Skip to content

Releases: cloudfoundry/diego-release

2.80.0

12 Jul 13:29
@tas-runtime-bot tas-runtime-bot
v2.80.0
16cc649
Compare
Choose a tag to compare
2.80.0

Changes

  • Bumped to golang 1.20.6

✨ Built with go 1.20.6

Full Changelog: v2.79.0...v2.80.0

Resources

Assets 3
Loading

2.79.0

06 Jul 14:25
@tas-runtime-bot tas-runtime-bot
v2.79.0
3eee48a
Compare
Choose a tag to compare
2.79.0

Changes

✨ Built with go 1.20.5

Full Changelog: v2.78.0...v2.79.0

Resources

Contributors

mariash, vlast3k, and klapkov
Assets 3
Loading

2.78.0

07 Jun 13:19
@tas-runtime-bot tas-runtime-bot
v2.78.0
f5451f4
Compare
Choose a tag to compare
2.78.0

Changes

  • Bumped to golang 1.20.5
  • Vizzini now defaults to cflinuxfs4

Bosh Job Spec changes:

diff --git a/jobs/vizzini/spec b/jobs/vizzini/spec
index 40b5eb74b..6ff53c654 100644
--- a/jobs/vizzini/spec
+++ b/jobs/vizzini/spec
@@ -73,7 +73,7 @@ properties:
 
   default_rootfs:
     description: "Default preloaded rootfs to target for running Tasks and LRPs"
-    default: "preloaded:cflinuxfs3"
+    default: "preloaded:cflinuxfs4"
 
   grace_tarball_url:
     description: "URL for the grace test asset"

✨ Built with go 1.20.5

Full Changelog: v2.77.0...v2.78.0

Resources

Assets 3
Loading

2.77.0

31 May 14:01
@tas-runtime-bot tas-runtime-bot
v2.77.0
a6e6300
Compare
Choose a tag to compare
2.77.0

Changes

  • Adds support for B3 Trace ID logging across diego component requests
  • Timeouts in for executor's uploader have been increased to 500ms
  • Byte-based logging limits for LRPs and Tasks now emit only once per second
  • LRPs can now have liveness and readiness check intervals defined when the LRP is created.
  • Dependency Bumps:
    • code.cloudfoundry.org/archiver a23cadd462ce
    • code.cloudfoundry.org/certsplitter a2c6caf14c29
    • code.cloudfoundry.org/cf-tcp-router ecebe81f2c0c
    • code.cloudfoundry.org/credhub-cli 439bdb2
    • code.cloudfoundry.org/debugserver 70a733dc508f
    • code.cloudfoundry.org/diego-logging-client 40495b68ac2e
    • code.cloudfoundry.org/durationjson 7a601daf48ee
    • code.cloudfoundry.org/eventhub 8efdeac72e14
    • code.cloudfoundry.org/garden 8444ff5a31d7
    • code.cloudfoundry.org/goshims v0.17.0
    • code.cloudfoundry.org/grootfs 79fecf24
    • code.cloudfoundry.org/guardian 98f55817772e
    • code.cloudfoundry.org/idmapper a410520
    • code.cloudfoundry.org/localip 2ea90d997658
    • github.com/aws/aws-sdk-go v1.44.269
    • github.com/awslabs/amazon-ecr-credential-helper/ecr-login 7f2db5bd753e
    • github.com/cloudfoundry/dropsonde v1.1.0
    • github.com/docker/docker v24.0.1+incompatible
    • github.com/envoyproxy/go-control-plane ba92d50b6596
    • github.com/nats-io/nats-server/v2 v2.9.17
    • github.com/nats-io/nats.go v1.26.0
    • github.com/onsi/ginkgo/v2 v2.9.5
    • github.com/onsi/gomega v1.27.7
    • github.com/tedsuo/ifrit 7862c310ad26
    • golang.org/x/sys v0.8.0
    • google.golang.org/grpc v1.55.0

