Troubleshooting Cloud Foundry on OpenStack
Page last updated:
This topic describes helpful tips to deploy Cloud Foundry on OpenStack.
Self-signed SSL Certificates
View these two topics to add your self-signed certificates to the OpenStack CPI and to the virtual machines (VMs) deployed with your BOSH Director:
- The BOSH OpenStack CPI uses a chain of trusted certificates to validate the certificate of your OpenStack endpoints with a property called
- The BOSH Director adds chain of trusted certificates to all VMs deployed with that Director with a property called
If you are using OpenStack’s GRE Tunnel networking, the default MTU of 1500 does not allow machines to properly communicate. Garden and Warden use 1500 of MTU by default. You must change the default in your manifest by performing the steps below.
For operators deploying versions of Cloud Foundry that use the newer Diego architecture, modify the MTU by editing the
garden.network_mtu property in your Diego manifest:
garden: network_mtu: 1454
bosh deploy to push these changes and reboot your Diego cells.
For operators deploying versions of Cloud Foundry that use the older Droplet Execution Agent (DEA) architecture, modify the MTU by editing the
dea_next property in your Cloud Foundry manifest:
dea_next: mtu: 1454
bosh deploy to push these changes and reboot your Warden / DEA VM.