Diego 0.1428.0

Version 0.1428.0 of Diego is recommended for use with CF v217.

Changes from 0.1412.0 to 0.1428.0

• garden-linux-release
  is no longer a submodule of diego-release, therefore is not bundled with
  Diego and needs to be uploaded to BOSH separately.
• Depends on garden-linux-release v0.303.0.

Breaking changes

• As a Diego operator, I can colocate all the diego-release jobs onto a single
  VM: This changes the
  default ports of some of the Diego components, meaning that they will no
  longer be reachable on the previous ports. Specifically, the default port for
  the receptor component changed from 8888 to 8887.
• Refactor error handling in the
  BBS: This changes how
  errors are serialized internally and may cause inter-component communication to
  fail unexpectedly during a deploy. No major outage is predicted
  for this change.
• As a Diego operator, I can run the static file-server and the cc-uploader
  server on separate VMs:
  This introduces a new component, cc-uploader, split out of the file-server.
  This change may cause staging failures during the deploy until the at least one of
  the cc-uploaders is up and running.
• Make BBS API consistently
  RPC-ful: This is a
  re-organization of the internal BBS API, changing every endpoint from a
  REST-like interface to a RPC-like interface. During the deploy, it will cause
  requests to fail, and may cause LRPs to lose routability temporarily.

Other significant changes

• Consul agents and servers communicate securely to the consul
  cluster
• DATs Java buildpack test should not specify the buildpack
  explicitly
• Update cflinuxfs2 stack to
  1.4.0+
• The BBS server handles calling the task completion callback
  URL
• Remove extra disk allocation for staging
  tasks
• Diego should provide the appropriate instance environment variables to its
  containers
• As a CF app developer, when staging an app on Diego fails, I would like to
  see a specific error type depending on the type of
  failure
• Fix instance env var
  names
• As a Diego operator, I can configure garden's allow_host_access flag
  through the manifest-generation
  templates
• Update cflinuxfs2 rootfs to
  1.5.0+
• clean up and integration test the Task
  BBS
• Clean up Task BBS code from
  runtime-schema
• Rename 'internal' packages to be compatible with Go 1.5 package
  conventions
• As a Diego operator, I want always to allow 'root' actions on the
  cells
• DiskMB limit should apply to total disk size for an instance with a docker
  rootfs
• Add test coverage for DesiredLRP event
  stream
• auctioneer should time out requests to cells
  correctly
• Executor GardenStore RemainingResources and TotalResources can now
  fail
• All Stager communication should happen directly with the
  BBS
• Only detect buildpack on java
  DAT
• Diego core components evacuate ActualLRPs through the BBS API
  server
• Diego core components create and update DesiredLRPs through the BBS API
  server
• Diego core components converge LRPs through the BBS API
  server
• Diego core components desire a task through the BBS API
  server
• Diego core components take a task through its lifecycle through the BBS API
  server
• Diego core components trigger task convergence through the BBS API
  server
• As a CF developer, I expect my app to have CC's global running environment
  variables in its environment when running on
  Diego
• The BBS server serializes different versions of Task data based on BOSH-deployed config
• As a CF user, I would like my cached docker images to start regardless of
  the IP addresses of the docker registry
  nodes
• All BBS serialization can be encoded based on BOSH-deployed config
• As a Diego operator or developer, I would like Diego to consume
  garden-linux-release

BOSH job changes

• Add cc_uploader job: contains cc-upload-brokering handlers formerly present in the file-server.
• Add rootfses job: unpackages the cflinuxfs2 rootfs.
• Remove garden-linux job.

BOSH property changes

• Move diego.file_server.cc.* to diego.cc_uploader.cc.*
  • This includes: diego.cc_uploader.cc.base_url,
    diego.cc_uploader.cc.basic_auth_password,
    diego.cc_uploader.cc.job_polling_interval_in_seconds,
    diego.cc_uploader.cc.staging_upload_user and
    diego.cc_uploader.cc.staging_upload_password.
  • Also keeps diego.file_server.log_level and diego.cc_uploader.log_level
    available.
• Add diego.cc_uploader.address: Address on which cc-uploader handles requests.
• Add diego.cc_uploader.debug_addr: Address for cc-uploader debug server.
• Add diego.cc_uploader.cc.external_port: CC Port for cc-uploader.
• Add diego.rep.evacuation_timeout_in_seconds: The time to wait for evacuation to complete in seconds.
• Add diego.bbs.serialization_format: Default format for BBS records.
• Add diego.converger.bbs.api_url: Address for the converger to contact the BBS server.
• Add diego.stager.bbs.api_url: Address for the stager to contact the BBS server.
• Add diego.stager.cc_uploader_url: Address for the stager to contact the cc-uploader.
• Add diego.stager.docker_registry_address: Address for stager to contact the caching docker registry.
• Remove diego.auctioneer.receptor_task_handler_url.
• Remove diego.converger.receptor_task_handler_url.
• Remove diego.rep.receptor_task_handler_url.
• Remove diego.stager.diego_api_url.
• Remove diego.executor.allow_privileged: Executor now always allows privileged actions (those running as 'root').
• Remove diego.garden-linux in favor of garden:
  • diego.garden-linux.listen_network => garden.listen_network
  • diego.garden-linux.listen_address => garden.listen_address
  • diego.garden-linux.allow_networks => garden.allow_networks
  • diego.garden-linux.insecure_docker_registry_list => garden.insecure_docker_registry_list
  • diego.garden-linux.mtu => garden.network_mtu
  • Add garden.deny_networks: List of CIDR blocks to which containers will be denied access.
  • A full list of the garden-linux-release properties can be found here

