Skip to content

@jhunt jhunt released this Feb 14, 2020

Major Release

  • This release brings cf-genesis-kit up to date with the releases found in
    cf-deployment v12.25.0.

New Features

  • Log Throttling: by specifying params.max_log_lines_per_second, you can
    limit the maximum log lines per second per app instance. A value of 0
    disables this limit (which is the default state).

    Note: This is an EXPERIMENTAL feature, and as such, should not be used in
    a production environment without full understanding of its implications.
    See the associated Pivotal Tracker story

Core Components

Release Version Release Date
bpm 1.1.6 05 December 2019
capi 1.89.0 06 December 2019
cf-networking 2.27.0 02 December 2019
cf-smoke-tests 40.0.125 03 January 2020
cflinuxfs3 0.154.0 14 January 2020
cf-cli 1.24.0 08 January 2020
diego 2.42.0 14 January 2020
garden-runc 1.19.9 21 November 2019
loggregator 106.3.5 13 January 2020
loggregator-agent 5.3.4 13 January 2020
log-cache 2.6.8 30 December 2019
nats 32 11 December 2019
routing 0.196.0 05 December 2019
statsd-injector 1.11.13 13 January 2020
cf-syslog-drain 10.2.9 13 January 2020
uaa 74.13.0 13 January 2020
silk 2.27.0 02 December 2019
bosh-dns-aliases 0.0.3 24 October 2018
cflinuxfs2 1.286.0 12 June 2019
app-autoscaler 2.0.0 15 August 2019
nfs-volume 2.3.0 21 August 2019
mapfs 1.2.0 15 July 2019
postgres 3.2.0 19 September 2019
haproxy 9.7.1 05 September 2019

Buildpacks

Release Version Release Date
binary 1.0.36 08 January 2020
dotnet-core 2.3.3 08 January 2020
go 1.9.4 08 January 2020
java 4.26 21 November 2019
nginx 1.1.3 08 January 2020
nodejs 1.7.8 08 January 2020
php 4.4.5 08 January 2020
python 1.7.5 08 January 2020
r 1.1.1 08 January 2020
ruby 1.8.6 08 January 2020
staticfile 1.5.3 08 January 2020

Note: Core Component and Buildpack releases in italics were updated as part of this kit release.

Assets 3

@jhunt jhunt released this Feb 13, 2020 · 4 commits to master since this release

Bug Fixes

  • This adds a route to the gorouter for the Loggregator Reverse Log Proxy Gateway. The route is
    log-stream.SYSTEM_DOMAIN. This route is required to hook up applications to the Loggregator
    v2 API firehose.

  • Fixes misconfigured certificates for cc_bridge components (#112)

  • Fixes tls/non-tls misconfiguration for network-policy server (#113)

Core Components

Release Version Release Date
bpm 1.1.6 05 December 2019
capi 1.89.0 06 December 2019
cf-networking 2.27.0 02 December 2019
cf-smoke-tests 40.0.123 -
cflinuxfs3 0.151.0 10 December 2019
cf-cli 1.23.0 08 January 2020
diego 2.41.0 04 December 2019
garden-runc 1.19.9 21 November 2019
loggregator 106.3.1 09 December 2019
loggregator-agent 5.3.1 16 December 2019
log-cache 2.6.6 09 December 2019
nats 32 -
routing 0.196.0 05 December 2019
statsd-injector 1.11.10 16 December 2019
cf-syslog-drain 10.2.7 16 December 2019
uaa 74.12.0 03 December 2019
silk 2.27.0 02 December 2019
bosh-dns-aliases 0.0.3 24 October 2018
cflinuxfs2 1.286.0 12 June 2019
app-autoscaler 2.0.0 15 August 2019
nfs-volume 2.3.0 21 August 2019
mapfs 1.2.0 15 July 2019
postgres 3.2.0 19 September 2019
haproxy 9.7.1 05 September 2019

