0.139.0

• PCRE has been updated in TCP Router to 8.39 details
• Gorouter now offers HTTP healthcheck endpoint /health on port 8080 (configurable via existing router.status.port property) with support for properties router.load_balancer_healthy_threshold and router.drain_wait details
• TCP Router now offers HTTP healthcheck endpoint /health on port 80 (configurable with property haproxy.health_check_port) details
• Gorouter will route a request that contains a valid value for X-Cf-App-Instance HTTP header to the specified backend details
• Gorouter now accurately reports in access log the number of bytes sent in the response body when returning an error details
• Gorouter now supports optionally forcing the value of X-Forwarded-Proto sent to backends to https when an upstream component is terminating TLS but does not support sending HTTP headers

Support for Zipkin tracing

• When Zipkin tracing is enabled, if request does not include both X-B3-TraceId and X-B3-SpanId HTTP headers, router will initiate a new trace id details
• When Zipkin tracing is enabled, and request includes both X-B3-TraceId and X-B3-SpanId, Gorouter will forward HTTP header X-B3-ParentSpanId to the backend, set to the value of X-B3-SpanId in the received request details
• When Gorouter initiates a trace, X-B3-TraceId and X-B3-SpanId headers are set to the same value details

In Progress

• Routing API support for MySQL/PostgreSQL details

Known Issues

• The routing API stores the router_group resource in etcd. Router group data is necessary to maintain consistency with the CC API's shared domains, which means that blowing away the data in etcd is not safe when using TCP routing.

Manifest Property Changes

gorouter

0.138.0	0.139.0	Default Value
property did not exist	router.force_forwarded_proto_https	false

0.138.0

• Gorouter can now be optionally configured to send Zipkin tracing HTTP headers X-B3-TraceId and X-B3-SpanId; these are also logged in the access log details
• Gorouter now logs the NATS IP and port it connects to details
• Gorouter now supports a configurable delay after which a newly started router begins listening for requests before bosh considers the process up details
• Gorouter now logs unregister and pruning messages at an Info log level details
• Gorouter now logs app index in access log details
• The HTTP User-Agent header for which Gorouter responds to healthchecks from load balancers is now configurable details
• Gorouter route pruning can optionally be suspended when NATS is unavailable details
• Gorouter now healthchecks NATS every 20 seconds so in the event of a NATS failure it will failover to a health NATS node and still have enough time to receive route registrations before pruning routes details
• Route-registrar now healthchecks NATS every 20 seconds details
• In Progress: Routing API support for MySQL/PostgreSQL details
  • In order to support a relational database, and still support event streams, Routing API instances now run in active/standby configuration, using Consul for lock details

Bug Fixes

• TCP Router generates connection errors under load details
• unfamiliar error in router_configurer_ctl.err.log details

Known Issues

• The routing API stores the router_group resource in etcd. Router group data is necessary to maintain consistency with the CC API's shared domains, which means that blowing away the data in etcd is not safe when using TCP routing.

Manifest Property Changes

gorouter

0.137.0	0.138.0	Default Value
property did not exist	router.tracing.enable_zipkin	false
property did not exist	router.load_balancer_healthy_threshold	20
property did not exist	router.healthcheck_user_agent	HTTP-Monitor/1.1
property did not exist	router.suspend_pruning_if_nats_unavailable	false

Dependencies

cf-release v239
diego-release 0.1479.0
cf CLI 6.17

0.137.0

• All routing components have been upgraded to golang1.6 details
  • Note: GoRouter does not currently support proxying HTTP/2 connections. Requests to backends will be made with HTTP/1.1 details
• New manifest property suspend_pruning_if_NATS_unavailable can now be used to suspend pruning of HTTP routes if Gorouter cannot connect to NATS details

Bug Fixes

• Pruning of root route in the presence of a route with a context path previously resulted in an unexpected 502 details
• TCP Emitter attempted to map routes with no external ports details
• Deployment with incorrect manifest configuration for Routing API, TCP Router, and TCP Emitter only failed on Routing API job details
• Deployment did not fail when Routing API cannot save its own route in the database details

Known Issues

• The routing API stores the router_group resource in etcd. Router group data is necessary to maintain consistency with the CC API's shared domains, which means that blowing away the data in etcd is not safe when using TCP routing.

