A stemcell is a versioned Operating System image wrapped with IaaS specific packaging.

Typical stemcell contains bare minimum OS skeleton with few common utilities pre-installed, a BOSH Agent and few configuration files to make OS be securely configured by default.

Learn more about stemcells.

Ubuntu Lucid, CentOS 6.x, and Ruby agent based stemcells are deprecated.

Upload latest version to your BOSH Director:

# Upload latest version, currently 3363.12
$ bosh upload stemcell https://bosh.io/d/stemcells/bosh-vsphere-esxi-ubuntu-trusty-go_agent

# Upload specific version
$ bosh upload stemcell https://bosh.io/d/stemcells/bosh-vsphere-esxi-ubuntu-trusty-go_agent?v=3363.12

Alternatively, download stemcell tarball locally:

# ...or download it directly using curl
$ curl -L -J -O https://bosh.io/d/stemcells/bosh-vsphere-esxi-ubuntu-trusty-go_agent?v=3363.12

# or with wget...
$ wget --content-disposition https://bosh.io/d/stemcells/bosh-vsphere-esxi-ubuntu-trusty-go_agent?v=3363.12
  • Ubuntu Trusty

    • vSphere ESXi 426MB
      2017-03-10T00:56:40.000Z 8899d9b76edde5722d98088983d416fa32c597e9 [SHA1]
    • vSphere ESXi 426MB
      2017-03-08T23:50:27.000Z 9672080e35c94b3621fc6e683125a3057d697483 [SHA1]
      • Bumps Ubuntu stemcells for USN-3220-2: Linux kernel (Xenial HWE) vulnerability
    • vSphere ESXi 426MB
      2017-02-23T02:27:39.000Z f5ecf3d5dcb90b0d973726758eead6520adf1ded [SHA1]

      Changes: - Bumps Ubuntu stemcells for USN-3208-2: Linux kernel (Xenial HWE) vulnerabilities - Fixes excessive “out of memory” errors in kernel - https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1655842 - Fixes regression to rsyslog by locking it down again to rsyslog 8.22.0

      Agent: - Fixes Azure stemcell persistent disk formatting - Fixes Warden stemcells SSH access

    • vSphere ESXi 426MB
      2017-02-17T21:16:09.000Z 2571b9bcf0285022593b6912a75dad2f9eb0dcb4 [SHA1]

      Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - rsyslog version updated to 8.24.0, regressing on issue #1537 - Out of memory errors still exists in Kernel 4.4.0.62 - will be fixed around Feb 20.

      Changes: - Fixes double -hvm- suffix problem for AWS Light stemcells

    • vSphere ESXi 426MB
      2017-02-16T02:18:06.000Z 7be3327781e809db8418033d5d51979f7f776db6 [SHA1]

      Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - Out of memory errors still exists in Kernel 4.4.0.62 - will be fixed around Feb 20. - rsyslog version updated to 8.24.0, regressing on issue #1537 - AWS Light stemcell has incorrect name once imported - BOSH SSH does not work on BOSH Lite

      Changes: - Add more auditd rules - Fix CentOS initramfs to load necessary kernel modules - Disable boot loader login - Increasing tcp_max_sync_backlog - Disabling any DSA host keys - Add bosh_sshers group and assign it to vcap user - Only allow users in bosh_sshers group to SSH

      Agent: - Log Agent API access events in CEF format to syslog (vcap.agent topic) - Allow configuring swap size through env.bosh.swap_size (example: env.bosh.swap_size: 0) - Prepare for SHA2 releases - Allow setting fetching to work with base64 encoded user data - Do not delaycompress in logrotate

