Date   

Re: #uaa #uaa

Martijn de Boer
 

You need to set e.g. the config.attributeMappings['user.attribute.department'] attribute in the identity provider registration. See https://docs.cloudfoundry.org/api/uaa/version/74.18.0/index.html#oauth-oidc

Then you can retrieve it from the userinfo endpoint, see https://docs.cloudfoundry.org/api/uaa/version/74.18.0/index.html#user-info


config.attributeMappings['user.attribute.department'] String Optional Map external attribute to UAA recognized mappings. Mapping should be of the format user.attribute.<attribute_name>. department is used in the documentation as an example attribute.
Am 22.05.20 um 19:42 schrieb Shetty, Viraj S [CTR] via lists.cloudfoundry.org:

We have our own UAA server running in a cloud.gov environment which we use for all applications that are deployed in cloud.gov. These applications use OAuth 2 to integrate with the UAA server and the UAA server is using SAML to integrate with our on premises ADFS Identity Server. Currently the only claims that we are getting from ADFS are the standard First name, last name, email. But now one of the applications need a custom claim from the AD. We set that in ADFS and we now see the custom claim as part of the SAML but we dont see that in the ID token after a user login. What do I need to do in the UAA.yml to get this in the ID token ? I added an entry in the attributes mapping but it did not work.  Is there anything I need to add to the scopes for this to happen ? Whats the best way ? Any help is appreciated. 

       attributeMappings:
          somename: claim_url


#uaa #uaa

Shetty, Viraj S [CTR]
 

We have our own UAA server running in a cloud.gov environment which we use for all applications that are deployed in cloud.gov. These applications use OAuth 2 to integrate with the UAA server and the UAA server is using SAML to integrate with our on premises ADFS Identity Server. Currently the only claims that we are getting from ADFS are the standard First name, last name, email. But now one of the applications need a custom claim from the AD. We set that in ADFS and we now see the custom claim as part of the SAML but we dont see that in the ID token after a user login. What do I need to do in the UAA.yml to get this in the ID token ? I added an entry in the attributes mapping but it did not work.  Is there anything I need to add to the scopes for this to happen ? Whats the best way ? Any help is appreciated. 

       attributeMappings:
          somename: claim_url


Re: FOLLOW-UP to --- Announcing Cloud Foundry CLI v7 Release Plan

Josh Collins
 

Hello Again My Dear Cloud Foundrians,


As promised, we’re sending a follow-up to our initial v7 CF CLI GA announcement.


We’ve set target dates/milestones for the v7 GA and we’ve completed our audit of the v7 CLI commands and the list of differences between v6 and v7 are available for review. We’re still working on the exact approach to support pinning to earlier versions of the CLI and we’ll send a follow up when that’s solidified.


Estimated milestones/dates:

Date

Milestone

05/22/2020

A copy of one of the Release Integration Team’s CI Pipelines is running cf7 CLI beta & v7 CATs

05/29/2020

v7 CLI Release Candidate (7.0.0-rc.1) published

05/29/2020

v6 CLI available for pinning in automated scripts

06/05/2020

RelInt’s CF-Deployment CI Pipelines are running CLI v7.0.0-rc.x  & v7 CATs

06/22/2020

v7.0.0 CLI is GA

06/23/2020

RelInt’s CF-Deployment CI Pipelines running v7.0.0 CLI & v7 CATs



And here’s the finalized and comprehensive list changes CLI changes you can anticipate when migrating from v6 to v7.


Once the work to support pinning to older versions of the CLI has been completed, we’ll publish instructions for doing so in the Download the CF CLI docs page. We'll also send a reply to this thread to let you know.


For more information and/or questions about the v7 CLI, please visit Cloud Foundry docs.

If you'd like to chat, please feel free to message us on slack, or visit our github.


Looking forward!


Cloud Foundry CLI Contributors


***************************************************************
***************************************************************
***************************************************************

On Mon, Apr 27, 2020 at 9:13 AM Josh Collins <jcollins@...> wrote:

Dear Cloud Foundry Community,


We are nearing the completion of the v7 CF CLI and we’re excited to announce that we’ll be cutting our GA release soon!

 

The exact target date for the launch hasn’t been finalized but because transitioning from v6 to v7 will require coordination and planning we’re sending an initial heads up. We'll send follow ups to this communication once the launch date and associated details become concrete.

