Skip to content
This repository has been archived by the owner on Jan 21, 2022. It is now read-only.

Releases: cloudfoundry-attic/cf-release

v217

09 Sep 22:28
v217
fdc188e
Compare
Choose a tag to compare
v217

The cf-release v217 was released on September 09, 2015.

Important:

  • This release introduces significant improvements to the security of the consul cluster, however the operator must introduce these changes over the course of multiple deployments. If you are not running any consul servers as part of your deployment, you can ignore these instructions. Otherwise, please do the following:
    1. Scale the number of consul servers in your existing deployment down to 1 instance. The consul.agent.servers.lan property must be updated to reflect this; this should happen for free if you are using the standard tooling for manifest generation. If you are deploying Diego alongside CF, you must redeploy Diego as well to pick up the consul.agent.servers.lan change; again, this should happen for free if using the standard manifest generation tooling.
    2. Generate SSL certificates, keys, and a separate encryption key for the gossip protocol used by consul (instructions). Upload the v217 release and generate your manifest for CF (and then Diego, if also deploying Diego).
    3. Deploy CF (and then Diego, if also deploying Diego).
    4. Scale the number of consul servers back up to whatever you had it at before. Regenerate all relevant manifests and deploy.
  • cf-release v216 was skipped. After cutting a final release, the final release changes need to be committed back to the repo. We do one final deploy of the final release before committing its changes to master. In this case, a bug was found after doing the deploy, so we did not commit its changes. The bug was fixed, a new final release was deployed, and its changes have been committed. Since the director where the deploy was done already had a 216 deployed to it, we could not call the fixed release 216 as well, hence 217.

Contents:

CC and Service Broker APIs

CC API Version: 2.35.0

Service Broker API Version: 2.6

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work reverted on Dashboard Clients per Service Instance details
  • [Experimental] Work started on Route Services details
  • cloudfoundry/cloud_controller_ng #411: Update cf-message-bus which includes latest NATS client details
  • Add a description to the Resource Match API page to apidocs details
  • Add description for recursive delete flag on Orgs and Spaces to apidocs details
  • Update ruby version to 2.1.7 details
  • Remove experimental flags for total_private_domains and app_instance_limit in Creating a Organization Quota Definition details
  • Added new endpoint to get number of started instances by Org GET /v2/organizations/:guid/instance_usage apidoc details

Runtime

DEA

Warden

  • Remove guard against using aufs for nested warden containers to match current garden behavior. details
  • Bump ruby version to 2.1.7. details

HM9000

No functional changes.

Buildpacks and Stacks

stacks

updated to 1.7.0 (from 1.4.0)

1.7.0

Notably, this release addresses USN-2726-1, "Expat vulnerability", which is related to CVE-2015-1283.

1.6.0

Notably, this release addresses USN-2722-1, "gdk-pixbuf vulnerability".

1.5.0

Notably, this release addresses:

which are related to:

in addition to two other vulnerabilities which do not yet have CVE numbers assigned.

go-buildpack

updated to v1.6.0 (from v1.5.0)

v1.6.0

Packaged binaries:

name version cf_stacks
go 1.2.1 cflinuxfs2
go 1.2.2 cflinuxfs2
go 1.3.2 cflinuxfs2
go 1.3.3 cflinuxfs2
go 1.4.1 cflinuxfs2
go 1.4.2 cflinuxfs2
go 1.5 cflinuxfs2

ruby-buildpack

updated to v1.6.5 (from v1.6.2)

v1.6.5

Packaged binaries:

name version cf_stacks
ruby 2.0.0 cflinuxfs2
ruby 2.1.6 cflinuxfs2
ruby 2.1.7 cflinuxfs2
ruby 2.2.2 cflinuxfs2
ruby 2.2.3 cflinuxfs2
jruby ruby-1.9.3-jruby-1.7.21 cflinuxfs2
jruby ruby-2.0.0-jruby-1.7.21 cflinuxfs2
jruby ruby-2.2.2-jruby-9.0.0.0 cflinuxfs2
node 0.12.7 cflinuxfs2
bundler 1.9.7 cflinuxfs2
libyaml 0.1.6 cflinuxfs2
openjdk1.8-latest 1.8.0_51 cflinuxfs2
rails3_serve_static_assets - cflinuxfs2
rails_log_stdout - cflinuxfs2

v1.6.4

Note that v1.6.3 was not released.

Identity

Updated to UAA Release 2.6.1

Routing

  • Work continues on support for Route Services details, more details
  • Gorouter now logs X-Forwarded-Proto details
  • Gorouter no longer responds to a publish NATS message with an empty subject details
  • Work begun on support for TCP Routing in Routing API details
  • Routing API no longer logs the Authorization header details
  • A bug was introduced in v217 wherein gorouter logs are no longer rotated as frequently as they used to be. This could lead to failure if the disk fills up. A fix has been committed and will be included in v219 details.