    • vSphere ESXi 426MB
      2017-03-08T23:51:46.000Z c45980352e7ecaf1320144afb440bb445626b5c4 [SHA1]
    • vSphere ESXi 426MB
      2017-02-23T01:54:32.000Z fb9ebb556deefabfe38aeab35bdd111425190920 [SHA1]
    • vSphere ESXi 426MB
      2017-02-10T00:58:58.000Z edd7ebb38437dc7edbe371719d4130392599beb8 [SHA1]
    • vSphere ESXi 425MB
      2016-12-14T02:47:49.000Z 4d26fc17fdb30455741e155ba77bdcbe2f6130d9 [SHA1]
      • Bumps Ubuntu stemcells for USN-3156-1: APT vulnerability
    • vSphere ESXi 425MB
      2016-12-05T17:31:43.000Z d8696585feac0efe75460d96db2d026fb1b84f80 [SHA1]
      • Periodic stemcell update
    • vSphere ESXi 425MB
      2016-12-02T16:32:55.000Z 60f42c93a3b1aea58fb373a5393f28ed292ce1d1 [SHA1]
    • vSphere ESXi 425MB
      2016-11-30T04:51:42.000Z 1e5a36142fb537c35be59b4091e428dd581d0d90 [SHA1]
      • Periodic stemcell update
        • Includes USN-3134-1 as requested by a community member
    • vSphere ESXi 425MB
      2016-11-16T22:14:24.000Z e69d870d9aa90135429e30852ce32bdbb425db51 [SHA1]
      • Properly includes libpam_cracklib.so to avoid errors in /var/log/auth.log
    • vSphere ESXi 424MB
      2016-11-10T23:55:46.000Z c3629db0cab8bc74cc922d75ab78e1388bec6782 [SHA1]
      • Fixes persistent disk mounting on OpenStack described in Stemcell 3308
    • vSphere ESXi 424MB
      2016-11-10T03:53:19.000Z 44d74028e801421e2c963ef382ac7334a3a1b7ad [SHA1]

      Reported Problems: - On OpenStack: Mounting persistent disks not working when using config-drive: disk while nova is configured to use a cdrom config-drive due to https://github.com/cloudfoundry/bosh/issues/1503

      Fixes: - Fixes SSH key installation issue introduced in Stemcell 3306

    • vSphere ESXi 424MB
      2016-11-08T17:24:53.000Z c49729f3843e0e255b262731e53ca68721afcb22 [SHA1]

      Reported Problems - bosh-init doesn’t work with this stemcell on OpenStack and AWS due to https://github.com/cloudfoundry/bosh/issues/1500 - Booting the stemcell image directly in you IaaS (without using BOSH/bosh-init) does no longer provision the ssh key for user vcap, so you need to login differently

      Changes - Agent will now wait for monit to complete stop all processes before carrying on - Added google stemcells - Default dmesg_restrict to 1 - Disable all IPv6 configurations - Reenabled UDF kernel module for Azure - Increase root_maxkeys and maxkeys kernel configurations - Changed default hostname to bosh-stemcell instead of localhost to avoid boot problems on GCP - Lower TCP keepalive configuration by default - Mount /var/log directory to /var/vcap/data/root_log - Restrict Access to the su command - Add pam_cracklib requirements to common-password and password-auth - Enable auditing for processes that start prior to auditd - Set log rotation interval to 15 min in stemcell - Made ownership & permissions for /etc/cron* files more restrictive - Customize shell prompt to show instance name and ID - Removed floppy drives from vSphere stemcells - Removed bosh micro assets hence making bosh micro unsupported

      Misc: - Stemcells are now built through Concourse via https://main.bosh-ci.cf-app.com/teams/main/pipelines/bosh:stemcells

