Configuration is based on environment variables. Cloudbreak Deployer always forks a new bash subprocess without
inheriting environment variables. The only way to set ENV vars relevant for Cloudbreak Deployer is to set them
in a file called
To see all available config variables with their default value:
cbd env show
Profile will be simple sourced in bash terms, so you can use the usual syntaxes to set config values:
export MY_VAR=some_value export OTHER_VAR=dunno
Env specific Profile
Let’s say you want to use a different version of Cloudbreak for prod and qa profile.
You can specify the Docker image tag via:
Profile is always sourced, so you will have two env specific configurations:
For prod you need:
- create a file called
- write the env specific
- set the env variable:
To use the
prod specific profile once:
CBD_DEFAULT_PROFILE=prod cbd some_commands
For permanent setting you can
export CBD_DEFAULT_PROFILE=prod in your
If you want to change SMTP parameters, put the corresponding lines into your
Profile. You can also see the default values of the parameters in the following box.
export CLOUDBREAK_SMTP_SENDER_USERNAME= export CLOUDBREAK_SMTP_SENDER_PASSWORD= export CLOUDBREAK_SMTP_SENDER_HOST= export CLOUDBREAK_SMTP_SENDER_PORT=25 export CLOUDBREAK_SMTP_SENDER_FROM= export CLOUDBREAK_SMTP_AUTH=true export CLOUDBREAK_SMTP_STARTTLS_ENABLE=true export CLOUDBREAK_SMTP_TYPE=smtp
If your SMTP server uses SMTPS you should change the protocol in your Profile:
If the certificate used by the SMTP server is self-signed, or Java's default trust store doesn't contain it than you can add it to the trust store by copying it to
certs/trusted inside the Cloudbreak deployer directory and start (or restart) the Cloudbreak container (with
cbd start).The Cloudbreak container will automatically import the certificates in that directory to its trust store on startup.
Access from custom domains
Cloudbreak deployer uses UAA as an identity provider and supports multi tenancy. In UAA terminology this is referred as identity zones. An identity zone is accessed through a unique subdomain. If the standard UAA responds to https://uaa.10.244.0.34.xip.io a zone on this UAA would be accessed through https://testzone1.uaa.10.244.0.34.xip.io.
As an example in our hosted deployment the
identity.sequenceiq.com domain refers to our identity server and the
UAA_ZONE_DOMAIN variable has to be set to that domain. This variable is necessary for UAA to identify which zone provider should handle the requests that arrives to the given domain.
If you want to use a custom domain for your identity or deployment, put the
UAA_ZONE_DOMAIN line into your
Profile. You can see an example in the following box:
Consul is used for DNS resolution. All Cloudbreak related services are registered as
someservice.service.consul. Consul’s built in DNS server is able to “fall-back” on an other DNS server.
This option is called
-recursor. Clodbreak Deployer first tries to discover the DNS settings of the host,
by looking for nameserver entry in
/etc/resolv.conf. If it finds one consul will use it as a recursor,
otherwise 220.127.116.11 will be used.
For a full list of available consul config options, see the docs.
You can pass any additional consul configuration by defining a
Azure Resource manager command
- cbd azure configure-arm
- cbd azure deploy-dash See the documentation here.
The Cloudbreak Deployer tool opens a clean bash subshell, without inheriting environment variables.
Only the following environment variables are inherited:
SSH fingerprint verification
Cloudbreak is able to verify the SSH fingerprints of the provisioned virtual machines. We disable this feature by default for AWS and GCP because we have experienced issues, since Cloud providers do not always print the SSH fingerprint into the provisioned machines console output. The fingerprint validation feature could be turned on by configuring the 'CB_AWS_HOSTKEY_VERIFY' and/or the CB_GCP_HOSTKEY_VERIFY variables in your cbd profile like in the following example:
Edit on GitHub
export CB_AWS_HOSTKEY_VERIFY=true export CB_GCP_HOSTKEY_VERIFY=true