Buildpacks

Release Version Release Date
binary 1.0.35 10 October 2019
dotnet-core 2.3.2 05 November 2019
go 1.9.3 05 November 2019
java 4.26 21 November 2019
nginx 1.1.1 05 November 2019
nodejs 1.7.4 22 November 2019
php 4.4.2 22 November 2019
python 1.7.2 22 November 2019
r 1.1.0 22 November 2019
ruby 1.8.2 05 November 2019
staticfile 1.5.1 05 November 2019
Assets 3

@jhunt jhunt released this Jan 31, 2020 · 9 commits to master since this release

Bug Fixes

  • v1.9.0 required locket server TLS certificate to be valid for 127.0.0.1.
    This release fixes this problem by automatically regenerating that secret if
    this is not the case. (Issue #108)

  • v1.9.0 fixed an issue where the certificates for the dns-service-discovery
    feature were placed incorrectly in v1.8.0, but the method to resolve this
    caused an error if these certificates were not present. (#107)

Assets 3

@jhunt jhunt released this Jan 30, 2020 · 13 commits to master since this release

Major Release Updates

This release brings the releases used by the CF Genesis Kit up to date with
v12.20.0 of the cf-deployment release.

Potentially Breaking Changes

TLS Certificate Updates

  • If you are currently using cf-genesis-deployment version 1.7.x, you are recommended to upgrade directly
    to this release, skipping v1.8.0. However, you still need to regenerate your certificates as per the
    instructions in GMP-CF-0003 - TLS Certificate Refactor in v1.8.0.

  • If you are already at v1.8.0, you will need to run genesis rotate-secrets <env> but WITHOUT the -f
    option, as this release requires the locket server TLS certificate to be regenerated to add 127.0.0.1 to their
    SAN. Do this after updating your environment's yml file to point to 1.9.0, but before deploying with it.

  • If you are on a release prior to 1.7.0, it is recommended that you upgrade first to 1.7.0 as there are manual
    steps needed to upgrade to that release.

HAProxy IPs

  • Continuing the remove static IPs theme of 1.7.0, this release drops the static ranges in cloud config for
    haproxy feature. Instead, the instances for haproxy instances need to be specified in the haproxy_ips
    parameter in list format. These ips must be in the range of the cf_lb_network, which defaults to the same
    network that is specified by the cf_edge_network parameter. This removes the requirement for the edge
    network to be at least a /28.

  • If upgrading from versions before 1.7.0, you will need to remove the first 10 static IPs from your cloud
    foundry, as these were used for the go routers and access vms. The 11th through 15th were reserved for
    haproxy instances, so in order to not have to change your network addresses, simply use these ips in your
    haproxy_ips list in your environment file and keep them listed as static.

  • If upgrading from 1.7.0 and later, same concept applies but will have to take into consideration what you did
    to remove the other static ips when you upgraded before.

Improvements

  • BBS uses localhost locket to prevent race conditions on cert changes
  • Increased feature coverage for testflight ci process
  • Move smoketests to uaa vm to reduce vm count and test time
  • Added smoketest genesis addon: genesis do <env> -- smoketest

Bug Fixes

  • Corrects cert location for dns-service-discovery and haproxy features. No
    manual remediation is necessary, as the existing certs will be moved on
    first check of the environment.

Core Components

Release Version Release Date
bpm 1.1.6 05 December 2019
capi 1.89.0 06 December 2019
cf-networking 2.27.0 02 December 2019
cf-smoke-tests 40.0.123 -
cflinuxfs3 0.151.0 10 December 2019
cf-cli 1.23.0 08 January 2020
diego 2.41.0 04 December 2019
garden-runc 1.19.9 21 November 2019
loggregator 106.3.1 09 December 2019
loggregator-agent 5.3.1 16 December 2019
log-cache 2.6.6 09 December 2019
nats 32 -
routing 0.196.0 05 December 2019
statsd-injector 1.11.10 16 December 2019
cf-syslog-drain 10.2.7 16 December 2019
uaa 74.12.0 03 December 2019
silk 2.27.0 02 December 2019
bosh-dns-aliases 0.0.3 24 October 2018
cflinuxfs2 1.286.0 12 June 2019
app-autoscaler 2.0.0 15 August 2019
nfs-volume 2.3.0 21 August 2019
mapfs 1.2.0 15 July 2019
postgres 3.2.0 19 September 2019
haproxy 9.7.1 05 September 2019

