 219 | 220 | If you configured <%= vars.ops_manager %> with LDAP authentication, you can assign non-admin user roles using UAAC. To assign non-admin user roles: 221 | 222 | 1. Target your UAA server and log in as an admin by running: 223 | 224 | ``` 225 | uaac target https://OPS-MANAGER-DOMAIN/uaa 226 | uaac token sso get 227 | ``` 228 | Where `OPS-MANAGER-DOMAIN` is the domain of your <%= vars.ops_manager %> deployment. 229 | 230 | 1. When prompted, enter **Client ID** and **Passcode**, leaving **Client secret** blank: 231 | 232 | ``` 233 | Client ID: opsman 234 | Client secret: 235 | Passcode: UAA-PASSCODE 236 | ``` 237 | Where `UAA-PASSCODE` is the passcode you retrieved in the previous step. 238 | 239 | 1. Run: 240 | 241 | ``` 242 | uaac group map LDAP-GROUP --name 'OPS-MANAGER-SCOPE' 243 | ``` 244 | Where: 245 | * `LDAP-GROUP` is the name of the LDAP group to which the user belongs. 246 | * `OPS-MANAGER-SCOPE` is the <%= vars.ops_manager %> UAA scope you want to assign to the user. To determine which UAA scope to use, see the table in [Roles in <%= vars.ops_manager %>](#about). 247 | 248 | 1. Add new and existing users to the appropriate LDAP groups in the LDAP provider dashboard. Users must log out of both <%= vars.ops_manager %> and the LDAP provider for role changes to take effect. 249 | -------------------------------------------------------------------------------- /images/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/.DS_Store -------------------------------------------------------------------------------- /images/ADFS-PCF-SSO-Runbook.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/ADFS-PCF-SSO-Runbook.pdf -------------------------------------------------------------------------------- /images/CASM-PivotalCloudFoundryFederationRunbook-ver1.0.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/CASM-PivotalCloudFoundryFederationRunbook-ver1.0.pdf -------------------------------------------------------------------------------- /images/PingFederate-PCF-SSO-Runbook.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/PingFederate-PCF-SSO-Runbook.pdf -------------------------------------------------------------------------------- /images/accounting-report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/accounting-report.png -------------------------------------------------------------------------------- /images/add-key.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/add-key.png -------------------------------------------------------------------------------- /images/app-usage-service.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/app-usage-service.png -------------------------------------------------------------------------------- /images/cloud-controller.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/cloud-controller.png -------------------------------------------------------------------------------- /images/config-apps-man.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/config-apps-man.png -------------------------------------------------------------------------------- /images/config_tab.psd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/config_tab.psd -------------------------------------------------------------------------------- /images/credhub-db-internal-external.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/credhub-db-internal-external.png -------------------------------------------------------------------------------- /images/credhub-external-db-config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/credhub-external-db-config.png -------------------------------------------------------------------------------- /images/credhub-hsm-config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/credhub-hsm-config.png -------------------------------------------------------------------------------- /images/credhub-hsm-provider-servers.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/credhub-hsm-provider-servers.png -------------------------------------------------------------------------------- /images/credhub.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/credhub.png -------------------------------------------------------------------------------- /images/custombranding.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/custombranding.png -------------------------------------------------------------------------------- /images/custombranding2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/custombranding2.png -------------------------------------------------------------------------------- /images/custombranding3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/custombranding3.png -------------------------------------------------------------------------------- /images/diego/aws-ami.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/aws-ami.png -------------------------------------------------------------------------------- /images/diego/aws-console-home.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/aws-console-home.png -------------------------------------------------------------------------------- /images/diego/cert-warning.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/cert-warning.png -------------------------------------------------------------------------------- /images/diego/config-sec-group.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/config-sec-group.png -------------------------------------------------------------------------------- /images/diego/create-remote-desktop.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/create-remote-desktop.png -------------------------------------------------------------------------------- /images/diego/diego-resources.