Date   

[SECURITY][HIGH] CVE-2016-0780 Cloud Controller Disk Quota Enforcement

Chip Childers <cchilders@...>
 

CVE-2016-0780 Cloud Controller Disk Quota EnforcementSeverity

*High*Vendor

*Cloud Foundry Foundation*Versions Affected

*cf-release v231 and lower*Description

*It was discovered that Cloud Foundry does not properly enforce disk quotas
in certain cases. An attacker could use an improper disk quota value to
bypass enforcement and consume all the disk on DEAs/Diego Cells causing a
potential denial of service for other applications.*Mitigation


* - Upgrade to cf-release v233 [1] (cf-release v232 is not recommended for
use)*Credit

*Fujitsu Limited*References

*[1] https://github.com/cloudfoundry/cf-release/releases/tag/v233
<https://github.com/cloudfoundry/cf-release/releases/tag/v233>*History2016-Mar-23:
Initial vulnerability report published


Re: How to deploy and bind mongodb service to nodejs application?

Amit Kumar Gupta
 

You need to register the mongo service with the marketplace. There are
further instructions in that README.

On Wed, Mar 23, 2016 at 12:13 AM, Vimal Mishra <shiva.lkm(a)gmail.com> wrote:

Hi Dies,

I have deployed cf on my local machine and trying to push my nodejs
application and bind mongodb services.I am using following cf version --

cf -v : cf version 6.16.1+924508c-2016-02-26

Stemcell info
-------------
Name: bosh-warden-boshlite-ubuntu-trusty-go_agent
Version: 3147

I have followed the following steps for cloud foundry deployment on local
machine :


1. Installed virtual box and vagrant.
2. wget -O spiff.zip
https://github.com/cloudfoundry-incubator/spiff/releases/download/v1.0.7/
<
https://github.com/cloudfoundry-incubator/spiff/releases/download/v1.0.7/spiff_linux_amd64.zip
3. unzip spiff.zip
4. export PATH=`pwd`:$PATH
5. git clone https://github.com/cloudfoundry/bosh-lite
6. git clone https://github.com/cloudfoundry/cf-release
7. export CF_RELEASE_DIR=`pwd`/cf-release
8. cd bosh-lite
9. bin/provision_cf
10. bin/add-routes

After these steps I am able to use cf login and create org and space.

Then I ran the command cf marketplace ,following message was displayed :

*Getting services from marketplace in org RelevanceLab / space RLCatalyst
as admin... OK No service offerings found*


So I have tried to deploy the services and followed instruction mentioned
on following link .

https://github.com/cloudfoundry-community/cf-services-contrib-release

1. bosh upload release
https://cf-contrib.s3.amazonaws.com/boshrelease-cf-services-contrib-6.tgz

2. git clone
https://github.com/cloudfoundry-community/cf-services-contrib-release.git
3. cd cf-services-contrib-release
4. git checkout v6
5. templates/make_manifest warden
6. bosh -n deploy


Then ran the command cf marketplace.It displays the same message " No
service offerings found".
Can you please confirm that process followed is correct or what could be
the problem or How can I deploy services and use?

That would be great help.

Thanks
Vimal Mishra


Issue with stacks related to removal of libmariadb

Danny Rosen
 

Hello,

Last week we completed changes to the rootfs that removed libmysqlclient in
favor of replacing it with libmariadb [1]. This change was released in
cf-released v233.

Unfortunately, applications that were previously staged (with stacks v1.45
or earlier) and which depend on the libmysqlclient libraries will fail to
to start when they cannot load the mysql
client library.

A workaround is to delete the application (in order to clear application
cache) and restage.

Stacks v1.47 will address this by packaging the libmysqlclient files. We
expect this will be in the next cf-release. Applications staged using
stacks 1.47.0 or later will link against libmariadb, as expected.


[1] - https://github.com/cloudfoundry/stacks/issues/30


Re: cf v231: Issue with new webdav blobstore job

Rich Wohlstadter
 

That would probably work. I'm wondering if the recursive is even neccessary. The nfs service didnt do that. Why would the webdav replacement? If it does indeed need to be done, then I'm thinking it should be done outside the monit startup or in a way that does not delay webdav from starting otherwise its going to be a continuing issue depending on customer blobstore sizes.

-Rich


Re: Proposal to Change CATs Ownership

Michael Fraenkel <michael.fraenkel@...>
 

Can you explain why CATs should live under CAPI?
CATs now represents acceptance test for all of the Cloud Foundry
function driven mainly via the CLI.
Tieing this to any one release seems a bit artificial.
CATs is about testing the aggregation of all the various releases not
just CAPI.

I am more surprised that it wasn't suggested to be its own release which
dictated the versions for all releases that had passed.

- Michael

On 3/22/16 3:05 AM, Utako Ueda wrote:
Hi all,

The CAPI team would like to take ownership of the CF acceptance tests
<https://github.com/cloudfoundry/cf-acceptance-tests/> and include
them as part of CAPI release
<http://github.com/cloudfoundry/capi-release>.

This solves several pain points we've experienced over the last few
months, mainly due to the strong coupling between CATs and the Cloud
Controller API.

Our plan is to submodule the CATs repo in to CAPI release, and bump
CATs on a successful run through the CAPI ci pipeline. At this point,
CAPI release will be bumped in cf-release develop, which other teams
will consume for their own testing purposes.

We hope to make these changes in the near future as we wrap up our
release extraction from cf-release. We'd like to know if any teams
have any concerns about this before we proceed, so do let us know as
soon as possible so we can address them.

Thanks,
Utako, CF CAPI Team


How to deploy and bind mongodb service to nodejs application?

Vimal Mishra
 

Hi Dies,

I have deployed cf on my local machine and trying to push my nodejs application and bind mongodb services.I am using following cf version --

cf -v : cf version 6.16.1+924508c-2016-02-26

Stemcell info
-------------
Name: bosh-warden-boshlite-ubuntu-trusty-go_agent
Version: 3147

I have followed the following steps for cloud foundry deployment on local
machine :


1. Installed virtual box and vagrant.
2. wget -O spiff.zip
https://github.com/cloudfoundry-incubator/spiff/releases/download/v1.0.7/
<https://github.com/cloudfoundry-incubator/spiff/releases/download/v1.0.7/spiff_linux_amd64.zip>
3. unzip spiff.zip
4. export PATH=`pwd`:$PATH
5. git clone https://github.com/cloudfoundry/bosh-lite
6. git clone https://github.com/cloudfoundry/cf-release
7. export CF_RELEASE_DIR=`pwd`/cf-release
8. cd bosh-lite
9. bin/provision_cf
10. bin/add-routes

After these steps I am able to use cf login and create org and space.

Then I ran the command cf marketplace ,following message was displayed :

*Getting services from marketplace in org RelevanceLab / space RLCatalyst
as admin... OK No service offerings found*


So I have tried to deploy the services and followed instruction mentioned
on following link .

https://github.com/cloudfoundry-community/cf-services-contrib-release

1. bosh upload release
https://cf-contrib.s3.amazonaws.com/boshrelease-cf-services-contrib-6.tgz

2. git clone
https://github.com/cloudfoundry-community/cf-services-contrib-release.git
3. cd cf-services-contrib-release
4. git checkout v6
5. templates/make_manifest warden
6. bosh -n deploy


Then ran the command cf marketplace.It displays the same message " No service offerings found".
Can you please confirm that process followed is correct or what could be
the problem or How can I deploy services and use?

That would be great help.

Thanks
Vimal Mishra


Re: Reg the upgrade from cf-205 to cf-231

Vik R <vagcom.ben@...>
 

Can you curl that endpoint. Have you added cert and private key for uaa?

Ben

On Tue, Mar 22, 2016 at 8:29 PM, Nithiyasri Gnanasekaran -X (ngnanase -
TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com> wrote:

Hi



Gentle reminder.. Sorry it’s a kind of blocking issue for us.





Regards

Nithiyasri



*From:* Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at
Cisco)
*Sent:* Tuesday, March 22, 2016 5:29 PM
*To:* 'Amit Gupta' <agupta(a)pivotal.io>
*Cc:* Gwenn Etourneau <getourneau(a)pivotal.io>; Discussions about Cloud
Foundry projects and the system overall. <cf-dev(a)lists.cloudfoundry.org>;
Jayarajan Ramapurath Kozhummal (jayark) <jayark(a)cisco.com>
*Subject:* RE: [cf-dev] Re: Reg the upgrade from cf-205 to cf-231



Hi Amit/Gwenn



We are getting the following error while doing cf push and unable to see
the logs..



Warning: error tailing logs

Error dialing loggregator server: local error: record overflow.

