PCF Ops Manager v2.0 Release Notes

Pivotal Cloud Foundry is certified by the Cloud Foundry Foundation for 2018.

Read more about the certified provider program and the requirements of providers.


How to Upgrade

The Upgrading Pivotal Cloud Foundry topic contains instructions for upgrading to Pivotal Cloud Foundry (PCF) Ops Manager v2.0.

Releases

2.0.26

  • [Security Fix]: Bumps stemcell to 3468.75 for periodic lower-severity security updates.
  • [Bug Fix]: Bumps Azure CPI to 35.4 to fix LockTimeoutError issues.
  • [Bug Fix]: Operators can change the Director Hostname without losing connection between BOSH Director and VMs.
  • [Bug Fix]: Operators can work around an expired SAML service provider cert by disabling and enabling SAML.
  • [Feature Improvement]: The expiring certificates endpoint (/api/v0/deployed/certificates) includes information about the SAML service provider cert.
  • [Feature Improvement]: Importing products that use the future Unified Syslog feature warns operators that product syslog features will not be active in this version of Ops Manager.

Ops Manager v2.0.26 uses the following component versions:

Component Version
Ops Managerbuild.375*
Stemcell3468.75*
BBR SDK1.2.1
BOSH Director264.17
BOSH DNS0.1.4
CredHub1.6.7
UAA52.10
AWS CPI69
Azure CPI35.4*
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated to resolve security vulnerabilities or fix component behavior.

2.0.25

  • [Security Fix]: Bumps stemcell to 3468.73 to address USN-3777-2.

Ops Manager v2.0.25 uses the following component versions:

Component Version
Ops Managerbuild.369*
Stemcell3468.73*
BBR SDK1.2.1
BOSH Director264.17
BOSH DNS0.1.4
CredHub1.6.7
UAA52.10
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated to resolve security vulnerabilities or fix component behavior.

2.0.24

  • [Feature Improvement]: Ops Manager now displays a useful error message when a file downloaded from PivNet is corrupt.
  • [Feature Improvement]: Ops Manager now displays a 500 error when it fails to import an installation.
  • [Bug Fix]: Ops Manager verifiers now work when Ops Manager is configured with a proxy.
  • [Bug Fix]: Ops Manager now sets the storage account type and Director ephemeral disk correctly on Azure deployments.

Ops Manager v2.0.24 uses the following component versions:

Component Version
Ops Managerbuild.365*
Stemcell3468.71*
BBR SDK1.2.1
BOSH Director264.17
BOSH DNS0.1.4
CredHub1.6.7
UAA52.10
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated to resolve security vulnerabilities or fix component behavior.

2.0.23

  • [Security Fix]: Bumps Stemcell to 3468.67

Ops Manager v2.0.23 uses the following component versions:

Component Version
Ops Managerbuild.348
Stemcell3468.67*
BBR SDK1.2.1
BOSH Director264.17*
BOSH DNS0.1.4
CredHub1.6.7
UAA52.10
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated to resolve security vulnerabilities or fix component behavior.

2.0.22

  • [Bug Fix]: Pivotal Network integrates successfully with Pivotal Application Service (PAS) tile and Small Footprint PAS.

Ops Manager v2.0.22 uses the following component versions:

Component Version
Ops Managerbuild.348
Stemcell3468.64
BBR SDK1.2.1
BOSH Director264.15
BOSH DNS0.1.4
CredHub1.6.7
UAA52.10
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated to resolve security vulnerabilities or fix component behavior.

2.0.21

  • [Security Fix] Bumps stemcell to 3468.64

Ops Manager v2.0.21 uses the following component versions:

Component Version
Ops Manager2.0-build.345
Stemcell3468.64*
BBR SDK1.2.1
BOSH Director264.15*
BOSH DNS0.1.4
CredHub1.6.7
UAA52.10
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.20

  • [Bug Fix]: External databases can now connect to Ops Manager using TLS.
  • [Bug Fix]: Certain VM image components no longer write to the persistent disk after reboot.

Ops Manager v2.0.20 uses the following component versions:

Component Version
Ops Manager
Stemcell3468.55*
BBR SDK1.2.1
BOSH Director264.15.0*
BOSH DNS0.1.4
CredHub1.6.7
UAA52.10
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.19

  • [Bug Fix]: Fixes an error reading Unknown CPI error 'Unknown' with message 'execution expired' in 'create_vm' CPI method for deployments on Azure.

