Reported Problems
bosh-initdoesn't work with this stemcell on OpenStack and AWS due to #1500- Booting the stemcell image directly in you IaaS (without using BOSH/bosh-init) does no longer provision the ssh key for user
vcap, so you need to login differently
Changes
- Agent will now wait for monit to complete stop all processes before carrying on
- Added google stemcells
- Default dmesg_restrict to 1
- Disable all IPv6 configurations
- Reenabled UDF kernel module for Azure
- Increase root_maxkeys and maxkeys kernel configurations
- Changed default hostname to bosh-stemcell instead of localhost to avoid boot problems on GCP
- Lower TCP keepalive configuration by default
- Mount /var/log directory to /var/vcap/data/root_log
- Restrict Access to the su command
- Add pam_cracklib requirements to common-password and password-auth
- Enable auditing for processes that start prior to auditd
- Set log rotation interval to 15 min in stemcell
- Made ownership & permissions for /etc/cron* files more restrictive
- Customize shell prompt to show instance name and ID
- Removed floppy drives from vSphere stemcells
- Removed
bosh microassets hence makingbosh microunsupported
Misc:
- Stemcells are now built through Concourse via https://main.bosh-ci.cf-app.com/teams/main/pipelines/bosh:stemcells