Buildpacks

Release Version Release Date
binary 1.0.35 10 October 2019
dotnet-core 2.3.2 05 November 2019
go 1.9.3 05 November 2019
java 4.26 21 November 2019
nginx 1.1.1 05 November 2019
nodejs 1.7.4 22 November 2019
php 4.4.2 22 November 2019
python 1.7.2 22 November 2019
r 1.1.0 22 November 2019
ruby 1.8.2 05 November 2019
staticfile 1.5.1 05 November 2019
Assets 3

@jhunt jhunt released this Jan 21, 2020 · 19 commits to master since this release

UPDATE: Caution when updating to this version - data loss can occur unless specific secrets are prevented from being rotated. See updated GMP-CF-0003 - TLS Certificate Refactor in v1.8.0 for more information.

Major Update

  • This release brings the releases used by the CF Genesis Kit up to date with
    v12.5.0 of the cf-deployment release. This should be a direct upgrade, but
    you will need to rotate the secrets, due to the re-alignment of the TLS
    certificates with cf-deployment (see below)

TLS Certificate Refactor

  • Cloud Foundry has upped its game regarding inter-process secure
    communications. In an attempt to better approximate the cf-deployment
    release for compatibility and ease of future updates, the cf-genesis-kit
    has remapped the internal generated certificates used to ensure they have
    the same CA signator and CN/SANs.

    This update requires that you run genesis rotate-secrets <env> -f to
    regenerate all the certificates used. It will also regenerate any passwords
    that were generated, so ensure that if you use these values outside of your
    CF deployment, that the changes are propagated to those users and tools that
    need them.

    See GMP-CF-0003 - TLS Certificate Refactor in v1.8.0 for more information.

New Features

  • Added the prom_scraper job from the loggregator-agent release. This replaces
    the, now deleted, loggr-expvar-forwarder and related jobs. Metrics are now
    exposed directly via Prometheus endpoints rather than forwarding as it was
    previously.

  • Added cf-dot to diego, bbs and cell instance groups as an addon.

Bug fixes

  • Fixed spelling of server_cert_domain_san in uaa.

  • Cleaned up defunct properties in multiple jobs.

Core Components

Release Version Release Date
bpm 1.1.5 22 October 2019
capi 1.88.0 01 November 2019
cf-networking 2.27.0 02 December 2019
cf-smoke-tests 40.0.123 -
cflinuxfs3 0.150.0 03 December 2019
cf-cli 1.22.0 05 November 2019
diego 2.41.0 04 December 2019
garden-runc 1.19.9 21 November 2019
loggregator 106.2.1 20 November 2019
loggregator-agent 5.2.2 -
log-cache 2.6.1 20 November 2019
nats 28 12 November 2019
routing 0.195.0 23 November 2019
statsd-injector 1.11.4 20 November 2019
cf-syslog-drain 10.2.2 21 October 2019
uaa 74.12.0 03 December 2019
silk 2.27.0 02 December 2019
bosh-dns-aliases 0.0.3 24 October 2018
cflinuxfs2 1.286.0 12 June 2019
app-autoscaler 2.0.0 15 August 2019
nfs-volume 2.3.0 21 August 2019
mapfs 1.2.0 15 July 2019
postgres 3.2.0 19 September 2019
haproxy 9.7.1 05 September 2019

Buildpacks

Release Version Release Date
binary 1.0.35 10 October 2019
dotnet-core 2.3.2 05 November 2019
go 1.9.3 05 November 2019
java 4.26 21 November 2019
nginx 1.1.1 05 November 2019
nodejs 1.7.4 22 November 2019
php 4.4.2 22 November 2019
python 1.7.2 22 November 2019
r 1.1.0 22 November 2019
ruby 1.8.2 05 November 2019
staticfile 1.5.1 05 November 2019
Assets 3

@jhunt jhunt released this Dec 3, 2019 · 23 commits to master since this release

New Features

  • The routing api is now available to use via the routing-api kit feature.
    This is needed to use cf management against a genesis deployed cloud foundry.