Ops Manager v2.0.19 uses the following component versions:

Component Version
Ops Manager2.0-build.336
Stemcell3468.53*
BBR SDK1.2.1
BOSH Director264.11.0
BOSH DNS0.1.4
CredHub1.6.7
UAA52.10
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.18

  • [Bug Fix]: Fix critical manifest generation grammar issue introduced in v2.0.17.

Ops Manager v2.0.17 is no longer available.

Ops Manager v2.0.18 uses the following component versions:

Component Version
Ops Manager2.0-build.335
Stemcell3468.51
BBR SDK1.2.1
BOSH Director264.11.0
BOSH DNS0.1.4
CredHub1.6.7
UAA52.10*
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.17

WARNING: This release is no longer available for download. Upgrade to v2.0.18 instead. For more details, continue reading.

In Ops Manager v2.0.17, a bug caused PAS’s Diego cells to fail to trust all of the appropriate TLS certificates which were trusted previously.

The full impact of the bug has not yet been confirmed, but it is possible that it affects other tiles. Specifically, it affects tiles where the tile author used a multi-line string which contains multiple double-parenthesis expressions within the multi-line string inside the tile’s YAML definition file.

Tile authors often use multi-line strings containing multiple double-parenthesis expressions to construct certificate chains for their BOSH manifests. This bug causes these strings to render incorrectly in the manifests.

The following is an example of a portion of a tile’s YAML file which will be affected by this bug:

trusted_certs: |
((( /cf/diego-instance-identity-root-ca.certificate )))
(( $ops_manager.ca_certificate ))
(( $ops_manager.trusted_certificates ))

This version of Ops Manager is no longer available on Pivotal Network. Upgrade to v2.0.18 instead.

  • [Bug Fix]: You can now delete an unused AZ in an installation after clicking Apply Changes.
  • [Feature Improvement]: Installation Dashboard and deployment status pages may load more quickly.
  • [Security Fix]: Bumps Nokogiri to 1.8.4 to remediate CVE-2017-15412.

Ops Manager v2.0.17 uses the following component versions:

Component Version
Stemcell3468.51
BBR SDK1.2.1
BOSH Director264.11.0
BOSH DNS0.1.4
CredHub1.6.7
UAA52.10*
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.16

Ops Manager v2.0.16 uses the following component versions:

Component Version
Ops Manager2.0-build.329
Stemcell3468.51*
BBR SDK1.2.1
BOSH Director264.11.0*
BOSH DNS0.1.4*
CredHub1.6.7*
UAA52.9*
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.15

  • [Security] Remediates CVE-2018-11046.
  • [Bug Fix] You can now rotate SSL certificates without losing the connection between BOSH Director and VMs.
  • [Bug Fix] You can now delete the only AZ in an installation.
  • [Bug Fix] You can now delete the only network in an installation.

Ops Manager v2.0.15 uses the following component versions:

Component Version
Ops Manager2.0-build.320
Stemcell3468.46
BBR SDK1.2.1
BOSH Director264.10.0
BOSH DNS0.1.3
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0

2.0.14

  • [Security Fix] Bumps stemcell to 3468.46.
  • [Feature Improvement] Decrease upload time for large tiles and stemcells.
  • [Bug Fix] Helps alleviate Ruby’s susceptibility to high memory usage. May prevent the Ops Manager VM from running out of memory during a long VM lifecycle.
  • [Bug Fix] Ops Manager UI shows product job log download link only once per instance group rather than for all instances.
  • [Bug Fix] The Ops Manager API endpoint /api/v0/deployed/certificates now lists all RSA certificates.
  • [Bug Fix] Azure network and resource group matchers are case insensitive.
  • [Bug Fix] The Ops Manager API no longer has the service_network key.

Ops Manager v2.0.14 uses the following component versions:

Component Version
Ops Manager2.0-build.314
Stemcell3468.46*
BBR SDK1.2.1
BOSH Director264.10.0
BOSH DNS0.1.3
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0

2.0.13

  • [Feature] Makes Azure network and resource group matchers case-insensitive.
  • [Feature] Upgrades BOSH System Metrics Server Release to v0.0.17. PAS for Window 2012R2 now emits BOSH VM metrics.

  • [Bug Fix] Backports GET /api/v0/staged/director/networks to older releases.

Ops Manager v2.0.13 uses the following component versions:

Component Version
Ops Manager2.0-build.307
Stemcell3468.42*
BBR SDK1.2.1
BOSH Director264.10.0
BOSH DNS0.1.3
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0

2.0.12

  • [Security Fix] Bumps Stemcell to 3468.42
  • [Bug Fix] The credentials API endpoints for deployed products do not include secrets. For more information about these API endpoints, see Viewing available credentials and Fetching credentials in the Ops Manager API documentation.

