cf/254
You can find the source of this version on GitHub at cloudfoundry/cf-release. It was created based on the commit 646e1471.
Release Notes¶
Contents - Notices - Job Spec Changes - CVEs - Compatible Releases and Stemcells - Subcomponent Updates
Notices
- Upcoming changes may require an update to your BOSH Director. Please update to BOSH v261.3 to ensure that future versions of cf-release can successfully deploy. Details: Specifically, if your BOSH director uses a MySQL database as its data store, a version of cf-release that contains links for consul jobs will fail to deploy due to a bug in the database schema. BOSH v261.3 contains the necessary fix. We will likely wait until CF v256 to introduce the breaking change, so that operators can update their BOSH directors to 261.3 or greater.
- This release adds functionality to allow multiple instances of the Cloud Controller clock job. If you’re using the spiff templates, you’ll see
clock_globaljob replaces byclock_z1andclock_z2jobs. - This release is using an experimental new Loggreator-API when deploying to bosh-lite. It has been noted that metron is using unusually high CPU when utilizing this new API. This does not normal bosh deployments.
- The included version of Loggregator restricts ciphers to use only the following 4 ciphers. This is a breaking change for some operators and a configurable property for opting into more cipher suites was introduced in Loggregator 85 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Job Spec Changes
- Cloud Controller Clock now requires SSL configuration with the following properties, these properties became required for Cloud Controller in CF 253 so they may already be present in your deployment:
cc.mutual_tls.ca_cert: PEM-encoded CA certificate for secure, mutually authenticated TLS communicationcc.mutual_tls.public_cert: PEM-encoded certificate for secure, mutually authenticated TLS communicationcc.mutual_tls.private_key: PEM-encoded key for secure, mutually authenticated TLS communication
CVEs
- None
Subcomponent Updates
- Cloud Controller and Service Broker API:
- Identity:
- Routing:
- Loggregator:
- Buildpacks and Stacks:
- Java:
- java-buildpack v3.14
- Ruby:
- ruby-buildpack v1.6.35
- Go:
- go-buildpack v1.7.19
- Node.js:
- nodejs-buildpack v1.5.30
- Python:
- python-buildpack v1.5.16
- PHP:
- php-buildpack v4.3.28
- Staticfile:
- staticfile-buildpack v1.3.18
- Binary:
- binary-buildpack v1.0.10
- .NET Core:
- dotnet-core-buildpack v1.0.12
- Stacks:
- stacks v1.108.0
- stacks v1.107.0
- stacks v1.106.0
- stacks v1.105.0
- Consul:
- No changes.
- Etcd:
- No changes.
- NATS:
- No changes.
- Postgres:
- DEA-Warden-HM9000:
- No changes.
Compatible Releases and Stemcells
- Diego release v1.10.1. Release notes for v1.10.1 · v1.10.0 · v1.9.0.
- Garden-Runc release v1.3.0. Release notes for v1.3.0 · v1.2.0.
- cflinuxfs2-rootfs release v1.57.0. Release notes for v1.57.0 · v1.56.0 · v1.55.0 · v1.54.0.
- cf-networking release v0.18.0. Release notes for v0.18.0 · v0.17.0.
- grootfs release v0.15.0. Release notes for v0.15.0
- stemcell: 3363.12
Usage¶
You can reference this release in your deployment manifest from the releases section:
- name: "cf" version: "254" url: "https://bosh.io/d/github.com/cloudfoundry/cf-release?v=254" sha1: "2b1b4de54927fb0b92c6ace83df353969b1fa69b"
Or upload it to your director with the upload-release command:
bosh upload-release --sha1 2b1b4de54927fb0b92c6ace83df353969b1fa69b \ "https://bosh.io/d/github.com/cloudfoundry/cf-release?v=254"
Jobs¶
- acceptance-tests
- binary-buildpack
- blobstore
- cc_uploader
- cloud_controller_clock
- cloud_controller_ng
- cloud_controller_worker
- collector
- consul_agent
- consul_agent_windows
- dea_logging_agent
- dea_next
- debian_nfs_server
- doppler
- dotnet-core-buildpack
- etcd
- etcd_metrics_server
- go-buildpack
- gorouter
- haproxy
- hm9000
- java-buildpack
- java-offline-buildpack
- loggregator_trafficcontroller
- metron_agent
- metron_agent_windows
- nats
- nats_stream_forwarder
- nfs_mounter
- nodejs-buildpack
- nsync
- php-buildpack
- postgres
- python-buildpack
- route_registrar
- ruby-buildpack
- smoke-tests
- stager
- staticfile-buildpack
- statsd_injector
- syslog_drain_binder
- tps
- uaa
Packages¶
- acceptance-tests
- binary-buildpack
- blobstore_url_signer
- capi_utils
- cc_uploader
- cli
- cloud_controller_ng
- collector
- common
- confab
- confab-windows
- consul
- consul-windows
- dea_logging_agent
- dea_next
- debian_nfs_server
- doppler
- dotnet-core-buildpack
- etcd
- etcd-common
- etcd-consistency-checker
- etcd-dns-checker
- etcd_metrics_server
- gnatsd
- go-buildpack
- golang1.7
- golang1.7-windows
- gorouter
- haproxy
- hm9000
- java-buildpack
- java-offline-buildpack
- libmariadb
- libpq
- loggregator_common
- loggregator_trafficcontroller
- metron_agent
- metron_agent_windows
- nats
- nats-common
- nginx
- nginx_newrelic_plugin
- nginx_webdav
- nodejs-buildpack
- nsync
- php-buildpack
- postgres-9.4.9
- postgres-common
- python-buildpack
- rootfs_cflinuxfs2
- route_registrar
- routing_utils
- ruby-2.1.8
- ruby-2.2.5
- ruby-2.3
- ruby-buildpack
- smoke-tests
- stager
- staticfile-buildpack
- statsd_injector
- syslog_drain_binder
- tps
- uaa
- uaa_utils
- warden