 

In case you haven’t been following the development of the v7 CLI closely, here’s three of many new capabilities that will become available when v7 GAs:

  • Rolling Deploys using the "--strategy" flag for "cf push" and other commands

  • Metadata apply labels and annotations to apps, spaces, organizations, and other resources

  • Sidecar Processes for applications using application manifests


Current Plan:

  1. We’ll continue working through and finalizing the finer-grained details regarding the transition from v6 to v7 (these details will be sent as a follow up to this announcement in advance of the v7 GA)

  2. In the coming weeks, we’ll cut a feature complete v7 CLI release candidate (7.0.0-rc.1)

  3. We’ll coordinate with Release Integration (RelInt) team to integrate the RC v7 CLI into their CF-Deployment CI pipelines and iterate on fixes as necessary ‘till they run green 

  4. Once we’ve finalized and published the v6 to v7 transition plan & the RC v7 CLI has been passing successfully through RelInt’s CF-Deployment CI Pipelines, we’ll GA the v7 CLI

  5. Once the v7 CLI is GA, the active development and release of new features and bug fixes will take place on the v7 CLI, and as per Phase 2 of the v6 CLI deprecation plan, the v6 CLI will no longer be under active development and only be updated to fix severe bugs and or CVEs


While our goal is for the v6 to v7 CLI transition to be fairly easy, it is a major version bump containing breaking changes and a certain amount of impact is unavoidable. 


The previously published “Upgrading to cf cli v7” describes many of the breaking changes that will be included at launch. Although the doc isn’t final, it’s the best resource currently for those needing to understand the change required in day to day manual and/or automated workflows.

 

At the time of this communication, although the list of breaking changes included in the document linked above is nearly complete, it should not be considered comprehensive.

Once we complete our final review/audit we’ll publish an exhaustive list of the changes from v6 to v7 and we’ll send an announcement to the community.   


Automated scripts may break when v7 of the CLI GAs. To minimize disruption and allow for teams to migrate when ready, we will support pinning to the 6.x major version. Although this isn’t possible today, the CLI team is actively working on this capability and will send a follow-up communication with instructions once that work is complete.


Lastly, with the GA release of v7, we plan to update the CF-CLI Minimum Supported Version policy. A separate communication describing the intended changes will be sent to this distribution list soon. 


For more information about the v7 CLI, please visit Cloud Foundry docs, message us on slack, or visit our github.


Thanks,

Cloud Foundry CLI Contributors



--
Josh Collins
PM - MAPBU


Re: Removing bits-service from cf-deployment

James Pollard
 

Thanks Philipp, good catch! Your observation appears to be correct.

It appears that one would need to go back to cf-deployment v12.36 or earlier. We've updated cf-deployment release notes to properly capture which release ended bits-service support.

Best,
Release Integration

On Mon, May 4, 2020 at 12:17 AM Thun, Philipp <philipp.thun@...> wrote:

Hi,

 

I don’t think that using bits-service with the mentioned ops files will work. In fact support for bits-service is broken since cf-deployment v12.39 (incl. CAPI v1.92, more precisely commit https://github.com/cloudfoundry/cloud_controller_ng/commit/66fb2bd434656e8caa060ff55e6c87a296ab1455 that adds a new method which is not implemented in the Ruby BitsService::Client class). Is our observation correct or are we doing something wrong when setting up a current version of cf-d with bits-service?

 

Thanks,

Philipp

 


Stratos 3.2.0

Richard Cox
 

Hi All,

Another month, another Stratos release!

Highlights of 3.2.0 include...

- The SSO_WHITELIST now supports wildcard paths
- Improvements to metric endpoints details view
- Added support for node selectors in the Stratos helm chart
- Improve documentation for the list 'max' feature, including information on the 'fetch all' button
- Endpoints and their connection details can now be backed up by administrators
- CF applications that spend a long time deploying should now successfully stream the log all the way through
- Application stats at the space level should now show correct values again

Full release notes are available from - https://github.com/cloudfoundry/stratos/releases/tag/3.2.0

We welcome your feedback, comments and bug reports. Please feel free to raise them in github (https://github.com/cloudfoundry/stratos) or reach out directly to us in slack (#stratos)

Regards,

Richard Cox
on behalf of the Stratos team


CF-Networking and Silk Release 2.30.0

Alexander Standke <astandke@...>
 

Hi cf-eng!

New CF-Networking and Silk Releases have been cut.

CF-Networking Release Highlights
  • Container networking remains up during daemon cell draining (see #76)
  • Update readmes for CF Networking Release Jobs
  • Built with go1.14.3
  • Tested with silk-release v2.30.0
Silk Release Highlights
  • Container networking remains up during daemon cell draining (see cloudfoundry/cf-networking-release#76)
  • General documentation updates
  • Built with go1.14.3
  • Tested with cf-networking-release v2.30.0
Regards,
CloudFoundry Networking Program


Reminder: CAB call on Wednesday, May 20 @ 8AM PDT / 11AM EDT / 5PM CEST

Troy Topnik
 

It's that time again. Community Advisory Board Time!