    • vSphere ESXi 552MB
      2017-03-09T00:18:27.000Z 48d3471af2886418879763ff73349bf2abb056cf [SHA1]
    • vSphere ESXi 552MB
      2017-02-23T00:59:19.000Z 25b6b528a18b7062568d974261ad78fec0a46e15 [SHA1]
    • vSphere ESXi 551MB
      2017-01-13T04:36:13.000Z 70ca4e0f8a3602a53919cd4e8fd97770ed7da234 [SHA1]
    • vSphere ESXi 551MB
      2016-12-31T07:13:23.000Z 8d74dc5acfd0b9d2644a8821c78c88d347a1fc14 [SHA1]
    • vSphere ESXi 551MB
      2016-12-15T05:40:41.000Z 63cc6f5094d1ad3e9c5b5e6b103da1ddfc5a4a47 [SHA1]
    • vSphere ESXi 551MB
      2016-12-14T01:37:11.000Z 40b85a83896dfd59bb20281d03dfde08a32f2a06 [SHA1]
    • vSphere ESXi 551MB
      2016-12-06T17:12:51.000Z 9e4ea92355fc13eb5ce3e425355bed87c1681f4d [SHA1]
    • vSphere ESXi 550MB
      2016-11-03T18:22:30.000Z bf448bcea737eb937ca770feda4f21ed514976d3 [SHA1]
      • Updates CentOS kernel to the latest version for “Dirty COW”
        • Ubuntu stemcells were updated in previous versions at the time of Ubuntu USN updates
      • Includes fix to the bosh-agent to better support 1TB+ disk partitioning
    • vSphere ESXi 550MB
      2016-10-21T02:30:02.000Z 6e58a5bfdce715aaa832ea1035972c84dc579577 [SHA1]
      • Bump Ubuntu stemcells for USN-3106-2: Linux kernel (Xenial HWE) vulnerability
      • Includes a fix to the bosh-agent to work more reliably with 2TB+ persistent disks
    • vSphere ESXi 550MB
      2016-10-12T21:03:24.000Z 508d584662859ab85e6236c8e1c0dc30cffe2150 [SHA1]
      • Bump Ubuntu stemcells for USN-3099-2: Linux kernel (Xenial HWE) vulnerabilities
    • vSphere ESXi 550MB
      2016-09-30T16:44:18.000Z ef3f1419ccae22f12b6d367f3bf8399565722dd9 [SHA1]
      • Periodic bump
      • Delay start of rsyslogd using systemd on CentOS
    • vSphere ESXi 550MB
      2016-09-28T15:14:04.000Z a73d4f970b0682617a5fb748073bd2eb3ad28844 [SHA1]
      • google-kvm: improve the google-* daemon configurations
        • fixes ssh: handshake failed errors on boot
    • vSphere ESXi 550MB
      2016-09-26T17:12:47.000Z 78cc6b381a57b9e283d99fd00eb41e62c9b5c604 [SHA1]
      • Bumps Ubuntu stemcells for USN-3087-2 (OpenSSL regression)
    • vSphere ESXi 550MB
      2016-09-21T18:52:32.000Z 20949bf20abcd349a4b5340c03a401c7b60849a7 [SHA1]
    • vSphere ESXi 550MB
      2016-09-19T21:55:37.000Z 61ce61cb1ddde1b6866402a714406b0d3a5a3851 [SHA1]
      • Bumps Ubuntu to Linux kernel to 4.4

      Based on 3262 stemcells. Note: OpenStack stemcells series 3263 is broken due to https://github.com/cloudfoundry/bosh-agent/issues/98 and should not be used

    • vSphere ESXi 546MB
      2016-10-22T05:08:38.000Z 762ad3bb859963547c3a4892fc9ea0378da67251 [SHA1]
    • vSphere ESXi 546MB
      2016-10-13T15:15:40.000Z 7ed007dfaec05faea1bcd211a9e53445d15115ad [SHA1]
      • Bump Ubuntu stemcells for USN-3099-2: Linux kernel (Xenial HWE) vulnerabilities
    • vSphere ESXi 546MB
      2016-09-30T15:49:33.000Z 289f9c6d4bcc94376eeb67a0dab4ff93939b1bcd [SHA1]
    • vSphere ESXi 546MB
      2016-09-28T00:50:21.000Z 25db3244555ea1af87d7dfb5ff8466a6fa840049 [SHA1]
      • google-kvm: improve the google-* daemon configurations
        • fixes ssh: handshake failed errors on boot