Pivotal Application Service v2.8 Release Notes
- Releases
- How to Upgrade
-
New Features in PAS v2.8
- Diego Sets Container CPU Weight Property Equal to Container Memory Limit
- Spring Cloud Services Configuration in Apps Manager
- View the Active Droplet for an App in Apps Manager
- cf CLI Supports Sidecar Processes
- Deploy Sidecar Processes with a Custom Buildpack
- Configure Retention Period for Usage Service Data
- SMB Volume Services Enabled by Default
- NFS Broker Uses CredHub as Backing Store
- Enable URL Encoding For UAA Client Credentials
- Support for Pushing Container Images Hosted in AWS ECR
- Mutual TLS Added to Loggregator Endpoints and Components
- V2 Firehose Can Be Disabled
- Aggregate Drain for Metrics and App Logs
- PAS Must Use At Least One CredHub VM
- Customizable Marketplace URL and Secondary Navigation Links in Apps Manager
- Agent-Based Syslog Egress Cannot Be Disabled
- Additional Metadata Tags for Metrics and App Logs
- Rolling App Deployments Is GA
- Jump Upgrade to TAS for VMs v2.11
-
Breaking Changes
- PAS v2.8.25 and Later Incompatible with Tanzu GemFire for VMs v1.12 and Earlier with Tomcat Session State Caching
- Incorrect HTTP(S) Proxy Configuration Breaks CredHub Interpolation for Apps in PAS v2.8.12 and Later
- PAS v2.8.4 Stability Issues
- CredHub Requires At Least One CredHub Instance
- Syslog Adapters Are Removed
- Additional Metadata Tags for Metrics and App Logs
- Agent-Based Syslog Egress Cannot Be Disabled
- App SSH Container Port Change
-
Known Issues
- Rolling App Deployment Does Not Timeout
- Incompatible Stemcell Causes Job Failure
- Duplicate Metrics Appear in the Firehose
- Disable the Smoke Test Errand If You Disable the Firehose
- Bosh System Metrics Forwarder Regression in v2.8.22
- Errors in NFS Volume Service File Append Operations
- PCF Metrics v1.6.2 and Earlier Not Compatible with PAS v2.8.3 and Later
- Logs Take a Long Time to Load in Apps Manager
- Asynchronous Spring and Steeltoe health Endpoint Causes Apps Manager to Crash
- Errors Viewing App Logs after Disabling V1 Firehose
- App Metrics v2.0.0 Is Incompatible with Apps Manager Integration
- Traffic Controller Can Issue a Large Number of Unnecessary DNS Queries
- App Metrics Route Change Results In "Unexpected error occurrence"
- Invalid Events from Cloud Controller Purge and Reseed
- App Metrics v2.0 Causes Apps Manager to Log Out on PAS v2.8.3 and Earlier
- Metadata Tags Not Updated if App, Org, or Space Name Changed
- PCF Metrics Link Disappears in Apps Manager for Proxied Setups
- Autoscaler Controls Do Not Appear in Apps Manager for Proxied Setups
- Metric Registrar v1.2.1 Known Issues
Page last updated:
Warning: Pivotal Application Service (PAS) v2.8 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.
This topic contains release notes for Pivotal Application Service (PAS) v2.8.
For the feature highlights of this release, read the blog post Any company can become a software-driven organization. The new release of Tanzu Application Service gives you the blueprint or see New Features in PAS v2.8.
Pivotal Platform is certified by the Cloud Foundry Foundation for 2022.
For more information about the Cloud Foundry Certified Provider Program, see How Do I Become a Certified Provider? on the Cloud Foundry website.
Because VMware uses the Percona Distribution for MySQL, expect a time lag between Oracle releasing a MySQL patch and VMware releasing PAS containing that patch.
Releases
2.8.31
Release Date: 12/21/2021
See the following warnings:
- VMware recommends upgrading PAS as soon as possible to address CVE-2021-44228. If you are unable to upgrade, you can mitigate this CVE manually. See Workaround instructions to address CVE-2021-44228 and CVE-2021-45046 in Tanzu Application Service v2.7 - v2.12.
- This vulnerability also affects Ops Manager. VMware recommends upgrading to Ops Manager v2.10.24 as soon as possible. For more information, see the Ops Manager v2.10.24 release notes.
- [Security Fix] Fix uncontrolled recursion related to Log4j (CVE-2021-45105)
- Bump credhub to version
2.9.8
which has Log4j2.17.0
- Bump java-offline-buildpack to version
4.47
- Bump uaa to version
74.5.30
which has Log4j2.17.0
Component | Version |
---|---|
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.39 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.20 |
bpm | 1.1.13 |
capi | 1.87.10 |
cf-autoscaling | 238 |
cf-cli | 1.32.0 |
cf-networking | 2.42.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.251.0 |
credhub | 2.9.8 |
diego | 2.54.0 |
dotnet-core-offline-buildpack | 2.3.32 |
garden-runc | 1.19.25 |
go-offline-buildpack | 1.9.34 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.47 |
log-cache | 2.6.18 |
loggregator | 106.2.9 |
loggregator-agent | 5.2.14 |
mapfs | 1.2.4 |
metric-registrar | 1.1.9 |
metrics-discovery | 2.0.9 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.12 |
nginx-offline-buildpack | 1.1.30 |
nodejs-offline-buildpack | 1.7.57 |
notifications | 62 |
notifications-ui | 39 |
php-offline-buildpack | 4.4.53 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.20 |
pxc | 0.37.0 |
python-offline-buildpack | 1.7.43 |
r-offline-buildpack | 1.1.20 |
routing | 0.213.0 |
ruby-offline-buildpack | 1.8.42 |
silk | 2.38.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.24 |
statsd-injector | 1.11.16 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.14 |
uaa | 74.5.30 |
2.8.30
Release Date: 12/16/2021
See the following warnings:
- VMware recommends upgrading PAS as soon as possible to address CVE-2021-44228. If you are unable to upgrade, you can mitigate this CVE manually. See Instructions to address CVE-2021-44228 in Tanzu Application Service (2.7 through 2.12).
- This is an extended support release. Do not upgrade from PAS v2.7 to this patch. The supported upgrade path for PAS v2.7 is to jump upgrade to the next long-term support (LTS) version, TAS for VMs v2.11. See Jump Upgrading to TAS for VMs v2.11.
- This vulnerability also affects Ops Manager. VMware recommends upgrading to Ops Manager v2.10.24 as soon as possible. For more information, see the Ops Manager v2.10.24 release notes.
- [Security Fix] Fix remote code execution vulnerability related to Log4j (CVE-2021-45046)
- Bump credhub to version
2.9.7
which has Log4j2.16.0
- Bump java-offline-buildpack to version
4.45
- Bump php-offline-buildpack to version
4.4.53
- Bump uaa to version
74.5.29
which has Log4j2.16.0
Component | Version |
---|---|
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.39 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.20 |
bpm | 1.1.13 |
capi | 1.87.10 |
cf-autoscaling | 238 |
cf-cli | 1.32.0 |
cf-networking | 2.42.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.251.0 |
credhub | 2.9.7 |
diego | 2.54.0 |
dotnet-core-offline-buildpack | 2.3.32 |
garden-runc | 1.19.25 |
go-offline-buildpack | 1.9.34 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.45 |
log-cache | 2.6.18 |
loggregator | 106.2.9 |
loggregator-agent | 5.2.14 |
mapfs | 1.2.4 |
metric-registrar | 1.1.9 |
metrics-discovery | 2.0.9 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.12 |
nginx-offline-buildpack | 1.1.30 |
nodejs-offline-buildpack | 1.7.57 |
notifications | 62 |
notifications-ui | 39 |
php-offline-buildpack | 4.4.53 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.20 |
pxc | 0.37.0 |
python-offline-buildpack | 1.7.43 |
r-offline-buildpack | 1.1.20 |
routing | 0.213.0 |
ruby-offline-buildpack | 1.8.42 |
silk | 2.38.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.24 |
statsd-injector | 1.11.16 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.14 |
uaa | 74.5.29 |
2.8.29
Release Date: 12/15/2021
See the following warnings:
- VMware recommends upgrading PAS as soon as possible to address CVE-2021-44228. If you are unable to upgrade, you can mitigate this CVE manually. See Instructions to address CVE-2021-44228 in Tanzu Application Service (2.7 through 2.12).
- This is an extended support release. Do not upgrade from PAS v2.7 to this patch. The supported upgrade path for PAS v2.7 is to jump upgrade to the next long-term support (LTS) version, TAS for VMs v2.11. See Jump Upgrading to TAS for VMs v2.11.
- This vulnerability also affects Ops Manager. VMware recommends upgrading to Ops Manager v2.10.24 as soon as possible. For more information, see the Ops Manager v2.10.24 release notes.
- [Security Fix] UAA and CredHub - Fix remote code execution vulnerability related to Log4j CVE-2021-44228
- [Security Fix] Gorouter built with Go 1.16.7 to address CVE-2021-36221
- [Bug Fix] Diego - Envoy 1.19 should use original TCP connection pool, so that it can accept more than 1024 downstream connections
- Bump binary-offline-buildpack to version
1.0.39
- Bump bpm to version
1.1.13
- Bump cf-networking to version
2.42.0
- Bump cflinuxfs3 to version
0.251.0
- Bump credhub to version
2.9.6
which has Log4j2.15.0
- Bump diego to version
2.54.0
- Bump dotnet-core-offline-buildpack to version
2.3.32
- Bump go-offline-buildpack to version
1.9.34
- Bump java-offline-buildpack to version
4.44
- Bump log-cache to version
2.6.18
- Bump metric-registrar to version
1.1.9
- Bump nginx-offline-buildpack to version
1.1.30
- Bump nodejs-offline-buildpack to version
1.7.57
- Bump php-offline-buildpack to version
4.4.52
- Bump pxc to version
0.37.0
- Bump python-offline-buildpack to version
1.7.43
- Bump r-offline-buildpack to version
1.1.20
- Bump ruby-offline-buildpack to version
1.8.42
- Bump silk to version
2.38.0
- Bump staticfile-offline-buildpack to version
1.5.24
- Bump system-metrics-scraper to version
2.0.14
- Bump uaa to version
74.5.28
which has Log4j2.15.0
Component | Version |
---|---|
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.39 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.20 |
bpm | 1.1.13 |
capi | 1.87.10 |
cf-autoscaling | 238 |
cf-cli | 1.32.0 |
cf-networking | 2.42.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.251.0 |
credhub | 2.9.6 |
diego | 2.54.0 |
dotnet-core-offline-buildpack | 2.3.32 |
garden-runc | 1.19.25 |
go-offline-buildpack | 1.9.34 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.44 |
log-cache | 2.6.18 |
loggregator | 106.2.9 |
loggregator-agent | 5.2.14 |
mapfs | 1.2.4 |
metric-registrar | 1.1.9 |
metrics-discovery | 2.0.9 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.12 |
nginx-offline-buildpack | 1.1.30 |
nodejs-offline-buildpack | 1.7.57 |
notifications | 62 |
notifications-ui | 39 |
php-offline-buildpack | 4.4.52 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.20 |
pxc | 0.37.0 |
python-offline-buildpack | 1.7.43 |
r-offline-buildpack | 1.1.20 |
routing | 0.213.0 |
ruby-offline-buildpack | 1.8.42 |
silk | 2.38.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.24 |
statsd-injector | 1.11.16 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.14 |
uaa | 74.5.28 |
2.8.28
Release Date: 06/22/2021
- [Security Fix] Bump some dependencies to resolve security vulnerabilities
- Bump bpm to version
1.1.12
- Bump cf-autoscaling to version
238
- Bump cf-networking to version
2.37.0
- Bump cflinuxfs3 to version
0.241.0
- Bump dotnet-core-offline-buildpack to version
2.3.29
- Bump java-offline-buildpack to version
4.39
- Bump loggregator-agent to version
5.2.14
- Bump metric-registrar to version
1.1.6
- Bump nginx-offline-buildpack to version
1.1.27
- Bump nodejs-offline-buildpack to version
1.7.53
- Bump php-offline-buildpack to version
4.4.40
- Bump python-offline-buildpack to version
1.7.41
- Bump ruby-offline-buildpack to version
1.8.40
- Bump silk to version
2.37.0
- Bump statsd-injector to version
1.11.16
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.0 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.38 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.20 |
bpm | 1.1.12 |
capi | 1.87.10 |
cf-autoscaling | 238 |
cf-cli | 1.32.0 |
cf-networking | 2.37.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.241.0 |
credhub | 2.5.13 |
diego | 2.50.0 |
dotnet-core-offline-buildpack | 2.3.29 |
garden-runc | 1.19.25 |
go-offline-buildpack | 1.9.31 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.39 |
log-cache | 2.6.17 |
loggregator-agent | 5.2.14 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.6 |
metrics-discovery | 2.0.9 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.12 |
nginx-offline-buildpack | 1.1.27 |
nodejs-offline-buildpack | 1.7.53 |
notifications-ui | 39 |
notifications | 62 |
php-offline-buildpack | 4.4.40 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.20 |
pxc | 0.35.0 |
python-offline-buildpack | 1.7.41 |
r-offline-buildpack | 1.1.17 |
routing | 0.213.0 |
ruby-offline-buildpack | 1.8.40 |
silk | 2.37.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.21 |
statsd-injector | 1.11.16 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.22 |
2.8.27
Release Date: 05/27/2021
- [Feature Improvement] Patch versions can be upgraded without a stemcell upgrade.
- [Feature Improvement] Improve metric-registrar to handle unreachable CC more gracefully, delete smoke-test app in the case of failure, and integrate CUPS caching.
- [Feature Improvement] Adds per request metrics reporting, which makes metric frequency proportional to request frequency.
- [Bug Fix] Fix race condition and prevent network policy MySQL database from being able to get into an invalid state.
