+2022-09-15T01:59:33.99+0000 [APP/PROC/REV/2/WEB/0] OUT hello world from new +2022-09-15T01:59:34.99+0000 [APP/PROC/REV/1/WEB/1] OUT hello world from old ++ +
+Note +Logs with revision id are only available if enabled in the platform installation
+ + Each app might have a configured log rate limit. If the app logs exceed the configured log rate limit, you see a log entry indicating that the limit was exceeded. For example: From e93aa0dc2d921b3e96a2db925b97aa5d939f3da5 Mon Sep 17 00:00:00 2001 From: Sam Gunaratne <385176+Samze@users.noreply.github.com> Date: Wed, 7 Aug 2024 15:47:16 -0600 Subject: [PATCH 002/132] Rephrase app revision note --- deploy-apps/streaming-logs.html.md.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-apps/streaming-logs.html.md.erb b/deploy-apps/streaming-logs.html.md.erb index 4b400222..2d6d4f15 100644 --- a/deploy-apps/streaming-logs.html.md.erb +++ b/deploy-apps/streaming-logs.html.md.erb @@ -121,7 +121,7 @@ For example, below shows the log line from two different revisions and web instaNote -Logs with revision id are only available if enabled in the platform installation
+Logs with revision id are only available if the application uses revisions and it is enabled in the platform Each app might have a configured log rate limit. If the app logs exceed the configured log rate limit, you see a log entry indicating that the limit was exceeded. From 301ec722d9d49341ce5ae7a484f37a3d77012423 Mon Sep 17 00:00:00 2001 From: Sam GunaratneCannot scale this process while a deployment is in flight.. For more information, see Scale a process
or Update a process in the CAPI V3 documentation.
+ Note @@ -148,6 +149,9 @@ Review the limitations of this feature before running the command. For more info "droplet": { "guid": "DROPLET-GUID" }, + "options": { + "max_in_flight": MAX_IN_FLIGHT + }, "strategy": "canary", "relationships": { "app": { @@ -159,6 +163,7 @@ Review the limitations of this feature before running the command. For more info }' ``` Where `DROPLET-GUID` and `APP-GUID` are the GUIDs that you recorded in earlier steps. + Where `MAX_IN_FLIGHT` is an integer that applies **after** the single canary instance is successful and specifies the maximum number of new instances to start simultaneous until the deployment is complete. Optional and defaults to 1. For more information about this command, see [How it works](#how-it-works). @@ -276,9 +281,8 @@ The following table describes the limitations of when using canary deployments.
Note
@@ -144,6 +145,9 @@ Review the limitations of this feature before running the command. For more info
"guid": "DROPLET-GUID"
},
"strategy": "rolling",
+ "options": {
+ "max_in_flight": MAX_IN_FLIGHT
+ },
"relationships": {
"app": {
"data": {
@@ -154,6 +158,7 @@ Review the limitations of this feature before running the command. For more info
}'
```
Where `DROPLET-GUID` and `APP-GUID` are the GUIDs that you recorded in earlier steps.
+ Where `MAX_IN_FLIGHT` is an integer that specifies the maximum number of new instances to start up simultaneous until the deployment is complete. Optional and defaults to 1.
For more information about this command, see [How it works](#how-it-works).
@@ -211,6 +216,9 @@ configuration updates that require a restart, such as environment variables or s
"guid": "DROPLET-GUID"
},
"strategy": "rolling",
+ "options": {
+ "max_in_flight": MAX_IN_FLIGHT
+ },
"relationships": {
"app": {
"data": {
@@ -221,7 +229,7 @@ configuration updates that require a restart, such as environment variables or s
}'
```
Where `DROPLET-GUID` and `APP-GUID` are the GUIDs that you recorded in earlier steps.
-
+ Where `MAX_IN_FLIGHT` is an integer that specifies the maximum number of new instances to start up simultaneous until the deployment is complete. Optional and defaults to 1.
## How it works
@@ -235,14 +243,14 @@ This section describes pushing an app with a rolling deployment strategy.
1. Stages the updated app package.
2. Creates a droplet with the updated app package.
3. Creates a deployment with the new droplet and any new configuration.
- * This starts a new process with one instance that shares the route with the old process.
+ * This starts up to `max_in_flight` processes that shares the route with the old process.
* Now, if you run `cf app` on your app, you see multiple `web` processes.
For more information about the deployment object, see the [Deployments](http://v3-apidocs.cloudfoundry.org/index.html#deployments) section of the CAPI V3 documentation.
2. After the command creates the deployment, the `cc_deployment_updater` BOSH job runs in the
background, updating deployments as follows:
- 1. Adds another instance of the new web process and removes an instance from the old web process. This step repeats until the new web process reaches the required number of instances.
+ 1. Adds up to `max_in_flight` instances of the new web process and removes instances from the old web process. This step repeats until the new web process reaches the required number of instances.
Important This happens only if all instances of the new web process are running.
@@ -282,9 +290,8 @@ The following table describes the limitations of when using rolling deployments.Cannot scale this process while a deployment is in flight.. For more information, see Scale a process
+ or Update a process in the CAPI V3 documentation.Cannot scale this process while a deployment is in flight.. For more information, see Scale a process
or Update a process in the CAPI V3 documentation.
- $ cf create-user-provided-service DRAIN-NAME -l SYSLOG-URL -p '{"cert":"-----BEGIN CERTIFICATE-----\nMIIH...-----END CERTIFICATE-----","key":"-----BEGIN PRIVATE KEY-----\nMIIE...-----END PRIVATE KEY-----"}
+ $ cf create-user-provided-service DRAIN-NAME -l SYSLOG-URL -p '{"cert":"-----BEGIN CERTIFICATE-----\nMIIH...-----END CERTIFICATE-----","key":"-----BEGIN PRIVATE KEY-----\nMIIE...-----END PRIVATE KEY-----"}'
If your certs include the V3 extension `X509v3 Extended Key Usage`, ensure that you are using the right key policies. For TLS, you need server authentication, and for mTLS, you also need client authentication. For example, TLS Web Server Authentication for TLS with TLS Web Client Authentication for mTLS is defined as follows:
@@ -121,7 +121,7 @@ You can create a syslog drain service and bind apps to it using Cloud Foundry Co
A combination of the approaches described earlier uses a certificate authority for a server certificate signed by your private ca and a client certificate and key.
- $ cf create-user-provided-service DRAIN-NAME -l SYSLOG-URL -p '{"ca":"-----BEGIN CERTIFICATE-----\nMIIH...-----END CERTIFICATE-----", "cert":"-----BEGIN CERTIFICATE-----\nMIIH...-----END CERTIFICATE-----","key":"-----BEGIN PRIVATE KEY-----\nMIIE...-----END PRIVATE KEY-----"}
+ $ cf create-user-provided-service DRAIN-NAME -l SYSLOG-URL -p '{"ca":"-----BEGIN CERTIFICATE-----\nMIIH...-----END CERTIFICATE-----", "cert":"-----BEGIN CERTIFICATE-----\nMIIH...-----END CERTIFICATE-----","key":"-----BEGIN PRIVATE KEY-----\nMIIE...-----END PRIVATE KEY-----"}'
For more information, see [User-provided service instances](./user-provided.html).
From bb5bd0a4dea0ebd37dc258e30f128a6629e6c662 Mon Sep 17 00:00:00 2001
From: Paul Spinrad SERVICE-INSTANCE-NAME is a name you provide for this SMB volume service instance.//SERVER/SHARE is the SMB address of your server and share.SMB-VERSION is the SMB protocol version you want to use. For example, to use SMB 2.1, set the version to 2.1. Valid values are 1.0, 2.0, 2.1, or 3.0. If you do not specify a version, the client and server negotiate a protocol version at mount time. The client and server usually select the latest available version.
+ (Optional) SMB-VERSION is the SMB protocol version you want to use. For example, to use SMB 2.1, set the version to 2.1. Valid values are 1.0, 2.0, 2.1, or 3.0, 3.1.1. If you do not specify a version, the client and server negotiate a protocol version at mount time. The client and server usually select the latest available version. 3.1.1 is supported as of [v3.2.0 smb-volume-release](https://github.com/cloudfoundry/smb-volume-release/releases/tag/v3.2.0).
APP-GUID is the GUID of your app.ROUTE-GUID is the GUID of the route to map to the sidecar.PORT is a custom port on which your app is configured to
+ receive requests. This is 8081 for the above example.APP-GUID is the GUID of your app.ROUTE-GUID is the GUID of the route to map to the sidecar.PORT is a custom port on which your app is configured to
- receive requests. This is 8081 for the above example.APP-GUID is the GUID of your app.ROUTE-GUID is the GUID of the route to map to the sidecar.PORT is a custom port on which your app is configured to
+ receive requests. This is 8081 for the above example.-Important -The cf CLI v6 commands described in this topic are experimental and unsupported, but are supported in cf CLI v7. The latest supported cf CLI release is cf CLI v8. To upgrade to cf CLI v7, see Upgrading to cf CLI v7. To upgrade to cf CLI v8, see Upgrading to cf CLI v8.
-| Resource | From c3bc1157a34822ff946d1dfeaac60ebbc0e4da42 Mon Sep 17 00:00:00 2001 From: Greg Cobb|||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Resource | Description | -Command | +Commands | ||||||||||
| App | @@ -32,6 +32,8 @@ For information about using these commands, see [Example workflows](#example-wor For more information, see Apps in the CAPI documentation.
|
@@ -43,12 +45,13 @@ For information about using these commands, see [Example workflows](#example-wor
|
|||||||||||
| Build | -Staging the app. Creating a build combines a Package with a Buildpack and builds it into an executable resource. + | Staging the app. Creating a build combines a Package with a Buildpack and builds it into an executable resource, called a Droplet. For more information, see Builds in the CAPI documentation. |
|
|
@@ -72,7 +77,8 @@ For information about using these commands, see [Example workflows](#example-wor
For more information, see Space Manifest in the CAPI documentation.
|
-Caution The overlay network IP address range must not conflict with any other IP addresses in the network. If a conflict exists, Diego Cells cannot reach any endpoint that has a conflicting IP address.
