A stemcell is a versioned Operating System image wrapped with IaaS specific packaging.

Typical stemcell contains bare minimum OS skeleton with few common utilities pre-installed, a BOSH Agent and few configuration files to make OS be securely configured by default.

Learn more about stemcells.

Ubuntu Lucid, CentOS 6.x, and Ruby agent based stemcells are deprecated.

Windows instance types will have additional costs associated with Microsoft licensing. Windows stemcell do not include actual Windows OS.

Upload latest version to your BOSH Director:

# Upload latest version, currently 3445.11
$ bosh upload-stemcell https://bosh.io/d/stemcells/bosh-openstack-kvm-centos-7-go_agent-raw

# Upload specific version
$ bosh upload-stemcell https://bosh.io/d/stemcells/bosh-openstack-kvm-centos-7-go_agent-raw?v=3445.11

Alternatively, download stemcell tarball locally:

# ...or download it directly using curl
$ curl -L -J -O https://bosh.io/d/stemcells/bosh-openstack-kvm-centos-7-go_agent-raw?v=3445.11

# or with wget...
$ wget --content-disposition https://bosh.io/d/stemcells/bosh-openstack-kvm-centos-7-go_agent-raw?v=3445.11
  • CentOS 7.x

    • OpenStack KVM (raw) 568 MB
      2017-09-19T21:52:10.000Z 84c68b34526867d44f7653dba290d25bd59f277b [SHA1]
    • OpenStack KVM (raw) 568 MB
      2017-08-31T22:44:19.000Z f92d73f87bee209d416e07b94d0b14ca25951ae0 [SHA1]
      • Logrotate /var/log/wtmp and utmp more aggressively
      • Updated BOSH agent to include aggressive 5 minute timeout on NATS connection failure
      • Set auditd rules to be mutable by default
        • Please use auditd job from os-conf-release to make rules immutable
    • OpenStack KVM (raw) 564 MB
      2017-08-04T21:28:42.000Z 667bff93ec0b1f10207dee8b3307771aa9372446 [SHA1]
      • Bump version (no change)
    • OpenStack KVM (raw) 564 MB
      2017-07-31T22:04:17.000Z 1ba77d9c6d636f27debece463430731d8520ced9 [SHA1]
      • Periodic Ubuntu stemcells update
    • OpenStack KVM (raw) 564 MB
      2017-09-19T21:52:10.000Z 5164979067936650a90c1a515066d20b6442a92e [SHA1]
    • OpenStack KVM (raw) 564 MB
      2017-09-07T23:24:00.000Z 70af468ed8b16792e1f7cba7b5aa672a90c30368 [SHA1]
    • OpenStack KVM (raw) 564 MB
      2017-08-01T21:04:19.000Z f1f4da548a596f43d941be41a978af2952e335ab [SHA1]
    • OpenStack KVM (raw) 562 MB
      2017-06-30T00:28:46.000Z 41d9b4b2094689ebb58fb3c31a11384c606fbfec [SHA1]
      • Bump Ubuntu stemcells for USN-3344-2: Linux kernel (Xenial HWE) vulnerabilities
    • OpenStack KVM (raw) 562 MB
      2017-06-21T03:32:18.000Z 64ffbc37e71241b8a7a116a0f7b065c93362dabd [SHA1]
      • Bump Ubuntu stemcells for USN-3334-1: Linux kernel (Xenial HWE) vulnerabilities
    • OpenStack KVM (raw) 561 MB
      2017-06-12T16:51:33.000Z 76b0630da08bac70b8bf874af281dec46e831db9 [SHA1]
      • Bump Ubuntu stemcells for USN-3312-2 - Linux kernel vulnerabilities
    • OpenStack KVM (raw) 561 MB
      2017-06-05T17:36:34.000Z e2ad0619899fdc5c88b86639bdff5b9e5783e46b [SHA1]
      • Bump CentOS stemcells for CESA-2017:1382 - sudo vulnerability
    • OpenStack KVM (raw) 560 MB
      2017-05-23T00:35:53.000Z 317b1891a0445257da44be5875c3f7000674c032 [SHA1]

      New:

      • Added env.bosh.remove_static_libraries (bool) to remove static libraries
        • Useful to enable this option when exporting compiled releases
      • Added env.bosh.ipv6.enable (bool) to remove ipv6.disable kernel functionality at bootup time

      Fixes:

