release: github.com/cloudfoundry/cf-release / 218

Github source: a80b4f5b or master branch

The cf-release v218 was released on September 22, 2015.

Important: - In v217, we extracted a route_registrar job. When deploying this release, it should be colocated with cloud_controller_ng, uaa, hm9000, and loggregator_trafficcontroller jobs. In this release, it is required to colocate them with uaa and hm9000 as they no longer register their own routes. In subsequent releases it will be required for cloud_controller_ng and loggregator_trafficcontroller as well. There is no harm in colocating it in all the places now as it is safe to duplicate the route registration. The spec fixture manifests provide examples of how to colocate and configure the route_registrar job, for example here is how it is colocated with the uaa in zone 1: [configuration] [colocation].

Contents: - CC and Service Broker APIs - Runtime - Buildpacks and Stacks - Routing - Loggregator - Internal Components - Job Spec Changes - Recommended BOSH Release and Stemcell Versions - Recommended Diego Version - Recommended Garden Linux Version

CC and Service Broker APIs

CC API Version: 2.36.0

Service Broker API Version: 2.6

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on Route Services details
  • cloudfoundry/cloud_controller_ng #409: Pending apps filtered from Health Manager instances count details
  • modified newrelic config to specify hostname correctly details
  • Fixed cc USR1 trap to allow dumping thread information from a running cc process details
  • Added new admin only endpoint to purge a single service instance, its service bindings and service keys details apidoc
    • Use with caution. This endpoint removes all knowledge of the service instance from cloud controller.
    • Experimental flag will be removed in the next cf-release
  • Updated fog gem to 1.34
  • cloudfoundry/cloud_controller_ng #417: Broken cc.runner logger fixed details
  • cloudfoundry/cloud_controller_ng #421: Select from a larger pool of stagers if needed details
    • cc.placement_top_stager_percentage is the new manifest configuration, defaults to 10. Cloud controller will now select either the best 5 stagers or X% of available stagers, whichever is greater to select from for placement, where X is the value specified in this config.
  • Added new endpoints to allow Org and Space managers to add users by username details
    • Associate Auditor with the Organization by Username apidoc
    • Associate Billing Manager with the Organization by Username apidoc
    • Associate Manager with the Organization by Username apidoc
    • Associate User with the Organization by Username apidoc
    • Associate Auditor with the Space by Username apidoc
    • Associate Developer with the Space by Username apidoc
    • Associate Manager with the Space by Username apidoc
  • Added feature flags to control whether management of roles by username is allowed
    • set_roles_by_username
    • unset_roles_by_username
    • When enabled, Org Managers or Space Managers can add access roles by username. In order for this feature to be enabled the CF operator must: 1) Enable the /ids/users/ endpoint for UAA 2) Create a UAA cloud_controller_username_lookup client with the scim.userids authority
  • cloudfoundry/cloud_controller_ng #423: Enable nginx log format and destination config details
    • cc.nginx_access_log_format
    • cc.nginx_error_log_destination

Runtime

DEA

No functional changes.

Warden

No functional changes.

HM9000

  • HM9k no longer registers its own route. details

Buildpacks and Stacks

stacks

updated to 1.8.0 (from 1.7.0)

1.8.0

Notably, this release addresses USN-2739-1, “FreeType vulnerabilities”.

java-buildpack

updated to v3.2 (from v3.1.1)

v3.2

This release focuses on more options to configure JRE memory settings. - Memory calculator 2.0.0 which includes support for specifying initial memory values and expected thread values. - Support for Luna HSM service to provide entropy. - Improved Dynatrace documentation. (via Josef Hoerandtner) - Allow any additional New Relic configuration to be passed through to the agent. (via Bryan Custer) - Support for Spring Insight updated to version 2.0.0.

For a more detailed look at the changes in 3.2, please take a look at the commit log. Packaged versions of the buildpack, suitable for use with create-buildpack and update-buildpack, can be found attached to this release.