### Configure the number of containers per cell diff --git a/deploy-apps/_v3-note.html.md.erb b/deploy-apps/_v3-note.html.md.erb index 3cfe8b8d..31e5e807 100644 --- a/deploy-apps/_v3-note.html.md.erb +++ b/deploy-apps/_v3-note.html.md.erb @@ -1,5 +1,4 @@
-Note An exception to the cases previously mentioned is when monit restarts a Diego Cell replacement or Garden server that has failed. In this case, <%= vars.app_runtime_abbr %> immediately stops the apps that are still running using SIGKILL.
diff --git a/deploy-apps/blue-green.html.md.erb b/deploy-apps/blue-green.html.md.erb index f109a36f..72453524 100644 --- a/deploy-apps/blue-green.html.md.erb +++ b/deploy-apps/blue-green.html.md.erb @@ -25,7 +25,6 @@ version by switching back to Blue. You can adjust the route mapping pattern to display a static maintenance page during a maintenance window for time-consuming tasks such as migrating a database. In this scenario, the router switches all incoming requests from Blue to Maintenance to Green.-Important If your app uses a relational database, blue-green deployment can lead to discrepancies between your green and glue databases during an update. To maximize data integrity, configure a single database for backward and forward compatibility.
diff --git a/deploy-apps/cf-networking.html.md.erb b/deploy-apps/cf-networking.html.md.erb index eb0a1471..35104328 100644 --- a/deploy-apps/cf-networking.html.md.erb +++ b/deploy-apps/cf-networking.html.md.erb @@ -7,7 +7,6 @@ owner: CF for VMs Networking The container-to-container networking feature, also known as CF Networking, allows direct network traffic between apps. For an overview of how container-to-container networking works, see [Container-to-container networking](../../concepts/understand-cf-networking.html).-Important Container-to-container networking is not available for apps hosted on Microsoft Windows.
<%= vars.app_traffic_logging %> diff --git a/deploy-apps/cf-scale.html.md.erb b/deploy-apps/cf-scale.html.md.erb index 17517652..831b629a 100644 --- a/deploy-apps/cf-scale.html.md.erb +++ b/deploy-apps/cf-scale.html.md.erb @@ -34,7 +34,6 @@ $ cf scale myApp -i 5
-Note
In cf CLI v7+, you can also use --process with cf scale to scale specific processes of your app.
-Important
Changing the timeout setting for the cf CLI does not change the timeout limit for <%= vars.app_runtime_abbr %>
server-side jobs such as staging or starting apps. You must change server-side timeouts in the manifest. Because of the differences between the
<%= vars.app_runtime_abbr %> and cf CLI timeout values, your app might start even though the cf CLI reports App failed. To review the status of your app, run cf apps APP-NAME, where APP-NAME is the name of your app.
-Important The procedure in this topic requires use of a service key, and not all services support service keys. Some services support credentials through app binding only.
diff --git a/deploy-apps/streaming-logs.html.md.erb b/deploy-apps/streaming-logs.html.md.erb index 2d6d4f15..c12f5193 100644 --- a/deploy-apps/streaming-logs.html.md.erb +++ b/deploy-apps/streaming-logs.html.md.erb @@ -120,7 +120,6 @@ For example, below shows the log line from two different revisions and web insta-Note Logs with revision id are only available if the application uses revisions and it is enabled in the platform
diff --git a/deploy-apps/windows-stacks.html.md.erb b/deploy-apps/windows-stacks.html.md.erb index f75d1784..42c51fb0 100644 --- a/deploy-apps/windows-stacks.html.md.erb +++ b/deploy-apps/windows-stacks.html.md.erb @@ -20,7 +20,6 @@ You can also use the Stack Auditor plug-in for the Cloud Foundry Command Line In A stack is a prebuilt root file system (rootfs) that supports a specific operating system. For example, Linux-based systems need `/usr` and `/bin` directories at their root and Windows needs `/windows`. The stack works in tandem with a buildpack to support apps running in compartments. Under Diego architecture, cell VMs can support multiple stacks.-Note Docker apps do not use stacks.
## Available stacks diff --git a/multiple-processes.html.md.erb b/multiple-processes.html.md.erb index f1ed829b..b5ac0b93 100644 --- a/multiple-processes.html.md.erb +++ b/multiple-processes.html.md.erb @@ -124,5 +124,4 @@ To view the processes running as part of an app:
- Important
To avoid security exposure, ensure that you migrated your apps and custom buildpacks to use the cflinuxfs4 stack based on Ubuntu 22.04 LTS (Jammy Jellyfish). The cflinuxfs3 stack is based on Ubuntu 18.04 (Bionic Beaver), which reaches end of standard support in April 2023.
-Important Do not use user-provided environment variables for security-sensitive information such as credentials. They might unintentionally show up in cf CLI output and Cloud Controller logs. Use user-provided service instances instead. The system-provided environment variable VCAP_SERVICES is properly redacted for user roles such as Space Supporter and in Cloud Controller log files.
-Important
The maximum size of an environment variable is 130 KB. This limit applies also to <%= vars.app_runtime_abbr %> system environment variables such as VCAP_SERVICES and VCAP_APPLICATION.
-Important
The cf ssh command in cf CLI v7+ include the all_proxy environment variable, which allows you to specify a proxy server to activate proxying for all requests. For more information, see ssh in the Cloud Foundry CLI Reference Guide and Use SOCKS5 with cf v3-ssh in Using the cf CLI with a proxy server.
-Important
To avoid security exposure, migrate your apps and custom buildpacks to use the cflinuxfs4 stack based on Ubuntu 22.04 LTS (Jammy Jellyfish). The cflinuxfs3 stack is based on Ubuntu 18.04 (Bionic Beaver), which reaches end of standard support in April 2023.
-Note Docker apps do not use stacks.
diff --git a/deploy-apps/stop-delete.html.md.erb b/deploy-apps/stop-delete.html.md.erb index dde9217e..66af01bb 100644 --- a/deploy-apps/stop-delete.html.md.erb +++ b/deploy-apps/stop-delete.html.md.erb @@ -29,7 +29,6 @@ Example: ## Delete an app
-Caution
Deleting an app is irreversible. We recommend that you run cf target before you start to confirm you are deleting the app from the correct org and space.
$ cf delete -r my-example-app
-Important
In cf CLI v7+, -r no longer deletes routes when the route is mapped to more than one app.
- Important
To issue this request, you must use a version of curl that supports HTTP/2.
-Important -The following procedure is supported only for cf CLI v6. The `--hostname` flag is deprecated in cf CLI v7, and must be specified in the manifest.
+The following procedure is supported only for cf CLI v6. The--hostname flag is deprecated in cf CLI v7, and must be specified in the manifest.
To push an app that serves HTTP/2 traffic using the cf CLI (v6 only):
diff --git a/revisions.html.md.erb b/revisions.html.md.erb
index 59fdc47c..20cabf51 100644
--- a/revisions.html.md.erb
+++ b/revisions.html.md.erb
@@ -9,11 +9,9 @@ App revisions do not include any tasks run on the app.
For additional information about app revisions, see [Revisions](http://v3-apidocs.cloudfoundry.org/version/release-candidate/#revisions) in the Cloud Foundry API (CAPI) documentation.
-Important CAPI v3 is the recommended API version for revisions. While revisions work with CAPI v2, there are several inconsistencies. For example, revision descriptions for apps with multiple processes can be inaccurate because CAPI v2 does not support apps with multiple processes. Additionally, pushing an app for the first time with revisions in CAPI v2 creates two revisions.
-Caution The app revisions API is experimental, and future releases might have breaking changes.
## Revisions use cases diff --git a/services/application-binding.html.md.erb b/services/application-binding.html.md.erb index 362f1556..158e821c 100644 --- a/services/application-binding.html.md.erb +++ b/services/application-binding.html.md.erb @@ -23,7 +23,6 @@ $ cf restart my-app-Important You must restart or in some cases re-push your app for changes to be applied to the VCAP_SERVICES environment variable and for the app to recognize these changes.
### Arbitrary parameters @@ -177,5 +176,4 @@ OK-Important You must restart or in some cases re-push your app for changes to be applied to the VCAP_SERVICES environment variable and for the app to recognize these changes.
diff --git a/services/fluentd.html.md.erb b/services/fluentd.html.md.erb index a76a5b64..4be4faf1 100644 --- a/services/fluentd.html.md.erb +++ b/services/fluentd.html.md.erb @@ -58,7 +58,6 @@ To set up Fluentd for Cloud Foundry, configure the syslog input of Fluentd as fo 2. Restart the Fluentd service.
-Important
The Fluentd syslog input plug-in supports tls and tcp options. You must use the same transport that Cloud Foundry is using.
-Important Upgrading a Service instance requires at least cf CLI v6.46.0+ and CAPI release 1.83.0+.
diff --git a/services/route-binding.html.md.erb b/services/route-binding.html.md.erb index 2f2fc64a..93ca748c 100644 --- a/services/route-binding.html.md.erb +++ b/services/route-binding.html.md.erb @@ -22,7 +22,6 @@ To view an example demonstrating the use of a sample route service, see [Route S You must install the Cloud Foundry Command Line Interface (cf CLI) to bind a route to a service instance. For more information, see [Installing the cf CLI](../../cf-cli/install-go-cli.html).
-Important
Gorouter rejects WebSocket requests for routes that are bound to route services. These requests return a 503 error and a X-Cf-Routererror route_service_unsupported header.
-Caution When binding a service instance to a route, Cloud Foundry might have proxy requests for the route to the service instance, or configure a network component already in the request path.
### Bind with parameters diff --git a/services/service-keys.html.md.erb b/services/service-keys.html.md.erb index fd41c5bd..afb17ecc 100644 --- a/services/service-keys.html.md.erb +++ b/services/service-keys.html.md.erb @@ -10,7 +10,6 @@ Here are instructions for managing service instance credentials (binding credent Service keys generate credentials for manually configuring consumers of Marketplace services. After you configure them for your service, local clients, apps in other spaces, or entities outside your deployment can access your service with these keys.-Important Some service brokers do not support service keys. To build a service broker that supports service keys, see Services. To use a service broker that does not support service keys, see Delivering service credentials to an app.