Improvements

  • Allow evacuation timeout to be set as a param, The default is now 10 minutes.

Bug Fixes

  • The route service feature was previously misconfigured and is now correctly in the api instance group and cloud_controller_ng job.
Assets 3

@jhunt jhunt released this Nov 13, 2019 · 29 commits to master since this release

New Features

  • Container to container networking and service discovery (via an
    internal Cloud Foundry domain) is now supported by the new
    dns-service-discovery feature. This new feature subsumes and
    replaces the app-bosh-dns feature, which only implemented half
    of the solution for direct communication between CF application
    containers.

Bug Fixes

  • The cflinuxfs2 feature now re-inserts default release
    properties that supported the (now EOL) stack. This makes the
    backwards-compatibility provided by the feature more
    bulletproof, in the face of continuing attempts to deprecate it
    fully, upstream.

Improvements

  • This Kit now provisions some new (empty) UAA groups, that users
    can be added to for various permissions inside of CF:

    1. network.read
    2. cloud_controller.read_only_admin
    3. cloud_controller.global_auditor
  • The admin account in UAA now has the network.admin scope,
    allowing it to see network policies created by anyone.

Assets 3

@jhunt jhunt released this Oct 11, 2019 · 38 commits to master since this release

NOTE: as this release brings some drastic re-numbering of core
component IP addressing schemes, you may want to validate that
your environment configuration stays reachable through an update.

Improvements

  • The access instance group, which used to terminate cf ssh
    traffic and proxy it to the proper backend Diego LRP, has been
    rolled into the existing router instance group.

    This means that router is now the sole ingress point for
    traffic entering the Cloud Foundry runtime.

    The former ssh-elb and cf-elb BOSH VM extensions have been
    replaced with a the new cf-load-balanced extension. You will
    need to update your cloud-config accordingly.

    NOTE: during the upgrade to this version of the CF Kit, BOSH
    will delete the now-unused access VMs, cutting off any cf ssh traffic until the first router instance finishes booting
    up. Traffic to CF applications should be available throughout.

  • The (now-EOL'd) cflinuxfs2 stack is now optional, and will not
    be deployed by default. If you still need to provide the rootfs
    and the accompanying buildpacks, use the new cflinuxfs2
    feature.

  • (Almost) All Static IPs are GONE! The router instance group
    now uses dynamically-assigned IPs exclusively, and communicates
    to Cloud provider loadbalancers (ALBs, ELBs, etc.) via BOSH
    VM Extensions. The nats instance group continues to use its
    link, and no longer requires staticly-assigne IPs. Same with
    doppler instances.

  • VM type defaults have been renamed to reflect the instance group
    that they pertain to. For example, the api instance group now
    defaults to api, not medium. See VM Type Changes,
    below, for the full story.

Bug Fixes

  • Unused autoscaler-pruner references have been removed.

VM Type Changes

This release introduces new defaults for VM types, to make it
easier to size different roles properly. Here is the full set of
changes:

Instance Group Old Default New Default Recommendation
api medium api 2 cpu / 4g mem
bbs small bbs 1 cpu / 2g mem
blobstore* medium blobstore 1 cpu / 2g mem
cell runtime cell 4 cpu / 16g mem
diego medium diego 2 cpu / 4g mem
doppler small doppler 1 cpu / 2g mem
haproxy* small haproxy 1 cpu / 2g mem
loggregator medium loggregator 2 cpu / 4g mem
nats small nats 1 cpu / 2g mem
postgres* large postgres 2 cpu / 4g mem
router small router 1 cpu / 2g mem
smoke-tests small errand 1 cpu / 2g mem
syslogger small syslogger 1 cpu / 2g mem
uaa medium uaa 2 cpu / 4g mem
as-api* default as-api 1 cpu / 2g mem
as-broker* default as-broker 1 cpu / 2g mem
as-scheduler* default as-scheduler 1 cpu / 2g mem
as-collector* default as-collector 1 cpu / 2g mem
as-scaler* default as-scaler 1 cpu / 2g mem
as-engine* default as-engine 1 cpu / 2g mem
as-operator* default as-operator 1 cpu / 2g mem

*) these types are optional, and depend on what features you have
enabled in your Cloud Foundry environment / deployment.