Please ask your Cloud Foundry Operator to check the platform configuration
(loggregator endpoint is wss://loggregator.testinceptionjk.cisco.com:80).

Starting app logconsumerms in org vms / space app as admin..



I googled and updated the loggegrator port from 80 to 4443. I observed a
different error and the endpoint begins with ws:. Previously it was wss:



Warning: error tailing logs

Error dialing loggregator server: unexpected EOF.

Please ask your Cloud Foundry Operator to check the platform configuration
(loggregator endpoint is ws://loggregator.testinceptionjk.cisco.com:4443).





Properties:



logger_endpoint:

port: 4443



The spiff generated manifest has zero instances of loggregator. The same
has been used by us.



Regards

Nithiyasri





*From:* Amit Gupta [mailto:agupta(a)pivotal.io <agupta(a)pivotal.io>]
*Sent:* Tuesday, March 22, 2016 2:16 AM
*To:* Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <
ngnanase(a)cisco.com>
*Cc:* Gwenn Etourneau <getourneau(a)pivotal.io>; Discussions about Cloud
Foundry projects and the system overall. <cf-dev(a)lists.cloudfoundry.org>;
Jayarajan Ramapurath Kozhummal (jayark) <jayark(a)cisco.com>

*Subject:* Re: [cf-dev] Re: Reg the upgrade from cf-205 to cf-231



Awesome!



On Mon, Mar 21, 2016 at 3:12 AM, Nithiyasri Gnanasekaran -X (ngnanase -
TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com> wrote:

Thank you Gwenn and Amit

The fix works.



Regards

Nitiyasri



*From:* Gwenn Etourneau [mailto:getourneau(a)pivotal.io]
*Sent:* Saturday, March 19, 2016 4:38 AM
*To:* Discussions about Cloud Foundry projects and the system overall. <
cf-dev(a)lists.cloudfoundry.org>
*Cc:* Amit Gupta <agupta(a)pivotal.io>; Nithiyasri Gnanasekaran -X
(ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com>
*Subject:* Re: [cf-dev] Re: Reg the upgrade from cf-205 to cf-231



Hi,



What is the value of uaa.require_https in your manifest ? By default is
true, try to put to false





Thanks



On Sat, Mar 19, 2016 at 6:05 AM, Jayarajan Ramapurath Kozhummal (jayark) <
jayark(a)cisco.com> wrote:

Hi Amit,



Thanks a lot for your support as always!



Please see the detailed logs you are looking for:-





root(a)testinceptionjk:/opt/cisco/vms-installer/tenant-testinceptionjk/cf-deploy#
cf login

API endpoint: https://api.testinceptionjk.cisco.com



REQUEST: [2016-03-18T16:30:28Z]

GET /v2/info HTTP/1.1

Host: api.testinceptionjk.cisco.com

Accept: application/json

Content-Type: application/json

User-Agent: go-cli 6.12.2-24abed3 / linux







RESPONSE: [2016-03-18T16:30:28Z]

HTTP/1.1 200 OK

Content-Length: 632

Content-Type: application/json;charset=utf-8

Date: Fri, 18 Mar 2016 16:30:28 GMT

Server: nginx

X-Content-Type-Options: nosniff

X-Vcap-Request-Id: 1cffe445-b169-426f-61fe-f421654bf997

X-Vcap-Request-Id:
a4da6848-66c7-4375-6509-3688b69232a2::fbaf3999-67d2-4fd4-b35e-c02c2af15281



{"name":"","build":"","support":"http://support.cloudfoundry.com
","version":0,"description":"","authorization_endpoint":"
http://uaa.testinceptionjk.cisco.com","token_endpoint":"
http://uaa.testinceptionjk.cisco.com
","min_cli_version":null,"min_recommended_cli_version":null,"api_version":"2.51.0","app_ssh_endpoint":"
ssh.testinceptionjk.cisco.com:2222
","app_ssh_host_key_fingerprint":null,"app_ssh_oauth_client":"ssh-proxy","routing_endpoint":"
https://api.testinceptionjk.cisco.com/routing","logging_endpoint":"wss://
loggregator.testinceptionjk.cisco.com:80
","doppler_logging_endpoint":"wss://doppler.testinceptionjk.cisco.com:4443
"}



REQUEST: [2016-03-18T16:30:28Z]

GET /login HTTP/1.1

Host: uaa.testinceptionjk.cisco.com

Accept: application/json

Content-Type: application/json

User-Agent: go-cli 6.12.2-24abed3 / linux







REQUEST: [2016-03-18T16:30:28Z]

GET /login HTTP/0.0

Host: uaa.testinceptionjk.cisco.com

Accept: application/json

Referer: http://uaa.testinceptionjk.cisco.com/login

User-Agent: go-cli 6.12.2-24abed3 / linux







RESPONSE: [2016-03-18T16:30:28Z]

HTTP/1.1 200 OK

Content-Length: 487

Cache-Control: no-cache, no-store, max-age=0, must-revalidate

Cache-Control: no-store

Content-Language: en-US

Content-Type: application/json;charset=UTF-8

Date: Fri, 18 Mar 2016 16:30:28 GMT

Expires: 0

Pragma: no-cache

Server: Apache-Coyote/1.1

Strict-Transport-Security: max-age=31536000 ; includeSubDomains

X-Content-Type-Options: nosniff

X-Frame-Options: DENY

X-Vcap-Request-Id: 7a845595-63f4-4c97-5397-52ffca0f2f4b

X-Xss-Protection: 1; mode=block



{"app":{"version":"3.1.0"},"links":{"uaa":"
http://uaa.testinceptionjk.cisco.com","passwd":"
https://console.testinceptionjk.cisco.com/password_resets/new","login":"
http://login.testinceptionjk.cisco.com","register":"
https://console.testinceptionjk.cisco.com/register
"},"zone_name":"uaa","entityID":"login.testinceptionjk.cisco.com
","commit_id":"9b5c13d","idpDefinitions":{},"prompts":{"username":["text","Email"],"password":["password","Password"]},"timestamp":"2016-02-05T14:27:13+0000"}



Email> admin



Password>

Authenticating...



REQUEST: [2016-03-18T16:30:35Z]

POST /oauth/token HTTP/1.1

Host: uaa.testinceptionjk.cisco.com

Accept: application/json

Authorization: [PRIVATE DATA HIDDEN]

Content-Type: application/x-www-form-urlencoded

User-Agent: go-cli 6.12.2-24abed3 / linux



grant_type=password&password=[PRIVATE DATA HIDDEN]&scope=&username=admin



RESPONSE: [2016-03-18T16:30:35Z]

HTTP/1.1 400 Bad Request

Content-Length: 1086

Content-Language: en

Content-Type: text/html;charset=utf-8

Date: Fri, 18 Mar 2016 16:30:35 GMT

Server: Apache-Coyote/1.1

X-Vcap-Request-Id: fbe5f151-ae1f-48fa-673d-f002dd3ab04f



<html><head><title>Apache Tomcat/7.0.61 - Error
report</title><style><!--H1
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
H2
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;}
H3
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;}
BODY
{font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;}
P
{font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A
{color : black;}A.name {color : black;}HR {color : #525D76;}--></style>
</head><body><h1>HTTP Status 400 - {&quot;error&quot;: &quot;request must
be over https&quot;}</h1><HR size="1" noshade="noshade"><p><b>type</b>
Status report</p><p><b>message</b> <u>{&quot;error&quot;: &quot;request
must be over https&quot;}</u></p><p><b>description</b> <u>The request sent
by the client was syntactically incorrect.</u></p><HR size="1"
noshade="noshade"><h3>Apache Tomcat/7.0.61</h3></body></html>

Server error, status code: 400, error code: , message:



Password>

Authenticating...