- Bump binary-offline-buildpack to version
1.0.38
- Bump bpm to version
1.1.11
- Bump cf-networking to version
2.36.0
- Bump cflinuxfs3 to version
0.238.0
- Bump diego to version
2.50.0
- Bump dotnet-core-offline-buildpack to version
2.3.28
- Bump garden-runc to version
1.19.25
- Bump go-offline-buildpack to version
1.9.31
- Bump metric-registrar to version
1.1.5
- Bump nginx-offline-buildpack to version
1.1.26
- Bump nodejs-offline-buildpack to version
1.7.51
- Bump notifications to version
62
- Bump php-offline-buildpack to version
4.4.39
- Bump push-usage-service-release to version
671.0.20
- Bump pxc to version
0.35.0
- Bump python-offline-buildpack to version
1.7.39
- Bump r-offline-buildpack to version
1.1.17
- Bump ruby-offline-buildpack to version
1.8.39
- Bump silk to version
2.36.0
- Bump staticfile-offline-buildpack to version
1.5.21
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.0 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.38 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.20 |
bpm | 1.1.11 |
capi | 1.87.10 |
cf-autoscaling | 237 |
cf-cli | 1.32.0 |
cf-networking | 2.36.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.238.0 |
credhub | 2.5.13 |
diego | 2.50.0 |
dotnet-core-offline-buildpack | 2.3.28 |
garden-runc | 1.19.25 |
go-offline-buildpack | 1.9.31 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.36 |
log-cache | 2.6.17 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.5 |
metrics-discovery | 2.0.9 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.12 |
nginx-offline-buildpack | 1.1.26 |
nodejs-offline-buildpack | 1.7.51 |
notifications-ui | 39 |
notifications | 62 |
php-offline-buildpack | 4.4.39 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.20 |
pxc | 0.35.0 |
python-offline-buildpack | 1.7.39 |
r-offline-buildpack | 1.1.17 |
routing | 0.213.0 |
ruby-offline-buildpack | 1.8.39 |
silk | 2.36.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.21 |
statsd-injector | 1.11.15 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.22 |
2.8.26
Release Date: 03/31/2021
- [Breaking Change] This restores the breaking change originally found in 2.8.24 and temporarily remediated in 2.8.25: Gorouter update to Golang v1.15 introduces stricter transfer-encoding header standards. Stricter header standards break Spring apps that incorrectly set the header. For more information, see Applications on TAS for VMs get 502 chunked response error in the Knowledge Base.
- [Breaking Change] PAS v2.8.26 specifies Java buildpack v4.36. This causes a breaking change if you use Tanzu GemFire for VMs v1.12 or earlier with Tomcat session state caching. For information about how to avoid this breaking change, see Known Issues in the Tanzu GemFire for VMs documentation.
- [Security Fix] Usage Service - Upgrade Nokogiri gem to address CVE-2020-26247
- [Security Fix] Usage Service - Upgrade Rails gem to address CVE-2021-22880
- [Feature Improvement] MySQL binlogs volume is capped at 33% of available disk storage
- Bump ubuntu-xenial stemcell to version
621.115
- Bump cf-cli to version
1.32.0
- Bump cflinuxfs3 to version
0.227.0
- Bump diego to version
2.49.0
- Bump go-offline-buildpack to version
1.9.26
- Bump nfs-volume to version
5.0.12
- Bump nodejs-offline-buildpack to version
1.7.42
- Bump php-offline-buildpack to version
4.4.31
- Bump push-usage-service-release to version
671.0.19
- Bump python-offline-buildpack to version
1.7.30
- Bump routing to version
0.213.0
- Bump ruby-offline-buildpack to version
1.8.31
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.115 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.20 |
bpm | 1.1.5 |
capi | 1.87.10 |
cf-autoscaling | 237 |
cf-cli | 1.32.0 |
cf-networking | 2.35.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.227.0 |
credhub | 2.5.13 |
diego | 2.49.0 |
dotnet-core-offline-buildpack | 2.3.22 |
garden-runc | 1.19.18 |
go-offline-buildpack | 1.9.26 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.36 |
log-cache | 2.6.17 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.4 |
metrics-discovery | 2.0.9 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.12 |
nginx-offline-buildpack | 1.1.20 |
nodejs-offline-buildpack | 1.7.42 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.31 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.19 |
pxc | 0.33.0 |
python-offline-buildpack | 1.7.30 |
r-offline-buildpack | 1.1.12 |
routing | 0.213.0 |
ruby-offline-buildpack | 1.8.31 |
silk | 2.35.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.15 |
statsd-injector | 1.11.15 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.22 |
2.8.25
Release Date: 02/19/2021
- [Breaking Change] PAS v2.8.25 specifies Java buildpack v4.36. This causes a breaking change if you use Tanzu GemFire for VMs v1.12 or earlier with Tomcat session state caching. For information about how to avoid this breaking change, see Known Issues in the Tanzu GemFire for VMs documentation.
- [Temporary Remediation] Gorouter - Emit log, emit metric, and don’t error when an app response contains a duplicate “Transfer-Encoding: chunked” header. This is a stop gap to discover which apps are sending invalid responses. For more information, see Applications on TAS for VMs get 502 chunked response error in the Knowledge Base.
- [Bug Fix] Autoscaling - Reduce RabbitMQ overhead of RabbitMQ based autoscaling rules.
- Bump ubuntu-xenial stemcell to version
621.101
- Bump cf-autoscaling to version
237
- Bump cflinuxfs3 to version
0.223.0
- Bump dotnet-core-offline-buildpack to version
2.3.22
- Bump go-offline-buildpack to version
1.9.25
- Bump java-offline-buildpack to version
4.36
- Bump nginx-offline-buildpack to version
1.1.20
- Bump nodejs-offline-buildpack to version
1.7.41
- Bump php-offline-buildpack to version
4.4.30
- Bump pxc to version
0.33.0
- Bump python-offline-buildpack to version
1.7.29
- Bump r-offline-buildpack to version
1.1.12
- Bump routing to version
0.211.1
- Bump ruby-offline-buildpack to version
1.8.30
- Bump staticfile-offline-buildpack to version
1.5.15
- Bump uaa to version
74.5.22
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.101 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.20 |
bpm | 1.1.5 |
capi | 1.87.10 |
cf-autoscaling | 237 |
cf-cli | 1.28.0 |
cf-networking | 2.35.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.223.0 |
credhub | 2.5.13 |
diego | 2.48.0 |
dotnet-core-offline-buildpack | 2.3.22 |
garden-runc | 1.19.18 |
go-offline-buildpack | 1.9.25 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.36 |
log-cache | 2.6.17 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.4 |
metrics-discovery | 2.0.9 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.10 |
nginx-offline-buildpack | 1.1.20 |
nodejs-offline-buildpack | 1.7.41 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.30 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.17 |
pxc | 0.33.0 |
python-offline-buildpack | 1.7.29 |
r-offline-buildpack | 1.1.12 |
routing | 0.211.1 |
ruby-offline-buildpack | 1.8.30 |
silk | 2.35.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.15 |
statsd-injector | 1.11.15 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.22 |
2.8.24
Release Date: 12/18/2020
- [Breaking Change] Gorouter update to Golang v1.15 introduces stricter transfer-encoding header standards. Stricter header standards break Spring apps that incorrectly set the header. For more information, see Applications on TAS for VMs get 502 chunked response error in the Knowledge Base.
- [Security Fix] Bump garden-runc-release to address CVE-2020-15257
- Bump ubuntu-xenial stemcell to version
621.94
- Bump cf-autoscaling to version
235
- Bump cf-networking to version
2.35.0
- Bump cflinuxfs3 to version
0.216.0
- Bump dotnet-core-offline-buildpack to version
2.3.19
- Bump garden-runc to version
1.19.18
- Bump go-offline-buildpack to version
1.9.23
- Bump java-offline-buildpack to version
4.34
- Bump nginx-offline-buildpack to version
1.1.19
- Bump nodejs-offline-buildpack to version
1.7.37
- Bump php-offline-buildpack to version
4.4.27
- Bump python-offline-buildpack to version
1.7.26
- Bump r-offline-buildpack to version
1.1.11
- Bump routing to version
0.209.0
- Bump ruby-offline-buildpack to version
1.8.27
- Bump silk to version
2.35.0
- Bump staticfile-offline-buildpack to version
1.5.14
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.94 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.20 |
bpm | 1.1.5 |
capi | 1.87.10 |
cf-autoscaling | 235 |
cf-cli | 1.28.0 |
cf-networking | 2.35.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.216.0 |
credhub | 2.5.13 |
diego | 2.48.0 |
dotnet-core-offline-buildpack | 2.3.19 |
garden-runc | 1.19.18 |
go-offline-buildpack | 1.9.23 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.34 |
log-cache | 2.6.17 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.4 |
metrics-discovery | 2.0.9 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.10 |
nginx-offline-buildpack | 1.1.19 |
nodejs-offline-buildpack | 1.7.37 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.27 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.17 |
pxc | 0.31.0 |
python-offline-buildpack | 1.7.26 |
r-offline-buildpack | 1.1.11 |
routing | 0.209.0 |
ruby-offline-buildpack | 1.8.27 |
silk | 2.35.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.14 |
statsd-injector | 1.11.15 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.21 |
2.8.23
Release Date: 11/17/2020
- Bump bosh-system-metrics-forwarder to version
0.0.20
- Bump metric-registrar to version
1.1.4
- Bump pxc to version
0.31.0
- Bump uaa to version
74.5.21
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.90 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.20 |
bpm | 1.1.5 |
capi | 1.87.10 |
cf-autoscaling | 233 |
cf-cli | 1.28.0 |
cf-networking | 2.34.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.210.0 |
credhub | 2.5.13 |
diego | 2.48.0 |
dotnet-core-offline-buildpack | 2.3.17 |
garden-runc | 1.19.16 |
go-offline-buildpack | 1.9.21 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.33 |
log-cache | 2.6.17 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.4 |
metrics-discovery | 2.0.9 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.10 |
nginx-offline-buildpack | 1.1.16 |
nodejs-offline-buildpack | 1.7.32 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.23 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.17 |
pxc | 0.31.0 |
python-offline-buildpack | 1.7.24 |
r-offline-buildpack | 1.1.10 |
routing | 0.208.0 |
ruby-offline-buildpack | 1.8.26 |
silk | 2.34.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.12 |
statsd-injector | 1.11.15 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.21 |
2.8.22 - Withdrawn
Warning: This release has been removed from VMware Tanzu Network due to the Bosh System Metrics Forwarder release v0.0.19 regresssion.
Release Date: 11/04/2020
- [Security Fix] Fix for CVE-2020-5417
- Bump ubuntu-xenial stemcell to version
621.90
- Bump bosh-system-metrics-forwarder to version
0.0.19
- Bump capi to version
1.87.10
- Bump dotnet-core-offline-buildpack to version
2.3.17
- Bump go-offline-buildpack to version
1.9.21
- Bump java-offline-buildpack to version
4.33
- Bump log-cache to version
2.6.17
- Bump metrics-discovery to version
2.0.9
- Bump nginx-offline-buildpack to version
1.1.16
- Bump nodejs-offline-buildpack to version
1.7.32
- Bump php-offline-buildpack to version
4.4.23
- Bump python-offline-buildpack to version
1.7.24
- Bump r-offline-buildpack to version
1.1.10
- Bump ruby-offline-buildpack to version
1.8.26
- Bump staticfile-offline-buildpack to version
1.5.12
- Bump statsd-injector to version
1.11.15
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.90 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.19 |
bpm | 1.1.5 |
capi | 1.87.10 |
cf-autoscaling | 233 |
cf-cli | 1.28.0 |
cf-networking | 2.34.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.210.0 |
credhub | 2.5.13 |
diego | 2.48.0 |
dotnet-core-offline-buildpack | 2.3.17 |
garden-runc | 1.19.16 |
go-offline-buildpack | 1.9.21 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.33 |
log-cache | 2.6.17 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.9 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.10 |
nginx-offline-buildpack | 1.1.16 |
nodejs-offline-buildpack | 1.7.32 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.23 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.17 |
pxc | 0.30.0 |
python-offline-buildpack | 1.7.24 |
r-offline-buildpack | 1.1.10 |
routing | 0.208.0 |
ruby-offline-buildpack | 1.8.26 |
silk | 2.34.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.12 |
statsd-injector | 1.11.15 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.20 |
2.8.21
Release Date: 10/26/2020
- [Feature] UAA - Expose configuration options for proxy settings
- [Feature Improvement] Operators can configure how long cloud controller audit events are retained
- [Feature Improvement] Networking: Clarify that drain timeout should be lower than backend request timeout to reduce drain time during deploys
- [Bug Fix] Loggregator Agent Release - Prom Scraper metrics server names match
- Bump ubuntu-xenial stemcell to version
621.89
- Bump cflinuxfs3 to version
0.210.0
- Bump uaa to version
74.5.20
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.89 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.9 |
cf-autoscaling | 233 |
cf-cli | 1.28.0 |
cf-networking | 2.34.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.210.0 |
credhub | 2.5.13 |
diego | 2.48.0 |
dotnet-core-offline-buildpack | 2.3.15 |
garden-runc | 1.19.16 |
go-offline-buildpack | 1.9.19 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.32.1 |
log-cache | 2.6.16 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.10 |
nginx-offline-buildpack | 1.1.15 |
nodejs-offline-buildpack | 1.7.29 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.22 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.17 |
pxc | 0.30.0 |
python-offline-buildpack | 1.7.22 |
r-offline-buildpack | 1.1.9 |
routing | 0.208.0 |
ruby-offline-buildpack | 1.8.25 |
silk | 2.34.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.11 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.20 |
2.8.20
Release Date: 10/19/2020
- [Security Fix] Bump Percona XtraDB Cluster to 5.7.31
- [Bug Fix] ServiceDiscoveryController - Reconnect internal routing metrics to the firehose [Bug Fix] Gorouter performs TLS to backends when “Skip SSL Certificate Verification” is enabled. Stale routes are now pruned.
