VMware Tanzu Application Service for VMs v2.9 Release Notes

Page last updated:

Note: Pivotal Platform is now part of VMware Tanzu. In v2.9 and later, Pivotal Application Service is renamed to VMware Tanzu Application Service for VMs. Small Footprint PAS is renamed to VMware Tanzu Application Service for VMs [Small Footprint].

This topic contains release notes for VMware Tanzu Application Service for VMs (TAS for VMs) v2.9.

For the feature highlights of this release, read the blog post VMware Tanzu Application Service 2.9: Key Enhancements for Transformation at Scale, or see New Features in Ops Manager v2.9.

Ops Manager is certified by the Cloud Foundry Foundation for 2020.

Read more about the certified provider program and the requirements of providers.


Releases

2.9.12

Release Date: 09/21/2020

  • [Security Fix] Bump Usage Service ruby version to 2.6.6 - CVE-2020-15169 CVE-2020-10933 CVE-2020-10663
  • [Feature Improvement] Secure scraping available in Metric Registrar
  • Bump ubuntu-xenial stemcell to version 621.84
  • Bump cf-autoscaling to version 233
  • Bump cflinuxfs3 to version 0.204.0
  • Bump go-offline-buildpack to version 1.9.17
  • Bump metric-registrar to version 1.2.1
  • Bump nginx-offline-buildpack to version 1.1.14
  • Bump php-offline-buildpack to version 4.4.20
  • Bump push-usage-service-release to version 672.0.15
  • Bump python-offline-buildpack to version 1.7.20
  • Bump routing to version 0.207.0
Component Version
ubuntu-xenial stemcell621.84
backup-and-restore-sdk1.18.0
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.9
cf-autoscaling233
cf-cli1.28.0
cf-networking2.33.0
cflinuxfs30.204.0
credhub2.5.12
diego2.48.0
dotnet-core-offline-buildpack2.3.14
garden-runc1.19.16
go-offline-buildpack1.9.17
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.32.1
log-cache2.6.16
loggregator-agent5.3.10
loggregator106.3.11
mapfs1.2.4
metric-registrar1.2.1
metrics-discovery3.0.0
mysql-monitoring9.10.0
nats34
nfs-volume7.0.4
nginx-offline-buildpack1.1.14
nodejs-offline-buildpack1.7.26
notifications-ui40
notifications61
php-offline-buildpack4.4.20
push-apps-manager-release672.0.13
push-usage-service-release672.0.15
pxc0.28.0
python-offline-buildpack1.7.20
r-offline-buildpack1.1.7
routing0.207.0
ruby-offline-buildpack1.8.23
silk2.33.0
smb-volume3.0.1
smoke-tests2.2.0
staticfile-offline-buildpack1.5.10
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.13
uaa74.5.18

2.9.11

Release Date: 09/09/2020

  • [Security Fix] Fix for CVE-2020-5420: Improve Gorouter’s handling of invalid HTTP response codes
  • [Feature Improvement] Gorouter aliases /healthz to /health in order to prevent downtime during upgrades
  • [Bug Fix] Improve Log Cache Syslog Ingestion Performance
  • Bump ubuntu-xenial stemcell to version 621.82
  • Bump cf-networking to version 2.33.0
  • Bump diego to version 2.48.0
  • Bump dotnet-core-offline-buildpack to version 2.3.14
  • Bump log-cache to version 2.6.16
  • Bump nfs-volume to version 7.0.4
  • Bump nodejs-offline-buildpack to version 1.7.26
  • Bump push-apps-manager-release to version 672.0.13
  • Bump routing to version 0.206.0
  • Bump silk to version 2.33.0
  • Bump staticfile-offline-buildpack to version 1.5.10
Component Version
ubuntu-xenial stemcell621.82
backup-and-restore-sdk1.18.0
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.9
cf-autoscaling232
cf-cli1.28.0
cf-networking2.33.0
cflinuxfs30.203.0
credhub2.5.12
diego2.48.0
dotnet-core-offline-buildpack2.3.14
garden-runc1.19.16
go-offline-buildpack1.9.16
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.32.1
log-cache2.6.16
loggregator-agent5.3.10
loggregator106.3.11
mapfs1.2.4
metric-registrar1.1.1
metrics-discovery3.0.0
mysql-monitoring9.10.0
nats34
nfs-volume7.0.4
nginx-offline-buildpack1.1.12
nodejs-offline-buildpack1.7.26
notifications-ui40
notifications61
php-offline-buildpack4.4.19
push-apps-manager-release672.0.13
push-usage-service-release672.0.13
pxc0.28.0
python-offline-buildpack1.7.18
r-offline-buildpack1.1.7
routing0.206.0
ruby-offline-buildpack1.8.23
silk2.33.0
smb-volume3.0.1
smoke-tests2.2.0
staticfile-offline-buildpack1.5.10
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.13
uaa74.5.18