REQUEST: [2016-03-18T16:30:42Z]

POST /oauth/token HTTP/1.1

Host: uaa.testinceptionjk.cisco.com

Accept: application/json

Authorization: [PRIVATE DATA HIDDEN]

Content-Type: application/x-www-form-urlencoded

User-Agent: go-cli 6.12.2-24abed3 / linux



grant_type=password&password=[PRIVATE DATA HIDDEN]&scope=&username=admin



RESPONSE: [2016-03-18T16:30:42Z]

HTTP/1.1 400 Bad Request

Content-Length: 1086

Content-Language: en

Content-Type: text/html;charset=utf-8

Date: Fri, 18 Mar 2016 16:30:42 GMT

Server: Apache-Coyote/1.1

X-Vcap-Request-Id: bfa611f1-46bc-42de-4b81-37e40bab8fe7



<html><head><title>Apache Tomcat/7.0.61 - Error
report</title><style><!--H1
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
H2
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;}
H3
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;}
BODY
{font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;}
P
{font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A
{color : black;}A.name {color : black;}HR {color : #525D76;}--></style>
</head><body><h1>HTTP Status 400 - {&quot;error&quot;: &quot;request must
be over https&quot;}</h1><HR size="1" noshade="noshade"><p><b>type</b>
Status report</p><p><b>message</b> <u>{&quot;error&quot;: &quot;request
must be over https&quot;}</u></p><p><b>description</b> <u>The request sent
by the client was syntactically incorrect.</u></p><HR size="1"
noshade="noshade"><h3>Apache Tomcat/7.0.61</h3></body></html>

Server error, status code: 400, error code: , message:



Password>



Thanks

Jayaraj



*From: *Amit Gupta <agupta(a)pivotal.io>
*Date: *Friday, March 18, 2016 at 11:37 AM
*To: *"Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at
Cisco)" <ngnanase(a)cisco.com>
*Cc: *"Discussions about Cloud Foundry projects and the system overall." <
cf-dev(a)lists.cloudfoundry.org>, Jayarajan Ramapurath Kozhummal <
jayark(a)cisco.com>


*Subject: *Re: Reg the upgrade from cf-205 to cf-231



Can you do:



CF_TRACE=true cf login



so we can get more info about where that 400 response code is coming from.



Best,

Amit



On Fri, Mar 18, 2016 at 5:49 AM, Nithiyasri Gnanasekaran -X (ngnanase -
TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com> wrote:

Hi Amit



Bosh deployment has completed successfully. I could set the endpoint, but
I could not login to it with the credentials I have given in the
properties. Logs and properties below.



root(a)testdeploy:/deploy# cf login

API endpoint: https://api.testdeploy.cisco.com



Email> admin



Password>

Authenticating...

Server error, status code: 400, error code: , message:



Password>

Authenticating...

Server error, status code: 400, error code: , message:





PROPERTIES::



scim:

# external_groups: null

# groups: null

userids_enabled: true

users:

- admin|<%= $common_password
%>|scim.write,scim.read,openid,cloud_controller.admin,uaa.admin,password.write

- services|<%= $common_password
%>|scim.write,scim.read,openid,cloud_controller.admin

#spring_profiles: null



Regards

Nithiyasri



*From:* Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at
Cisco)
*Sent:* Friday, March 18, 2016 7:23 AM
*To:* 'Amit Gupta' <agupta(a)pivotal.io>
*Cc:* Discussions about Cloud Foundry projects and the system overall. <
cf-dev(a)lists.cloudfoundry.org>; Jayarajan Ramapurath Kozhummal (jayark) <
jayark(a)cisco.com>
*Subject:* RE: Reg the upgrade from cf-205 to cf-231



Hi Amit



Thanks for your quick reply. Pls let me know in which Vm , should I login
to see the compilation logs..



Previously when I did the upgrade, it dint compile the individual
packages. Logs below.

Kindly let me know why is it trying to compile individual package now.




---------------------------------------------------------------------------------------

Started preparing package compilation > Finding packages to compile. Done
(00:00:00)



Started preparing dns > Binding DNS. Done (00:00:00)







Regards

Nithiyasri



*From:* Amit Gupta [mailto:agupta(a)pivotal.io <agupta(a)pivotal.io>]
*Sent:* Friday, March 18, 2016 5:36 AM
*To:* Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <
ngnanase(a)cisco.com>
*Cc:* Discussions about Cloud Foundry projects and the system overall. <
cf-dev(a)lists.cloudfoundry.org>; Jayarajan Ramapurath Kozhummal (jayark) <
jayark(a)cisco.com>
*Subject:* Re: Reg the upgrade from cf-205 to cf-231



I'm not sure why it's taking >40 mins to compile some simple go binaries.
You may have network issues (compilation jobs taking a long time to
download dependencies from BOSH director blobstore, or upload compiled
resulting artifacts) or you may need more CPU on your compilation
machines. You can try to SSH into the compilation VMs while they're
running to see what they're doing over those 40 minutes.



On Thu, Mar 17, 2016 at 7:06 AM, Nithiyasri Gnanasekaran -X (ngnanase -
TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com> wrote:

Hi Amit



I was able to do an upgrade of deployment from cf-205 to cf-231 multiple
times.

But now, I am getting timeout errors while compiling buildpacks once in
rootfs or in buildpack_java or in nginx..

Could you pls help us resolve this error..



Following is the one:



Done compiling packages >
buildpack_java/d65c2d20fc067c9995c18d195e0ff117ea9202c0 (00:24:23)

Done compiling packages >
rtr/2d7de4f6fc25938c21c5be87174f95583feb14b5 (00:38:22)

Failed compiling packages >
rootfs_cflinuxfs2/ac0ba35f1106af81cb735eb56360c6cc924af83a: Timed out
waiting for Server `3c04cecc-1308-4da
f-8dc5-b9c1924004c3' to be active (00:41:23)

Failed compiling packages >
nginx/bf3af6163e13887aacd230bbbc5eff90213ac6af: Timed out waiting for
Server `fbbb8647-1415-46d9-92de-d030f 4164b6b'
to be active (00:43:31)







Failed compiling packages >
cli/b61b75716312df9f4f7c81a17f3a7de456efce71: Timed out waiting for Server
`223ec673-b66d-4362-8e27-0859805 2ebe5' to be
active (00:44:49)



Error 100: Timed out waiting for Server
`3c04cecc-1308-4daf-8dc5-b9c1924004c3' to be active





Regards

Nithiyasri









Failed to deploy diego 0.1452.0 on openstack: database_z2/0 is not running after update

Yunata, Ricky <rickyy@...>
 

Hi,

I'm currently deploying diego on my openstack environment, however I got an error when it was updating database_z2
Below is the error message from debug.log
<Bosh::Director::AgentJobNotRunning: `database_z2/0 (16c88d30-fe70-4d42-8307-34cc85521ca7)' is not running after update. Review logs for failed jobs: etcd>

My environment are:
Stemcell : Ubuntu-trusty Version 3192
CF Release : Version 230
Diego : Version 0.1452.0
Etcd : Version 38
Garden-linux : Version 0.334.0

I'm experiencing similar error as this, however the solution didn't work for me.
https://github.com/cloudfoundry-incubator/diego-release/issues/119

This is what I'm seeing on my error log

Monit summary
Process 'etcd' not monitored
Process 'bbs' running
Process 'consul_agent' running
Process 'metron_agent' running
System 'system_localhost' running

etcd_ctl.err.log
[2016-03-23 01:22:33+0000] + /var/vcap/packages/etcd/etcdctl -ca-file=/var/vcap/jobs/etcd/config/certs/server-ca.crt -cert-file=/var/vcap/jobs/etcd/config/certs/client.crt -key-file=/var/vcap/jobs/etcd/config/certs/client.key -C https://database-z2-0.etcd.service.cf.internal:4001 ls
[2016-03-23 01:22:33+0000] Error: cannot sync with the cluster using endpoints https://database-z2-0.etcd.service.cf.internal:4001

etcd.stderr.log
2016/03/23 00:56:52 etcdmain: couldn't find local name "database-z2-0" in the initial cluster configuration

consul_agent.stdout.log
2016/03/23 01:23:26 [WARN] agent: Check 'service:etcd' is now critical
2016/03/23 01:23:29 [WARN] agent: Check 'service:etcd' is now critical
2016/03/23 01:23:32 [WARN] agent: Check 'service:etcd' is now critical
2016/03/23 01:23:35 [WARN] agent: Check 'service:etcd' is now critical
2016/03/23 01:23:38 [WARN] agent: Check 'service:etcd' is now critical
2016/03/23 01:23:41 [WARN] agent: Check 'service:etcd' is now critical
2016/03/23 01:23:41 [WARN] dns: node 'database-z2-0' failing health check 'service:etcd: Service 'etcd' check', dropping from service 'etcd'
2016/03/23 01:23:41 [WARN] dns: node 'database-z2-0' failing health check 'service:etcd: Service 'etcd' check', dropping from service 'etcd'
2016/03/23 01:23:42 [WARN] dns: node 'database-z2-0' failing health check 'service:etcd: Service 'etcd' check', dropping from service 'etcd'
2016/03/23 01:23:42 [WARN] dns: node 'database-z2-0' failing health check 'service:etcd: Service 'etcd' check', dropping from service 'etcd'


