A stemcell is a versioned Operating System image wrapped with IaaS specific packaging.

Typical stemcell contains bare minimum OS skeleton with few common utilities pre-installed, a BOSH Agent and few configuration files to make OS be securely configured by default.

Learn more about stemcells.

Ubuntu Lucid, CentOS 6.x, and Ruby agent based stemcells are deprecated.

Upload latest version to your BOSH Director:

# Upload latest version, currently 3363.20
$ bosh upload stemcell https://bosh.io/d/stemcells/bosh-openstack-kvm-ubuntu-trusty-go_agent

# Upload specific version
$ bosh upload stemcell https://bosh.io/d/stemcells/bosh-openstack-kvm-ubuntu-trusty-go_agent?v=3363.20

Alternatively, download stemcell tarball locally:

# ...or download it directly using curl
$ curl -L -J -O https://bosh.io/d/stemcells/bosh-openstack-kvm-ubuntu-trusty-go_agent?v=3363.20

# or with wget...
$ wget --content-disposition https://bosh.io/d/stemcells/bosh-openstack-kvm-ubuntu-trusty-go_agent?v=3363.20
  • Ubuntu Trusty

    • OpenStack KVM 413MB
      2017-04-25T23:13:48.000Z bc8096c0d817b407aed15af487bd6d5f4ad069f7 [SHA1]
      • Bump Ubuntu stemcells for USN-3265-2: Linux kernel (Xenial HWE) vulnerabilities
    • OpenStack KVM 413MB
      2017-04-17T22:48:31.000Z 8226148c965bc89bd642c69d7eda793216bfdbff [SHA1]
      • Periodic bump for CentOS stemcells to include CESA-2017:0933
      • Disable IPv6 through /proc/cmdline to eliminate possibilty of listening on tcp6/udp6
    • OpenStack KVM 413MB
      2017-04-05T21:54:49.000Z 15921b89bc340e541ac6f6ede46b2dae52bd7ba2 [SHA1]
      • Bump Ubuntu stemcells for USN-3256-2: Linux kernel (HWE) vulnerability

      Misc:

      • Made AWS AMI backing snapshot public to support encryption of boot disks
    • OpenStack KVM 413MB
      2017-03-30T21:27:47.000Z 26008d885ef36479837aac45263fe21f2124e645 [SHA1]
      • Bump Ubuntu stemcells for USN-3249-2: Linux kernel (Xenial HWE) vulnerability
    • OpenStack KVM 413MB
      2017-03-10T00:55:52.000Z 7b95f76ce3539f9ae78c403f9805a62d30a63710 [SHA1]
    • OpenStack KVM 413MB
      2017-03-08T23:49:05.000Z 8bbf850c53a0466b4023b0173c48ce7f7c2826a8 [SHA1]
      • Bumps Ubuntu stemcells for USN-3220-2: Linux kernel (Xenial HWE) vulnerability
    • OpenStack KVM 413MB
      2017-02-23T02:26:27.000Z 1cddb531c96cc4022920b169a37eda71069c87dd [SHA1]

      Changes: - Bumps Ubuntu stemcells for USN-3208-2: Linux kernel (Xenial HWE) vulnerabilities - Fixes excessive “out of memory” errors in kernel - https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1655842 - Fixes regression to rsyslog by locking it down again to rsyslog 8.22.0

      Agent: - Fixes Azure stemcell persistent disk formatting - Fixes Warden stemcells SSH access

    • OpenStack KVM 413MB
      2017-02-17T21:14:47.000Z ce710c5b2e8e4a4727cd866fcc7259942fa72d62 [SHA1]

      Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - rsyslog version updated to 8.24.0, regressing on issue #1537 - Out of memory errors still exists in Kernel 4.4.0.62 - will be fixed around Feb 20.

      Changes: - Fixes double -hvm- suffix problem for AWS Light stemcells

    • OpenStack KVM 413MB
      2017-02-16T02:17:12.000Z 9db642b70eb93bb4092f967d8c1716be67af1a77 [SHA1]

      Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - Out of memory errors still exists in Kernel 4.4.0.62 - will be fixed around Feb 20. - rsyslog version updated to 8.24.0, regressing on issue #1537 - AWS Light stemcell has incorrect name once imported - BOSH SSH does not work on BOSH Lite

      Changes: - Add more auditd rules - Fix CentOS initramfs to load necessary kernel modules - Disable boot loader login - Increasing tcp_max_sync_backlog - Disabling any DSA host keys - Add bosh_sshers group and assign it to vcap user - Only allow users in bosh_sshers group to SSH

      Agent: - Log Agent API access events in CEF format to syslog (vcap.agent topic) - Allow configuring swap size through env.bosh.swap_size (example: env.bosh.swap_size: 0) - Prepare for SHA2 releases - Allow setting fetching to work with base64 encoded user data - Do not delaycompress in logrotate