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/diego-resources.png -------------------------------------------------------------------------------- /images/diego/diego-tile.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/diego-tile.png -------------------------------------------------------------------------------- /images/diego/director-public-ip.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/director-public-ip.png -------------------------------------------------------------------------------- /images/diego/disable-acceptance-tests.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/disable-acceptance-tests.png -------------------------------------------------------------------------------- /images/diego/ec2-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/ec2-dashboard.png -------------------------------------------------------------------------------- /images/diego/ec2-instances.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/ec2-instances.png -------------------------------------------------------------------------------- /images/diego/enable-diego-docker.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/enable-diego-docker.png -------------------------------------------------------------------------------- /images/diego/image1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/image1.jpg -------------------------------------------------------------------------------- /images/diego/image3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/image3.png -------------------------------------------------------------------------------- /images/diego/image5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/image5.png -------------------------------------------------------------------------------- /images/diego/install-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/install-dashboard.png -------------------------------------------------------------------------------- /images/diego/instance-details.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/instance-details.png -------------------------------------------------------------------------------- /images/diego/instance-type.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/instance-type.png -------------------------------------------------------------------------------- /images/diego/key-pair.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/key-pair.png -------------------------------------------------------------------------------- /images/diego/log-shared-secret.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/log-shared-secret.png -------------------------------------------------------------------------------- /images/diego/review-launch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/review-launch.png -------------------------------------------------------------------------------- /images/diego/ssh-key.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/ssh-key.png -------------------------------------------------------------------------------- /images/diego/windows-password-key-pair.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/windows-password-key-pair.png -------------------------------------------------------------------------------- /images/diego/windows-password.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/windows-password.png -------------------------------------------------------------------------------- /images/diego/windows-private-ip.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/diego/windows-private-ip.png -------------------------------------------------------------------------------- /images/docker-registry-ert.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/docker-registry-ert.png -------------------------------------------------------------------------------- /images/docker-registry-ops-man.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/docker-registry-ops-man.png -------------------------------------------------------------------------------- /images/domains.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/domains.png -------------------------------------------------------------------------------- /images/edit-vm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/edit-vm.png -------------------------------------------------------------------------------- /images/enable-log-cache.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/enable-log-cache.png -------------------------------------------------------------------------------- /images/er-config-app-containers.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/er-config-app-containers.png -------------------------------------------------------------------------------- /images/er-config-app-vol-svc-smb.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/er-config-app-vol-svc-smb.png -------------------------------------------------------------------------------- /images/er-config-app-vol-svc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/er-config-app-vol-svc.png -------------------------------------------------------------------------------- /images/er-config-auth-enterprise-sso-uaa.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/er-config-auth-enterprise-sso-uaa.png -------------------------------------------------------------------------------- /images/er17-config-authsso-ldap.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/er17-config-authsso-ldap.png -------------------------------------------------------------------------------- /images/er17-config-authsso-saml.