Release Notes

Warning: MySQL for PCF v2.5 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.

Page last updated:

Pivotal recommends that you upgrade to the latest version of your current minor line, then upgrade to the latest available version of the new minor line.

For product versions and upgrade paths, see Upgrade Planner.

Breaking Change: All service bindings created using MySQL for Pivotal Cloud Foundry (PCF) v2.3 or earlier use IP addresses. Any bindings created using v2.3 or earlier must be re-created before upgrading to v2.5, which requires service bindings that use DNS hostnames. For more information, see Preparing for Upgrading MySQL for PCF.

v2.5.11

Release Date: February 24, 2020

Features

New features and changes in this release:

• Operators can monitor Key Performance Indicators (KPIs) for persistent and ephemeral disk usage, and number of connections on the Healthwatch Indicator Protocol dashboard. For more information, see Indicator Protocol Dashboard (Beta).

• Operators can run the recreate-all-service-instances errand to re-create service instances VMs.

Resolved Issues

This release has the following fixes:

• An inaccurate generic message no longer appears when you use cf update-service to migrate data between a highly available (HA) cluster plan and a plan of another topology. MySQL for PCF now fails fast to indicate that this is an unsupported workflow.

• For Ops Manager 2.7 and later, automated backups using SCP no longer silently fail.

Known Issues

This release has the following issues:

• If you set Plan 1 to Inactive in the MySQL for Pivotal Cloud Foundry tile, your installation fails when you apply changes. To fix this issue, ensure that Plan 1 is always configured.

• For Ops Manager 2.6 and earlier, automated backups using SCP silently fail. For workaround instructions, see MySQL SCP backups are failing when prompting for the SSH key passphrase in PCF in the Pivotal Support knowledge base.

v2.5.10

Release Date: January 21, 2020

Security Fixes

This release includes the following security fix:

• Updates all dependencies to golang v1.13. This fixes the following CVE:
  • High CVE-2019-17596

Resolved Issues

This release has the following fix:

• An inaccurate generic message no longer appears when the MySQL service broker fails to connect to the MySQL server.

Known Issues

This release has the following issues:

• If you set Plan 1 to Inactive in the MySQL for Pivotal Cloud Foundry tile, your installation fails when you apply changes. To fix this issue, ensure that Plan 1 is always configured.

• An inaccurate generic message appears when you use cf update-service to migrate data between a highly available (HA) cluster plan and a plan of another topology.

• Automated backups using SCP silently fail. For workaround instructions, see MySQL SCP backups are failing when prompting for the SSH key passphrase in PCF in the Pivotal Support knowledge base.

v2.5.9

Release Date: January 7, 2020

Features

New features and changes in this release:

• Operators can monitor MySQL metrics on the Healthwatch Indicator Protocol dashboard. For more information, see Indicator Protocol Dashboard (Beta).
• Highly available (HA) cluster plans only retain three days of binary logs. This reduces persistent disk usage.

Security Fixes

This release includes the following security fixes:

• Updates Percona Server to v5.7.28-31. This update fixes multiple security issues.
  For more information, see USN-4070-1: MySQL vulnerabilities and USN-4195-1: MySQL vulnerabilities in the Ubuntu documentation.
• Updates golang to v1.13. This fixes the following CVE:
  • High CVE-2019-17596

Resolved Issues

This release has the following fixes:

• Smoke test error messages now explain the actual error rather than outputting fork/exec /usr/local/bin/bosh: no such file or directory.
• Audit logs are now stored on the persistent disk rather than on the syslog endpoint.

Known Issues

This release has the following issues:

• If you set Plan 1 to Inactive in the MySQL for Pivotal Cloud Foundry tile, your installation fails when you apply changes. To fix this issue, ensure that Plan 1 is always configured.

• When the MySQL service broker fails to connect to the MySQL server an inaccurate generic message appears.

• An inaccurate generic message appears when you use cf update-service to migrate data between a highly available (HA) cluster plan and a plan of another topology.

• Automated backups using SCP silently fail. For workaround instructions, see MySQL SCP backups are failing when prompting for the SSH key passphrase in PCF in the Pivotal Support knowledge base.

v2.5.8

Release Date: Oct 10, 2019

Security Fix

This release includes the following security fix:

• Updates bpm-release to v1.1.3. This update fixes Medium CVE-2019-9893.

Feature

New feature and change in this release:

• Updates pxc-release to 0.20.0.

