diff --git a/ci/autoscaler/pipeline.yml b/ci/autoscaler/pipeline.yml index 8115b71ff8..98337d7549 100644 --- a/ci/autoscaler/pipeline.yml +++ b/ci/autoscaler/pipeline.yml @@ -6,7 +6,6 @@ anchors: operations/instance-identity-cert-from-cf.yml operations/add-postgres-variables.yml operations/enable-nats-tls.yml - operations/loggregator-certs-from-cf.yml operations/add-extra-plan.yml operations/set-release-version.yml operations/enable-metricsforwarder-via-metron-agent.yml @@ -20,7 +19,6 @@ anchors: operations/instance-identity-cert-from-cf.yml operations/add-postgres-variables.yml operations/enable-nats-tls.yml - operations/loggregator-certs-from-cf.yml operations/add-extra-plan.yml operations/set-release-version.yml operations/enable-metricsforwarder-via-syslog-agent.yml @@ -34,7 +32,6 @@ anchors: operations/instance-identity-cert-from-cf.yml operations/add-postgres-variables.yml operations/enable-nats-tls.yml - operations/loggregator-certs-from-cf.yml operations/postgres-persistent-disk.yml operations/add-extra-plan.yml operations/set-release-version.yml diff --git a/ci/autoscaler/scripts/deploy-autoscaler.sh b/ci/autoscaler/scripts/deploy-autoscaler.sh index 01c8baf83c..fe6cee5aab 100755 --- a/ci/autoscaler/scripts/deploy-autoscaler.sh +++ b/ci/autoscaler/scripts/deploy-autoscaler.sh @@ -13,7 +13,6 @@ ops_files=${OPS_FILES:-"${autoscaler_dir}/operations/add-releases.yml\ ${autoscaler_dir}/operations/add-postgres-variables.yml\ ${autoscaler_dir}/operations/connect_to_postgres_with_certs.yml\ ${autoscaler_dir}/operations/enable-nats-tls.yml\ - ${autoscaler_dir}/operations/loggregator-certs-from-cf.yml\ ${autoscaler_dir}/operations/add-extra-plan.yml\ ${autoscaler_dir}/operations/set-release-version.yml\ ${autoscaler_dir}/operations/remove-metricsserver.yml\ diff --git a/ci/autoscaler/tasks/deploy-previous-autoscaler.yml b/ci/autoscaler/tasks/deploy-previous-autoscaler.yml index 910984dd8e..5f705d031d 100644 --- a/ci/autoscaler/tasks/deploy-previous-autoscaler.yml +++ b/ci/autoscaler/tasks/deploy-previous-autoscaler.yml @@ -14,7 +14,6 @@ params: # Optional: relative to the root of the release input. The files will be # checked to see if they exist, if not they will be excluded from the list OPS_FILES: | - example/operation/loggregator-certs-from-cf.yml example/operation/postgres-persistent-disk.yml diff --git a/operations/loggregator-certs-from-cf.yml b/operations/loggregator-certs-from-cf.yml deleted file mode 100644 index 3a63e88d8a..0000000000 --- a/operations/loggregator-certs-from-cf.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- type: replace - path: /instance_groups/name=metricsgateway/jobs/name=metricsgateway/properties/autoscaler/metricsgateway/nozzle/loggregator_rlp_tls - value: - cert: ((/bosh-autoscaler/cf/loggregator_tls_rlp.certificate)) - key: ((/bosh-autoscaler/cf/loggregator_tls_rlp.private_key)) - ca_cert: ((/bosh-autoscaler/cf/loggregator_ca.certificate)) - -- type: replace - path: /instance_groups/name=metricsforwarder/jobs/name=metricsforwarder/properties/autoscaler/metricsforwarder/loggregator/tls - value: - ca_cert: ((/bosh-autoscaler/cf/loggregator_tls_agent.ca)) - cert: ((/bosh-autoscaler/cf/loggregator_tls_agent.certificate)) - key: ((/bosh-autoscaler/cf/loggregator_tls_agent.private_key)) - -- type: replace - path: /instance_groups/name=metricsforwarder/jobs/name=loggregator_agent/properties/loggregator/tls - value: - ca_cert: ((/bosh-autoscaler/cf/loggregator_ca.certificate)) - agent: - cert: ((/bosh-autoscaler/cf/loggregator_tls_agent.certificate)) - key: ((/bosh-autoscaler/cf/loggregator_tls_agent.private_key)) diff --git a/scripts/generate_test_certs.sh b/scripts/generate_test_certs.sh index 029cc3cc16..d3c54015ba 100755 --- a/scripts/generate_test_certs.sh +++ b/scripts/generate_test_certs.sh @@ -16,11 +16,6 @@ ${CERTSTRAP} --depot-path "${depot_path}" init --passphrase '' --common-name aut mv -f "${depot_path}"/autoscalerCA.crt "${depot_path}"/autoscaler-ca.crt mv -f "${depot_path}"/autoscalerCA.key "${depot_path}"/autoscaler-ca.key -# CA to distribute to dummy loggregator_agent certs -${CERTSTRAP} --depot-path "${depot_path}" init --passphrase '' --common-name loggregatorCA --years "20" -mv -f "${depot_path}"/loggregatorCA.crt "${depot_path}"/loggregator-ca.crt -mv -f "${depot_path}"/loggregatorCA.key "${depot_path}"/loggregator-ca.key - # CA to distribute to dummy syslog emitter certs ${CERTSTRAP} --depot-path "${depot_path}" init --passphrase '' --common-name LogCacheSyslogServerCA --years "20" mv -f "${depot_path}"/LogCacheSyslogServerCA.crt "${depot_path}"/log-cache-syslog-server-ca.crt @@ -91,11 +86,6 @@ ${CERTSTRAP} --depot-path "${depot_path}" sign metricserver --CA autoscaler-ca - ${CERTSTRAP} --depot-path "${depot_path}" request-cert --passphrase '' --domain metricserver_client ${CERTSTRAP} --depot-path "${depot_path}" sign metricserver_client --CA autoscaler-ca --years "20" -# metricsforwarder certificate for loggregator_agent -${CERTSTRAP} --depot-path "${depot_path}" request-cert --passphrase '' --domain metron -${CERTSTRAP} --depot-path "${depot_path}" sign metron --CA loggregator-ca --years "20" - - # metricsforwarder certificate for log-cache-syslog-server ${CERTSTRAP} --depot-path "${depot_path}" request-cert --passphrase '' --domain cf-app ${CERTSTRAP} --depot-path "${depot_path}" sign cf-app --CA log-cache-syslog-server-ca --years "20" diff --git a/templates/app-autoscaler.yml b/templates/app-autoscaler.yml index 9971cbf768..e7b1148987 100644 --- a/templates/app-autoscaler.yml +++ b/templates/app-autoscaler.yml @@ -790,18 +790,6 @@ variables: is_ca: true key_length: 4096 duration: 180 -- name: loggregator_agent_metrics_tls - type: certificate - update_mode: converge - options: - ca: metric_scraper_ca - common_name: loggregator_agent_server - alternative_names: - - loggregator_agent_server - extended_key_usage: - - server_auth - key_length: 4096 - duration: 180 # metricsforwarder loggregator certificates - name: metricsforwarder_autoscaler_metricsforwarder_loggregator_tls