|
App placement in Diego
Josh Ghiloni
Hi All,
One of the features of Diego I heard about a while ago, when I first heard about Diego, was the ability to restrict an application’s placement to certain availability zones / cells / etc. I’ve been looking around for documentation on this — specifically, if it’s in Diego already and if not, a roadmap, but I’m coming up short. Can anyone here point me to some documentation on this feature? Our client is quite interested in it. Thanks! Josh Ghiloni Senior Consultant 303.932.2202 o | 303.590.5427 m | 303.565.2794 f jghiloni(a)ecsteam.com<mailto:jghiloni(a)ecsteam.com> ECS Team Technology Solutions Delivered ECSTeam.com<http://ECSTeam.com>
|
|
|
|
PHP Buildpack and email
Matt Curry
Since sendmail appears to be missing from the CF stemcell, how are people sending email from PHP apps?
Thanks, matt
|
|
|
|
Re: Log drain for an app
Daniel Mikusa
John,
Thanks again! I was able to get this working. Some notes below if anyone else is trying this out. I see three questions in your email, which I'll try to address in turn:1.) Modified the format of logging with my app. It needs to use this exact format. @cee: {"logsene-app-token": "<your-app-token>", "message": "<your-normal-message>"} The initial "@cee:" is important as it tells Logsene that the format will be JSON. Without that messages won't show up in the dashboard. 2.) Configure the app to log to STDOUT or STDERR. 3.) Create a user provided service for the log drain. Here's what I used. cf cups logsene-logs -l syslog://logsene-receiver-syslog.sematext.com:514 4.) Bind the log drain to my app and deploy the app to CF. I did this with a "services:" entry in the manifest.yml file, but you can also do it with the cf bind-service command. The only drawback is that this only lets me send logging from the app. As you mentioned, there's no way to control the format of the system logging, so messages from the router & dea don't show up in Logsene. Dan - *"Do multiple apps on CF send logs from the same IP address?"* –
|
|
|
|
Re: Deploying CloudFoundry on AWS - Too many machines are being created
Flávio Henrique Schuindt da Silva <flavio.schuindt at gmail.com...>
Hi, Sabha.
toggle quoted messageShow quoted text
I'm using cf-211 release and minimal_aws manifest. Em 17/06/2015 18:24, "Flávio Henrique Schuindt da Silva" < flavio.schuindt(a)gmail.com> escreveu:
Hummm, nice point, Cornelia. I agree with some statements in the text and
|
|
|
|
Re: CfSummit slides
Vanessa Heric <vheric@...>
Hi Cornelia,
toggle quoted messageShow quoted text
For the Cloud Foundry Summit, slides should be submitted to the Cloud Foundry Events team, events(a)cloudfoundry.org. Thank you, Vanessa
On Tue, Jun 16, 2015 at 4:36 PM, Cornelia Davis <cdavis(a)pivotal.io> wrote:
So sorry to ask a lame question, even after all of this discussion - what --
Vanessa Heric Event Services Manager The Linux Foundation 660 York Street, Suite 102 San Francisco, CA 94110 T: +1.760.522.6151 E: vheric(a)linuxfoundation.org W: linuxfoundation.org and events.linuxfoundation.org The Linux Foundation Event Experience : http://youtu.be/-WUeelICQ2U
|
|
|
|
Re: Deploying CloudFoundry on AWS - Too many machines are being created
Sabha
As the blog post explained, its possible at higher cost (due to bigger vms),
as well as scalability for different components... If you want to collocate some jobs to shrink the # of vms, you would need to modify the vm sizes (cpu/ram/disk) as well as lots of job related references (like nats or loggregator or others to avoid port/property conflicts). Its manual and error-prone process. What version of cf-release/manifest you are using/testing? -Sabha -- View this message in context: http://cf-dev.70369.x6.nabble.com/cf-dev-Deploying-CloudFoundry-on-AWS-Too-many-machines-are-being-created-tp467p472.html Sent from the CF Dev mailing list archive at Nabble.com.