On the agenda are updates from the Foundation and the PMCs as usual, plus two presentations from T-Mobile about:
  • Dealing with noisy neighbors on CF platform
  • Automating the life-cycle management (upgrade) of large-scale CF environments
I'm looking forward to seeing both of these. 

Agenda:

 https://docs.google.com/document/d/1SCOlAquyUmNM-AQnekCOXiwhLs6gveTxAcduvDcW_xI
 
Join Zoom Meeting
https://zoom.us/j/886369973

Meeting ID: 886 369 973

One tap mobile
+16699006833,,886369973# US (San Jose)
+16465588656,,886369973# US (New York)

Dial by your location
        +1 669 900 6833 US (San Jose)
        +1 646 558 8656 US (New York)
        877 369 0926 US Toll-free
        855 880 1246 US Toll-free
        +1 647 558 0588 Canada
        855 703 8985 Canada Toll-free
Meeting ID: 886 369 973
Find your local number: https://zoom.us/u/abSAPsJbM

----------
Chat room: go to slack.cloudfoundry.org and then join the #cab channel


Join from PC, Mac, Linux, iOS or Android: https://zoom.us/j/757994996

Or iPhone one-tap :
    US: +16468769923,,757994996#  or +16699006833,,757994996#
Or Telephone:
    Dial(for higher quality, dial a number based on your current location):
        US: +1 646 876 9923  or +1 669 900 6833  or +1 408 638 0968
    Meeting ID: 757 994 996
    International numbers available: https://zoom.us/zoomconference?m=BbM_MZowkH08pdKycQk10at13V5cLneM

──────────

Hope you'll join us!


TT

--
Troy Topnik
troy.topnik@...
 


Re: [Proposal] CAPI V3 Service Bindings

Aditya Tripathi
 

Nice one!

On Fri, 15 May 2020 at 13:43, <fmartini@...> wrote:
Hello everyone,
 
The Services API Team has been working on a model for the Cloud Controller V3 API for service bindings, service keys and service route bindings.
You can view the proposal here:
We are seeking feedback from the community to help us finalize this proposal and move forward with implementation.

We are looking forward to your comments! You can contact us by replying to this email, or in our cloud foundry slack channel #svat 

Best regards
Felisia
On Behalf of the Services API Team


[Proposal] CAPI V3 Service Bindings

fmartini@...
 

Hello everyone,
 
The Services API Team has been working on a model for the Cloud Controller V3 API for service bindings, service keys and service route bindings.
You can view the proposal here:
We are seeking feedback from the community to help us finalize this proposal and move forward with implementation.

We are looking forward to your comments! You can contact us by replying to this email, or in our cloud foundry slack channel #svat 

Best regards
Felisia
On Behalf of the Services API Team


Cloud Foundry Summit Virtual Schedule is Now Live!

Chip Childers <cchilders@...>
 

Hi All, 

This morning, we published the initial schedule for NA Summit, which you can find here

The Summit will be held online over two half-days on Wednesday, June 24th and Thursday, June 25th on US Central Time, with each date devoted to a key Cloud Foundry audience: developers (users) and contributors, respectively. Summit will include a networking space to facilitate a virtual version of the “hallway track” and digital booths sponsored by vendors for attendees to explore. 

Read the full press release here: https://www.cloudfoundry.org/blog/cloud-foundry-na-summits-initial-schedule-highlights-developer-experience-on-kubernetes-open-source-contributors/

You can register here for free using this code: CFNA20CON 

We look forward to "seeing" you all at Summit!

Chip Childers
Executive Director
Cloud Foundry Foundation


KubeCF 2.2.0

Jaime Gomes
 

Hi,

I would like to announce that KubeCF 2.2.0 is out! Check the release notes to find out what's coming and take it for a spin but before that, I want to highlight two points:

- upgrades must be sequential.

- if you are upgrading from 2.1.0 to 2.2.0 there's a special section on the release notes...so please check if that's your case.

 

Please, don't forget to share your experience and/or problems on the #kubecf-dev slack channel - we're there for you!💪

 

Stay healthy. Stay safe.


Jaime Gomes

Github: https://github.com/cloudfoundry-incubator/kubecf
Slack: https://cloudfoundry.slack.com/archives/CQ2U3L6DC


IMPORTANT NOTICE: [php-buildpack] End of Support for NGINX versions 1.16.x after 2020-06-07

Kashyap Vedurmudi
 

The first release of the PHP buildpack after 2020-06-07 will no longer include NGINX versions 1.16.x. These NGINX versions will no longer be supported upstream[1]. Please migrate your PHP apps to supported versions of NGINX before that time.


Note: If you’d like to use a different NGINX version, please configure your application to select that version[2].


As always, the buildpacks team is happy to answer questions you may have about this deprecation in the #buildpacks Slack channel[3].