This is when I run bosh instances --ps
+------------------------------------------------------------+---------+-----+------------------+--------------+
| Instance | State | AZ | VM Type | IPs |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| access_z1/0 (598f16db-60c2-4c13-bcec-85ae2a38102d)* | running | n/a | access_z1 | 192.168.3.44 |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| access_z2/0 (a83d049d-6c95-417e-84f4-9aced8a9136f)* | running | n/a | access_z2 | 192.168.4.56 |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| brain_z1/0 (a95c56bb-a84d-41b4-91b1-ade57c773dbe)* | running | n/a | brain_z1 | 192.168.3.40 |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| brain_z2/0 (eb386b16-c8e4-4c04-9582-20f4161f6e03)* | running | n/a | brain_z2 | 192.168.4.52 |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| cc_bridge_z1/0 (b9870145-26d7-4e59-9358-97c43db6a110)* | running | n/a | cc_bridge_z1 | 192.168.3.42 |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| cc_bridge_z2/0 (7477b06f-e501-4757-abda-8e29c7c15464)* | running | n/a | cc_bridge_z2 | 192.168.4.54 |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| cell_z1/0 (a6ef0a8c-52c0-4bd2-abfb-2fcf0101dd24)* | running | n/a | cell_z1 | 192.168.3.41 |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| cell_z2/0 (36f012e3-2013-44aa-9a92-18161d6854ad)* | running | n/a | cell_z2 | 192.168.4.53 |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| database_z1/0 (5428cca8-9832-42f4-9b3a-a822eb6d7e96)* | running | n/a | database_z1 | 192.168.3.39 |
| etcd | running | | | |
| bbs | running | | | |
| consul_agent | running | | | |
| metron_agent | running | | | |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| database_z2/0 (16c88d30-fe70-4d42-8307-34cc85521ca7)* | failing | n/a | database_z2 | 192.168.4.51 |
| etcd | unknown | | | |
| bbs | running | | | |
| consul_agent | running | | | |
| metron_agent | running | | | |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| database_z3/0 (c802162f-0681-479e-bb9c-98dac7d78941)* | running | n/a | database_z3 | 192.168.5.31 |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| route_emitter_z1/0 (f7f7a8f3-9784-4b99-b0a5-6efb4d193cf5)* | running | n/a | route_emitter_z1 | 192.168.3.43 |
+------------------------------------------------------------+---------+-----+------------------+--------------+
| route_emitter_z2/0 (7f4e7fb7-7986-432e-a2e3-b298d3070753)* | running | n/a | route_emitter_z2 | 192.168.4.55 |
+------------------------------------------------------------+---------+-----+------------------+--------------+

I tried to stop all running etcds on database_z1 and database_z2, then `rm -rf /var/vcap/store/etcd/*` on both of the VMs and monit start the etcd process again. It seems that only 1 etcd service can be run. If I monit start etcd on the database_z2 first before database_z1, database_z2 will be running, instead database_z1 will fail. But, if I do it on database_z1 first before database_z2, then database_z1 will be running and database_z2 will fail.

Anyone has an idea on how to solve this? Thanks

Regards
Ricky
Disclaimer

The information in this e-mail is confidential and may contain content that is subject to copyright and/or is commercial-in-confidence and is intended only for the use of the above named addressee. If you are not the intended recipient, you are hereby notified that dissemination, copying or use of the information is strictly prohibited. If you have received this e-mail in error, please telephone Fujitsu Australia Software Technology Pty Ltd on + 61 2 9452 9000 or by reply e-mail to the sender and delete the document and all copies thereof.


Whereas Fujitsu Australia Software Technology Pty Ltd would not knowingly transmit a virus within an email communication, it is the receiver’s responsibility to scan all communication and any files attached for computer viruses and other defects. Fujitsu Australia Software Technology Pty Ltd does not accept liability for any loss or damage (whether direct, indirect, consequential or economic) however caused, and whether by negligence or otherwise, which may result directly or indirectly from this communication or any files attached.


If you do not wish to receive commercial and/or marketing email messages from Fujitsu Australia Software Technology Pty Ltd, please email unsubscribe(a)fast.au.fujitsu.com


Re: Reg the upgrade from cf-205 to cf-231

Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM@Cisco) <ngnanase at cisco.com...>
 

Hi

Gentle reminder.. Sorry it’s a kind of blocking issue for us.


Regards
Nithiyasri

From: Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco)
Sent: Tuesday, March 22, 2016 5:29 PM
To: 'Amit Gupta' <agupta(a)pivotal.io>
Cc: Gwenn Etourneau <getourneau(a)pivotal.io>; Discussions about Cloud Foundry projects and the system overall. <cf-dev(a)lists.cloudfoundry.org>; Jayarajan Ramapurath Kozhummal (jayark) <jayark(a)cisco.com>
Subject: RE: [cf-dev] Re: Reg the upgrade from cf-205 to cf-231

Hi Amit/Gwenn

We are getting the following error while doing cf push and unable to see the logs..

Warning: error tailing logs
Error dialing loggregator server: local error: record overflow.
Please ask your Cloud Foundry Operator to check the platform configuration (loggregator endpoint is wss://loggregator.testinceptionjk.cisco.com:80).
Starting app logconsumerms in org vms / space app as admin..

I googled and updated the loggegrator port from 80 to 4443. I observed a different error and the endpoint begins with ws:. Previously it was wss:

Warning: error tailing logs
Error dialing loggregator server: unexpected EOF.
Please ask your Cloud Foundry Operator to check the platform configuration (loggregator endpoint is ws://loggregator.testinceptionjk.cisco.com:4443).


Properties:

logger_endpoint:
port: 4443

The spiff generated manifest has zero instances of loggregator. The same has been used by us.

Regards
Nithiyasri


From: Amit Gupta [mailto:agupta(a)pivotal.io]
Sent: Tuesday, March 22, 2016 2:16 AM
To: Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>>
Cc: Gwenn Etourneau <getourneau(a)pivotal.io<mailto:getourneau(a)pivotal.io>>; Discussions about Cloud Foundry projects and the system overall. <cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org>>; Jayarajan Ramapurath Kozhummal (jayark) <jayark(a)cisco.com<mailto:jayark(a)cisco.com>>
Subject: Re: [cf-dev] Re: Reg the upgrade from cf-205 to cf-231

Awesome!

On Mon, Mar 21, 2016 at 3:12 AM, Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>> wrote:
Thank you Gwenn and Amit
The fix works.

Regards
Nitiyasri

From: Gwenn Etourneau [mailto:getourneau(a)pivotal.io<mailto:getourneau(a)pivotal.io>]
Sent: Saturday, March 19, 2016 4:38 AM
To: Discussions about Cloud Foundry projects and the system overall. <cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org>>
Cc: Amit Gupta <agupta(a)pivotal.io<mailto:agupta(a)pivotal.io>>; Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>>
Subject: Re: [cf-dev] Re: Reg the upgrade from cf-205 to cf-231

Hi,

What is the value of uaa.require_https in your manifest ? By default is true, try to put to false


Thanks

On Sat, Mar 19, 2016 at 6:05 AM, Jayarajan Ramapurath Kozhummal (jayark) <jayark(a)cisco.com<mailto:jayark(a)cisco.com>> wrote:
Hi Amit,

Thanks a lot for your support as always!

Please see the detailed logs you are looking for:-


root(a)testinceptionjk:/opt/cisco/vms-installer/tenant-testinceptionjk/cf-deploy# cf login
API endpoint: https://api.testinceptionjk.cisco.com<https://api.testinceptionjk.cisco.com/>

REQUEST: [2016-03-18T16:30:28Z]
GET /v2/info HTTP/1.1
Host: api.testinceptionjk.cisco.com<http://api.testinceptionjk.cisco.com>
Accept: application/json
Content-Type: application/json
User-Agent: go-cli 6.12.2-24abed3 / linux



RESPONSE: [2016-03-18T16:30:28Z]
HTTP/1.1 200 OK
Content-Length: 632
Content-Type: application/json;charset=utf-8
Date: Fri, 18 Mar 2016 16:30:28 GMT
Server: nginx
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: 1cffe445-b169-426f-61fe-f421654bf997
X-Vcap-Request-Id: a4da6848-66c7-4375-6509-3688b69232a2::fbaf3999-67d2-4fd4-b35e-c02c2af15281

{"name":"","build":"","support":"http://support.cloudfoundry.com","version":0,"description":"","authorization_endpoint":"http://uaa.testinceptionjk.cisco.com","token_endpoint":"http://uaa.testinceptionjk.cisco.com","min_cli_version":null,"min_recommended_cli_version":null,"api_version":"2.51.0","app_ssh_endpoint":"ssh.testinceptionjk.cisco.com:2222<http://ssh.testinceptionjk.cisco.com:2222>","app_ssh_host_key_fingerprint":null,"app_ssh_oauth_client":"ssh-proxy","routing_endpoint":"https://api.testinceptionjk.cisco.com/routing","logging_endpoint":"wss://loggregator.testinceptionjk.cisco.com:80<http://loggregator.testinceptionjk.cisco.com:80>","doppler_logging_endpoint":"wss://doppler.testinceptionjk.cisco.com:4443<http://doppler.testinceptionjk.cisco.com:4443>"}

