Hi cf-dev, cf-diego The CF Infrastructure team which maintains consul-release ( https://github.com/cloudfoundry-incubator/consul-release) is considering bumping from consul 0.5.2 to 0.6.0. There are

Yes, I agree that setting the specific URI to check would be necessary as well so that developers could avoid some of the other concerns. So the ones I can think of: * URI / endpoint * Expected

Hello, We have an implementation of UAA using Identity zones where each zone in UAA is represented by a unique route and this route is bound to that UAA app in our cloudfoundry implementation. Eg: If

I can't comment on the common use cases, and who this change would break. However, I'm very much in favor of hiding this implementation detail from our API. Letting a library's internal API leak into

ps: forgot to mention that openStack Swift is of course in scope, too. Mit freundlichen Grüßen / Kind regards Simon Moser Senior Technical Staff Member / IBM Master Inventor Bluemix Application

Hi everybody, we are beginning work on the Bits Service proposed here [1] for handling all kinds of blobstore related operations - a functionality that is in the cloud controller today. Cloud

Hi, Aaron and Matt, Thanks for the thoughtful discussion of the Windows health-check issue. I too think for consistency that if the CF end user has specified 'port' as the type of health-check on

You might consider making a tiny custom 404 app and then map *.cf.bar.io and *.foo.bar.io and any other sub domains to it so that it doesn't fall through to your landing page app. Would that work for

Hi, we got the following problem and I would like to know, if you have an idea how to solve it. We setup a view domains: - bar.io - foo.bar.io - cf.bar.io Bar.io is used for all the end user

Just as a small followup, consider that companies might have internal regulations mandating how and where SSL termination needs to happen (Rakuten is among them, for example...). As described in my

Shannon, in our design we have a reverse proxy colocated with the gorouter. [1] While we can clearly reencrypt data going over loopback TCP (or Unix sockets :D) to the gorouter... it sounds a little

Hi Chaskin, Thanks for sharing your thoughts! I'll try to address some of your questions: which of the types of content based filtering are required to express what we need while maintaining a

Hi Carlo, Thank you for letting us know, I wasn't aware of this. With this limitation in mind, an upstream component could still terminate TLS, but couldn't Gorouter also? Although I recognize the

Hi, Daya, Thanks very much for the additional logs. Those BBS errors look normal (requests often bounce off nonexistent records), and from the auctioneer logs the auction process is retrieving state

Just my two cents: right now HTTP/2 support in Go 1.6 does not include support for h2c (HTTP/2 over TCP) [1]. It only supports h2 (HTTP/2 over TLS). So basically SSL termination before the gorouter

As part of the effort to convert from using NFS to WebDAV as the default blobstore in cf-release, we have made that change for bosh-lite. If you deploy a new cf-release to bosh-lite against an

My concern is that the HTTP check (mislabeled as "port") would still be the default and I'd have to expect users to opt out of it per app. It's confusing and not what users of the platform have come

Hi All, Starting cf-release V227, UAA is being consumed as a separate bosh release as opposed to a job. The release notes published earlier was not covering the details of all the spec changes that

Hi, The Routing team has the Route Services work in progress [1]. I believe once that work is complete you could develop a route service to be able to do this type of rate limiting. Shannon may be

wrote: Setting the health check to none does not actually disable health checks. This setting simply disables the HTTP healthcheck, and Diego will continue to monitor the process. I'm not sure why