Understanding Floating Stemcells

Page last updated:

This topic describes how floating stemcells work in Pivotal Cloud Foundry (PCF) v1.7 and later, and the consequences for upgrading product tiles in Ops Manager.

To increase the security of your deployment, all product tiles use floating stemcells by default. This enables tiles to automatically use the latest patched version of a stemcell.

Floating stemcells allow upgrade to the minor versions of stemcells but not the major versions. For example, a stemcell can float from 1234.56 to 1234.99 but not from 1234.991 to 1235.0.

When an operator upgrades a product tile, Ops Manager checks to see whether there is a new minor, or patch, version of the stemcell. If an minor stemcell is available from the current major line, Ops Manager installs the upgraded tile and all compatible product tiles in the deployment on the new stemcell. This ensures that PCF can quickly propagate a patched stemcell to all VMs in the deployment when a vulnerability is discovered.

Operators can now perform certain deployment-wide updates, such as CVEs, by uploading a new stemcell instead of uploading .pivotal files for each tile, which reduces the time spent waiting for files to upload. Operators can upload new stemcells using the Ops Manager API or through a product tile in the Ops Manager Installation Dashboard.

However, operators who want to upgrade a single product tile may face significantly longer wait times, depending on the number of tiles in the deployment and the availability of a new stemcell.

Create a pull request or raise an issue on the source for this page in GitHub