2.9.10

Release Date: 08/24/2020

  • [Security Fix] Fix for CVE-2020-5416: Improve Gorouter’s websocket error handling
  • [Bug Fix] loggr-syslog-agent - Fix server alternative name
  • [Bug Fix] Fix memory leak in RLP gateway
  • [Bug Fix]: Return 502 TLS Handshake error for an unresponsive backend
  • [Bug Fix] Fix Usage Service for inactive foundations
  • [Bug Fix] Bump garden-runc to v1.19.16
  • Bump ubuntu-xenial stemcell to version 621.78
  • Bump cflinuxfs3 to version 0.203.0
  • Bump dotnet-core-offline-buildpack to version 2.3.13
  • Bump garden-runc to version 1.19.16
  • Bump go-offline-buildpack to version 1.9.16
  • Bump java-offline-buildpack to version 4.32.1
  • Bump loggregator to version 106.3.11
  • Bump nginx-offline-buildpack to version 1.1.12
  • Bump nodejs-offline-buildpack to version 1.7.25
  • Bump php-offline-buildpack to version 4.4.19
  • Bump push-usage-service-release to version 672.0.13
  • Bump python-offline-buildpack to version 1.7.18
  • Bump routing to version 0.205.0
  • Bump ruby-offline-buildpack to version 1.8.23
Component Version
ubuntu-xenial stemcell621.78
backup-and-restore-sdk1.18.0
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.9
cf-autoscaling232
cf-cli1.28.0
cf-networking2.31.0
cflinuxfs30.203.0
credhub2.5.12
diego2.47.0
dotnet-core-offline-buildpack2.3.13
garden-runc1.19.16
go-offline-buildpack1.9.16
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.32.1
license
log-cache2.6.15
loggregator-agent5.3.10
loggregator106.3.11
mapfs1.2.4
metric-registrar1.1.1
metrics-discovery3.0.0
mysql-monitoring9.10.0
nats34
nfs-volume7.0.3
nginx-offline-buildpack1.1.12
nodejs-offline-buildpack1.7.25
notifications-ui40
notifications61
php-offline-buildpack4.4.19
push-apps-manager-release672.0.12
push-usage-service-release672.0.13
pxc0.28.0
python-offline-buildpack1.7.18
r-offline-buildpack1.1.7
routing0.205.0
ruby-offline-buildpack1.8.23
silk2.31.0
smb-volume3.0.1
smoke-tests2.2.0
staticfile-offline-buildpack1.5.9
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.13
uaa74.5.18

2.9.9

Release Date: 08/07/2020

  • [Security Fix] Notifications-ui removes UAA client secret from logs during installation
  • [Feature Improvement] Upgrade Percona-XtraDB-Cluster to version 5.7.30-31.43
  • [Bug Fix] Fix issue where requests to internal routes could fail due to incorrect case-sensitivity in DNS lookup in the service discovery controller.
  • [Bug Fix] Apps Manager accounts for App Metrics’ duplicate counts of HTTP requests, HTTP latency, and HTTP errors on App page Overview tab graphs
  • [Bug Fix] System Metrics Scraper/Prom Scraper — Fixes a bug that causes excess log volume and increases scrape interval to reduce metric volume
  • Bump ubuntu-xenial stemcell to version 621.77
  • Bump cf-cli to version 1.28.0
  • Bump cf-networking to version 2.31.0
  • Bump cflinuxfs3 to version 0.202.0
  • Bump garden-runc to version 1.19.14
  • Bump notifications-ui to version 40
  • Bump push-apps-manager-release to version 672.0.12
  • Bump pxc to version 0.28.0
  • Bump silk to version 2.31.0
  • Bump system-metrics-scraper to version 2.0.13
Component Version
ubuntu-xenial stemcell621.77
backup-and-restore-sdk1.18.0
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.9
cf-autoscaling232
cf-cli1.28.0
cf-networking2.31.0
cflinuxfs30.202.0
credhub2.5.12
diego2.47.0
dotnet-core-offline-buildpack2.3.12
garden-runc1.19.14
go-offline-buildpack1.9.14
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.31.1
log-cache2.6.15
loggregator-agent5.3.10
loggregator106.3.10
mapfs1.2.4
metric-registrar1.1.1
metrics-discovery3.0.0
mysql-monitoring9.10.0
nats34
nfs-volume7.0.3
nginx-offline-buildpack1.1.11
nodejs-offline-buildpack1.7.24
notifications-ui40
notifications61
php-offline-buildpack4.4.18
push-apps-manager-release672.0.12
push-usage-service-release672.0.12
pxc0.28.0
python-offline-buildpack1.7.16
r-offline-buildpack1.1.7
routing0.203.0
ruby-offline-buildpack1.8.21
silk2.31.0
smb-volume3.0.1
smoke-tests2.2.0
staticfile-offline-buildpack1.5.9
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.13
uaa74.5.18

2.9.8

Release Date: 07/16/2020

  • [Security Fix] Fix for CVE-2020-15586: Bump golang to version 1.14.5 with a fix in the net/http/httputil package for an issue which could cause the Gorouter to crash if a malicious client sends specially crafted HTTP requests.
  • [Feature Improvement] Platform operators can see X-Cf-RouterError response headers in router access logs
  • [Feature Improvement] Application developers can successfully deploy a reverse-proxy with support for sticky sessions
  • [Feature Improvement] Gorouter provides improved logging when the following error is received: x509: certificate has expired or is not yet valid