Ops Manager v2.0.12 uses the following component versions:

Component Version
Ops Manager2.0-build.303
Stemcell3468.42*
BBR SDK1.2.1
BOSH Director264.10.0
BOSH DNS0.1.3
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.11

  • [Security Fix] Bumps Stemcell to 3468.30
  • [Feature] You are now able to fetch availability zones (AZs) from the Ops Manager API. For more information, see Fetching availability zones in the Ops Manager API documentation.

Ops Manager v2.0.11 uses the following component versions:

Component Version
Ops Manager2.0-build.279
Stemcell3468.30*
BBR SDK1.2.1
BOSH Director264.10.0
BOSH DNS0.1.3
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.10

  • [Security Fix] Bumps Stemcell to 3468.28.
  • [Feature] In the Director Config pane, you can now enter Excluded Recursors as a comma-separated list. This list specifies which IPs and ports you want to exclude from the DNS server. For more information, see Director Config Page.
  • [Bug Fix] Ops Manager sets a consistent entity ID in both SAML and non-SAML cases.

Ops Manager v2.0.10 uses the following component versions:

Component Version
Ops Manager2.0-build.276
Stemcell3468.28*
BBR SDK1.2.1
BOSH Director264.10.0
BOSH DNS0.1.3
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.9

  • [Feature] The BOSH CLI is now upgraded to v3 in Ops Manager. You can now split cloud config and other configurations into multiple files. This change allows you to manage and evolve configurations separately. For more information on configuration management in BOSH, see Configs in the BOSH documentation.
  • Bumps Rubygems to v2.6.14.

Ops Manager v2.0.9 uses the following component versions:

Component Version
Ops Manager2.0-build.269
Stemcell3468.27
BBR SDK1.2.1
BOSH Director264.10.0
BOSH DNS0.1.3
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.8

  • [Security Fix] Bumps stemcell to 3468.27.

Ops Manager v2.0.8 uses the following component versions:

Component Version
Ops Manager2.0-build.264
Stemcell3468.27*
BBR SDK1.2.1
BOSH Director264.10.0*
BOSH DNS0.1.3
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.7

  • [Bug Fix] Allows access to public AMI snapshots for Ops Manager KMS encryption. This feature was introduced in v2.0.4.

Ops Manager v2.0.7 uses the following component versions:

Component Version
Ops Manager2.0-build.263
Stemcell3468.25
BBR SDK1.2.1
BOSH Director264.9*
BOSH DNS0.1.3*
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.6

  • [Security Fix] Bumps stemcell to 3468.25.

Ops Manager v2.0.6 uses the following component versions:

Component Version
Ops Manager2.0-build.255
Stemcell3468.25*
BBR SDK1.2.1
BOSH Director264.8*
BOSH DNS0.1.0
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.5

  • [Security Fix] Bumps stemcell to 3468.21.
  • Increases connection timeout to accommodate large installation exports.

Ops Manager v2.0.5 uses the following component versions:

Component Version
Ops Manager2.0-build.249
Stemcell3468.21*
BBR SDK1.2.1
BOSH Director264.7
BOSH DNS0.1.0
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.4

  • [Feature] For an Ops Manager AWS configuration, operators can specify a custom Key Management Service (KMS) encryption key to encrypt all the Elastic Block Store (EBS) volumes in AWS. To specify a KMS Key, enable Encrypt EBS Volumes in the AWS Config pane and enter your key in the new Custom Encryption Key field. For more information, see Configuring Amazon EBS Encryption.
  • [Security Fix] Bumps stemcell to 3468.19.

Ops Manager v2.0.4 uses the following component versions:

Component Version
Ops Manager2.0-build.246
Stemcell3468.19*
BBR SDK1.2.1
BOSH Director264.7*
BOSH DNS0.1.0
CredHub1.6.5
UAA52.7
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.3

  • [Security Fix] Bumps stemcell to 3468.17.