- Bump ubuntu-xenial stemcell to version
621.87
- Bump cf-networking to version
2.34.0
- Bump cflinuxfs3 to version
0.209.0
- Bump pxc to version
0.30.0
- Bump routing to version
0.208.0
- Bump silk to version
2.34.0
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.87 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.9 |
cf-autoscaling | 233 |
cf-cli | 1.28.0 |
cf-networking | 2.34.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.209.0 |
credhub | 2.5.13 |
diego | 2.48.0 |
dotnet-core-offline-buildpack | 2.3.15 |
garden-runc | 1.19.16 |
go-offline-buildpack | 1.9.19 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.32.1 |
log-cache | 2.6.16 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.10 |
nginx-offline-buildpack | 1.1.15 |
nodejs-offline-buildpack | 1.7.29 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.22 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.17 |
pxc | 0.30.0 |
python-offline-buildpack | 1.7.22 |
r-offline-buildpack | 1.1.9 |
routing | 0.208.0 |
ruby-offline-buildpack | 1.8.25 |
silk | 2.34.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.11 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.18 |
2.8.19
Release Date: 10/09/2020
- [Security Fix] Remove credentials from process name and fix CVE CODEC-134, CODEC-270
- [Bug Fix] Enable users to adjust the timeout for all healthcheck types in Apps Manager
- [Bug Fix] Users can view process based audit events in Apps Manager
- [Bug Fix] Revert Metric-Registrar Bump
- Bump ubuntu-xenial stemcell to version
621.85
- Bump cflinuxfs3 to version
0.208.0
- Bump credhub to version
2.5.13
- Bump dotnet-core-offline-buildpack to version
2.3.15
- Bump go-offline-buildpack to version
1.9.19
- Bump nginx-offline-buildpack to version
1.1.15
- Bump nodejs-offline-buildpack to version
1.7.29
- Bump php-offline-buildpack to version
4.4.22
- Bump push-apps-manager-release to version
671.0.18
- Bump python-offline-buildpack to version
1.7.22
- Bump r-offline-buildpack to version
1.1.9
- Bump ruby-offline-buildpack to version
1.8.25
- Bump staticfile-offline-buildpack to version
1.5.11
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.85 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.9 |
cf-autoscaling | 233 |
cf-cli | 1.28.0 |
cf-networking | 2.33.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.208.0 |
credhub | 2.5.13 |
diego | 2.48.0 |
dotnet-core-offline-buildpack | 2.3.15 |
garden-runc | 1.19.16 |
go-offline-buildpack | 1.9.19 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.32.1 |
log-cache | 2.6.16 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.10 |
nginx-offline-buildpack | 1.1.15 |
nodejs-offline-buildpack | 1.7.29 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.22 |
push-apps-manager-release | 671.0.18 |
push-usage-service-release | 671.0.17 |
pxc | 0.28.0 |
python-offline-buildpack | 1.7.22 |
r-offline-buildpack | 1.1.9 |
routing | 0.207.0 |
ruby-offline-buildpack | 1.8.25 |
silk | 2.33.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.11 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.18 |
2.8.18
Release Date: 09/21/2020
- [Security Fix] Bump Usage Service ruby version to 2.6.6 - CVE-2020-15169 CVE-2020-10933 CVE-2020-10663
- [Security Fix] Update cf-autoscaling’s dependencies to mitigate CVEs
- [Bug Fix] Modify cf-autoscaling’s API to return HTTP status 404 (not found) when not logged in. Previously it returned 401 (unauthorized). The behavior now matches the documentation
- [Bug Fix] Include correct version of push-usage-service-release
671.0.17
- an incorrect version was shipped in TAS v2.8.16 and TAS v2.8.17 - [Feature Improvement] Secure scraping available in Metric Registrar (Reverted in v2.8.19)
- Bump ubuntu-xenial stemcell to version
621.84
- Bump cf-autoscaling to version
233
- Bump metric-registrar to version
1.2.1
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.84 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.9 |
cf-autoscaling | 233 |
cf-cli | 1.28.0 |
cf-networking | 2.33.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.204.0 |
credhub | 2.5.12 |
diego | 2.48.0 |
dotnet-core-offline-buildpack | 2.3.14 |
garden-runc | 1.19.16 |
go-offline-buildpack | 1.9.17 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.32.1 |
log-cache | 2.6.16 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.2.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.10 |
nginx-offline-buildpack | 1.1.14 |
nodejs-offline-buildpack | 1.7.26 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.20 |
push-apps-manager-release | 671.0.17 |
push-usage-service-release | 671.0.17 |
pxc | 0.28.0 |
python-offline-buildpack | 1.7.20 |
r-offline-buildpack | 1.1.7 |
routing | 0.207.0 |
ruby-offline-buildpack | 1.8.23 |
silk | 2.33.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.10 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.18 |
2.8.17
Release Date: 09/10/2020
WARNING: This version of TAS includes an incorrect version of Usage Service. We strongly suggest skipping this release and using TAS v2.8.18 or newer instead. If you are already running this release we suggest upgrading. For more information see this kb article.
- [Security Fix] Fix for CVE-2020-5420: Improve Gorouter’s handling of invalid HTTP response codes
- [Feature Improvement] Gorouter aliases /healthz to /health in order to prevent downtime during upgrades
- [Feature Improvement] Allow users to scale memory & disk for web processes in Apps Manager when autoscaling is enabled
- [Bug Fix] Safeguard against null log payloads for apps in Apps Manager
- [Bug Fix] Improve Log Cache Syslog Ingestion Performance
- [Breaking Change] Change noisy Gorouter logs to use debug log level. Replace with more helpful, quieter logs. For more details, see routing-release in GitHub.
- Bump ubuntu-xenial stemcell to version
621.82
- Bump cf-networking to version
2.33.0
- Bump cflinuxfs3 to version
0.204.0
- Bump diego to version
2.48.0
- Bump dotnet-core-offline-buildpack to version
2.3.14
- Bump go-offline-buildpack to version
1.9.17
- Bump log-cache to version
2.6.16
- Bump nfs-volume to version
5.0.10
- Bump nginx-offline-buildpack to version
1.1.14
- Bump nodejs-offline-buildpack to version
1.7.26
- Bump php-offline-buildpack to version
4.4.20
- Bump push-apps-manager-release to version
671.0.17
- Bump python-offline-buildpack to version
1.7.20
- Bump routing to version
0.207.0
- Bump silk to version
2.33.0
- Bump staticfile-offline-buildpack to version
1.5.10
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.82 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.9 |
cf-autoscaling | 232 |
cf-cli | 1.28.0 |
cf-networking | 2.33.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.204.0 |
credhub | 2.5.12 |
diego | 2.48.0 |
dotnet-core-offline-buildpack | 2.3.14 |
garden-runc | 1.19.16 |
go-offline-buildpack | 1.9.17 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.32.1 |
log-cache | 2.6.16 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.10 |
nginx-offline-buildpack | 1.1.14 |
nodejs-offline-buildpack | 1.7.26 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.20 |
push-apps-manager-release | 671.0.17 |
push-usage-service-release | 670.0.21 |
pxc | 0.28.0 |
python-offline-buildpack | 1.7.20 |
r-offline-buildpack | 1.1.7 |
routing | 0.207.0 |
ruby-offline-buildpack | 1.8.23 |
silk | 2.33.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.10 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.18 |
2.8.16
Release Date: 08/24/2020
WARNING: This version of TAS includes an incorrect version of Usage Service. We strongly suggest skipping this release and using TAS v2.8.18 or newer instead. If you are already running this release we suggest upgrading. For more information see this kb article.
- [Security Fix] Fix for CVE-2020-5416: Improve Gorouter’s websocket error handling
- [Bug Fix] loggr-syslog-agent - Fix server alternative name
- [Bug Fix] Fix memory leak in RLP gateway
- [Bug Fix]: Return 502 TLS Handshake error for an unresponsive backend
- [Bug Fix] Fix Usage Service for inactive foundations
- [Bug Fix] Bump garden-runc to v1.19.16
- Bump ubuntu-xenial stemcell to version
621.78
- Bump cflinuxfs3 to version
0.203.0
- Bump garden-runc to version
1.19.16
- Bump go-offline-buildpack to version
1.9.16
- Bump java-offline-buildpack to version
4.32.1
- Bump loggregator to version
106.2.9
- Bump python-offline-buildpack to version
1.7.18
- Bump routing to version
0.205.0
- Bump ruby-offline-buildpack to version
1.8.23
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.78 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.9 |
cf-autoscaling | 232 |
cf-cli | 1.28.0 |
cf-networking | 2.31.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.203.0 |
credhub | 2.5.12 |
diego | 2.47.0 |
dotnet-core-offline-buildpack | 2.3.13 |
garden-runc | 1.19.16 |
go-offline-buildpack | 1.9.16 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.32.1 |
license | |
log-cache | 2.6.15 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.9 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.9 |
nginx-offline-buildpack | 1.1.12 |
nodejs-offline-buildpack | 1.7.25 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.19 |
push-apps-manager-release | 671.0.15 |
push-usage-service-release | 670.0.21 |
pxc | 0.28.0 |
python-offline-buildpack | 1.7.18 |
r-offline-buildpack | 1.1.7 |
routing | 0.205.0 |
ruby-offline-buildpack | 1.8.23 |
silk | 2.31.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.9 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.18 |
2.8.15
Release Date: 08/07/2020
- [Security Fix] Notifications-ui removes UAA client secret from logs during installation
- [Feature Improvement] Upgrade Percona-XtraDB-Cluster to version 5.7.30-31.43
- [Bug Fix] Fix issue where requests to internal routes could fail due to incorrect case-sensitivity in DNS lookup in the service discovery controller.
- [Bug Fix] System Metrics Scraper/Prom Scraper — Fixes a bug that causes excess log volume and increases scrape interval to reduce metric volume
- Bump ubuntu-xenial stemcell to version
621.77
- Bump cf-cli to version
1.28.0
- Bump cf-networking to version
2.31.0
- Bump cf-smoke-tests to version
40.0.134
- Bump cflinuxfs3 to version
0.202.0
- Bump dotnet-core-offline-buildpack to version
2.3.13
- Bump garden-runc to version
1.19.14
- Bump go-offline-buildpack to version
1.9.15
- Bump nginx-offline-buildpack to version
1.1.12
- Bump nodejs-offline-buildpack to version
1.7.25
- Bump notifications-ui to version
39
- Bump php-offline-buildpack to version
4.4.19
- Bump pxc to version
0.28.0
- Bump python-offline-buildpack to version
1.7.17
- Bump ruby-offline-buildpack to version
1.8.22
- Bump silk to version
2.31.0
- Bump system-metrics-scraper to version
2.0.13
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.77 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.9 |
cf-autoscaling | 232 |
cf-cli | 1.28.0 |
cf-networking | 2.31.0 |
cf-smoke-tests | 40.0.134 |
cflinuxfs3 | 0.202.0 |
credhub | 2.5.12 |
diego | 2.47.0 |
dotnet-core-offline-buildpack | 2.3.13 |
garden-runc | 1.19.14 |
go-offline-buildpack | 1.9.15 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.31.1 |
log-cache | 2.6.15 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.8 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.9 |
nginx-offline-buildpack | 1.1.12 |
nodejs-offline-buildpack | 1.7.25 |
notifications-ui | 39 |
notifications | 61 |
php-offline-buildpack | 4.4.19 |
push-apps-manager-release | 671.0.15 |
push-usage-service-release | 671.0.14 |
pxc | 0.28.0 |
python-offline-buildpack | 1.7.17 |
r-offline-buildpack | 1.1.7 |
routing | 0.203.0 |
ruby-offline-buildpack | 1.8.22 |
silk | 2.31.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.9 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.13 |
uaa | 74.5.18 |
2.8.14
Release Date: 07/16/2020
- [Security Fix] Fix for CVE-2020-15586: Bump golang to version 1.14.5 with a fix in the net/http/httputil package for an issue which could cause the Gorouter to crash if a malicious client sends specially crafted HTTP requests.
- [Feature Improvement] Platform operators can see X-Cf-RouterError response headers in router access logs
- [Feature Improvement] Application developers can successfully deploy a reverse-proxy with support for sticky sessions
[Feature Improvement] Gorouter provides improved logging when the following error is received:
x509: certificate has expired or is not yet valid
Bump cf-cli to version
1.27.0
Bump cf-smoke-tests to version
40.0.132
Bump cflinuxfs3 to version
0.198.0
Bump dotnet-core-offline-buildpack to version
2.3.12
Bump go-offline-buildpack to version
1.9.14
Bump java-offline-buildpack to version
4.31.1
Bump nginx-offline-buildpack to version
1.1.11
Bump nodejs-offline-buildpack to version
1.7.24
Bump php-offline-buildpack to version
4.4.18
Bump python-offline-buildpack to version
1.7.16
Bump r-offline-buildpack to version
1.1.7
Bump routing to version
0.203.0
Bump ruby-offline-buildpack to version
1.8.21
Bump staticfile-offline-buildpack to version
1.5.9
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.76 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.9 |
cf-autoscaling | 232 |
cf-cli | 1.27.0 |
cf-networking | 2.30.0 |
cf-smoke-tests | 40.0.132 |
cflinuxfs3 | 0.198.0 |
credhub | 2.5.12 |
diego | 2.47.0 |
dotnet-core-offline-buildpack | 2.3.12 |
garden-runc | 1.19.10 |
go-offline-buildpack | 1.9.14 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.31.1 |
log-cache | 2.6.15 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.8 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.9 |
nginx-offline-buildpack | 1.1.11 |
nodejs-offline-buildpack | 1.7.24 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.18 |
push-apps-manager-release | 671.0.15 |
push-usage-service-release | 671.0.14 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.16 |
r-offline-buildpack | 1.1.7 |
routing | 0.203.0 |
ruby-offline-buildpack | 1.8.21 |
silk | 2.30.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.9 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.18 |
2.8.13
Release Date: 07/09/2020
- [Breaking Change] If you use the NSX-T Container Plugin (NCP) tile v3.0.1 or earlier, do not upgrade to this patch.