  • Bump cf-cli to version 1.27.0

  • Bump cflinuxfs3 to version 0.198.0

  • Bump dotnet-core-offline-buildpack to version 2.3.12

  • Bump go-offline-buildpack to version 1.9.14

  • Bump java-offline-buildpack to version 4.31.1

  • Bump nginx-offline-buildpack to version 1.1.11

  • Bump nodejs-offline-buildpack to version 1.7.24

  • Bump php-offline-buildpack to version 4.4.18

  • Bump python-offline-buildpack to version 1.7.16

  • Bump r-offline-buildpack to version 1.1.7

  • Bump routing to version 0.203.0

  • Bump ruby-offline-buildpack to version 1.8.21

  • Bump staticfile-offline-buildpack to version 1.5.9

Component Version
ubuntu-xenial stemcell621.76
backup-and-restore-sdk1.18.0
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.9
cf-autoscaling232
cf-cli1.27.0
cf-networking2.30.0
cflinuxfs30.198.0
credhub2.5.12
diego2.47.0
dotnet-core-offline-buildpack2.3.12
garden-runc1.19.10
go-offline-buildpack1.9.14
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.31.1
log-cache2.6.15
loggregator-agent5.3.10
loggregator106.3.10
mapfs1.2.4
metric-registrar1.1.1
metrics-discovery3.0.0
mysql-monitoring9.10.0
nats34
nfs-volume7.0.3
nginx-offline-buildpack1.1.11
nodejs-offline-buildpack1.7.24
notifications-ui37
notifications61
php-offline-buildpack4.4.18
push-apps-manager-release672.0.11
push-usage-service-release672.0.12
pxc0.22.0
python-offline-buildpack1.7.16
r-offline-buildpack1.1.7
routing0.203.0
ruby-offline-buildpack1.8.21
silk2.30.0
smb-volume3.0.1
smoke-tests2.2.0
staticfile-offline-buildpack1.5.9
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.12
uaa74.5.18

2.9.7

Release Date: 07/09/2020

  • [Breaking Change] If you use the NSX-T Container Plugin (NCP) tile v3.0.1 or earlier, do not upgrade to this patch. The stemcell in this patch is not compatible with the NCP tile v3.0.1 and causes the openvswitch job to fail when you deploy.
  • [Security Fix] Stop logging credentials in Autoscaler app
  • [Bug Fix] For sets of logs larger than 4MB, Apps Manager does not make requests to log cache with an invalid log limit
  • [Bug Fix] Display correct guid for App subresources in v2 GET response
  • [Bug Fix] Fix bug impacting hybrid grant flow with external oauth providers
  • [Bug Fix] Restore access to Log Cache service logs
  • Bump capi to version 1.90.9
  • Bump cf-autoscaling to version 232
  • Bump cflinuxfs3 to version 0.197.0
  • Bump log-cache to version 2.6.15
  • Bump push-apps-manager-release to version 672.0.11
  • Bump uaa to version 74.5.18
Component Version
ubuntu-xenial stemcell621.76
backup-and-restore-sdk1.18.0
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.9
cf-autoscaling232
cf-cli1.26.0
cf-networking2.30.0
cflinuxfs30.197.0
credhub2.5.12
diego2.47.0
dotnet-core-offline-buildpack2.3.9
garden-runc1.19.10
go-offline-buildpack1.9.12
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.31
log-cache2.6.15
loggregator-agent5.3.10
loggregator106.3.10
mapfs1.2.4
metric-registrar1.1.1
metrics-discovery3.0.0
mysql-monitoring9.10.0
nats34
nfs-volume7.0.3
nginx-offline-buildpack1.1.8
nodejs-offline-buildpack1.7.18
notifications-ui37
notifications61
php-offline-buildpack4.4.13
push-apps-manager-release672.0.11
push-usage-service-release672.0.12
pxc0.22.0
python-offline-buildpack1.7.13
r-offline-buildpack1.1.4
routing0.201.0
ruby-offline-buildpack1.8.17
silk2.30.0
smb-volume3.0.1
smoke-tests2.2.0
staticfile-offline-buildpack1.5.6
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.12
uaa74.5.18

2.9.6

Release Date: 06/25/2020

  • [Breaking Change] Incorrect HTTP(S) Proxy configuration breaks CredHub interpolation for apps. For more information, see Incorrect HTTP(S) Proxy Configuration Breaks CredHub Interpolation for Apps in TAS for VMs v2.9.6 and Later below.
  • [Breaking Change] If you use the NSX-T Container Plugin (NCP) tile v3.0.1 or earlier, do not upgrade to this patch. The stemcell in this patch is not compatible with the NCP tile v3.0.1 and causes the openvswitch job to fail when you deploy.
  • [Feature Improvement] Enable configuration for additional system metrics
  • [Feature Improvement] BOSH System Metrics can now be configured
  • [Bug Fix] Purged and re-seeded AppUsageEvents now contain parent app guid/name
  • [Bug Fix] Fix Autoscaler logging to respect the ‘Enable Verbose Logging’ checkbox
  • [Bug Fix] Remove invalid characters in hostnames in outgoing application syslog messages to comply with RFC 5424
  • Bump ubuntu-xenial stemcell to version 621.76
  • Bump capi to version 1.90.7
  • Bump cflinuxfs3 to version 0.195.0
  • Bump diego to version 2.47.0
  • Bump java-offline-buildpack to version 4.31
  • Bump loggregator-agent to version 5.3.10
  • Bump push-usage-service-release to version 672.0.12
  • Bump smoke-tests to version 2.2.0
  • Bump system-metrics-scraper to version 2.0.12
Component Version
ubuntu-xenial stemcell621.76
backup-and-restore-sdk1.18.0
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.7
cf-autoscaling230
cf-cli1.26.0
cf-networking2.30.0
cflinuxfs30.195.0
credhub2.5.12
diego2.47.0
dotnet-core-offline-buildpack2.3.9
garden-runc1.19.10
go-offline-buildpack1.9.12
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.31
log-cache2.6.14
loggregator-agent5.3.10
loggregator106.3.10
mapfs1.2.4
metric-registrar1.1.1
metrics-discovery3.0.0
mysql-monitoring9.10.0
nats34
nfs-volume7.0.3
nginx-offline-buildpack1.1.8
nodejs-offline-buildpack1.7.18
notifications-ui37
notifications61
php-offline-buildpack4.4.13
push-apps-manager-release672.0.10
push-usage-service-release672.0.12
pxc0.22.0
python-offline-buildpack1.7.13
r-offline-buildpack1.1.4
routing0.201.0
ruby-offline-buildpack1.8.17
silk2.30.0
smb-volume3.0.1
smoke-tests2.2.0
staticfile-offline-buildpack1.5.6
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.12
uaa74.5.17