✨ Built with go 1.20.4

Full Changelog: v2.76.0...v2.77.0

Resources

Assets 3
Loading

2.76.0

04 May 23:42
@tas-runtime-bot tas-runtime-bot
v2.76.0
deed757
Compare
Choose a tag to compare
2.76.0

Changes

  • Bump to Go 1.20.4
  • Bump dependencies

Bosh Job Spec changes:

diff --git a/jobs/auctioneer/spec b/jobs/auctioneer/spec
index ae685ceb9..1fac48936 100644
--- a/jobs/auctioneer/spec
+++ b/jobs/auctioneer/spec
@@ -88,6 +88,12 @@ properties:
   diego.auctioneer.locket.api_location:
     description: "Hostname and port of the Locket server. When set, the auctioneer attempts to claim a lock from the Locket API."
     default: locket.service.cf.internal:8891
+  diego.auctioneer.locket.client_keepalive_time: 
+    description: "Period in seconds after which the locket gRPC client sends keepalive ping requests to the locket server it is connected to."
+    default: 10
+  diego.auctioneer.locket.client_keepalive_timeout: 
+    description: "Timeout in seconds to receive a response to the keepalive ping. If a response is not received within this time, the locket client will reconnect to another server."
+    default: 22
 
   locks.locket.enabled:
     description: When set, the auctioneer attempts to claim a lock from the Locket API.
diff --git a/jobs/bbs/spec b/jobs/bbs/spec
index b6f1040c2..9204a8d4c 100644
--- a/jobs/bbs/spec
+++ b/jobs/bbs/spec
@@ -140,6 +140,12 @@ properties:
   diego.bbs.locket.api_location:
     description: "Hostname and port of the Locket server. When set, the BBS attempts to claim a lock from the Locket API and will detect Diego cells registered with the Locket API."
     default: locket.service.cf.internal:8891
+  diego.bbs.locket.client_keepalive_time: 
+    description: "Period in seconds after which the locket gRPC client sends keepalive ping requests to the locket server it is connected to."
+    default: 10
+  diego.bbs.locket.client_keepalive_timeout: 
+    description: "Timeout in seconds to receive a response to the keepalive ping. If a response is not received within this time, the locket client will reconnect to another server."
+    default: 22
 
   limits.open_files:
     description: Maximum number of files (including sockets) the BBS process may have open.
diff --git a/jobs/rep/spec b/jobs/rep/spec
index df7bd7c49..1383b67c0 100644
--- a/jobs/rep/spec
+++ b/jobs/rep/spec
@@ -217,6 +217,12 @@ properties:
   diego.rep.locket.api_location:
     description: "Hostname and port of the Locket server. When set, the cell rep will establish its cell registration in the Locket API."
     default: locket.service.cf.internal:8891
+  diego.rep.locket.client_keepalive_time: 
+    description: "Period in seconds after which the locket gRPC client sends keepalive ping requests to the locket server it is connected to."
+    default: 10
+  diego.rep.locket.client_keepalive_timeout: 
+    description: "Timeout in seconds to receive a response to the keepalive ping. If a response is not received within this time, the locket client will reconnect to another server."
+    default: 22
 
   enable_declarative_healthcheck:
     description: "When set, enables the rep to prefer the LRP CheckDefinition to healthcheck instances over the Monitor action. Requires Garden-Runc v1.10.0+"
diff --git a/jobs/rep_windows/spec b/jobs/rep_windows/spec
index 4fc4504bf..023d76f18 100644
--- a/jobs/rep_windows/spec
+++ b/jobs/rep_windows/spec
@@ -227,7 +227,13 @@ properties:
   diego.rep.locket.api_location:
     description: "Hostname and port of the locket server"
     default: locket.service.cf.internal:8891
-
+  diego.rep.locket.client_keepalive_time: 
+    description: "Period in seconds after which the locket gRPC client sends keepalive ping requests to the locket server it is connected to."
+    default: 10
+  diego.rep.locket.client_keepalive_timeout: 
+    description: "Timeout in seconds to receive a response to the keepalive ping. If a response is not received within this time, the locket client will reconnect to another server."
+    default: 22
+  
   enable_declarative_healthcheck:
     description: "When set, enables the rep to prefer the LRP CheckDefinition to healthcheck instances over the Monitor action."
     default: false
diff --git a/jobs/vizzini/spec b/jobs/vizzini/spec
index fa6c8d0d0..40b5eb74b 100644
--- a/jobs/vizzini/spec
+++ b/jobs/vizzini/spec
@@ -47,9 +47,6 @@ properties:
   vizzini.verbose:
     description: Run tests in verbose mode
     default: false
-  vizzini.stream:
-    description: Stream output from parallel test nodes. This option will lead to less coherent output but is useful when debugging
-    default: false
 
   enable_declarative_healthcheck:
     description: "When set, enables the declarative check tests in vizzini"