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/er17-config-authsso-saml.png -------------------------------------------------------------------------------- /images/er_network.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/er_network.png -------------------------------------------------------------------------------- /images/ert_haproxy_certs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/ert_haproxy_certs.png -------------------------------------------------------------------------------- /images/file_menu.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/file_menu.png -------------------------------------------------------------------------------- /images/firewall.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/firewall.png -------------------------------------------------------------------------------- /images/format_page.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/format_page.png -------------------------------------------------------------------------------- /images/generate-cert.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/generate-cert.png -------------------------------------------------------------------------------- /images/getting-started-api.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/getting-started-api.png -------------------------------------------------------------------------------- /images/greenhouse/cloud-formation-form.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/cloud-formation-form.png -------------------------------------------------------------------------------- /images/greenhouse/diego-windows-cloudformation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/diego-windows-cloudformation.png -------------------------------------------------------------------------------- /images/greenhouse/diego-windows-file-group.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/diego-windows-file-group.png -------------------------------------------------------------------------------- /images/greenhouse/diego-windows-msis.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/diego-windows-msis.png -------------------------------------------------------------------------------- /images/greenhouse/diego-windows-setup-files.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/diego-windows-setup-files.png -------------------------------------------------------------------------------- /images/greenhouse/downloaded-msi-screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/downloaded-msi-screen.png -------------------------------------------------------------------------------- /images/greenhouse/downloading-msi-screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/downloading-msi-screen.png -------------------------------------------------------------------------------- /images/greenhouse/event-viewer.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/event-viewer.png -------------------------------------------------------------------------------- /images/greenhouse/missing-dlls.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/missing-dlls.png -------------------------------------------------------------------------------- /images/greenhouse/no-compatible-cell.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/no-compatible-cell.png -------------------------------------------------------------------------------- /images/greenhouse/restart-rep.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/restart-rep.png -------------------------------------------------------------------------------- /images/greenhouse/rollback-on-failure.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/rollback-on-failure.png -------------------------------------------------------------------------------- /images/greenhouse/running-install-bat.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/running-install-bat.png -------------------------------------------------------------------------------- /images/greenhouse/running-services.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/running-services.png -------------------------------------------------------------------------------- /images/greenhouse/start-unsucessful.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/greenhouse/start-unsucessful.png -------------------------------------------------------------------------------- /images/guestos.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/guestos.png -------------------------------------------------------------------------------- /images/haproxy-hsts-enable-fields.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/haproxy-hsts-enable-fields.png -------------------------------------------------------------------------------- /images/hosts_clusters.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/hosts_clusters.png -------------------------------------------------------------------------------- /images/id/deployment.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/id/deployment.jpg -------------------------------------------------------------------------------- /images/id/host-cluster.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/id/host-cluster.jpg -------------------------------------------------------------------------------- /images/id/job.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/id/job.jpg -------------------------------------------------------------------------------- /images/id/jobs.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/id/jobs.jpg -------------------------------------------------------------------------------- /images/id/vm-tab.