2.9.5

Release Date: 06/15/2020

  • The option to enable dynamic egress through the TAS for VMs UI is removed. To administer App Security Groups (ASGs) for your apps instead of dynamic egress policies, see App Security Groups.
  • [Feature Improvement] Use same s3 path style as CAPI for Backup and Restore
  • [Feature Improvement] Service instances can send metrics to logcache over syslog
  • [Feature Improvement] Upgrade Bellsoft JDK to version 11.0.7+10
  • [Bug Fix] Update App Metrics UAA client to support cloud_controller.admin scope
  • [Bug Fix] Fix issue with disabling route services
  • [Bug Fix] Usage Service - Backfill missing service name fields in usage reports
  • [Bug Fix] Fix issue preventing rolling deployments from working with Windows apps
  • [Bug Fix] Gorouter - Drain timeout always uses configured value
  • [Bug Fix] Silk - Continue container networking during cell drain
  • [Bug Fix] Pass through arbitrary parameters when binding a service to a route in Apps Manager
  • [Bug Fix] Prevent click into Apps Manager search bar from erroring out when data is not fully loaded
  • [Bug Fix] Improve monitoring metrics for Usage Service
  • Bump ubuntu-xenial stemcell to version 621.75
  • Bump backup-and-restore-sdk to version 1.18.0
  • Bump capi to version 1.90.6
  • Bump cf-networking to version 2.30.0
  • Bump cflinuxfs3 to version 0.193.0
  • Bump push-apps-manager-release to version 672.0.10
  • Bump push-usage-service-release to version 672.0.10
  • Bump routing to version 0.201.0
  • Bump silk to version 2.30.0
  • Bump uaa to version 74.5.17
Component Version
ubuntu-xenial stemcell621.75
backup-and-restore-sdk1.18.0
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.6
cf-autoscaling230
cf-cli1.26.0
cf-networking2.30.0
cflinuxfs30.193.0
credhub2.5.12
diego2.44.0
dotnet-core-offline-buildpack2.3.9
garden-runc1.19.10
go-offline-buildpack1.9.12
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.29.1
log-cache2.6.14
loggregator-agent5.3.9
loggregator106.3.10
mapfs1.2.4
metric-registrar1.1.1
metrics-discovery3.0.0
mysql-monitoring9.10.0
nats34
nfs-volume7.0.3
nginx-offline-buildpack1.1.8
nodejs-offline-buildpack1.7.18
notifications-ui37
notifications61
php-offline-buildpack4.4.13
push-apps-manager-release672.0.10
push-usage-service-release672.0.10
pxc0.22.0
python-offline-buildpack1.7.13
r-offline-buildpack1.1.4
routing0.201.0
ruby-offline-buildpack1.8.17
silk2.30.0
smb-volume3.0.1
smoke-tests2.0.5
staticfile-offline-buildpack1.5.6
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.9
uaa74.5.17

2.9.4

Release Date: 06/03/2020

  • [Security Fix] Fix minor CVEs in Credhub server from dependent libraries
  • [Feature] Allow egress traffic from apps to addresses on host via host_tcp_services
  • [Feature Improvement] HTTP trace requests now respond with a generic error page
  • [Bug Fix] Safeguard against unavailable stack traces in Spring and Steeltoe threaddump actuator endpoint in Apps Manager
  • [Bug Fix] Update Reverse Log Proxies to fix shutdown issues in Loggregator
  • [Bug Fix] Allow Usage Service to work with an external platform database which does not have the correct hostname in its certificate
  • [Bug Fix] Migrate services/intermediate_tls_ca to /services/tls_leaf for Maestro
  • [Bug Fix] Add a new cache configuration to the NFS service allowing service instances to enable file attribute caching and achieve directory listing performance similar to the nfs-legacy service
  • Bump cflinuxfs3 to version 0.189.0
  • Bump credhub to version 2.5.12
  • Bump go-offline-buildpack to version 1.9.12
  • Bump loggregator to version 106.3.10
  • Bump metrics-discovery to version 3.0.0
  • Bump nfs-volume to version 7.0.3
  • Bump nodejs-offline-buildpack to version 1.7.18
  • Bump push-apps-manager-release to version 672.0.8
  • Bump push-usage-service-release to version 672.0.8
  • Bump uaa to version 74.5.16
Component Version
ubuntu-xenial stemcell621.74
backup-and-restore-sdk1.17.4
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.3
cf-autoscaling230
cf-cli1.26.0
cf-networking2.28.0
cflinuxfs30.189.0
credhub2.5.12
diego2.44.0
dotnet-core-offline-buildpack2.3.9
garden-runc1.19.10
go-offline-buildpack1.9.12
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.29.1
log-cache2.6.14
loggregator-agent5.3.9
loggregator106.3.10
mapfs1.2.4
metric-registrar1.1.1
metrics-discovery3.0.0
mysql-monitoring9.10.0
nats34
nfs-volume7.0.3
nginx-offline-buildpack1.1.8
nodejs-offline-buildpack1.7.18
notifications-ui37
notifications61
php-offline-buildpack4.4.13
push-apps-manager-release672.0.8
push-usage-service-release672.0.8
pxc0.22.0
python-offline-buildpack1.7.13
r-offline-buildpack1.1.4
routing0.199.0
ruby-offline-buildpack1.8.17
silk2.28.0
smb-volume3.0.1
smoke-tests2.0.5
staticfile-offline-buildpack1.5.6
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.9
uaa74.5.16