Resolved Issues

This release has the following fixes:

• You can now share MySQL for Pivotal Platform service instances across orgs and spaces using cf share-service. For more information, see Share Service Instances.
• Certificate rotation now works reliably with BOSH.

Known Issues

This release has the following issues:

• If you set Plan 1 to Inactive in the MySQL for Pivotal Cloud Foundry tile, your installation fails when you apply changes. To fix this issue, ensure that Plan 1 is always configured.

• Audit logs are stored on the syslog endpoint rather than on the persistent disk.

• Smoke test error messages do not explain the actual error and output the following message instead fork/exec /usr/local/bin/bosh: no such file or directory.

• An inaccurate generic message appears when you use cf update-service to migrate data between a highly available (HA) cluster plan and a plan of another topology.

• Automated backups using SCP silently fail. For workaround instructions, see MySQL SCP backups are failing when prompting for the SSH key passphrase in PCF in the Pivotal Support knowledge base.

v2.5.7

Release Date: Aug 20, 2019

Security Fix

This release includes the following security fix:

• Updates the cf CLI to v6.46. This update fixes the following CVEs:
  • High CVE-2019-3781: CF CLI does not sanitize user’s password in verbose/trace/debug
  • Medium CVE-2019-3800: CF CLI writes the client id and secret to config file

Feature

New feature and change in this release:

• Updates Percona Server to v5.7.26-29.

Resolved Issue

This release has the following fix:

• Automatic backups for leader-follower service instances now work correctly. Previously, a regression caused the leader or follower node to take a backup of its peer node rather than itself.

Known Issues

This release has the following issues:

• If you set Plan 1 to Inactive in the MySQL for Pivotal Cloud Foundry tile, your installation fails when you apply changes. To fix this issue, ensure that Plan 1 is always configured.

• You cannot share MySQL for Pivotal Cloud Foundry service instances across orgs and spaces. If you run cf share-services, the command fails.

• Audit logs are stored on the syslog endpoint rather than on the persistent disk.

• Smoke test error messages do not explain the actual error and output the following message instead fork/exec /usr/local/bin/bosh: no such file or directory.

• An inaccurate generic message appears when you use cf update-service to migrate data between a highly available (HA) cluster plan and a plan of another topology.

• Automated backups using SCP silently fail. For workaround instructions, see MySQL SCP backups are failing when prompting for the SSH key passphrase in PCF in the Pivotal Support knowledge base.

Compatibility

The following components are compatible with this release:

v2.5.6

Release Date: July 19, 2019

Feature

New feature and change in this release:

• Updates the AWS CLI version. Automatic backups use this version to support non-public AWS regions and external object stores that require the v4 signature.

Known Issues

This release has the following issues:

• If you set Plan 1 to Inactive in the MySQL for Pivotal Cloud Foundry tile, your installation fails when you apply changes. To fix this issue, ensure that Plan 1 is always configured.

• You cannot share MySQL for Pivotal Cloud Foundry service instances across orgs and spaces. If you run cf share-services, the command fails.

• Audit logs are stored on the syslog endpoint rather than on the persistent disk.

• Smoke test error messages do not explain the actual error and output the following message instead fork/exec /usr/local/bin/bosh: no such file or directory.

• An inaccurate generic message appears when you use cf update-service to migrate data between a highly available (HA) cluster plan and a plan of another topology.

• Automated backups using SCP silently fail. For workaround instructions, see MySQL SCP backups are failing when prompting for the SSH key passphrase in PCF in the Pivotal Support knowledge base.

v2.5.5

Release Date: June 13, 2019

Resolved Issue

This release fixes the following issue:

• The issue where smoke tests failed because MySQL for PCF used the wrong apps domain.

  Now smoke tests on MySQL for PCF always use the correct app domain, the domain that is configured in Pivotal Application Service (PAS). For information about setting Apps Domain in the PAS tile, see Configure Domains.

Known Issues

This release has the following issues:

• If you set Plan 1 to Inactive in the MySQL for Pivotal Cloud Foundry tile, your installation fails when you apply changes. To fix this issue, ensure that Plan 1 is always configured.

• You cannot share MySQL for Pivotal Cloud Foundry service instances across orgs and spaces. If you run cf share-services, the command fails.

• Audit logs are stored on the syslog endpoint rather than on the persistent disk.

