@emalm emalm released this Feb 23, 2018

Assets 6

Changes from v1.35.0 to v2.0.0

IMPORTANT: Diego v2.0.0 introduces some breaking changes to the operator configuration of the BOSH release and deliberately removes support for other job properties and API endpoints that will be removed soon. In particular, in this release:

  • Diego APIs now require configuration for mutual TLS.
  • Diego components default to using Locket as their lock and cell-registration provider.
  • The BBS API no longer supports migration of legacy etcd data to MySQL or Postgres.
  • The legacy spiff-based manifest-generation system is removed in favor of cf-deployment.

A full list of expected changes in the v2 release series is available in the v2.0.0 proposal.

Significant changes

BBS API

BBS Benchmarks

BBS Relational Datastore

cfdot

De-Consuling Locks

Per-Instance Proxy (Experimental)

Manifest Generation

Component Logging and Metrics

Dependencies

Test Suites and Tooling

Security

BOSH job changes

None.

BOSH property changes

auctioneer

  • Added locks.locket.enabled, defaulting to true.

  • Changed diego.auctioneer.locket.api_location default to locket.service.cf.internal:8891.

  • Removed diego.auctioneer.bbs.require_ssl.

  • diego.auctioneer.bbs.ca_cert is now required.

  • diego.auctioneer.bbs.client_cert is now required.

  • diego.auctioneer.bbs.client_key is now required.

  • diego.auctioneer.ca_cert is now required.

  • diego.auctioneer.server_cert is now required.

  • diego.auctioneer.server_key is now required.

bbs

  • Added cell_registrations.locket.enabled, defaulting to true.

  • Added locks.locket.enabled, defaulting to true.

  • Changed diego.bbs.locket.api_location default to locket.service.cf.internal:8891.

  • Removed diego.bbs.desired_lrp_creation_timeout.

  • Removed diego.bbs.etcd.ca_cert.

  • Removed diego.bbs.etcd.client_cert.

  • Removed diego.bbs.etcd.client_key.

  • Removed diego.bbs.etcd.client_session_cache_size.

  • Removed diego.bbs.etcd.machines.

  • Removed diego.bbs.etcd.max_idle_conns_per_host.

  • Removed diego.bbs.etcd.require_ssl.

  • Removed diego.bbs.require_ssl.

  • diego.bbs.ca_cert is now required.

  • diego.bbs.server_cert is now required.

  • diego.bbs.server_key is now required.

benchmark-bbs

  • Removed benchmark-bbs.bbs.require_ssl.

  • Removed benchmark-bbs.etcd.ca_cert.

  • Removed benchmark-bbs.etcd.client_cert.

  • Removed benchmark-bbs.etcd.client_key.

  • Removed benchmark-bbs.etcd.client_session_cache_size.

  • Removed benchmark-bbs.etcd.machines.

  • Removed benchmark-bbs.etcd.max_idle_conns_per_host.

  • Removed benchmark-bbs.etcd.require_ssl.

  • benchmark-bbs.bbs.ca_cert is now required.

  • benchmark-bbs.bbs.client_cert is now required.

  • benchmark-bbs.bbs.client_key is now required.

cfdot

  • Removed diego.cfdot.bbs.use_ssl.

  • tls.ca_certificate is now required.

  • tls.certificate is now required.

  • tls.private_key is now required.

rep and rep_windows

  • Added cell_registrations.locket.enabled, defaulting to true.

  • Changed diego.rep.locket.api_location default to locket.service.cf.internal:8891.

  • Removed admin_api.require_tls.

  • Removed diego.rep.bbs.ca_cert.

  • Removed diego.rep.bbs.client_cert.

  • Removed diego.rep.bbs.client_key.

  • Removed diego.rep.ca_cert.

  • Removed diego.rep.require_tls.

  • Removed diego.rep.server_cert.

  • Removed diego.rep.server_key.

  • Removed use_v2_tls.

  • tls.ca_cert is now required.

  • tls.cert is now required.

  • tls.key is now required.

route_emitter and route_emitter_windows

  • Changed locks.locket.enabled default to true.

  • Removed diego.route_emitter.bbs.require_ssl.

  • diego.route_emitter.bbs.ca_cert is now required.

  • diego.route_emitter.bbs.client_cert is now required.

  • diego.route_emitter.bbs.client_key is now required.

ssh_proxy

  • Removed diego.ssh_proxy.bbs.require_ssl.

  • diego.ssh_proxy.bbs.ca_cert is now required.

  • diego.ssh_proxy.bbs.client_cert is now required.

  • diego.ssh_proxy.bbs.client_key is now required.

vizzini

  • Removed vizzini.bbs.require_ssl.

  • vizzini.bbs.client_cert is now required.

  • vizzini.bbs.client_key is now required.

BOSH link changes

None.