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/id/vm-tab.jpg -------------------------------------------------------------------------------- /images/import-stemcell.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/import-stemcell.png -------------------------------------------------------------------------------- /images/install-dash-settings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/install-dash-settings.png -------------------------------------------------------------------------------- /images/installation-dashboard-manage-stemcells.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/installation-dashboard-manage-stemcells.png -------------------------------------------------------------------------------- /images/inventory.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/inventory.png -------------------------------------------------------------------------------- /images/log-app-traffic-disable.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/log-app-traffic-disable.png -------------------------------------------------------------------------------- /images/log-app-traffic-enable.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/log-app-traffic-enable.png -------------------------------------------------------------------------------- /images/logged_in_accounts.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/logged_in_accounts.png -------------------------------------------------------------------------------- /images/loggregator-vms.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/loggregator-vms.png -------------------------------------------------------------------------------- /images/loggregator_config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/loggregator_config.png -------------------------------------------------------------------------------- /images/login-page.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/login-page.png -------------------------------------------------------------------------------- /images/logs-list.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/logs-list.png -------------------------------------------------------------------------------- /images/manage-stemcells.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/manage-stemcells.png -------------------------------------------------------------------------------- /images/mapping_page.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/mapping_page.png -------------------------------------------------------------------------------- /images/max-container-starts.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/max-container-starts.png -------------------------------------------------------------------------------- /images/meta-url.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/meta-url.png -------------------------------------------------------------------------------- /images/metrics/bosh_health_combined.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/metrics/bosh_health_combined.png -------------------------------------------------------------------------------- /images/metrics/dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/metrics/dashboard.png -------------------------------------------------------------------------------- /images/metrics/dea_status_column.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/metrics/dea_status_column.png -------------------------------------------------------------------------------- /images/metrics/etcd_uptime.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/metrics/etcd_uptime.png -------------------------------------------------------------------------------- /images/metrics/nats_delta.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/metrics/nats_delta.png -------------------------------------------------------------------------------- /images/metrics/req_per_sec.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/metrics/req_per_sec.png -------------------------------------------------------------------------------- /images/metrics/router-column.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/metrics/router-column.png -------------------------------------------------------------------------------- /images/metrics/ssh_attempts.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/metrics/ssh_attempts.png -------------------------------------------------------------------------------- /images/multi-foundation-apps-man-configuration.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/multi-foundation-apps-man-configuration.png -------------------------------------------------------------------------------- /images/name_page.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/name_page.png -------------------------------------------------------------------------------- /images/networking-config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/networking-config.png -------------------------------------------------------------------------------- /images/networking_disable_http_haproxy_gorouter.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/networking_disable_http_haproxy_gorouter.png -------------------------------------------------------------------------------- /images/networking_haproxy_router_cert_config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/networking_haproxy_router_cert_config.png -------------------------------------------------------------------------------- /images/networking_haproxy_router_tls_forward.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/networking_haproxy_router_tls_forward.png -------------------------------------------------------------------------------- /images/networking_max_connections_backend.