A stemcell is a versioned Operating System image wrapped with IaaS specific packaging.

Typical stemcell contains bare minimum OS skeleton with few common utilities pre-installed, a BOSH Agent and few configuration files to make OS be securely configured by default.

Learn more about stemcells.

Ubuntu Lucid, CentOS 6.x, and Ruby agent based stemcells are deprecated.

Windows instance types will have additional costs associated with Microsoft licensing. Windows stemcell do not include actual Windows OS.

Upload latest version to your BOSH Director:

# Upload latest version, currently 3445.11
$ bosh upload-stemcell https://bosh.io/d/stemcells/bosh-vsphere-esxi-ubuntu-trusty-go_agent

# Upload specific version
$ bosh upload-stemcell https://bosh.io/d/stemcells/bosh-vsphere-esxi-ubuntu-trusty-go_agent?v=3445.11

Alternatively, download stemcell tarball locally:

# ...or download it directly using curl
$ curl -L -J -O https://bosh.io/d/stemcells/bosh-vsphere-esxi-ubuntu-trusty-go_agent?v=3445.11

# or with wget...
$ wget --content-disposition https://bosh.io/d/stemcells/bosh-vsphere-esxi-ubuntu-trusty-go_agent?v=3445.11
  • Ubuntu Trusty

    • vSphere ESXi 431 MB
      2017-09-19T21:52:10.000Z 1b52eeb8e82968975e19ecb37f4b2c27078dcbf6 [SHA1]
    • vSphere ESXi 430 MB
      2017-08-31T22:44:40.000Z 7384d9dec403ed7943f76c0ea508f7185a01ba0b [SHA1]
      • Logrotate /var/log/wtmp and utmp more aggressively
      • Updated BOSH agent to include aggressive 5 minute timeout on NATS connection failure
      • Set auditd rules to be mutable by default
        • Please use auditd job from os-conf-release to make rules immutable
    • vSphere ESXi 426 MB
      2017-08-04T21:29:04.000Z 766f7232c513e601d6a81ed83ee36944e0da7485 [SHA1]
      • Bump version (no change)
    • vSphere ESXi 426 MB
      2017-07-31T22:04:38.000Z 5258470ea796e06959256ae8bc260ee45ed7f19f [SHA1]
      • Periodic Ubuntu stemcells update
    • vSphere ESXi 427 MB
      2017-09-19T21:52:10.000Z ae9166cfc91ca00354dc5c3c052b10ae8d043a73 [SHA1]
    • vSphere ESXi 426 MB
      2017-09-07T23:24:22.000Z c932da1bac4b5f753d08b6100e86c679bb153e2e [SHA1]
    • vSphere ESXi 426 MB
      2017-08-01T21:04:37.000Z b835762c2da13d591c4ebcf82fa84e80076e9c54 [SHA1]
    • vSphere ESXi 426 MB
      2017-06-30T00:29:16.000Z 6303c057991848520669463d1c2accf239e638f5 [SHA1]
      • Bump Ubuntu stemcells for USN-3344-2: Linux kernel (Xenial HWE) vulnerabilities
    • vSphere ESXi 426 MB
      2017-06-21T03:32:41.000Z f5de77161ee2cc4014cde055c845f7b1cfc9f005 [SHA1]
      • Bump Ubuntu stemcells for USN-3334-1: Linux kernel (Xenial HWE) vulnerabilities
    • vSphere ESXi 426 MB
      2017-06-12T16:52:05.000Z 87712d1eb6cc395d7860d4238a7d5a6b41aedcbf [SHA1]
      • Bump Ubuntu stemcells for USN-3312-2 - Linux kernel vulnerabilities
    • vSphere ESXi 426 MB
      2017-06-05T17:36:56.000Z f503cae5189d7561fb1081c78157759e0e077f7f [SHA1]
      • Bump CentOS stemcells for CESA-2017:1382 - sudo vulnerability
    • vSphere ESXi 426 MB
      2017-05-30T22:46:16.000Z a5e12e4b39d4327a5c4b4411fb9a7b293d390197 [SHA1]
      • Bump Ubuntu stemcells for USN-3304-1: Sudo vulnerability
    • vSphere ESXi 426 MB
      2017-05-23T00:36:50.000Z 54b4dcd6e7e1ac6a5bfc944ad2168b714972a5de [SHA1]


      • Added env.bosh.remove_static_libraries (bool) to remove static libraries
        • Useful to enable this option when exporting compiled releases
      • Added env.bosh.ipv6.enable (bool) to remove ipv6.disable kernel functionality at bootup time


