You can find the source of this version on GitHub at cloudfoundry/diego-release. It was created based on the commit
Changes from v1.9.0 to v1.10.0
- Verified with garden-runc-release v1.2.0.
- Verified with garden-windows-bosh-release v0.3.0.
- Verified with etcd-release v99.
- Verified with cf-mysql-release v34.
- Verified with cflinuxfs2-rootfs-release v1.56.0.
IMPORTANT: This version of Diego requires garden-runc version v1.2.0 or later, as the cell rep now uses the new
Image field on the garden API ContainerSpec in order to pass Docker image credentials to the garden backend.
- As a Diego operator, I expect the route-emitter job to fail if it its NATS configuration is incorrect so that existing applications remain routable
De-Consuling Locks (Experimental)
- As a Diego operator, I expect to be able to configure cells to register and unregister their presence via a locket API instead of consul
- As a Diego operator, I expect the locket service to require mutual TLS authentication
- As a Diego operator, I expect the cell registration API to support 2000 simultaneous cell registrations with 250K instances (in flight)
Instance Identity Credentials (Experimental)
- As a Diego operator, I expect to be able to set the duration for which the instance-identity credentials are valid (in flight)
v2 Loggregator API Adoption (Experimental)
- As a Diego operator, I expect to be able to opt the cell reps into emitting app logs via the v2 loggregator API
- As a BBS API client, I expect to be able to run Tasks and LRPs based on Docker images that require authenticated access
- As a Diego operator, I expect to be able to configure Windows cells to be able to download HTTPS assets both from publicly trusted sources and from internal sources
Test Suites and Tooling
BOSH job changes
BOSH property changes
NOTE: Starting with this release, some BOSH job properties are intended to be local to particular BOSH job templates. These template-local properties are listed in separate subsections below.
benchmark-bbs.bbs.ca_cert: CA certificate for the BBS benchmark suite to validate the BBS and locket servers.
benchmark-bbs.locket.api_location: Address of the locket server.
diego.executor.instance_identity_validity_period_in_hours: Duration in hours for the instance-identity certificates to be valid. Experimental.
diego.rep.locket.api_location: Location of the locket API for cells to register their presence.
diego.route_emitter.healthcheck_address: Location at which the route-emitter should serve a health-check endpoint.
tls.ca_cert: CA certificate for locket server to validate client connections.
tls.cert: Certificate for locket server to present.
tls.key: Private key for locket server.
loggregator.use_v2_api: Whether to use the v2 Loggregator API when sending logs and metrics to the local metron agent.
loggregator.v2_api_port: Port for the v2 Loggregator API.
loggregator.ca_cert: CA certificate to use to validate the v2 Loggregator API connection to metron.
loggregator.cert: Certificate to present when connecting to the v2 Loggregator API.
loggregator.key: Private key for the v2 Loggregator API client.
BOSH link changes
You can reference this release in your deployment manifest from the
- name: "diego" version: "1.10.0" url: "https://bosh.io/d/github.com/cloudfoundry/diego-release?v=1.10.0" sha1: "3a9c9e5dacdcd65b2630b30cf9ed36f17fa3111d"
Or upload it to your director with the
bosh upload-release --sha1 3a9c9e5dacdcd65b2630b30cf9ed36f17fa3111d \ https://bosh.io/d/github.com/cloudfoundry/diego-release?v=1.10.0