Core Components

NOTE: this release provides no material software or stemcell updates over the previous release.

Release Version Release Date
app-autoscaler 2.0.0 15 August 2019
bosh-dns-aliases 0.0.3 24 October 2018
bpm 1.1.0 28 May 2019
capi 1.83.0 28 June 2019
cf-cli 1.16.0 04 June 2019
cf-networking 2.23.0 17 June 2019
cf-smoke-tests 40.0.112 -
cf-syslog-drain 10.2 13 May 2019
cflinuxfs2 1.286.0 12 June 2019
cflinuxfs3 0.113.0 08 July 2019
diego 2.34.0 02 July 2019
garden-runc 1.19.3 25 June 2019
haproxy 9.7.1 05 September 2019
log-cache 2.2.2 31 May 2019
loggregator 105.5 06 May 2019
loggregator-agent 3.9 15 March 2019
mapfs 1.2.0 15 July 2019
nats 27 16 May 2019
nfs-volume 2.3.0 21 August 2019
postgres 3.2.0 19 September 2019
routing 0.188.0 12 April 2019
silk 2.23.0 17 June 2019
statsd-injector 1.10.0 16 April 2019
uaa 72.0 14 May 2019

Buildpacks

NOTE: this release provides no material software or stemcell updates over the previous release.

Release Version Release Date
binary 1.0.32 01 May 2019
dotnet-core 2.2.12 14 June 2019
go 1.8.39 01 May 2019
java 4.19 26 April 2019
nginx 1.0.13 14 June 2019
nodejs 1.6.51 14 June 2019
php 4.3.77 14 June 2019
python 1.6.34 14 June 2019
r 1.0.10 14 June 2019
ruby 1.7.40 14 June 2019
staticfile 1.4.43 14 June 2019
Assets 3

@jhunt jhunt released this Oct 2, 2019 · 61 commits to master since this release

Major Update

This release brings the releases used by the CF Genesis Kit up to date with
v9.5.0 of the cf-deployment release. This release is upgradable from the previous
releases (assuming you go through the removal of consul as per releases
v1.3.x - v1.5.x of this kit).

Improvements

  • Space Developers are now able to set up network policies without platform
    operator involvement.

  • Containerd is now the default containerization runtime for Diego, instead
    of garden/runc. If you want the old behavior, you can specify the
    native-garden-runc feature.

  • You can now set the VM update strategy via the vm_strategy param.

  • gorouter and access VMs now provide shared BOSH links.

  • App Autoscaler has been fixed and upgraded to 2.0.0, thanks to
    anishp55.

  • NFS Volume Services has been upgraded to v2.3.0 (see below for details).

  • Consul has been officially removed (see below for details).

  • Significant improvements to move communications to TLS

  • Additional loggregator metrics

NFS Volume Services

NFS Volume Services, which can be enabled via the nfs-volume-services feature,
has been upgraded to v2.3.0. This should be paired with the updated
nfs-broker genesis kit

Regarding Consul Deprecation

Consul is no longer supported, and was removed in release v1.5.0. While
replacing consul with BOSH DNS was optional since v1.3.0 using the feature
migrate-1.3-without-consul, that feature is no longer necessary..

You should be able to directly upgrade to this version with no impact to your
existing Cloud Foundry system. We recommend that you validate by upgrading
to v1.4.1 with migrate-1.3.1-without-consul enabled so that if something
does break, you can redeploy without that feature.

You must enable BOSH DNS in your BOSH
deployment via runtime config
(example)
to deploy this version.

