Changes from v1.1.0 to v1.2.0
- Verified with garden-runc-release v1.0.4.
- Verified with garden-windows-bosh-release v0.0.11.
- Verified with etcd-release v87.
- Verified with cf-mysql-release v32.
- Verified with cflinuxfs2-rootfs-release v1.41.0.
IMPORTANT: It is now a deployment error not to configure a relational data store for the BBS API server. Both MySQL and Postgres are supported SQL dialects. Please see documentation on Diego data stores for information about selecting a relational store and, for existing deployments, migrating data from etcd if so desired.
IMPORTANT: This version of Diego makes it possible to secure the Auctioneer API via mutual TLS. Please see the updated TLS configuration documentation for information on generating and configuring the TLS credentials, and “Upgrading to a TLS-Secured Auctioneer API” for detailed instructions on upgrading an existing deployment to mutual TLS without downtime.
BBS Relational Datastore
- As a Diego operator, I expect not to be able to run Diego without a relational store
- As a Diego operator, I expect a MySQL-backed BBS to be resilient to occasional deadlock errors
- As an app developer, I expect to have a CF_INSTANCE_INTERNAL_IP environment variable set to the non-loopback IP address inside the container
- cloudfoundry/diego-release #225: Remove powershell when starting jobs in Windows
- Remove powershell when starting jobs in Windows
- Fix Powershell error handling
- Open Rep ports
- As a Diego operator, I expect the
capi.tps.traffic_controller_urlproperty to default to the tps job spec in the BOSH manifest
- cloudfoundry/diego-release #227: wip: generate datadog firehose nozzle deployment manifest
- As a CF operator, I expect the AWS example instructions to allow overriding the CF instance types
Test Suites and Tooling
- cloudfoundry/consuladapter #5: Remove prefix ‘v’ when parsing version
- As a Diego operator, I expect to upgrades from Diego v1.0.0 to latest to be supported
- As a Diego operator, I expect to be able to secure BBS communication to the auctioneer API so that I can create new deployments with secure communication
- As a Diego operator, I expect to be able to upgrade existing deployments to a fully secure auctioneer API configuration without downtime
- Remove minimal-aws instructions from diego-release
- cloudfoundry/diego-release #229: Updating the name of the bbs log file
BOSH job changes
BOSH property changes
diego.auctioneer.ca_cert: CA cert for the auctioneer API server to use in TLS authentication.
diego.auctioneer.server_cert: Certificate for the auctioneer API server to use in TLS authentication.
diego.auctioneer.server_key: Private key for the auctioneer API server to use in TLS authentication.
diego.bbs.auctioneer.api_location: Hostname and port of the auctioneer API server.
diego.bbs.auctioneer.ca_cert: CA cert for the BBS auctioneer client to use in TLS authentication.
diego.bbs.auctioneer.client_cert: Certificate for the BBS auctioneer client to use in TLS authentication.
diego.bbs.auctioneer.client_key: Private key for the BBS auctioneer client to use in TLS authentication.
diego.bbs.auctioneer.require_tls: Whether the BBS auctioneer client strictly requires TLS.
diego.bbs.auctioneer.api_urlin favor of
Upload this release version to the Director:
$ bosh upload-release https://bosh.io/d/github.com/cloudfoundry/diego-release?v=1.2.0 --sha1 efd8e7b2a89661928b79627c18013b3b93b82931
Modify deployment manifest to use this release in addition to any other used releases:
releases: - name: diego version: "1.2.0"
Finally add needed deployment jobs and specify values for required properties.
Optionally download sha1: efd8e7b2a89661928b79627c18013b3b93b82931 release tarball locally:
# ...or download it directly using curl $ curl -L -J -O https://bosh.io/d/github.com/cloudfoundry/diego-release?v=1.2.0 # or with wget... $ wget --content-disposition https://bosh.io/d/github.com/cloudfoundry/diego-release?v=1.2.0