Packaged Dependencies

Dependency Version
AppDynamics Agent 4.1.3_1
GemFire 8.0.0
GemFire Modules 8.0.0.1
GemFire Modules Tomcat7 8.0.0.1
GemFire Security 8.0.0
Groovy 2.4.4
JRebel 6.2.3
MariaDB JDBC 1.2.0
Memory Calculator (mountainlion) 2.0.0.RELEASE
Memory Calculator (precise) 2.0.0.RELEASE
Memory Calculator (trusty) 2.0.0.RELEASE
New Relic Agent 3.20.0
OpenJDK JRE (mountainlion) 1.8.0_60
OpenJDK JRE (precise) 1.8.0_60
OpenJDK JRE (trusty) 1.8.0_60
Play Framework JPA Plugin 1.10.0.RELEASE
PostgreSQL JDBC 9.4.1202
RedisStore 1.2.0_RELEASE
SLF4J API 1.5.8
SLF4J JDK14 1.5.8
Spring Auto-reconfiguration 1.10.0_RELEASE
Spring Boot CLI 1.2.5_RELEASE
Tomcat Access Logging Support 2.4.0_RELEASE
Tomcat Lifecycle Support 2.4.0_RELEASE
Tomcat Logging Support 2.4.0_RELEASE
Tomcat 8.0.26

php-buildpack

updated to v4.1.2 (from v4.0.0)

v4.1.2

Note that 4.1.0 and 4.1.1 were not released. - Introduce non-backwards compatible change to composer detection. The buildpack will now, by default, detect composer files in the root directory of a php application or a configured WEBDIR directory. For the buildpack to detect composer files in another directory, one must explicitly set this directory via the COMPOSER_PATH environment variable. For more information please refer to the documentation here: http://docs.cloudfoundry.org/buildpacks/php/gsg-php-composer.html (https://www.pivotaltracker.com/story/show/99170278) - Remove application developer’s ability to override the buildpack’s binaries via DOWNLOAD_URL option. (https://www.pivotaltracker.com/story/show/101243110) - Remove default php startup warnings in the event of unsupported extensions within an application. The warnings have been replaced with a more explicit ‘unsupported extension’ message printed to standard error. (https://www.pivotaltracker.com/story/show/100180478) - Add support for PHP versions: 5.6.12, 5.5.28, and 5.4.44. Remove support for PHP versions: 5.6.10, 5.5.26, and 5.4.42. Update all bundled PHPs with readline-ext built as a shared module. (https://www.pivotaltracker.com/story/show/101121820) (https://www.pivotaltracker.com/story/show/99436586) - Correct logging of downloaded resource sources (https://www.pivotaltracker.com/story/show/100516510) - Document support for protobuf extension (https://www.pivotaltracker.com/story/show/100244194) - bin/detect emits the buildpack version (https://www.pivotaltracker.com/story/show/100757820) - Update Nginx binary to 1.9.3, Apache HTTPD to 2.4.16, NewRrelic to 4.23.3.111 (https://www.pivotaltracker.com/story/show/99507244) - PHP Updates for libsnmp vulnerability (https://www.pivotaltracker.com/story/show/102276186)

Packaged binaries:

name version cf_stacks modules
php 5.4.43 cflinuxfs2 amqp, apc, apcu, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib, zookeeper
php 5.4.44 cflinuxfs2 amqp, apc, apcu, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib, zookeeper
php 5.5.27 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
php 5.5.28 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
php 5.6.11 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xsl, yaf, zip, zlib
php 5.6.12 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xsl, yaf, zip, zlib
hhvm 3.5.0 cflinuxfs2
hhvm 3.5.1 cflinuxfs2
hhvm 3.6.0 cflinuxfs2
hhvm 3.6.1 cflinuxfs2
composer 1.0.0-alpha10 cflinuxfs2
httpd 2.4.16 cflinuxfs2
newrelic 4.23.3.111 cflinuxfs2
nginx 1.6.3 cflinuxfs2
nginx 1.8.0 cflinuxfs2
nginx 1.9.3 cflinuxfs2