Loggregator

Internal Components

etcd

No functional changes.

consul

  • Improve operability of consul cluster when scaling down. details
  • Consul servers determine whether they are synced with the rest of the cluster in the officially recommended manner. details
  • Consul agents and servers communicate securely with one another. details
  • Consul servers leave and join the cluster more reliably during a rolling deploy. details

route_registrar

  • Added new route_registrar job to centralize route registra...
Read more
Assets 2
Loading

v215

18 Aug 01:02
v215
5fa1470
Compare
Choose a tag to compare
v215

The cf-release v215 was released on August 18, 2015.

Contents:

CC and Service Broker APIs

CC API Version: 2.34.0

Service Broker API Version: 2.6

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on Dashboard Clients per Service Instance details
  • Fixed issue where CC worker does not pick up jobs that could not be loaded on the first attempt details
  • Update download endpoints in api docs to explain redirect behavior of cf oauth tokens to some blobstores that will not accept it details
  • Fix instances reporting if app failed to stage details
  • Ensure only space developers have access to service dashboards details
  • cloudfoundry/cloud_controller_ng #408: Filter stopped and unstaged on hm9k bulk endpoint details
  • /v2/spaces/:guid/summary should degrade gracefully if Diego is not available details
  • ensure start logging happens when invalid scheme is used details

Runtime

No changes.

Buildpacks and Stacks

stacks

updated to 1.4.0 (from 1.1.0)

1.4.0

This rootfs enables both DEAs and Diego to share the vcap user home and app directories. #97733540

1.3.0

Notably, this version of the rootfs updates libsqlite3 to 3.8.2-1ubuntu2.1 to address USN-2698-1 "SQLite vulnerabilities" which addresses:

1.2.0

Notably, this release addresses USN-2694-1 "PCRE vulnerabilities", which is related to:

This release also adds the following package to the rootfs:

  • jq

java-buildpack

updated to v3.1.1 (from v3.1)

v3.1.1

I'm pleased to announce the release of the java-buildpack, version 3.1.1. This release ensures that the dependencies contained in the offline buildpack are up to date.

For a more detailed look at the changes in 3.1.1, please take a look at the commit log. Packaged versions of the buildpack, suitable for use with create-buildpack and update-buildpack, can be found attached to this release.

Packaged dependencies:

Dependency Version
AppDynamics Agent 4.0.7_0
GemFire 8.0.0
GemFire Modules 8.0.0.1
GemFire Modules Tomcat7 8.0.0.1
GemFire Security 8.0.0
Groovy 2.4.4
JRebel 6.2.2
MariaDB JDBC 1.1.9
Memory Calculator (centos6) 1.1.1.RELEASE
Memory Calculator (lucid) 1.1.1.RELEASE
Memory Calculator (mountainlion) 1.1.1.RELEASE
Memory Calculator (precise) 1.1.1.RELEASE
Memory Calculator (trusty) 1.1.1.RELEASE
New Relic Agent 3.18.0
OpenJDK JRE (centos6) 1.8.0_51
OpenJDK JRE (lucid) 1.8.0_51
OpenJDK JRE (mountainlion) 1.8.0_51
OpenJDK JRE (precise) 1.8.0_51
OpenJDK JRE (trusty) 1.8.0_51
Play Framework JPA Plugin 1.7.0.RELEASE
PostgreSQL JDBC 9.4.1201
RedisStore 1.2.0_RELEASE
SLF4J API 1.5.8
SLF4J JDK14 1.5.8
Spring Auto-reconfiguration 1.7.0_RELEASE
Spring Boot CLI 1.2.5_RELEASE
Tomcat Access Logging Support 2.4.0_RELEASE
Tomcat Lifecycle Support 2.4.0_RELEASE
Tomcat Logging Support 2.4.0_RELEASE
Tomcat 8.0.24

ruby-buildpack

updated to v1.6.2 (from v1.6.1)

v1.6.2

Packaged binaries:

name version cf_stacks
ruby 2.0.0 cflinuxfs2
ruby 2.1.5 cflinuxfs2
ruby 2.1.6 cflinuxfs2
ruby 2.2.1 cflinuxfs2
ruby 2.2.2 cflinuxfs2
jruby ruby-1.9.3-jruby-1.7.21 cflinuxfs2
jruby ruby-2.0.0-jruby-1.7.21 cflinuxfs2
jruby ruby-2.2.2-jruby-9.0.0.0 cflinuxfs2
node 0.12.7 cflinuxfs2
bundler 1.9.7 cflinuxfs2
libyaml 0.1.6 cflinuxfs2
openjdk1.8-latest 1.8.0_51 cflinuxfs2
rails3_serve_static_assets - cflinuxfs2
rails_log_stdout - cflinuxfs2

Identity

Updated to UAA Release 2.5.1

Routing

  • Work continues on support for Route Services details
  • Backfilled CATS for Sticky sessions details
  • Routes registered with a path are now exposed by Routing API with GET endpoint details

Loggregator

Loggregator Release Tag

Loggregator Features

  • Make doppler message drain buffer size configurable via bosh "doppler.message_drain_buffer_size" . details
  • Added additional lossiness metrics for monitoring between metron and doppler. details
  • PR - Read to detect syslog writer connection close. details
  • PR - Add default nats port to bosh jobs for nats, dea_logging_agent, loggregator_trafficcontroller, and metron_agent. details
  • PR - Log which syslog sink url is slow during buffer overflow. details

Loggregator Bugs

  • Fixed a bug where syslog drains would delay for 1ms during connection, backing up buffer. details ... additional notes
  • Fixed a bug / added a feature to make doppler buffer sizes configurable. details ... additional notes
  • Fixed a bug where TrafficController sends EOF unexpectedly to a firehose client. details

Internal Components

No changes.