• Smoke test error messages do not explain the actual error and output the following message instead fork/exec /usr/local/bin/bosh: no such file or directory.

• An inaccurate generic message appears when you use cf update-service to migrate data between a highly available (HA) cluster plan and a plan of another topology.

• Automated backups using SCP silently fail. For workaround instructions, see MySQL SCP backups are failing when prompting for the SSH key passphrase in PCF in the Pivotal Support knowledge base.

v2.5.4

Release Date: April 18, 2019

Features

New features and changes in this release:

• Updates Service Backups to v18.2.0. This update includes the following:
  • smoke-tests errands can be used in environments that use custom Java buildpacks with OracleJDK. For more information, see Service Backups for PCF v18.2.0.
• Updates PXC release to v0.15.0. This update includes the following:
  • MySQL backups are run as a limited-permissions user. Previously, backups were run as an admin.
  • Updates Percona XtraDB Cluster to v5.7.25-31.35. For more information, see pxc-release v0.15.0 in GitHub.

Resolved Issues

This release fixes known issues, so that:

• Automatic backup works for highly available (HA) clusters.

• Java apps can establish connection to HA clusters even if TLS is disabled.

• Azure backups support on-premise blob storage. For more information, see the Blob Store Base URL field in Option 4: Back Up to Azure Storage.

Known Issues

This release has the following issues:

• The Scheduler for PCF tile does not support TLS. If you have the Scheduler for PCF tile installed, MySQL for PCF must have TLS Options set to Optional or Not Configured.

• If you set Plan 1 to Inactive in the MySQL for Pivotal Cloud Foundry tile, your installation fails when you apply changes. To fix this issue, ensure that Plan 1 is always configured.

• You cannot share MySQL for Pivotal Cloud Foundry service instances across orgs and spaces. If you run cf share-services, the command fails.

• Audit logs are stored on the syslog endpoint rather than on the persistent disk.

• Smoke test error messages do not explain the actual error and output the following message instead fork/exec /usr/local/bin/bosh: no such file or directory.

• An inaccurate generic message appears when you use cf update-service to migrate data between a highly available (HA) cluster plan and a plan of another topology.

• Automated backups using SCP silently fail. For workaround instructions, see MySQL SCP backups are failing when prompting for the SSH key passphrase in PCF in the Pivotal Support knowledge base.

v2.5.3

Release Date: January 11, 2019

Known Issues

This release has the following issues:

• The Scheduler for PCF tile does not support TLS. If you have the Scheduler for PCF tile installed, MySQL for PCF must have TLS Options set to Optional or Not Configured.

• If you set Plan 1 to Inactive in the MySQL for Pivotal Cloud Foundry tile, your installation fails when you apply changes. To fix this issue, ensure that Plan 1 is always configured.

• Automatic backup does not work for HA clusters.

• You cannot share MySQL for Pivotal Cloud Foundry service instances across orgs and spaces. If you run cf share-services, the command fails.

• Audit logs are stored on the syslog endpoint rather than on the persistent disk.

• Smoke test error messages do not explain the actual error and output the following message instead fork/exec /usr/local/bin/bosh: no such file or directory.

• An inaccurate generic message appears when you use cf update-service to migrate data between a highly available (HA) cluster plan and a plan of another topology.

• Automated backups using SCP silently fail. For workaround instructions, see MySQL SCP backups are failing when prompting for the SSH key passphrase in PCF in the Pivotal Support knowledge base.

• Java apps are not able to establish a connection to an HA cluster service instance if TLS is disabled.

Resolved Issue

This release fixes the following issue:

• The issue in the interaction between the MariaDB Connector/J and the Java API. This issue prevented TLS connection for Spring Cloud Services and all Spring apps that used the MariaDB Connector/J.

Feature

New feature and change in this release:

• Updates golang to v1.11.4 to address CVE-2018-16873

v2.5.2

Release Date: December 19, 2018

Known Issues

This release has the following issues:

• There is a known issue in the interaction between the MariaDB Connector/J and the Java API, which leads to the following limitations:
  • PCF deployments using the Spring Cloud Services tile or the Scheduler for PCF tile must have TLS disabled in the MySQL for PCF tile.
  • If the operator chooses to enable TLS, developers cannot use the MariaDB Connector/J in their Spring apps to connect to a MySQL service instance. Pivotal recommends developers configure their apps to use the MySQL Connector/J instead of the MariaDB Connector/J.