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/networking_max_connections_backend.png -------------------------------------------------------------------------------- /images/networking_min_tls_version.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/networking_min_tls_version.png -------------------------------------------------------------------------------- /images/networking_tls_doppler.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/networking_tls_doppler.png -------------------------------------------------------------------------------- /images/networking_tls_haproxy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/networking_tls_haproxy.png -------------------------------------------------------------------------------- /images/networking_tls_metron.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/networking_tls_metron.png -------------------------------------------------------------------------------- /images/networking_tls_router.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/networking_tls_router.png -------------------------------------------------------------------------------- /images/networking_xforwarded-client-cert-xfcc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/networking_xforwarded-client-cert-xfcc.png -------------------------------------------------------------------------------- /images/new-domains.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/new-domains.png -------------------------------------------------------------------------------- /images/newcd.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/newcd.png -------------------------------------------------------------------------------- /images/nics.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/nics.png -------------------------------------------------------------------------------- /images/opsman-latest-stemcell.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/opsman-latest-stemcell.png -------------------------------------------------------------------------------- /images/opsman-view-available-stemcells.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/opsman-view-available-stemcells.png -------------------------------------------------------------------------------- /images/pas-tile.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/pas-tile.png -------------------------------------------------------------------------------- /images/pivotal_account.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/pivotal_account.png -------------------------------------------------------------------------------- /images/pool_page.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/pool_page.png -------------------------------------------------------------------------------- /images/port_forward.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/port_forward.png -------------------------------------------------------------------------------- /images/protected-domains.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/protected-domains.png -------------------------------------------------------------------------------- /images/push_account.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/push_account.png -------------------------------------------------------------------------------- /images/pws_read_ops_upgrade.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/pws_read_ops_upgrade.png -------------------------------------------------------------------------------- /images/pws_write_ops_upgrade.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/pws_write_ops_upgrade.png -------------------------------------------------------------------------------- /images/roles-diagram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/roles-diagram.png -------------------------------------------------------------------------------- /images/saml-sso.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/saml-sso.png -------------------------------------------------------------------------------- /images/scaling-ert.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/scaling-ert.png -------------------------------------------------------------------------------- /images/security_config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/security_config.png -------------------------------------------------------------------------------- /images/service-details.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/service-details.png -------------------------------------------------------------------------------- /images/service-mesh.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/service-mesh.png -------------------------------------------------------------------------------- /images/servicemesh.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/servicemesh.png -------------------------------------------------------------------------------- /images/source_page.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/source_page.png -------------------------------------------------------------------------------- /images/ssh-config-ert.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/ssh-config-ert.png -------------------------------------------------------------------------------- /images/ssl-termination-router.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/ssl-termination-router.png -------------------------------------------------------------------------------- /images/ssl-termination.