Job Spec Changes

  • Added default value 4222 for nats.port in dea_logging_agent, doppler, loggregator_traffic_controller, and metron_agent jobs. details
  • Added doppler.message_drain_buffer_size to doppler job. details
  • Added router.route_service_secret_prev to gorouter job. details

Recommended BOSH Release and Stemcell Versions

  • BOSH Release Version: bosh 195
  • BOSH Stemcell Version(s):
    name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
    version: 3026

These are soft recommendations; several different versions of the BOSH release and stemcell are likely to work fine with this version of cf-release.

Recommended Diego Version

This is a soft recommendation; several different versions of the Diego release may work fine with this version of cf-release.

<a name='miscellane...

Read more
Assets 2
Loading

v214

31 Jul 16:43
@Amit-PivotalLabs Amit-PivotalLabs
v214
758e3ce
Compare
Choose a tag to compare
v214

The cf-release v214 was released on July 29, 2015.

Important:

  • This release includes a migration that modifies the events table. This table may be very large, and the migration may cause the deployment to fail if it takes too long to run. If the migration causes the deployment to fail, the api_z1/0 job will fail to start. If this happens, do not restart the deploy until the migration has finished running. The deploy can be restarted once the space_id foreign key constraint has been removed from the events table.
  • To avoid the possibility of the migration causing a failure, truncate the events table before the deployment starts. The data in the events table are considered to be audit and log data, and Cloud Foundry can function if it is removed.

Contents:

CC and Service Broker APIs

CC API Version: 2.33.0

Service Broker API Version: 2.6

Cloud Controller

  • Fixed backwards incompatible ccdb migration introduced in cf-release 213 details
  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on Dashboard Clients per Service Instance details
  • Truncate the billing_events table to complete the deprecation details
  • Support for app instance limit on Org Quota details
  • cloudfoundry/cloud_controller_ng #402: Enlarge Service Keys Credentials details
  • Audit events for service key create and delete details
  • vendor/errors is no longer a submodule details
  • use cf.internal for internal domain for consul details
  • SSH access requires app update access details
  • Create service usage event upon plan update details
  • hm9k fetcher to only select the columns that are needed details

Runtime

DEA

  • Fix race condition where DEA was sending heartbeat before UUID had been generated. details

Warden

  • Use wait-for-lock when invoking iptables. details
  • Keep track of containers when destroy fails. details

HM9000

Buildpacks and Stacks

rootfs

updated cflinuxfs2 to v1.1.0

v1.1.0

Notably, this release addresses USN-2670-1: "libwmf vulnerabilitites", which is related to:

go-buildpack

updated to v1.5.0 (from v1.4.0)

v1.5.0

Packaged binaries:

name version cf_stacks
go 1.1.1 cflinuxfs2
go 1.1.2 cflinuxfs2
go 1.2.1 cflinuxfs2
go 1.2.2 cflinuxfs2
go 1.3.2 cflinuxfs2
go 1.3.3 cflinuxfs2
go 1.4.1 cflinuxfs2
go 1.4.2 cflinuxfs2

nodejs-buildpack

updated to v1.5.0 (from v1.4.0)

v1.5.0

Packaged binaries:

name version cf_stacks
node 0.10.38 cflinuxfs2
node 0.10.40 cflinuxfs2
node 0.11.15 cflinuxfs2
node 0.11.16 cflinuxfs2
node 0.12.6 cflinuxfs2
node 0.12.7 cflinuxfs2

v1.4.2

v1.4.1

php-buildpack

updated to v4.0.0 (from v3.3.0)

v4.0.0

Packaged binaries:

name version cf_stacks
php 5.4.42 cflinuxfs2
php 5.4.43 cflinuxfs2
php 5.5.26 cflinuxfs2
php 5.5.27 cflinuxfs2
php 5.6.10 cflinuxfs2
php 5.6.11 cflinuxfs2
hhvm 3.5.0 cflinuxfs2
hhvm 3.5.1 cflinuxfs2
hhvm 3.6.0 cflinuxfs2
hhvm 3.6.1 cflinuxfs2
composer 1.0.0-alpha10 cflinuxfs2
httpd 2.4.12 cflinuxfs2
newrelic 4.20.2.95 cflinuxfs2
nginx 1.6.3 cflinuxfs2
nginx 1.8.0 cflinuxfs2
nginx 1.9.2 cflinuxfs2

v3.3.1

python-buildpack

updated to v1.5.0 (from v1.4.0)

v1.5.0

Packaged binaries:

name version cf_stacks
python 2.7.10 cflinuxfs2
python 2.7.9 cflinuxfs2
python 3.3.5 cflinuxfs2
python 3.3.6 cflinuxfs2
python 3.4.2 cflinuxfs2
python 3.4.3 cflinuxfs2
libffi 3.1 cflinuxfs2
libmemcache 1.0.18 cflinuxfs2

ruby-buildpack

updated to v1.6.1 (from v1.5.0)

v1.6.1

  • Fix issues with the 'including unsupported' manifest
    • Fix incorrect md5 checksum for node version 0.12.7
    • Remove merge conflict annotations