    • OpenStack KVM 413MB
      2017-04-25T23:17:26.000Z 597e4c0ae2fa49ca4cdca448440d1a816b119fbd [SHA1]
    • OpenStack KVM 413MB
      2017-04-05T23:49:14.000Z faaedc2b2fb570b2e14aa71cf174645107461923 [SHA1]
    • OpenStack KVM 413MB
      2017-03-30T23:18:26.000Z ba960efcaaafc33dd568466bb320b733c71f96af [SHA1]
    • OpenStack KVM 413MB
      2017-03-08T23:51:21.000Z cec6fbeba2c9f3ded011ed711d9fc866d6fcdca6 [SHA1]
    • OpenStack KVM 413MB
      2017-02-23T01:53:44.000Z 2fd36cc23a891cde718cb3429c460d399a6dcd61 [SHA1]
    • OpenStack KVM 412MB
      2017-02-10T00:58:42.000Z a9aa1cc80b3e15869a2a1d543127e0f76d005a6e [SHA1]
    • OpenStack KVM 412MB
      2016-12-14T02:47:25.000Z b6e15ab083b6960e826ef0456de61a5ae447be3c [SHA1]
      • Bumps Ubuntu stemcells for USN-3156-1: APT vulnerability
    • OpenStack KVM 412MB
      2016-12-05T17:30:55.000Z 857f7134f8280558063b56feb7b7450fb6797fcf [SHA1]
      • Periodic stemcell update
    • OpenStack KVM 411MB
      2016-12-02T16:31:00.000Z bd6a3ceac7f4ed8f2de8bb5232059200590d5f9e [SHA1]
    • OpenStack KVM 412MB
      2016-11-30T04:51:02.000Z 72b4839cdf9b30d24bc2fe3bc7d5e7ac2c7b1513 [SHA1]
      • Periodic stemcell update
        • Includes USN-3134-1 as requested by a community member
    • OpenStack KVM 412MB
      2016-11-16T22:13:02.000Z 36dd5035c3868aa9f2da32291e6338636b63c345 [SHA1]
      • Properly includes libpam_cracklib.so to avoid errors in /var/log/auth.log
    • OpenStack KVM 411MB
      2016-11-10T23:55:03.000Z 8dbfa43abf12e434707acf87a0a136977954e6e2 [SHA1]
      • Fixes persistent disk mounting on OpenStack described in Stemcell 3308
    • OpenStack KVM 411MB
      2016-11-10T03:52:36.000Z 2eb46179e2fbe60f300f65692b06eb885679ce7d [SHA1]

      Reported Problems: - On OpenStack: Mounting persistent disks not working when using config-drive: disk while nova is configured to use a cdrom config-drive due to https://github.com/cloudfoundry/bosh/issues/1503

      Fixes: - Fixes SSH key installation issue introduced in Stemcell 3306

    • OpenStack KVM 411MB
      2016-11-08T17:24:19.000Z d709d5bfb2bf00db76b9bec17b9708e5793a0032 [SHA1]

      Reported Problems - bosh-init doesn’t work with this stemcell on OpenStack and AWS due to https://github.com/cloudfoundry/bosh/issues/1500 - Booting the stemcell image directly in you IaaS (without using BOSH/bosh-init) does no longer provision the ssh key for user vcap, so you need to login differently

      Changes - Agent will now wait for monit to complete stop all processes before carrying on - Added google stemcells - Default dmesg_restrict to 1 - Disable all IPv6 configurations - Reenabled UDF kernel module for Azure - Increase root_maxkeys and maxkeys kernel configurations - Changed default hostname to bosh-stemcell instead of localhost to avoid boot problems on GCP - Lower TCP keepalive configuration by default - Mount /var/log directory to /var/vcap/data/root_log - Restrict Access to the su command - Add pam_cracklib requirements to common-password and password-auth - Enable auditing for processes that start prior to auditd - Set log rotation interval to 15 min in stemcell - Made ownership & permissions for /etc/cron* files more restrictive - Customize shell prompt to show instance name and ID - Removed floppy drives from vSphere stemcells - Removed bosh micro assets hence making bosh micro unsupported

      Misc: - Stemcells are now built through Concourse via https://main.bosh-ci.cf-app.com/teams/main/pipelines/bosh:stemcells

    • OpenStack KVM 554MB
      2017-04-25T23:28:46.000Z dc5bf2b47b314a6a01cd24be4c83d6205d95e88a [SHA1]
    • OpenStack KVM 554MB
      2017-04-06T00:47:38.000Z 044bed979bb85b9749fd1c0c1d6ba0e22c81058f [SHA1]
    • OpenStack KVM 554MB
      2017-03-31T00:52:19.000Z 8746f1ef00e1641827b0cb75bb28d6f00586a11c [SHA1]
    • OpenStack KVM 554MB
      2017-03-09T00:18:53.000Z 04b20c12072752a0414948438ec7a2f52d0879c2 [SHA1]
    • OpenStack KVM 554MB
      2017-02-23T00:59:19.000Z bbf8e7490fe2437616e5c671b2df7cd342ce2f58 [SHA1]
    • OpenStack KVM 553MB
      2017-01-13T04:36:14.000Z 222a7ffebbaf6616546bbc11d7a28433ca78ecba [SHA1]
    • OpenStack KVM 553MB
      2016-12-31T07:13:23.000Z 6e560894ad2b984434be522cd0db5598e4c3f9fa [SHA1]
    • OpenStack KVM 553MB
      2016-12-15T05:40:42.000Z 815abe1090460cf90c321a3f2e6af73df94a152f [SHA1]
    • OpenStack KVM 553MB
      2016-12-14T01:37:11.000Z 2772979e37f40ccf18d58b2103fde3a5856f08aa [SHA1]
    • OpenStack KVM 553MB
      2016-12-06T17:12:51.000Z 722c5951cdb316d48d5b663795eb2057cba82813 [SHA1]
    • OpenStack KVM 553MB
      2016-11-03T18:22:30.000Z abbf1686c486570393c75d865772bf1b3e8dfbfd [SHA1]
      • Updates CentOS kernel to the latest version for “Dirty COW”
        • Ubuntu stemcells were updated in previous versions at the time of Ubuntu USN updates
      • Includes fix to the bosh-agent to better support 1TB+ disk partitioning
    • OpenStack KVM 553MB
      2016-10-21T02:30:01.000Z 3585a7d5239107a4728c8601517dbba0a416378a [SHA1]
      • Bump Ubuntu stemcells for USN-3106-2: Linux kernel (Xenial HWE) vulnerability
      • Includes a fix to the bosh-agent to work more reliably with 2TB+ persistent disks