      • Fixed sysstat logging
      • Fixed anacron’s RANDOM_DELAY configuration

      Bumps:

      • Bumped s3cli v0.0.60
        • Updated aws-sdk-go to solve network timeout edge case
      • Bumped davcli v0.0.19
        • Use TCP keep alive to solve network timeout edge case
      • Bumped bosh-agent v0.0.35
        • Add -v to the Agent binary
        • Prepared sync_dns action to work with future Director’s DNS integration
    • OpenStack KVM (raw) 560 MB
      2017-05-30T23:01:54.000Z 479dc4f0cb2084e96dc1ee734b8109dc266fe1ad [SHA1]
    • OpenStack KVM (raw) 560 MB
      2017-05-19T23:41:47.000Z 57c401e961f97c8319ce8a2e54eb184abc003ca5 [SHA1]
      • Periodic Ubuntu stemcells update
    • OpenStack KVM (raw) 560 MB
      2017-05-12T19:28:14.000Z cdbbcf34a5c1ffc81272cde5d8c1d9c1086dc83f [SHA1]
      • Periodic Ubuntu stemcells update
      • Run cron in BOSH Lite stemcells so that logrotation is performed
    • OpenStack KVM (raw) 560 MB
      2017-04-25T23:14:02.000Z 97d36a6a9a338550b86c860b89d245c8f64a61f1 [SHA1]
      • Bump Ubuntu stemcells for USN-3265-2: Linux kernel (Xenial HWE) vulnerabilities
    • OpenStack KVM (raw) 560 MB
      2017-04-17T22:48:54.000Z 8a43652a48119d7cfcb8e155a8ad619092ea3679 [SHA1]
      • Periodic bump for CentOS stemcells to include CESA-2017:0933
      • Disable IPv6 through /proc/cmdline to eliminate possibilty of listening on tcp6/udp6
    • OpenStack KVM (raw) 539 MB
      2017-04-05T21:55:13.000Z e55395495af35e03f06fc8bb6f5291a8111423b7 [SHA1]
      • Bump Ubuntu stemcells for USN-3256-2: Linux kernel (HWE) vulnerability

      Misc:

      • Made AWS AMI backing snapshot public to support encryption of boot disks
    • OpenStack KVM (raw) 539 MB
      2017-03-30T21:28:16.000Z 43e7ae54446f262755c316fc2f5e78b925758f49 [SHA1]
      • Bump Ubuntu stemcells for USN-3249-2: Linux kernel (Xenial HWE) vulnerability
    • OpenStack KVM (raw) 539 MB
      2017-03-10T00:56:17.000Z e926d2f82fb59a8daf8733e7af0b7ba761ef13b2 [SHA1]
    • OpenStack KVM (raw) 537 MB
      2017-03-08T23:49:24.000Z ca451e34f6294aeee7d2bf40444f903fb464af5d [SHA1]
      • Bumps Ubuntu stemcells for USN-3220-2: Linux kernel (Xenial HWE) vulnerability
    • OpenStack KVM (raw) 537 MB
      2017-02-23T02:26:43.000Z 506cd012feef0b5b6e132f780faf8895c05697c7 [SHA1]

      Changes: - Bumps Ubuntu stemcells for USN-3208-2: Linux kernel (Xenial HWE) vulnerabilities - Fixes excessive “out of memory” errors in kernel - https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1655842 - Fixes regression to rsyslog by locking it down again to rsyslog 8.22.0

      Agent: - Fixes Azure stemcell persistent disk formatting - Fixes Warden stemcells SSH access

    • OpenStack KVM (raw) 537 MB
      2017-02-17T21:15:49.000Z c7001343917edc751e9a065f1b9cd7659fbe4543 [SHA1]

      Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - rsyslog version updated to 8.24.0, regressing on issue #1537 - Out of memory errors still exists in Kernel 4.4.0.62 - will be fixed around Feb 20.