REQUEST: [2016-03-18T16:30:28Z]
GET /login HTTP/1.1
Host: uaa.testinceptionjk.cisco.com<http://uaa.testinceptionjk.cisco.com>
Accept: application/json
Content-Type: application/json
User-Agent: go-cli 6.12.2-24abed3 / linux



REQUEST: [2016-03-18T16:30:28Z]
GET /login HTTP/0.0
Host: uaa.testinceptionjk.cisco.com<http://uaa.testinceptionjk.cisco.com>
Accept: application/json
Referer: http://uaa.testinceptionjk.cisco.com/login
User-Agent: go-cli 6.12.2-24abed3 / linux



RESPONSE: [2016-03-18T16:30:28Z]
HTTP/1.1 200 OK
Content-Length: 487
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Cache-Control: no-store
Content-Language: en-US
Content-Type: application/json;charset=UTF-8
Date: Fri, 18 Mar 2016 16:30:28 GMT
Expires: 0
Pragma: no-cache
Server: Apache-Coyote/1.1
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Vcap-Request-Id: 7a845595-63f4-4c97-5397-52ffca0f2f4b
X-Xss-Protection: 1; mode=block

{"app":{"version":"3.1.0"},"links":{"uaa":"http://uaa.testinceptionjk.cisco.com","passwd":"https://console.testinceptionjk.cisco.com/password_resets/new","login":"http://login.testinceptionjk.cisco.com","register":"https://console.testinceptionjk.cisco.com/register"},"zone_name":"uaa","entityID":"login.testinceptionjk.cisco.com<http://login.testinceptionjk.cisco.com>","commit_id":"9b5c13d","idpDefinitions":{},"prompts":{"username":["text","Email"],"password":["password","Password"]},"timestamp":"2016-02-05T14:27:13+0000"}

Email> admin

Password>
Authenticating...

REQUEST: [2016-03-18T16:30:35Z]
POST /oauth/token HTTP/1.1
Host: uaa.testinceptionjk.cisco.com<http://uaa.testinceptionjk.cisco.com>
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
Content-Type: application/x-www-form-urlencoded
User-Agent: go-cli 6.12.2-24abed3 / linux

grant_type=password&password=[PRIVATE DATA HIDDEN]&scope=&username=admin

RESPONSE: [2016-03-18T16:30:35Z]
HTTP/1.1 400 Bad Request
Content-Length: 1086
Content-Language: en
Content-Type: text/html;charset=utf-8
Date: Fri, 18 Mar 2016 16:30:35 GMT
Server: Apache-Coyote/1.1
X-Vcap-Request-Id: fbe5f151-ae1f-48fa-673d-f002dd3ab04f

<html><head><title>Apache Tomcat/7.0.61 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 400 - {&quot;error&quot;: &quot;request must be over https&quot;}</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>{&quot;error&quot;: &quot;request must be over https&quot;}</u></p><p><b>description</b> <u>The request sent by the client was syntactically incorrect.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.61</h3></body></html>
Server error, status code: 400, error code: , message:

Password>
Authenticating...

REQUEST: [2016-03-18T16:30:42Z]
POST /oauth/token HTTP/1.1
Host: uaa.testinceptionjk.cisco.com<http://uaa.testinceptionjk.cisco.com>
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
Content-Type: application/x-www-form-urlencoded
User-Agent: go-cli 6.12.2-24abed3 / linux

grant_type=password&password=[PRIVATE DATA HIDDEN]&scope=&username=admin

RESPONSE: [2016-03-18T16:30:42Z]
HTTP/1.1 400 Bad Request
Content-Length: 1086
Content-Language: en
Content-Type: text/html;charset=utf-8
Date: Fri, 18 Mar 2016 16:30:42 GMT
Server: Apache-Coyote/1.1
X-Vcap-Request-Id: bfa611f1-46bc-42de-4b81-37e40bab8fe7

<html><head><title>Apache Tomcat/7.0.61 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 400 - {&quot;error&quot;: &quot;request must be over https&quot;}</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>{&quot;error&quot;: &quot;request must be over https&quot;}</u></p><p><b>description</b> <u>The request sent by the client was syntactically incorrect.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.61</h3></body></html>
Server error, status code: 400, error code: , message:

Password>

Thanks
Jayaraj

From: Amit Gupta <agupta(a)pivotal.io<mailto:agupta(a)pivotal.io>>
Date: Friday, March 18, 2016 at 11:37 AM
To: "Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco)" <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>>
Cc: "Discussions about Cloud Foundry projects and the system overall." <cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org>>, Jayarajan Ramapurath Kozhummal <jayark(a)cisco.com<mailto:jayark(a)cisco.com>>

Subject: Re: Reg the upgrade from cf-205 to cf-231

Can you do:

CF_TRACE=true cf login

so we can get more info about where that 400 response code is coming from.

Best,
Amit

On Fri, Mar 18, 2016 at 5:49 AM, Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>> wrote:
Hi Amit

Bosh deployment has completed successfully. I could set the endpoint, but I could not login to it with the credentials I have given in the properties. Logs and properties below.

root(a)testdeploy:/deploy# cf login
API endpoint: https://api.testdeploy.cisco.com

Email> admin

Password>
Authenticating...
Server error, status code: 400, error code: , message:

Password>
Authenticating...
Server error, status code: 400, error code: , message:


PROPERTIES::

scim:
# external_groups: null
# groups: null
userids_enabled: true
users:
- admin|<%= $common_password %>|scim.write,scim.read,openid,cloud_controller.admin,uaa.admin,password.write
- services|<%= $common_password %>|scim.write,scim.read,openid,cloud_controller.admin
#spring_profiles: null

Regards
Nithiyasri

From: Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco)
Sent: Friday, March 18, 2016 7:23 AM
To: 'Amit Gupta' <agupta(a)pivotal.io<mailto:agupta(a)pivotal.io>>
Cc: Discussions about Cloud Foundry projects and the system overall. <cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org>>; Jayarajan Ramapurath Kozhummal (jayark) <jayark(a)cisco.com<mailto:jayark(a)cisco.com>>
Subject: RE: Reg the upgrade from cf-205 to cf-231

Hi Amit

Thanks for your quick reply. Pls let me know in which Vm , should I login to see the compilation logs..

Previously when I did the upgrade, it dint compile the individual packages. Logs below.
Kindly let me know why is it trying to compile individual package now.

---------------------------------------------------------------------------------------
Started preparing package compilation > Finding packages to compile. Done (00:00:00)

Started preparing dns > Binding DNS. Done (00:00:00)



Regards
Nithiyasri

From: Amit Gupta [mailto:agupta(a)pivotal.io]
Sent: Friday, March 18, 2016 5:36 AM
To: Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>>
Cc: Discussions about Cloud Foundry projects and the system overall. <cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org>>; Jayarajan Ramapurath Kozhummal (jayark) <jayark(a)cisco.com<mailto:jayark(a)cisco.com>>
Subject: Re: Reg the upgrade from cf-205 to cf-231

I'm not sure why it's taking >40 mins to compile some simple go binaries. You may have network issues (compilation jobs taking a long time to download dependencies from BOSH director blobstore, or upload compiled resulting artifacts) or you may need more CPU on your compilation machines. You can try to SSH into the compilation VMs while they're running to see what they're doing over those 40 minutes.

On Thu, Mar 17, 2016 at 7:06 AM, Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>> wrote:
Hi Amit

I was able to do an upgrade of deployment from cf-205 to cf-231 multiple times.
But now, I am getting timeout errors while compiling buildpacks once in rootfs or in buildpack_java or in nginx..
Could you pls help us resolve this error..

Following is the one:

Done compiling packages > buildpack_java/d65c2d20fc067c9995c18d195e0ff117ea9202c0 (00:24:23)
Done compiling packages > rtr/2d7de4f6fc25938c21c5be87174f95583feb14b5 (00:38:22)
Failed compiling packages > rootfs_cflinuxfs2/ac0ba35f1106af81cb735eb56360c6cc924af83a: Timed out waiting for Server `3c04cecc-1308-4da f-8dc5-b9c1924004c3' to be active (00:41:23)
Failed compiling packages > nginx/bf3af6163e13887aacd230bbbc5eff90213ac6af: Timed out waiting for Server `fbbb8647-1415-46d9-92de-d030f 4164b6b' to be active (00:43:31)



Failed compiling packages > cli/b61b75716312df9f4f7c81a17f3a7de456efce71: Timed out waiting for Server `223ec673-b66d-4362-8e27-0859805 2ebe5' to be active (00:44:49)

Error 100: Timed out waiting for Server `3c04cecc-1308-4daf-8dc5-b9c1924004c3' to be active


Regards
Nithiyasri


they opted for aura kingdom gold

baizhou2324 <baizhou2324@...>
 

Meanwhile Interpol helps Vgolds to develop an globally human body to fight
unlawful gambling in football. The globally police agency said that
football's regulating human body sought Interpol's support at a session
previously recently and they opted for aura kingdom gold
<http://www.vgolds.com/ > develop an globally task energy.

