@cf-release-notes-bot cf-release-notes-bot released this Feb 1, 2018 · 7 commits to master since this release

Assets 2

Contents

Notices

  • Official EOL: This is the last version of cf-release. The supported way to deploy Cloud Foundry Application Runtime is to use cf-deployment. For operators looking to migrate from cf-release to cf-deployment, we've provided tooling to support the migration. Feel free to reach out to the Release Integration team in the #release-integration channel of the Cloud Foundry slack, or open a github issue on cf-deployment.

Job Spec Changes

  • None

Security Notices

Affecting v287

  • None

Resolved in v287

  • None

Subcomponent Updates

Compatible Releases and Stemcells

@cf-release-notes-bot cf-release-notes-bot released this Jan 27, 2018 · 16 commits to master since this release

Assets 2

Contents

Notices

  • None

Job Spec Changes

  • None

Security Notices

Affecting v286

  • None

Resolved in v286

  • None

Subcomponent Updates

Compatible Releases and Stemcells

@cf-release-notes-bot cf-release-notes-bot released this Jan 18, 2018 · 20 commits to master since this release

Assets 2

Contents

Notices

  • For this release, we're recommending use of garden-runc-release 1.10.0, as 1.11.0 is not yet compatible with diego-release manifest generation.

Job Spec Changes

  • None

Security Notices

Affecting v285

  • None

Resolved in v285

  • None

Subcomponent Updates

Compatible Releases and Stemcells

@cf-release-notes-bot cf-release-notes-bot released this Jan 5, 2018 · 30 commits to master since this release

Assets 2

Contents

Notices

  • None

Job Spec Changes

  • None

Security Notices

Affecting v284

  • None

Resolved in v284

  • None

Subcomponent Updates

Compatible Releases and Stemcells

@cf-release-notes-bot cf-release-notes-bot released this Dec 11, 2017 · 49 commits to master since this release

Assets 2

Contents

Notices

  • Stemcell 3468.13 addresses a critical CVE.
  • There is an issue running the integration test for mounting a FUSE endpoint on VSphere against this version of cf-release.
  • Set the default to secure communication between Cloud Controller and Diego. Last chance to ensure all required properties in the doc here are configured.

Job Spec Changes

  • None

Security Notices

Affecting v283

  • None

Resolved in v283

  • None

Subcomponent Updates

Compatible Releases and Stemcells

@cf-release-notes-bot cf-release-notes-bot released this Dec 8, 2017 · 53 commits to master since this release

Assets 2

Contents

Notices

  • Not yet updated

Job Spec Changes

  • Not yet updated

Security Notices

Affecting v282

  • None

Resolved in v282

  • Not yet updated

Subcomponent Updates

Compatible Releases and Stemcells

@cf-release-notes-bot cf-release-notes-bot released this Dec 8, 2017 · 65 commits to master since this release

Assets 2

Contents

Notices

  • None

Job Spec Changes

  • None

Security Notices

Affecting v281

  • None

Resolved in v281

  • None

Subcomponent Updates

Compatible Releases and Stemcells

@cf-release-notes-bot cf-release-notes-bot released this Nov 16, 2017 · 70 commits to master since this release

Assets 2

UPDATE: Several people have asked about the use of uaa-release 52.2 and the fact that it was originally labeled "Do not use." That release has a known issue with the skipSslValidation flag -- specifically that, when set to true, the UAA continued to validate TLS certificates anyway. This should only impact dev and test users, as production operators should always set skipSslValidation: false. In general, we consider this uaa-release 52.2 safe to use.

Contents

Notices

  • The runtime-config for forwarding component syslogs contains an update that forwards only logs that are written to /var/vcap/sys/log. Logs pushed to rsyslog using the logger CLI will most likely be dropped, by design.
    Any operators who have overridden their syslog configuration to disable BlackBox should stop doing so as part of upgrading to this version of cf-release.

Job Spec Changes

  • Breaking logging change with introduction of property cc.log_db_queries which defaults to false for jobs cloud_controller_ng, cloud_controller_worker, and cloud_controller_clock. This causes DB logs to not be logged by default. If you want to see these logs then you'll need to switch this value to true. An example of the logs in question:
{"timestamp":1510256720.2370548,"message":"(0.001166s) SELECT * FROM `delayed_jobs` WHERE ((((`run_at` <= '2017-11-09 19:45:20') AND (`locked_at` IS NULL)) OR (`locked_at` < '2017-11-09 15:45:20') OR (`locked_by` = 'cc_api_worker.api.0.2')) AND (`failed_at` IS NULL) AND (`queue` IN ('cc-api-0'))) ORDER BY `priority` ASC, `run_at` ASC LIMIT 5","log_level":"info","source":"cc.background","data":{},"thread_id":46994475118420,"fiber_id":46994498232380,"process_id":1759344,"file":"/var/vcap/packages/cloud_controller_ng/cloud_controller_ng/vendor/bundle/ruby/2.4.0/gems/sequel-4.49.0/lib/sequel/database/logging.rb","lineno":88,"method":"block in log_each"}

Security Notices

Affecting v280

  • None

Resolved in v280

  • None

Subcomponent Updates

Compatible Releases and Stemcells

@cf-release-notes-bot cf-release-notes-bot released this Nov 9, 2017 · 75 commits to master since this release

Assets 2

Contents

Notices

  • None

Job Spec Changes

  • None

Security Notices

Affecting v279

  • None

Resolved in v279

  • None

Subcomponent Updates

Compatible Releases and Stemcells

@cf-release-notes-bot cf-release-notes-bot released this Oct 19, 2017 · 90 commits to master since this release

Assets 2

Contents

Notices

  • None

Job Spec Changes

  • consul_agent now only inserts keys if they have changed. It should only be necessary to set confab.timeout_in_seconds during a gossip encryption key rotation.

Security Notices

Affecting v278

  • None

Resolved in v278

  • None

Subcomponent Updates

Compatible Releases and Stemcells