|
Re: Buildpack Cache
Stephen Levine
Hi Stephan, The buildpack cache (aka "app cache," or "build artifacts cache") is a per-app cache that is stored as a tarball in the blob store and recovered when an existing app is restaged (regardless of app code or buildpack changes). Different buildpacks use this cache for different things. Ben Hale (CCd) may have more details about how the Java buildpack handles caching. In general, the purpose of the cache is to speed up build time and/or reduce data transfer during staging. Usage of the cache is documented here: https://docs.cloudfoundry.org/buildpacks/understand-buildpacks.html -Stephen
On Thu, Jun 14, 2018 at 10:31 AM Stephan Merker <stephan.merker@...> wrote:
|
|
|
|
CF Routing release 0.179.0
Shubha Anjur Tupil
We cut routing release 0.179.0 yesterday with a bug fix for an issue where backends were not being pruned on a TLS handshake failure potentially leading to stale routes in the routing tables, now backends are pruned when the TLS handshake fails, for details. Please let us know if you have thoughts or questions. CF-Routing Team
|
|
|
|
Re: Is anyone successfully using IPSec along with Windows Server 2016 (1709)?
Thanks, Aaron. A couple of notes: The Garden Windows team has started working on contributing to the Envoy Windows support. We're betting on this as the most likely path forward for data-in-motion security, along with Istio support. We're still planning how long the team (along with BOSH Windows) can maintain 2012 R2 support (as supporting a new Windows OS every 6 months is important but tedious). Our current thinking is to maintain it for about 12 months from now to give us time to achieve parity on the 2016 stack. William
On Thu, Jun 14, 2018 at 12:04 PM Aaron Huber <aaron.m.huber@...> wrote: Just to close on this Microsoft has confirmed that this is expected for now, using IPSec along with WinNAT is not supported in 1709, 1803, or the upcoming Windows Server 2019. They are considering it for inclusion in a future release but there is no timeline. For now there is no way to encrypt the traffic between the gorouter and the containers on Windows which will prevent us (and others I'm sure) from moving off of Windows Server 2012 R2 for legacy .NET apps. Hopefully Envoy will be working on Windows soon (https://github.com/envoyproxy/envoy/issues/129) so we can remove the IPSec dependency.
|
|
|
|
Re: Is anyone successfully using IPSec along with Windows Server 2016 (1709)?
Aaron Huber
Just to close on this Microsoft has confirmed that this is expected for now, using IPSec along with WinNAT is not supported in 1709, 1803, or the upcoming Windows Server 2019. They are considering it for inclusion in a future release but there is no timeline. For now there is no way to encrypt the traffic between the gorouter and the containers on Windows which will prevent us (and others I'm sure) from moving off of Windows Server 2012 R2 for legacy .NET apps. Hopefully Envoy will be working on Windows soon (https://github.com/envoyproxy/envoy/issues/129) so we can remove the IPSec dependency.
Aaron
|
|
|
|
Buildpack Cache
Stephan Merker
Hi,
is there documentation available that describes how the buildpack cache works?
I found the following info: https://docs.cloudfoundry.org/concepts/how-applications-are-staged.html “The Task downloads buildpacks and the app’s buildpack cache, if present.”
https://github.com/cloudfoundry/java-buildpack/blob/master/docs/extending-caches.md
I wonder how often the buildpacks and artifacts like JVM, Tomcat etc. are downloaded and how they are cached? Is this cache per app, per diego cell, CF global? I’m talking about the default online buildpacks.