Packaged binaries:

name version cf_stacks
ruby 2.0.0 cflinuxfs2
ruby 2.1.5 cflinuxfs2
ruby 2.1.6 cflinuxfs2
ruby 2.2.1 cflinuxfs2
ruby 2.2.2 cflinuxfs2
jruby ruby-1.9.3-jruby-1.7.21 cflinuxfs2
jruby ruby-2.0.0-jruby-1.7.21 cflinuxfs2
jruby ruby-2.2.2-jruby-9.0.0.0.rc2 cflinuxfs2
node ...
Read more
Assets 2
Loading

v213

22 Jul 17:43
@dieucao dieucao
v213
2b8fcf9
Compare
Choose a tag to compare
v213 Pre-release
Pre-release

Release Notes

The cf-release v213 was released on July 9, 2015.

IMPORTANT: This release has a backwards incompatible Cloud Controller database migration that causes downtime for Cloud Controller during the deploy. We are working on getting this sorted out. We don't recommend upgrading to this release.

  1. CC and Service Broker APIs
  2. Runtime
  3. Buildpacks
  4. Identity
  5. Routing
  6. Log Aggregation and Metrics
  7. Manifest Template and Job Spec Changes
  8. Recommended BOSH Release and Stemcell Versions
  9. Recommended Diego Version

CC and Service Broker APIs

CC API Version: 2.33.0

Service Broker API Version: 2.6

  • Removed space_id from events details
    • NOTE: This caused the backwards incompatible ccdb migration. During the deploy of 213, there will be cloud controller down time while the cloud controller job is rolling. This issue is fixed in the next cf-release details
  • Split client max body size manifest configuration details
    • cc.client_max_body_size default decreased to 15M on body size for requests to cloud controller
    • cc.app_bits_max_body_size new property added that controls the max body size for application bits sent to cloud controller for app upload with default 1536M
  • Switch buildpack cache key to be #{guid}-#{stack.name} details
    • Recommend cleaning up the buildpack cache by using the buildpack_cache delete end point after upgrading to this release to reclaim the space used by caches with the older cache key. For large deployments, this end point may take some time and may need to be called again if it times out. apidoc
  • Removed billing events api and associated models details
  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work started on Private Brokers details
  • API work on Service Keys epic complete details
  • API work on Instance Tags epic complete details
  • API work on Service ID included in service request to Service Broker completed (https://www.pivotaltracker.com/epic/show/1965166)
  • As cloud controller admin, I can add a new stack to cloud controller POST /v2/stacks details | apidoc
    • This end point allows the creation of stacks that cloud controller knows about. The stack would additionally need to be advertised/supported by a DEA or Cell in order for an app requesting the stack to be placed.
  • Private domain limit added to org quota definition details | apidoc
  • Space Developer can now download an app's droplet details | apidoc
  • Added statsd metrics to cc details
  • Added metrics on delayed job queue details
  • Additional logging added around blobstore access in cc logsdetails
  • user guid and request id logged at the beginning of the request in cc logs.details
  • Additional cc logs to include response code and vcap request id for requests to cc details
  • Ensure nfs mount exists before starting cc and cc worker jobs details
  • Update nginx config to allow cf files to get application and bits details
  • Added staging error message to /v2/apps/:guid details
  • Added a meaningful error when request fails due to issues writing to ccdbdetails
  • When changing a plan, user should not see that the plan has changed until the update succeeds details
  • only user with SpaceDeveloper role should be able to obtain dashboard_url details
  • when attempting to recursively delete an org containing a service instance with bound applications, user should receive an error message indicating which service instance is the problem details
  • Admins can delete the last OrgManager on an Organization details

Runtime

DEA

  • Mask sensitive data (e.g. VCAP_SERVICES and environment variables) in logs. details

Warden

  • Mask sensitive data (e.g. VCAP_SERVICES and environment variables) in logs. details
  • Disk quotas no longer break when rootfs already contains vcap user. details
  • Move extraction of cflinuxfs2 rootfs into the DEA job to ensure the ownership of /home/vcap in the rootfs is vcap:vcap. details