"We know that unlawful activities gambling is frequently managed by
organized criminal activity categories willing to damaged gamers and
regulators as well as to use energy and risks to gather overdue debts," said
Interpol's associate common, Ronald Respectable.

An Interpol-led operation in 2008 focusing on unlawful gambling rings led to
more than 1,300 busts and the seizure of more nearly 10m.As the Vgolds
Globe prize came in Cpe City on Wednesday night, Danny Jordaan, the designer
of next summer's competitors, announced "the loss of life of doubt".
www.vgolds.com <http://www.vgolds.com/ >



--
View this message in context: http://cf-dev.70369.x6.nabble.com/they-opted-for-aura-kingdom-gold-tp4288.html
Sent from the CF Dev mailing list archive at Nabble.com.


Re: Connection refused - api.10.244.0.22.xip.io:443

Wayne Ha <wayne.h.ha@...>
 

Amit,

Thanks for your help. I tried api.bosh-lite.com and it works fine:

admin(a)CT-Test-v231:~$ ping -c 1 api.bosh-lite.com
PING api.bosh-lite.com (10.244.0.34) 56(84) bytes of data.
64 bytes from 10.244.0.34: icmp_seq=1 ttl=63 time=0.664 ms
--- api.bosh-lite.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.664/0.664/0.664/0.000 ms

Thanks,


CC BUILDPACK_SET App Usage Events

Nicholas Calugar
 

Hi CF-Dev,

We are continuing work on the Cloud Controller V3 API and had a question
about a particular App Usage Event we write as part of V2, the
BUILDPACK_SET event. The test[1] around this indicates that we write the
app usage event when staging completes and the app is still started. In V2,
apps, packages, and droplets are very tightly coupled, so writing this
event here makes sense.

In V3, apps, packages, and droplets are first class resources and we don't
stage apps, we stage packages to create droplets. Furthermore, staging with
a particular buildpack does not affect the app until the droplet is
assigned to the app as the current droplet and the current droplet can be
changed to any valid droplet for the app. Staging completion and the app
being started no longer seem to correlate to the buildpack being "set".

With the above differences, we are hoping to understand the use-case around
the BUILDPACK_SET event so we can correctly preserve the desired behavior
for V3. I'll likely have follow up questions, but the first thing I'd like
to know is what BUILDPACK_SET indicates to downstream billing engines.

Thanks,

-Nick

Nicholas Calugar
CAPI Product Manager
Pivotal Software, Inc.

[1]
https://github.com/cloudfoundry/cloud_controller_ng/blob/45b311f18d8ad1184dcb647081b19eca6f1eaf83/spec/unit/models/runtime/app_spec.rb#L1345-L1369


Re: Sourcey buildpack not working on Diego

Eric Malm <emalm@...>
 

Thanks for raising the issue here as well, Aaron, and I'm glad to see we
got a fix figured out for that buildpack. I've added a story (
https://www.pivotaltracker.com/story/show/116149519) to the Buildpacks
tracker to document more clearly what bits are captured from the
staging-task container into the droplet, so that other buildpack authors
have more definitive guidance on how to compile and arrange vendored
dependencies.

Best,
Eric

On Mon, Mar 21, 2016 at 2:08 PM, aaron_huber <aaron.m.huber(a)intel.com>
wrote:

I've got a few customers using the Sourcey buildpack along with
Perl/Mojolicious and we've found that it is non-functional when used on
Diego cells. It continues to work fine on DEA. Has anyone been successful
at deploying with this buildpack on Diego, or does anyone have any
suggestions on what might be different that's causing it to break?

I've posted on an issue in the buildpack repo but the developer could use
some help with documentation or some tips on what might be different.

https://github.com/oetiker/sourcey-buildpack/issues/1

Aaron Huber
Intel Corporation




--
View this message in context:
http://cf-dev.70369.x6.nabble.com/Sourcey-buildpack-not-working-on-Diego-tp4275.html
Sent from the CF Dev mailing list archive at Nabble.com.


Re: cf v231: Issue with new webdav blobstore job

Marco Nicosia
 

On Tue, Mar 22, 2016 at 2:07 PM, Rich Wohlstadter <lethwin(a)gmail.com> wrote:

Hi,

We recently upgraded to cf v231 and switched over from using nfs to the
new webdav nginx service. We have one environment where the blobstore is
very large. The monit startup script for the blobstore job includes a
recursive chown of the blobstore disk (chown -R vcap:vcap $RUN_DIR $LOG_DIR
$DATA) which depending on the speed of our storage can sometimes take a
long enough time for monit to have issues and try and start it again. The
first one will finish, but monit will try and start another one due to the
delay and logging will start showing errors binding to port 80 and monit
will eventually give up saying execution failed. Does that recursive chown
need to be there? I compared the blobstore job to the old debian nfs job
and the nfs job just did a chown on the toplevel /var/vcap/store/shared
directory. This is causing us issues in this environment whenever we need
to update/restart that vm.

We solved a similar problem in MySQL by doing that work in a pre-start
<https://bosh.io/docs/pre-start.html> script. Timeouts don't apply to pre-
and post-start phases, so you can do lengthy transformations there.

Would that be a reasonable solution for the WebDav transformation?

Unfortunately, those phases haven't got timeouts. The release author is
responsible for any failures which result in an infinite hang.

--
Marco Nicosia
Product Manager
Pivotal Software, Inc.



Rich


cf v231: Issue with new webdav blobstore job

Rich Wohlstadter
 

Hi,

We recently upgraded to cf v231 and switched over from using nfs to the new webdav nginx service. We have one environment where the blobstore is very large. The monit startup script for the blobstore job includes a recursive chown of the blobstore disk (chown -R vcap:vcap $RUN_DIR $LOG_DIR $DATA) which depending on the speed of our storage can sometimes take a long enough time for monit to have issues and try and start it again. The first one will finish, but monit will try and start another one due to the delay and logging will start showing errors binding to port 80 and monit will eventually give up saying execution failed. Does that recursive chown need to be there? I compared the blobstore job to the old debian nfs job and the nfs job just did a chown on the toplevel /var/vcap/store/shared directory. This is causing us issues in this environment whenever we need to update/restart that vm.

Rich


Re: Does Diego support memory swap?

Will Pragnell <wpragnell@...>
 

Hi Sam,

The thread you link from the archives discusses Warden exclusively, which
is the container engine used in the DEAs. Diego instead uses Garden-Linux
[1], which was originally a rewrite of Warden, but doesn't have identical
behaviour at this point.

I'm going to check in with some of the Garden-Linux engineers to figure out
a proper response to your query. Hopefully the above at least clears up
some of the confusion in the meantime.

Best,
Will

[1]: https://github.com/cloudfoundry-incubator/garden-linux

On 21 March 2016 at 12:50, Sam Dai <sam.dai(a)servicemax.com> wrote:

And after I ssh to app container using command "cf ssh app", then execute
command "cat /proc/meminfo", show the following information:
SwapTotal: 1048572 kB
SwapFree: 13180 kB
According to this information, memory swap works in diego, but where do I
configure the value of SwapTotal?


Re: Reg the upgrade from cf-205 to cf-231

Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM@Cisco) <ngnanase at cisco.com...>
 

Hi Amit/Gwenn

We are getting the following error while doing cf push and unable to see the logs..

Warning: error tailing logs
Error dialing loggregator server: local error: record overflow.
Please ask your Cloud Foundry Operator to check the platform configuration (loggregator endpoint is wss://loggregator.testinceptionjk.cisco.com:80).
Starting app logconsumerms in org vms / space app as admin..

I googled and updated the loggegrator port from 80 to 4443. I observed a different error and the endpoint begins with ws:. Previously it was wss:

Warning: error tailing logs
Error dialing loggregator server: unexpected EOF.
Please ask your Cloud Foundry Operator to check the platform configuration (loggregator endpoint is ws://loggregator.testinceptionjk.cisco.com:4443).


Properties:

logger_endpoint:
port: 4443

The spiff generated manifest has zero instances of loggregator. The same has been used by us.

