netman/0.7.0
You can find the source of this version on GitHub at cloudfoundry-incubator/netman-release. It was created based on the commit 50b77b89
.
Release Notes¶
This release includes security fixes, performance enhancements and a minor CLI change.
We do not recommend using netman-release in production yet, but give it a try and give us your feedback in the #container-networking channel on cloudfoundry.slack.com.
Verified with the following: - CF release v246 - Diego release v0.1490.0 - garden-runc-release v1.0.3 - flannel v0.6.2 - etcd-release v85 - AWS stemcell 3309
Significant Changes
Manifest changes
This release introduced a manifest change. Details for these changes are here. - When I hit an endpoint I see policy server logs for deleted apps that have policies configured
CLI changes
Security
- As an attacker, I would like to force a mutual tls connection with the policy server to use a weak cipher
- As an operator I can configure an ASG with logging turned on
- flannel-watchdog runs as non-root user
- policy-server runs as non-root user
Performance
Bug Fixes
Documentation
Usage¶
You can reference this release in your deployment manifest from the releases
section:
- name: "netman" version: "0.7.0" url: "https://bosh.io/d/github.com/cloudfoundry-incubator/netman-release?v=0.7.0" sha1: "2c23a4505ef69539856959283285c051af89206b"
Or upload it to your director with the upload-release
command:
bosh upload-release --sha1 2c23a4505ef69539856959283285c051af89206b \ "https://bosh.io/d/github.com/cloudfoundry-incubator/netman-release?v=0.7.0"