Buildpacks

staticfile-buildpack v1.2.0

https://github.com/cloudfoundry/staticfile-buildpack/releases/tag/v1.2.0

https://github.com/cloudfoundry/staticfile-buildpack/releases/tag/v1.1.1

ruby-buildpack v1.5.0

https://github.com/cloudfoundry/ruby-buildpack/releases/tag/v1.5.0

python-buildpack v1.4.0

https://github.com/cloudfoundry/python-buildpack/releases/tag/v1.4.0

php-buildpack v3.3.0

https://github.com/cloudfoundry/php-buildpack/releases/tag/v3.3.0

nodejs-buildpack v1.4.0

https://github.com/cloudfoundry/nodejs-buildpack/releases/tag/v1.4.0

go-buildpack v1.4.0

https://github.com/cloudfoundry/go-buildpack/releases/tag/v1.4.0

binary-buildpack v1.0.1

https://github.com/cloudfoundry/binary-buildpack/releases/tag/v1.0.1

Identity

  • Bumped UAA to version 2.4.0 details

Routing

  • Work continues on support for route services details
  • Moved gorouter and routing-api source to src/github.com details
  • Routing API debug port changed so as not to conflict with GoRouter's details
  • Routes can no longer be registered with the Routing API with ports greater than 65536 details
  • Routing API now emits metrics for operational visibility using Metron agent details

Log Aggregation and Metrics

No Changes.

Manifest Template and ...

Read more
Assets 2
Loading

v212

24 Jun 16:47
v212
b30e0fd
Compare
Choose a tag to compare
v212

The cf-release v212 was released on June 22nd, 2015

  • IMPORTANT: Database migrations have been moved into their own job. Previously part of cloud_controller_ng details
  • IMPORTANT: Loggregator vms have been renamed Doppler details. Note: with zero-downtime requires a two-phase deploy:
    1. Add instances of each doppler job to match the number of instances of the corresponding loggregator job and deploy.
    2. Remove all instances of loggregator and deploy.
  • IMPORTANT: default template stemcells have been updated from lucid to trusty details

Buildpacks

  • cloudfoundry/cf-release #701 Upgrade NodeJs buildpack to v1.3.4 details
  • cloudfoundry/cf-release #697 Upgrade PHP buildpack to v3.2.2 details
  • cloudfoundry/cf-release #699 Upgrade Staticfile buildpack to v1.1.0 details
  • cloudfoundry/cf-release #702 Upgrade Python buildpack to v1.3.5 details

Runtime

  • Allow for more than one attribute to be updated in a service instance update call. If anything fails, roll back all changes. details
  • Warden more gracefully handles "Disconnected" timeouts during staging details
  • Fixed a bug where newrelic filled logs with bogus error: ERROR : URI::InvalidURIError: bad URI details
  • [Experimental] User can scale v3 applications process memory details
  • Address cve USN-2624-1 details
    1. Upgraded installed packages
  • Service catalog now reports plans with the duplicate name details
  • [Experimental] User can scale v3 process disk details
  • Service catalog now reports duplicate plan ids details
  • Fixed bug where Cloud Controller would become stuck waiting for NFS details
  • Fixed bug where apps could request negative disk details
  • Added doppler_logging_endpoint to /v2/info details
  • Applications can be scaled to 0 instances details
  • Space manager and auditor should see 404 error when deleting service keys details
  • Gorouter - Added "Cache-Control" and "Expires" headers to prevent caching of heartbeat responses. details
  • Fixed a bug where buildpack caches were not being deleted details
  • Removed Experimental tag from context path routing details

UAA

  • Bumped UAA to version 3.2.1 details

Routing Api

  • [Experimental] Now co-located on the Cloud Controller details

Loggregator

  • No major changes besides the rename to doppler mentioned above

Manifest and Job Spec Changes

  • properties.doppler.enabled details
  • properties.doppler.use_ssl details
  • properties.doppler.port details
  • properties.collector.memory_threshold details
  • properties.uaa.newrelic.environment can be used to configure the old newrelic configuration of uaa.newrelic.common.license_key details
  • properties.uaa.database.case_insensitive can be set to true when using case sensitivity with queries/filters because your DB is case sensitive.
  • [Experimental] routing api properties
    • properties.routing-api.consul_ttl
    • properties.routing-api.lock_retry_interval
    • properties.routing-api.metrics_reporting_ttl
    • properties.routing-api.statsd_endpoint
    • properties.routing-api.debug_address
    • properties.routing-api.max_concurrent_etcd_requests
    • properties.routing-api.statsd_client_flush_interval
  • [Experimental]
    • properties.routing-api.enabled changed to properties.router.enable_routing_api
    • properties.acceptance_tests.oauth_password cats credentials used to create, list and update routes details
    • properties.acceptance_tests.system_domain cats system domain for your CF release details

Used Configuration

  • BOSH Version: 152
  • Stemcell Version: 2989
  • CC Api Version: 2.29.0

Commit summary

Compatible Diego Version

  • final release 0.1304.0 commit
Assets 2
Loading

v211

06 Jun 07:07
@dieucao dieucao
v211
2121dc6
Compare
Choose a tag to compare
v211

The cf-release v211 was released on June 4th, 2015

  • IMPORTANT: This release removes lucid64 stack, please ensure apps migrated prior to upgrade
  • IMPORTANT: If using the postgres included within cf-release, please carefully read the note below about postgres job upgrade

