Highlights
- This release removes the HA clock job locking, which was causing performance issues on CCDB.
- Introduce a scope to allow global auditing --
cloud_controller.global_auditor. This gives a readonly view of all resources, but exempts information that auditors do not need to see such as environment variables and credentials.
CC API Version: 2.74.0 and 3.9.0
Service Broker API Version: 2.11
CAPI Release
- As an operator, I would like the blobstore to only accept TLSv1.2 and a subset of TLS ciphers details
Cloud Controller
- /v3/processes/:guid/stats should not result in an UnknownError when BBS is gone details
- API client can GET /v3/isolation_segments/:guid/organizations details
- API client can GET /v3/spaces details
- API client can filter /v3/organizations by name details
- API client can filter /v3/spaces by name details
- As an operator, I would like to grant an API client a scope that allows it to audit droplets across the Cloud Foundry deployment details
- Follow nginx recommendations for reducing CPU load details
- Pushing an app when the prior push did not hit droplet_completed should not result in an UnknownError details
- Task delete does not use bbs client details
- Update NOTICE files details
- an isolation segment can be assigned to a space with running apps details
- an org can have a default_isolation_segment assigned with spaces containing running apps details
Pull Requests and Issues
- cloudfoundry/cloud_controller_ng #560: SSO clients should have uaa.resource authority details
- cloudfoundry/cloud_controller_ng #681: configurable actor name used in events details
- cloudfoundry/cloud_controller_ng #766: cloud_controller_clock doesn't appear to recover well from connection error when in HA mode details