Release Notes

Pivotal recommends that you upgrade to the latest version of your current minor line, then upgrade to the latest available version of the new minor line. For example, if you use an older v2.3.x version, upgrade to the latest v2.3.x version before upgrading to the latest v2.4.x version.

For product versions and upgrade paths, see the Product Compatibility Matrix.

Breaking Change: MySQL for PCF v2.4.0 and later requires a Xenial stemcell. You must verify that you have the Xenial stemcell, and, if necessary, download and import it into the Ops Manager Stemcell Library before deploying MySQL for PCF v2.4.0. This might break automations you have set up to update MySQL for PCF deployments that used Trusty stemcells. For instructions on verifying the stemcell, see Verify Stemcell Version and Apply All Changes. To download the Xenial stemcell from Pivotal Network, go to Stemcells for PCF (Ubuntu Xenial).

Breaking Change: In MySQL for PCF v2.4.0 and later, new service bindings replace IP addresses with BOSH DNS hostnames. You must modify your networking rules to enable apps bound to leader-follower service instances to use BOSH DNS hostnames. For more information, see Update Networking Rules.


Release Date: July 19, 2019

New Features

This release includes the following feature:

  • Bumps AWS CLI version used by automatic backups to support non-public AWS regions and external object stores that require the v4 signature.


Release Date: June 13, 2019

Resolved Issue

This release fixes the following issue:

  • The issue where smoke tests failed because MySQL for PCF used the wrong apps domain.

    Now smoke tests on MySQL for PCF always use the correct app domain, the domain that is configured in Pivotal Application Service (PAS). For information about setting Apps Domain in the PAS tile, see Configure Domains.


Release Date: April 5, 2019

Updated Dependencies

Updated dependencies in this release:

  • Updates Service Backups to v18.2.0. This update includes the following:
    • smoke-tests errands can be used in environments that use custom Java buildpacks with OracleJDK.

Resolved Issue

This release fixes a known issue, so that:


Release Date: February 5, 2019

Security Fixes

This release includes the following security fixes:

Resolved Issues

This release fixes the following issue:

  • The issue in the interaction between the MariaDB Connector/J and the Java API. This issue prevented TLS connection for Spring Cloud Services, Scheduler for PCF, and Spring apps that used the MariaDB Connector/J.


Release Date: January 25, 2019

Do not use.


Release Date: December 3, 2018

Known Issues

This release has the following issue:

  • There is a known issue in the interaction between the MariaDB Connector/J and the Java API, which leads to the following limitations:
    • PCF deployments using the Spring Cloud Services tile or the Scheduler for PCF tile must have TLS disabled in the MySQL for PCF tile.
    • If the operator chooses to enable TLS, developers cannot use the MariaDB Connector/J in their Spring apps to connect to a MySQL service instance. Pivotal recommends developers configure their apps to use the MySQL Connector/J instead of the MariaDB Connector/J.

Security Fixes

This release includes the following security fixes:


Release Date: November 7, 2018


New features and changes in this release:

  • Credentials for doing backups have been removed from the MySQL broker BOSH manifest, and are stored securely in CredHub.
  • The find-non-tls-bindings BOSH errand has been enhanced to also search for IP-based bindings and service keys. The errand has been renamed to find-deprecated-bindings.
  • The find-deprecated-bindings BOSH errand has clearer error messaging to more easily determine the cause of failure.
  • The Amazon S3 Access Key ID and Secret Access Key fields in the Backups configuration pane in Ops Manager are no longer shown in plaintext.
  • Backup secrets are redacted.

Resolved Issues

This release fixes the following issues:

  • Fixes an issue where smoke tests fail if Service Plan Access is set to manual.
  • An attempt to install MySQL for PCF 2.4 with an incompatible version of PCF fails fast when the tile is staged, rather than when MySQL smoke tests are run.


Release Date: September 24, 2018


New features and changes in this release:


  • A leader VM that was resurrected by BOSH returns in read/write mode if no failover was triggered. This removes the requirement for operators to run the configure-leader-follower BOSH errand after resurrection.

Improvements due to BOSH DNS

Warning: For your app to reliably connect to MySQL over BOSH DNS, ensure that your app, or the MySQL client library that the app uses, retries in the case of DNS timeouts.

  • Developers now connect to a service instance using its BOSH DNS hostname, instead of over IPs as in MySQL for PCF v2.3.

  • The leader-follower failover process no longer requires developers to rebind their apps to the service instance.

To take advantage of the BOSH DNS improvments, you must do the following:

  1. Upgrade the MySQL instances, see Upgrade MySQL Instances.

  2. Rebind the apps, see Bind a Service Instance to Your App.

Service Instance Sharing

  • Developers can share their service instance across different orgs and spaces.

    Note: Service instance sharing is a beta feature in PCF v2.2 and a GA feature in PCF v2.3. For information about service instance sharing, see Sharing Service Instances.

Encryption at Rest

  • MySQL for PCF v2 enables integration with commercial vendors for full-disk encryption at rest. This integration has been certified with the Thales Vormetric plugin.

Improvements for Developers

  • Clearer messaging to developers trying to bind to a service instance with TLS disabled when

the operator has enforced TLS.

Improvements for Operators

  • BOSH errands run faster, saving operators time during upgrades and installation.
  • Developers are prevented from binding or updating a service that is two or more versions older than the service broker.
  • Operators can configure the timeout for the upgrade-all-service-instances BOSH errand to support large deployments.
  • Operators can see apps with outdated bindings by running the find-deprecated-bindings BOSH errand.

Improvements to Smoke Tests

  • Operators can run smoke tests on a specific service instance to determine its health.

Security Fixes

This release includes the following security fixes:

  • Service bindings no longer have unnecessary access to the MySQL sys database.

Resolved Issues

This release fixes the following issues:

  • Placement of service instance VMs is now randomized across all selected AZs for its plan, reducing the magnitude of an outage caused by an AZ failure.
  • The find-non-tls-bindings BOSH errand on the service broker still works when the i nstalled PCF version has Credhub, but secure service credentials is not enabled.
  • If the find-non-tls-bindings errand fails, the operator sees better messaging for the cause of the error.
  • Smoke tests no longer fail on an initial install of the tile when Service Plan Access is set to Manual.

Known Issues

There are no known issues for this release.


The following components are compatible with this release:

Component Version
Stemcell Xenial 97.x