Runtime

  • Remove lucid64 stack completely from cf-release details
  • Upgraded postgres included in cf-release to postgres 9.4.2 details
    • See note below about the postgres job upgrade
  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Route API details
  • [Experimental] Work continues on Context Path Routes details
  • Work in progress for support of user-provided tags on service instances details
  • cloudfoundry/cf-release #689: Fixing failed cc_ng and cc_ng_worker with NFS details
  • Remove default support address for CC details
  • increased cloud_controller_ng start timeout to be able to run long ccdb migrations details
  • cloudfoundry/cf-release #680: staticfile to be tested before nodejs/ruby buildpacks details
  • cloudfoundry/stacks #16: Add cmake to rootfses details
  • cloudfoundry/stacks #17: Add autoconf to rootfs details
  • cloudfoundry/cf-release #682: Upgrading ruby buildpack to v1.4.2 details
  • cloudfoundry/cf-release #683: Upgrading python buildpack to v1.3.2 details
  • Make 'dea_next.stacks' overridable in the manifest. details
  • cloudfoundry/cf-release #681: Add security group for cf-mysql subnets on bosh-lite details
  • cloudfoundry/dea_ng #164: Add warden_handle method to staging task details
  • Use MASQUERADE instead of SNAT for container NAT details
  • Throw better errors for apps stats endpoint details
  • Fix buildpack_cache deletion issue details

Loggregator

  • If no Dopplers available in an AZ, Metron will now fail over across AZs. details
  • StatsD support broken out of Metron and into a separate process. New class of items for adding data into metron/loggregator now known as an “injectors." Further info to follow on cf-dev.
  • All loggregator metrics now using a Metron /varz shim instead of writing to a local /varz.
    • Most loggregator metrics will have a different prefix as a result.
    • All former metrics and new ones are documented - in wiki (scroll right) and in a public google doc.
    • Story details.
    • Other CF Components to follow; docs to be formalized with documentation team.
  • NOAA client library fixed Close() issue, independent of CF release. Change is backward-incompatible.
  • Removed Dropsonde protocol dependence on gogoproto for non-go builds. details
  • Increase doppler marshal/unmarshal efficiency to compensate for message size changes. details
  • [Bug Fix] Syslog drain binder is no longer leaking connections to cloud_controller. details
  • [Bug Fix] LoggregatorClientPool no longer leaking clients to non-existant dopplers. details

Used Configuration

  • BOSH Version: 152
  • Stemcell Version: 2969
  • CC Api Version: 2.28.0

Commit summary

Compatible Diego Version

  • final release 0.1281.0 commit

Postgres Job Upgrade

The Postgres Job will upgrade the postgres database to version 9.4.2. Postgres will be unavailable during this upgrade.

A copy of the database is made for the upgrade, you may need to adjust the persistent disk capacity of the postgres job.

If the upgrade fails:

  • The old database is still available at /var/vcap/store/postgres
  • The new database is at /var/vcap/store/postgres-9.4.2
  • A marker file is kept at /var/vcap/store/FLAG_POSTGRES_UPGRADE to prevent the upgrade from happening again.
  • pg_upgrade logs that may have details of why the migration failed can be found in /home/vcap/

To attempt the upgrade again, you should remove /var/vcap/store/postgres-9.4.2 and /var/vcap/store/FLAG_POSTGRES_UPGRADE

To rollback to a previous release, you should remove /var/vcap/store/postgres-9.4.2 and /var/vcap/store/FLAG_POSTGRES_UPGRADE. The previous release has no knowledge of these files, but they will conflict if you later try the upgrade again.

Post upgrade, both old and new databases are kept. The old database moved to /var/vcap/store/postgres-previous. The postgres-previous directory will be kept until the next postgres upgrade is performed in the future. You are free to remove this if you have verified the new database works and you want to reclaim the space.

Manifest and Job Spec Changes

  • properties.cc.stacks.default lucid64 stack has been removed
  • properties.dea_next.stacks.default lucid64 stack has been removed
Assets 2
Loading

v210

26 May 08:29
@dieucao dieucao
v210
9334295
Compare
Choose a tag to compare
v210

The cf-release v210 was released on May 23rd, 2015

  • Note: A bug was found where CC and Worker jobs were not updating when using NFS as a blobstore. details

Runtime

  • Addressed USN-2617-1 CVE-2015-3202 FUSE vulnerabilities
    • Removed fuse binaries from lucid64 rootfs . Apps running on lucid64 stack requiring fuse should switch to cflinuxfs2 details
    • fuse binaries updated on cflinuxfs2 rootfs. details
  • [Experimental] Work continues on support for Asynchronous Service Instance Operations details
    • Support for configurable max polling duration
  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Route API details
  • [Experimental] Work continues on Context Path Routes details
  • Work continues on support for Service Keys details
  • Upgrade etcd server to 2.0.1 details
    • Should be run as 1 node (for small deployments) or 3 nodes spread across zones (for HA)
    • Also upgrades hm9k dependencies. LAMB client to be upgraded in a subsequent release. Older client is compatible.
  • cloudfoundry/cf-release #670: Be able to specify timeouts for acceptance tests without defaults in the spec. details
  • Fix bug where ssl enabled routers were not draining properly details
  • cloudfoundry/cloud_controller_ng #378: current usage against the org quota details
  • Apps no longer need to be unbound and rebound to receive new credentials when a user-provided service instance is updated. Apps only need to be restaged/restarted details