Thanks, Stephan
|
|
|
|
CAB call for June is Wednesday 06/20 @ 8a PST or 11a EST
Michael Maximilien
FYI... Please remember to join Wednesday the Zoom call [0] June 20th at 8a Pacific for QAs, highlights, and two presentations: 1. CF Stratos UI update and demo of latest version by Neil MacDougall of SuSe [1] 2. Project Blockheads: Ethereum Smart Contract Open Service Broker for CF and Kube by Nima Kaviani of IBM (winner of the CF Summit -Boston Hackathon) [2] Zoom soon. Best, dr.max ibm ☁ silicon valley, ca
|
|
|
|
Feedback request - Polyglot service discovery for container networking
Preethi Varambally
Hi, The CF Networking team is working towards making Polyglot service discovery GA [1]. As part of this, operators can configure their own internal domains and we envision the following 2 scenarios. Fresh install - Operators use the CC APIs to configure internal domains - Operators also have to configure a BOSH property "internal_domains" on the BOSH DNS adaptor job with the same internal domains Upgrade from experimental service discovery - apps.internal is already seeded into the cloud controller. No action is needed. - Operators have to configure the BOSH property "internal_domains" on the BOSH DNS adaptor job to [apps.internal] to avoid downtime for apps using service discovery If you are using the experimental feature, we would like to hear from you about any questions or concerns you may have on the upgrade process above. Thanks, CF Networking team
|
|
|
|
Feedback request: Proposed changes to capi-release nfs_server.share_path
Tim Downey
Hello all, Recently on the CAPI team we've been updating our BOSH jobs to run within BPM. BPM is opinionated with regards to which directories can be mounted within its containerized jobs. This means that in order to properly support NFS, we will need to update the default nfs_server.share_path to be located within the "/var/vcap/data" directory on Cloud Controller BOSH instances. The nfs_server.share_path value is currently configurable across several jobs within capi-release, but we are considering removing this configurability in order to ensure that the NFS volume is mounted in the proper location. We are wondering what the impact of this change would be and are interested in hearing from anyone who is currently setting nfs_server.share_path to a location other than the default path of "/var/vcap/nfs". In summary:
Thanks! Tim Downey and Elena Sharma CAPI team members
|
|
|
|
#advocacy on CF Slack
#advocacy
Let us use #advocacy channel to share information on upcoming industry events, "call for paper" deadlines, and other speaking opportunities that might be of interest for y'all.
|
|
|
|
Re: (action requested) Changing CF App Display
Abby Chau
Hello cf-dev, Thanks to those who have taken the short survey; we very much appreciate your feedback. If you haven't had a chance to take the survey, please take a look and give us your feedback on the cf app display. Best, Abby
On Tue, Jun 5, 2018 at 6:49 PM, Abby Chau <achau@...> wrote:
|
|
|
|
Re: Proposal: Metadata for API resources
Stephan Merker
+1
We had to introduce a number of workarounds / extra book keeping to keep track for e.g. ‘system applications’, orgs belonging to the installation and not to customers, orgs requiring exceptions from quota handling etc. Annotations are the natural place to store such information.
Best regards, Stephan
From: cf-dev@... [mailto:cf-dev@...]
On Behalf Of Zach Robinson
Sent: Donnerstag, 7. Juni 2018 19:46 To: cf-dev@... Subject: [cf-dev] Proposal: Metadata for API resources
Hey all,
|
|
|
|
Re: Proposal: Metadata for API resources
David McClure
Cool, that makes a lot of sense. Thanks for filling in that gap in my understanding.
On Fri, Jun 8, 2018 at 11:25 AM Zach Robinson <zrobinson@...> wrote:
|
|
|
|
Re: Proposal: Metadata for API resources
Zach Robinson
Thanks for taking the time to read through it. There was no specific consideration around API similarity in general. It just seemed to make sense for this specific use case. Kube has a nice partitioning of different types of data -- labels vs annotations -- that matched up well with what we have heard regarding what folks would use metadata for. It also made sense to consider for these specific APIs since a large reason for metadata is third party system integration. I've spoken with several folks that are building systems that manipulate objects in both systems, so having low cognitive overhead for cross-platform integration felt like a good path to pursue.