2.9.3

Release Date: 05/18/2020

  • [Security Fix] Support various CVE impacted components
  • [Bug Fix] Fix scheduling issue in loggregator agent by upgrading to Go 1.14.2
  • [Bug Fix] Fix issue in App Autoscaler where rules that were based on the HTTP-throughput metric failed to fire. For information about the HTTP Throughput metric, see Default Metrics for Scaling Rules.
  • [Bug Fix] Fix issue in App Autoscaler where the Scheduler API returned an error when executes_at was set to a time that was in the past.
  • Bump ubuntu-xenial stemcell to version 621.74
  • Bump cf-autoscaling to version 230
  • Bump cflinuxfs3 to version 0.180.0
  • Bump loggregator-agent to version 5.3.9
Component Version
ubuntu-xenial stemcell621.74
backup-and-restore-sdk1.17.4
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.3
cf-autoscaling230
cf-cli1.26.0
cf-networking2.28.0
cflinuxfs30.180.0
credhub2.5.11
diego2.44.0
dotnet-core-offline-buildpack2.3.9
garden-runc1.19.10
go-offline-buildpack1.9.11
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.29.1
log-cache2.6.14
loggregator-agent5.3.9
loggregator106.3.9
mapfs1.2.4
metric-registrar1.1.1
metrics-discovery2.0.2
mysql-monitoring9.10.0
nats34
nfs-volume7.0.2
nginx-offline-buildpack1.1.8
nodejs-offline-buildpack1.7.17
notifications-ui37
notifications61
php-offline-buildpack4.4.13
push-apps-manager-release672.0.7
push-usage-service-release672.0.7
pxc0.22.0
python-offline-buildpack1.7.13
r-offline-buildpack1.1.4
routing0.199.0
ruby-offline-buildpack1.8.17
silk2.28.0
smb-volume3.0.1
smoke-tests2.0.5
staticfile-offline-buildpack1.5.6
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.9
uaa74.5.15

2.9.2

Release Date: 05/05/2020

  • [Security Fix] Update debian packages and source libraries in nfs and mapfs releases
  • [Feature Improvement] Improved access logging and bumped versions of Jackson and MariaDB
  • [Feature Improvement] NATS TLS server runs alongside NATS server
  • [Bug Fix] Performance and stability improvements in Log Cache
  • [Bug Fix] Cloud Controller only checks for bucket presence on startup instead of every call to blobstore
  • [Bug Fix] Fix bug that caused Apps Manager to error out on clicking into the search bar
  • [Bug Fix] Show full list of jobs for an app in Apps Manager
  • Bump ubuntu-xenial stemcell to version 621.71
  • Bump capi to version 1.90.3
  • Bump cflinuxfs3 to version 0.178.0
  • Bump dotnet-core-offline-buildpack to version 2.3.9
  • Bump go-offline-buildpack to version 1.9.11
  • Bump log-cache to version 2.6.14
  • Bump mapfs to version 1.2.4
  • Bump nats to version 34
  • Bump nfs-volume to version 7.0.2
  • Bump nginx-offline-buildpack to version 1.1.8
  • Bump nodejs-offline-buildpack to version 1.7.17
  • Bump php-offline-buildpack to version 4.4.13
  • Bump push-apps-manager-release to version 672.0.7
  • Bump python-offline-buildpack to version 1.7.13
  • Bump r-offline-buildpack to version 1.1.4
  • Bump ruby-offline-buildpack to version 1.8.17
  • Bump smb-volume to version 3.0.1
  • Bump staticfile-offline-buildpack to version 1.5.6
  • Bump uaa to version 74.5.15
Component Version
ubuntu-xenial stemcell621.71
backup-and-restore-sdk1.17.4
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.3
cf-autoscaling226
cf-cli1.26.0
cf-networking2.28.0
cflinuxfs30.178.0
credhub2.5.11
diego2.44.0
dotnet-core-offline-buildpack2.3.9
garden-runc1.19.10
go-offline-buildpack1.9.11
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.29.1
log-cache2.6.14
loggregator-agent5.3.8
loggregator106.3.9
mapfs1.2.4
metric-registrar1.1.1
metrics-discovery2.0.2
mysql-monitoring9.10.0
nats34
nfs-volume7.0.2
nginx-offline-buildpack1.1.8
nodejs-offline-buildpack1.7.17
notifications-ui37
notifications61
php-offline-buildpack4.4.13
push-apps-manager-release672.0.7
push-usage-service-release672.0.7
pxc0.22.0
python-offline-buildpack1.7.13
r-offline-buildpack1.1.4
routing0.199.0
ruby-offline-buildpack1.8.17
silk2.28.0
smb-volume3.0.1
smoke-tests2.0.5
staticfile-offline-buildpack1.5.6
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.9
uaa74.5.15