Manifest Property Changes

acceptance_tests

0.136.0	0.137.0	Default Value
property did not exist	acceptance_tests.skip_ssl_validation	false
acceptance_tests.cloud_controller.skip_ssl_validation	Removed property, value is pulled from acceptance_tests.skip_ssl_validation
acceptance_tests.uaa.skip_ssl_validation	Removed property, value is pulled from acceptance_tests.skip_ssl_validation

gorouter

0.136.0	0.137.0	Default Value
property did not exist	router.suspend_pruning_if_nats_unavailable	false

Dependencies

cf-release v239
diego-release 0.1479.0
cf CLI 6.17

0.136.0

• route-registrar source has been moved to routing-release and is symlinked in cf-release details
• route-registrar process is not run as root details
• rtr CLI option --skip-tls-verification applies to both --api and --oauth-url options details
• Default reservable port range for router groups reduced to 100 ports on BOSH-lite details
• Added explicit API documentation for the Routing API details
• routing-release can be deployed without a seeded router group details
• GoRouter now supports PROXY Protocol details

Dependencies

cf-release v236
diego-release 0.1468.0
cf CLI 6.17

0.135.0

• BOSH does not report tcp_router job as failing when reloading configuration, and runs as vcap user details
• Fixed bug: gorouter doesn't send logs to syslog details
• Continued improving documentation around metrics sent on the firehose details
• Routing components support manifest property to configure a trusted CA certificate for TLS communication between the components and UAA server. details
• Output meaningful error when running routing acceptance tests errand when Routing API is not running details
• Allow an operator to update router group reservable_ports field through the API. details
• Expose uptime metric in the firehose for the GoRouter details
• Fixed bug: x-cf-forwarded-url header to route service no longer includes port details

Manifest Property Changes

acceptance_tests

0.134.0	0.135.0	Default Value
skip_ssl_validation	acceptance_tests.uaa.skip_ssl_validation	false
property did not exist	acceptance_tests.system_domain	Required property
uaa.tls_port	Removed property since we now use system_domain to contact UAA

gorouter

0.134.0	0.135.0	Default Value
router.debug_addr	router.debug_address	0.0.0.0:17002
property did not exist	router.enable_proxy	false
property did not exist	uaa.ca_cert	""

router_configurer

0.134.0	0.135.0	Default Value
router_configurer.debug_addr	router_configurer.debug_address	0.0.0.0:17002
property did not exist	uaa.ca_cert	""

routing-api

0.134.0	0.135.0	Default Value
routing.etcd.servers	routing_api.etcd.servers	Required property
routing.etcd.client_cert	routing_api.etcd.client_cert	"", required if routing.etcd.require_ssl is true
routing.etcd.client_key	routing_api.etcd.client_key	"", required if routing.etcd.require_ssl is true
routing.etcd.ca_cert	routing_api.etcd.ca_cert	"", required if routing.etcd.require_ssl is true
routing.etcd.require_ssl	routing_api.etcd.require_ssl	false
property did not exist	uaa.ca_cert	""

tcp_emitter

0.134.0	0.135.0	Default Value
tcp_emitter.debug_addr	tcp_emitter.debug_address	0.0.0.0:17002
tcp_emitter.consul.session_name	Removed property
property did not exist	uaa.ca_cert	""

Dependencies

cf-release v236
diego-release 0.1468.0
cf CLI 6.17

0.134.0

• Many manifest properties have been changed for simplicity details
• BOSH no longer reports tcp_router job failing when routing table changes details
• Routing API support encrypted communication with etcd details
• Fixed bug: default for property uaa.tls_port was a string details
• haproxy on superman errors with tcp router and haproxy stats details
• Fixed permission issues with haproxy stats socket details
• Gorouter now uses cgo netdns instead of the golang DNS resolver details
• Improved error message logged when router group in manifest doesn't contain ports details
• Improved error message returned when running routing-acceptance-tests and routing-release (routing api) is not deployed details
• Gorouter metric eventType:HttpStartStop now includes field Forwarded for each value of X-Forwarded-For header details
• Fix pruning debug statement to only log when actually pruning a route details