Regards
Nithiyasri


From: Amit Gupta [mailto:agupta(a)pivotal.io]
Sent: Tuesday, March 22, 2016 2:16 AM
To: Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com>
Cc: Gwenn Etourneau <getourneau(a)pivotal.io>; Discussions about Cloud Foundry projects and the system overall. <cf-dev(a)lists.cloudfoundry.org>; Jayarajan Ramapurath Kozhummal (jayark) <jayark(a)cisco.com>
Subject: Re: [cf-dev] Re: Reg the upgrade from cf-205 to cf-231

Awesome!

On Mon, Mar 21, 2016 at 3:12 AM, Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>> wrote:
Thank you Gwenn and Amit
The fix works.

Regards
Nitiyasri

From: Gwenn Etourneau [mailto:getourneau(a)pivotal.io<mailto:getourneau(a)pivotal.io>]
Sent: Saturday, March 19, 2016 4:38 AM
To: Discussions about Cloud Foundry projects and the system overall. <cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org>>
Cc: Amit Gupta <agupta(a)pivotal.io<mailto:agupta(a)pivotal.io>>; Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>>
Subject: Re: [cf-dev] Re: Reg the upgrade from cf-205 to cf-231

Hi,

What is the value of uaa.require_https in your manifest ? By default is true, try to put to false


Thanks

On Sat, Mar 19, 2016 at 6:05 AM, Jayarajan Ramapurath Kozhummal (jayark) <jayark(a)cisco.com<mailto:jayark(a)cisco.com>> wrote:
Hi Amit,

Thanks a lot for your support as always!

Please see the detailed logs you are looking for:-


root(a)testinceptionjk:/opt/cisco/vms-installer/tenant-testinceptionjk/cf-deploy# cf login
API endpoint: https://api.testinceptionjk.cisco.com<https://api.testinceptionjk.cisco.com/>

REQUEST: [2016-03-18T16:30:28Z]
GET /v2/info HTTP/1.1
Host: api.testinceptionjk.cisco.com<http://api.testinceptionjk.cisco.com>
Accept: application/json
Content-Type: application/json
User-Agent: go-cli 6.12.2-24abed3 / linux



RESPONSE: [2016-03-18T16:30:28Z]
HTTP/1.1 200 OK
Content-Length: 632
Content-Type: application/json;charset=utf-8
Date: Fri, 18 Mar 2016 16:30:28 GMT
Server: nginx
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: 1cffe445-b169-426f-61fe-f421654bf997
X-Vcap-Request-Id: a4da6848-66c7-4375-6509-3688b69232a2::fbaf3999-67d2-4fd4-b35e-c02c2af15281

{"name":"","build":"","support":"http://support.cloudfoundry.com","version":0,"description":"","authorization_endpoint":"http://uaa.testinceptionjk.cisco.com","token_endpoint":"http://uaa.testinceptionjk.cisco.com","min_cli_version":null,"min_recommended_cli_version":null,"api_version":"2.51.0","app_ssh_endpoint":"ssh.testinceptionjk.cisco.com:2222<http://ssh.testinceptionjk.cisco.com:2222>","app_ssh_host_key_fingerprint":null,"app_ssh_oauth_client":"ssh-proxy","routing_endpoint":"https://api.testinceptionjk.cisco.com/routing","logging_endpoint":"wss://loggregator.testinceptionjk.cisco.com:80<http://loggregator.testinceptionjk.cisco.com:80>","doppler_logging_endpoint":"wss://doppler.testinceptionjk.cisco.com:4443<http://doppler.testinceptionjk.cisco.com:4443>"}

REQUEST: [2016-03-18T16:30:28Z]
GET /login HTTP/1.1
Host: uaa.testinceptionjk.cisco.com<http://uaa.testinceptionjk.cisco.com>
Accept: application/json
Content-Type: application/json
User-Agent: go-cli 6.12.2-24abed3 / linux



REQUEST: [2016-03-18T16:30:28Z]
GET /login HTTP/0.0
Host: uaa.testinceptionjk.cisco.com<http://uaa.testinceptionjk.cisco.com>
Accept: application/json
Referer: http://uaa.testinceptionjk.cisco.com/login
User-Agent: go-cli 6.12.2-24abed3 / linux



RESPONSE: [2016-03-18T16:30:28Z]
HTTP/1.1 200 OK
Content-Length: 487
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Cache-Control: no-store
Content-Language: en-US
Content-Type: application/json;charset=UTF-8
Date: Fri, 18 Mar 2016 16:30:28 GMT
Expires: 0
Pragma: no-cache
Server: Apache-Coyote/1.1
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Vcap-Request-Id: 7a845595-63f4-4c97-5397-52ffca0f2f4b
X-Xss-Protection: 1; mode=block

{"app":{"version":"3.1.0"},"links":{"uaa":"http://uaa.testinceptionjk.cisco.com","passwd":"https://console.testinceptionjk.cisco.com/password_resets/new","login":"http://login.testinceptionjk.cisco.com","register":"https://console.testinceptionjk.cisco.com/register"},"zone_name":"uaa","entityID":"login.testinceptionjk.cisco.com<http://login.testinceptionjk.cisco.com>","commit_id":"9b5c13d","idpDefinitions":{},"prompts":{"username":["text","Email"],"password":["password","Password"]},"timestamp":"2016-02-05T14:27:13+0000"}

Email> admin

Password>
Authenticating...

REQUEST: [2016-03-18T16:30:35Z]
POST /oauth/token HTTP/1.1
Host: uaa.testinceptionjk.cisco.com<http://uaa.testinceptionjk.cisco.com>
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
Content-Type: application/x-www-form-urlencoded
User-Agent: go-cli 6.12.2-24abed3 / linux

grant_type=password&password=[PRIVATE DATA HIDDEN]&scope=&username=admin

RESPONSE: [2016-03-18T16:30:35Z]
HTTP/1.1 400 Bad Request
Content-Length: 1086
Content-Language: en
Content-Type: text/html;charset=utf-8
Date: Fri, 18 Mar 2016 16:30:35 GMT
Server: Apache-Coyote/1.1
X-Vcap-Request-Id: fbe5f151-ae1f-48fa-673d-f002dd3ab04f

<html><head><title>Apache Tomcat/7.0.61 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 400 - {&quot;error&quot;: &quot;request must be over https&quot;}</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>{&quot;error&quot;: &quot;request must be over https&quot;}</u></p><p><b>description</b> <u>The request sent by the client was syntactically incorrect.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.61</h3></body></html>
Server error, status code: 400, error code: , message:

Password>
Authenticating...

REQUEST: [2016-03-18T16:30:42Z]
POST /oauth/token HTTP/1.1
Host: uaa.testinceptionjk.cisco.com<http://uaa.testinceptionjk.cisco.com>
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
Content-Type: application/x-www-form-urlencoded
User-Agent: go-cli 6.12.2-24abed3 / linux

grant_type=password&password=[PRIVATE DATA HIDDEN]&scope=&username=admin

RESPONSE: [2016-03-18T16:30:42Z]
HTTP/1.1 400 Bad Request
Content-Length: 1086
Content-Language: en
Content-Type: text/html;charset=utf-8
Date: Fri, 18 Mar 2016 16:30:42 GMT
Server: Apache-Coyote/1.1
X-Vcap-Request-Id: bfa611f1-46bc-42de-4b81-37e40bab8fe7

<html><head><title>Apache Tomcat/7.0.61 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 400 - {&quot;error&quot;: &quot;request must be over https&quot;}</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>{&quot;error&quot;: &quot;request must be over https&quot;}</u></p><p><b>description</b> <u>The request sent by the client was syntactically incorrect.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.61</h3></body></html>
Server error, status code: 400, error code: , message:

Password>

Thanks
Jayaraj

From: Amit Gupta <agupta(a)pivotal.io<mailto:agupta(a)pivotal.io>>
Date: Friday, March 18, 2016 at 11:37 AM
To: "Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco)" <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>>
Cc: "Discussions about Cloud Foundry projects and the system overall." <cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org>>, Jayarajan Ramapurath Kozhummal <jayark(a)cisco.com<mailto:jayark(a)cisco.com>>

Subject: Re: Reg the upgrade from cf-205 to cf-231

Can you do:

CF_TRACE=true cf login

so we can get more info about where that 400 response code is coming from.