[1] - https://nginx.org/en/download.html

[2] - https://docs.cloudfoundry.org/buildpacks/nginx/index.html

[3] - https://cloudfoundry.slack.com/archives/C02HWMDUQ


Thanks,

Kashyap Vedurmudi, Buildpacks PM



IMPORTANT NOTICE: [nginx-buildpack] End of Support for NGINX versions 1.16.x after 2020-06-07

Kashyap Vedurmudi
 

The first release of the NGINX buildpack after 2020-06-07 will no longer include NGINX versions 1.16.x. These NGINX versions will no longer be supported upstream[1]. Please migrate your NGINX apps to supported versions of NGINX before that time.


Note: As 1.16.x is the current stable version of NGINX in the buildpack, the stable NGINX version will be updated to 1.18.x as a part of this removal. If you’d like to use a different NGINX version, please configure your application to select that version[2].


As always, the buildpacks team is happy to answer questions you may have about this deprecation in the #buildpacks Slack channel[3].


[1] - https://nginx.org/en/download.html

[2] - https://docs.cloudfoundry.org/buildpacks/nginx/index.html

[3] - https://cloudfoundry.slack.com/archives/C02HWMDUQ


Thanks,

Kashyap Vedurmudi, Buildpacks PM



Re: Announcing Cloud Foundry CLI v7 Release Plan

Greg Cobb
 

For now, application manifests will remain the same.

We did recently introduce versioning to manifests, which will allow us to iterate on manifest structure and features more aggressively in the future (and independently from API/CLI version).

On Tue, Apr 28, 2020 at 2:12 PM Stefan Mayr <stefan@...> wrote:
Hi Josh

Am 27.04.2020 um 18:13 schrieb Josh Collins:
> Dear Cloud Foundry Community,
>
>
> We are nearing the completion of the v7 CF CLI and we’re excited to
> announce that we’ll be cutting our GA release soon!

This is fantastic news. Our developers are waiting for some of the
experimental v3-commands to be replaced with stable CLI v7 commands.

> The exact target date for the launch hasn’t been finalized but because
> transitioning from v6 to v7 will require coordination and planning we’re
> sending an initial heads up. We'll send follow ups to this communication
> once the launch date and associated details become concrete.
>
>  
>
> In case you haven’t been following the development of the v7 CLI
> closely, here’s three of many new capabilities that will become
> available when v7 GAs:
>
>   *
>
>     Rolling Deploys
>     <https://urldefense.proofpoint.com/v2/url?u=https-3A__docs.cloudfoundry.org_devguide_deploy-2Dapps_rolling-2Ddeploy.html&d=DwIFaQ&c=lnl9vOaLMzsy2niBC8-h_K-7QJuNJEsFrzdndhuJ3Sw&r=zV_urrEjeWCta68K3cScoA&m=YeWLNHeSMdg9ByYElGUn1Z6tYysmnfqN-WG7A9-Db50&s=d1K8PTiAZKqEa-ufU1Sba8TGGzX7Pae4jRJvPUFnfd8&e= >using
>     the "--strategy" flag for "cf push" and other commands
>
>   *
>
>     Metadata
>     <https://urldefense.proofpoint.com/v2/url?u=https-3A__docs.cloudfoundry.org_adminguide_metadata.html&d=DwIFaQ&c=lnl9vOaLMzsy2niBC8-h_K-7QJuNJEsFrzdndhuJ3Sw&r=zV_urrEjeWCta68K3cScoA&m=YeWLNHeSMdg9ByYElGUn1Z6tYysmnfqN-WG7A9-Db50&s=bQHubdd5Qkr-cstS5XJkoF5b44i_kMuV3zRhS74OCB0&e= >apply labels
>     and annotations to apps, spaces, organizations, and other resources
>
>   *
>
>     Sidecar Processes
>     <https://urldefense.proofpoint.com/v2/url?u=https-3A__docs.cloudfoundry.org_devguide_sidecars.html&d=DwIFaQ&c=lnl9vOaLMzsy2niBC8-h_K-7QJuNJEsFrzdndhuJ3Sw&r=zV_urrEjeWCta68K3cScoA&m=YeWLNHeSMdg9ByYElGUn1Z6tYysmnfqN-WG7A9-Db50&s=IpVJPQf06TQ78_X8hsiNmDipQAadSAK01KOI9lvxU9g&e= >for
>     applications using application manifests
>
> ...

How about manifest files? Do we have to expect any manifest syntax or
naming changes? Will some of the new CLI features also be available in
the manifest?

Thanks,

   Stefan






Re: Seeking Nominations: Cloud Foundry Extensions PMC

Swarna Podila
 

Hi Everyone,
Just a quick reminder to send us your nominations by the end of Friday (May 8).