ruby-buildpack

updated to v1.6.7 (from v1.6.5)

v1.6.7

Packaged binaries:

name version cf_stacks
ruby 2.0.0 cflinuxfs2
ruby 2.1.6 cflinuxfs2
ruby 2.1.7 cflinuxfs2
ruby 2.2.2 cflinuxfs2
ruby 2.2.3 cflinuxfs2
jruby ruby-1.9.3-jruby-1.7.22 cflinuxfs2
jruby ruby-2.0.0-jruby-1.7.22 cflinuxfs2
jruby ruby-2.2.2-jruby-9.0.1.0 cflinuxfs2
node 0.12.7 cflinuxfs2
bundler 1.9.7 cflinuxfs2
libyaml 0.1.6 cflinuxfs2
openjdk1.8-latest 1.8.0_51 cflinuxfs2
rails3_serve_static_assets - cflinuxfs2
rails_log_stdout - cflinuxfs2

Identity

No Changes

Routing

  • Work continues on support for Route Services details, more details
  • HAProxy now supports optional local logging, configurable buffer size, and optional support for a stats socket. details
  • Query parameters no longer cause a 404 when request is made to route with a context path details
  • A bug was introduced in v217 wherein gorouter logs are no longer rotated as frequently as they used to be. This could lead to failure if the disk fills up. A fix has been committed and will be included in v219 details.

Loggregator

Loggregator release tag

Loggregator Features

  • Metron’s syslog forwarder configuration now supports syslog forwarding to a fallback host
  • Traffic Controller now uses an internal CC endpoint for authorization instead of a public /v2 API point.

Loggregator Bug Fixes

  • Several CI pipeline fixes

Internal Components

etcd

No functional changes.

consul

  • Wait for consul agent to exit after leave. details

route_registrar

No functional changes.

Job Spec Changes

  • Added router.servers.z1 and router.servers.z2 properties to uaa job. details
  • Added uaa.proxy_ips_regex property to uaa job. details
  • Added uaa.logging_use_rfc3339 property to uaa job. details
  • Changed format of values for route_registrar.routes property in route_registrar job. details
  • Added syslog_daemon_config.fallback_addresses to metron_agent job. details
  • Removed hm9000.url property from hm9000 job. details
  • Added ha_proxy.log_to_file, ha_proxy.dontlognull, ha_proxy.buffer_size, and ha_proxy.enable_stats_socket properties to ha_proxy job. details
  • Added router.logging_level to gorouter job. details
  • Replaced router.route_service_secret and router.route_service_secret_prev with router.route_service_secrets in gorouter job. details
  • Added cc.placement_top_stager_percentage property to cloud_controller_ng job. details
  • Added cc.nginx_access_log_destination, cc.nginx_access_log_format, cc.nginx_error_log_destination, and cc.nginx_error_log_level properties to cloud_controller_ng job. details

Recommended BOSH Release and Stemcell Versions

  • BOSH Release Version: 201
  • BOSH Stemcell Version(s): 3026

These are soft recommendations; several different versions of the BOSH release and stemcell are likely to work fine with this version of cf-release.

Recommended Diego Version

This is a soft recommendation; several different versions of the diego-release may work fine with this version of cf-release.

Recommended Garden Linux Version

This is a soft recommendation; several different versions of the garden-linux release may work fine with this version of cf-release and the aforementioned version of diego-release.

Upload this release version to the Director:

$ bosh upload release https://bosh.io/d/github.com/cloudfoundry/cf-release?v=218

Modify deployment manifest to use this release in addition to any other used releases:

releases:
- {name: cf, version: "218"}

Finally add needed deployment jobs and specify values for required properties.

Optionally download sha1: 3bed1d375c4bd0acda8caf7a69325aef8cb25554 release tarball locally:

# ...or download it directly using curl
$ curl -L -J -O https://bosh.io/d/github.com/cloudfoundry/cf-release?v=218

# or with wget...
$ wget --content-disposition https://bosh.io/d/github.com/cloudfoundry/cf-release?v=218