✨ Built with go 1.20.4

Full Changelog: v2.75.0...v2.76.0

Resources

Assets 3
Loading

2.75.0

28 Apr 19:49
@tas-runtime-bot tas-runtime-bot
v2.75.0
4aa6a20
Compare
Choose a tag to compare
2.75.0

Changes

  • Bump ginkgo to v2 and lager to v3
  • [Bug fix] Rep does not clean up resources when deleting container fails

✨ Built with go 1.20.3

Full Changelog: v2.73.0...v2.75.0

Resources

Assets 3
Loading

2.73.0

15 Mar 17:32
@tas-runtime-bot tas-runtime-bot
v2.73.0
042cc1b
Compare
Choose a tag to compare
2.73.0

Changes

Bosh Job Spec changes:

diff --git a/jobs/rep/spec b/jobs/rep/spec
index 8591fb6ba..df7bd7c49 100644
--- a/jobs/rep/spec
+++ b/jobs/rep/spec
@@ -182,7 +182,7 @@ properties:
     description: "Environment variables to use when running the garden health check"
     default: ""
   diego.executor.post_setup_hook:
-    description: "Experimental: arbitrary command to run after setup action"
+    description: "Experimental: arbitrary command to run after setup action. WARNING: this applies to both buildpack + docker app lifecycles. Any commands specified here *MUST* exist in any docker image being run, or the app will fail to start"
   diego.executor.post_setup_user:
     description: "Experimental: user to run post setup hook command"
   diego.executor.volman.driver_paths:
diff --git a/jobs/vizzini/spec b/jobs/vizzini/spec
index 57feb767a..fa6c8d0d0 100644
--- a/jobs/vizzini/spec
+++ b/jobs/vizzini/spec
@@ -80,11 +80,11 @@ properties:
 
   grace_tarball_url:
     description: "URL for the grace test asset"
-    default: "https://storage.googleapis.com/diego-assets-bucket/grace.tar.gz"
+    default: "https://storage.googleapis.com/diego-assets/grace.tar.gz"
 
   grace_tarball_checksum:
     description: "grace test asset sha1 checksum"
 
   grace_busybox_image_url:
     description: "grace test asset busybox container image"
-    default: "docker:///cfdiegodocker/grace"
+    default: "docker:///cloudfoundry/grace"

✨ Built with go 1.20.2

Full Changelog: v2.72.0...v2.73.0

Resources

Assets 3
Loading

2.72.0

04 Mar 07:07
@tas-runtime-bot tas-runtime-bot
v2.72.0
82dce9c
Compare
Choose a tag to compare
2.72.0

Changes

Bosh Job Spec changes:

diff --git a/jobs/auctioneer/spec b/jobs/auctioneer/spec
index 4fd93c8b2..ae685ceb9 100644
--- a/jobs/auctioneer/spec
+++ b/jobs/auctioneer/spec
@@ -88,13 +88,6 @@ properties:
   diego.auctioneer.locket.api_location:
     description: "Hostname and port of the Locket server. When set, the auctioneer attempts to claim a lock from the Locket API."
     default: locket.service.cf.internal:8891
-  diego.auctioneer.skip_consul_lock:
-    default: false
-    description: "Set to 'true' for the auctioneer to skip acquiring a Consul lock. Requires 'diego.auctioneer.locket.api_location' to be set."
-
-  enable_consul_service_registration:
-    description: "Enable the auctioneer to register itself as a service with Consul, for client discovery via Consul DNS. Do not disable without arranging alternate service discovery."
-    default: true
 
   locks.locket.enabled:
     description: When set, the auctioneer attempts to claim a lock from the Locket API.
diff --git a/jobs/bbs/spec b/jobs/bbs/spec
index 11cd996f0..b6f1040c2 100644
--- a/jobs/bbs/spec
+++ b/jobs/bbs/spec
@@ -140,16 +140,6 @@ properties:
   diego.bbs.locket.api_location:
     description: "Hostname and port of the Locket server. When set, the BBS attempts to claim a lock from the Locket API and will detect Diego cells registered with the Locket API."
     default: locket.service.cf.internal:8891
-  diego.bbs.skip_consul_lock:
-    default: false
-    description: "Set to 'true' for the BBS to skip acquiring a Consul lock. Requires 'diego.bbs.locket.api_location' to be set."
-  diego.bbs.detect_consul_cell_registrations:
-    default: true
-    description: "Whether the BBS should detect Diego cell registrations present in the Consul key-value store. To prevent unexpected loss of capacity, set to 'false' only when the BBS uses Locket and when all Diego cells in the cluster maintain their registrations via Locket."
-
-  enable_consul_service_registration:
-    description: "Enable the BBS to register itself as a service with Consul, for client discovery via Consul DNS. Do not disable without arranging alternate service discovery."
-    default: true
 
   limits.open_files:
     description: Maximum number of files (including sockets) the BBS process may have open.
diff --git a/jobs/file_server/spec b/jobs/file_server/spec
index 7d50581a3..dddda86c2 100644
--- a/jobs/file_server/spec
+++ b/jobs/file_server/spec
@@ -59,10 +59,6 @@ properties:
   tls.key:
     description: "PEM-encoded tls key"
 