Cheers!

-- Swarna Podila (she/her)
Senior
 Director
, Community
 | Cloud Foundry Foundation

You can read more about pronouns here, or please ask if you'd like to find out more.


On Thu, Apr 30, 2020 at 4:30 PM Swarna Podila <spodila@...> wrote:
Hi All,
You may have seen Dr. Max's note earlier.  After leading Extensions PMC for almost four years, he would like to step down and make space for new folks to take on the role. 

Please send in your nominations for a new lead for Cloud Foundry Extensions PMC by the end of day next Friday, May 8, 2020. 

-- Swarna Podila (she/her)
Senior
 Director
, Community
 | Cloud Foundry Foundation

You can read more about pronouns here, or please ask if you'd like to find out more.


Re: cf-for-k8s 0.2.0 alpha release

Chip Childers <cchilders@...>
 

More progress! I particularly appreciate two parts of this: The clear indication of what's next up in the release notes, and the appropriate use of a flame emoji for the logging feature. 👍

Chip Childers
Executive Director
Cloud Foundry Foundation


On Mon, May 4, 2020 at 7:08 PM Saikiran Yerram <syerram@...> wrote:
Hello CF community,

We just shipped cf-for-k8s 0.2.0 alpha release, so please check out the release notes here. Some notable highlights of this release,

- Users can now see streaming logs during cf push command. woot!
- Users can now see app metrics.
- Removed install.sh so users have the freedom to use ytt and kapp however they like (e.g. pass additional config of their choice)

There are many other updates worth looking into. Please take it for a spin and give us your feedback via issues or in slack channel #cf-for-k8s. 

Thank you to all the contributors!! 

Resources:

--
Saikiran Yerram


Hands on Labs at CF Summit

Chris Clark
 

Hello folks, 

As you've likely heard, Cloud Foundry Summit will be a virtual event for the first time. While I'm disappointed we won't all be gathering together in Austin, there is some upside to a virtual summit. With fewer time/space restraints, Summit will run for two days, not one, and we'll be having technical Hands on Labs sessions each day.    

As far as the labs go, we're still in the planning stages, and we wanted to reach out to the community and ask a few questions:

What kind of technical lab/demo content would you want to see included?  
Any particular topics you think we'd be remiss to exclude?  

If you've recently attended any virtual events, any wisdom you'd like to impart on how hands on labs were organized, and how successful they were (or weren't)?  

Are you or your project team interested in running a lab?  

Feel free to respond publicly, or to me directly.  Hope you're all safe and healthy out there. 


--
Chris Clark
Technical Operations Manager
Cloud Foundry Foundation


Re: Bi-weekly Round-Up: Technical + Ecosystem Updates

Chris Clark
 

Hello, everyone. We’ve launched a new Tutorials website to serve as a hub for learning in our community! The hub includes an interactive hands-on lab for first-time Cloud Foundry users to experience how easy the platform makes deploying applications to Kubernetes and is open for the community to contribute. Read the release.


Special thanks to Steve Greenberg at Resilient Scale for the heavy lifting to make this happen! Expect more news on this soon, and if you’re interested in contributing/feedback, please let us know.


Also, CF Summit is going virtual. Here’s the full story.

From the Last Few Weeks:

Community Updates:

  • Have a question for the staff at Cloud Foundry Foundation? Want to stay current with updates for the Foundation? Join the #cff-forum channel on the community Slack.

  • Looking for a job? Don’t hesitate to check out the #jobs channel in our community slack; folks are stepping up and sharing the job openings in our community.  

(And if you are hiring, please do share the info in that channel.)

All things Cloud Foundry Summit:

  • As mentioned above, CF Summit is going virtual. Looking forward to it! Fingers crossed for an in-person event in Dublin this October.

Dates To Remember (All times US Pacific):

  • CF for Kubernetes SIG call - 8:30 AM on May 12

  • Bi-Weekly CF App Runtime PMC meeting - 10:30 AM on May 12

  • AMA Monthly call - 8:00 AM on May 19

  • CF CAB call - 8:00 AM on May 20

Check the community calendar for updates and meeting details here: https://www.cloudfoundry.org/community-calendar/

Interesting Finds from Around the Web:



Who’s hiring?  

Check out the jobs board https://www.cloudfoundry.org/cf-jobs/


On Tue, Apr 7, 2020 at 10:30 AM Swarna Podila <spodila@...> wrote:

Hi all,

Chris is on PTO this week; so here's this edition of bi-weekly roundup from me.


Hope you’re safe, sane, and comfortable out there.  