The stemcell in this patch is not compatible with the NCP tile v3.0.1 and causes the
openvswitch
job to fail when you deploy. - [Security Fix] Stop logging credentials in Autoscaler app
- [Bug Fix] For sets of logs larger than 4MB, Apps Manager does not make requests to log cache with an invalid log limit
- [Bug Fix] Display correct guid for App subresources in v2 GET response
- [Bug Fix] Fix bug impacting hybrid grant flow with external oauth providers
- [Bug Fix] Restore access to Log Cache service logs
- Bump capi to version
1.87.9
- Bump cf-autoscaling to version
232
- Bump cf-smoke-tests to version
40.0.130
- Bump cflinuxfs3 to version
0.197.0
- Bump log-cache to version
2.6.15
- Bump push-apps-manager-release to version
671.0.15
- Bump uaa to version
74.5.18
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.76 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.9 |
cf-autoscaling | 232 |
cf-cli | 1.26.0 |
cf-networking | 2.30.0 |
cf-smoke-tests | 40.0.130 |
cflinuxfs3 | 0.197.0 |
credhub | 2.5.12 |
diego | 2.47.0 |
dotnet-core-offline-buildpack | 2.3.9 |
garden-runc | 1.19.10 |
go-offline-buildpack | 1.9.12 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.31 |
log-cache | 2.6.15 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.8 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.9 |
nginx-offline-buildpack | 1.1.8 |
nodejs-offline-buildpack | 1.7.18 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.13 |
push-apps-manager-release | 671.0.15 |
push-usage-service-release | 671.0.14 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.13 |
r-offline-buildpack | 1.1.4 |
routing | 0.201.0 |
ruby-offline-buildpack | 1.8.17 |
silk | 2.30.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.6 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.18 |
2.8.12
Release Date: 06/25/2020
- [Breaking Change] Incorrect HTTP(S) Proxy configuration breaks CredHub interpolation for apps. For more information, see Incorrect HTTP(S) Proxy Configuration Breaks CredHub Interpolation for Apps in PAS v2.8.12 and Later below.
- [Breaking Change] If you use the NSX-T Container Plugin (NCP) tile v3.0.1 or earlier, do not upgrade to this patch.
The stemcell in this patch is not compatible with the NCP tile v3.0.1 and causes the
openvswitch
job to fail when you deploy. - [Bug Fix] Add a new cache configuration to the NFS service allowing service instances to enable file attribute caching and achieve directory listing performance similar to the nfs-legacy service
- [Bug Fix] Purged and re-seeded AppUsageEvents now contain parent app guid/name
- [Bug Fix] Fix Autoscaler logging to respect the ‘Enable Verbose Logging’ checkbox
- [Bug Fix] Remove invalid characters (such as underscores) in hostnames in outgoing application syslog messages to comply with RFC 5424
- Bump ubuntu-xenial stemcell to version
621.76
- Bump capi to version
1.87.7
- Bump cflinuxfs3 to version
0.195.0
- Bump diego to version
2.47.0
- Bump java-offline-buildpack to version
4.31
- Bump loggregator-agent to version
5.2.10
- Bump nfs-volume to version
5.0.9
- Bump push-usage-service-release to version
671.0.14
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.76 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.7 |
cf-autoscaling | 230 |
cf-cli | 1.26.0 |
cf-networking | 2.30.0 |
cf-smoke-tests | 40.0.128 |
cflinuxfs3 | 0.195.0 |
credhub | 2.5.12 |
diego | 2.47.0 |
dotnet-core-offline-buildpack | 2.3.9 |
garden-runc | 1.19.10 |
go-offline-buildpack | 1.9.12 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.31 |
log-cache | 2.6.14 |
loggregator-agent | 5.2.10 |
loggregator | 106.2.8 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.9 |
nginx-offline-buildpack | 1.1.8 |
nodejs-offline-buildpack | 1.7.18 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.13 |
push-apps-manager-release | 671.0.14 |
push-usage-service-release | 671.0.14 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.13 |
r-offline-buildpack | 1.1.4 |
routing | 0.201.0 |
ruby-offline-buildpack | 1.8.17 |
silk | 2.30.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.6 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.17 |
2.8.11
Release Date: 06/15/2020
- The option to enable dynamic egress through the PAS UI is removed. To administer App Security Groups (ASGs) for your apps instead of dynamic egress policies, see App Security Groups.
- [Feature Improvement] Service instances can send metrics to logcache over syslog
- [Feature Improvement] Upgrade Bellsoft JDK to version 11.0.7+10
- [Bug Fix] Update App Metrics UAA client to support cloud_controller.admin scope
- [Bug Fix] Usage Service - Backfill missing service name fields in usage reports
- [Bug Fix] Fix issue preventing rolling deployments from working with Windows apps
- [Bug Fix] Gorouter - Drain timeout always uses configured value
- [Bug Fix] Silk - Continue container networking during cell drain
- [Bug Fix] Pass through arbitrary parameters when binding a service to a route in Apps Manager
- [Bug Fix] Prevent click into Apps Manager search bar from erroring out when data is not fully loaded
- [Bug Fix] Improve monitoring metrics for Usage Service
- Bump ubuntu-xenial stemcell to version
621.75
- Bump capi to version
1.87.6
- Bump cf-networking to version
2.30.0
- Bump cflinuxfs3 to version
0.193.0
- Bump push-apps-manager-release to version
671.0.14
- Bump push-usage-service-release to version
671.0.12
- Bump routing to version
0.201.0
- Bump silk to version
2.30.0
- Bump uaa to version
74.5.17
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.75 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.6 |
cf-autoscaling | 230 |
cf-cli | 1.26.0 |
cf-networking | 2.30.0 |
cf-smoke-tests | 40.0.128 |
cflinuxfs3 | 0.193.0 |
credhub | 2.5.12 |
diego | 2.44.0 |
dotnet-core-offline-buildpack | 2.3.9 |
garden-runc | 1.19.10 |
go-offline-buildpack | 1.9.12 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.29.1 |
log-cache | 2.6.14 |
loggregator-agent | 5.2.9 |
loggregator | 106.2.8 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.6 |
nginx-offline-buildpack | 1.1.8 |
nodejs-offline-buildpack | 1.7.18 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.13 |
push-apps-manager-release | 671.0.14 |
push-usage-service-release | 671.0.12 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.13 |
r-offline-buildpack | 1.1.4 |
routing | 0.201.0 |
ruby-offline-buildpack | 1.8.17 |
silk | 2.30.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.6 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.17 |
2.8.10
Release Date: 06/03/2020
- [Security Fix] Fix minor CVEs in Credhub server from dependent libraries
- [Feature] Allow egress traffic from apps to addresses on host via host_tcp_services
- [Feature Improvement] HTTP trace requests now respond with a generic error page
- [Bug Fix] Safeguard against unavailable stack traces in Spring and Steeltoe threaddump actuator endpoint in Apps Manager
- [Bug Fix] Update Reverse Log Proxies to fix shutdown issues in Loggregator
- [Bug Fix] Migrate
services/intermediate_tls_ca
to/services/tls_leaf
for Maestro - Bump cf-smoke-tests to version
40.0.128
- Bump cflinuxfs3 to version
0.189.0
- Bump credhub to version
2.5.12
- Bump go-offline-buildpack to version
1.9.12
- Bump loggregator to version
106.2.8
- Bump nfs-volume to version
5.0.6
- Bump nodejs-offline-buildpack to version
1.7.18
- Bump push-apps-manager-release to version
671.0.11
- Bump uaa to version
74.5.16
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.74 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.4 |
cf-autoscaling | 230 |
cf-cli | 1.26.0 |
cf-networking | 2.28.0 |
cf-smoke-tests | 40.0.128 |
cflinuxfs3 | 0.189.0 |
credhub | 2.5.12 |
diego | 2.44.0 |
dotnet-core-offline-buildpack | 2.3.9 |
garden-runc | 1.19.10 |
go-offline-buildpack | 1.9.12 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.29.1 |
log-cache | 2.6.14 |
loggregator-agent | 5.2.9 |
loggregator | 106.2.8 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.6 |
nginx-offline-buildpack | 1.1.8 |
nodejs-offline-buildpack | 1.7.18 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.13 |
push-apps-manager-release | 671.0.11 |
push-usage-service-release | 671.0.9 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.13 |
r-offline-buildpack | 1.1.4 |
routing | 0.199.0 |
ruby-offline-buildpack | 1.8.17 |
silk | 2.28.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.6 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.16 |
2.8.9
Release Date: 05/18/2020
- [Security Fix] Support various CVE impacted components
- [Bug Fix] Fix scheduling issue in
loggregator agent
by upgrading to Go 1.14.2 - [Bug Fix] Fix issue in App Autoscaler where rules that were based on the HTTP-throughput metric failed to fire. For information about the HTTP Throughput metric, see Default Metrics for Scaling Rules.
- [Bug Fix] Fix issue in App Autoscaler where the Scheduler API returned an error
when
executes_at
was set to a time that was in the past. - Bump ubuntu-xenial stemcell to version
621.74
- Bump cf-autoscaling to version
230
- Bump cflinuxfs3 to version
0.180.0
- Bump loggregator-agent to version
5.2.9
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.74 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.4 |
cf-autoscaling | 230 |
cf-cli | 1.26.0 |
cf-networking | 2.28.0 |
cf-smoke-tests | 40.0.127 |
cflinuxfs3 | 0.180.0 |
credhub | 2.5.11 |
diego | 2.44.0 |
dotnet-core-offline-buildpack | 2.3.9 |
garden-runc | 1.19.10 |
go-offline-buildpack | 1.9.11 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.29.1 |
log-cache | 2.6.14 |
loggregator-agent | 5.2.9 |
loggregator | 106.2.6 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.5 |
nginx-offline-buildpack | 1.1.8 |
nodejs-offline-buildpack | 1.7.17 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.13 |
push-apps-manager-release | 671.0.10 |
push-usage-service-release | 671.0.9 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.13 |
r-offline-buildpack | 1.1.4 |
routing | 0.199.0 |
ruby-offline-buildpack | 1.8.17 |
silk | 2.28.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.6 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.15 |
2.8.8
Release Date: 05/05/2020
- [Security Fix] Update debian packages and source libraries in nfs and mapfs releases
- [Feature Improvement] Improved access logging and bumped versions of Jackson and MariaDB
- [Feature Improvement] Autoscaler only skips certificate validation when no Database CA is provided
- [Bug Fix] Performance and stability improvements in Log Cache
- [Bug Fix] Cloud Controller only checks for bucket presence on startup instead of every call to blobstore
- [Bug Fix] Fix bug that caused Apps Manager to error out on clicking into the search bar
- [Bug Fix] Show full list of jobs for an app in Apps Manager
- Bump ubuntu-xenial stemcell to version
621.71
- Bump capi to version
1.87.4
- Bump cflinuxfs3 to version
0.177.0
- Bump dotnet-core-offline-buildpack to version
2.3.9
- Bump go-offline-buildpack to version
1.9.11
- Bump log-cache to version
2.6.14
- Bump mapfs to version
1.2.4
- Bump nfs-volume to version
5.0.5
- Bump nginx-offline-buildpack to version
1.1.8
- Bump nodejs-offline-buildpack to version
1.7.17
- Bump php-offline-buildpack to version
4.4.13
- Bump push-apps-manager-release to version
671.0.10
- Bump python-offline-buildpack to version
1.7.13
- Bump r-offline-buildpack to version
1.1.4
- Bump ruby-offline-buildpack to version
1.8.17
- Bump smb-volume to version
3.0.1
- Bump staticfile-offline-buildpack to version
1.5.6
- Bump uaa to version
74.5.15
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.71 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.4 |
cf-autoscaling | 226 |
cf-cli | 1.26.0 |
cf-networking | 2.28.0 |
cf-smoke-tests | 40.0.127 |
cflinuxfs3 | 0.177.0 |
credhub | 2.5.11 |
diego | 2.44.0 |
dotnet-core-offline-buildpack | 2.3.9 |
garden-runc | 1.19.10 |
go-offline-buildpack | 1.9.11 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.29.1 |
log-cache | 2.6.14 |
loggregator-agent | 5.2.8 |
loggregator | 106.2.6 |
mapfs | 1.2.4 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.5 |
nginx-offline-buildpack | 1.1.8 |
nodejs-offline-buildpack | 1.7.17 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.13 |
push-apps-manager-release | 671.0.10 |
push-usage-service-release | 671.0.9 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.13 |
r-offline-buildpack | 1.1.4 |
routing | 0.199.0 |
ruby-offline-buildpack | 1.8.17 |
silk | 2.28.0 |
smb-volume | 3.0.1 |
staticfile-offline-buildpack | 1.5.6 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.15 |
2.8.7
Release Date: 04/22/2020
- [Security Fix] Update netaddr library to prevent misconfigured file permissions in CAPI Release
- [Feature] HAProxy can now be configured with custom certificate authorities
- [Feature Improvement] Autoscaler uses TLS to communicate with its database
- [Bug Fix] Fix Certificates in CredHub KMS Provider Interface
- [Bug Fix] Fix
server_name
value to use Common Name as metrics_agent_metrics_tls - Bump ubuntu-xenial stemcell to version
621.64
- Bump capi to version