## Create a service key diff --git a/services/sharing-instances.html.md.erb b/services/sharing-instances.html.md.erb index 45ce8165..7d01e26d 100644 --- a/services/sharing-instances.html.md.erb +++ b/services/sharing-instances.html.md.erb @@ -146,7 +146,6 @@ In this case, no information about other spaces is exposed. ## Unsharing a service instance
-Caution
Unsharing a service instance deletes all bindings to apps in the spaces it was shared into. This might cause apps to fail. Before unsharing a service instance, run the cf service SERVICE-INSTANCE command to find out how many bindings exist in the spaces the service instance is shared into.
-Caution This script was tested on macOS Sierra 10.12.4 and Ubuntu 14.04.5. Use the script at your own risk.
``` From e1d5b49c25efaf11ab0ecac5df7853610a63ecd6 Mon Sep 17 00:00:00 2001 From: anita-flegg
-Important
The health check configuration that you provide with
cf push overrides any configuration in the app manifest.
-Important
After you set the health check configuration of a deployed
app with the cf set-health-check command, you must restart the app for the change to
take effect.
- Important To prevent false negatives, use a dedicated endpoint for health checks where response time and result do not depend on business logic.
@@ -184,5 +181,4 @@ path portion of a URI that must be served by the app and return `HTTP 200` when This command only checks the health of the default port of the app.
-Important
For HTTP apps, <%= vars.company_name %> recommends setting the health check type to http instead of a simple port check.
-Important
If your app name begins with the dash character (-), you cannot interact with the app using the cf CLI. This is because the cf CLI interprets the dash as a flag.
- Note
You can also use variables for partial values. For example, you can specify host in your variables file and - route: ((host)).env.com in your manifest file.
-Important
In cf CLI v6, the route component attributes domain, domains, host,
hosts, and no-hostname are deprecated in favor of the routes attribute. In cf CLI v7+, these attributes are
removed. For more information, see domain, domains, host, hosts, and no-hostname.
buildpack attribute. For more information, see
buildpack.
-Important
Using the docker attribute with the buildpacks or path attributes causes an error.
-Important
If you use the no-route flag attribute in the manifest or the flag option, it overrides all route-related attributes.
-Important
This attribute is a combination of push options that include --hostname, -d, and --route-path flags in v6. These flags are not supported in cf CLI v7, so the routes flag must be used.
-Important
The protocol route attribute is available only for <%= vars.app_runtime_abbr %> deployments that use HTTP/2 routing. <%= vars.http2_admin_link %>
-Important
If you configure timeout with a value greater than
cc.maximum_health_check_timeout, the Cloud Controller reports a validation error with the maximum limit.
-Caution
Running cf push app -f manifest.yml fails if your manifest uses any of these deprecated features with the feature that replaces it.
- Important If the total size of the Docker image file system layers exceeds the disk quota, the app instances do not start.
* The location of the Docker image on Docker Hub or another Docker registry. <%= vars.docker_auth1 %> @@ -276,7 +275,6 @@ Where: * Thekey.json file must point to the file you created earlier.
-Note
For information about specifying YOUR-REGISTRY-URL, see Pushing and Pulling Images in the Google Cloud documentation.
-Caution Review the limitations of this feature before running the command. For more information, see Limitations.
@@ -43,7 +42,6 @@ Review the limitations of this feature before running the command. For more info Where `APP-NAME` is the name that you want to give your app.
- Note
cf CLI v7 exits when one instance of each process is healthy.
It also includes a --no-wait flag on push for users who don't want to wait
for the operation to complete.
@@ -196,7 +194,6 @@ This reverts the app to its state from before the deployment started by:
* Resetting the `current_droplet` on the app
-Note The cancel command is designed to revert the app to its original state as quickly as possible and does not guarantee zero downtime. Additionally, changes to environment variables and service bindings will not be reverted.
@@ -268,7 +265,6 @@ This section describes pushing an app with a rolling deployment strategy. background, updating deployments as follows: 1. Adds up to `max_in_flight` instances of the new web process and removes instances from the old web process. This step repeats until the new web process reaches the required number of instances.- Important This happens only if all instances of the new web process are running.
2. Removes the old web process. The new web process now fully replaces the old web process. 3. Restarts all non-web processes of the app. diff --git a/sidecars.html.md.erb b/sidecars.html.md.erb index 6806efe1..fad6fe77 100644 --- a/sidecars.html.md.erb +++ b/sidecars.html.md.erb @@ -9,7 +9,6 @@ are called sidecar processes, or sidecars. An example of a sidecar is an Applica Monitoring (APM) tool.-Important The cf CLI v6 commands described in this topic are unsupported, but are supported in cf CLI v7. The latest supported cf CLI release is cf CLI v8. To upgrade to cf CLI v7, see Upgrading to cf CLI v7. To upgrade to cf CLI v8, see Upgrading to cf CLI v8.
<%= vars.capi_sidecar_req %> @@ -188,7 +187,6 @@ To push an app with a sidecar: You can explore sidecars using the app in the [capi-sidecar-samples](https://github.com/cloudfoundry-samples/capi-sidecar-samples) repository on GitHub. The following sections describe the app, how to build and push the app, and some ways to observe the app and its processes after pushing.
-Important
In this tutorial, you are pushing the Ruby sample app. You can also follow this tutorial for a Java app using the sidecar-dependent-java-app and push_java_app_with_binary_sidecar.sh in the samples repository. When pushing a Java app, follow the requirements listed in Requirements for Java apps.
-Note You cannot SSH into the container running a task.
### Task logging and execution history @@ -80,7 +79,6 @@ about the `cf run-task` command, see the [Cloud Foundry CLI reference guide](htt You can use the Cloud Foundry Command Line Interface (cf CLI) to run a task in the context of an app.cf push -i 0 and then run the task. You can run the app later by scaling up its instance count.- Note To run a task again, you must run it as a new task using the previous command.
1. To display the recent logs of the app and all its tasks, run: @@ -187,7 +184,6 @@ To run a task on an app with cf CLI v7:
- Important
cf run-task allows you to include the --process and --command flags. Including the --command flag overrides the manifest property.
-Important
The cf CLI v7 create-route command does not require the space as an argument. It uses the space you are targeting.
-Important To follow the procedure in this section, you must use cf CLI v8.5.0 or later. To download cf CLI v8.5.0 or later, see the Cloud Foundry CLI repository on GitHub.
@@ -557,7 +554,6 @@ $ cf delete-route tcp.<%= vars.private_app_domain %> --port 60000 Users can route HTTP requests to a specific app instance using the header `X-Cf-App-Instance`.
-Important
Use of the X-Cf-App-Instance header is available only for users on the Diego architecture.
-Important cf CLI v7 does not support TCP routing or creating shared domains with router groups.
@@ -738,7 +733,6 @@ $ cf delete-private-domain <%= vars.private_app_domain %>
-Important
cf CLI v7 renames the delete-domain command to delete-private-domain.
-Note Root domains are also called zone apex domains.
If your DNS provider supports using an ALIAS or ANAME record, configure your root domain with your DNS provider to point at a shared domain in @@ -860,7 +853,6 @@ If your DNS provider supports using an ALIAS or ANAME record, configure your roo If your DNS provider does not support ANAME or ALIAS records, you can use subdomain redirection, also known as domain forwarding, to redirect requests for your root domain to a subdomain configured as a CNAME.-Important If you use domain forwarding, SSL requests to the root domain might fail if the SSL certificate matches only the subdomain. For more information about SSL certificates, see the Cloud Foundry documentation.
diff --git a/deploy-apps/troubleshoot-app-health.html.md.erb b/deploy-apps/troubleshoot-app-health.html.md.erb index cf524594..e251be78 100644 --- a/deploy-apps/troubleshoot-app-health.html.md.erb +++ b/deploy-apps/troubleshoot-app-health.html.md.erb @@ -211,7 +211,6 @@ To view app logs streamed in real time, run `cf logs APP-NAME`. To aggregate your app logs to view log history, bind your app to a syslog drain service. For more information, see [Streaming app logs to log management services](./../services/log-management.html).
-Important
The Diego architecture does not support the cf files command, and cf files was removed as of cf CLI v7.
-Caution
CF_TRACE is a local environment variable that modifies the behavior of the cf CLI. Do not confuse CF_TRACE with the variables in the container environment where your apps run. For more information about these container variables, see Examine environment variables.
- Important
CPU values returned by cf app show the total usage of each app instance on all CPU cores on a host VM, where each core contributes 100%. For example, the CPU of a single-threaded app instance on a Diego Cell with one core cannot exceed 100%, and four instances sharing the Diego Cell cannot exceed an average CPU of 25%. A multi-threaded app instance running alone on a Diego Cell with eight cores can draw up to 800% CPU.
-Important
Your app must direct its logs to stdout and stderr. The cf logs command also returns messages from any Log4j facility that you configure to send logs to STDOUT. For more information, see the Log4j website.
-Note
You can also bind volume services using an app manifest. However, app manifests do not support bind configuration. To bind a volume service using an app manifest, you must specify bind configuration when you create the service instance. The releases that support this are nfs-volume v1.3.1 and later and smb-volume v1.0.0 and later. For more information, see Services in Deploying with App Manifests.
mapfs by managing permissions on the NFS server.uid must have access to the files on the share. When uid and gid are omitted, the app file operations use the UID of the running app process. For buildpack apps, this UID is always 2000. For Docker apps, the effective UID is the same as the UID of the process inside the Docker container, except for root, which is mapped to 4294967294 outside the Docker container.
- Caution Specifying UID and GID values affects performance because the FUSE file system mapfs is used to translate UID and GID values.
OPTIONAL-MOUNT-PATH is a JSON string that indicates that the volume must be mounted to a particular path in your app rather than the default path. Choose a path with a root-level directory that already exists in the container, such as /home, /usr, or /var.
- Important
Do not specify a MOUNT-PATH in the /app directory, which is where <%= vars.app_runtime_abbr %> unpacks the droplet. For more information, see Mount a shared volume in the /app directory.
OPTIONAL-MOUNT-PATH is a JSON string that indicates the volume must be mounted to a particular path within your app rather than the default path. Choose a path with a root-level directory that already exists in the container, such as /home, /usr, or /var.
- Important
Do not specify a MOUNT-PATH within the /app directory, which is where <%= vars.app_runtime_abbr %> unpacks the droplet. For more information, see Mount a shared volume in the /app directory.
