cloudfoundry/bosh stable-3363

Stemcell 3363

on GitHub

Reported Problems:

• DO NOT USE azure stemcell as it may cause data loss.
• Out of memory errors still exists in Kernel 4.4.0.62
  • will be fixed around Feb 20.
• rsyslog version updated to 8.24.0, regressing on issue #1537
• AWS Light stemcell has incorrect name once imported
• BOSH SSH does not work on BOSH Lite

Changes:

• Add more auditd rules
• Fix CentOS initramfs to load necessary kernel modules
• Disable boot loader login
• Increasing tcp_max_sync_backlog
• Disabling any DSA host keys
• Add bosh_sshers group and assign it to vcap user
  • Only allow users in bosh_sshers group to SSH

Agent:

• Log Agent API access events in CEF format to syslog (vcap.agent topic)
• Allow configuring swap size through env.bosh.swap_size (example: env.bosh.swap_size: 0)
• Prepare for SHA2 releases
• Allow setting fetching to work with base64 encoded user data
• Do not delaycompress in logrotate