1.87.3
- Bump cf-cli to version
1.26.0
- Bump cflinuxfs3 to version
0.175.0
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.64 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.3 |
cf-autoscaling | 226 |
cf-cli | 1.26.0 |
cf-networking | 2.28.0 |
cf-smoke-tests | 40.0.127 |
cflinuxfs3 | 0.175.0 |
credhub | 2.5.11 |
diego | 2.44.0 |
dotnet-core-offline-buildpack | 2.3.7 |
garden-runc | 1.19.10 |
go-offline-buildpack | 1.9.8 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.29.1 |
log-cache | 2.6.12 |
loggregator-agent | 5.2.8 |
loggregator | 106.2.6 |
mapfs | 1.2.0 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.2 |
nginx-offline-buildpack | 1.1.6 |
nodejs-offline-buildpack | 1.7.15 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.9 |
push-apps-manager-release | 671.0.9 |
push-usage-service-release | 671.0.9 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.10 |
r-offline-buildpack | 1.1.2 |
routing | 0.199.0 |
ruby-offline-buildpack | 1.8.14 |
silk | 2.28.0 |
smb-volume | 2.1.1 |
staticfile-offline-buildpack | 1.5.5 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.13 |
2.8.6
Release Date: 04/07/2020
- [Feature] Allow Zero Instances of MySQL Monitor
- [Feature Improvement] Apps Manager Revisions tab only shows the Redeploy button for revisions that can be redeployed
- [Bug Fix] Fix DNS Loggregator Trafficcontroller DNS issue
- [Bug Fix] Bump Tomcat in UAA to fix SAML login issues
- [Bug Fix] garden-runc - bump to latest release in supported versions
- [Bug Fix] Apps now show a status of down instead of crashed
- [Bug Fix] You can now view logs larger than 4 MB in Apps Manager
- [Bug Fix] Honor option to hide service plan prices in Apps Manager services tables
- [Bug Fix] Expose buildpack versions in the Settings tab for the app in Apps Manager
- [Bug Fix] Apps Manager accepts numerical status, such as 500,
from the Spring and Steeltoe
health
actuator endpoints - [Bug Fix] Fix error when viewing the Settings tab for an app in Apps Manager while a Spring or Steeltoe app is restarting
- [Bug Fix] Gorouter correctly handles control characters in URLs
- [Bug Fix] Ensure usage service correctly considers usage events when installed after PAS
- [Bug Fix] Fix a memory leak and go-routine leak related to having multiple aggregate drains in Loggregator
- [Bug Fix] App developers now receive a 401 when using an expired access token with policy server
- [Bug Fix] Autoscaler smoke test works when router rejects requests on port 80
- [Security fix] Bump backup and restore SDK
- Bump ubuntu-xenial stemcell to version
621.61
- Bump backup-and-restore-sdk to version
1.17.4
- Bump cf-autoscaling to version
226
- Bump cf-networking to version
2.28.0
- Bump cflinuxfs3 to version
0.174.0
- Bump dotnet-core-offline-buildpack to version
2.3.7
- Bump garden-runc to version
1.19.10
- Bump go-offline-buildpack to version
1.9.8
- Bump java-offline-buildpack to version
4.29.1
- Bump loggregator-agent to version
5.2.8
- Bump loggregator to version
106.2.6
- Bump nginx-offline-buildpack to version
1.1.6
- Bump nodejs-offline-buildpack to version
1.7.15
- Bump php-offline-buildpack to version
4.4.9
- Bump push-apps-manager-release to version
671.0.9
- Bump push-usage-service-release to version
671.0.9
- Bump python-offline-buildpack to version
1.7.10
- Bump r-offline-buildpack to version
1.1.2
- Bump routing to version
0.199.0
- Bump ruby-offline-buildpack to version
1.8.14
- Bump silk to version
2.28.0
- Bump staticfile-offline-buildpack to version
1.5.5
- Bump uaa to version
74.5.13
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.61 |
backup-and-restore-sdk | 1.17.4 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.2 |
cf-autoscaling | 226 |
cf-cli | 1.25.0 |
cf-networking | 2.28.0 |
cf-smoke-tests | 40.0.127 |
cflinuxfs3 | 0.174.0 |
credhub | 2.5.11 |
diego | 2.44.0 |
dotnet-core-offline-buildpack | 2.3.7 |
garden-runc | 1.19.10 |
go-offline-buildpack | 1.9.8 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.29.1 |
log-cache | 2.6.12 |
loggregator-agent | 5.2.8 |
loggregator | 106.2.6 |
mapfs | 1.2.0 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.2 |
nginx-offline-buildpack | 1.1.6 |
nodejs-offline-buildpack | 1.7.15 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.9 |
push-apps-manager-release | 671.0.9 |
push-usage-service-release | 671.0.9 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.10 |
r-offline-buildpack | 1.1.2 |
routing | 0.199.0 |
ruby-offline-buildpack | 1.8.14 |
silk | 2.28.0 |
smb-volume | 2.1.1 |
staticfile-offline-buildpack | 1.5.5 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.13 |
2.8.5
Note: This release includes breaking changes, security fixes, new features, feature improvements, and bug fixes from PAS v2.8.4 and v2.8.5. For the list of changes included in PAS v2.8.4, see 2.8.4 below.
Release Date: 03/13/2020
- [Security Fix] Improve autoscaler HTTP throughput calculation performance and omit DATABASE_URL from logs
- [Bug Fix] Fix bug that prevented usage report in Apps Manager from displaying when only partial data is available
- [Bug Fix] Wrap long resource names in Apps Manager’s usage report and invite members flow
- [Bug Fix] Fix DNS Interaction between Loggregator Agent and Doppler
- Bump ubuntu-xenial stemcell to version
621.59
- Bump cf-autoscaling to version
223
- Bump cf-cli to version
1.25.0
- Bump cflinuxfs3 to version
0.169.0
- Bump dotnet-core-offline-buildpack to version
2.3.6
- Bump go-offline-buildpack to version
1.9.7
- Bump loggregator-agent to version
5.2.7
- Bump loggregator to version
106.2.4
- Bump nginx-offline-buildpack to version
1.1.5
- Bump nodejs-offline-buildpack to version
1.7.13
- Bump php-offline-buildpack to version
4.4.8
- Bump push-apps-manager-release to version
671.0.8
- Bump python-offline-buildpack to version
1.7.8
- Bump ruby-offline-buildpack to version
1.8.12
- Bump staticfile-offline-buildpack to version
1.5.4
- Bump uaa to version
74.5.10
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.59 |
backup-and-restore-sdk | 1.17.2 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.2 |
cf-autoscaling | 223 |
cf-cli | 1.25.0 |
cf-networking | 2.27.0 |
cf-smoke-tests | 40.0.127 |
cflinuxfs3 | 0.169.0 |
credhub | 2.5.11 |
diego | 2.44.0 |
dotnet-core-offline-buildpack | 2.3.6 |
garden-runc | 1.19.9 |
go-offline-buildpack | 1.9.7 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.26 |
log-cache | 2.6.12 |
loggregator-agent | 5.2.7 |
loggregator | 106.2.4 |
mapfs | 1.2.0 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.2 |
nginx-offline-buildpack | 1.1.5 |
nodejs-offline-buildpack | 1.7.13 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.8 |
push-apps-manager-release | 671.0.8 |
push-usage-service-release | 671.0.8 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.8 |
r-offline-buildpack | 1.1.1 |
routing | 0.198.0 |
ruby-offline-buildpack | 1.8.12 |
silk | 2.27.0 |
smb-volume | 2.1.1 |
staticfile-offline-buildpack | 1.5.4 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.10 |
2.8.4 - Do Not Use
Warning: Pivotal advises that you do not upgrade to PAS v2.8.4. Pivotal is investigating issues reported with the stability of PAS v2.8.4. If you have already upgraded to PAS v2.8.4 and are experiencing instability in your PAS deployment, such as cf push
failure, contact Support.
Note: PAS v2.8.5 includes the breaking changes, security fixes, new features, feature improvements, and bug fixes listed below. For more changes included in PAS v2.8.5, see 2.8.5 above.
Release Date: 03/02/2020
- [Breaking Change] Autoscaler controls do not appear for apps in Apps Manager. For the workaround, see the known issue Autoscaler Controls Do Not Appear in Apps Manager for Proxied Setups.
- [Breaking Change] PCF Metrics link disappears from Apps Manager. For the workaround, see the known issue PCF Metrics Link Disappears in Apps Manager for Proxied Setups.
- [Security Fix] Stop logging private data in background jobs
- [Security Fix] Fix vulnerabilities CVE-2019-2426, CVE-2019-2449, CVE-2019-2422 in Credhub
- [Security Fix] Fix Vulnerability CVE-2020-5402 in UAA
- [Feature] Support Maestro’s rotation capability by adding Services TLS CA to all App containers
- [Feature Improvement] Add circuit breaker to Logcache so users can push apps even if metrics are unavailable
- [Feature Improvement] Bring bug fixes and improvements in latest routing releases to all supported PAS versions
- [Feature Improvement] The latest routing release adds the
gorouter_time
field, which logs the total time it takes for a request to travel through Gorouter. Because this changes the access log format, you might need to update your external monitoring configuration. For more information, see About Access Logs. - [Feature Improvement] Allow users to specify a list of URIs for other foundations that Apps Manager manages
- [Feature Improvement] Introduce read-only capabilities in Apps Manager for users with
cloud_controller.global_auditor
andcloud_controller.admin_read_only
scopes - [Feature Improvement] Safeguard deletion of spaces in Apps Manager
- [Feature Improvement] Improve the service instance creation flow in Apps Manager to better represent plan costs and features
- [Feature Improvement] Improve performance of app logs loaded in Apps Manager
- [Bug Fix] Fix display of Pivotal logo in footer of Apps Manager for Internet Explorer users
- [Bug Fix] Allow users with
usage_service.audit
scope to view Usage Report in Apps Manager - [Bug Fix] Increase responsiveness of Apps Manager sidebar services count
- [Bug Fix] Remove unnecessary suggestion to restage apps when binding the App Autoscaler to apps in Apps Manager
- [Bug Fix] Surface errors from Spring and Steeltoe trace actuator endpoint in Apps Manager
- [Bug Fix] Account for asynchronous Spring and Steeltoe health actuator endpoint responses in Apps Manager
- [Bug Fix] Fix bug that prevented users from navigating beyond first page of app revisions in Apps Manager
- [Bug Fix] Fix issue that caused Apps Manager to show a
404
after renaming an org - [Bug Fix] Show full space and organization names, regardless of length, in Apps Manager
- [Bug Fix] Use more informative description “Last Update” instead of “Last Push” in Apps Manager
- [Bug Fix] Log only necessary information when auction scoring fails
- [Bug Fix] Fix Race Condition in Loggregator Agent
- [Bug Fix] Cloud Controller no longer tries to connect to Copilot when it is not deployed
- Bump ubuntu-xenial stemcell to version
621.57
- Bump capi to version
1.87.2
- Bump cf-smoke-tests to version
40.0.127
- Bump cflinuxfs3 to version
0.164.0
- Bump credhub to version
2.5.11
- Bump diego to version
2.44.0
- Bump log-cache to version
2.6.12
- Bump loggregator-agent to version
5.2.6
- Bump push-apps-manager-release to version
671.0.6
- Bump routing to version
0.198.0
- Bump uaa to version
74.5.9
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.57 |
backup-and-restore-sdk | 1.17.2 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.2 |
cf-autoscaling | 222 |
cf-cli | 1.24.0 |
cf-networking | 2.27.0 |
cf-smoke-tests | 40.0.127 |
cflinuxfs3 | 0.164.0 |
credhub | 2.5.11 |
diego | 2.44.0 |
dotnet-core-offline-buildpack | 2.3.4 |
garden-runc | 1.19.9 |
go-offline-buildpack | 1.9.5 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.26 |
log-cache | 2.6.12 |
loggregator-agent | 5.2.6 |
loggregator | 106.2.0 |
mapfs | 1.2.0 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.2 |
nginx-offline-buildpack | 1.1.4 |
nodejs-offline-buildpack | 1.7.9 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.6 |
push-apps-manager-release | 671.0.6 |
push-usage-service-release | 671.0.8 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.6 |
r-offline-buildpack | 1.1.1 |
routing | 0.198.0 |
ruby-offline-buildpack | 1.8.8 |
silk | 2.27.0 |
smb-volume | 2.1.1 |
staticfile-offline-buildpack | 1.5.3 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.9 |
2.8.3
Release Date: 02/06/2020
- [Security Fix] CVE-2020-5399 - Use TLS for MySQL database connections in Credhub
- [Feature Improvement] Replace Metric Forwarder integration with Metric Registrar integration in Apps Manager
- [Feature Improvement] The HSM Client Private Key for CredHub can be encrypted.
- [Feature Improvement] Use the Diego logging format for the Garden job
- [Bug Fix] Show spring mappings in Apps Manager for apps using Spring Boot 2.2.x
- [Bug Fix] Add empty state message to Marketplace for orgs without spaces in Apps Manager
- [Bug Fix] Add support for non-ASCII characters in app logs shown in Apps Manager
- [Bug Fix] The Apps Manager bound services list correctly shows the number of bound apps when a table is paginated
- [Bug Fix] Show full app name, regardless of length, in Apps Manager
- [Bug Fix] Allow users with
cloud_controller.global_auditor
scope to view Cloud Controller resources in Apps Manager - [Bug Fix] Allow users with
cloud_controller.admin_read_only
scope to view Cloud Controller resources in Apps Manager, including secrets - [Bug Fix] When you click the Restage App option, Apps Manager renders the restage app modal.