-Note NFS is not available on Windows systems.
### Create an NFS volume service @@ -249,7 +244,6 @@ To create an NFS volume service using the `Existing` plan of the `nfs` service:SERVICE-INSTANCE-NAME is a name you provide for this NFS volume service instance.SERVER/SHARE is the NFS address of your server and share.
- Important
Omit the : that usually follows the server name in the address.
- Important
Tanzu Application Service versions shipping with nfs-volume versions v7.1.45 - v7.1.47 or v5.0.55 - 5.0.58 (as of 22 Feb., 2024: 2.11.52 - 2.11.53, 2.13.34 - 2.13.35, 4.0.15 - 4.0.17, 5.0.6 - 5.0.7) do not support specifying NFS version: 3.0. These updated the contained nfs-utils (a dependency of nfs-volume-service) to a newer version that uses stricter option parsing.
NFSv3 does not utilize a MINOR version, but NFSv4 introduced MINOR versions that can be specified.
This has been mitigated by adding auto-correction logic to the nfsdriver process available with nfs-volume >= v7.1.48 and >= v5.0.59.
- Important
nfs-volume versions v7.1.45 - v7.1.47 ship with a recent version of nfs-utils (a dependency of nfs-volume-service). Recent versions of nfs-utils have stricter option parsing. This leads to an issue with environments that configured the `vers=3.0` mount option.
- NFSv3 does not utilize a MINOR version, but NFSv4 introduced MINOR versions that can be specified.
+ NFSv3 does not utilize a MINOR version, but NFSv4 introduced MINOR versions that can be specified.
This has been mitigated by adding auto-correction logic to the nfsdriver process available with nfs-volume >= v7.1.48.
UID and GID must be positive integer values.
- Important
In NFS v2.0.0 and later, uid and gid values of 0 are no longer permissible because of security concerns.
-Note For a service to be available in the Marketplace, it must be integrated with Cloud Foundry by way of APIs. <%= vars.custom_services %>
### User-provided service instances @@ -38,7 +37,6 @@ Credentials managed manually are known as service keys. Use service keys when yo For more information about creating a user-provided service instance with service keys, see [User-provided service instances](./user-provided.html). For more information about service keys, see [Managing service keys](./service-keys.html).-Important Not all services support service keys. Some services support credentials through app binding only.
@@ -71,7 +69,6 @@ If your app relies on a relational database, you must apply schema changes perio For more information about running cf CLI tasks, see [Running tasks in your apps](../using-tasks.html).-Important To run tasks with the cf CLI, you must install cf CLI v6.23.0 or later. The current supported version is cf CLI v8. For information about downloading, installing, and uninstalling the cf CLI, see the Installing the cf CLI.
To do a database schema migration with cf CLI: @@ -82,7 +79,6 @@ To do a database schema migration with cf CLI: Where `APP-NAME` is the name of the app.
- Note
To run a task without starting the app, push the app with cf push -i 0 and then run the task. You can run the app later by scaling up its instance count.
-Important RFC-5424 is used to establish connections over HTTP/HTTPS. RFC-6587 is used for TCP based communication over syslog/syslog-tls drains.
@@ -70,7 +69,6 @@ OK-Important When creating the user-provided service, the route service URL you specify must be "https."
@@ -86,5 +84,4 @@ You can use rolling restarts to avoid any app downtime. For more information, see [Restart an app](../deploy-apps/rolling-deploy.html#restart) in _Rolling App Deployments_.-Caution If you are rotating credentials, the old credentials must be active until the restart is finished.
From 998b57a657977908a2c5cb5c720523c3169cc8bc Mon Sep 17 00:00:00 2001 From: Sam Gunaratne+ Getting task 4 for app static in org org-1 / space space-1 as admin... + + id: 4 + name: 125c884d + state: FAILED + start time: 2024-11-22T17:41:19Z + command: custom_command + memory in mb: 256 + disk in mb: 1024 + log rate limit: -1 + failure reason: APP/TASK/125c884d: Exited with status 127 ++ +Tasks can be in these states: + +| State | Description | +| ----- | ----------- | +| `RUNNING` | The task is in progress. | +| `FAILED` | The task did not complete. This state occurs when a task does not work correctly or a user cancels the task. | +| `SUCCEEDED` | The task completed successfully. | + ## List tasks running on an app From 6aeee298344c5e72ec1f4f27412dcacd0e7c6734 Mon Sep 17 00:00:00 2001 From: Seth Boyles
- Important - This happens only if all instances of the new web process are running.
- 2. Removes the old web process. The new web process now fully replaces the old web process. - 3. Restarts all non-web processes of the app. - 4. Sets the deployment to `PAUSED`. + 1. Adds one instance of the new web process (the 'canary' instance). + * This process shares routes with the old process. + * Now, if you run `cf app` on your app, you see multiple `web` processes. + 1. Sets the deployment to `PAUSED`. 3. After validating that the canary instance is running as expected execute the command `cf continue-deployment APP-NAME`: 1. Changes the deployment reason to `DEPLOYING` and starts doing a rolling deployment From d2ecfac4db03ebc41a66e16d314e08337904c601 Mon Sep 17 00:00:00 2001 From: Seth Boyles-2022-09-15T01:59:33.99+0000 [APP/PROC/REV/2/WEB/0] OUT hello world from new -2022-09-15T01:59:34.99+0000 [APP/PROC/REV/1/WEB/1] OUT hello world from old +2022-09-15T01:59:33.99+0000 [APP/REV/2/PROC/WEB/0] OUT hello world from new +2022-09-15T01:59:34.99+0000 [APP/REV/1/PROC/WEB/1] OUT hello world from old
From 1afaef917d243b663104ef10b9b651378d8bd75f Mon Sep 17 00:00:00 2001
From: Anita Flegg
-Caution
Review the limitations of this feature before running the command. For more information, see
Limitations.
- Note
cf CLI will exit when the canary instance is healthy.
It also includes a
-Note
The cancel command is designed to remove the canary instance of the app.
- Important
This happens only if all instances of the new web process are running.
-Review the limitations of this feature before running the command. For more information, see
-Limitations.
- cf CLI will exit when the canary instance is healthy.
- It also includes a
-The cancel command is designed to remove the canary instance of the app.
- This happens only if all instances of the new web process are running.
+ This happens only if all instances of the new web process are running.
+ Important
+ This happens only if all instances of the new web process are running.
cf CLI v7 exits when one instance of each process is healthy.
- It also includes a
+
The cancel command is designed to revert the app to its
-original state as quickly as possible and does not guarantee zero downtime. Additionally, changes
-to environment variables and service bindings will not be reverted.
Getting task 4 for app static in org org-1 / space space-1 as admin...
@@ -233,7 +234,7 @@ To get a task for a given app:
failure reason: APP/TASK/125c884d: Exited with status 127
-Tasks can be in these states:
+Tasks can be in the states shown in the following table:
| State | Description |
| ----- | ----------- |
From 0555c6653f7386ec771c28dff794364ba92a4e46 Mon Sep 17 00:00:00 2001
From: Anita Flegg --no-wait flag on push for users who don't want to wait
for the operation to complete.
@@ -212,7 +210,6 @@ This reverts the app to its state from before the deployment started by:
* Resetting the `current_droplet` on the app
--no-wait flag on push for users who don't want to wait
- for the operation to complete.
-
-
- 3. Create a package with the following `curl` command with `POST /v3/packages`. Record the package
- GUID from the output.
-
- ```
- cf curl /v3/packages \
- -X POST \
- -H "Content-type: application/json" \
- -d '{
- "type": "bits",
- "relationships": {
- "app": {
- "data": {
- "guid": "APP-GUID"
- }
- }
- }
- }'
- ```
- Where `APP-GUID` is the app GUID that you recorded in an earlier step. This app GUID is a
- unique identifier for your app.
- 4. Upload the package bits by running the following `curl` command with
- `POST /v3/packages/PACKAGE-GUID/upload`.
-
- ```
- cf curl /v3/packages/PACKAGE-GUID/upload \
- -X POST \
- -F bits=@"PACKAGED-APP" \
- ```
-
- Where:
- APP-NAME is the name that you want to give your app.SPACE-GUID is the space identifier that you want to associate with your app.
-
- 5. Create the build by running the following `curl` command with `POST /v3/builds`. Record the
- droplet GUID from the output.
-
- ```
- cf curl /v3/builds \
- -X POST \
- -H "Content-type: application/json" \
- -d '{
- "package": {
- "guid": PACKAGE-GUID"
- }
- }'
- ```
- Where `PACKAGE-GUID` is the package GUID that you recorded in an earlier step.
- 6. Deploy your app by running the following `curl` command with `POST /v3/deployments`. To verify
- the status of the deployment or take action on the deployment, record the deployment GUID from the
- output.
-
- ```
- cf curl /v3/deployments \
- -X POST \
- -H "Content-type: application/json" \
- -d '{
- "droplet": {
- "guid": "DROPLET-GUID"
- },
- "options": {
- "max_in_flight": MAX_IN_FLIGHT
- },
- "strategy": "canary",
- "relationships": {
- "app": {
- "data": {
- "guid": "APP-GUID"
- }
- }
- }
- }'
- ```
- Where `DROPLET-GUID` and `APP-GUID` are the GUIDs that you recorded in earlier steps.
- Where `MAX_IN_FLIGHT` is an integer that applies **after** the single canary instance is successful and specifies the maximum number of new instances to start simultaneous until the deployment is complete. Optional and defaults to 1.
-
-For more information about this command, see [How it works](#how-it-works).
-
-### Continue the canary deployment
-
-To finish the deployment after validating the canary:
-
-* **For cf CLI v8+, run:**
-
- ```
- cf continue-deployment APP-NAME
- ```
- Where `APP-NAME` is the name of the app.
-
-* **For CAPI V3, run:**
-
- ```
- cf curl /v3/deployments/DEPLOYMENT-GUID/actions/continue" -X POST
- ```
- Where `DEPLOYMENT-GUID` is the GUID of the deployment that you recorded after following the
- CAPI procedure in [Deploy an app](#deploy).
-
-This continues the rolling deployment of the app.