Some exciting new changes at the Cloud Foundry Foundation, just announced: https://www.cloudfoundry.org/blog/cloud-foundry-foundations-cto-steps-into-executive-director-role:  

  • Abby Kearns is moving on from the Foundation. Chip Childers has been appointed the new Executive Director. While we’re going to miss Abby tremendously, we are very grateful to have had such tremendous leadership here at the CFF for the past few years, and also that we are fortunate enough to be left in Chip’s capable hands going forward. 

  • Read Chip’s post here and Abby’s post here.

  • Join a community AMA tomorrow, Thursday, April 9th, from 8-10 AM PST on Cloud Foundry Slack in the #cff-forum channel to discuss this transition.

From the Last Few Weeks:

  • Chip Childers is now the Executive Director of Cloud Foundry Foundation.

  • Paul Fazzone has been named new chairman of the CFF Board.

  • We’re launching a new tutorials website! Content creation is happening now, and we’d love your input, contributions, and feedback!. Please reach out in the #cloudfoundry-tutorials slack channel if you’d like to get involved. Official launch is scheduled for a few weeks from now.

  • The Release Integration team is requesting review for cf-deployment V13 scope.

  • Google steps up to Platinum membership in the CFF! Read more here

  • Nice blog post here on Project Quarks and KubeCF.

  • The BOSH PMC is making a few changes outlined here, most notably moving the BOSH project to a distributed committer model.

  • Cloud Foundry Volume Services team has shipped the first alpha version of their SMB volume service.

  • CF for Kubernetes SIG call video from March 31 is up. Video here.

Community Updates:

  • Have a question for the staff at Cloud Foundry Foundation? Want to stay current with updates for the Foundation? Join the new #cff-forum channel on the community Slack.

  • Do you miss the water cooler conversations? Hop on to the Cloud Foundry Break Room if you would like to hang out with your peers from the community. Please note that the Cloud Foundry Code of Conduct applies here as well.

All things Cloud Foundry Summit:

  • Please read this update. TL;DR: Call for Papers has been extended until Friday, April 17th and Program Chairs have been announced.

    • In the likely event that CF Summit does become a virtual event, CFP submissions will still be selected from those submitted by you by 4/17.

    • Thank you for electing the program committee and special thanks to Amelia, Dr. Nic, Molly and Matthias for helping us curate the content.

Dates To Remember (All times US Pacific):

  • CF for Kubernetes SIG call - 8:30 AM on April 14

  • Bi-Weekly CF App Runtime PMC meeting - 10:30 AM on April 14

  • CAB call - 8:00 AM on April 15

Check the community calendar for updates and meeting details here: https://www.cloudfoundry.org/community-calendar/

Interesting Finds from Around the Web:


-- Swarna Podila (she/her)
Senior
 Director
, Community
 | Cloud Foundry Foundation

You can read more about pronouns here, or please ask if you'd like to find out more.


On Tue, Mar 24, 2020 at 12:27 PM Chris Clark <cclark@...> wrote:

It is an understatement when we say “these are unprecedented times.” During these times of uncertainty, the Cloud Foundry Foundation wants to offer an open zoom “break room” for our community. Please feel free to “walk” into this break room and hang out with others. (Please do remember: Code of conduct applies here as well.)

From the Last Few Weeks:

  • KubeCF released v1.0 AND v1.0.1! Message here. Blog post here. Press release here.
  • Stratos released v3.0! Message here.
  • CF routing v0.199.0 was released. Message here.
  • Miguel Luna has taken over as project lead of the Services API project.
  • CF for Kubernetes SIG call video from March 17 is up. Focus on container to container networking. Video here.
  • CF CAB call video from March 18 is up here. Nice update and demo of CF-for-k8s!

Community Updates:

  • Have a question for the staff at Cloud Foundry Foundation? Want to stay current with updates for the Foundation? Join the new #cff-forum channel on the community Slack.

All things Cloud Foundry Summit:

Dates To Remember (All times US Pacific):

  • CF Operators Sig Meeting – 8:00 AM on March 25
  • CF for Kubernetes SIG call – 8:30 AM on March 31
  • Bi-Weekly CF App Runtime PMC meeting – 10:30 AM on March 31

Check the community calendar for updates and meeting details here: https://www.cloudfoundry.org/community-calendar/

Interesting Finds from Around the Web:

Who’s hiring?  

Check out the jobs board https://www.cloudfoundry.org/cf-jobs/

 

Looking for an industry event to attend or to submit a speaking proposal? We put together a helpful calendar of events for 2020: https://calendar.google.com/calendar?cid=Y2xvdWRmb3VuZHJ5Lm9yZ181Yjg2a2dobzkwdmNqOWtncDE3cjljYjh1c0Bncm91cC5jYWxlbmRhci5nb29nbGUuY29t 



--
Chris Clark
Technical Operations Manager
Cloud Foundry Foundation


Re: Exploring CRDs in CF

Angela Chin
 

Hi folks,

Thanks Zach for starting this thread. There's been some good conversation in the document about different reasons and benefits of using CRDs.

