Hi David - You are correct - our initial use case if focused on operator concerns. An additional proposal that focuses on application secrets is forthcoming and will involve the larger group of

Gibson [1] is a deprecated library for registering HTTP routes with Gorouter via NATS. The currently supported way to do this is with the BOSH job route-registrar [2]. Many months ago we removed

Hi All - In order to secure the transport of log messages going forward Loggregator will require Metron cert & key as well as the Loggregator CA cert. You won't be able to deploy the latest versions

I see how getting UAA to interface correctly to somethung like Vault may be difficult. Aside from that and the language stack, what are primary diffetences with other mature key management

Most of our customers are using Vault already for secrets management and would prefer to keep doing so as their final "at-rest" store. For our customers it would therefore work best if CredHub can

Hi, Ok - after doing the recovery scenario - the cluster was back, and finally ping point the root cause. The reason - on 2 DIEGO cells - the consul_agent (client) is running out of disk space to

Plus one! An implementation whereby the recycling behaviour can be feature-flagged by space or globally would be nice, so you could turn it off whilst debugging in a space, and then re-enable it when

Hi I am writing a CF CLI plugin using GoLang. I needed a library for displaying the console output in a tabular manner. Though it was possible using the standard tabwriter provided by go, I needed

Thanks Jon. The financial services clients I have worked with would also like the ability to turn on ‘cf ssh’ support in production, safe in the knowledge that app teams won’t abuse it by

Hi, You can check recovery scenario here https://github.com/cloudfoundry-incubator/consul-release#failure-recovery Thanks. Gwenn 2016-12-20 16:12 GMT+09:00 Sylvain Gibier

Hi, Any hint on how to fix it ? From a network topology - nothing changed, and I can't find anything usefull in consul documentation for reforming my cluster. Currently the 2 second consul node

It makes sense to build CredHub for many reasons. A few that come to mind quickly are below. 1) The service must start and restart without human intervention. This immediately means the key

we once had the same issue which causing by network issue, the consul server follower couldn't connect to the leader, but what difference is that we are running on

I am supportive of the proposal. We have our own credentials store implementation to encrypt the service credentials passed to applications (so devops staff can’t see credentials to production

This is something that has been on our wishlist as well but I haven't seen any discussion about it in quite some time. Here is one of the original discussions about it:

It seems like the initial focus is solving the operator problems (via BOSH) rather than app developer problems. Do you have any sketches of how it might be used for application secrets (broker and

Hi, Diego has been default in my CF installation (H/A over 3 AZ) - and today, while trying a simple BOSH CF update of a stemcell - the consul_z1/0 keeps on "failing after update". If I look in the

Hi, Last year when ‘cf ssh’ functionality was being discussed, I’m pretty sure that the concept of automatically restarting containers following an SSH session was discussed. It was to protect

Questions: * To what extent are CredHub's use cases and architecture covered (or not) by a combination of something like Hashicorp's Vault and integration effort? (I'm not singling out Vault

Hello, Recently we caught a hardcoded port in hm9k code which was mentioned nowhere in release notes , and is still sitting there in hm9k code and dea job templates. Would be interested to know ,