|
|
|
|
Re: Deploying CloudFoundry on AWS - Too many machines are being created
Flávio Henrique Schuindt da Silva <flavio.schuindt at gmail.com...>
Hummm, nice point, Cornelia. I agree with some statements in the text and I
toggle quoted messageShow quoted text
think that in the final I will really use one vm per machine, but, for now, I would like to know if is just possible to do this consolidation in a easy way. How can I achieve ir? Thanks!! 2015-06-17 17:48 GMT-03:00 Flávio Henrique Schuindt da Silva < flavio.schuindt(a)gmail.com>:
There is no way to do this kind of thing only modifying some part oh this
|
|
|
|
Re: Deploying CloudFoundry on AWS - Too many machines are being created
Cornelia Davis <cdavis@...>
Warning - fewer machines does not necessarily mean lower cost:
toggle quoted messageShow quoted text
http://blog.pivotal.io/pivotal-cloud-foundry/features/does-a-reduction-in-the-number-of-vms-bring-benefits
On Wed, Jun 17, 2015 at 1:21 PM, Josh Ghiloni <jghiloni(a)ecsteam.com> wrote:
Look into using Terraform … they have a cf-aws-tiny release that only
|
|
|
|
Re: Deploying CloudFoundry on AWS - Too many machines are being created
Flávio Henrique Schuindt da Silva <flavio.schuindt at gmail.com...>
There is no way to do this kind of thing only modifying some part oh this
toggle quoted messageShow quoted text
official tutorial? Only using this Terraform? What should I do? Thanks! 2015-06-17 16:53 GMT-03:00 Flávio Henrique Schuindt da Silva < flavio.schuindt(a)gmail.com>:
I succesfully deployed CF on aws using this tutorial:
|
|
|
|
Re: Deploying CloudFoundry on AWS - Too many machines are being created
Josh Ghiloni
Look into using Terraform … they have a cf-aws-tiny release that only creates 4 or 5VMs (smaller than c3.large) plus DEAs.
toggle quoted messageShow quoted text
Josh Ghiloni Senior Consultant 303.932.2202 o | 303.590.5427 m | 303.565.2794 f jghiloni(a)ecsteam.com<mailto:jghiloni(a)ecsteam.com> ECS Team Technology Solutions Delivered ECSTeam.com<http://ECSTeam.com>
On Jun 17, 2015, at 13:53, Flávio Henrique Schuindt da Silva <flavio.schuindt(a)gmail.com<mailto:flavio.schuindt(a)gmail.com>> wrote:
I succesfully deployed CF on aws using this tutorial: http://docs.cloudfoundry.org/deploying/ec2/aws_steps.html But this tutorial is kind of expensive...It creates 13 machines (one for each cf component) and each one is c3.large! I would like to create maybe, let's say, 4 ~ 5 machines to have all CF components. Is it possible? Thanks in advance, guys! _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org> https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
|
|
|
|
Deploying CloudFoundry on AWS - Too many machines are being created
Flávio Henrique Schuindt da Silva <flavio.schuindt at gmail.com...>
I succesfully deployed CF on aws using this tutorial:
http://docs.cloudfoundry.org/deploying/ec2/aws_steps.html But this tutorial is kind of expensive...It creates 13 machines (one for each cf component) and each one is c3.large! I would like to create maybe, let's say, 4 ~ 5 machines to have all CF components. Is it possible? Thanks in advance, guys!
|
|
|
|
cf-acceptance-tests have moved in cf-release
Dan Wendorf
Hey everyone,
As of cf-release 212, we have moved the cf acceptance tests in cf release from "cf-release/src/acceptance-tests" to "cf-release/src/ github.com/cloudfoundry/cf-acceptance-tests". Prior to the move, it was necessary to symbolically link the CATs into your $GOPATH. Once you upgrade to 212, you will be able to run the tests simply by executing `bin/test` without any additional symlinks. Thanks, CF Runtime Team
|
|
|
|
Re: Need for machine-readable Application Interface
Deepak Vij
Hi Zak and Joseph, thanks for your response. Would this capability be available only for Cloud Controller API or for rest of the platform API set as well? Also, would the same capability be available for end application developers (PaaS developers) so that the same application interface metadata is generated across the board within CF PaaS environment - that was my key goal for this discussion (something like JSON Schema for Heroku).