UAA

Used Configuration

  • BOSH Version: 152
  • Stemcell Version: 2889
  • CC Api Version: 2.27.0

Commit summary

Compatible Diego Version

  • final release 0.1247.0 commit

Manifest and Job Spec Changes

  • properties.acceptance_tests.skip_regex added
  • properties.app_ssh.host_key_fingerprint added
  • properties.app_ssh.port defaults to 2222
  • properties.uaa.newrelic added
  • properties.login.logout.redirect.parameter.whitelist
Assets 2
Loading

v209

23 May 01:15
@shalako shalako
v209
92af122
Compare
Choose a tag to compare
v209

The cf-release v209 was released on May 20, 2015

  • Please see note about merge of UAA/Login server jobs on cf-release v208
  • Note manifest changes below
  • Note: A bug was found where CC and Worker jobs were not updating when using NFS as a blobstore. details

Runtime

  • [Experimental] Work continues on support for Asynchronous Service Instance Operations details
    • Support for configurable max polling duration
  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Route API details
  • [Experimental] Work continues on Context Path Routes details
  • Work continues on support for Service Keys details
    • Orphan Mitigation implemented
    • Support for brokers to reject bind requests without app_guid with an error code
  • Arbitrary Service Parameters can be provided with calls to create service instance, update, bind, and create key details
    • Broker api version incremented to 2.5, docs will be published shortly
    • CLI work in progress
  • /v2/service_usage_events now supports service_guid query param details
  • SpaceManager now has read-permissions to /v2/service_instances, just as SpaceAuditor. Credentials are redacted details
  • Rake is now configured to autocorrect rubocop errors; Rake should fail less often on first attempt details.
  • Environment variables are now redacted from varz details
  • cloudfoundry/gorouter #82: Record number of bytes in the request details
    • This changes the format of messages recorded in the access log.
    • Format:
      Host - [StartTime] "Method RequestURI Protocol" StatusCode RequestBytesReceived BodyBytesSent "Referer" "User-Agent" RemoteAddr x_forwarded_for:"X-Forwarded-For" vcap_request_id:X-Vcap-Request-Id response_time:ResponseTime app_id:ApplicationId
    • Example:
      api.a1.cf-app.com - [15/05/2015:02:17:03 +0000] "GET /v2/spaces/3dd21504-7d75-4d01-a87f-e781b3f9729b/service_instances?return_user_provided_service_instances=true&q=name%3A1f4f6404-e204-4de4-4a95-7090d0a96a61&inline-relations-depth=1 HTTP/1.1" 200 0 3903 "-" "go-cli 6.11.1-4ef66f6 / linux" 10.10.66.195:14840 x_forwarded_for:"54.208.54.151" vcap_request_id:40d0b05a-ae34-4161-47c1-9500022731cb response_time:0.045296582 app_id:

Loggregator

  • Bug fix: logs endpoint no longer hangs if doppler is down details
  • Enabled scaling of unmarshallers to reduce message loss details
  • Removed WWW-Authenticate from non-401 responses details

UAA

  • Adjusted scopes for the identity client example details
  • Handling of SAML metadata is now more lenient
    details
  • Several additional DB properties are now configurable in manifest details
  • Improved readability/usability of the internal hostnames property details
  • Client display name is now used on Approvals page if it is available details

Used Configuration

  • BOSH Version: 152
  • Stemcell Version: 2889
  • CC Api Version: 2.27.0

Commit summary

Compatible Diego Version

  • final release 0.1209.0 commit

Manifest and Job Spec Changes

Added "binary_buildpack" buildpack to cc.system_buildpacks and cc.install_buildpacks

properties.acceptance_tests.include_routing_api defaults to false
properties.acceptance_tests.system_domain used for routing api specs
properties.acceptance_tests.oauth_password used for routing api specs

properties.uaa.database.max_connections defaults to 100
properties.uaa.database.max_idle_connections defaults to 10
properties.uaa.database.remove_abandoned defaults to false
properties.uaa.database.abandoned_timeout defaults to 300
properties.uaa.database.log_abandoned defaults to true
properties.uaa.zones.internal.hostnames defaults to [uaa.service.consul]

properties.login.logout.redirect.url
properties.login.logout.redirect.parameter.disable

properties.doppler.unmarshaller_count defaults to 5
properties.metron_agent.deployment

Assets 2
Loading

v208

13 May 00:20
@dieucao dieucao
v208
6003f78
Compare
Choose a tag to compare
v208

The cf-release v208 was released on May 12th, 2015

  • Please see note about merge of UAA/Login server jobs below to maintain zero down time for CC and UAA for existing deployments.
  • A change in the templates to no longer include resource pool sizes requires a minimum bosh director of v149.
  • Note: A bug was found where CC and Worker jobs were not updating when using NFS as a blobstore. details

