It seems to have generated two of them even through I am not using 2 zones.
Also I see port 8080 mentioned somewhere in there, as mentioned before port 8080 is only opened internally in the security group (between the CF nodes). Should it also be opened up for the client? (what are the ports that the the client needs to function [I have identified ports 80 and 443] ).

Here is the config:

- instances: 1
name: uaa_z1
networks:
- name: cf1
properties:
consul:
agent:
services:
uaa: {}
metron_agent:
zone: z1
route_registrar:
routes:
- health_check:
name: uaa-healthcheck
script_path: /var/vcap/jobs/uaa/bin/health_check
name: uaa
port: 8080
registration_interval: 4s
tags:
component: uaa
uris:
- uaa.10.60.18.186.xip.io
- '*.uaa.10.60.18.186.xip.io'
- login.10.60.18.186.xip.io
- '*.login.10.60.18.186.xip.io'
uaa:
proxy:
servers:
- 192.168.10.69
resource_pool: medium_z1
templates:
- name: uaa
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: route_registrar
release: cf
- name: statsd-injector
release: cf
update: {}
- instances: 0
name: uaa_z2
networks:
- name: cf2
properties:
consul:
agent:
services:
uaa: {}
metron_agent:
zone: z2
route_registrar:
routes:
- health_check:
name: uaa-healthcheck
script_path: /var/vcap/jobs/uaa/bin/health_check
name: uaa
port: 8080
registration_interval: 4s
tags:
component: uaa
uris:
- uaa.10.60.18.186.xip.io
- '*.uaa.10.60.18.186.xip.io'
- login.10.60.18.186.xip.io
- '*.login.10.60.18.186.xip.io'
uaa:
proxy:
servers:
- 192.168.10.69
resource_pool: medium_z2
templates:
- name: uaa
release: cf
- name: metron_agent
release: cf
- name: consul_agent
release: cf
- name: route_registrar
release: cf
- name: statsd-injector
release: cf
update: {}