-  enable_consul_service_registration:
-    description: "Enable the file-server to register itself as a service with Consul, for client discovery via Consul DNS. Do not disable without arranging alternate service discovery."
-    default: true
-
   logging.format.timestamp:
     description: "Format for timestamp in component logs. Valid values are 'unix-epoch' and 'rfc3339'."
     default: "unix-epoch"
diff --git a/jobs/locket/spec b/jobs/locket/spec
index 0bbcc4c7b..640651ffb 100644
--- a/jobs/locket/spec
+++ b/jobs/locket/spec
@@ -66,9 +66,6 @@ properties:
     default: false
   diego.locket.sql.ca_cert:
     description: "Bundle of CA certificates for the Locket to verify the SQL server SSL certificate when connecting via SSL"
-  enable_consul_service_registration:
-    description: "Enable the Locket server to register itself as a service with Consul, for client discovery via Consul DNS. Do not disable without arranging alternate service discovery."
-    default: true
 
   logging.format.timestamp:
     description: "Format for timestamp in component logs. Valid values are 'unix-epoch' and 'rfc3339'."
diff --git a/jobs/rep/spec b/jobs/rep/spec
index e2d40d28c..8591fb6ba 100644
--- a/jobs/rep/spec
+++ b/jobs/rep/spec
@@ -9,9 +9,6 @@ templates:
   trusted_ca_certificates.json.erb: config/certs/rep/trusted_ca_certificates.json
   instance_identity.crt.erb: config/certs/rep/instance_identity.crt
   instance_identity.key.erb: config/certs/rep/instance_identity.key
-  consul_ca.crt.erb: config/certs/consul/ca.crt
-  consul_client.crt.erb: config/certs/consul/client.crt
-  consul_client.key.erb: config/certs/consul/client.key
   rep.json.erb: config/rep.json
   bpm.yml.erb: config/bpm.yml
   bpm-pre-start.erb: bin/bpm-pre-start
@@ -106,16 +103,6 @@ properties:
   tls.ca_cert:
     description: "REQUIRED: PEM-encoded tls client CA certificate for asset upload/download"
 
-  diego.rep.consul.require_tls:
-    description: "Require mutual TLS to talk to the local consul API"
-    default: false
-  diego.rep.consul.ca_cert:
-    description: "PEM-encoded CA certificate"
-  diego.rep.consul.client_cert:
-    description: "PEM-encoded client certificate"
-  diego.rep.consul.client_key:
-    description: "PEM-encoded client key"
-
   diego.executor.memory_capacity_mb:
     description: "the memory capacity the executor should manage.  this should not be greater than the actual memory on the VM"
     default: "auto"
@@ -228,12 +215,9 @@ properties:
     default: "rep"
 
   diego.rep.locket.api_location:
-    description: "Hostname and port of the Locket server. When set, the cell rep will establish its cell registration in the Locket API instead of in the Consul key-value store."
+    description: "Hostname and port of the Locket server. When set, the cell rep will establish its cell registration in the Locket API."
     default: locket.service.cf.internal:8891
 
-  enable_consul_service_registration:
-    description: "Enable the cell rep to register itself as a service with Consul, for client discovery via Consul DNS. Do not disable without arranging alternate service discovery."
-    default: true
   enable_declarative_healthcheck:
     description: "When set, enables the rep to prefer the LRP CheckDefinition to healthcheck instances over the Monitor action. Requires Garden-Runc v1.10.0+"
     default: false
diff --git a/jobs/rep_windows/spec b/jobs/rep_windows/spec
index 2933d2dbc..4fc4504bf 100644
--- a/jobs/rep_windows/spec
+++ b/jobs/rep_windows/spec
@@ -9,9 +9,6 @@ templates:
   trusted_ca_certificates.json.erb: config/certs/rep/trusted_ca_certificates.json
   instance_identity.crt.erb: config/certs/rep/instance_identity.crt
   instance_identity.key.erb: config/certs/rep/instance_identity.key
-  consul_ca.crt.erb: config/certs/consul/ca.crt
-  consul_client.crt.erb: config/certs/consul/client.crt
-  consul_client.key.erb: config/certs/consul/client.key
   rep.json.erb: config/rep.json
   loggregator_ca.crt.erb: config/certs/loggregator/ca.crt
   loggregator_client.crt.erb: config/certs/loggregator/client.crt
@@ -102,16 +99,6 @@ properties:
   tls.ca_cert:
     description: "REQUIRED: PEM-encoded tls client CA certificate for asset upload/download"
 
