Releases: cloudfoundry/routing-release
Releases · cloudfoundry/routing-release
0.134.0
- Many manifest properties have been changed for simplicity details
- BOSH no longer reports tcp_router job failing when routing table changes details
- Routing API support encrypted communication with etcd details
- Fixed bug: default for property uaa.tls_port was a string details
- haproxy on superman errors with tcp router and haproxy stats details
- Fixed permission issues with haproxy stats socket details
- Gorouter now uses cgo netdns instead of the golang DNS resolver details
- Improved error message logged when router group in manifest doesn't contain ports details
- Improved error message returned when running routing-acceptance-tests and routing-release (routing api) is not deployed details
- Gorouter metric
eventType:HttpStartStop
now includes fieldForwarded
for each value ofX-Forwarded-For
header details - Fix pruning debug statement to only log when actually pruning a route details
Manifest Property Changes
haproxy
0.133.0 | 0.134.0 |
---|---|
router.haproxy.request_timeout_in_seconds |
haproxy.request_timeout_in_seconds |
router.haproxy.health_check_port |
haproxy.health_check_port |
router_configurer
0.133.0 | 0.134.0 |
---|---|
router.router_configurer.debug_addr |
router_configurer.debug_addr |
router.router_configurer.log_level |
router_configurer.log_level |
router.router_configurer.tcp_config_file_template |
REMOVED |
router.router_configurer.tcp_config_file |
REMOVED |
router.router_configurer.tcp_stats_unix_socket |
router_configurer.tcp_stats_unix_socket |
router.router_configurer.tcp_stats_collection_interval |
router_configurer.tcp_stats_collection_interval |
router.router_configurer.routing_api_port |
REMOVED |
router.router_configurer.routing_api_auth_disabled |
routing_api.auth_disabled |
router.router_configurer.tcp_router_secret |
router_configurer.oauth_secret |
router.router_configurer.uaa_port |
REMOVED |
router.router_configurer.uaa_ssl_port |
uaa.tls_port |
router.router_configurer.skip_oauth_tls_verification |
skip_ssl_validation |
metron.port |
routing_api
0.133.0 | 0.134.0 |
---|---|
routing-api.max_ttl |
routing_api.max_ttl |
routing-api.port |
REMOVED |
routing-api.auth_disabled |
routing_api.auth_disabled |
routing-api.metrics_reporting_interval |
routing_api.metrics_reporting_interval |
routing-api.statsd_endpoint |
routing_api.statsd_endpoint |
routing-api.debug_address |
routing_api.debug_address |
routing-api.statsd_client_flush_interval |
routing_api.statsd_client_flush_interval |
routing-api.system_domain |
routing_api.system_domain |
routing-api.etcd_machines |
routing.etcd.servers |
routing.etcd.client_cert |
|
routing.etcd.client_key |
|
routing.etcd.ca_cert |
|
routing.etcd.require_ssl |
|
routing-api.skip_oauth_tls_verification |
skip_ssl_validation |
routing-api.uaa_ssl_port |
uaa.tls_port |
routing-api.log_level |
routing_api.log_level |
metron_endpoint.host |
REMOVED |
metron_endpoint.dropsonde_port |
REMOVED |
routing-api.router_groups |
routing_api.router_groups |
metron.port |
tcp_emitter
0.133.0 | 0.134.0 |
---|---|
router.tcp_emitter.debug_addr |
tcp_emitter.debug_addr |
router.tcp_emitter.log_level |
tcp_emitter.log_level |
router.tcp_emitter.bbs.api_location |
bbs.api_location |
router.tcp_emitter.bbs.ca_cert |
bbs.ca_cert |
router.tcp_emitter.bbs.client_cert |
tcp_emitter.bbs.client_cert |
router.tcp_emitter.bbs.client_key |
tcp_emitter.bbs.client_key |
router.tcp_emitter.bbs.require_ssl |
bbs.require_ssl |
router.tcp_emitter.routing_api_port |
REMOVED |
router.tcp_emitter.routing_api_auth_disabled |
routing_api.auth_disabled |
router.tcp_emitter.tcp_emitter_secret |
tcp_emitter.oauth_secret |
router.tcp_emitter.uaa_port |
REMOVED |
router.tcp_emitter.consul_cluster |
consul.servers |
router.tcp_emitter.lock_ttl |
tcp_emitter.lock_ttl |
router.tcp_emitter.lock_retry_interval |
tcp_emitter.lock_retry_interval |
router.tcp_emitter.session_name |
tcp_emitter.consul.session_name |
router.tcp_emitter.skip_oauth_tls_verification |
skip_ssl_validation |
router.tcp_emitter.uaa_ssl_port |
uaa.tls_port |
router.tcp_emitter.sync_interval |
tcp_emitter.sync_interval |
router.tcp_emitter.route_ttl |
tcp_emitter.route_ttl |
metron.port |
acceptance_tests
0.133.0 | 0.134.0 |
---|---|
acceptance_tests.api |
acceptance_tests.cloud_controller.api |
acceptance_tests.apps_domain |
acceptance_tests.cloud_controller.apps_domain |
acceptance_tests.admin_user |
acceptance_tests.cloud_controller.admin_user |
acceptance_tests.admin_password |
acceptance_tests.cloud_controller.admin_password |
acceptance_tests.skip_ssl_validation |
acceptance_tests.cloud_controller.skip_ssl_validation |
acceptance_tests.use_http |
acceptance_tests.cloud_controller.use_http |
acceptance_tests.tcp_emitter_secret |
tcp_emitter.oauth_secret |
acceptance_tests.skip_oauth_tls_verification |
skip_ssl_validation |
acceptance_tests.uaa_port |
uaa.tls_port |
