We are upgrading our CF to remediate cve-2015-1328, with v204 of CF. We
have discovered that the vm's have incorrect resolve.conf settings,
normally they inherit the configured dns settings from the neutron subnet
dns settings by way (I believe) of a dhclient-entry-hook.

In /etc/network/interfaces, with the new stemcell, the eth0 device is
defined as being static, whereas on old stemcells it uses dhcp. This would
probably explain the dns issue, but my knowledge stops here.

What has changed with the stemcells that would prevent this from working.
Our previous stemcell was 2862.

We have updated bosh-agent to act generically on OpenStack and other
infrastructures. It allowed to add certain network configuration which were
not possible before like OpenStack without DHCP.

As a side effect it made certain networking configurations stricter. For
example in your case you should specify DNS in the deployment manifest in
the networks section since you are using `type: manual` network.

On Fri, Jun 19, 2015 at 9:14 AM, john mcteague <john.mcteague(a)gmail.com>
wrote:

We are upgrading our CF to remediate cve-2015-1328, with v204 of CF. We
have discovered that the vm's have incorrect resolve.conf settings,
normally they inherit the configured dns settings from the neutron subnet
dns settings by way (I believe) of a dhclient-entry-hook.

In /etc/network/interfaces, with the new stemcell, the eth0 device is
defined as being static, whereas on old stemcells it uses dhcp. This would
probably explain the dns issue, but my knowledge stops here.

What has changed with the stemcells that would prevent this from working.
Our previous stemcell was 2862.



_______________________________________________
cf-bosh mailing list
cf-bosh(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-bosh