As I mentioned earlier that having a standardized application interface such as WADL/JSON/Swagger/RAML allows us to enforce Deployment Governance at the time of deploying applications within Cloud Foundry. In order to be able to expose business capabilities such as Telecom APIs, Deployment Governance (i.e. API Versioning & Backward Compatibility, Dependency Management, and other API Policy Validations etc.) is very important requirement not just for telecom industry but for any industry planning to monetize their APIs created within CF PaaS environment. Thanks. Regards, Deepak Vij ---------------------------------------------------------------------- Message: 1 Date: Tue, 16 Jun 2015 15:04:53 -0700 From: CF Runtime <cfruntime(a)gmail.com> To: "Discussions about Cloud Foundry projects and the system overall." <cf-dev(a)lists.cloudfoundry.org> Subject: Re: [cf-dev] Need for machine-readable ?Application Interface? Message-ID: <CAOb01c9s=qAG66YJ+vdh8g8R4=HU_BX3ee1_5msNPNt1QuNBQg(a)mail.gmail.com> Content-Type: text/plain; charset="utf-8" It is something we are thinking about for the V3 cloud controller API, but no formal decisions have been made at this point. So feedback and suggestions are certainly welcome. Zak and Joseph CF Runtime Team On Tue, Jun 16, 2015 at 2:51 PM, Deepak Vij (A) <deepak.vij(a)huawei.com> wrote: Hi folks, I would like to start a thread on the need for
|
|
|
|
cve-2015-1328 overlayfs vulnerability in ubuntu trusty stemcell
James Bayer
CVE-2015-1328Severity:
High Vendor: Canonical Ubuntu Versions Affected: Canonical Ubuntu 14.04 LTS with 3.16 kernel Description: Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system. Affected Pivotal Products and Versions: - Any BOSH deployments (including Cloud Foundry) with Ubuntu Trusty BOSH stemcell prior to version 2989 Mitigation: - The Cloud Foundry project recommends upgrading to BOSH Ubuntu Trusty stemcell version 2989 or later for all BOSH deployments. The 2989 stemcell has been certified with cf-release v211. Credit: Philip Pettersson References: Canonical: http://www.ubuntu.com/usn/usn-2646-1/ Other: BOSH Stemcells <https://bosh.io/stemcells> Cloud Foundry Release <https://github.com/cloudfoundry/cf-release> Exploit details <http://seclists.org/oss-sec/2015/q2/717> -- Thank you, James Bayer
|
|
|
|
Re: CF CLI authentication issue
Benjamin Black
Stephan,
That's a lot of skew for ntp synchronized systems. I would expect them to differ by less than a second. The problem you are having could be a result. b On Wed, Jun 17, 2015 at 8:51 AM, Klevenz, Stephan <stephan.klevenz(a)sap.com> wrote: Hi Benjamin,
|
|
|
|
Re: CF CLI authentication issue
Klevenz, Stephan <stephan.klevenz@...>
Hi Benjamin,
toggle quoted messageShow quoted text
Sytems are synchronized by ntp. However, time of different machines differs by a few seconds (5-20s). I am not sure how accurate ntp time sync can be or should be. Could that cause the issue? Regards, Stephan Von: Benjamin Black Antworten an: "Discussions about Cloud Foundry projects and the system overall." Datum: Dienstag, 16. Juni 2015 18:04 An: "Discussions about Cloud Foundry projects and the system overall." Betreff: Re: [cf-dev] CF CLI authentication issue Stephan, Have you verified the clocks are in sync, perhaps using ntp, across all the systems involved? b
On Tue, Jun 16, 2015 at 8:42 AM, Klevenz, Stephan <stephan.klevenz(a)sap.com<mailto:stephan.klevenz(a)sap.com>> wrote:
Hi, I am having a strange issue with the cf cli. Sometimes am doing a cf login and then a cf push immediately as a next step. Then push fails and reports "Authentication has expired. Please log back in to re-authenticate." The behavior is completely random. Automized app deployment triggered by CI jobs do fail very often. I did an analysis of UAA logs and found the entries below. UAA means that the password of user has changed because of last modified date of user doesn't fit to issue date of token. Actually the user credentials are not changed. At least not by purpose. The CF version is 198. Do you have any hints what could cause this issue? Any reply is welcome. Regards, Stephan [2015-06-16 13:00:52.885] uaa - 59331 [http-bio-8080-exec-1] .... DEBUG --- UaaTokenServices: User was last modified at 2015-06-16 12:58:52.302 refresh token was issued at Tue Jun 16 12:58:03 UTC 2015 [2015-06-16 13:00:52.885] uaa - 59331 [http-bio-8080-exec-1] .... DEBUG --- ExceptionHandlerExceptionResolver: Resolving exception from handler [public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken(java.security.Principal,java.util.Map<java.lang.String, java.lang.String>)]: error="invalid_token", error_description="Invalid refresh token (password