gorouter
0.133.0 | 0.134.0 |
---|---|
router.skip_oauth_tls_verification |
REMOVED |
metron_endpoint.host |
REMOVED |
routing-api.port |
routing_api.port |
routing-api.auth_disabled |
routing_api.auth_disabled |
metron.port |
Dependencies
cf-release v236
diego-release 0.1468.0
cf CLI 6.17
0.133.0
Note: final release is in routing-release/releases/routing/routing-0.133.0.yml
. In subsequent releases this has been symlinked back to routing-release/releases
- Release renamed to routing-release details
- Some processes no longer run as root [details, more details]
- Unused logging properties have been removed details
- Gorouter source has been moved to this release and is symlinked into cf-release details
- Remove unused golang 1.4 package details
- TCP Routes are now pruned from TCP Router on a TTL when Routing API is unavailable, to prevent requests from being routed to the wrong backends details
- When registering routes with Routing API, a TTL can be optionally specified (defaults to 120s) details
- TCP Routes are now pruned from Routing API if client ceases to heartbeat route registration, to prevent requests from being routed to the wrong backends details
- TCP Router will only overwrite data received in periodic bulk fetches with buffered events if events are newer details
- Log level can be configured for routing api using a manifest property details
- Documented use of modification tags for router authors to reconcile data received from events and bulk fetch endpoints Additional Routing API docs details
Manifest Property Changes
0.126.0 | 0.133.0 |
---|---|
added | routing-api.log_level |
added | router.tcp_emitter.route_ttl |
acceptance_tests.bbs.api_location |
removed |
acceptance_tests.bbs.ca_cert |
removed |
acceptance_tests.bbs.client_cert |
removed |
acceptance_tests.bbs.client_key |
removed |
acceptance_tests.bbs.require_ssl |
removed |
Dependencies
cf-release v236
diego-release 0.1468.0
cf CLI 6.17
0.126.0
Golang has been updated to 1.5.4 to address vulnerabilities in 1.5.3
Dependencies
cf-release v236
diego-release 0.1468.0
cf CLI 6.17
0.123.0
This release delivers MVP support for TCP Routing when deployed alongside cf-release and diego-release.
- All components are now highly available and horizontally scalable epic
- TCP Router and TCP Emitter cache OAuth tokens from UAA to communication with Routing API; Routing API validates tokens locally and fetches verification key from UAA automatically epic
- All components communicate with UAA internally over TLS epic
- Operator can now configure the range of ports that Cloud Controller will use when developers create TCP routes details
Consolidating Routing components into this release
- Routing API is now deployed with this release, not with cf-release details
- cf-tcp-acceptance-tests repo renamed to cf-routing-acceptance-tests details
- Routing API acceptance tests moved to cf-routing-acceptance-tests details
Instrumentation and Monitoring (in progress)
- Additional metrics for Routing API are now emitted via firehose details
- golang process metrics for all components are now emitted via firehose details
CLI
- Routing API CLI is now a submodule of this release details
- New stable Routing API CLI supports skip-ssl-validation details
Misc
- Routing components have been upgraded to golang 1.5.3 details
- bosh-lite manifest generation is now consistent with cf-release details
- This release and cf-mysql-release can now both be deployed to boshlite without IP collision details
- Consul agent updated to use new internal hostname details
- Acceptance tests use CC API instead of Diego details
Dependencies
cf-release v236
diego-release 0.1468.0
cf CLI 6.17
Do not use
0.122.0 Create final release 0.122.0
0.121.0
- TCP Routers are now automatically updated by creating/updating/deleting LRPs via Diego. The routers fetch their configuration from Routing API; TCP emitter watches Diego and populates Routing API epic
- Routing components are highly available and horizontally scalable (in progress) epic
Misc
- Creating a tcp route requires a router group guid; if diego client specifies a router group guid with tcp route, tcp-emitter will send it to the routing api details
- Operator can now disable the requirement for authentication on the routing api; components will not attempt to contact uaa details
- When updating an LRP, requests are no longer routed to the backends removed from a route details
- routing API can be use to delete one or more tcp route mappings details
- When deleting an LRP with a tcp routes, backends are no longer accessible by the route details
0.118.0
- TCP Router and TCP Emitter now use Routing API from cf-release for dynamic configuration of TCP routing. tcp-routing-api has been eliminated.
- Known issue: This final release will fail to deploy if diego-release is configured with
properties.bbs.require_ssl: false
. The default value for that property in diego-release istrue
.