Connor (cc'ed) and I have been exploring what introducing CRDs to Cloud Foundry might look like centered around the different outcomes described in the doc. We've generated this document (titled "CF App Runtime CRD Approaches") and would love to have feedback and a discussion via comments.

Cheers,
Angela and Connor

On Tue, Apr 28, 2020 at 10:16 AM Zach Robinson <zrobinson@...> wrote:
Hey all,

As we move towards a kubernetes-based Cloud Foundry, the inclusion of CRDs into CF has been a recurring topic. At this point we already see CRDs being incorporated into CF in a number of ways, as well as questions about them such as a thread on this list titled "Is anyone working on a CF CRD & Controller?".  

We would like to use this space to start gathering an understanding of how folks are using CRDs, the reasons folks are using CRDs, and what CRDs folks would like to see in the future. 

This will help us build a better understanding as a community towards the outcomes of
  • Include CRDs in CF with well-defined architectural patterns
  • Understand how CRDs should be exposed as a user interface

This document has been created to help house the discussion asynchronously. It has been built with the understanding of cf contributors from a couple of teams, but we need everybody's help to flesh out the full picture.

Looking forward to discussion


Re: Is anyone working on a CF CRD & Controller?

Angela Chin
 

Hi folks,

Thanks for all the feedback on the Exploring CRDs in the CF App Runtime doc!

Connor (cc'ed) and I have been exploring what introducing CRDs to Cloud Foundry might look like centered around the different outcomes that were generated. We've generated this document (titled "CF App Runtime CRD Approaches") and would love to have feedback and a discussion via comments.

Cheers,
Angela and Connor

On Sat, May 2, 2020 at 9:48 AM pierre Oblin <oblinp@...> wrote:
Just as inspiration, and maybe spike implémentation, a déclarative approach based on terraform HCL is probably a good way to start

Le mar. 28 avr. 2020 à 19:18, Zach Robinson <zrobinson@...> a écrit :
Hey Daniel,

Wanted to follow up. There's now a doc to start building out our understanding of CRDs here https://docs.google.com/document/d/1mIMH4uEtIJkZjVa5mKWJoIAIeVyM4gVqO-Cx5JtYgtE/edit?usp=sharing

Shared with the mailing list under topic "Exploring CRDs in CF".  Would love to get your thoughts and feedback.

-Zach

On Thu, Apr 16, 2020 at 4:09 PM Zach Robinson <zrobinson@...> wrote:
Zach, am I correct in thinking that the current approach is the have clients interact with CloudController, have CloudController persist to CCDB as per usual, and then CloudController post stuff to CRDs in the Kube API?

Yes, this is the current approach for the CRDs that Cloud Controller interacts with now. There are also reconciliation loops that we run for these resources analogous to how we've always reconciled CCDB state with Diego.

I think this method has developed organically from our goal of preserving in-place workflows via having the same API surface, allowing cli to function without changes, while trying to consume existing functionality in k8s. I think the longer term goal here is to review that usage and be more intentional about how we expect CRDs to fit into the system as a whole.

-Zach

On Thu, Apr 16, 2020 at 4:10 AM Daniel Jones <daniel.jones@...> wrote:
Thanks for that folks - especially for such a long and detailed response, Zach. Much appreciated.

It's great that folks are already thinking about this.

Zach, am I correct in thinking that the current approach is the have clients interact with CloudController, have CloudController persist to CCDB as per usual, and then CloudController post stuff to CRDs in the Kube API?

I'd kinda imagined things going the other way around, introducing the CRDs as a new user interface, and have the controllers do the diff and then post/put to CloudController. The intention here would be saving Kubes-native folks (and CI servers!) from having to deal with the imperative interface. I was working on the assumption that all CF concepts would be exposed as CRDs.

From a CAPI perspective, I've been thinking more about representing apps and push as CRDs, and I believe the Eirini team has some thoughts in this area as well.

I'd always dodged this area in cf-converger as it was the most complicated, and the biggest break from the current CF experience :)

For example when we look at orgs/spaces - we have to wonder if those are even resources we want to represent as CRDs, when k8s already has a namespace construct.

I can imagine that the logical concept of orgs may one day map onto distinct Kubernetes namespaces, but I hadn't imagined that orgs would in any way disappear, or not be configurable via the Kubernetes approach.

It'd be great to hear what others think on all of this.

Thanks again for sharing, Keshav and Zach.