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/ssl-termination.png -------------------------------------------------------------------------------- /images/sso-config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/sso-config.png -------------------------------------------------------------------------------- /images/sso-ert.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/sso-ert.png -------------------------------------------------------------------------------- /images/staging-modal.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/staging-modal.png -------------------------------------------------------------------------------- /images/storage_page.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/storage_page.png -------------------------------------------------------------------------------- /images/switching_domains/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/switching_domains/.DS_Store -------------------------------------------------------------------------------- /images/switching_domains/er17-switchdomains-after.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/switching_domains/er17-switchdomains-after.png -------------------------------------------------------------------------------- /images/switching_domains/er17-switchdomains-before.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/switching_domains/er17-switchdomains-before.png -------------------------------------------------------------------------------- /images/switching_domains/new_domain_config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/switching_domains/new_domain_config.png -------------------------------------------------------------------------------- /images/switching_domains/new_domain_confirmed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/switching_domains/new_domain_confirmed.png -------------------------------------------------------------------------------- /images/switching_domains/new_domain_confirmed1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/switching_domains/new_domain_confirmed1.png -------------------------------------------------------------------------------- /images/switching_domains/old_domain.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/switching_domains/old_domain.png -------------------------------------------------------------------------------- /images/sys-logging.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/sys-logging.png -------------------------------------------------------------------------------- /images/system-db-tls.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/system-db-tls.png -------------------------------------------------------------------------------- /images/typ-config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/typ-config.png -------------------------------------------------------------------------------- /images/uaa/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/uaa/.DS_Store -------------------------------------------------------------------------------- /images/uaa/apply-changes.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/uaa/apply-changes.png -------------------------------------------------------------------------------- /images/uaa/er-tile.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/uaa/er-tile.png -------------------------------------------------------------------------------- /images/uaa/ldap-config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/uaa/ldap-config.png -------------------------------------------------------------------------------- /images/update-proxy-settings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/update-proxy-settings.png -------------------------------------------------------------------------------- /images/updated-system-logging.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/updated-system-logging.png -------------------------------------------------------------------------------- /images/usage-report-link.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/usage-report-link.png -------------------------------------------------------------------------------- /images/usage-report-spaces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/usage-report-spaces.png -------------------------------------------------------------------------------- /images/usage-report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pivotal-cf/docs-ops-guide/b039766294b1920ef0dab1790cd4e542372e724d/images/usage-report.png -------------------------------------------------------------------------------- /index.html.md.erb: -------------------------------------------------------------------------------- 1 | --- 2 | breadcrumb: Ops Manager Documentation 3 | title: Operator Guide 4 | owner: Ops Manager Documentation 5 | --- 6 | 7 | 8 | This guide shows you how to run an <%= vars.platform_name %> platform. 9 | 10 | 11 | ## Overview 12 | 13 | Running an <%= vars.platform_name %> platform may include but is not limited to: 14 | 15 | * Configuring <%= vars.platform_name %> capabilities 16 | 17 | * Integrating <%= vars.platform_name %> with external systems 18 | 19 | * Updating <%= vars.platform_name %> and installed products 20 | 21 | * Monitoring <%= vars.platform_name %> health and performance 22 | 23 | * Adjusting <%= vars.platform_name %> resources and options to fix health or performance issues 24 | 25 | * Diagnosing and troubleshooting <%= vars.platform_name %> problems 26 | 27 | * Managing <%= vars.app_runtime_full %> (<%= vars.app_runtime_abbr %>) users, resources, and infrastructure 28 | 29 | * Installing software services and otherwise enabling developers 30 | 31 | * Maintaining <%= vars.platform_name %> 32 | 33 | * Keeping <%= vars.platform_name %> secure 34 | 35 | If you do these things, you are an <%= vars.platform_name %> **operator**, and the contents of this guide are for you. 36 | 37 | 38 | ## Contents 39 | 40 | * [Day 2 Configurations](../customizing/day2.html): Setting up internal operations and external integrations for <%= vars.platform_name %>. 