2.9.1

Release Date: 04/22/2020

  • [Feature] HAProxy can now be configured with custom certificate authorities
  • [Feature Improvement] Autoscaler uses TLS to communicate with its database
  • [Feature Improvement] Allow configuration of system metrics scrape interval
  • [Bug Fix] Fix Certificates in CredHub KMS Provider Interface
  • [Bug Fix] Fix server_name value to use Common Name as metrics_agent_metrics_tls
  • Bump ubuntu-xenial stemcell to version 621.64
  • Bump cf-cli to version 1.26.0
  • Bump cflinuxfs3 to version 0.175.0
Component Version
ubuntu-xenial stemcell621.64
backup-and-restore-sdk1.17.4
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.2
cf-autoscaling226
cf-cli1.26.0
cf-networking2.28.0
cflinuxfs30.175.0
credhub2.5.11
diego2.44.0
dotnet-core-offline-buildpack2.3.7
garden-runc1.19.10
go-offline-buildpack1.9.8
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.29.1
log-cache2.6.11
loggregator-agent5.3.8
loggregator106.3.9
mapfs1.2.3
metric-registrar1.1.1
metrics-discovery2.0.2
mysql-monitoring9.10.0
nats32
nfs-volume6.0.0
nginx-offline-buildpack1.1.6
nodejs-offline-buildpack1.7.15
notifications-ui37
notifications61
php-offline-buildpack4.4.9
push-apps-manager-release672.0.6
push-usage-service-release672.0.7
pxc0.22.0
python-offline-buildpack1.7.10
r-offline-buildpack1.1.2
routing0.199.0
ruby-offline-buildpack1.8.14
silk2.28.0
smb-volume2.1.1
smoke-tests2.0.5
staticfile-offline-buildpack1.5.5
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.9
uaa74.5.13

v2.9.0

Release Date: April 10, 2020

Component Version
ubuntu-xenial stemcell621.61
backup-and-restore-sdk1.17.4
binary-offline-buildpack1.0.36
bosh-dns-aliases0.0.3
bosh-system-metrics-forwarder0.0.18
bpm1.1.6
capi1.90.2
cf-autoscaling226
cf-cli1.25.0
cf-networking2.28.0
cflinuxfs30.174.0
credhub2.5.11
diego2.44.0
dotnet-core-offline-buildpack2.3.7
garden-runc1.19.10
go-offline-buildpack1.9.8
haproxy9.8.0
istio1.3.0
java-offline-buildpack4.29.1
log-cache2.6.11
loggregator-agent5.3.8
loggregator106.3.9
mapfs1.2.3
metric-registrar1.1.1
metrics-discovery2.0.2
mysql-monitoring9.10.0
nats32
nfs-volume6.0.0
nginx-offline-buildpack1.1.6
nodejs-offline-buildpack1.7.15
notifications-ui37
notifications61
php-offline-buildpack4.4.9
push-apps-manager-release672.0.6
push-usage-service-release672.0.7
pxc0.22.0
python-offline-buildpack1.7.10
r-offline-buildpack1.1.2
routing0.199.0
ruby-offline-buildpack1.8.14
silk2.28.0
smb-volume2.1.1
smoke-tests2.0.5
staticfile-offline-buildpack1.5.5
statsd-injector1.11.15
syslog11.6.1
system-metrics-scraper2.0.9
uaa74.5.13

How to Upgrade

To upgrade to TAS for VMs v2.9, see Upgrading Ops Manager.

When upgrading to TAS for VMs v2.9, be aware of the following upgrade considerations:

  • If you previously used an earlier version of TAS for VMs, you must first upgrade to TAS for VMs v2.8 to successfully upgrade to TAS for VMs v2.9.

  • Some partner service tiles may be incompatible with Ops Manager v2.9. VMware is working with partners to ensure their tiles are updated to work with the latest versions of Ops Manager.

    For information about which partner service releases are currently compatible with Ops Manager v2.9, review the appropriate partners services release documentation at https://docs.pivotal.io or contact the partner organization that produces the tile.

New Features in TAS for VMs v2.9

TAS for VMs v2.9 includes the following major features:

Increase App Graceful Shutdown Period

You can increase the graceful shutdown period for your apps.

When TAS for VMs requests a shutdown of app instances, the processes in app containers have a period of time to gracefully shut down before the processes are forcefully terminated. The default, minimum graceful shutdown period is 10 seconds. If your apps require a longer period of time to finish in-flight jobs and gracefully shutdown, you can increase the graceful shutdown period in the Advanced Features pane of the TAS for VMs tile.

For more information, see Shutdown in App Container Lifecycle and Configure Advanced Features in Configuring TAS for VMs.

Deploy Sidecar Processes for Java Apps with a Buildpack (Beta)

You can use a custom buildpack to deploy a sidecar process alongside your Java app.

Previously, you could only use an app manifest to deploy a sidecar for a Java app.

For more information, see Sidecar Buildpacks.

Configure App Log Rate Limit (Beta)

You can limit the number of log lines each app instance generates per second by configuring the App log rate limit (beta) section in the App Containers pane of the TAS for VMs tile.

This feature is disabled by default. Enabling this feature prevents app instances from overloading the Loggregator Agent with logs, so the Loggregator Agent does not drop logs for other app instances. Enabling this feature also prevents apps from reporting inaccurate app metrics in the Cloud Foundry Command Line Interface (cf CLI) or increasing the CPU usage on the Diego Cell VM.

For more information, see Configure App Containers in Configuring TAS for VMs.

Configure Buildpacks for Apps Manager

You can configure the Apps Manager, Search Server, and Invitations apps to deploy with buildpacks you specify. To specify which buildpacks you want these apps to use, enter them in the Apps Manager pane of the TAS for VMs tile. For more information, see Configure Custom Branding and Apps Manager in Configuring TAS for VMs.

If you do not specify a buildpack, TAS for VMs uses the detection process to determine a single buildpack to use. For more information about the detection process, see Buildpack Detection in How Buildpacks Work in TAS for VMs.

NATS Shares Messages with NATS TLS

The nats-tls job is added to the NATS VM. This job configures the Diego Route Emitter to send routing information to NATS, which then shares that information with NATS TLS.

For more information about routing architecture in TAS for VMs, see TAS for VMs Routing Architecture.