- [Bug Fix] For apps using Spring Boot 2.2.x, show Spring Health information in Apps Manager
- [Bug Fix] Wait for necessary information to load in Apps Manager before rendering link to recently accessed apps
- [Bug Fix] Disable hostname validation for external DBs in routing-api, silk-controller, and policy-server
- [Bug Fix] HAProxy returns with HTTP/1.1 proto for 504s
- Bump ubuntu-xenial stemcell to version
621.51
- Bump cflinuxfs3 to version
0.160.0
- Bump credhub to version
2.5.10
- Bump dotnet-core-offline-buildpack to version
2.3.4
- Bump go-offline-buildpack to version
1.9.5
- Bump nginx-offline-buildpack to version
1.1.4
- Bump nodejs-offline-buildpack to version
1.7.9
- Bump php-offline-buildpack to version
4.4.6
- Bump push-apps-manager-release to version
671.0.3
- Bump python-offline-buildpack to version
1.7.6
- Bump ruby-offline-buildpack to version
1.8.8
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.51 |
backup-and-restore-sdk | 1.17.2 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.0 |
cf-autoscaling | 222 |
cf-cli | 1.24.0 |
cf-networking | 2.27.0 |
cf-smoke-tests | 40.0.125 |
cflinuxfs3 | 0.160.0 |
credhub | 2.5.10 |
diego | 2.39.0 |
dotnet-core-offline-buildpack | 2.3.4 |
garden-runc | 1.19.9 |
go-offline-buildpack | 1.9.5 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.26 |
log-cache | 2.6.1 |
loggregator-agent | 5.2.1 |
loggregator | 106.2.0 |
mapfs | 1.2.0 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.2 |
nginx-offline-buildpack | 1.1.4 |
nodejs-offline-buildpack | 1.7.9 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.6 |
push-apps-manager-release | 671.0.3 |
push-usage-service-release | 671.0.8 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.6 |
r-offline-buildpack | 1.1.1 |
routing | 0.196.0 |
ruby-offline-buildpack | 1.8.8 |
silk | 2.27.0 |
smb-volume | 2.1.1 |
staticfile-offline-buildpack | 1.5.3 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.5 |
2.8.2
Release Date: 01/16/2020
- [Security Fix] Several security issues were fixed in MySQL USN-4070-1, USN-4195-1
- [Feature] Expose PAS database metrics in the Healthwatch Indicator Protocol dashboard
- [Bug Fix] mapfs - Fix error when appending to a file
- Bump ubuntu-xenial stemcell to version
621.41
- Bump binary-offline-buildpack to version
1.0.36
- Bump cf-cli to version
1.24.0
- Bump cf-smoke-tests to version
40.0.125
- Bump cflinuxfs3 to version
0.153.0
- Bump dotnet-core-offline-buildpack to version
2.3.3
- Bump go-offline-buildpack to version
1.9.4
- Bump nginx-offline-buildpack to version
1.1.3
- Bump nodejs-offline-buildpack to version
1.7.8
- Bump php-offline-buildpack to version
4.4.5
- Bump pxc to version
0.22.0
- Bump python-offline-buildpack to version
1.7.5
- Bump r-offline-buildpack to version
1.1.1
- Bump ruby-offline-buildpack to version
1.8.6
- Bump staticfile-offline-buildpack to version
1.5.3
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.41 |
backup-and-restore-sdk | 1.17.2 |
binary-offline-buildpack | 1.0.36 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.0 |
cf-autoscaling | 222 |
cf-cli | 1.24.0 |
cf-networking | 2.27.0 |
cf-smoke-tests | 40.0.125 |
cflinuxfs3 | 0.153.0 |
credhub | 2.5.6 |
diego | 2.39.0 |
dotnet-core-offline-buildpack | 2.3.3 |
garden-runc | 1.19.9 |
go-offline-buildpack | 1.9.4 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.26 |
log-cache | 2.6.1 |
loggregator-agent | 5.2.1 |
loggregator | 106.2.0 |
mapfs | 1.2.0 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.2 |
nginx-offline-buildpack | 1.1.3 |
nodejs-offline-buildpack | 1.7.8 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.5 |
push-apps-manager-release | 671.0.2 |
push-usage-service-release | 671.0.8 |
pxc | 0.22.0 |
python-offline-buildpack | 1.7.5 |
r-offline-buildpack | 1.1.1 |
routing | 0.196.0 |
ruby-offline-buildpack | 1.8.6 |
silk | 2.27.0 |
smb-volume | 2.1.1 |
staticfile-offline-buildpack | 1.5.3 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.5 |
2.8.1
Release Date: 12/26/2019
- [Security Fix] App Usage Service - Bump Nokogiri to 1.10.5 to fix CVE-2019-13117
- [Security Fix] CVE-2019-17596 - Fix panic upon an attempt to process network traffic containing an invalid DSA public key for syslog release
- [Security Fix] CVE-2019-17596 - Fix panic upon an attempt to process network traffic containing an invalid DSA public key for garden-runc release
- [Security Fix] CVE-2019-17596 - Fix panic upon an attempt to process network traffic containing an invalid DSA public key for loggregator releases
- [Feature] Expose all platform metrics on Prometheus endpoints
- [Feature Improvement] Upgrade nats release to use go 1.13 release
- [Feature Improvement] Notifications service will skip hostname validation for external databases
- [Feature Improvement] Clarify wording of Marketplace URL help text in Apps Manager configuration
- [Feature Improvement] Add doppler.firehose and usage_service.audit to Apps Manager client
- [Feature Improvement] Always enable ssh-proxy TLS to backend instances to ensure widest compatibility mode with PASW and IST
- [Feature Improvement] When users have correct permissions, show bound and bindable services shared from other spaces as bindable for an app in Apps Manager
- [Feature Improvement] When users have correct permissions, show bound and bindable apps from spaces a service instance has been shared to in Apps Manager
- [Bug Fix] Fix bug that prevented users from downloading the Accounting and Usage Service reports through Apps Manager when fields are undefined or null
- [Bug Fix] Prevent new requests from being made when clicking on the currently active tab in Apps Manager
- [Bug Fix] Fix bug that prevented additional resources from populating after user permissions load in Apps Manager
- [Bug Fix] Fix bug preventing multiple service instances without binding names from being bound to apps in Apps Manager
- [Bug Fix] Exclude user provided service instances from org level service instance hours on Usage Report in Apps Manager
- [Bug Fix] Account for malformed git properties in Spring and Steeltoe apps to keep Apps Manager from crashing on render
- [Bug Fix] Fix bug where 'Invalid Date’ was shown in Apps Manager trace tab when using Spring v2.0
- [Bug Fix] Prevent Apps Manager’s revisions tab from crashing out when a deployment is in progress
- [Bug Fix] Move tooltip in the Apps Manager bind services flyout to make text fully visible
- [Bug Fix] Prevent attempts to build a droplet when starting an app through Apps Manager if there is no associated package
- [Bug Fix] Passwords containing commas no longer cause the SMB volume service to crash at startup with a “mount failed” error
- [Bug Fix] All CAPI jobs respect “Maximum disk quota per app”
- Bump ubuntu-xenial stemcell to version
621.29
- Bump cf-smoke-tests to version
40.0.124
- Bump cflinuxfs3 to version
0.151.0
- Bump garden-runc to version
1.19.9
- Bump log-cache to version
2.6.1
- Bump loggregator-agent to version
5.2.1
- Add new release metrics-discovery at version
2.0.2
- Bump nats to version
28
- Bump push-apps-manager-release to version
671.0.2
- Bump push-usage-service-release to version
671.0.8
- Bump pxc to version
0.21.0
- Bump smb-volume to version
2.1.1
- Bump statsd-injector to version
1.11.8
- Bump syslog to version
11.6.1
- Bump system-metrics-scraper to version
2.0.3
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.29 |
backup-and-restore-sdk | 1.17.2 |
binary-offline-buildpack | 1.0.35 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.0 |
cf-autoscaling | 222 |
cf-cli | 1.23.0 |
cf-networking | 2.27.0 |
cf-smoke-tests | 40.0.124 |
cflinuxfs3 | 0.151.0 |
credhub | 2.5.6 |
diego | 2.39.0 |
dotnet-core-offline-buildpack | 2.3.2 |
garden-runc | 1.19.9 |
go-offline-buildpack | 1.9.3 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.26 |
log-cache | 2.6.1 |
loggregator-agent | 5.2.1 |
loggregator | 106.2.0 |
mapfs | 1.2.1 |
metric-registrar | 1.1.1 |
metrics-discovery | 2.0.2 |
mysql-monitoring | 9.7.0 |
nats | 28 |
nfs-volume | 5.0.2 |
nginx-offline-buildpack | 1.1.1 |
nodejs-offline-buildpack | 1.7.4 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.2 |
push-apps-manager-release | 671.0.2 |
push-usage-service-release | 671.0.8 |
pxc | 0.21.0 |
python-offline-buildpack | 1.7.2 |
r-offline-buildpack | 1.1.0 |
routing | 0.196.0 |
ruby-offline-buildpack | 1.8.2 |
silk | 2.27.0 |
smb-volume | 2.1.1 |
staticfile-offline-buildpack | 1.5.1 |
statsd-injector | 1.11.8 |
syslog | 11.6.1 |
system-metrics-scraper | 2.0.3 |
uaa | 74.5.5 |
2.8.0
Component | Version |
---|---|
ubuntu-xenial stemcell | 621.26 |
backup-and-restore-sdk | 1.17.2 |
binary-offline-buildpack | 1.0.35 |
bosh-dns-aliases | 0.0.3 |
bosh-system-metrics-forwarder | 0.0.18 |
bpm | 1.1.5 |
capi | 1.87.0 |
cf-autoscaling | 222 |
cf-cli | 1.23.0 |
cf-networking | 2.27.0 |
cf-smoke-tests | 40.0.123 |
cflinuxfs3 | 0.150.0 |
credhub | 2.5.6 |
diego | 2.39.0 |
dotnet-core-offline-buildpack | 2.3.2 |
garden-runc | 1.19.8 |
go-offline-buildpack | 1.9.3 |
haproxy | 9.8.0 |
istio | 1.3.0 |
java-offline-buildpack | 4.26 |
log-cache | 2.6.0 |
loggregator-agent | 5.1.0 |
loggregator | 106.2.0 |
mapfs | 1.2.1 |
metric-registrar | 1.1.1 |
mysql-monitoring | 9.7.0 |
nats | 27 |
nfs-volume | 5.0.2 |
nginx-offline-buildpack | 1.1.1 |
nodejs-offline-buildpack | 1.7.4 |
notifications-ui | 36 |
notifications | 61 |
php-offline-buildpack | 4.4.2 |
push-apps-manager-release | 671.0.1 |
push-usage-service-release | 671.0.7 |
pxc | 0.20.0 |
python-offline-buildpack | 1.7.2 |
r-offline-buildpack | 1.1.0 |
routing | 0.196.0 |
ruby-offline-buildpack | 1.8.2 |
silk | 2.27.0 |
smb-volume | 2.1.0 |
staticfile-offline-buildpack | 1.5.1 |
statsd-injector | 1.11.1 |
syslog | 11.5.0 |
system-metrics-scraper | 2.0.1 |
uaa | 74.5.5 |
How to Upgrade
To upgrade to PAS v2.8, see Upgrading Pivotal Platform.
When upgrading to PAS v2.8, be aware of the following upgrade considerations:
If you previously used an earlier version of PAS, you must first upgrade to PAS v2.7 to successfully upgrade to PAS v2.8.
Some partner service tiles may be incompatible with Pivotal Platform v2.8. Pivotal is working with partners to ensure their tiles are updated to work with the latest versions of Pivotal Platform.
For information about which partner service releases are currently compatible with Pivotal Platform v2.8, review the appropriate partners services release documentation at https://docs.pivotal.io, or contact the partner organization that produces the tile.If using NSX-T, ensure that any firewall rules configured to restrict traffic between the
diego_brain
and app containers for App SSH are updated from port2222
to61002
.
New Features in PAS v2.8
PAS v2.8 includes the following major features:
Diego Sets Container CPU Weight Property Equal to Container Memory Limit
Diego sets the CPU weight property on the containers it creates to a number equivalent to the container memory limit. This allows Garden to calculate the AbsoluteCPUEntitlement
metric, which is the CPU entitlement for the container. With AbsoluteCPUEntitlement
, Garden can produce accurate CPU usage metrics that are relative to AbsoluteCPUEntitlement
.
For more information about the AbsoluteCPUEntitlement
metric, see Diego Container Metrics in Container Metrics. For information about the Cloud Foundry CPU Entitlement Plugin, an experimental plugin that allows you to examine the CPU usage of PAS apps relative to their CPU entitlement, see the Cloud Foundry CPU Entitlement Plugin repository on GitHub.
Spring Cloud Services Configuration in Apps Manager
For Spring Cloud Services (SCS) instances, Apps Manager shows the current status of the SCS Config Server and lets you trigger the Config Server to update app configurations.
For more information, see View and Update Spring Cloud Services Configurations in Managing Apps and Service Instances Using Apps Manager.
View the Active Droplet for an App in Apps Manager
On the Apps Manager Revisions page for an app, you can view which revision version contains the active droplet for the app. The active droplet has a GUID that is equivalent to the current droplet GUID of the app.
The text Deployed (Active)
appears in the Status column of the table to indicate that the revision version is active.
For more information about using the Apps Manager UI, see Using Apps Manager.
cf CLI Supports Sidecar Processes
The Cloud Foundry Command-Line Interface (cf CLI) adds support for sidecar processes. You can add a sidecar process to an app process using an app manifest. The cf CLI displays the sidecar process alongside the app process to which it is attached.
For more information about deploying sidecar processes with apps, see Pushing Apps with Sidecar Processes (Beta).
Deploy Sidecar Processes with a Custom Buildpack
As an alternative to using an app manifest, you can deploy a sidecar process for an app with a custom buildpack.