-  diego.rep.consul.require_tls:
-    description: "Require mutual TLS to talk to the local consul API"
-    default: false
-  diego.rep.consul.ca_cert:
-    description: "PEM-encoded CA certificate"
-  diego.rep.consul.client_cert:
-    description: "PEM-encoded client certificate"
-  diego.rep.consul.client_key:
-    description: "PEM-encoded client key"
-
   diego.executor.memory_capacity_mb:
     description: "the memory capacity the executor should manage.  this should not be greater than the actual memory on the VM"
     default: "auto"
@@ -241,9 +228,6 @@ properties:
     description: "Hostname and port of the locket server"
     default: locket.service.cf.internal:8891
 
-  enable_consul_service_registration:
-    description: "Enable the cell rep to register itself as a service with Consul, for client discovery via Consul DNS. Do not disable without arranging alternate service discovery."
-    default: true
   enable_declarative_healthcheck:
     description: "When set, enables the rep to prefer the LRP CheckDefinition to healthcheck instances over the Monitor action."
     default: false
diff --git a/jobs/route_emitter/spec b/jobs/route_emitter/spec
index 7c84cbba4..faac3b0c5 100644
--- a/jobs/route_emitter/spec
+++ b/jobs/route_emitter/spec
@@ -146,9 +146,6 @@ properties:
     description: "Cert used to communicate with local metron agent over gRPC"
   loggregator.key:
     description: "Key used to communicate with local metron agent over gRPC"
-  locks.consul.enabled:
-    description: "Whether the route-emitter in global mode should attempt to claim its activity lock via the Consul API."
-    default: true
   locks.locket.enabled:
     description: "Whether the route-emitter in global mode should attempt to claim its activity lock via the Locket API."
     default: true
diff --git a/jobs/route_emitter_windows/spec b/jobs/route_emitter_windows/spec
index d86340e8f..404c9f518 100644
--- a/jobs/route_emitter_windows/spec
+++ b/jobs/route_emitter_windows/spec
@@ -146,9 +146,6 @@ properties:
     description: "Cert used to communicate with local metron agent over gRPC"
   loggregator.key:
     description: "Key used to communicate with local metron agent over gRPC"
-  locks.consul.enabled:
-    description: "Whether the route-emitter in global mode should attempt to claim its activity lock via the Consul API."
-    default: true
   locks.locket.enabled:
     description: "Whether the route-emitter in global mode should attempt to claim its activity lock via the Locket API."
     default: true
diff --git a/jobs/ssh_proxy/spec b/jobs/ssh_proxy/spec
index a2919c5ab..cd39dbd52 100644
--- a/jobs/ssh_proxy/spec
+++ b/jobs/ssh_proxy/spec
@@ -119,9 +119,6 @@ properties:
   connect_to_instance_address:
     description: "Connect directly to container IP instead of to the host IP and external port. Suitabl...
Read more
Assets 3
Loading

2.71.0

15 Dec 15:24
@tas-runtime-bot tas-runtime-bot
v2.71.0
50ea9cf
Compare
Choose a tag to compare
2.71.0

Changes

  • Removed legacy code relating to consul in diego components. This was long ago replaced by locket.
  • Added helpful logging to cacheddownloader for when it retries/fails downloads. Thanks @vlast3k!
  • Bumped ginkgo dependencies
  • Bumps golang to 1.19.4

✨ Built with go 1.19.4

Full Changelog: v2.70.0...v2.71.0

Resources

Contributors

vlast3k
Assets 3
Loading

2.70.0

28 Nov 17:53
@tas-runtime-bot tas-runtime-bot
v2.70.0
00c7cd1
Compare
Choose a tag to compare
2.70.0

Changes

  • CI updates

✨ Built with go 1.19.3

Full Changelog: v2.69.1...v2.70.0

Resources

Assets 3
Loading