Regards,
Daniel 'Deejay' Jones - CEO
+44 (0)79 8000 9153
EngineerBetter Ltd - More than cloud platform specialists


On Wed, 15 Apr 2020 at 23:45, Zach Robinson <zrobinson@...> wrote:
Hey Daniel,

Thanks for starting a convo. The timing couldn't be better. I can share some of the thinking going on in both CAPI and VMware land. 

But first and foremost I want to address the question: "Is there any point in the community working on such a solution, or are one of the bigger companies secretly working on something that would supersede any community effort?" - yes, yes, a thousand times yes to community collaboration!

The topic of CRDs is kind of huge. It's really great to hear your focus is on things like orgs/spaces. From a CAPI perspective, I've been thinking more about representing apps and push as CRDs, and I believe the Eirini team has some thoughts in this area as well. There's a lot of ground to cover clearly.

In terms of things that are in flight now.
  • Keshav kindly shared that networking is looking to provide Route CRDs.
  • Networking is also exploring providing Security Groups as CRDs.
  • CAPI is integrating kpack into CF to provide buildpack staging. This is done by generating kpack CRDs.
Currently these CRDs are being created and owned by the Cloud Controller, which enables us to present backward compatible APIs to our CLI and UI like stratos, while moving the implementation down into controllers fronted by CRDs.  There's an obvious potential to interact with k8s directly in the future, but the current use case is to be used by CC. Except for kpack which is an excellent stand alone tool already :).  

These efforts are great and are allowing us to begin a path towards using existing k8s tooling and projects to provide Cloud Foundry outcomes, but obviously there's a lot further to go.

From VMware's side, over the last couple weeks, there has been an effort to explore what it might look like to use CRDs entirely as a source of truth for *all* CF data, in place of a SQL database, as a learning exercise, not necessarily a desired outcome. The primary goal of that effort was to start the convo that we're having now, and to be able to contribute in a meaningful way.  Note there are no VMware-based plans to dump a fully fledged proposal. We need to start from a premise as a community of understanding how/why/and which resources are valuable as CRDs.

For example when we look at orgs/spaces - we have to wonder if those are even resources we want to represent as CRDs, when k8s already has a namespace construct.

I think we'll need to start some dedicated working document to collaborate in. I had planned on facilitating that after some of the investigation that VMware has wraps up, but I don't think that's a reason to hold off if you or somebody else in the community has thoughts they want to start getting down. CAPI and other teams can contribute to an existing doc if that makes sense. Any other thoughts you'd prefer for next steps?

Looking forward to a continued conversation.

-Zach


On Wed, Apr 15, 2020 at 9:56 AM Keshav Sharma <ksharma@...> wrote:
Hi Daniel, 
The CF-K8s Networking team is currently working on a solution using Route CRDto introduce a “Route” custom resource and have Cloud Controller make/update these directly as part of the `cf map-route` and `cf unmap-route` workflows. Happy to discuss this further in our Cloud-Foundry Slack- #networking group. Regards, Keshav Sharma Product Manager | CF-K8s-Networking VMware

On Wed, Apr 15, 2020 at 3:01 AM Daniel Jones <daniel.jones@...> wrote:
Hi all,

In the spirit of community, I'm going to ask this question outright and in the open - is anyone (*looks at VMware MAPBU*) working on a CRD and accompanying controller for CF on Kubernetes?

Anyone with a non-trivial amount of Cloud Foundry experience knows that whilst the imperative interface of the CF CLI is great for exploratory work, it's far from ideal for production environments. I make a point of telling folks in CF training courses that no human should be using the CLI in production, other than for debugging.

A declarative interface for CF has always been desirable, and its omission is going to become even more stark once running CF on Kubernetes is the norm. We've had cf-mgmt which is close, but involves more steps than is ideal.

It'd be great to have one or more CRDs that represent the state of a Cloud Foundry, and accompanying controllers that converge upon that state. When I talk about state, I mean things like orgs, spaces, service broker registrations, service instances, roles and so on.

Four years ago I started work on a project called cf-converger to diff and converge a Cloud Foundry instance on a state declared in YAML. I got distracted with running a business and doing billable work, so whilst the concept was proven, it never really got to a state of usefulness. Plus, I seemed to spend half my coding time just writing excessively-verbose chained method calls on the official Java CF client :D 

I see such a solution as an inevitability in the Kubernetes-based future. Whilst I'm personally tempted to resurrect the project, it makes very little sense for a company like EngineerBetter to divert resources from billable work to a project that is needed, but can't be monetised.

Are any of the big players working on something similar? Is it something we should all be thinking and talking about? Is there any point in the community working on such a solution, or are one of the bigger companies secretly working on something that would supersede any community effort?

Regards,
Daniel 'Deejay' Jones - CEO
+44 (0)79 8000 9153
EngineerBetter Ltd - More than cloud platform specialists

361 - 380 of 9374