On Fri, Jun 8, 2018 at 2:15 AM David McClure <dmcclure@...> wrote:
|
|
|
|
Re: CF Summit EU: CFP Deadline
Sara Elshahawy
Hi Swarna, Thanks for the email. Actually I was wondering how to edit my proposal after submitting it, I would like to add few more points. Hope you can help! Sara Sr. TPM | Cloud Foundry | Dublin
On Thu, Jun 7, 2018 at 6:51 PM Swarna Podila <spodila@...> wrote: Our community has done a phenomenal job of electing the co-chairs for Summit EU in Basel. Please take a look at the co-chairs at https://www.cloudfoundry.org/blog/announcing-2018-cloud-foundry-eu-summit-track-co-chairs-cfp-extension/.
|
|
|
|
Re: Proposal: Metadata for API resources
David McClure
I read through this yesterday and didn't have any specific comments to leave in-line, but I am happy to see this surface now as I know it's come up in a number of settings in the past. I also thought it was interesting to see the open, implicit acknowledgement of seeking inspiration of convergence with the analogous feature set in Kubernetes. This feels like a healthy thing to see continuing to happen in this community, but I'm also curious to know whether there's any more to it that is worth sharing in this particular case. Aside from meeting user expectations because they may end up using similar features on either CF or Kubernetes, is there any reason or background in the thinking around aiming to have these APIs or experiences be more or less similar to each other?
On Thu, Jun 7, 2018 at 10:46 AM Zach Robinson <zrobinson@...> wrote: Hey all,
|
|
|
|
Proposal: Metadata for API resources
Zach Robinson
Hey all,
The CAPI team would like to share a proposal to apply metadata to API resources. Please have a look and add comments for any questions or concerns. https://docs.google.com/document/d/1Ebko_wNu4wWLnAdHg6wmydEMTx_IdwYnb4Ys0mxVmM4/edit?usp=sharing Thanks! -Zach, CAPI Project Lead
|
|
|
|
CF Summit EU: CFP Deadline
Our community has done a phenomenal job of electing the co-chairs for Summit EU in Basel. Please take a look at the co-chairs at https://www.cloudfoundry.org/blog/announcing-2018-cloud-foundry-eu-summit-track-co-chairs-cfp-extension/.
The deadline to submit your speaking proposals is tomorrow, June 8th at 11.59pm US Pacific time. Have a question before submitting your proposal? Post it on #summit channel on slack and/or tag @cfp-help. Submitted your proposal already but not sure how to edit it? Email me directly or send me a slack private message.
|
|
|
|
Re: Database support for UAA
Filip Hanik
hi Enrique, What became problematic for the UAA was test driven development and continuous integration. Having actual Oracle database instances running in multiple environments. The different databases have three components in UAA 1. The configuration - including some DB specific components to modify the JDBC URL on the fly [1] [2] 2. The migration scripts [3][4] This can definitely be extracted to make it externally configurable to an already compiled version of the UAA. Such functionality does not exist today, it would have to be added through a contribution with accompanying tests.
On Wed, Jun 6, 2018 at 10:01 AM, <enrique.canocarballar@...> wrote: I understand that UAA can run against MySQL and Postgres as the backend database, and Oracle was considered in the past but was discarded due to the enterprise licensing model (https://github.com/
|
|
|
|
Re: Proposed BOSH logging interface
Carlo Alberto Ferraris
Jesse,
sorry for the late reply. One thing we normally add to our internal bosh releases - something that is especially useful for the control/drain scripts, but that we do almost for every single process, is the ability to add a timestamp to each line and the PID of the process generating the logs. It would be very neat if the logging interface had an (opt-in?) provision to handle this so that release authors don't have to do it manually.
|
|
|
|
Database support for UAA
Enrique Cano
I understand that UAA can run against MySQL and Postgres as the backend database, and Oracle was considered in the past but was discarded due to the enterprise licensing model (https://github.com/cloudfoundry/uaa/issues/291).
My question is whether there is a way to develop support for Oracle (or any other database) without having to integrate the code within the UAA repo. In other words, is there a way to externalise the components to support a different database and then make it work alongside UAA's war file? Thanks Enrique
|
|
|