Note: PAS v2.8 does not support using custom buildpacks to push sidecars for Java apps. You can only push sidecars for Java apps by using an app manifest.
For more information, see Sidecar Buildpacks.
Configure Retention Period for Usage Service Data
Usage Service deletes granular data after 365 days by default. You can configure the retention period for granular data in the Advanced Features pane of the PAS tile.
This feature reduces the amount of data in the Usage Service database, which helps prevent data migration issues on very large foundations.
For more information, see Usage Data Retention in Reporting App, Task, and Service Instance Usage.
SMB Volume Services Enabled by Default
SMB volume services are enabled by default. When SMB volume services are enabled, app developers can bind existing SMB shares to apps for shared file access.
To disable SMB volume services in the PAS tile, select App Containers and clear the Enable SMB volume services checkbox, and then select Errands and set the SMB Broker Errand to Off.
For more information, see Enable SMB Volume Services in Enabling Volume Services.
For general information about volume services, see Using an External File System (Volume Services).
NFS Broker Uses CredHub as Backing Store
NFS Broker uses CredHub as its backing store, rather than an internal PAS database. Because BOSH Backup and Restore (BBR) no longer backs up NFS Broker, the nfsbroker-bbr
job is removed.
For more information about CredHub, see CredHub.
Enable URL Encoding For UAA Client Credentials
You can disable an optional Client basic auth compatibility mode checkbox in the UAA pane of the PAS tile to require URL encoding for UAA client credentials.
URL encoding is defined by RFC 6749. For more information, see the 2.3.1. Client Password section of RFC 6749.
By default, the Client basic auth compatibility mode checkbox is enabled. When the checkbox is enabled, UAA does not require URL encoding for client IDs and secrets. This represents the default behavior of UAA prior to v74.0.0. For more information, see v74.0.0 in GitHub.
For more information about configuring the Client basic auth compatibility mode checkbox, see Configure UAA in Configuring PAS.
Warning: If you disable the Client basic auth compatibility mode checkbox, URL encoding is required for all UAA client apps in your deployment. To avoid breaking changes, ensure that all client apps support URL encoding before you disable the checkbox.
Support for Pushing Container Images Hosted in AWS ECR
When you push container images hosted in AWS Elastic Container Registry (ECR) with the Cloud Foundry CLI (cf CLI), you can provide the access key ID and secret for an AWS IAM user as a Docker username and password as part of the cf push
command. Apps are able to then continuously restart and restage successfully.
This update allows the cf CLI to successfully pull container images hosted in ECR with valid AWS Identity and Access Management (IAM) user credentials.
For more information, see Amazon Elastic Container Registry (ECR) in Deploying an App with Docker.
Mutual TLS Added to Loggregator Endpoints and Components
Mutual TLS is added to the Loggregator, Loggregator Agent, and Log Cache endpoints. It is also added to the Leadership Election job. This provides additional security between these endpoints and metric scrapers.
For more information about Loggregator components, see Loggregator Architecture. For more information about the Leadership Election job and metric scraping, see the System Metrics repository on GitHub.
V2 Firehose Can Be Disabled
You can disable the Loggregator V2 Firehose by deselecting the Enable V2 Firehose checkbox in the System Logging pane of the PAS tile. This shuts down VMs used for the V2 Firehose, such as Dopplers and Reverse Log Proxies. After you disable the V2 Firehose, you can delete these VMs from your deployment to save resources.
- Service tile metrics
- Pivotal Healthwatch or Pivotal App Metrics
- Partner log or metric integrations
Warning: If you disable the V1 or V2 Firehose, you must disable the Smoke Test Errand or the deploy fails. For more information, see Disable the Smoke Test Errand If You Disable the Firehose.
To forward logs and metrics to a syslog endpoint after you disable the Firehose, configure an aggregate log and metric drain for your foundation. For more information about disabling the V2 Firehose and enabling aggregate drains, see Configure System Logging in Configuring PAS.
For more information about the Loggregator Firehose, see Loggregator Architecture.
Aggregate Drain for Metrics and App Logs
You can configure an aggregate log and metric drain for your foundation to allow Syslog Agents to forward all app metrics, app logs, and PAS component VM metrics to one or more syslog endpoints.
This allows you to forward logs and metrics for all apps in your foundation without configuring syslog drains for each app individually.
You can also use an aggregate log and metric drain instead of the Loggregator Firehose. This allows you to disable the Firehose and delete related VMs, such as Dopplers and Reverse Log Proxies. For more information about disabling the Firehose, see V2 Firehose Can Be Disabled.
To enable an aggregate log and metric drain for your foundation, add a comma-separated list of syslog endpoints to the Aggregate log and metric drain destinations field in the System Logging pane of the PAS tile. For more information, see Configure System Logging in Configuring PAS.
PAS Must Use At Least One CredHub VM
In PAS v2.8, you must use at least one CredHub VM. The default number of CredHub instances is increased from 0
to 2
. You can configure the number of CredHub VMs PAS uses in the Resource Config pane of the PAS tile.
For high availability, Pivotal recommends that you use at least one CredHub instance per availability zone (AZ). Or, if you have only one AZ, use at least three CredHub instances.
Warning: If you use an external GCP or Azure database for PAS and previously set CredHub instances to 0 in PAS v2.7, you must also disable hostname verification before you upgrade to PAS v2.8. For more information, see Disable Hostname Verification for External CredHub Databases on GCP and Azure in Upgrade Preparation Checklist for Pivotal Platform v2.8.
For more information about CredHub, see CredHub. For more information about configuring VMs, see Configure Resources in Configuring PAS.
Customizable Marketplace URL and Secondary Navigation Links in Apps Manager
In the Custom Branding pane of PAS v2.8, you can customize the Marketplace URL and secondary navigation links that appear in your Apps Manager deployment.
For more information, see Configure Custom Branding and Apps Manager in Configuring PAS.
Agent-Based Syslog Egress Cannot Be Disabled
Agent-based syslog egress is enabled in PAS v2.8.0 and cannot be disabled. Syslog Agents forward logs to Loggregator and syslog drains that you configure. This feature removes the need for VMs dedicated to syslog drains.
For more information, see Agent-Based Syslog Egress Is Enabled by Default in the PAS v2.7 release notes.
Additional Metadata Tags for Metrics and App Logs
In PAS v2.8, six new metadata tags appear in app logs and metrics. The following metadata tags have been added to outgoing syslogs in v2.8:
app_id
app_name
organization_id
organization_name
space_id
space_name
The tags correspond to the internal name and ID of the app and its org and space.
The new metadata tags appear in app logs in the following format:
956 <14>1 2020-03-31T12:11:02.529497+00:00 My-org.My-space.my-app-blue ec3cd4e4-baf9-456d-965a-96bcb2c61a47 [APP/PROC/WEB/0] - [tags@47450 app_id="ec3cd4e4-baf9-456d-965a-96bcb2c61a47" app_name="my-app-blue" deployment="cf-78e7a9442158adb53366" index="c57b95c6-d79f-4cfb-b7f3-08a770946b7a" instance_id="0" ip="10.214.110.84" job="diego_cell" organization_id="c23f6fb2-beeb-4d2f-8c1d-693be5bd502c" organization_name="My-org" origin="rep" process_id="ec3cd4e4-baf9-456d-965a-96bcb2c61a47" process_instance_id="1cf3854e-29d8-4825-7685-11ec" process_type="web" product="Pivotal Application Service" source_id="ec3cd4e4-baf9-456d-965a-96bcb2c61a47" source_type="APP/PROC/WEB" space_id="93e9f375-1567-4ea4-b2a1-ef6fd7e0125b" space_name="My-space" system_domain="example.mydomain.io"] 2020-03-31 07:11:02.529 INFO [my-app,B2347215-T21118008-COWF/35558169/38311791] --- [http-nio-8080-exec-5] c.c.b.t.p.s.p.b.BatchPostProcessor : Report file created in 47 ms
For information about the log format, see Metadata Tags for Metrics and App Logs in Pivotal Platform v2.7 Breaking Changes.
For information about a known issue related to the metadata tags, see Metadata Tags Not Updated if App, Org, or Space Name Changed.
Rolling App Deployments Is GA
Rolling app deployments was released as a beta feature in PAS v2.4. This feature allows you to push updates to apps without incurring downtime.
This feature is enabled by default. You can optionally disable it in the Advanced Features pane.
Rolling App Deployments is GA through Apps Manager and v3 CC API. The rolling app deployments feature is still experimental on cf CLI v6. To use the feature as GA through the cf CLI, upgrade to TAS 2.10+
For more information, see Rolling App Deployments.
Jump Upgrade to TAS for VMs v2.11
TAS for VMs v2.11 is a long-term supported (LTS) version of PAS. TAS for VMs v2.11 will be supported through April 2024.
You can jump upgrade directly from previous versions of PAS to the LTS version of TAS for VMs. For more information, see Jump Upgrading to TAS for VMs v2.11.
Breaking Changes
PAS v2.8 includes the following breaking changes:
PAS v2.8.25 and Later Incompatible with Tanzu GemFire for VMs v1.12 and Earlier with Tomcat Session State Caching
PAS v2.8.25 and later specifies Java buildpack v4.36. This causes a breaking change if you use Tanzu GemFire for VMs v1.12 or earlier with Tomcat session state caching. For information about how to avoid this breaking change, see Known Issues in the Tanzu GemFire for VMs documentation.
Incorrect HTTP(S) Proxy Configuration Breaks CredHub Interpolation for Apps in PAS v2.8.12 and Later
In PAS v2.8.12 and later, apps that have an incorrect HTTP(S) Proxy configuration fail to stage or restart due to a CredHub interpolation error.
Before you upgrade to PAS v2.8.12 or later, you must fix the HTTP(S) Proxy configuration of any impacted applications:
- Determine whether your apps are impacted by following the resolution procedure in Knowledgebase Article 9305.
- Update all impacted apps to use the recommended proxy settings that are documented in Configuring Proxy Settings for All Apps.
- Restart modified apps.
PAS v2.8.4 Stability Issues
WARNING: Pivotal advises that you do not upgrade to PAS v2.8.4 at this time. Pivotal is investigating issues reported with the stability of PAS v2.8.4.
If you have already upgraded to PAS v2.8.4 and are experiencing instability in your PAS deployment, such as cf push
failure, contact Support.
CredHub Requires At Least One CredHub Instance
PAS v2.8 and later requires at least one CredHub instance. If the number of CredHub instances is set to 0, the deployment fails.
If you scaled the number of CredHub instances to 0 in PAS v2.7, check the number of CredHub instances in the Resource Config pane of the PAS v2.8 tile and increase to one or more instances before you apply changes for the upgrade.
For more information, see PAS Must Use At Least One CredHub VM in Pivotal Application Service v2.8 Release Notes.
Syslog Adapters Are Removed
Syslog Adapters are not supported in PAS v2.8. If you disabled Syslog Agents in PAS v2.7.7, you must enable Syslog Agents before you upgrade to PAS v2.8. If you do not enable Syslog Agents prior to upgrade, the upgrade fails in order to prevent potential log loss.
To enable Syslog Agents on PAS v2.7.7, do one of the following:
Go to the System Logging pane in the PAS tile and select the Enable syslog egress through Syslog Agents checkbox.
Set the
properties.syslog_agent_enabled
property totrue
.
Additional Metadata Tags for Metrics and App Logs
In PAS v2.8, metadata tags for app logs and metrics appear after the header of each syslog message and before the syslog message text. If your external monitoring depends on a specific format for app logs, you must update the configuration.
The new metadata tags appear in syslogs in the following format:
956 <14>1 2020-03-31T12:11:02.529497+00:00 My-org.My-space.my-app-blue ec3cd4e4-baf9-456d-965a-96bcb2c61a47 [APP/PROC/WEB/0] - [tags@47450 app_id="ec3cd4e4-baf9-456d-965a-96bcb2c61a47" app_name="my-app-blue" deployment="cf-78e7a9442158adb53366" index="c57b95c6-d79f-4cfb-b7f3-08a770946b7a" instance_id="0" ip="10.214.110.84" job="diego_cell" organization_id="c23f6fb2-beeb-4d2f-8c1d-693be5bd502c" organization_name="My-org" origin="rep" process_id="ec3cd4e4-baf9-456d-965a-96bcb2c61a47" process_instance_id="1cf3854e-29d8-4825-7685-11ec" process_type="web" product="Pivotal Application Service" source_id="ec3cd4e4-baf9-456d-965a-96bcb2c61a47" source_type="APP/PROC/WEB" space_id="93e9f375-1567-4ea4-b2a1-ef6fd7e0125b" space_name="My-space" system_domain="example.mydomain.io"] 2020-03-31 07:11:02.529 INFO [my-app,B2347215-T21118008-COWF/35558169/38311791] --- [http-nio-8080-exec-5] c.c.b.t.p.s.p.b.BatchPostProcessor : Report file created in 47 ms
For more information, see Human-Friendly Metadata in Identifying the Source Deployment of Metrics.
Agent-Based Syslog Egress Cannot Be Disabled
If you disabled Agent-based syslog egress in PAS v2.7.7 or later, then you must update your external monitoring configuration.
Agent-based syslog egress is always enabled in PAS v2.8.0. Agent-based syslog egress was enabled by default in PAS v2.7.0, but you could optionally disable the egress in PAS v2.7.7 and later. For more information, see Agent-Based Syslog Egress Is Enabled by Default in the Pivotal Application Service v2.7 Release Notes.
App SSH Container Port Change
The port used on app containers during App SSH has changed from 2222 to 61002.
Known Issues
PAS v2.8 includes the following known issues:
Rolling App Deployment Does Not Timeout
Rolling app deployments do not properly timeout when the startup timeout is reached. You may experience a rolling app deployment process that hangs indefinitely.
