diego/0.1491.0
You can find the source of this version on GitHub at cloudfoundry/diego-release. It was created based on the commit 2f237173.
Release Notes¶
Changes from v0.1490.0 to v0.1491.0
- Verified with garden-runc-release v1.0.3.
- Verified with garden-windows-bosh-release v0.0.9.
- Verified with etcd-release v86.
- Verified with cf-mysql-release v32.
- Verified with cflinuxfs2-rootfs-release v1.40.0.
IMPORTANT: This version of Diego removes support for the experimental Docker image “caching” feature. The CAPI team has also already effectively ended support for this feature in their work to merge the ‘stager’ CC-Bridge component into Cloud Controller and to submit all Diego workloads as unprivileged containers. If your Docker-image-based app fails to stage correctly, try unsetting its DIEGO_DOCKER_CACHE environment variable. In practice, developers have been interested in the “caching” staging process primarily because it allowed them to run Docker images from registries that required authentication, and we hope to have first-class support for that use case soon.
Significant changes
BBS Relational Datastore
- As a Diego operator, I expect to have comprehensive documentation about using a Postgres data store for the BBS (in flight)
- SQL encryption db should re-encrypt routes data
Component Coordination
SSH
- cloudfoundry/diego-ssh #25: Additional Security Logging Requested
- cloudfoundry/diego-ssh #26: Extract username, userid from token and use for additional security logging
Docker Support
Manifest Generation
- Pull consul_agent and metron_agent from cf-release
- cloudfoundry/diego-release #223: Pull windows job from CF instead of garden-windows
Component Logging and Metrics
- cloudfoundry/diego-release #224: Add syslog for rep_windows job
- Fix regression in new garden container creation/deletion metrics
- As a Diego operator, I would like to observe each cell to report metrics about how long garden takes to destroy a container or to fail to create a container
Test Suites and Tooling
- Potential race condition in fake_clock
- cloudfoundry/clock #1: Fixes a race condition that can happen when timers are used as tickers
Security
- As a Diego security auditor, I expect not to observe credentials in the ssh-proxy command line
- As a Diego operator, I would like to ensure that TLS communication to Diego components uses strong ciphers and protocols
Documentation
- As a CF operator, I expect the diego-release AWS example instructions to deploy a secure BOSH director
- As a Diego operator, I expect to be able to override the instance types of the Diego VMs in the AWS example instructions
BOSH job changes
None.
BOSH property changes
None.
Usage¶
You can reference this release in your deployment manifest from the releases section:
- name: "diego" version: "0.1491.0" url: "https://bosh.io/d/github.com/cloudfoundry/diego-release?v=0.1491.0" sha1: "b30c9ad37e3ff5da6a65bd5852127ea27ff1b278"
Or upload it to your director with the upload-release command:
bosh upload-release --sha1 b30c9ad37e3ff5da6a65bd5852127ea27ff1b278 \ "https://bosh.io/d/github.com/cloudfoundry/diego-release?v=0.1491.0"