A stemcell is a versioned Operating System image wrapped with IaaS specific packaging.

Typical stemcell contains bare minimum OS skeleton with few common utilities pre-installed, a BOSH Agent and few configuration files to make OS be securely configured by default.

Learn more about stemcells.

Ubuntu Lucid, CentOS 6.x, and Ruby agent based stemcells are deprecated.

Windows instance types will have additional costs associated with Microsoft licensing. Windows stemcell do not include actual Windows OS.

Upload latest version to your BOSH Director:

# Upload latest version, currently 3421.11
$ bosh upload stemcell https://bosh.io/d/stemcells/bosh-openstack-kvm-ubuntu-trusty-go_agent

# Upload specific version
$ bosh upload stemcell https://bosh.io/d/stemcells/bosh-openstack-kvm-ubuntu-trusty-go_agent?v=3421.11

Alternatively, download stemcell tarball locally:

# ...or download it directly using curl
$ curl -L -J -O https://bosh.io/d/stemcells/bosh-openstack-kvm-ubuntu-trusty-go_agent?v=3421.11

# or with wget...
$ wget --content-disposition https://bosh.io/d/stemcells/bosh-openstack-kvm-ubuntu-trusty-go_agent?v=3421.11
  • Ubuntu Trusty

    • OpenStack KVM 413MB
      2017-06-30T00:28:09.000Z d2b1237a7221cc4a86f41259c2d494fe8ce70aed [SHA1]
      • Bump Ubuntu stemcells for USN-3344-2: Linux kernel (Xenial HWE) vulnerabilities
    • OpenStack KVM 412MB
      2017-06-21T03:32:02.000Z 555422a138a90bc9864495b564a016dfb9d83961 [SHA1]
      • Bump Ubuntu stemcells for USN-3334-1: Linux kernel (Xenial HWE) vulnerabilities
    • OpenStack KVM 412MB
      2017-06-12T16:51:04.000Z dbb8347f57d045bf169b370645545b3432cccf57 [SHA1]
      • Bump Ubuntu stemcells for USN-3312-2 - Linux kernel vulnerabilities
    • OpenStack KVM 412MB
      2017-06-05T17:36:19.000Z 7864b78ae2224fbfbace7142e069f9a40cda10e9 [SHA1]
      • Bump CentOS stemcells for CESA-2017:1382 - sudo vulnerability
    • OpenStack KVM 412MB
      2017-05-30T22:45:46.000Z 76267d19ef3165e00fcb914f29bbe8651448220c [SHA1]
      • Bump Ubuntu stemcells for USN-3304-1: Sudo vulnerability
    • OpenStack KVM 412MB
      2017-05-23T00:34:33.000Z b58cad988debd17aba3ba75190b9c36666ed4e46 [SHA1]


      • Added env.bosh.remove_static_libraries (bool) to remove static libraries
        • Useful to enable this option when exporting compiled releases
      • Added env.bosh.ipv6.enable (bool) to remove ipv6.disable kernel functionality at bootup time


      • Fixed sysstat logging
      • Fixed anacron’s RANDOM_DELAY configuration


      • Bumped s3cli v0.0.60
        • Updated aws-sdk-go to solve network timeout edge case
      • Bumped davcli v0.0.19
        • Use TCP keep alive to solve network timeout edge case
      • Bumped bosh-agent v0.0.35
        • Add -v to the Agent binary
        • Prepared sync_dns action to work with future Director’s DNS integration
    • OpenStack KVM 413MB
      2017-06-30T00:43:11.000Z c95604e85f6279475f9fd6117b4db57dfb19562d [SHA1]
    • OpenStack KVM 413MB
      2017-06-21T02:56:27.000Z 1ecdaf4a2bd29d8f01a0328c79303d5a9ff65c46 [SHA1]
    • OpenStack KVM 413MB
      2017-05-30T23:01:32.000Z 7d3eec35ce6a6b35d70d155340536e4d5cbdefc9 [SHA1]
    • OpenStack KVM 413MB
      2017-05-19T23:41:15.000Z baa11492ac6c53e8f629b60228ac975031aac26d [SHA1]
      • Periodic Ubuntu stemcells update
    • OpenStack KVM 413MB
      2017-05-12T19:27:36.000Z 6617717830276eac276d99a082ac05325f7d015a [SHA1]
      • Periodic Ubuntu stemcells update
      • Run cron in BOSH Lite stemcells so that logrotation is performed
    • OpenStack KVM 413MB
      2017-04-25T23:13:48.000Z bc8096c0d817b407aed15af487bd6d5f4ad069f7 [SHA1]
      • Bump Ubuntu stemcells for USN-3265-2: Linux kernel (Xenial HWE) vulnerabilities
    • OpenStack KVM 413MB
      2017-04-17T22:48:31.000Z 8226148c965bc89bd642c69d7eda793216bfdbff [SHA1]
      • Periodic bump for CentOS stemcells to include CESA-2017:0933
      • Disable IPv6 through /proc/cmdline to eliminate possibilty of listening on tcp6/udp6
    • OpenStack KVM 413MB
      2017-04-05T21:54:49.000Z 15921b89bc340e541ac6f6ede46b2dae52bd7ba2 [SHA1]
      • Bump Ubuntu stemcells for USN-3256-2: Linux kernel (HWE) vulnerability