-
-## Cancel a canary deployment
-
-To stop the deployment of an app that you pushed:
-
-* **For cf CLI v8+, run:**
-
- ```
- cf cancel-deployment APP-NAME
- ```
- Where `APP-NAME` is the name of the app.
-
-* **For CAPI V3, run:**
-
- ```
- cf curl /v3/deployments/DEPLOYMENT-GUID/actions/cancel" -X POST
- ```
- Where `DEPLOYMENT-GUID` is the GUID of the deployment that you recorded after following the
- CAPI procedure in [Deploy an app](#deploy).
-
-This reverts the app to its state from before the deployment started by:
-* Removing any deployment artifacts
-* Resetting the `current_droplet` on the app
-
-PACKAGE-GUID is the package GUID that you recorded in an earlier step.PACKAGED-APP is your app packaged in a file such as .zip.
- For more information about the deployment object, see the [Deployments](http://v3-apidocs.cloudfoundry.org/index.html#deployments) section of the CAPI V3 documentation.
-
-2. After the command creates the deployment, the `cc_deployment_updater` BOSH job runs in the
-background, updating deployments as follows:
- 1. Adds one instance of the new web process (the 'canary' instance).
- * This process shares routes with the old process.
- * Now, if you run `cf app` on your app, you see multiple `web` processes.
- 1. Sets the deployment to `PAUSED`.
-
-3. After validating that the canary instance is running as expected execute the command `cf continue-deployment APP-NAME`:
- 1. Changes the deployment reason to `DEPLOYING` and starts doing a rolling deployment
-
-4. After the command changes the status of the deployment, the `cc_deployment_updater` BOSH job runs in the
-background, updating deployments as follows:
- 1. Adds MaxInFlight number of instances (**by default it is 1**) of the new web process and removes MaxInFlight number of instance from the old web process. This step repeats until the new web process reaches the required number of instances.
-
-
-
-
-## View the status of canary deployments
-
-You can use CAPI to view the status of canary deployment.
-
-To view the status of a canary deployment:
-
-1. Log in to the cf CLI:
-
- ```
- cf login
- ```
-
-1. Find the GUID of your app by running:
-
- ```
- cf app APP-NAME --guid
- ```
- Where `APP-NAME` is the name of the app.
-
-1. Find the deployment for that app by running:
-
- ```
- cf curl GET /v3/deployments?app_guids=APP-GUID&status_values=ACTIVE
- ```
- Where `APP-GUID` is the GUID of the app. Deployments are listed in chronological order, with
- the latest deployment displayed as the last in a list.
-
-1. Run:
-
- ```
- cf curl GET /v3/deployments/DEPLOYMENT-GUID
- ```
- Where `DEPLOYMENT-GUID` is the GUID of the canary deployment.
-
-`cf curl GET /v3/deployments/DEPLOYMENT-GUID` returns these status properties for canary deployments:
-
-* `status.value`: Indicates if the deployment is `ACTIVE` or `FINALIZED`.
-
-* `status.reason`: Provides detail about the deployment status.
-
-* `status.details`: Provides the timestamp for the most recent successful health check.
- The value of the `status.details` property can be `nil` with no successful health check
- for the deployment. For example, there might be no successful health check if the deployment was
- cancelled.
-
-The following table describes the possible values for the `status.value` and `status.reason`
-properties:
-
-
-
- Limitation
- Description
-
-
- Multiple app versions
- During a deployment, <%= vars.app_runtime_abbr %> serves both the old and new version of your app at the
- same route. This can lead to user issues if you push backwards-incompatible API changes.
-
-
- Database migrations
- Deployments do not handle database migrations. Migrating an app database when the existing
- app is not compatible with the migration can result in downtime.
-
-
- Non-web processes
- Canary deployment will only create an instance of the web process.
-
-
- Quotas
- Pushing updates to your app using a deployment strategy creates up to `max_in_flight` new instances (defaults to 1) . If you lack sufficient quota, the deployment fails. Administrators might need to increase
- quotas to accommodate deployments.
-
-
- Simultaneous apps when interrupting a push
- If you push app before your previous push command for the same app has completed, your
- first push gets interrupted. Until the last deployment completes, there might be many versions
- of the app running at the same time. Eventually, the app runs the code from your most recent
- push.
-
-
- V3 APIs
- During a canary deploy for an app, requests to the V3 APIs for scaling or updating a process fail with an error message
- like
- Cannot scale this process while a deployment is in flight.. For more information, see Scale a process
- or Update a process in the CAPI V3 documentation.
-
- Evaluating the Canary Instance
-
- Because the current processes share the same route, the best way to validate that traffic is reaching the canary instance by looking at the logs.
- If app revision logging is enabled, the logs for all instances will be tagged with `process_id` and `revision_version` values. e.g. `APP/REV/4/PROC/WEB/1`
-
- Retrieve the logs by running the cf CLI command `cf logs APP_NAME`.
-
-
-
-New or stopped applications
-
- When pushing an application for the first time, or if the app is stopped, no deployment strategy is used and all application instances are started immediately.
-
-
-
diff --git a/index.html.md.erb b/index.html.md.erb
index 9677d668..1e96889f 100644
--- a/index.html.md.erb
+++ b/index.html.md.erb
@@ -33,8 +33,7 @@ If you do these things, you are a <%= vars.app_runtime_abbr %> **developer**, a
* [Starting, restarting, and restaging apps](deploy-apps/start-restart-restage.html)
* [Pushing an app with multiple processes](multiple-processes.html)
* [Running cf push sub-step commands](push-sub-commands.html)
- * [Canary app deployments](deploy-apps/canary-deploy.html)
- * [Rolling app deployments](deploy-apps/rolling-deploy.html)
+ * [Configuring app deployments](deploy-apps/rolling-deploy.html)
* [Pushing apps with sidecar processes](sidecars.html)
* [Using blue-green deployment to reduce downtime and risk](deploy-apps/blue-green.html)
* [Troubleshooting app deployment and health](deploy-apps/troubleshoot-app-health.html)
diff --git a/push.html.md.erb b/push.html.md.erb
index d7fa41ee..e5458bc8 100644
--- a/push.html.md.erb
+++ b/push.html.md.erb
@@ -9,6 +9,7 @@ These topics contain the procedures for deploying apps with `cf push`:
* [Pushing your app using Cloud Foundry CLI (cf push)](./deploy-apps/deploy-app.html)
* [Deploying with app manifests](./deploy-apps/manifest.html)
+
* [App manifest attribute reference](./deploy-apps/manifest-attributes.html)
* [Deploying an app with Docker](./deploy-apps/push-docker.html)
@@ -23,12 +24,10 @@ These topics contain the procedures for deploying apps with `cf push`:
* [Running cf push sub-step commands](push-sub-commands.html)
-* [Configuring canary app deployments](./deploy-apps/canary-deploy.html)
+* [Configuring canary app deployments](./deploy-apps/rolling-deploy.html#how-deployment-strategies-work)
* [Configuring rolling app deployments](./deploy-apps/rolling-deploy.html)
-* [Starting a canary app deployments](./deploy-apps/canary-deploy.html)
-
* [Pushing apps with sidecar processes](./sidecars.html)
From effcb2fa7e31a7a2b5a0f1690535328a81c686ad Mon Sep 17 00:00:00 2001
From: anita-flegg status.valuestatus.reasonDescription
-
-
- ACTIVEDEPLOYINGThe deployment is deploying.
-
-
- ACTIVEPAUSEDThe deployment is paused waiting for the user to continue with the deployment.
-
-
- ACTIVECANCELLINGThe deployment is cancelling.
-
-
- FINALIZEDDEPLOYEDThe deployment was deployed.
-
-
- FINALIZEDCANCELLEDThe deployment was cancelled.
-
-
-FINALIZEDSUPERSEDEDThe deployment was stopped and did not finish deploying because there was another
- deployment created for the app.
-
-
+ For more information about the deployment object, see the [Deployments](http://v3-apidocs.cloudfoundry.org/index.html#deployments) section of the CAPI V3 documentation.
+
+2. After the command creates the deployment, the `cc_deployment_updater` BOSH job runs in the
+background, updating deployments as follows:
+ 1. Adds up to `max_in_flight` instances of the new web process and removes instances from the old web process. This step repeats until the new web process reaches the required number of instances.
+
+ For more information about the deployment object, see the [Deployments](http://v3-apidocs.cloudfoundry.org/index.html#deployments) section of the CAPI V3 documentation.
+
+2. After the command creates the deployment, the `cc_deployment_updater` BOSH job runs in the
+background, updating deployments as follows:
+ 1. Adds one instance of the new web process (the `canary` instance).
+ * This process shares routes with the old process.
+ * If you run `cf app` on your app at this point, you see multiple `web` processes.
+ 2. Sets the deployment to `PAUSED`.
+
+1. After validating that the canary instance is running as expected, execute the command `cf continue-deployment APP-NAME`:
+ * Changes the deployment reason to `DEPLOYING` and resumes in a way similar to a that of a rolling deployment.
+
+2. After the command changes the status of the deployment, the `cc_deployment_updater` BOSH job runs in the
+background, updating deployments as follows:
+ 1. Adds MaxInFlight number of instances (**by default it is 1**) of the new web process and removes MaxInFlight number of instance from the old web process. This step repeats until the new web process reaches the required number of instances.
+
+
## Commands
@@ -43,22 +179,26 @@ Review the limitations of this feature before running the command. For more info
+
+ Limitation
+ Description
+
+
+ Multiple app versions
+ During a deployment, <%= vars.app_runtime_abbr %> serves both the old and new version of your app at the
+ same route. This can lead to user issues if you push API changes that are not backwards-compatible.
+
+
+ Database migrations
+ Deployments do not handle database migrations. Migrating an app database when the existing
+ app is not compatible with the migration can result in downtime.
+
+
+ Non-web processes
+ Deployments only run web processes through the update sequence described
+ earlier. The commands restart worker and other non-web processes in bulk after updating all web
+ processes.
+
+ The CAPI V3 API introduces the concept of processes as runnable units of an app. Each app has a
+ web process by default. You can specify additional processes with a Procfile, and in some cases
+ buildpacks create additional processes. For more information about processes, see
+ Processes in the CAPI V3
+ documentation.
+
+ Quotas
+ Pushing updates to your app using a deployment strategy creates up to
+ max_in_flight new instances (defaults to 1).
