Skip to content
This repository has been archived by the owner on Mar 9, 2022. It is now read-only.

Latest commit

 

History

History
167 lines (122 loc) · 7.94 KB

2017-04-05-runtime.md

File metadata and controls

167 lines (122 loc) · 7.94 KB
Raw

Runtime PMC Meeting 2017-04-05

Agenda

  • Announcements
  • PMC Lifecycle Activities
  • Backlog Review

Announcements

PMC Lifecycle Activities

  • Proposal to incubate haproxy-boshrelease by Geoff Franks of Stark & Wayne
  • rsyslog configuration on metron planned for removal on August 1st (please use syslog release instead).

Discussion

Backlog Reviews

CLI - Dies Köper

  • Very close to releasing cf CLI 6.26.0 exposing isolation segments. Reasons for the delay include updating the CI environment from bosh-lite on AWS to full bosh & cf-deployment (we need multiple Diego cells to test iso segs) on GCP (lower cost), additional feature stories stemming from a UX review of the current isolation segments related command set and current CF release, and regressions in commands that mix V2 and V3 CC APIs.
  • Next release will focus on UX improvements and bug fixes around plugin installation and management.
  • Cross-paired with CAPI on V3 create-app and create-package. Expecting to pick up V3 staging in a week or two when related CAPI changes have completed. These commands are for now hidden, marked experimental and whether they'll be absorbed into V3 push and other commands or will also be exposed as is will be considered later.
  • Exploring CLI UX for private docker registries - shared summary on CF Dev and received positive feedback on suggested UX.

Garden - Julz Friedman

GrootFS - George Lestaris

  • Deploying to 50% of PWS today.
  • We found an issue in PWS (caused by a race between grootfs create and grootfs stats). It's fixed in the latest release.
  • Released v0.16.0 today:
    • This release contains some of the features required to enable a less "manual" (and more tested) store management (grootfs init-store and grootfs delete-store calls).
    • We have found a way around the Kernel limitations, in order to implement rootless with the Overlay-XFS file system driver. v0.16.0 introduces two feature flags in grootfs create (--json and --without-mount) to start shifting the Garden-Groot contract in order to enable the rootless-Overlay-XFS work.

Greenhouse - A William Martin

Diego - Eric Malm

  • Resolved BBS performance degradation with 1000 locket-based cell registrations with MySQL tuning
  • Cells can opt into using new v2 Loggregator API for rep component metrics (except for the Golang runtime metrics)
  • Cells support mutual TLS for asset uploads and downloads
  • Finishing up TCP route-registrations from the local route-emitters
  • Finishing up rotation of instance-identity credentials before end of validity
  • Improving locket operability in advance of recommending use for BBS and auctioneer locks
  • Upcoming:
    • Continuing with v2 Loggregator API support across Diego components
    • Improve LRP health-check efficiency, reliability with more declarative specification
    • Support CAPI in performing zero-downtime app updates

Routing - Shannon Coen

  • Adding support to the Gorouter and TCP routers to filter routes by router group
  • routing-release 0.149.0 shipped with some bug fixes
  • Published blog post on performance improvements
  • Finished draft of docs for deploying routers for isolation segments

Infrastructure - Evan Farrar

consul-release

etcd-release

bosh-bootloader (a.k.a bbl)

Release Integration - David Sabeti

cf-release

  • Cut v255
  • PRs
    • CC Clock is distributed (rather than a singleton) in manifest generation scripts.
    • Certificate generation scripts in cf-release reduce logic duplication
    • CATs errand accepts configuration of detect_timeout, timeout_scale, sleep_timeout, and test_password
    • Add necessary UAA configuration to Openstack template
    • New errand for running smoke tests on Windows
  • Remove deprecated jwt configuration

cf-deployment

  • New ops-files
    • use-compiled-releases.yml allows deployers to skip compilation of cf-mysql-release. More releases to come.
    • scale-to-one-az.yml uses only the first AZ, and only one instance of each job.
  • Starting work on the cf-release to cf-deployment migration
  • Versioning
    • Currently shipping patch and minor versions of cf-deployment
    • release-candidate branch is still updated automatically when builds pass. master branch is updated when we ship a new version.
    • First major version will occur when we've developed a migration path from cf-release.
  • cf-deployment-concourse-tasks
    • v2.0 uses bbl v3
    • Docker image is versioned accordingly
  • Small updates and PRs
    • Add certs for Cloud Controller to CC Uploader communication
    • Cloud Controller link is shared across deployments
    • Disable legacy rep endpoints
    • Remove deprecated jwt configuration
    • bosh-lite cloud-config has more compilation workers
    • bosh-lite has a lower default app memory
    • Default quota definition allows for 100 route ports
    • API workers are deployed as a separate instance group
    • cfdot is deployed on all Diego jobs
    • diego-cell waits for diego-brain to finish deploying

cf-acceptance-tests

  • Tests for AppUsageEvents are more robust against large deployments.

cf-smoke-tests

  • Windows smoke tests use hwc buildpack rather than the binary buildpack
  • Updated logic so that the smoke tests can be run from a Windows VM

nats-release

  • No changes

postgres-release - Valeria Perticara

postgres-release

  • Released postgres-release v15 that upgrades PostgreSQL to v9.6.2. NOTE: this drops support for upgrading from PostgreSQL 9.4.5
  • Going to bump v15 in cf-release
  • Working on bosh links

MySQL - Marco Nicosia

  • No changes.

Runtime OG - Michael Fraenkel

Loggregator - Adam Hevenor

  • Important Note: - we have been investigating possible message reliability issues starting in CF253. If you are experiencing this please contribute to the this github issue
  • Finishing performance tuning and scaling tests for "Scalable Syslog". We are seeing initial reliability improvements of ~30%.
  • Working on the removal of etcd
  • Release planning for both of these
    • Note: We are only planning to release these changse to cf-deployment
    • Etcd and legacy syslog drain architecture will remain in cf-release

UAA - Sree Tummidi

  • UAA 3.14.0 Releases. This addresses an upgrade incompatibility issues when upgrading from 3.9.9. An advisory was sent out on cf-dev
  • UAA 4.0.0 Work in progress
    • Strict Validation for OAuth redirect URI
    • Enforce POST method for /token and /check_token end-points
    • UAA Performance Testing is in progress
    • SAML IDP/SP Key Rotation
    • UAA Bosh Release ERB Validations for required properties
    • Enable deletion of users and clients via YML & Bosh Manifest
    • UAA API docs Table of Contents load time improvements
    • Version Filtering for UAA API Docs

CAPI - Zach Robinson

PERSI - Julian Hjortshoj

  • nfs-volume-release now supports LDAP authentication to secure UIDs when communicating with NFS servers. (docs for this are still pending)
  • we have an initial drop of an ECS bosh release that bosh deploys ECS (EMC elastic cloud storage) Community Edition
  • BOSH deployment of ECS broker & ECS broker support for ECS NFSv3 shares are still pending in our pipeline
  • Second draft of the Container Volume Interface is soon to go out for public comment, and will be the topic for the first ever CNCF Storage Working Group meeting. (Note that this brand new working group will not be the owner of the CVI--the plan is to form another CNCF CVI working group.)

Container Networking - Usha Ramachandran

Bits-Service - Simon Moser