0.200.0

Release Notes

• Feature: Operators can configure Gorouter logs to have human readable timestamps (RFC3339 format) via a bosh property.
• Feature: Operators can now configure the Max TLS in Gorouter. More information on the team's exploration of TLSv1.3 in routing-release can be found here.
• Documentation: General Updates (Docs for opsfiles, Docs for scripts, Readme Review)
• Bug Fix: Resolved an infrequent race condition in the route-fetcher code of gorouter.
• Built with go1.14.2

0.199.0

Release Highlights

• Feature: Operators can configure route registrar to us TLS when connecting to NATS server.
  • NOTE: Route registrar now relies on the bosh-dns-alias of nats.service.cf.internal instead of the nats machine IP address. Other deployments using the route registrar job must also include the bosh-dns-aliases release.
• Bug Fix: Developers can make large POST requests and Gorouter no longer prematurely closes the connection.
• Bug Fix: When an app is associated with a route service, the gorouter no longer fails to validate when the app request contains query parameters with control characters.

0.198.0

Release Highlights

• When application developers embed content and also enable sticky sessions, they want cookies to travel through embedded content. The gorouter now sets vcap_id SameSite value based on JSESSIONID to prevent a sticky session error. details

0.197.0

Release Highlights

• Platform Operators can now experience easier debugging using human-readable timestamps based on configuration in gorouter.stdout.log details

• We received feedback that the access.log app_time metric is ambiguous since it includes network time and not just application time. To avoid any confusion for application developers, the gorouter access.log no longer emits the app_time metric details

• Breaking change: Requests with nonexistent instance ID headers and with syntactically incorrect instance ID headers will now return a 400 status code instead of a 404 status code. A 400 status code indicates that the server cannot or will not process the request due to a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

0.196.0

Release Highlights

• Platform Operators can now configure the database max idle and max open connections along with the connection timeout for routing-api details

• Application Developers can see metrics that help them more easily determine if latency is coming from the gorouter or their application details

• Platform Operators can now leverage jq on the router vm to debug more easily details

• Application Developers can leverage w3c trace context to experience better:
  - Visibility into the behavior of distributed applications
  - Management of micro-service applications details

• Routing Release is built with Go 1.13, which includes TLS 1.3. However, TLS 1.3 is now turned off for now for the TCP-Router endpoints as a result of this issue: golang/go#35722

Manifest Property Changes

Job	Property	0.195.0 Default	0.196.0 Default
gorouter	tracing.enable_w3c	Did Not Exist	False
gorouter	tracing.w3c_tenant_id	Did Not Exist	""
routing_api	routing_api.sqldb.max_open_connections	Did Not Exist	200
routing_api	routing_api.sqldb.max_idle_connections	Did Not Exist	10
routing_api	routing_api.sqldb.connections_max_lifetime_seconds	Did Not Exist	3600

0.195.0

Release Highlights

• Platform Operators can continue routing to applications and system components even during a control plane outage details

• Application Developers can ensure that their Java apps communicate to the gorouter successfully and do not experience any error caused due to TLS1.3 details

• Routing Release is built with Go 1.13, which includes TLS 1.3. However, TLS 1.3 is turned off for now for the GoRouter as a result of this issue: golang/go#35722

Manifest Property Changes

Job	Property	0.193.0 Default	0.195.0 Default
gorouter	router.prune_all_stale_routes	false	property removed

Test release

this is a release to test our pipelines.

0.193.0 -- DO NOT USE -- contains TLS 1.3 bug

Release Highlights

• GoRouter return a 503 not a 404 when no endpoint available details
• Gorouter supports cookies (which are not JSESSIONID) to trigger sticky sessions details
• Lookup handler does not expose LB IP details
• Gorouter returns a friendly error on incorrect nonce details
• Components of networking subsystems are built with golang 1.13.x details

Manifest Property Changes

Job	Property	0.192.0 Default	0.193.0 Default
gorouter	proxy net.Dialer KeepAlive	15s	1s
gorouter	keep alive probe interval	non-configurable	configurable
gorouter	sticky_session_cookies name	non-configurable	configurable

0.192.0 -- DO NOT USE -- contains TLS 1.3 bug

Release Highlights

• Operator can see an error logged when the GoRouter panics serving a request details
• GoRouter restarts gracefully when encountering an unrecoverable error details
• Route-registrar can toggle to mTLS or plain-text details
• Routing registrar set based on routing API: mTLS /plaintext details
• GoRouter includes App, Org, and Space names when emitting access log messages to loggregator details
• CF-Deployment has a value greater than 0 for idle connections details

Manifest Property Changes

Job	Property	0.191.0 Default	0.192.0 Default
gorouter	drain_timeout	did not exist	configurable and defaults to 900s
gorouter	max_idle_connections	0	100

0.191.0

Release Highlights

• GoRouter supports indicator protocol to self-declare and self-document the monitoring and alerting behavior details
• Fixed goroutine leak when WebSocket Requests timed out: cloudfoundry/routing-release #153 details
• Fixed a bug that caused a disabled routing-api job to update the api VM on deploy: cloudfoundry/routing-release #155 details
• Update go version to 1.12.9