Skip to content
This repository has been archived by the owner on Feb 11, 2020. It is now read-only.

v0.23.0
Compare
Choose a tag to compare
@abbyachau abbyachau released this 26 Jan 23:01
· 432 commits to master since this release
v0.23.0
9a8fa7d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Pipeline Enhancements

Notes:

  • (all install-pcf pipelines) This release supports PCF 2.0. A few notes about this release:
    • PCF 2.0.x introduced functionality to support multiple certificates for HAProxy and GoRouter. This release currently only supports multi-cert functionality for vSphere, Azure, and OpenStack.
    • this release currently only supports using the internal MySQL database for CredHub. For AWS and GCP, in order to opt in to using CredHub you must manually configure the instance count to 2 in PAS --> Resource Config. For vSphere, Azure, and OpenStack you can configure the instance count directly in the params.yml using credhub_instances.
  • (all install-pcf pipelines) opsman_client_id and opsman_client_secret were added to the pipelines however note functionality has not been tested on install-pcf pipelines and will be removed in subsequent releases. Ensure both params are blank when deploying the pipelines story
  • (vSphere, Azure, OpenStack) new resources syslog_scheduler_instances and credhub_instances were added to the pipelines; and one resource param renamed: loggregator_trafficcontroller_instances

Install PCF Pipelines

  • (ALL) Renamed ssl cert params across all IAASs (see Param Changes below) in favour of networking_poe_ssl_certs story
  • (ALL) Adds a new param routing_custom_ca_certificates which is an optional param to configure GoRouter and HAProxy to trust additional CAs story
  • (ALL) Adds a new param routing_tls_termination to configure how PCF handles the X-Forwarded-Client-Cert header story
  • (ALL) Includes a new param credhub_encryption_keys to configure CredHub integration. Currently the pipelines only support use of the internal MySQL database story
  • (GCP) fix for TCP Firewall rule whereby there was a mismatch in naming tags for the Load Balancer and the forwarding rule story
  • (OpenStack) Updated our docker image for OpenStackClient to use pyOpenSSL==17.4.0 story

Param changes introduced in pcf-pipelines v23

Pipeline Param Notes
install-pcf networking_poe_ssl_certs AWS; replaces ERT_SSL_CERT
install-pcf networking_poe_ssl_certs Azure, GCP; replaces pcf_ert_ssl_cert
install-pcf networking_poe_ssl_certs OpenStack, vSphere; replaces ssl_cert
install-pcf credhub_encryption_keys ALL; new param
install-pcf routing_custom_ca_certificates ALL; new param
install-pcf routing_tls_termination ALL; new param
install-pcf credhub_instances vSphere, Azure, OpenStack; new resource param
install-pcf loggregator_trafficcontroller_instances vSphere, Azure, OpenStack; replaces loggregator_traffic_controller_instances
install-pcf syslog_scheduler_instances vSphere, Azure, OpenStack; new resource param`
Assets 2
Loading