-
Notifications
You must be signed in to change notification settings - Fork 68
/
Copy path_api.html.md.erb
32 lines (30 loc) · 2.5 KB
/
_api.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Perform the following steps:
1. Click **TKGI API**.
1. Under **Certificate to secure the TKGI API**, provide a certificate and private key pair.
<br>
<br>
The certificate that you supply must cover the specific subdomain that routes to the TKGI API VM with TLS termination on the ingress.
If you use UAA as your OIDC provider, this certificate must be a proper certificate chain and have a SAN field.
<p class="note warning"><strong>Warning:</strong> TLS certificates generated for wildcard DNS records only work for a single domain level.
For example, a certificate generated for <code>*.tkgi.EXAMPLE.com</code> does not permit communication to <code>*.api.tkgi.EXAMPLE.com</code>.
If the certificate does not contain the correct FQDN for the TKGI API, calls to the API will fail.</p>
You can enter your own certificate and private key pair, or have Ops Manager generate one for you.
<br>
To generate a certificate using Ops Manager:
1. Click **Generate RSA Certificate** for a new install or **Change** to update a previously-generated certificate.
1. Enter the domain for your API hostname. This must match the domain you configure under **TKGI API** > **API Hostname (FQDN)** below, in the same pane. It can be a standard FQDN or a wildcard domain.
1. Click **Generate**.<br>
1. Under **API Hostname (FQDN)**, enter the FQDN that you registered to point to the TKGI API load balancer, such as `api.tkgi.example.com`.
To retrieve the public IP address or FQDN of the TKGI API load balancer,
log in to your IaaS console.
<p class="note"><strong>Note</strong>: The FQDN for the TKGI API must not contain uppercase letters or trailing whitespace.</p>
1. Under **Worker VM Max in Flight**, enter the maximum number of non-canary worker instances to create, update or upgrade in parallel within an availability zone.
<br><br>
This field sets the `max_in_flight` variable value.
The `max_in_flight` setting limits the number of component instances the TKGI CLI creates or starts simultaneously
when running `tkgi create-cluster` or `tkgi update-cluster`. By default, `max_in_flight` is set to `4`,
limiting the TKGI CLI to creating or starting a maximum of four component instances in parallel.
1. Enable the **Automatic retry on cluster update operations failure** option to make `tkgi update-cluster` retry the cluster update process up to three times if it fails.
1. Click **Save**.