41 | 42 | * [Ongoing Operations](ongoing.html): Routine procedures for running and growing the platform, including: 43 | * <%= vars.platform_name %> Upgrades 44 | * IaaS changes 45 | * Monitoring, logging, and reporting 46 | * Platform tuning 47 | * Enabling developers 48 | * Backing up 49 | * Security 50 | 51 | * [Managing <%= vars.app_runtime_abbr %> Runtimes](../adminguide/index.html): Procedures performed by people with administrator or manager roles in <%= vars.app_runtime_abbr %>, such as managing users, orgs, spaces, and service instances. Operators can perform these actions by logging in with admin credentials, which grants them the role of Org Manager across all <%= vars.app_runtime_abbr %> orgs. For more information, see [Logging In to Apps Manager](../customizing/console-login.html). 52 | 53 | * [Using <%= vars.ops_manager %>](../customizing/ops-man.html): The <%= vars.ops_manager_full %> Installation Dashboard interface streamlines the installation, configuration, and upgrading of <%= vars.platform_name %> services and add-ons. 54 | 55 | * [Using the Cloud Foundry Command Line Interface (cf CLI)](../cf-cli/index.html): Using the cf CLI to send commands to the Cloud Controller, the executive component of <%= vars.app_runtime_abbr %>. 56 | 57 | * [Troubleshooting and Diagnostics](../customizing/troubleshooting-diagnostics.html): Tools and procedures for troubleshooting <%= vars.platform_name %>. 58 | -------------------------------------------------------------------------------- /managing-stemcells.html.md.erb: -------------------------------------------------------------------------------- 1 | --- 2 | title: Importing and Managing Stemcells 3 | owner: Ops Manager 4 | --- 5 | 6 | This topic explains how to use the Stemcell Library in <%= vars.ops_manager_full %> to import and stage stemcells to products. 7 | 8 | 9 | ## Overview 10 | 11 | The Stemcell Library imports and stages stemcells to products. 12 | 13 | For more conceptual information about floating stemcells and stemcell upgrades, see [Floating Stemcells](../customizing/understanding-stemcells.html). 14 | 15 |

Warning: Some product releases require Xenial stemcells, as listed in Tiles Using Xenial Stemcells in <%= vars.platform_name %>. If you are importing and using Xenial stemcells for the first time, see Updates for Xenial Stemcell Support.

16 | 17 | 18 | ## Import and Stage a Stemcell 19 | 20 | To import and stage a stemcell: 21 | 22 | 1. Download the appropriate `.tgz` stemcell file from [VMware Tanzu Network](https://network.pivotal.io/products/pivotal-cf). 23 |

24 | Note: 25 | <%= vars.ops_manager %> does not support heavy or full stemcells for the AWS and GCP IaaSes. 26 | For these IaaSes, you must use a light stemcell. 27 | For more information about light stemcells, see Light Stemcells in the BOSH documentation. 28 |

29 | 30 | 1. Click **Import Stemcell** to permanently import a stemcell into <%= vars.ops_manager %>. 31 | 32 | 1. A pop-up appears for you to select which products to stage with the imported stemcell. Select the checkboxes of the products you want to stage. 33 | ![A pop-up that appears after importing a stemcell. At the top of the pop-up is the header 'Import Stemcell' in gray letters. Under the header is the text "Select the products you want to stage with light-bosh-stemcell-3541.5-google-kvm-ubuntu-trusty". Below is a row containing a selected checkbox with the text "Product" in bold letters to the right of the checkbox. Below this row is another row containing another selected checkbox and the text "Ops Manager: Example Product v2.1-committed.20180209.125552-stemcell.3541.4". In the bottom-right corner of the pop-up are two buttons: one labeled "Dismiss" in gray letters, and one blue, rectangular button labeled "Apply Stemcell to Products" in white letters.](images/staging-modal.png) 34 | 35 | 1. Click **Apply Stemcell to Products**. 36 | 37 | 1. Click **Dismiss** to close the **Import Stemcell** pop-up. 38 | 39 | 40 | ## Choose a Stemcell Version 41 | 42 | If you have uploaded multiple versions of a stemcell, you can use the dropdown in the **Staged** column to choose which version to use. 43 | 44 | You can choose a different version until you deploy. After deployment, older stemcell versions are no longer available. 45 | 46 | ![The dropdown for a stemcell is displayed in the Staged column. Three versions are available.](images/opsman-view-available-stemcells.png) 47 | 48 | If the stemcell displays with a green checkmark and the words **Latest stemcell** below the **Staged** dropdown, the stemcell is the latest available version on your host. An outdated stemcell displays **Stemcell out-of-date**. 49 | 50 | ![Beneath the **Staged** version dropdown, a green checkmark next to the words **Latest stemcell** appears. The stemcell in this image is the latest available version.](images/opsman-latest-stemcell.png) 51 | -------------------------------------------------------------------------------- /ongoing.html.md.erb: -------------------------------------------------------------------------------- 1 | --- 2 | title: Ongoing Operations 3 | owner: PCF Documentation 4 | --- 5 | 6 | This topic describes how to perform routine operations on a running <%= vars.platform_name %>. 