      Changes: - Fixes double -hvm- suffix problem for AWS Light stemcells

    • OpenStack KVM (raw) 537 MB
      2017-02-16T02:17:47.000Z 6576562396f6f0a3c13826c905de7e985b28cafa [SHA1]

      Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - Out of memory errors still exists in Kernel 4.4.0.62 - will be fixed around Feb 20. - rsyslog version updated to 8.24.0, regressing on issue #1537 - AWS Light stemcell has incorrect name once imported - BOSH SSH does not work on BOSH Lite

      Changes: - Add more auditd rules - Fix CentOS initramfs to load necessary kernel modules - Disable boot loader login - Increasing tcp_max_sync_backlog - Disabling any DSA host keys - Add bosh_sshers group and assign it to vcap user - Only allow users in bosh_sshers group to SSH

      Agent: - Log Agent API access events in CEF format to syslog (vcap.agent topic) - Allow configuring swap size through env.bosh.swap_size (example: env.bosh.swap_size: 0) - Prepare for SHA2 releases - Allow setting fetching to work with base64 encoded user data - Do not delaycompress in logrotate

    • OpenStack KVM (raw) 538 MB
      2016-12-05T17:31:21.000Z 4d4e60e93e3220f2c87f640359c1226d53c7b206 [SHA1]
      • Periodic stemcell update
    • OpenStack KVM (raw) 537 MB
      2016-12-02T16:31:27.000Z daae523fc497a1c4c82910a1f6d5547a1e305597 [SHA1]
    • OpenStack KVM (raw) 537 MB
      2016-11-30T04:51:18.000Z 701bc888d9b49253b535923358d36b5d4c380413 [SHA1]
      • Periodic stemcell update
        • Includes USN-3134-1 as requested by a community member
    • OpenStack KVM (raw) 538 MB
      2016-11-16T22:14:03.000Z 4b4dffded09e71fb9463b1b00d76bbc568857c6e [SHA1]
      • Properly includes libpam_cracklib.so to avoid errors in /var/log/auth.log
    • OpenStack KVM (raw) 537 MB
      2016-11-10T23:55:26.000Z 35845ded8db3b7137eafea19d030cf522ce55015 [SHA1]
      • Fixes persistent disk mounting on OpenStack described in Stemcell 3308
    • OpenStack KVM (raw) 538 MB
      2016-11-10T03:53:10.000Z 62aa3e0a27efb94c48312dece723397ce0a31257 [SHA1]

      Reported Problems: - On OpenStack: Mounting persistent disks not working when using config-drive: disk while nova is configured to use a cdrom config-drive due to https://github.com/cloudfoundry/bosh/issues/1503

      Fixes: - Fixes SSH key installation issue introduced in Stemcell 3306

    • OpenStack KVM (raw) 538 MB
      2016-11-08T17:24:45.000Z f8886428bfe34a0e0131e67d0f070635c468c4a9 [SHA1]

      Reported Problems - bosh-init doesn’t work with this stemcell on OpenStack and AWS due to https://github.com/cloudfoundry/bosh/issues/1500 - Booting the stemcell image directly in you IaaS (without using BOSH/bosh-init) does no longer provision the ssh key for user vcap, so you need to login differently

      Changes - Agent will now wait for monit to complete stop all processes before carrying on - Added google stemcells - Default dmesg_restrict to 1 - Disable all IPv6 configurations - Reenabled UDF kernel module for Azure - Increase root_maxkeys and maxkeys kernel configurations - Changed default hostname to bosh-stemcell instead of localhost to avoid boot problems on GCP - Lower TCP keepalive configuration by default - Mount /var/log directory to /var/vcap/data/root_log - Restrict Access to the su command - Add pam_cracklib requirements to common-password and password-auth - Enable auditing for processes that start prior to auditd - Set log rotation interval to 15 min in stemcell - Made ownership & permissions for /etc/cron* files more restrictive - Customize shell prompt to show instance name and ID - Removed floppy drives from vSphere stemcells - Removed bosh micro assets hence making bosh micro unsupported

      Misc: - Stemcells are now built through Concourse via https://main.bosh-ci.cf-app.com/teams/main/pipelines/bosh:stemcells

    • OpenStack KVM (raw) 680 MB
      2016-11-03T18:22:30.000Z 8d80bb6964d02c97ea52c8ac7a7b9dfec6211b87 [SHA1]
      • Updates CentOS kernel to the latest version for “Dirty COW”
        • Ubuntu stemcells were updated in previous versions at the time of Ubuntu USN updates
      • Includes fix to the bosh-agent to better support 1TB+ disk partitioning
    • OpenStack KVM (raw) 679 MB
      2016-10-21T02:30:01.000Z f2762adf1608ba33f6f73a209e93e12147eafc90 [SHA1]
      • Bump Ubuntu stemcells for USN-3106-2: Linux kernel (Xenial HWE) vulnerability
      • Includes a fix to the bosh-agent to work more reliably with 2TB+ persistent disks