+ Additionally, canary deployments use an extra instance when pausing with the canary instance deployed.
+ If you lack sufficient quota, the deployment fails. Administrators might need to increase quotas to accommodate deployments.
+
+
+ Simultaneous apps when interrupting a push
+ If you push an app before your previous push command for the same app has completed, your
+ first push gets interrupted. Until the last deployment completes, there might be many versions
+ of the app running at the same time. Eventually, the app runs the code from your most recent
+ push.
+
+
+ V3 APIs
+ During a rolling deploy for an app, requests to the V3 APIs for scaling or updating a process fail with an error message
+ like
+ Cannot scale this process while a deployment is in flight. For more information, see Scale a process
+ or Update a process in the CAPI V3 documentation.
+
+ New or stopped applications
+
+ When pushing an application for the first time, or if the app is stopped, no deployment strategy is used and all application instances are started immediately.
+
+
+
+Evaluating the canary instance
+
+ Because the current processes share the same route, the best way to validate that traffic is reaching the canary instance is by looking at the logs.
+ If app revision logging is enabled, the logs for all instances will be tagged with
+ process_id and revision_version values. e.g. APP/REV/4/PROC/WEB/1
+
+
+ Retrieve the logs by running the cf CLI command cf logs APP_NAME.
+ --no-wait flag on push for users who don't want to wait
+ It also includes a --no-wait flag for users who don't want to wait
for the operation to complete.
- cf push used with the --no-wait flag exits as soon as one instance is healthy.
+ When cf push is used with the --no-wait flag, the process exits as soon as one instance is healthy.
+
```
- cf push APP-NAME --strategy rolling --max-in-flight MAX_IN_FLIGHT
+ cf push APP-NAME --strategy STRATEGY --max-in-flight MAX_IN_FLIGHT
```
- Where `APP-NAME` is the name that you want to give your app.
- Where `MAX_IN_FLIGHT` specifies the maximum number of new instances to start up simultaneous until the deployment is complete. Optional and defaults to 1.
+ Where:
+
+
* **For CAPI V3:**
1. Log in to the cf CLI.
@@ -66,7 +206,7 @@ Review the limitations of this feature before running the command. For more info
```
cf login
```
- 2. Create an empty app by running the following `curl` command with `POST /v3/apps`. Record the
+ 2. Create an empty app by running the following `curl` command with `POST /v3/apps`. APP-NAME is the name that you want to give your app.MAX_IN_FLIGHT specifies the maximum number of new instances to start up simultaneously until the deployment is complete. This parameter is optional and defaults to 1.STRATEGY is the strategy you want to use for the deployment. Valid strategies are rolling and canary.
Record the
app GUID from the output.
```
@@ -90,6 +230,7 @@ Review the limitations of this feature before running the command. For more info
APP-NAME is the name that you want to give your app.SPACE-GUID is the space identifier that you want to associate with your app.
+
+
+For more information about this command, see [How Deployment Strategies Work](#how-deployment-strategies-work).
-### Cancel a deployment
+### Cancel a Deployment
To stop the deployment of an app that you pushed:
@@ -177,6 +325,7 @@ To stop the deployment of an app that you pushed:
```
cf cancel-deployment APP-NAME
```
+
Where `APP-NAME` is the name of the app.
* **For CAPI V3, run:**
@@ -184,6 +333,7 @@ To stop the deployment of an app that you pushed:
```
cf curl /v3/deployments/DEPLOYMENT-GUID/actions/cancel" -X POST
```
+
Where `DEPLOYMENT-GUID` is the GUID of the deployment that you recorded after following the
CAPI procedure in [Deploy an app](#deploy).
@@ -193,30 +343,62 @@ This reverts the app to its state from before the deployment started by:
* Removing any deployment artifacts
* Resetting the `current_droplet` on the app
-DROPLET-GUID and APP-GUID are the GUIDs that you recorded in earlier steps.MAX_IN_FLIGHT is an integer that specifies the maximum number of new instances to start up simultaneously until the deployment is complete. Optional and defaults to 1.STRATEGY is the strategy you would like to use for the deployment. Valid strategies are rolling and canary.
It is important to note that changes
+to environment variables and service bindings are not reverted.
APP-NAME is the name of the app.STRATEGY is the strategy you would like to use for the deployment. Valid strategies are rolling and canary.APP-NAME is the name of the app.MAX_IN_FLIGHT specifies the maximum number of new instances to restart simultaneous until the deployment is complete. Optional and defaults to 1.STRATEGY is the strategy you would like to use for the deployment. Valid strategies are rolling and canary.- This happens only if all instances of the new web process are running.
- 2. Removes the old web process. The new web process now fully replaces the old web process. - 3. Restarts all non-web processes of the app. - 4. Sets the deployment to `DEPLOYED`. - -### Limitations -The following table describes the limitations of when using rolling deployments. - -| Limitation | -Description | -
|---|---|
| Multiple app versions | -During a deployment, <%= vars.app_runtime_abbr %> serves both the old and new version of your app at the - same route. This can lead to user issues if you push backwards-incompatible API changes. | -
| Database migrations | -Deployments do not handle database migrations. Migrating an app database when the existing - app is not compatible with the migration can result in downtime. | -
| Non-web processes | -Rolling deployments only run web processes through the rolling update sequence described
- earlier. The commands restart worker and other non-web processes in bulk after updating all web
- processes. - The CAPI V3 API introduces the concept of processes as runnable units of an app. Each app has a - web process by default. You can specify additional processes with a Procfile, and in some cases - buildpacks create additional processes. For more information about processes, see - Processes in the CAPI V3 - documentation. |
-
| Quotas | -Pushing updates to your app using a deployment strategy creates up to `max_in_flight` new instances (defaults to 1). - If you lack sufficient quota, the deployment fails. Administrators might need to increase quotas to accommodate deployments. | -
| Simultaneous apps when interrupting a push | -If you push app before your previous push command for the same app has completed, your - first push gets interrupted. Until the last deployment completes, there might be many versions - of the app running at the same time. Eventually, the app runs the code from your most recent - push. | -
| V3 APIs | -During a rolling deploy for an app, requests to the V3 APIs for scaling or updating a process fail with an error message
- like Cannot scale this process while a deployment is in flight.. For more information, see Scale a process
- or Update a process in the CAPI V3 documentation. |
-
| New or stopped applications | -- When pushing an application for the first time, or if the app is stopped, no deployment strategy is used and all application instances are started immediately. - | -
DROPLET-GUID and APP-GUID are the GUIDs that you recorded in earlier steps.MAX_IN_FLIGH is an integer that specifies the maximum number of new instances to start up simultaneous until the deployment is complete. Optional and defaults to 1.STRATEGY is the strategy you would like to use for the deployment. Valid strategies are rolling and canary.status.value |
- status.reason |
- Description | + +status.value | +status.reason | +Description |
|---|---|---|---|
ACTIVE |
DEPLOYING |
The deployment is deploying. | |
ACTIVE |
+ PAUSED |
+ The deployment is paused waiting for the user to continue with the deployment. Used only for canary Deployments. | +|
ACTIVE |
CANCELLING |
@@ -392,7 +504,7 @@ properties:
||
FINALIZED |
DEPLOYED |
- The deployment was deployed. | +The deployment is complete. |
FINALIZED |
@@ -402,8 +514,8 @@ properties:
|||
FINALIZED |
SUPERSEDED |
- The deployment was stopped and did not finish deploying because there was another - deployment created for the app. + | The deployment was stopped and did not finish deploying because another + deployment was created for the app. |
- Important This happens only if all instances of the new web process are running.
2. Removes the old web process. The new web process now fully replaces the old web process. 3. Restarts all non-web processes of the app. @@ -124,7 +123,6 @@ The following table describes the limitations when using these deployments.max_in_flight new instances (defaults to 1).
Additionally, canary deployments use an extra instance when pausing with the canary instance deployed.
If you lack sufficient quota, the deployment fails. Administrators might need to increase quotas to accommodate deployments.APP-NAME is the name that you want to give your app.SPACE-GUID is the space identifier that you want to associate with your app.APP-NAME is the name that you want to give your app.
+ * SPACE-GUID is the space identifier that you want to associate with your app.
3. Create a package with the following `curl` command with `POST /v3/packages`. Record the package
GUID from the output.
@@ -249,6 +246,7 @@ Review the limitations of this feature before running the command. For more info
}
}'
```
+
Where `APP-GUID` is the app GUID that you recorded in an earlier step. This app GUID is a
unique identifier for your app.
From 3617734f2f9154caed8356d8bc49531b9dda4cac Mon Sep 17 00:00:00 2001
From: anita-flegg APP-NAME is the name that you want to give your app.
* SPACE-GUID is the space identifier that you want to associate with your app.
+
+
3. Create a package with the following `curl` command with `POST /v3/packages`. Record the package
GUID from the output.
@@ -343,8 +345,9 @@ This reverts the app to its state from before the deployment started by:
The cancel command is designed to revert the app to its
-original state as quickly as possible and does not guarantee zero downtime.
It is important to note that changes
-to environment variables and service bindings are not reverted.
APP-NAME is the name that you want to give your app.SPACE-GUID is the space identifier that you want to associate with your app.APP-NAME is the name that you want to give your app.
- * SPACE-GUID is the space identifier that you want to associate with your app.
-
-
+
3. Create a package with the following `curl` command with `POST /v3/packages`. Record the package
GUID from the output.
From e3a943de0b363c022bbfe6cd24ad33af963019b3 Mon Sep 17 00:00:00 2001
From: anita-flegg
+cf CLI v7 exits when one instance of each process is healthy.
+It also includes a --no-wait flag for users who don't want to wait
+for the operation to complete.
+When cf push is used with the --no-wait flag, the process exits as soon as one instance is healthy.
+
- cf CLI v7 exits when one instance of each process is healthy.
- It also includes a --no-wait flag for users who don't want to wait
- for the operation to complete.
- When cf push is used with the --no-wait flag, the process exits as soon as one instance is healthy.