      • Made AWS AMI backing snapshot public to support encryption of boot disks
    • OpenStack KVM 413MB
      2017-03-30T21:27:47.000Z 26008d885ef36479837aac45263fe21f2124e645 [SHA1]
      • Bump Ubuntu stemcells for USN-3249-2: Linux kernel (Xenial HWE) vulnerability
    • OpenStack KVM 413MB
      2017-03-10T00:55:52.000Z 7b95f76ce3539f9ae78c403f9805a62d30a63710 [SHA1]
    • OpenStack KVM 413MB
      2017-03-08T23:49:05.000Z 8bbf850c53a0466b4023b0173c48ce7f7c2826a8 [SHA1]
      • Bumps Ubuntu stemcells for USN-3220-2: Linux kernel (Xenial HWE) vulnerability
    • OpenStack KVM 413MB
      2017-02-23T02:26:27.000Z 1cddb531c96cc4022920b169a37eda71069c87dd [SHA1]

      Changes: - Bumps Ubuntu stemcells for USN-3208-2: Linux kernel (Xenial HWE) vulnerabilities - Fixes excessive “out of memory” errors in kernel - https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1655842 - Fixes regression to rsyslog by locking it down again to rsyslog 8.22.0

      Agent: - Fixes Azure stemcell persistent disk formatting - Fixes Warden stemcells SSH access

    • OpenStack KVM 413MB
      2017-02-17T21:14:47.000Z ce710c5b2e8e4a4727cd866fcc7259942fa72d62 [SHA1]

      Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - rsyslog version updated to 8.24.0, regressing on issue #1537 - Out of memory errors still exists in Kernel - will be fixed around Feb 20.

      Changes: - Fixes double -hvm- suffix problem for AWS Light stemcells

    • OpenStack KVM 413MB
      2017-02-16T02:17:12.000Z 9db642b70eb93bb4092f967d8c1716be67af1a77 [SHA1]

      Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - Out of memory errors still exists in Kernel - will be fixed around Feb 20. - rsyslog version updated to 8.24.0, regressing on issue #1537 - AWS Light stemcell has incorrect name once imported - BOSH SSH does not work on BOSH Lite

      Changes: - Add more auditd rules - Fix CentOS initramfs to load necessary kernel modules - Disable boot loader login - Increasing tcp_max_sync_backlog - Disabling any DSA host keys - Add bosh_sshers group and assign it to vcap user - Only allow users in bosh_sshers group to SSH

      Agent: - Log Agent API access events in CEF format to syslog (vcap.agent topic) - Allow configuring swap size through env.bosh.swap_size (example: env.bosh.swap_size: 0) - Prepare for SHA2 releases - Allow setting fetching to work with base64 encoded user data - Do not delaycompress in logrotate

    • OpenStack KVM 413MB
      2017-06-30T00:45:57.000Z 991903bdb2799c6247266a5c4abcd9ea2eadc6ab [SHA1]
    • OpenStack KVM 413MB
      2017-06-20T22:55:15.000Z e500a7c70ea3150cc85acb7640466eab55b8491c [SHA1]
    • OpenStack KVM 413MB
      2017-05-31T01:21:57.000Z 2b62e768a1651cb8b06ca2fecede78bf72b2cb9e [SHA1]
    • OpenStack KVM 413MB
      2017-05-19T16:28:45.000Z 70c13520ff2c8fce57deff8a982aa4cc1ec8bd57 [SHA1]
    • OpenStack KVM 413MB
      2017-04-25T23:17:26.000Z 597e4c0ae2fa49ca4cdca448440d1a816b119fbd [SHA1]
    • OpenStack KVM 413MB
      2017-04-05T23:49:14.000Z faaedc2b2fb570b2e14aa71cf174645107461923 [SHA1]
    • OpenStack KVM 413MB
      2017-03-30T23:18:26.000Z ba960efcaaafc33dd568466bb320b733c71f96af [SHA1]
    • OpenStack KVM 413MB
      2017-03-08T23:51:21.000Z cec6fbeba2c9f3ded011ed711d9fc866d6fcdca6 [SHA1]
    • OpenStack KVM 413MB
      2017-02-23T01:53:44.000Z 2fd36cc23a891cde718cb3429c460d399a6dcd61 [SHA1]
    • OpenStack KVM 412MB
      2017-02-10T00:58:42.000Z a9aa1cc80b3e15869a2a1d543127e0f76d005a6e [SHA1]
    • OpenStack KVM 412MB
      2016-12-14T02:47:25.000Z b6e15ab083b6960e826ef0456de61a5ae447be3c [SHA1]
      • Bumps Ubuntu stemcells for USN-3156-1: APT vulnerability
    • OpenStack KVM 412MB
      2016-12-05T17:30:55.000Z 857f7134f8280558063b56feb7b7450fb6797fcf [SHA1]
      • Periodic stemcell update
    • OpenStack KVM 411MB
      2016-12-02T16:31:00.000Z bd6a3ceac7f4ed8f2de8bb5232059200590d5f9e [SHA1]
    • OpenStack KVM 412MB
      2016-11-30T04:51:02.000Z 72b4839cdf9b30d24bc2fe3bc7d5e7ac2c7b1513 [SHA1]
      • Periodic stemcell update
        • Includes USN-3134-1 as requested by a community member
    • OpenStack KVM 412MB
      2016-11-16T22:13:02.000Z 36dd5035c3868aa9f2da32291e6338636b63c345 [SHA1]
      • Properly includes libpam_cracklib.so to avoid errors in /var/log/auth.log