Core Components

Release Version Release Date
app-autoscaler 2.0.0 15 August 2019
bosh-dns-aliases 0.0.3 24 October 2018
bpm 1.1.0 28 May 2019
capi 1.83.0 28 June 2019
cf-cli 1.16.0 04 June 2019
cf-networking 2.23.0 17 June 2019
cf-smoke-tests 40.0.112 -
cf-syslog-drain 10.2 13 May 2019
cflinuxfs2 1.286.0 12 June 2019
cflinuxfs3 0.113.0 08 July 2019
diego 2.34.0 02 July 2019
garden-runc 1.19.3 25 June 2019
haproxy 9.7.1 05 September 2019
log-cache 2.2.2 31 May 2019
loggregator 105.5 06 May 2019
loggregator-agent 3.9 15 March 2019
mapfs 1.2.0 15 July 2019
nats 27 16 May 2019
nfs-volume 2.3.0 21 August 2019
postgres 3.2.0 19 September 2019
routing 0.188.0 12 April 2019
silk 2.23.0 17 June 2019
statsd-injector 1.10.0 16 April 2019
uaa 72.0 14 May 2019

Buildpacks

Release Version Release Date
binary 1.0.32 01 May 2019
dotnet-core 2.2.12 14 June 2019
go 1.8.39 01 May 2019
java 4.19 26 April 2019
nginx 1.0.13 14 June 2019
nodejs 1.6.51 14 June 2019
php 4.3.77 14 June 2019
python 1.6.34 14 June 2019
r 1.0.10 14 June 2019
ruby 1.7.40 14 June 2019
staticfile 1.4.43 14 June 2019
Assets 3

@jhunt jhunt released this Sep 6, 2019 · 99 commits to master since this release

Major Change

Consul is no longer supported, and has been removed from this release. While
replacing consul with BOSH DNS was optional since v1.3.0 using the feature
migrate-1.3-without-consul, that feature has now been permanently turned on.

You should be able to directly upgrade to this version with no impact to your
existing Cloud Foundry system, it is recommended that you validate it by
upgrading to v1.4.1 with the migrate-1.3.1-without-consul so that if
something does occur, you can redeploy without that feature.

Note: You must enable BOSH DNS in your BOSH deployment and add it to your
runtime config (example) to deploy this version.

BOSH v270+ Fix

This release cleans up BOSH v1 manifest keys that can prevent deployment with
v270+ BOSH directors.

Core Components

This is the list of core components used in this release. No core components were updated, added or removed since last release.

Release Version Release Date
bosh-dns-aliases 0.0.3 24 October 2018
bpm 0.13.0 12 October 2018
capi 1.70.0 03 October 2018
cf-networking 2.17.0 09 October 2018
cf-smoke-tests 40.0.5 17 May 2018
cflinuxfs2 1.242.0 12 October 2018
cflinuxfs3 0.51.0 22 January 2019
cf-syslog-drain 7.1 13 September 2018
consul 193 30 May 2018
diego 2.19.0 11 October 2018
garden-runc 1.18.3 18 Febuary 2018
loggregator 104.0 01 October 2018
loggregator-agent 2.3 -
log-cache 2.0.2 20 November 2018
nats 26 02 October 2018
routing 0.182.0 19 September 2018
silk 2.17.0 09 October 2018
statsd-injector 1.4.0 26 September 2018
uaa 62.0 03 October 2018
nfs-volume 1.0.7 24 August 2017
postgres 3.1.5 30 January 2019
haproxy 9.3.0 24 August 2018

Buildpacks

This is the list of buildpacks provided with this release. No buildpacks were updated, added or removed since last release.

Release Version Release Date
binary 1.0.31 04 March 2019
dotnet-core 2.1.5 21 September 2018
go 1.8.28 12 October 2018
java 4.16.1 17 October 2018
nodejs 1.6.32 13 September 2018
php 4.3.61 13 September 2018
python 1.6.21 24 August 2018
ruby 1.7.24 12 October 2018
staticfile 1.4.32 10 September 2018
Assets 3
You can’t perform that action at this time.