-
APP-NAME is the name that you want to give your app.MAX_IN_FLIGHT specifies the maximum number of new instances to start up simultaneously until the deployment is complete. This parameter is optional and defaults to 1.STRATEGY is the strategy you want to use for the deployment. Valid strategies are rolling and canary.APP-NAME is the name that you want to give your app.MAX_IN_FLIGHT specifies the maximum number of new instances to start up simultaneously until the deployment is complete. This parameter is optional and defaults to 1.STRATEGY is the strategy you want to use for the deployment. Valid strategies are rolling and canary.SPACE-GUID is the space identifier that you want to associate with your app.APP-NAME is the name that you want to give your app.SPACE-GUID is the space identifier that you want to associate with your app.PACKAGE-GUID is the package GUID that you recorded in an earlier step.PACKAGED-APP is your app packaged in a file such as .zip.DROPLET-GUID and APP-GUID are the GUIDs that you recorded in earlier steps.MAX_IN_FLIGHT is an integer that specifies the maximum number of new instances to start up simultaneously until the deployment is complete. Optional and defaults to 1.STRATEGY is the strategy you would like to use for the deployment. Valid strategies are rolling and canary.PACKAGE-GUID is the package GUID that you recorded in an earlier step.PACKAGED-APP is your app packaged in a file such as .zip.DROPLET-GUID and APP-GUID are the GUIDs that you recorded in earlier steps.MAX_IN_FLIGHT is an integer that specifies the maximum number of new instances to start up simultaneously until the deployment is complete. Optional and defaults to 1.STRATEGY is the strategy you would like to use for the deployment. Valid strategies are rolling and canary.| Overlay subnet mask | -Number of cells | -Containers per cell | -
|---|
| /20 | -15 | -254 | -Metaphorical Property | +Actual Bosh Property | +Description | +Default | +
|---|---|---|---|---|---|---|
| /16 | -255 | -254 | +Group of pies and their sizes | +"network" on the silk-controller job | +An list of CIDR address blocks for the overlay network provided as an + array of strings. Subnets for each Diego Cell are allocated out of this + network. The "subnet_prefix_length" property must be smaller than the + smallest CIDR address block. + | +`["10.255.0.0/16"]` |
| /12 | -4,095 | -254 | +Slice size for each Diego Cell | +"subnet_prefix_length" on the silk-controller job | +The CIDR mask for each Diego Cell's individual overlay network subnet. + For a `/24` subnet for each Diego Cell, enter `24`. This subnet must be + smaller than all individual IP ranges provided in the "network" property. + | `24` |
-The overlay network IP address range must not conflict with any other IP addresses in the network. If a conflict exists, Diego Cells cannot reach any endpoint that has a conflicting IP address.
-### Configure the number of containers per cell +### Configuring Overlay Networking Properties + +Changing the two overlay network properties "network" and +"subnet_prefix_length" affect how many Diego Cells can run in one deployment +and how many apps can be run on each Diego Cell. + +Use the following algorithm to determine how many Diego Cells can run with a +given configuration. + +``` +A = the total number of IPs in the "network" +B = number of IPs per Diego Cell as defined by the "subnet_prefix_length" +C = number of CIDRs in the "network" -To change the number of containers per Diego Cell in your Cloud Foundry deployment, edit the `cf_networking.subnet_prefix_length` property in your `cf-networking-release` manifest, and then re-deploy Cloud Foundry. See the following examples: +Max supported number of Diego Cells = (A/B) - C +``` -| Property | +Value | ||||
|---|---|---|---|---|---|
| Overlay subnet mask | -Number of cells | -Cell prefix length | -Containers per cell | +network | +`["10.255.0.0/20", "10.255.96.0/21", "10.255.200.0/23", "10.255.220.0/24"]` |
| /16 | -255 | -/24 | -254 | +subnet_prefix_length | +`24` |
| /16 | -255 | -/26 | -62 | +Invalid reason | +"subnet_prefix_length" must be smaller than all CIDRs in the "network". In this case it is the same size as `10.255.220.0/24`. | +
| Property | +Value | +||||
|---|---|---|---|---|---|
| network | +`["10.255.0.0/20", "10.255.96.0/21", "10.255.200.0/23", "10.255.220.0/32"]` | +||||
| subnet_prefix_length | +`24` | ||||
| /16 | -255 | -/28 | -14 | +Invalid reason | +"subnet_prefix_length" must be smaller than all CIDRs in the "network". In this case it is larger than `10.255.220.0/32`. | +
| Property | +Value | +
|---|---|
| network | +`["10.255.0.0/20", "10.255.0.0/16"]` | +
| subnet_prefix_length | +`24` | +
| Invalid reason | +"network" must not have any overlapping IP ranges. In this case `10.255.0.0/20` is a subset of `10.255.0.0/16`. | +
The overlay network IP address ranges must not conflict with any other IP +addresses in the network. If a conflict exists, Diego Cells cannot reach any +endpoint that has a conflicting IP address.
From 493768509886b6ea86fba1e32d2c72781cbbbc32 Mon Sep 17 00:00:00 2001 From: Paul Spinrad-Review the limitations of this feature before running the command. For more information, see -Limitations.
- #### For cf CLI v7+ Run: @@ -178,6 +174,10 @@ cf push APP-NAME --strategy rolling Where `APP-NAME` is the name that you want to give your app. ++Review the limitations of this feature before running the command. For more information, see +Limitations.
+
cf CLI v7 exits when one instance of each process is healthy.
It also includes a --no-wait flag for users who don't want to wait
From f98842fb04aee05e74a5ea0cd95c8011db374da0 Mon Sep 17 00:00:00 2001
From: Tamara Boehm protocol route attribute is available only for <%= vars.app_run
For example:
+
```
---
...
@@ -566,12 +567,15 @@ For example:
- route: www.example.com/foo
- route: tcp-example.com:1234
```
-You can specify the `options` attribute to configure per-route options, though this is optional.
-The available options:
-- `loadbalancing` which defines how Gorouter is distributing requests across the application backends. The valid values are `round-robin` or `least-connections`.
+Under each route, you can optionally include an `options` attribute to configure per-route options as described in [Configuring Per-Route Options](../custom-per-route-options.html).
+
+Available options are:
+
+- `loadbalancing` - defines how Gorouter distributes requests across the application backends. Valid values are `round-robin` and `least-connections`.
For example:
+
```
---
...
diff --git a/routing-index.html.md.erb b/routing-index.html.md.erb
index 5bbaa265..28524cd1 100644
--- a/routing-index.html.md.erb
+++ b/routing-index.html.md.erb
@@ -11,4 +11,4 @@ These topics contain information about configuring routes and domains:
* [Routing HTTP/2 and gRPC traffic to apps](http2-protocol.html)
-* [Configuring per-route options](custom-per-route-options.html)
+* [Configuring Per-Route Options](custom-per-route-options.html)
From d36b06c4030a8c7cd9940c6d99fb45301eba0115 Mon Sep 17 00:00:00 2001
From: Paul Spinrad `["10.255.0.0/16"]`
+ ["10.255.0.0/16"]
Slice size for each Diego Cell
"subnet_prefix_length" on the silk-controller job
The CIDR mask for each Diego Cell's individual overlay network subnet.
- For a `/24` subnet for each Diego Cell, enter `24`. This subnet must be
+ For a /24 subnet for each Diego Cell, enter /24. This subnet must be
smaller than all individual IP ranges provided in the "network" property.
- `24`
+ /24
| Value | ||
|---|---|---|
| network | -`["10.255.0.0/20", "10.255.96.0/21", "10.255.200.0/23", "10.255.220.0/24"]` | +["10.255.0.0/20", "10.255.96.0/21", "10.255.200.0/23", "10.255.220.0/24"] |
| subnet_prefix_length | -`24` | +24 |
| Invalid reason | -"subnet_prefix_length" must be smaller than all CIDRs in the "network". In this case it is the same size as `10.255.220.0/24`. | +"subnet_prefix_length" must be smaller than all CIDRs in the "network." In this case it is the same size as 10.255.220.0/24. |
["10.255.0.0/20", "10.255.96.0/21", "10.255.200.0/23", "10.255.220.0/32"]2410.255.220.0/32.["10.255.0.0/20", "10.255.0.0/16"]2410.255.0.0/20 is a subset of 10.255.0.0/16.buildpack attribute. For more information, see
- buildpack.buildpack attribute. For more information, see
+ buildpack.| Metaphorical Property | +Pie Metaphor Property | Actual Bosh Property | Description | Default | |||||
|---|---|---|---|---|---|---|---|---|---|
| Group of pies and their sizes | -"network" on the silk-controller job | +network on the silk-controller job |
An list of CIDR address blocks for the overlay network provided as an
array of strings. Subnets for each Diego Cell are allocated out of this
- network. The "subnet_prefix_length" property must be smaller than the
+ network. The subnet_prefix_length property must be smaller than the
smallest CIDR address block.
|
["10.255.0.0/16"] |
@@ -55,9 +55,9 @@ smaller number of possible Diego Cells (which are fed more each).
Slice size for each Diego Cell | "subnet_prefix_length" on the silk-controller job | The CIDR mask for each Diego Cell's individual overlay network subnet.
- For a /24 subnet for each Diego Cell, enter /24. This subnet must be
- smaller than all individual IP ranges provided in the "network" property.
- | /24 |
+ For a 24 |
10.255.220.0/24.subnet_prefix_length must be smaller than all CIDRs in the network. In this case it is the same size as 10.255.220.0/24.10.255.220.0/32.subnet_prefix_length must be smaller than all CIDRs in the network. In this case it is larger than 10.255.220.0/32.10.255.0.0/20 is a subset of 10.255.0.0/16.network must not have any overlapping IP ranges. In this case 10.255.0.0/20 is a subset of 10.255.0.0/16.
+The command map-route supports the --option flag only for new routes.
+To update an existing route, the command update-route must be used as described before.
The command map-route supports the --option flag only for new routes.
To update an existing route, the command update-route must be used as described before.