Runtime

  • [Experimental] Work continues on support for Asynchronous Service Instance Operations details
  • Completed Improvements to Recursive Deletion of Org and Space, in support of Asynchronous Service Operations details
  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Route API details
  • [Experimental] Work continues on Context Path Routes details
  • Work continues on support for Service Keys details
  • Work continues on support for Arbitrary Service Parameters details
  • Adjusted ephemeral disk sizes on new instance types for AWS template to be more realistic details
  • Including staticfile buildpack v1.0.0 details
  • Removed separate login job from minimal aws deployment details
  • Allow acceptance test timeouts to be set via manifest details
  • Update default cipher list for haproxy and gorouter details
  • Addressed tcpdump CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155 details
  • Upgrading php buildpack to v3.1.1 details
  • Manifest templates no longer include resource pool sizes details
    • Requires minimum bosh director v149
  • Upgrading ruby buildpack to v1.3.1 details
  • Bump CLI to 6.11.1 for CATS and remove darwin CLI details
  • Upgrade cf-release to use ruby 2.1.6 and remove ruby 2.1.4 for CC, Collector, Warden, DEA details
  • cloudfoundry/cf-release #660: Add security group for cf-mysql subnets to bosh-lite details
  • Adjust VCAP_ID as endpoint/sticky cookie changes details
  • Disable compression when creating proxy connection details
  • cleanup regex details
  • A space developer can create a wildcard route for private domains details
  • Allow commands to be reset to nothing details

UAA Updates

  • Merged UAA & Login Server details
  • Multi-tenant UAA details
    • Registering wildcard routes for *.login and *.uaa details
  • Zero Downtime Upgrade Procedure
    • Perform the cf-release upgrade and keep number of login server of jobs the same as your existing deploy.
    • Change the number of Login Server Job instances to 0 and re-deploy after initial deploy completes.

Note: The combination of Older Login Server jobs and the newly merged UAA/Login Server job is not supported. This should be done only for a short duration to achieve the zero downtime. The Login Server instances should be deleted via a bosh redeploy immediately after a successful upgrade

Used Configuration

  • BOSH Version: 152
  • Stemcell Version: 2889
  • CC Api Version: 2.25.0

Commit summary

Compatible Diego Version

Manifest and Job Spec Changes

  • jobs.login_z1.instances changed to 0
  • jobs.login_z2.instances changed to 0
  • properties.cc.allow_app_ssh_access added
    • Set to "true" to allow SSH to Diego apps
    • Not yet supported for configurations using HAProxy
  • Added "staticfile_buildpack" buildpack to cc.system_buildpacks and cc.install_buildpacks
  • ha_proxy.ssl_ciphers Reduced the set of default ciphers
  • Acceptance Test timeouts configurable via manifest properties
    • acceptance_tests.default_timeout
    • acceptance_tests.cf_push_timeout
    • acceptance_tests.long_curl_timeout
    • acceptance_tests.broker_start_timeout
Assets 2
Loading

v207

16 Apr 23:45
@dieucao dieucao
v207
afbe01c
Compare
Choose a tag to compare
v207

The cf-release v207 was released on April 16th, 2015

  • Note: In this release we have changed the default rootfs to cflinuxfs2 details
  • Note: A bug was found where CC and Worker jobs were not updating when using NFS as a blobstore. details

Runtime

  • Fixed a bug introduced in v206 where apps using the python buildpack with cflinuxfs2 stack failed to run details
  • cloudfoundry/cf-release #658: Java buildpack v3.0 details
  • Added a new end point /v2/spaces/:guid/user_roles details
  • Apps are now queryable by stack_guid details
  • Update Sequel and add a index on droplets.droplet_hash details
    • Improves general query performance against ccdb
  • Fixed an issue where gorouters were always taking 15 minutes to drain detail
  • [Experimental] Work continues on support for Asynchronous Service Instance Operations details
  • Work continues on improvements to Recursive Space Deletion details
  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Route API details
  • Work continues on support for Service Keys details
  • Work continues on support for Arbitrary Service Parameters details

Loggregator

Features

  • Metron now supports statsd protocol endpoint. Details to follow in add'l vcap-dev post.
  • Loggregator now generates UUID for components. details
  • Additional Doppler integration tests to prevent regression:
    • ... for metrics emission. details
    • ... and for goroutine dumps. details
  • PR: Updated go package path. details
  • PR: InstrumentedResponseWriter conforms to CloseNotifier interface. details

Bugs

  • Fixed an issue where an incorrect typecast would cause a Doppler panic. details
  • Fixed Doppler incorrectly computing totalDroppedMessages as a result of fixing typecast issue. details
  • PR: Fixed an issue where syslog drain binder assumes that cc is available via http by default. details
  • PR: Additional typos and broken links. detail 1 detail 2

Used Configuration

  • BOSH Version: 152
  • Stemcell Version: 2889
  • CC Api Version: 2.25.0

Commit summary

Compatible Diego Version

  • final release 0.1099.0 commit
Assets 2
Loading