      • Fixed sysstat logging
      • Fixed anacron’s RANDOM_DELAY configuration


      • Bumped s3cli v0.0.60
        • Updated aws-sdk-go to solve network timeout edge case
      • Bumped davcli v0.0.19
        • Use TCP keep alive to solve network timeout edge case
      • Bumped bosh-agent v0.0.35
        • Add -v to the Agent binary
        • Prepared sync_dns action to work with future Director’s DNS integration
    • vSphere ESXi 427 MB
      2017-09-19T21:52:10.000Z 404e564a05e6e18054f6e037d338329f174fac39 [SHA1]
    • vSphere ESXi 427 MB
      2017-09-07T21:01:21.000Z e280d32518b3cad3152fb95793a32a7137937e85 [SHA1]
    • vSphere ESXi 427 MB
      2017-08-17T00:55:22.000Z 5e07d2b9239db87ad0b678acb7793012f9f05c5f [SHA1]
    • vSphere ESXi 427 MB
      2017-08-11T22:45:37.000Z b27630f5a57b0e1d8948ec64fdad16769557fa48 [SHA1]
    • vSphere ESXi 427 MB
      2017-08-04T00:04:20.000Z b04664090818f6798c872e404c03a4b1d2ef5441 [SHA1]
    • vSphere ESXi 427 MB
      2017-06-30T00:43:35.000Z c9beba7eec531cfb24326703911e5600724fc8c2 [SHA1]
    • vSphere ESXi 427 MB
      2017-06-21T02:56:39.000Z 3aaea5c7d5e75212250c8e42bf7a3b5bb734f0c7 [SHA1]
    • vSphere ESXi 427 MB
      2017-05-30T23:02:17.000Z fe2e5f55ad9e3ef03077a8dec7bbc0689f69aae5 [SHA1]
    • vSphere ESXi 426 MB
      2017-05-19T23:43:15.000Z 4b8ce25e937e37284f4f9734e5373255b4cf5b18 [SHA1]
      • Periodic Ubuntu stemcells update
    • vSphere ESXi 426 MB
      2017-05-12T19:28:47.000Z 242ee3350ffd3fb0ad79e81dce59e43d4b7a9bda [SHA1]
      • Periodic Ubuntu stemcells update
      • Run cron in BOSH Lite stemcells so that logrotation is performed
    • vSphere ESXi 426 MB
      2017-04-25T23:14:16.000Z cc46c54c4b93dc0933bf9139b60d6782ffcad7ef [SHA1]
      • Bump Ubuntu stemcells for USN-3265-2: Linux kernel (Xenial HWE) vulnerabilities
    • vSphere ESXi 426 MB
      2017-04-17T22:49:13.000Z 728d40eb9fdecba7086b08f2db8bd23a29d372b1 [SHA1]
      • Periodic bump for CentOS stemcells to include CESA-2017:0933
      • Disable IPv6 through /proc/cmdline to eliminate possibilty of listening on tcp6/udp6
    • vSphere ESXi 426 MB
      2017-04-05T21:56:01.000Z d5571cd8e13d1daca99dc821e4fb751f4cdd42f8 [SHA1]
      • Bump Ubuntu stemcells for USN-3256-2: Linux kernel (HWE) vulnerability


      • Made AWS AMI backing snapshot public to support encryption of boot disks
    • vSphere ESXi 426 MB
      2017-03-30T21:28:49.000Z 06757e5a1fb52752a62cb046d2ce7972bfcde037 [SHA1]
      • Bump Ubuntu stemcells for USN-3249-2: Linux kernel (Xenial HWE) vulnerability
    • vSphere ESXi 426 MB
      2017-03-10T00:56:40.000Z 8899d9b76edde5722d98088983d416fa32c597e9 [SHA1]
    • vSphere ESXi 426 MB
      2017-03-08T23:50:27.000Z 9672080e35c94b3621fc6e683125a3057d697483 [SHA1]
      • Bumps Ubuntu stemcells for USN-3220-2: Linux kernel (Xenial HWE) vulnerability
    • vSphere ESXi 426 MB
      2017-02-23T02:27:39.000Z f5ecf3d5dcb90b0d973726758eead6520adf1ded [SHA1]

      Changes: - Bumps Ubuntu stemcells for USN-3208-2: Linux kernel (Xenial HWE) vulnerabilities - Fixes excessive “out of memory” errors in kernel - https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1655842 - Fixes regression to rsyslog by locking it down again to rsyslog 8.22.0

      Agent: - Fixes Azure stemcell persistent disk formatting - Fixes Warden stemcells SSH access

    • vSphere ESXi 426 MB
      2017-02-17T21:16:09.000Z 2571b9bcf0285022593b6912a75dad2f9eb0dcb4 [SHA1]

      Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - rsyslog version updated to 8.24.0, regressing on issue #1537 - Out of memory errors still exists in Kernel - will be fixed around Feb 20.

      Changes: - Fixes double -hvm- suffix problem for AWS Light stemcells

    • vSphere ESXi 426 MB
      2017-02-16T02:18:06.000Z 7be3327781e809db8418033d5d51979f7f776db6 [SHA1]

      Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - Out of memory errors still exists in Kernel - will be fixed around Feb 20. - rsyslog version updated to 8.24.0, regressing on issue #1537 - AWS Light stemcell has incorrect name once imported - BOSH SSH does not work on BOSH Lite

      Changes: - Add more auditd rules - Fix CentOS initramfs to load necessary kernel modules - Disable boot loader login - Increasing tcp_max_sync_backlog - Disabling any DSA host keys - Add bosh_sshers group and assign it to vcap user - Only allow users in bosh_sshers group to SSH

      Agent: - Log Agent API access events in CEF format to syslog (vcap.agent topic) - Allow configuring swap size through env.bosh.swap_size (example: env.bosh.swap_size: 0) - Prepare for SHA2 releases - Allow setting fetching to work with base64 encoded user data - Do not delaycompress in logrotate

    • vSphere ESXi 427 MB
      2017-09-19T21:52:10.000Z 61227cab5d477dcd115b207d1358e6ce9ebd3686 [SHA1]
    • vSphere ESXi 426 MB
      2017-08-17T00:47:32.000Z 1d77148a2a3295a577d36f700dbc756fd10bdd20 [SHA1]