For more information about outbound network communication paths from Diego, see Outbound Communications in Diego Network Communications.

For more information about how NATS TLS affects routing in VMware Tanzu Application Service for VMs [Windows] (TAS for VMs [Windows]), see TAS for VMs [Windows] Uses Route Emitters to Communicate with NATS Over TLS in VMware Tanzu Application Service for VMs [Windows] v2.9 Release Notes.

Hostname Validation Enabled By Default for External Databases

An Enable hostname validation checkbox is added to the TAS for VMs Databases pane. When Enable hostname validation is selected for an external database with TLS enabled, TAS for VMs verifies the hostname of the external database for communication between TAS for VMs and the external database.

The Enable hostname validation checkbox is selected by default. For more information about enabling hostname validation or enabling TLS for external databases, see Configure Databases in Configure TAS for VMs.

Warning: If your deployment uses a GCP or Azure external database for TAS for VMs and TLS is enabled for the database, you must deselect the Enable hostname validation checkbox. For more information, see Disable Hostname Validation for External Databases on GCP and Azure in Upgrade Preparation Checklist.

Note: The Enable hostname validation checkbox does not enable hostname validation for communication between TAS for VMs components and external CredHub databases. To enable or disable hostname validation for CredHub external databases, see Configure CredHub in Configure TAS for VMs.

App Revisions Are Enabled by Default

App revisions are enabled by default.

To disable revisions in an app, you must manually turn them off using your Cloud Foundry API (CAPI) endpoint. For more information, see Disable Revisions for an App in App Revisions.

View Sidecar Processes in Apps Manager (Beta)

You can view sidecar processes associated with your apps through the Apps Manager UI.

To view the sidecars for an app in Apps Manager:

  1. Go to the Overview page for the app.
  2. Under Processes and Instances, see Sidecars.

For more information about viewing sidecar processes in Apps Manager, see View Sidecar Processes in Managing Apps and Service Instances Using Apps Manager.

For more information about sidecar processes, see Pushing Apps with Sidecar Processes (Beta).

View Key Metrics in Apps Manager (Beta)

If Metric Store is installed, you can view key metrics for an app on the app Overview page in Apps Manager.

The key metrics are CPU, Memory, Disk, Request Latency, Request Rate, and Request Errors.

For each metric, the Overview page includes a graph that shows metric behavior over the past three hours. The page also displays the average value for the metric over the past three hours.

For information about how to install Metric Store, see Metric Store.

For more information about viewing key metrics for your apps, see Manage an App in Using Apps Manager.

Log and Metric Agent Architecture (Beta)

The Log and Metric Agent Architecture includes components that collect, store, and forward logs and metrics in your deployment. The components of the Log and Metric Agent Architecture use a shared-nothing architecture that requires several fewer VMs than the Loggregator system.

To use the Log and Metric Agent Architecture components, you must also configure Syslog Agents, aggregate drains, and Log Cache to send logs to a shared destination. To configure these components, see Configure System Logging in Configuring TAS for VMs.

For more information about the Log and Metric Agent Architecture, see Log and Metric Agent Architecture (Beta).

Breaking Changes

TAS for VMs v2.9 includes the following breaking changes:

Incorrect HTTP(S) Proxy Configuration Breaks CredHub Interpolation for Apps in TAS for VMs v2.9.6 and Later

In TAS for VMs v2.9.6 and later, apps that have an incorrect HTTP(S) Proxy configuration fail to stage or restart due to a CredHub interpolation error.

Before you upgrade to TAS for VMs v2.9.6 or later, you must fix the HTTP(S) Proxy configuration of any impacted applications:

  1. Determine whether your apps are impacted by following the resolution procedure in Knowledgebase Article 9305.
  2. Update all impacted apps to use the recommended proxy settings that are documented in Configuring Proxy Settings for All Apps.
  3. Restart modified apps.

NAT Listens to Additional Ports

In TAS for VMs v2.9 and later, NATS listens on the following ports:

  • 4222
  • 4223
  • 4224
  • 4225

In earlier version, NAT only listened on port 4222. Before upgrading to TAS for VMs v2.9, you must also open ports 4223, 4224, and 4225 in your firewall settings.

Disable Hostname Validation for External Databases on GCP and Azure

This breaking change applies only to deployments where the following conditions are met:

  • In the Databases pane, PAS v2.8 is configured to use an external GCP or Azure database.

  • In TAS for VMs v2.9, you want to use the same external GCP or Azure database configured in the Databases pane.

  • You enabled TLS communication for the GCP or Azure external database by adding a certificate authority (CA) certificate to the Database CA certificate field in the Databases pane.

If your deployment meets these conditions, you must disable hostname validation before you upgrade to v2.9. Failure to disable hostname validation can cause the upgrade to fail for deployments that use external databases on GCP or Azure.

For more information about disabling hostname validation, see Disable Hostname Validation for External Databases on GCP and Azure in Upgrade Preparation Checklist.

This breaking change applies to deployments that have any version of PCF Metrics or App Metrics installed.

If your TAS for VMs deployment has restrictive networking policies around request proxying, then the View in App Metrics link may no longer appear in Apps Manager after you upgrade to TAS for VMs v2.9.

To resolve this issue, follow the steps in the related known issue of the TAS for VMs release notes before or after upgrading to TAS for VMs v2.9.

Autoscaler Controls Do Not Appear in Apps Manager for Proxied Setups

This breaking change applies to deployments that manage the Autoscaler service for individual apps in Apps Manager.

If your TAS for VMs deployment has restrictive networking policies around request proxying, then Autoscaler controls may not appear for apps within Apps Manager even when the Autoscaler service is enabled for an org.