Diego 0.1427.1

Create final release 0.1427.1

Diego 0.1427.0

Create final release 0.1427.0

Diego 0.1426.0

Create final release 0.1426.0

Diego 0.1425.0

Create final release 0.1425.0

Diego 0.1424.1

Create final release 0.1424.1

Diego 0.1412.0

Version 0.1412.0 of Diego is recommended for use with CF v215.

Changes from 0.1398.0 to 0.1412.0

• Updates garden-linux-release from v0.282.0 to v0.292.0.

Known issues

• garden-linux-release v0.292.0 has a goroutine/memory leak associated to container creation. This leak was fixed in Garden story #100896804, which is included in v0.293.0 and later, and will be used by the Diego version to be recommended for use with CF v216. We recommend that operators of any long-term deployments of this version of Diego monitor the goroutine counts of the garden-linux processes and restart them safely if needed.

Breaking changes

• The BBS API server provides handlers for starting LRP auctions and stopping LRP instances: This changes the internal API endpoints on the auctioneer that handle requests for Task and LRP auctions. As long as the active auctioneer and converger processes are from the same release during a rolling update of a Diego cluster, units of work will eventually get assigned to cells. This configuration should happen naturally during a rolling update of a 2-AZ deployment with 1 brain VM per zone.

Other significant changes

• For instances based on preloaded rootfses, Diego should apply disk limits to and report disk usage from only that container's read/write layer
• As a CF developer, I expect my app to have CC's global staging environment variables in its environment when staging on Diego
• As a CF developer, I expect my app to have CC's global running environment variables in its environment when running on Diego
• As a Diego operator, when I run the DATs in no-internet mode, I expect to run the language-specific buildpack tests
• Document setup required to run SSH DATs in DATs README
• Diego core components take an instance ActualLRP through its lifecycle through the BBS API server
• Diego core components read tasks through the BBS API server
• Bump to cflinuxfs2 1.3.0

BOSH property changes

• Add diego.bbs.auctioneer.api_url: Address for BBS server to connect to the auctioneer.

Diego 0.1398.0

Version 0.1398.0 of Diego is recommended for use with CF v214.

Changes from 0.1353.0 to 0.1398.0:

This version of Diego pulls in over 2 months of major work on garden-linux. Major changes include the following:

• Port of wsh and wshd binaries from C to Go
• Garden-linux stores container layers in btrfs volumes
• Vastly improved support for user-namespaced containers
• StreamIn and StreamOut calls now require a user

The diego-release repository now also includes garden-linux-release as a submodule, as one small step towards integrating with it as a separate release.

Breaking changes:

• For Docker images run as CF apps, CC-Bridge launches processes as the user specified in the image
• DownloadAction and UploadAction both now require a user
• Add mutual SSL authentication for peer-to-peer communication in Diego's etcd cluster, enabled by default
• Receptor and BBS servers can be co-located on the same job
• Internal DNS domain changed from 'consul' to 'cf.internal'

Other significant changes:

• TPS exposes bulk status endpoint
• Manifest-generation templates include AWS instance type recommendations
• DATs errand can be run without the Docker tests
• Diego's etcd can run without persistent disk
• Improved documentation for running the SSH DATs
• Diego components read ActualLRPs through the BBS API server
• Diego components watch for ActualLRPs through the BBS API server
• Diego components read DesiredLRPs through the BBS API server
• Diego components watch for DesiredLRP changes through the BBS API
• Receptor client exposes enough HTTP configuration to allow a 'trace' mode
• Updated to latest Garden API and garden-linux backend
• Updated bundled CF CLI from 6.11.3 to 6.12.2
• Updated to latest cflinuxfs2 rootfs
• Updated to etcd v2.1.1
• Updated latest go-etcd client

BOSH property changes:

• Add diego.auctioneer.bbs.api_url: address for auctioneer to connect to BBS
• Add diego.garden-linux.mount_btrfs_loopback: whether to create a btrfs-formatted loop device for graph storage
• Add diego.garden-linux.btrfs_store_size_mb: size in MB of btrfs graph store
• Rename diego.receptor.nats.username to diego.receptor.nats.user
• Rename diego.route_emitter.nats.username to diego.route_emitter.nats.user