forked from pivotal-cf/docs-pcf-install
-
Notifications
You must be signed in to change notification settings - Fork 0
/
_application_container_config.html.md.erb
35 lines (22 loc) · 4.12 KB
/
_application_container_config.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
1. Select **Application Containers**.
<%= image_tag("../images/er-config-app-containers.png") %>
1. The **Enable Custom Buildpacks** checkbox governs the ability to pass a custom buildpack URL to the `-b` option of the `cf push` command. By default, this ability is enabled, letting developers use custom buildpacks when deploying apps. Disable this option by disabling the checkbox. For more information about custom buildpacks, refer to the [buildpacks](../buildpacks/) section of the PCF documentation.
1. The **Allow SSH access to app containers** checkbox controls SSH access to application instances. Enable the checkbox to permit SSH access across your deployment, and disable it to prevent all SSH access. See the [Application SSH Overview](../devguide/deploy-apps/app-ssh-overview.html) topic for information about SSH access permissions at the space and app scope.
1. If you want enable SSH access for new apps by default in spaces that allow SSH, select **Enable SSH when an app is created**. If you deselect the checkbox, developers can still enable SSH after pushing their apps by running `cf enable-ssh APP-NAME`.
1. You can configure Elastic Runtime to run app instances in Docker containers by supplying their IP address range(s) in the **Private Docker Insecure Registry Whitelist** textbox. See the [Using Docker Registries](../opsguide/docker-registry.html) topic for more information.
1. By default, containers use the same DNS servers as the host. If you want to override the DNS servers to be used in containers, enter a comma-separated list of servers in **DNS Servers**.
1. Select your preference for **Docker Images Disk-Cleanup Scheduling on Cell VMs**. If you choose **Clean up disk-space once threshold is reached**, enter a **Threshold of Disk-Used** in megabytes. For more information about the configuration options and how to configure a threshold, see [Configuring Docker Images Disk-Cleanup Scheduling](../opsguide/config-cell-cleanup.html).
1. Enter a number in the **Max Inflight Container Starts** textbox. This number configures the maximum number of started instances across your deployment's Diego Cells. For more information about this feature, see [Setting a Maximum Number of Started Containers](../adminguide/max-container-starts.html).
1. Under **Enabling NFSv3 volume services**, select **Enable** or **Disable**. NFS volume services allow application developers to bind existing NFS volumes to their applications for shared file access. For more information, see the [Enabling NFS Volume Services](../opsguide/enable-vol-services.html) topic.
<p class="note"><strong>Note</strong>: In a clean install, NFSv3 volume services is enabled by default. In an upgrade, NFSv3 volume services is set to the same setting as it was in the previous deployment.</p>
1. (Optional) To configure LDAP for NFSv3 volume services, perform the following steps:
<%= image_tag("../images/er-config-app-vol-svc.png") %>
* For **LDAP Service Account User**, enter the username of the service account in LDAP that will manage volume services.
* For **LDAP Service Account Password**, enter the password for the service account.
* For **LDAP Server Host**, enter the hostname or IP address of the LDAP server.
* For **LDAP Server Port**, enter the LDAP server port number. If you do not specify a port number, Ops Manager uses 389.
* For **LDAP Server Protocol**, enter the server protocol. If you do not specify a protocol, Ops Manager uses TCP.
* For **LDAP User Fully-Qualified Domain Name**, enter the fully qualified path to the LDAP service account. For example, if you have a service account named `volume-services` that belongs to organizational units (OU) named `service-accounts` and `my-company`, and your domain is named `domain`, the fully qualified path looks like the following:
<pre>CN=volume-services,OU=service-accounts,OU=my-company,DC=domain,DC=com</pre>
1. By default, Elastic Runtime manages container images using the [GrootFS](../concepts/architecture/garden.html#garden-rootfs) plugin for Garden-runC. If you experience issues with GrootFS, you can disable the plugin and use the image plugin built into Garden-runC.
1. Click **Save**.