Cloud Foundry Advisory Board Meeting, May 2016: CF Summit Is Coming Up!
Events
May’s Cloud Foundry Community Advisory Board (CAB) call featured upcoming events and several updates.
The Cloud Foundry Summit is just days away, set to run Monday through Wednesday, May 23–25, at the Santa Clara Convention Center, Santa Clara, CA.
The Cloud Foundry Foundation’s noted there is still time to register.
The summit will again be preceded by a CF Camp unconference on Sunday, May 22, starting at 4 p.m., with from Redis as host.
The summit will be followed by a special BOSH Day on Thursday, May 24. A separate $99 fee to attend covers food and drink. BOSH Day is intended for advanced users and project leaders within the Cloud Foundry community.
Stormy and others also discussed a new “Mega-Meetup” in India, set for Bangalore on Tuesday, June 7 and Pune, on Thursday, June 9. More than 500 people have already signed up.
Project updates
Loggregator ( , Pivotal)
- TCP/TLS transport feature complete, however high volume rolling upgrade testing is showing high message loss; under investigation.
- Tagged metric feature underway.
- Automated metric documentation auditing has shown gaps, starting efforts to improve.
- Tech debt cleanup.
CLI ( , Fujitsu)
- Shortened release cycle, releasing CF CLI 6.17.0, 6.17.1, and 6.18.0, exposing TCP routes, org quotas to control them, quotas for app instances, adding CLI colors on Windows, digitally signing of Windows installers and addressing a number of security vulnerabilities and community reported issues.
- Upcoming release may take a bit longer due to travelling for the CF Summit and vacations. Scheduled are alphabetically sorting of orgs and spaces displayed by “cf orgs,” “cf spaces,” and “cf login” and exposing of space quotas for TCP routes.
- Optimizations to CI pipelines giving us 3x faster test results, which should reduce delays to releasing when last-minute story rejections occur.
Routing ( , Pivotal)
- TCP Routing MVP announced.
- Adding attribute for reserved route ports to org and space quotas, to limit access to TCP route ports.
- Working to mitigate scenarios where routing table can become stale due to network partition or system component failure.
- Security improvements to run processes as users other than root wherever possible.
- Audit events exposed in CC API for binding/unbinding service instances to routes.
CAPI ( , Pivotal)
- Ready to run CF with cc-bridge components from CAPI and removed from Diego
- Added Security Event Logging—CEF formatted logs of all requests to Cloud Controller, off by default
- Wrapped up webdav client using CA cert bundle
- Improved SQL for /v2/events requests
- Added validation around domain / subdomain length per RFCs 1034 / 1035
- Audit logs no longer include parameters from service instances, service bindings, and service keys
- Updates to user-provided service syslog drain propagate to bindings
- Continued work on v3
Diego (Eric Malm, Pivotal)
- Removed CC-Bridge jobs from diego-release to finish transfer to CAPI
- Removed rootfses job from diego-release to finish transfer to Buildpacks
- Finishing manifest-generation scripts, documentation to deploy HA MySQL cluster for Diego, will then switch 250K-instance benchmark tests to run against it
- Have been working with Core Services to make MySQL proxy job optionally leader-elected via Consul
- Finishing up process for migration of BBS data from etcd to MySQL
- Also plan to support Postgres as a relational store for the BBS
- CI environment set up to integrate against garden-runc, CATs pass
- Have worked with the Toolsmiths team to implement import-path redirection service, will also build some code-rewriting tooling to help CF teams adopt it
Garden (Dr. Julz, IBM)
- Garden-runC now feature complete for CF
- Working with Diego team to validate performance at scale
- Will soon start work on improving security (e.g., seccomp, MAC)
Greenhouse/.NET ( , Pivotal)
- Updates to troubleshooting guide based on feedback from users
- Fixed some bugs and accepted some PRs
- Wrote a blog post detailing containerization technology on Windows
- Continuing in largely maintenance mode for now
Buildpacks / Stacks ( , Pivotal)
- New stacks and buildpacks out this week. See the Slack channel (#buildpacks) for more info.
- X-Team pair with Buildpacks IBM team on .NET core buildpack
- Rootfs / stack bosh release available
- Buildpack defaults being upgraded in Node and Ruby see issues for more detail.
UAA ( , Pivotal)
- UAA 3.3.0 released
- UAA 3.4.0 in progress
—This release is a major milestone for UAA and it adds support for Revocable Tokens, OpenID Connect Relying Party support and JWT Key Rotation
—Brand new REST API Docs for UAA, based on Spring REST Docs
—Identity Provider Discovery
—API documentation work continues
Abacus ( and , IBM)
- Working on solution for more scalable time series aggregation across shards
- Work on failed event management continues
- New pipeline running Abacus with CouchDB and MongoDB
- Various bug fixes from production deployments at IBM and SAP
Runtime OG (Michael Fraenkel, IBM)
- Wrapping up staging over http
- Multiple HM9000 API servers work again
- Consolidated some HM9000 services together
- Working on CC to HM9000 using internal endpoint
App Auto-Scaler
- Kick-off with IBM, SAP and Fujitsu
- Built a CI pipeline
- Making it easier for anyone to get started
- Working on a transition to SQL Schema
Flintstone / Bits-Service (Simon Moser, IBM)
- Finished implementing v3 and Diego support for BIts-Service
- Down to one pair for almost all of May
- Will onboard Peter Goetz (dojo-graduate from CAPI)
- Working on signed URLs for bits-service next
The next monthly call is scheduled for Wednesday June 8, at 8 a.m. Pacific Time.