Manifest Property Changes

haproxy

0.133.0	0.134.0
router.haproxy.request_timeout_in_seconds	haproxy.request_timeout_in_seconds
router.haproxy.health_check_port	haproxy.health_check_port

router_configurer

0.133.0	0.134.0
router.router_configurer.debug_addr	router_configurer.debug_addr
router.router_configurer.log_level	router_configurer.log_level
router.router_configurer.tcp_config_file_template	REMOVED
router.router_configurer.tcp_config_file	REMOVED
router.router_configurer.tcp_stats_unix_socket	router_configurer.tcp_stats_unix_socket
router.router_configurer.tcp_stats_collection_interval	router_configurer.tcp_stats_collection_interval
router.router_configurer.routing_api_port	REMOVED
router.router_configurer.routing_api_auth_disabled	routing_api.auth_disabled
router.router_configurer.tcp_router_secret	router_configurer.oauth_secret
router.router_configurer.uaa_port	REMOVED
router.router_configurer.uaa_ssl_port	uaa.tls_port
router.router_configurer.skip_oauth_tls_verification	skip_ssl_validation
	metron.port

routing_api

0.133.0	0.134.0
routing-api.max_ttl	routing_api.max_ttl
routing-api.port	REMOVED
routing-api.auth_disabled	routing_api.auth_disabled
routing-api.metrics_reporting_interval	routing_api.metrics_reporting_interval
routing-api.statsd_endpoint	routing_api.statsd_endpoint
routing-api.debug_address	routing_api.debug_address
routing-api.statsd_client_flush_interval	routing_api.statsd_client_flush_interval
routing-api.system_domain	routing_api.system_domain
routing-api.etcd_machines	routing.etcd.servers
	routing.etcd.client_cert
	routing.etcd.client_key
	routing.etcd.ca_cert
	routing.etcd.require_ssl
routing-api.skip_oauth_tls_verification	skip_ssl_validation
routing-api.uaa_ssl_port	uaa.tls_port
routing-api.log_level	routing_api.log_level
metron_endpoint.host	REMOVED
metron_endpoint.dropsonde_port	REMOVED
routing-api.router_groups	routing_api.router_groups
	metron.port

tcp_emitter

0.133.0	0.134.0
router.tcp_emitter.debug_addr	tcp_emitter.debug_addr
router.tcp_emitter.log_level	tcp_emitter.log_level
router.tcp_emitter.bbs.api_location	bbs.api_location
router.tcp_emitter.bbs.ca_cert	bbs.ca_cert
router.tcp_emitter.bbs.client_cert	tcp_emitter.bbs.client_cert
router.tcp_emitter.bbs.client_key	tcp_emitter.bbs.client_key
router.tcp_emitter.bbs.require_ssl	bbs.require_ssl
router.tcp_emitter.routing_api_port	REMOVED
router.tcp_emitter.routing_api_auth_disabled	routing_api.auth_disabled
router.tcp_emitter.tcp_emitter_secret	tcp_emitter.oauth_secret
router.tcp_emitter.uaa_port	REMOVED
router.tcp_emitter.consul_cluster	consul.servers
router.tcp_emitter.lock_ttl	tcp_emitter.lock_ttl
router.tcp_emitter.lock_retry_interval	tcp_emitter.lock_retry_interval
router.tcp_emitter.session_name	tcp_emitter.consul.session_name
router.tcp_emitter.skip_oauth_tls_verification	skip_ssl_validation
router.tcp_emitter.uaa_ssl_port	uaa.tls_port
router.tcp_emitter.sync_interval	tcp_emitter.sync_interval
router.tcp_emitter.route_ttl	tcp_emitter.route_ttl
	metron.port