changed): eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiIyZjlhNGU2Ny0yYjY2LTQwMTItYjk1NC1jODg3OTMxN2I5ZDkiLCJzdWIiOiJlNDMwNzY1NS1lMTc2LTQ5Y2YtOGI5Mi04YjUxYWQ5ZTVmZDUiLCJzY29wZSI6WyJzY2ltLnVzZXJpZHMiLCJjbG91ZF9jb250cm9sbGVyLndyaXRlIiwicGFzc3dvcmQud3JpdGUiLCJvcGVuaWQiLCJjbG91ZF9jb250cm9sbGVyLnJlYWQiXSwiaWF0IjoxNDM0NDU5NDgzLCJleHAiOjE0MzcwNTE0ODMsImNpZCI6ImNmIiwiaXNzIjoiaHR0cHM6Ly91YWEuY2YubmVvLm9uZGVtYW5kLmNvbS9vYXV0aC90b2tlbiIsImdyYW50X3R5cGUiOiJwYXNzd29yZCIsInVzZXJfbmFtZSI6IlAxNDQ1NTM4MTkyIiwidXNlcl9pZCI6ImU0MzA3NjU1LWUxNzYtNDljZi04YjkyLThiNTFhZDllNWZkNSIsImF1ZCI6WyJjZiIsInNjaW0iLCJjbG91ZF9jb250cm9sbGVyIiwicGFzc3dvcmQiLCJvcGVuaWQiXX0.sYmE3J5_IjYPRTnLYFT9dJ2p7nDR1WDMhvT95Anr8qWdDHTBp-tXLmPOZ17v66RuGcZhFAmYEmJMuW1ggBnuOQAB5lCKvvjINdlWdjKIxRlD24eLkGsqV_9ENUFIweIfKtYTAdmlXySqg47ZgZLotT9UVTtfD9BwI-NAZLBN6Ro" _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org> https://lists.cloudfoundry.org/mailman/listinfo/cf-dev
|
|
|
|
FIPS Compliance in CloudFoundry
Sandy Cash Jr <lhcash@...>
All:
I would like to put forward a proposal to implement FIPS-compliant encryption in CloudFoundry. The proposal can be found at: https://docs.google.com/document/d/13YX1SuVIxxveFiRKpk_xSrQOls5hYbayUzOA8a3AMAE/edit?usp=sharing A specific aspect of the proposal which I would like to highlight is that this would enable FIPS-compliant encryption but not mandate it - the default configuration would be to use the encryption as implemented today, while allowing those needing to adhere to FIPS 140-2 to do so in their CF deployments. I have done some basic analysis to identify areas where work needs to be done, and I've attempted to capture some of this information in the proposal as well. I would love to hear from the community on this proposal. Thanks, -Sandy -- Sandy Cash Certified Senior IT Architect/Senior SW Engineer IBM BlueMix lhcash(a)us.ibm.com (919) 543-0209 "I skate to where the puck is going to be, not to where it has been.” - Wayne Gretzky
|
|
|
|
Utilities PMC - 2015-06-16 notes
Mike Dalessio
Hi all,
We had a meeting of the Utilities PMC yesterday, permanent notes are at: https://github.com/cloudfoundry/pmc-notes/blob/master/Utilities/2015-06-16-utilities.md which I've copied into this email below. Cheers, -mike ---- *# Utilities PMC Meeting 2015-06-16* *## Agenda* 1. Update on CI tools (Mike Dalessio) 2. Update on CLI (Greg Oehmen) 3. Update on Eclipse plugin and Java tools (Ryan Morgan) 4. Open Discussion *## Attendees* * Chip Childers, Cloud Foundry Foundation * Mike Dalessio, Pivotal (PMC lead) * Ryan Morgan, Pivotal * Greg Oehman, Pivotal * Alex Tarpinian, IBM * Michael Fraenkel, IBM *## Update on CI tools (Mike Dalessio)* - Greenhouse team started moving their builds to Concourse. Runtime and BOSH are also in progress. - Toolsmiths team taking over Krafa, which is a project (to-be-OSSed) to manage a pool of CI environments. Currently being used internally at Pivotal, but totally applicable to OSS as well. - A pair is working for the next month on License Finder, which is an OSS tool to examine a project's declared dependencies (via a package manager) and discover licenses and changes in licensing. This should be useful for the Foundation as well. *## Update on CLI (Greg Oehman)* - New pair rolled on from IBM, who ramped up quickly and are contributing; team velocity is up. - There is ongoing track of work around the plugin API. - Another track of work on PRs and Issues was successful at cleaning up some old stories. - Next release will be 6.12.0. - Deprecate "codegangsta" library which is used for feature flags - Working with IBM designers on user testing "help" with a mock terminal emulator. Community members have offered to be a part of that user testing - Upcoming tracks: - Syntax change from "verb noun" to "noun verb" (e.g., "create-service" to "service-create") - Improving CLI installers *## Update on Eclipse plugin and Java tools (Ryan Morgan)* * Push to move to the Eclipse Foundation continues. *## Open Discussion* * Proposal to accept receptor-client into incubation. See: http://cf-dev.70369.x6.nabble.com/cf-dev-Proposal-for-incubation-of-receptor-client-Java-client-for-receptor-td440.html
|
|
|
|
Re: CfSummit slides
no worries, thanks for your help Craig
Guillaume. On Wed, Jun 17, 2015 at 12:44 AM, C. Craig Ross <ccr(a)linuxfoundation.org> wrote: Hi Guillaume,
|
|
|
|
Re: Ordering lists of objects in the CF CLI
Tammer Saleh
I agree with Mike.
toggle quoted messageShow quoted text
Cheers, Tammer Saleh Director of Product, Pivotal CF, London http://pivotal.io | http://tammersaleh.com | +44 7463 939332
On Tue, Jun 16, 2015 at 9:00 PM, Mike Youngstrom <youngm(a)gmail.com> wrote:
I like option #2 but I wouldn't even worry about adding a --asc or native
|
|
|