If you experience a hanging rolling app deployment, you can manually terminate the process. For more information about terminating the rolling app deployment process, see the cf CLI v7 procedure in Cancel a Deployment.
Incompatible Stemcell Causes Job Failure
If you use the NSX-T Container Plugin (NCP) tile v3.0.2 or earlier, do not
upgrade to PAS 2.8.19. The stemcell in this patch is
not compatible with the NCP tile v3.0.2 or earlier and causes the openvswitch
job to fail when you deploy.
Duplicate Metrics Appear in the Firehose
PAS v2.8 introduces a System Metrics Agent that sends metrics to the Firehose. These metrics match existing BOSH system metrics, but they use an updated format. In PAS v2.8, metrics appear in both formats. In the Firehose, you see duplicate metrics entries in both the Loggregator format and the System Metrics Agent format.
The following table shows examples of the existing Loggregator metrics format and the new System Metrics Agent metrics format:
Loggregator Format | System Metrics Agent Format |
---|---|
system.healthy |
system_healthy |
system.mem.percent |
system_mem_percent |
system.disk.system.percent |
system_disk_system_percent |
system.disk.ephemeral.percent |
system_disk_ephemeral_percent |
system.disk.persistent.percent |
system_disk_persistent_percent |
system.cpu.user |
system_cpu_user |
The new System Metrics Agent adds about 50 metric envelopes per VM each minute.
The existing BOSH system metrics forwarder emits 2 metric envelopes per VM each minute. Each envelope contains 13 metrics.
Disable the Smoke Test Errand If You Disable the Firehose
If you disable the V1 or V2 Firehose in PAS v2.8, you must also disable the smoke test errand.
If you do not disable the smoke test errand, the deploy fails with an error similar to the following:
[91m[1m[Fail] [0m[90mLoggregator: [0m[0mcf logs [0m[90mlinux [0m[91m[1m[It] can see app messages in the logs [0m
[37m/var/vcap/packages/smoke_tests/src/github.com/cloudfoundry/cf-smoke-tests/smoke/logging/loggregator_test.go:42[0m
[1m[91mRan 1 of 2 Specs in 56.171 seconds[0m
[1m[91mFAIL![0m -- [32m[1m0 Passed[0m | [91m[1m1 Failed[0m | [33m[1m0 Pending[0m | [36m[1m1 Skipped[0m
--- FAIL: TestSmokeTests (56.17s)
FAIL
Ginkgo ran 2 suites in 1m7.050120251s
Test Suite Failed
Stderr Error: failed to run job-process: exit status 1 (exit status 1)
To disable the smoke test errand:
Navigate to the Errands pane in the PAS tile.
For Smoke Test Errand, select Off.
For more information, see Configure Errands in Configuring PAS.
Bosh System Metrics Forwarder Regression in v2.8.22
If you already have Healthwatch installed, upgrading to this patch will cause installation errors.
If you do not have Healthwatch, you are still impacted in downstream monitoring systems (DataDog, Splunk, etc). Those monitoring systems will start firing missing data alerts for metrics for BOSH/TAS recommended KPIs.
To resolve this issue:
If possible, do not upgrade.
If the upgrade has failed:
Download the TAS manifest and manually set
enabled: true
on thebosh_system_metrics_forwarder
job.Redeploy with Bosh.
DO NOT apply changes on the TAS tile until the next version is out.
Errors in NFS Volume Service File Append Operations
A defect in the mapfs FUSE driver causes errors to occur in file append operations when you enable the ID mapping feature with NFS in PAS v2.8.0 through PAS v2.8.1.
You enable the ID mapping feature by specifying either the uid
or username
option in service instance or service bind configurations.
When this issue occurs, appending files within the mounted file system fail with the error File operation not supported
. For example, echo hello >> test.txt
fails.
This issue is resolved in PAS v2.8.2.
PCF Metrics v1.6.2 and Earlier Not Compatible with PAS v2.8.3 and Later
App Metrics v1.6.2 and earlier is incompatible with the following PAS patch versions:
- PAS v2.5.20 and later
- PAS v2.6.15 and later
- PAS v2.7.9 and later
- PAS v2.8.3 and later
This incompatibility is caused by an update to nodejs-offline-buildpack v1.7.9, which removes support for Node.js 8.x.
If you upgrade to one of the PAS versions above and you are using App Metrics v1.6.2 or earlier, then App Metrics no longer works.
To resolve this issue, upgrade to App Metrics v1.6.3 or later.
For more information, see PCF Metrics v1.6.x is not compatible with PAS 2.5.20+, 2.6.15+, 2.7.9+ & 2.8.3+.
Logs Take a Long Time to Load in Apps Manager
In PAS v2.8.0 through v2.8.3, Apps Manager uses an inefficient method of loading app logs. This method causes the logs page to remain in a loading state for a long time before displaying logs. This issue is resolved in PAS v2.8.4.
Asynchronous Spring and Steeltoe health Endpoint Causes Apps Manager to Crash
This issue only applies to PAS v2.8.3 and earlier.
If your Spring or Steeltoe app uses an asynchronous health
actuator endpoint,
you might see the error TypeError: Cannot read property 'code' of undefined
in the Overview tab for the app.
The normal contents of the Overview tab are not displayed.
This does not indicate a problem with the app, and information on the other tabs displays correctly.
Errors Viewing App Logs after Disabling V1 Firehose
If you deactivate the V1 Firehose and you are using a version of the cf CLI earlier than v6.50, you may encounter errors when you push an app or view the logs for an app. The logs exist but are not visible from the cf CLI.
Running the following commands results in errors:
cf logs
:Timeout trying to connect to NOAA
cf push
:timeout connecting to log server, no log will be shown
Despite the log-related errors, cf push
works correctly and pushes the app.
To avoid encountering errors after deactivating the Loggregator V1 Firehose, upgrade to cf CLI v6.50 or later.
App Metrics v2.0.0 Is Incompatible with Apps Manager Integration
This issue affects App Metrics v2.0.0.
If the App Metrics v2.0.0 tile is installed on a foundation, then the View in Metrics link on the app Overview tab in Apps Manager does not appear or is broken.
Traffic Controller Can Issue a Large Number of Unnecessary DNS Queries
This issue is resolved in PAS v2.8.6 and later.
In PAS v2.8.5, Loggregator release version 106.2.4 uses an upgraded version of GOLANG GRPC. By default, GRPC attempts
to find the hostname q-s0.doppler.NETWORK-NAME.cf-GUID.bosh
through BOSH DNS for A, SRV, and TXT records. If this
attempt fails or is delayed, GRPC sends DNS lookups to all of the external DNS servers listed in /etc/resolv.conf
.
This can result in the Loggregator Traffic Controller generating hundreds of requests per second.
Example log message from BOSH DNS server:
[RequestLoggerHandler] 2020/03/27 12:06:04 WARN - handlers.DiscoveryHandler Request qtype=[TXT] qname=[q-s0.doppler.pas.cf-GUID.bosh.] rcode=SERVFAIL time=17000ns
To work around this issue in PAS v2.8.5, see Loggregator continuously generates hundreds of DNS requests per second to external DNS servers in the Knowledge Base.
App Metrics Route Change Results In “Unexpected error occurrence”
This issue affects you only if you upgrade from App Metrics v2.0.0 to App Metrics v2.0.1 or later.
The route to App Metrics moved from appmetrics.FOUNDATION_SYSTEM_DOMAIN.com
in
v2.0.0 to metrics.FOUNDATION_SYSTEM_DOMAIN
in v2.0.1.
If you have set the Multi-foundation configuration (beta) field of the Apps Manager section
in a PAS tile, you must update the metricsUrl field to reflect
the route change. If the field is not updated, then clicking View in Metrics on the app
Overview tab in Apps Manager results in an Unexpected error occurence
message.
Invalid Events from Cloud Controller Purge and Reseed
In PAS v2.8.11 and earlier, the /v2/app_usage_events/destructively_purge_all_and_reseed_started_apps
endpoint may generate app events without valid GUIDs. These invalid GUIDs can cause errors with components that consume them when parsing and correlating events. This issue affects Cloud Controller and App Usage Service.
For more information about the API endpoint, see Purge and reseed App Usage Events in the App Usage Events API documentation. For more information about the issue, see App Usage Service startup errors and data inconsistency in the knowledge base.
This issue is resolved in PAS v2.8.12.
App Metrics v2.0 Causes Apps Manager to Log Out on PAS v2.8.3 and Earlier
For deployments with both App Metrics v2.0 and PAS v2.8.3 or earlier installed, viewing any app Overview page in Apps Manager causes the user session to expire, which results in a log out.
For deployments with PAS v2.8.3 and earlier, this issue affects all App Metrics v2.0 patch versions.
This issue is resolved in PAS v2.8.4 and later.
Metadata Tags Not Updated if App, Org, or Space Name Changed
If you rename an app, org, or space, the metadata tags for metrics and app logs do not update to reflect the new names. The original names persist in the metrics and app logs.
To resolve this issue, restart the app. After the app restarts, app logs and metrics use the updated metadata tags.
For more info about these metadata tags, see Additional Metadata Tags for Metrics and App Logs above.
PCF Metrics Link Disappears in Apps Manager for Proxied Setups
This issue affects PAS v2.8.4 and later deployments that have any version of PCF Metrics or App Metrics installed.
If your PAS deployment has restrictive networking policies around request proxying, then the View in PCF Metrics link may not appear in Apps Manager.
To resolve this issue:
- Using the cf CLI, log in to the system org and system space.
- Locate the
search-server
app. Update the
no_proxy
environment variable for thesearch-server
app to include your system domain.cf set-env search-server no_proxy '*.SYSTEM-DOMAIN'
where
SYSTEM-DOMAIN
is the system domain configured for your PAS deployment. For example:cf set-env search-server no_proxy '*.example.com'
Restage the
search-server
app.cf restage search-server
Autoscaler Controls Do Not Appear in Apps Manager for Proxied Setups
This issue affects PAS v2.8.4 and later deployments that manage the Autoscaler service for individual apps in Apps Manager.
If your PAS deployment has restrictive networking policies around request proxying, then Autoscaler controls may not appear for apps within Apps Manager even when the Autoscaler service is enabled for an org.
To resolve this issue:
- Using the cf CLI, log in to the system org and system space.
- Locate the
search-server
app. Update the
no_proxy
environment variable for thesearch-server
app to include your system domain.cf set-env search-server no_proxy '*.SYSTEM-DOMAIN'
where
SYSTEM-DOMAIN
is the system domain configured for your PAS deployment. For example:cf set-env search-server no_proxy '*.example.com'
Metric Registrar v1.2.1 Known Issues
The following known issues with Metrics Registrar v1.2.1 affect PAS v2.8.18.
Several issues with the Metric Registrar v1.2.1 release cause problems when upgrading to PAS v2.8.18.
These known issues led to a reversion of Metrics Registrar in PAS v2.8.19. Features introduced in PAS v2.8.18 are not available in later versions of PAS.
Metric Registrar Orchestrator Cannot Connect to Cloud Controller
When the metric_registrar_orchestrator
job starts up, it exits
if it cannot connect to the Cloud Controller.
This issue can arise if either BOSH DNS or the Cloud Controller fails. For example, if BOSH DNS is being rolled during an update, there may be a log line similar to the following regarding host name resolution:
unable to connect to Cloud Controller: Get \"https://q-s0.cloud-controller.env.deployment.bosh:9227/internal/v4/syslog_drain_urls\": dial tcp: lookup q-s0.cloud-controller.pcfdev802.cf-85ed2c836ae0287e088c.bosh on 10.0.0.6:23: no such host
If Cloud Controller is unavailable, there may be a log line about the Cloud Controller:
unable to connect to Cloud Controller: unexpected status from cloud controller: 503
The failure of metric_registrar_orchestrator
to start can block
upgrades to PAS v2.8.18.
Metric Registrar Orchestrator Crashes with Unexpected Service URLs
The metric_registrar_orchestrator
job parses user-provided services
and their associated URLs. It expects all service URLs to have a scheme,
and if it encounters one without a scheme, it crashes with the error message:
panic: runtime error: index out of range [1] with length 1
To fix this issue, check user-provided services, and make sure each service
has a scheme. For example, if one of the services has the URL my.service.com
,
update the scheme to http://my.service.com
or whichever scheme the service is communicated over.
This issue is resolved in PAS v2.8.19 and later.
Metric Registrar Smoke Tests Fail in Environments that Enable mTLS for App Containers
This issue affects PAS v2.8.18 deployments that have the Gorouter app identity verification property enabled. When enabled, this property configures Gorouter and app containers to use mTLS to verify each other’s identity.
When running the metric_registrar_smoke_test
errand, the smoke test
fails to detect metrics from a secure-endpoint:
DeploymentValidation
[90m/var/vcap/data/compile/smoke_test/smoke_test/deployment_validation/deployment_validation_test.go:25[0m
[91m[1mreceives metrics scraped from metric endpoints [It][0m
[90m/var/vcap/data/compile/smoke_test/smoke_test/deployment_validation/deployment_validation_test.go:48[0m
[91mMonitor could not detect metrics emitted from the registered endpoint.
Expected
<int>: 0
to be >
<int>: 0[0m
To resolve this issue:
Retrieve the cf manifest:
bosh -d $CF_DEPLOYMENT manifest > /tmp/cf-manifest.yml
Update the
containers.proxy.verify_subject_alt_name
property of therep
job to include the server name of the Metric Registrar secure endpoint scraper:verify_subject_alt_name: - gorouter.service.cf.internal - ssh-proxy.service.cf.internal - metric_registrar_endpoint_worker_scrape_tls
Redploy with the updated manifest:
bosh -d $CF_DEPLOYMENT deploy /tmp/cf-manifest.yml
This issue is resolved in PAS v2.8.19 and later.