Pivotal Cloud Foundry v1.9

Pivotal Cloud Foundry Ops Manager v1.9 Release Notes

How to Upgrade

The procedure for upgrading to Pivotal Cloud Foundry (PCF) Ops Manager v1.9 is documented in the Upgrading Pivotal Cloud Foundry topic.


  • Bumped the default memory of vSphere and Openstack appliances to 8GB
  • Finished experimental API endpoint to assign a network and AZ to the Director tile
  • Increased Azure storage account disk limit to 150 disks per storage account
  • Fixed a bug where the rails sessions was not clearing completely on logout
  • Enhanced Ops Manager network verifiers and validators so vSphere network names can now include a distributed port group
BOSH Director: 260
bosh-init: v.0.0.99
Stemcell: 3312.12
Azure CPI: 20
Google Cloud Platform CPI: 25.6.2
OpenStack CPI: 27
vSphere CPI: 38
UAA: 24


  • Bump stemcell to patch rsyslog memory leak.
  • Bump vSphere CPI to leverage more retry logic.
  • Fixed issue where sometimes multiple UAA processes would start and operators would be stuck at the “Waiting for authentication to start”
  • When deploying the vSphere OVA, fixed an issue where multiple DNS servers can again have spaces between them.
  • Operators no longer have to unlock the appliance directly after import.
  • Fixed issue where the BOSH health monitor could not send emails if authentication was required for SMTP.
  • Fixed bug where AWS persistent disks were not being encrypted when desired by the Operator.
  • Add encryption for AWS ephemeral disks as well, when the operator has enabled EBS encryption.
  • Increased AWS ephemeral disk sizes, allowing some VMs (like BOSH director) to use a smaller machine type by default.
  • Finished experimental API endpoints to get/set IaaS-related properties for configuring the director tile.
  • Finished experimental API endpoint to create/update/delete the collection of networks inside the director tile.
  • Allow windows stemcells to be used by products.
BOSH Director: 260
bosh-init: v.0.0.99
Stemcell: 3312.12
Azure CPI: 19
Google Cloud Platform CPI: 25.6.1
OpenStack CPI: 27
vSphere CPI: 36
UAA: 24


  • Patches USN-3156-1.
  • Fixes an upgrade issue where jobs in pre-1.7 products could be accidentally treated as non-singleton. In a very specific circumstance, this could have caused data loss.
  • Fixes an Azure image issue where sometimes OpsManager would be marked as Failing by Azure even though the VM appeared to be working.
  • Fixes Azure partitioning performance problem that sometimes causes BOSH to fail to attach persistent disks
  • Reverted the requirement to provide a password for running “sudo” on vSphere, as some customers are running sudo commands on the OpsManager VM via SSH in their scripts.
BOSH Director: 260
bosh-init: v.0.0.99
Stemcell: 3312.9
Azure CPI: 19
Google Cloud Platform CPI: 25.6.1
OpenStack CPI: 27
vSphere CPI: 32
UAA: 24


Versions 1.9.0 and higher versions of Ops Manager consist of the following component versions:

BOSH Director: 260
bosh-init: v.0.0.99
Stemcell: 3312.6
Azure CPI: 19
Google Cloud Platform CPI: 25.6.1
OpenStack CPI: 27
vSphere CPI: 32

New Features in Ops Manager v1.9.0

BOSH Updates


Ops Manager v1.9.0 includes the following changes to the stemcell:

  • Security improvements: Various security-focused improvements have been made to the stemcell.
  • Floppy device removal: The floppy device has been removed from the stemcell, which reduces a VM’s exposure to security risks.

Note: See the Known Issues section of this document for a potential memory leak issue with the stemcell provided with the Ops Manager v1.9.0 release.

BOSH Director

Ops Manager v1.9.0 includes the following changes to the BOSH Director:

  • Add-on controls: Operators can now control what deployments or instance groups a given add-on applies, allowing them to limit the VMs in which the add-on is used.
  • BOSH Events: Events logging is now enabled by default, and operators can view a curated list of granular activity by the Director for auditing and troubleshooting purposes
  • VMware HA interoperability improvements: The BOSH Director has improved its logic with regards to dealing with faulting vSphere hosts and now better coordinates its decisions with the VMware HA capability in vSphere, resulting in lower chances of downtime for VMs.
  • Resurrection logic improvements: The BOSH Director has improved its logic and now continues to retry when resurrecting a VM even if its fails the first time.

SHA 256 Certificates

Ops Manager now generates SHA 256 certificates.

Edit Job Configurations

Ops Manager now supports API endpoints to edit max_in_flight configurations per job. See the OpsManager API documentation for more information. To view the Ops Manager API documentation, browse to https://YOUR-OPS-MANAGER-FQDN/docs.

Known Issues

This section lists known issues for Ops Manager.

Persistent Disk Provisioning Error on Azure

On PCF on Azure deployments, BOSH sometimes returns an error when provisioning persistent disks. The error resembles the following:

Persistent disk with volume id 'SOME-ID' could not be found.

This error can occur when deploying the BOSH Director itself or another product in Ops Manager. To workaround this issue, retry the deployment.

Memory Leak in rsyslog v8.23

rsyslog v8.23 is prone to memory leaks when TCP connections are reset.

Deployments with stable syslog storer endpoints appear not to be affected by this syslog version. The following stemcells contain rsyslog v8.23:

  • 3312.9
  • 3312.8
  • 3312.7
  • 3312.6
  • 3312.5
  • 3312.3

Stemcell v3312, which contains rsyslog v8.22, does not exhibit the memory leak issue, but is missing other kernel vulnerability fixes.

Work is in progress to build a new stemcell that pins rsyslog to 8.22.0-0adiscon1trusty1.

Stemcells from other release series (3151.x, 3233.x, 3263.x) contain rsyslog v8.23. Stemcells from these series will be updated to pin to v8.22 as well.

This issue is also being tracked here: BOSH #1537: syslogd on all VMs has memory leak.

Firewall Rules and Service Networks in GCP

On PCF for GCP deployments, Ops Manager service network VMs are not assigned the correct firewall rules. As a result, these VMs cannot communicate with the BOSH Director and service tiles that use the On-Demand Service Broker (ODB) fail to create service instances.

As a workaround, if you are deploying a service network in GCP, modify your firewall to use subnet CIDR-based rules.

Bug Fixes

  • Fixed a bug that was preventing a load balancer from being attached to the BOSH Director on Google Cloud Platform.
Was this helpful?
What can we do to improve?
View the source for this page in GitHub