acceptance_tests

0.133.0	0.134.0
acceptance_tests.api	acceptance_tests.cloud_controller.api
acceptance_tests.apps_domain	acceptance_tests.cloud_controller.apps_domain
acceptance_tests.admin_user	acceptance_tests.cloud_controller.admin_user
acceptance_tests.admin_password	acceptance_tests.cloud_controller.admin_password
acceptance_tests.skip_ssl_validation	acceptance_tests.cloud_controller.skip_ssl_validation
acceptance_tests.use_http	acceptance_tests.cloud_controller.use_http
acceptance_tests.tcp_emitter_secret	tcp_emitter.oauth_secret
acceptance_tests.skip_oauth_tls_verification	skip_ssl_validation
acceptance_tests.uaa_port	uaa.tls_port

gorouter

0.133.0	0.134.0
router.skip_oauth_tls_verification	REMOVED
metron_endpoint.host	REMOVED
routing-api.port	routing_api.port
routing-api.auth_disabled	routing_api.auth_disabled
	metron.port

Dependencies

cf-release v236
diego-release 0.1468.0
cf CLI 6.17

0.133.0

Note: final release is in routing-release/releases/routing/routing-0.133.0.yml. In subsequent releases this has been symlinked back to routing-release/releases

• Release renamed to routing-release details
• Some processes no longer run as root [details, more details]
• Unused logging properties have been removed details
• Gorouter source has been moved to this release and is symlinked into cf-release details
• Remove unused golang 1.4 package details
• TCP Routes are now pruned from TCP Router on a TTL when Routing API is unavailable, to prevent requests from being routed to the wrong backends details
• When registering routes with Routing API, a TTL can be optionally specified (defaults to 120s) details
• TCP Routes are now pruned from Routing API if client ceases to heartbeat route registration, to prevent requests from being routed to the wrong backends details
• TCP Router will only overwrite data received in periodic bulk fetches with buffered events if events are newer details
• Log level can be configured for routing api using a manifest property details
• Documented use of modification tags for router authors to reconcile data received from events and bulk fetch endpoints Additional Routing API docs details

Manifest Property Changes

0.126.0	0.133.0
added	routing-api.log_level
added	router.tcp_emitter.route_ttl
acceptance_tests.bbs.api_location	removed
acceptance_tests.bbs.ca_cert	removed
acceptance_tests.bbs.client_cert	removed
acceptance_tests.bbs.client_key	removed
acceptance_tests.bbs.require_ssl	removed

Dependencies

cf-release v236
diego-release 0.1468.0
cf CLI 6.17

0.126.0

Golang has been updated to 1.5.4 to address vulnerabilities in 1.5.3

Dependencies

cf-release v236
diego-release 0.1468.0
cf CLI 6.17

0.123.0

This release delivers MVP support for TCP Routing when deployed alongside cf-release and diego-release.

• All components are now highly available and horizontally scalable epic
• TCP Router and TCP Emitter cache OAuth tokens from UAA to communication with Routing API; Routing API validates tokens locally and fetches verification key from UAA automatically epic
• All components communicate with UAA internally over TLS epic
• Operator can now configure the range of ports that Cloud Controller will use when developers create TCP routes details

Consolidating Routing components into this release

• Routing API is now deployed with this release, not with cf-release details
• cf-tcp-acceptance-tests repo renamed to cf-routing-acceptance-tests details
• Routing API acceptance tests moved to cf-routing-acceptance-tests details

Instrumentation and Monitoring (in progress)

• Additional metrics for Routing API are now emitted via firehose details
• golang process metrics for all components are now emitted via firehose details

CLI

• Routing API CLI is now a submodule of this release details
• New stable Routing API CLI supports skip-ssl-validation details

Misc

• Routing components have been upgraded to golang 1.5.3 details
• bosh-lite manifest generation is now consistent with cf-release details
• This release and cf-mysql-release can now both be deployed to boshlite without IP collision details
• Consul agent updated to use new internal hostname details
• Acceptance tests use CC API instead of Diego details

Dependencies

cf-release v236
diego-release 0.1468.0
cf CLI 6.17

Do not use

0.122.0

Create final release 0.122.0