7 | 8 | 9 | ## Overview 10 | 11 | Ongoing operations are procedures that <%= vars.platform_name %> operators routinely perform to keep the platform working as it should, or to change how it works if the platform needs to do something new or has a problem. 12 | 13 | Examples include: 14 | 15 | * Performing <%= vars.platform_name %> upgrades 16 | * Making changes to your IaaS and external components 17 | * Monitoring platform health, checking logs, and generating usage reports 18 | * Tuning the platform to eliminate bottlenecks or increase capacity 19 | * Giving developers access to new software services, stacks, and app capabilities 20 | * Backing up and restoring the platform 21 | 22 | In addition to these tasks, <%= vars.platform_name %> operators also routinely perform Day 2 configurations to configure or change platform features and integrations even well past Day 2. For more information, see [Day 2 Configurations](../customizing/day2.html). 23 | 24 | 25 | ## Contents 26 | 27 | ### Upgrading 28 | 29 | * [Upgrading <%= vars.platform_name %>](../customizing/upgrading-pcf.html) 30 | 31 | * [Upgrading <%= vars.app_runtime_abbr %> and Other <%= vars.platform_name %> Products](../customizing/upgrading-products.html) 32 | 33 | * [cf push Availability During <%= vars.app_runtime_abbr %> Upgrades](../customizing/cfpush-availability-during-upgrade.html) 34 | 35 | * [Upgrading <%= vars.ops_manager %> on Azure](../customizing/azure-om-upgrade.html) 36 | 37 | * [Upgrading <%= vars.ops_manager %> on GCP](../customizing/gcp-om-upgrade.html) 38 | 39 | * [Upgrade Load Example: Pivotal Web Services](./pws_upgrade_load.html) 40 | 41 | ### IaaS Changes 42 | 43 | * [Migrating <%= vars.platform_name %> to a New Datastore in vSphere](../refarch/vsphere/vsphere_migrate_datastore.html) 44 | 45 | * [Upgrading vSphere without <%= vars.platform_name %> Downtime](../refarch/vsphere/vsphere_upgrade.html) 46 | 47 | * [Deleting <%= vars.platform_name %> on AWS](../customizing/deleting-aws-install.html) 48 | 49 | * [Deleting <%= vars.platform_name %> on Azure](../customizing/deleting-azure-install.html) 50 | 51 | * [Deleting <%= vars.platform_name %> on GCP](../customizing/deleting-gcp-install.html) 52 | 53 | ### Monitoring, Logging, and Reporting 54 | 55 | * [Logs and Metrics Sources](../loggregator/data-sources.html) 56 | 57 | * [Monitoring <%= vars.platform_name %>](../monitoring/index.html) 58 | 59 | * [Key Performance Indicators](../monitoring/kpi.html) 60 | 61 | * [Key Capacity Scaling Indicators](../monitoring/key-cap-scaling.html) 62 | 63 | * [Selecting and Configuring a Monitoring System](../monitoring/metrics.html) 64 | 65 | * [Loggregator Architecture](../loggregator/architecture.html) 66 | 67 | * [Loggregator Guide for <%= vars.app_runtime_abbr %> Operators](../loggregator/log-ops-guide.html) 68 | 69 | * [Security Event Logging](../loggregator/cc-uaa-logging.html) 70 | 71 | * [Reporting Instance Usage with Apps Manager](./accounting-report-apps-man.html) 72 | 73 | * [Reporting App, Task, and Service Instance Usage](./accounting-report.html) 74 | 75 | * [Monitoring VMs in <%= vars.platform_name %>](../customizing/monitoring.html) 76 | 77 | * [Monitoring VMs in vSphere](../customizing/monitoring-vsphere.html) 78 | 79 | ### Platform Tuning 80 | 81 | * [Scaling <%= vars.app_runtime_abbr %>](./scaling-ert-components.html) 82 | 83 | * [Managing Internal Databases](./internal-databases.html) 84 | 85 | * [Gorouter Back End Keep-Alive Connections](../adminguide/routing-keepalive.html) 86 | 87 | * [High Availability in <%= vars.app_runtime_abbr %>](../concepts/high-availability.html) 88 | 89 | ### Enabling Developers 90 | 91 | * [Adding and Deleting Products](../customizing/add-delete.html) 92 | 93 | * [Managing Isolation Segments](../adminguide/isolation-segments.html) 94 | 95 | * [Routing for Isolation Segments](../adminguide/routing-is.html) 96 | 97 | * [Enabling Volume Services](./enable-vol-services.html) 98 | 99 | * [Configuring Container-to-Container Networking](../devguide/deploy-apps/cf-networking.html) 100 | 101 | * [Switching App Domains](./switching-domains.html) 102 | 103 | ### Backing Up 104 | 105 | * [Disaster Recovery](../customizing/backup-restore/disaster-recovery.html) 106 | 107 | * [Backing Up and Restoring Deployments](../customizing/backup-restore/index.html) 108 | 109 | * [Backing Up Deployments with BBR](../customizing/backup-restore/backup-pcf-bbr.html) 110 | 111 | * [<%= vars.app_runtime_abbr %> Component Availability During Backup](../customizing/backup-restore/component-backups.html) 112 | 113 | * [Restoring Deployments from Backup with BBR](../customizing/backup-restore/restore-pcf-bbr.html) 114 | 115 | * [Stopping and Starting Virtual Machines](../adminguide/start-stop-vms.html) 116 | 117 | * [Troubleshooting BBR](../customizing/backup-restore/troubleshooting-bbr.html) 118 | 119 | * [BOSH Backup and Restore (Open-Source Documentation)](http://docs.cloudfoundry.org/bbr/index.html) 120 | 121 | ### Security 122 | 123 | * [Retrieving Credentials from Your Deployment](../customizing/credentials.html) 124 | 125 | * [Restricting App Access to Internal <%= vars.platform_name %> Components](./app-sec-groups.html) 126 | 127 | * [Providing a Certificate for Your TLS Termination Point](./security_config.html) 128 | 129 | * [Rotating Certificates](../security/pcf-infrastructure/api-cert-rotation.html) 130 | 131 | * [Rotating Runtime CredHub Encryption Keys](./credential-rotation.html) 132 | --------------------------------------------------------------------------------