To resolve this issue, follow the steps in the related known issue of the TAS for VMs release notes before or after upgrading to TAS for VMs v2.9.

Known Issues

TAS for VMs v2.9 includes the following known issues:

Run NFS Broker Errand Before Upgrade

If you are using NFS Volume Services, you must run the NFS Broker Errand errand before upgrading to TAS for VMs v2.9. Running this errand in TAS for VMs v2.8 migrates existing service instances for NFS Volume Services from MySQL to CredHub.

If you do not run the errand in TAS for VMs v2.8, you may be unable to bind apps to existing NFS Volume Service service instances after upgrading to TAS for VMs v2.9.

Disable the Smoke Test Errand If You Disable the Firehose

If you disable the V1 or V2 Firehose in TAS for VMs v2.9, you must also disable the smoke test errand.

If you do not disable the smoke test errand, the deploy fails with an error similar to the following:

[91m[1m[Fail] [0m[90mLoggregator: [0m[0mcf logs [0m[90mlinux [0m[91m[1m[It] can see app messages in the logs [0m
          [37m/var/vcap/packages/smoke_tests/src/github.com/cloudfoundry/cf-smoke-tests/smoke/logging/loggregator_test.go:42[0m
          [1m[91mRan 1 of 2 Specs in 56.171 seconds[0m
          [1m[91mFAIL![0m -- [32m[1m0 Passed[0m | [91m[1m1 Failed[0m | [33m[1m0 Pending[0m | [36m[1m1 Skipped[0m
          --- FAIL: TestSmokeTests (56.17s)
          FAIL
          Ginkgo ran 2 suites in 1m7.050120251s
          Test Suite Failed
Stderr     Error: failed to run job-process: exit status 1 (exit status 1)

To disable the smoke test errand, see Errands Pane: Persistent Rules in Managing Errands in Ops Manager.

Errors Viewing App Logs after Disabling V1 Firehose

If you disable the V1 Firehose and you are using a version of the cf CLI earlier than v6.50, you may encounter errors when you push an app or view the logs for an app. The logs exist but are not visible from the cf CLI.

Running the following commands results in errors:

  • cf logs: Timeout trying to connect to NOAA
  • cf push: timeout connecting to log server, no log will be shown

Despite the log-related errors, cf push works correctly and pushes the app.

To avoid encountering errors after disabling the Loggregator V1 Firehose, upgrade to cf CLI v6.50 or later.

App Metrics v2.0.0 Is Incompatible with Apps Manager Integration

This issue affects App Metrics v2.0.0.

If the App Metrics v2.0.0 tile is installed on a foundation, then the View in Metrics link on the app Overview tab in Apps Manager does not appear or is broken.

This issue is resolved in App Metrics v2.0.1.

Invalid Events from Cloud Controller Purge and Reseed

In TAS for VMs v2.9.5 and earlier, the /v2/app_usage_events/destructively_purge_all_and_reseed_started_apps endpoint may generate app events without valid GUIDs. These invalid GUIDs can cause errors with components that consume them when parsing and correlating events. This issue affects Cloud Controller and App Usage Service.

For more information about the API endpoint, see Purge and reseed App Usage Events in the App Usage Events API documentation. For more information about the issue, see App Usage Service startup errors and data inconsistency in the knowledge base.

This issue is resolved in TAS for VMs v2.9.6.

App Metrics Route Change Results In “Unexpected error occurrence”

This issue affects you only if you upgrade from App Metrics v2.0.0 to App Metrics v2.0.1 or later.

The route to App Metrics moved from appmetrics.FOUNDATION_SYSTEM_DOMAIN.com in v2.0.0 to metrics.FOUNDATION_SYSTEM_DOMAIN in v2.0.1.

If you have set the Multi-foundation configuration (beta) field of the Apps Manager section in a PAS tile, you must update the metricsUrl field to reflect the route change. If the field is not updated, then clicking View in Metrics on the app Overview tab in Apps Manager results in an Unexpected error occurence message.

This issue affects TAS for VMs v2.9.0 and later deployments that have any version of PCF Metrics or App Metrics installed.

If your TAS for VMs deployment has restrictive networking policies around request proxying, then the View in App Metrics link may not appear in Apps Manager.

To resolve this issue:

  1. Using the cf CLI, log in to the system org and system space.
  2. Locate the search-server app.
  3. Update the no_proxy environment variable for the search-server app to include your system domain.

    cf set-env search-server no_proxy '*.SYSTEM-DOMAIN'
    

    where SYSTEM-DOMAIN is the system domain configured for your TAS for VMs deployment. For example:

    cf set-env search-server no_proxy '*.example.com'
    

  4. Restage the search-server app.

    cf restage search-server
    

Autoscaler Controls Do Not Appear in Apps Manager for Proxied Setups

This issue affects TAS for VMs v2.9.0 and later deployments that manage the Autoscaler service for individual apps in Apps Manager.

If your TAS for VMs deployment has restrictive networking policies around request proxying, then Autoscaler controls may not appear for apps within Apps Manager even when the Autoscaler service is enabled for an org.

To resolve this issue:

  1. Using the cf CLI, log in to the system org and system space.
  2. Locate the search-server app.
  3. Update the no_proxy environment variable for the search-server app to include your system domain.

    cf set-env search-server no_proxy '*.SYSTEM-DOMAIN'
    

    where SYSTEM-DOMAIN is the system domain configured for your TAS for VMs deployment. For example:

    cf set-env search-server no_proxy '*.example.com'
    

  4. Restage the search-server app.

    cf restage search-server