Ops Manager v2.0.3 uses the following component versions:

Component Version
Ops Manager2.0-build.236
Stemcell3468.17*
BOSH Director264.6
BOSH DNS0.1.0*
CredHub1.6.5
UAA52.7*
AWS CPI69
Azure CPI35
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.2

  • The Default Security Group field on the Azure Config pane is now optional

Ops Manager v2.0.2 uses the following component versions:

Component Version
Ops Manager2.0-build.233
Stemcell3468.13
BOSH Director264.6
CredHub1.6.5
UAA52.4
AWS CPI69
Azure CPI35*
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.1

  • Operators can rotate the BOSH blobstore after a successful redeploy by editing the Access Key and Secret fields under S3 Compatible Blobstore in the Director Config section of the tile. Operators may want to rotate credentials because the old ones have been compromised or because their enterprise policy demands rotation after a specific time period.
  • On Azure, the Internet Connected checkboxes in the Resource Config section of the tile are now deselected by default. Pivotal recommends keeping these checkboxes deselected. For more information, see Step 8: Resource Config Page in Configuring Ops Manager Director on Azure.
  • [Security Fix] Bumps stemcell to 3468.13

Ops Manager v2.0.1 uses the following component versions:

Component Version
Ops Manager2.0-build.226
Stemcell3468.13
BOSH Director264.6
CredHub1.6.5
UAA52.4
AWS CPI69
Azure CPI34
GCP CPI25.10.0
OpenStack CPI35
vSphere CPI45.1.0
* Components marked with an asterisk have been updated.

2.0.0

Ops Manager v2.0.0 uses the following component versions:

Component Version
Ops Manager2.0-build.213
Stemcell3468.11
BOSH Director264.3
CredHub1.6.5
UAA52.4
AWS CPI67
Azure CPI29
GCP CPI25.10.0
OpenStack CPI34
vSphere CPI45
* Components marked with an asterisk have been updated.


New Features in Ops Manager v2.0

Role-Based Access Control

Ops Manager v2.0 introduces support for role-based access control (RBAC). You can assign the following roles to determine which operators in your organization make deployment changes, view credentials, and manage user roles in Ops Manager:

  • Ops Manager Administrator
  • Full Control
  • Restricted Control
  • Full View
  • Restricted View

See Configuring Role-Based Access Control (RBAC) in Ops Manager for more information.

Custom Director Login Banner

In Ops Manager v2.0, operators can set a custom banner that every user sees when they log in to the BOSH Director. To set the banner, edit the Custom SSH Banner field in the Director Config page of the Ops Manager tile.

For more information, see the Ops Manager Director installation topic for your IaaS.

Azure Stack Support (Beta)

Operators can deploy Ops Manager v2.0 to Microsoft Azure in their own local datacenter using Azure Stack. Azure Stack support is in beta for Ops Manager v2.0 and should not be used in production.

See Launching an Ops Manager Director Instance on Azure without an ARM Template for more information.

BOSH CLI Renamed

Similar to previous Ops Manager versions, the Ops Manager VM includes two versions of the BOSH CLI. In Ops Manager v2.0, both versions of the BOSH CLI have been renamed.

If you used BOSH CLI v2+ in earlier versions of Ops Manager, you ran commands using bosh2. In Ops Manager v2.0, run the same commands using bosh. For example, see the following table to compare the changes to the bosh vms command:

BOSH CLI Version PCF v1.12 PCF v2.0
BOSH CLI v1 bosh vms bosh-old vms
BOSH CLI v2+ bosh2 -e MY-ENV vms bosh -e MY-ENV vms

Many BOSH CLI v1 commands are incompatible with the BOSH Director. Pivotal recommends using BOSH CLI v2+ commands for compatibility with future versions of PCF.

BOSH NATS Traffic Uses TLS

The BOSH Director communicates with the agents in your deployment over NATS. For added security, Ops Manager v2.0 sends all NATS traffic using Transport Layer Security (TLS) encryption.

See Component: Messaging (NATS) for more information about NATS.

BOSH DNS Service Discovery (Beta) and Opt-Out Option

In PCF v2.0, application containers look up services using the BOSH DNS service discovery mechanism. To support this lookup, BOSH Director colocates a BOSH DNS server on every deployed VM.

Since the BOSH DNS feature is beta in PCF v2.0, Pivotal recommends that you deploy or upgrade your PCF v2.0 deployment first on a non-production environment.

You can opt out of deploying BOSH DNS servers on every VM by selecting the Disable BOSH DNS server for troubleshooting purposes option in Ops Manager. For more information on this configuration option, see the Director Config Page section of the Ops Manager Director installation topic for your IaaS.

For more information about disabling BOSH DNS, see Disabling or Opting Out of BOSH DNS in PCF in the Pivotal Knowledge Base.

BOSH System Metrics Server Colocated on BOSH Director

Ops Manager v2.0 colocates the new BOSH Metrics Server on the BOSH Director and includes a UAA client with the correct authorities and scopes. This colocation allows BOSH system metrics to flow into the Loggregator system by default.