• Automatic backup does not work for HA clusters.

• If you set Plan 1 to Inactive in the MySQL for Pivotal Cloud Foundry tile, your installation fails when you apply changes. To fix this issue, ensure that Plan 1 is always configured.

• You cannot share MySQL for Pivotal Cloud Foundry service instances across orgs and spaces. If you run cf share-services, the command fails.

• Audit logs are stored on the syslog endpoint rather than on the persistent disk.

• Smoke test error messages do not explain the actual error and output the following message instead fork/exec /usr/local/bin/bosh: no such file or directory.

• An inaccurate generic message appears when you use cf update-service to migrate data between a highly available (HA) cluster plan and a plan of another topology.

• Automated backups using SCP silently fail. For workaround instructions, see MySQL SCP backups are failing when prompting for the SSH key passphrase in PCF in the Pivotal Support knowledge base.

Features

New features and changes in this release:

• Highly Available (HA) Cluster Service Plans
• All Bindings Use DNS
• Developers Can Monitor Service Instances
• Connections Secured with TLS by Default
• Improvements for Operators

Highly Available (HA) Cluster Service Plans

Warning: Highly available plans are currently in beta. HA clusters are for advanced use cases only.

MySQL for PCF now supports three deployment topologies. In addition to single node and leader-follower service plans, operators can offer an HA cluster service plan. For information about how to configure an HA cluster plan, see Configure Service Plans. For information about availability criteria for each topology, see Availability Options.

Features of HA clusters include:

• Multiple deployments of HA clusters can be provisioned on demand.
• Developers can view a dashboard to see the state of each node in an HA cluster. For more information, see Monitor Node Health Using the Dashboard.
• Connections to HA clusters are secured through TLS.
• Monitoring, diagnostics, and backups are performed from a jumpbox VM. For information about how to configure this VM, see Configure Service Plans.
  • The jumpbox VM runs a replication canary that continuously tests replication health of cluster nodes. For more information, see Replication Canary.
  • Operators can run diagnostics, such as disk usage, on an HA cluster by running mysql-diag on the jumpbox VM. For more information, see Running mysql-diag.
  • Like single node and leader-follower, configuring automatic backups is required. For information about how to configure automated backups, see Configure Backups. For instructions to perform a manual backup and restore, see Backing Up and Restoring On-Demand MySQL for PCF.

While in beta, the following limitations exist for HA clusters:

• Operators are required to impose a plan quota of five or fewer instances.
• Restoring from backups is a manual process. For more information, see Restore an HA Cluster Instance.
• HA clusters cannot integrate with Vormetric Transparent Encryption for PCF.

Highly available clusters are for advanced use cases only. In addition to higher infrastructure cost, HA clusters introduce some significant limitations that are different from running single node or leader-follower service plans. For more information, see High Availability Limitations.

Due to these limitations, Pivotal recommends that HA clusters are not shared between multiple users or apps. Service instance sharing is disabled for HA clusters. If necessary, you can still share HA clusters between multiple users or apps by creating user-provided service instances. For more information, see User-Provided Service Instances.

You should use HA clusters only when the availability criteria that leader-follower provides is not sufficient for your app.

All Bindings Use DNS

• All services bindings use DNS hostnames instead of IP addresses. This feature was introduced in MySQL for PCF v2.4.0, which enabled no-rebind failovers as well as future improvements and highly available (HA) clusters.

Developers Can Monitor Service Instances

• Developers can see metrics for their service instances using the Cloud Foundry Command Line Interface (cf CLI) Log Cache plugin. For more information about the cf CLI Log Cache plugin, see Cloud Foundry Command Line Interface (cf CLI) Log Cache plugin. For more information about metrics for MySQL for PCF, see Monitoring and KPIs.

Connections Secured with TLS by Default

• Connections to the database over TLS are enabled by default for each service instance. Developers no longer need to manually enable TLS. Operators can optionally disable TLS.

Improvements for Operators

• Operators can configure up to nine service plans in the tile.
• Operators can mark service plans as free or paid. This feature helps developers to be aware of costs associated with certain service plans.
• Operators can configure the default idle timeout for connections to a service instance. This prevents apps from overloading the database with unnecessary connections.

v2.5.1

Do not use.

v2.5.0

Do not use.

Compatibility

The following components are compatible with this release:

* MySQL for PCF v2.5.7 must use Xenial 170.111 and later.