Best,
Amit

On Fri, Mar 18, 2016 at 5:49 AM, Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>> wrote:
Hi Amit

Bosh deployment has completed successfully. I could set the endpoint, but I could not login to it with the credentials I have given in the properties. Logs and properties below.

root(a)testdeploy:/deploy# cf login
API endpoint: https://api.testdeploy.cisco.com

Email> admin

Password>
Authenticating...
Server error, status code: 400, error code: , message:

Password>
Authenticating...
Server error, status code: 400, error code: , message:


PROPERTIES::

scim:
# external_groups: null
# groups: null
userids_enabled: true
users:
- admin|<%= $common_password %>|scim.write,scim.read,openid,cloud_controller.admin,uaa.admin,password.write
- services|<%= $common_password %>|scim.write,scim.read,openid,cloud_controller.admin
#spring_profiles: null

Regards
Nithiyasri

From: Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco)
Sent: Friday, March 18, 2016 7:23 AM
To: 'Amit Gupta' <agupta(a)pivotal.io<mailto:agupta(a)pivotal.io>>
Cc: Discussions about Cloud Foundry projects and the system overall. <cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org>>; Jayarajan Ramapurath Kozhummal (jayark) <jayark(a)cisco.com<mailto:jayark(a)cisco.com>>
Subject: RE: Reg the upgrade from cf-205 to cf-231

Hi Amit

Thanks for your quick reply. Pls let me know in which Vm , should I login to see the compilation logs..

Previously when I did the upgrade, it dint compile the individual packages. Logs below.
Kindly let me know why is it trying to compile individual package now.

---------------------------------------------------------------------------------------
Started preparing package compilation > Finding packages to compile. Done (00:00:00)

Started preparing dns > Binding DNS. Done (00:00:00)



Regards
Nithiyasri

From: Amit Gupta [mailto:agupta(a)pivotal.io]
Sent: Friday, March 18, 2016 5:36 AM
To: Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>>
Cc: Discussions about Cloud Foundry projects and the system overall. <cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org>>; Jayarajan Ramapurath Kozhummal (jayark) <jayark(a)cisco.com<mailto:jayark(a)cisco.com>>
Subject: Re: Reg the upgrade from cf-205 to cf-231

I'm not sure why it's taking >40 mins to compile some simple go binaries. You may have network issues (compilation jobs taking a long time to download dependencies from BOSH director blobstore, or upload compiled resulting artifacts) or you may need more CPU on your compilation machines. You can try to SSH into the compilation VMs while they're running to see what they're doing over those 40 minutes.

On Thu, Mar 17, 2016 at 7:06 AM, Nithiyasri Gnanasekaran -X (ngnanase - TECH MAHINDRA LIM at Cisco) <ngnanase(a)cisco.com<mailto:ngnanase(a)cisco.com>> wrote:
Hi Amit

I was able to do an upgrade of deployment from cf-205 to cf-231 multiple times.
But now, I am getting timeout errors while compiling buildpacks once in rootfs or in buildpack_java or in nginx..
Could you pls help us resolve this error..

Following is the one:

Done compiling packages > buildpack_java/d65c2d20fc067c9995c18d195e0ff117ea9202c0 (00:24:23)
Done compiling packages > rtr/2d7de4f6fc25938c21c5be87174f95583feb14b5 (00:38:22)
Failed compiling packages > rootfs_cflinuxfs2/ac0ba35f1106af81cb735eb56360c6cc924af83a: Timed out waiting for Server `3c04cecc-1308-4da f-8dc5-b9c1924004c3' to be active (00:41:23)
Failed compiling packages > nginx/bf3af6163e13887aacd230bbbc5eff90213ac6af: Timed out waiting for Server `fbbb8647-1415-46d9-92de-d030f 4164b6b' to be active (00:43:31)



Failed compiling packages > cli/b61b75716312df9f4f7c81a17f3a7de456efce71: Timed out waiting for Server `223ec673-b66d-4362-8e27-0859805 2ebe5' to be active (00:44:49)

Error 100: Timed out waiting for Server `3c04cecc-1308-4daf-8dc5-b9c1924004c3' to be active


Regards
Nithiyasri


Re: NFS

Guillaume Berche
 

Great, thanks for the clarification Amit !

Guillaume.


Guillaume.

On Mon, Mar 21, 2016 at 5:08 PM, Amit Gupta <agupta(a)pivotal.io> wrote:

If you push a docker container via cf ((not directly to Diego API) it's
hard coded to run unprivileged.

Set this to true:


https://github.com/cloudfoundry-incubator/nsync/blob/master/recipebuilder/docker_recipe_builder.go#L134

Set the "url" for the Diego release in your manifest to
"file:///PATH-TO-DIEGO-REPO" and the version to "create", this will create,
upload, and use your local release next time you bosh deploy.

Cheers,
Amit

On Monday, March 21, 2016, Guillaume Berche <bercheg(a)gmail.com> wrote:

Hi Ted,

What's the procedure to enable privileged containers in a CF deployment ?
I could not yet find related properties in diego-release, or
garden-linux-release.

Do I understand correctly from [1] that applications pushed through
buildpack run in privileged containers by default and hence can use FUSE
clients, whereas docker-based CF apps run in non-priviledged containers [2]
?

Thanks in advance,

Guillaume.

[1]
https://github.com/cloudfoundry-incubator/nsync/blob/7902bea3fb2b028e05dfdcfd511b8368e14e460f/recipebuilder/buildpack_recipe_builder_test.go#L115
[2]
https://github.com/cloudfoundry-incubator/nsync/blob/5ea94c17eba4be1cd388f9fed57eaf6186932e34/recipebuilder/docker_recipe_builder_test.go#L151


Guillaume.

On Tue, Mar 15, 2016 at 10:29 PM, Ted Young <tyoung(a)pivotal.io> wrote:

Hi Raymond,

It is possible to use FUSE-based clients to connect to remote
filesystems, but only if your Cloud Foundry deployment has enabled
privileged containers.

We are currently working on adding volume management to Cloud Foundry.
NFS and other distributed filesystems will be available as services,
allowing access without the need for privileged containers or FUSE.

Thanks,
Ted

On Tue, Mar 15, 2016 at 1:21 PM, Raymond J Steele <
raymondsteele(a)gmail.com> wrote:

Can a cloud foundry application make us of Network Filesystem share? If
so, would this scale?

Thanks,

Raymond


Meet HTTP 500 when updating cf deployment

王小锋 <zzuwxf at gmail.com...>
 

According to Cloud Foundy 212 release notes, it changed job name of
loggregator to doppler, I tried to deploy with this change. But failed
with the following error:

Not sure how to fix this, your help is greatly appreciated!!

*HTTP 500: <html>*
*<head><title>500 Internal Server Error</title></head>*
*<body bgcolor="white">*
*<center><h1>500 Internal Server Error</h1></center>*
*<hr><center>nginx</center>*
*</body>*
*</html>*


Detail information:


ubuntu(a)ip-10-10-0-193:~/micro$ bosh deploy
Acting as user 'admin' on deployment 'cfv212' on 'microbosh'
Getting deployment properties from director...

Detecting deployment changes
----------------------------
Releases
No changes

Compilation
No changes

Update
No changes

Resource pools
No changes

Disk pools
No changes

Networks
No changes

Jobs
doppler_z1
+ instances: 1
+ name: doppler_z1
+ networks: [{"name"=>"cf1"}]
+ persistent_disk: 100240
properties
doppler
+ zone: z1
networks
+ apps: cf1
+ resource_pool: medium_z1
+ templates: [{"name"=>"doppler", "release"=>"cf"}]
+ update: {}
doppler_z2
+ instances: 1
+ name: doppler_z2
+ persistent_disk: 100240
+ networks: [{"name"=>"cf2"}]
properties
doppler
+ zone: z2
networks
+ apps: cf2
+ resource_pool: medium_z2
+ templates: [{"name"=>"doppler", "release"=>"cf"}]
+ update: {}

Properties
No changes

Meta
No changes

Please review all changes carefully

Deploying
---------
Are you sure you want to deploy? (type 'yes' to continue): yes
*HTTP 500: <html>*
*<head><title>500 Internal Server Error</title></head>*
*<body bgcolor="white">*
*<center><h1>500 Internal Server Error</h1></center>*
*<hr><center>nginx</center>*
*</body>*
*</html>*


Proposal to Change CATs Ownership

Utako Ueda
 

Hi all,

The CAPI team would like to take ownership of the CF acceptance tests and include them as part of CAPI release.

This solves several pain points we've experienced over the last few months, mainly due to the strong coupling between CATs and the Cloud Controller API.

Our plan is to submodule the CATs repo in to CAPI release, and bump CATs on a successful run through the CAPI ci pipeline. At this point, CAPI release will be bumped in cf-release develop, which other teams will consume for their own testing purposes.

We hope to make these changes in the near future as we wrap up our release extraction from cf-release. We'd like to know if any teams have any concerns about this before we proceed, so do let us know as soon as possible so we can address them.

Thanks,
Utako, CF CAPI Team

5121 - 5140 of 9422