For more information about this feature, see the BOSH System Metrics Forwarder section in the Overview of the Loggregator System topic and BOSH System Metrics Available in Loggregator Firehose in the PAS Release Notes.

VMware NSX-T Networking Support

Ops Manager v2.0 adds support for VMware NSX-T networking. NSX is a networking solution for VMware that provides a firewall, load balancing, and NAT/SNAT services for PCF. NSX-T is intended to work across multiple clouds and provide networking for container platforms. Previous versions of Ops Manager supported NSX-V.

When you upgrade from a previous version of Ops Manager with NSX networking enabled, Ops Manager defaults to NSX-V. The NSX-T integration is only for fresh installs of PCF. You can enable NSX-T networking by selecting NSX-T in the new NSX Mode dropdown menu of the vCenter Config pane.

See Configuring Ops Manager Director on vSphere for more information.

Operators can additionally use the NSX Manager to configure policies for PCF applications. See the NSX-T Container Plug-in for Kubernetes and Cloud Foundry - Installation and Administration Guide for more information.

Note: You must have NSX-T v2.1 installed to use this integration.

Note: The IPSec add-on is not supported with NSX-T.

Breaking Change: If you opt out of the BOSH DNS feature, your PCF deployment cannot support NSX-T networking.

Ops Manager Minimum Disk Size Warning

In Ops Manager v2.0, the web interface displays a warning banner if the Ops Manager appliance VM disk is less than 50 GB in size. If this warning appears, resize your Ops Manager VM disk to 50 GB or larger.

For more information, see the Ops Manager Director installation topic for your IaaS.

Configure Colocated Errands

Tile authors can configure the errands defined in their product tile to run on existing VMs in a deployment. Colocated errands run faster than traditional errands and use fewer resources, including disk and IP space.

For more information, see Tile Errands in the PCF Tile Developers Guide.

Configure Tiles with Runtime Configs

Tile authors can include runtime_configs as a top-level key in tile metadata to define global deployment configurations. Named runtime config settings apply to all VMs in a deployment.

Version v2.0 of Ops Manager supports defining any number of runtime_configs in an existing tile. Tile authors can also create a tile that includes a runtime config only and does not define any job types or errands.

For more information, see Managing Runtime Configs in the PCF Tile Developers Guide.

Named Manifests

Ops Manager v2.0 supports specifying and rendering named manifests in a collection property. For more information, see the named_manifest section of the Product Template Reference topic.

Bug Fixes

  • [Bug Fix] Ops Manager v2.0 fixes a bug where the UI showed a confusing name for a collection record starting with a certificate.
  • [Bug Fix] Ops Manager v2.0 fixes a bug where the stemcell hardening work unexpectedly blocked non-root access to ping Ops Manager, resulting in a verification error.
  • [Bug Fix] Ops Manager v2.0 fixes a bug where changes could not be applied until BOSH Director was deployed.
  • [Bug Fix] Ops Manager v2.0 fixes a bug where the dashboard took a long time to load.
  • [Bug Fix] Ops Manager v2.0 fixes a bug where BOSH Director failed to create certifications because the BOSH agent certification was created for the wrong network.
  • [Bug Fix] Ops Manager v2.0 fixes a bug where BOSH Director deleted stemcells when deploying or upgrading PCF. The issue occurs while Ops Manager prepares to upgrade, so it affects upgrades from v1.12 to v2.0.

Known Issues

DNS Server Hangs or DNS Lookups Fail

With BOSH DNS, every BOSH-deployed VM has a DNS server. In large PCF installations, this DNS server may hang or DNS lookups may fail when the VM experiences too many DNS lookups in a short amount of time.

This error is caused by a race condition and deadlock in the VM’s DNS server.

To fix this problem, run monit on the VM with failing DNS to restart its bosh-dns process.

AWS KMS Encryption Requires Manual Refresh

If you select Encrypt EBS Volumes in the AWS Config pane of your AWS BOSH Director tile, only future BOSH-deployed VMs are encrypted. To manually trigger current BOSH VMs to encrypt their persistent disks, ephemeral disks, and root separately, you must make the following changes:

For persistent disks In the Resource Config pane, bump the persistent disk of each job.
For ephemeral disks In the Director Config pane, enable Recreate all VMs for the next deployment.
For the root disk Stage new stemcells.

This known issue will not affect you if you enable Encrypt EBS Volumes on your first deploy.

For more information about the AWS KMS feature introduced in v2.0.4, see Configuring Amazon EBS Encryption.

Create a pull request or raise an issue on the source for this page in GitHub