10.255.0.0/20 is a subset of 10.255.0.0/16.network must not have any overlapping IP ranges. In this case 10.255.0.0/20 is a subset of 10.255.0.0/16.update-route must be used
### Retrieve Route Options
-To verify route options, you can query the route using the `route` command:
+To read route options, you can query the route using the `route` command:
```
cf route EXAMPLE.COM --hostname MY-HOST
From a6546209d78c23b8dc1801e8497b77fcb41755d2 Mon Sep 17 00:00:00 2001
From: Daria <66593181+Dariquest@users.noreply.github.com>
Date: Thu, 6 Feb 2025 14:21:56 +0100
Subject: [PATCH 077/132] add cf routes command doc
---
custom-per-route-options.html.md.erb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/custom-per-route-options.html.md.erb b/custom-per-route-options.html.md.erb
index 711cd7c4..0b0d560e 100644
--- a/custom-per-route-options.html.md.erb
+++ b/custom-per-route-options.html.md.erb
@@ -136,3 +136,5 @@ To read route options, you can query the route using the `route` command:
```
"options": {"loadbalancing": "least-connection"}
```
+
+To retrieve all the routes with the corresponding options in a space of an organization, you can use `routes` command.
From 8cdb9ec82371eff8d2e0988b4435f4560aa317eb Mon Sep 17 00:00:00 2001
From: Daria <66593181+Dariquest@users.noreply.github.com>
Date: Thu, 6 Feb 2025 17:45:43 +0100
Subject: [PATCH 078/132] Fix the formatting of the console output
---
custom-per-route-options.html.md.erb | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/custom-per-route-options.html.md.erb b/custom-per-route-options.html.md.erb
index 0b0d560e..c3c47600 100644
--- a/custom-per-route-options.html.md.erb
+++ b/custom-per-route-options.html.md.erb
@@ -45,7 +45,7 @@ To configure per-route load balancing for an application that has not yet been p
1. Push the app with the manifest:
- ```
+ ```console
cf push -f manifest.yml
```
@@ -55,7 +55,7 @@ To change the per-route `loadbalancing` option of an existing route, you can use
For example, to change an app route's algorithm from `least-connection` to `round-robin`, you can run the `update-route` command:
- ```
+ ```console
cf update-route EXAMPLE.COM --host MY-HOST --option loadbalancing=round-robin
```
@@ -63,7 +63,7 @@ Alternatively, it is also possible to update the per-route load balancing option
Run the `PATCH` request to the targeted API endpoint:
- ```
+ ```console
cf curl /v3/routes/GUID -X PATCH -H "Content-type: application/json" \
-d '{
"options": {
@@ -79,13 +79,13 @@ Run the `PATCH` request to the targeted API endpoint:
To create a route with a per-route `loadbalancing` option, you can use the cli command `create-route`.
For example:
- ```
+ ```console
cf create-route EXAMPLE.COM --host MY-HOST --option loadbalancing=round-robin
```
Alternatively, it is also possible to create a route with a per-route load balancing option via the `/v3/routes` API:
- ```
+ ```console
cf curl /v3/routes -X POST -H "Content-type: application/json" \
-d '{
"host": "MY-HOST",
@@ -103,7 +103,7 @@ To create and map a new route to an existing application with the per-route `loa
For example:
- ```
+ ```console
cf map-route MY-APP EXAMPLE.COM --hostname MY-HOST --option loadbalancing=round-robin
```
@@ -115,26 +115,26 @@ To update an existing route, the command update-route must be used
To read route options, you can query the route using the `route` command:
- ```
+ ```console
cf route EXAMPLE.COM --hostname MY-HOST
```
The response lists the chosen `loadbalancing` algorithm option, e.g. `least-connection`:
- ```
+ ```console
options: {loadbalancing=least-connection}
```
Alternatively, you can query the `routes` API endpoint for a route:
- ```
+ ```console
cf curl /v3/routes/?hosts=MY-HOST
```
Where `MY-HOST` is the host attribute of the route. The response lists the chosen `loadbalancing` algorithm option as well:
- ```
+ ```console
"options": {"loadbalancing": "least-connection"}
```
-To retrieve all the routes with the corresponding options in a space of an organization, you can use `routes` command.
+To retrieve all the routes with the corresponding options in a space of an organization, you can use the `routes` command.
From 89eaca99c8c217e328a90ac201b05f5113e7bdfe Mon Sep 17 00:00:00 2001
From: Paul Spinrad - $ cf app my-app --guid - abcdefab-1234-5678-abcd-1234abcd1234 -- -1. Query the `/v2/info` endpoint of the Cloud Controller in your deployment. Record the domain name -and port number of the `app_ssh_endpoint` field, and the `app_ssh_host_key_fingerprint` field. You can compare the `app_ssh_host_key_fingerprint` with the fingerprint returned by the SSH proxy on your target VM. For example: - -
- $ cf curl /v2/info
- {
- ...
- "app_ssh_endpoint": "ssh.example.com:2222",
- "app_ssh_host_key_fingerprint": "a6:14:c0:ea:42:07:b2:f7:53:2c:0b:60:e0:00:21:6c",
- ...
- }
-
-
- In this example:
- ssh.example.com.2222.a6:14:c0:ea:42:07:b2:f7:53:2c:0b:60:e0:00:21:6c.- $ cf ssh-code - E1x89n -- -1. Run your `ssh` or other command to connect to the app instance. - - SSH into the container hosting the first instance of your app by running: - - ```console - ssh -p `SSH-PORT` cf:APP-GUID/APP-INSTANCE-INDEX@SSH-ENDPOINT - ``` - - Where: -
SSH-PORT is the port number recorded in earlier steps.APP-GUID comes from earlier steps.APP-INSTANCE-INDEX is the index of the instance that you want to access.SSH-ENDPOINT comes from the earlier steps and is in the form ssh.MY-DOMAIN.com.
- $ ssh -p 2222 cf:abcdefab-1234-5678-abcd-1234abcd1234/0@ssh.example.com
-
- - Or you can use `scp` to transfer files by running one of the following commands:
-
- ```console
- scp -P `SSH-PORT` -o User=cf:APP-GUID/APP-INSTANCE-INDEX ssh.MY-DOMAIN.com:REMOTE-FILE-TO-RETRIEVE LOCAL-FILE-DESTINATION
- ```
- ```console
- scp -P `SSH-PORT` -o User=cf:APP-GUID/APP-INSTANCE-INDEX LOCAL-FILE-TO-COPY ssh.MY-DOMAIN.com:REMOTE-FILE-DESTINATION
- ```
- - Or you can use `ssh` piped with `cat` to transfer the file:
-
- ```console
- cat local_file_path | cf ssh MY-AWESOME-APP -c "cat > remote_file_path"
- ```
-
-2. When the SSH proxy reports its RSA fingerprint, confirm that it matches the `app_ssh_host_key_fingerprint` recorded previously. When prompted for a password, paste in the authorization code returned by `cf ssh-code`, for example:
-
- - $ ssh -p 2222 cf:abcdefab-1234-5678-abcd-1234abcd1234/0@ssh.MY-DOMAIN.com - The authenticity of host '[ssh.MY-DOMAIN.com]:2222 ([203.0.113.5]:2222)' can't be established. - RSA key fingerprint is a6:14:c0:ea:42:07:b2:f7:53:2c:0b:60:e0:00:21:6c. - Are you sure you want to continue connecting (yes/no)? yes - Warning: Permanently added '[ssh.MY-DOMAIN.com]:2222 [203.0.113.5]:2222' (RSA) to the list of known hosts. - cf:d0a2e11d-e6ca-4120-b32d-140@ssh.ketchup.cf-app.com's password: - vcap@ce4l5164kws:~$ -- -You have now securely connected to the app instance. ## SSH proxy security configuration From 08b9a0044b227a7c991712f5d2e8743af5821d9d Mon Sep 17 00:00:00 2001 From: anita-flegg
-The command map-route supports the --option flag only for new routes.
+The command map-route supports the --option flag only for new routes.
To update an existing route, the command update-route must be used as described before.
The command map-route supports the --option flag only for new routes.
@@ -115,26 +114,26 @@ To update an existing route, the command update-route must be used
To read route options, you can query the route using the `route` command:
- ```console
- cf route EXAMPLE.COM --hostname MY-HOST
- ```
+```console
+cf route EXAMPLE.COM --hostname MY-HOST
+```
- The response lists the chosen `loadbalancing` algorithm option, e.g. `least-connection`:
+ The response lists the chosen `loadbalancing` algorithm option, e.g. `least-connection`:
- ```console
- options: {loadbalancing=least-connection}
- ```
+```console
+options: {loadbalancing=least-connection}
+```
- Alternatively, you can query the `routes` API endpoint for a route:
+ Alternatively, you can query the `routes` API endpoint for a route:
- ```console
- cf curl /v3/routes/?hosts=MY-HOST
- ```
+```console
+cf curl /v3/routes/?hosts=MY-HOST
+```
- Where `MY-HOST` is the host attribute of the route. The response lists the chosen `loadbalancing` algorithm option as well:
+Where `MY-HOST` is the host attribute of the route. The response lists the chosen `loadbalancing` algorithm option as well:
- ```console
- "options": {"loadbalancing": "least-connection"}
- ```
+```console
+ "options": {"loadbalancing": "least-connection"}
+```
To retrieve all the routes with the corresponding options in a space of an organization, you can use the `routes` command.
From 5ff2287bba76ffa0c6d39bd4471b6f7eb40b2fcd Mon Sep 17 00:00:00 2001
From: Paul Spinrad
-
+* Using pre-v7 cf CLI commands:
+
+ 1. Retrieve the GUID of the app:
+
+ ```
+ cf app APP-NAME --guid
+ ```
+ Where `APP-NAME` is the name of your app.
+
+ 1. Retrieve the GUID of the revision. See [Retrieve a revision](#get).
+
+ 1. Create a deployment using CAPI by running:
+
+ ```
+ cf curl v3/deployments \
+ -X POST \
+ -d '{
+ "revision": {
+ "guid": "REVISION-GUID"
+ },
+ "relationships": {
+ "app": {
+ "data": {
+ "guid": "APP-GUID"
+ }
+ }
+ }
+ }'
+ ```
+
+ Where:
+ REVISION-GUID is the GUID of the revision.APP-GUID is the GUID of the app.
+
## Add metadata to a revision
From b497af45e677966631d9be79e0248ffe2801a634 Mon Sep 17 00:00:00 2001
From: Paul Spinrad REVISION-GUID is the GUID of the revision.APP-GUID is the GUID of the app.
-
+ ```
+ cf curl v3/deployments \
+ -X POST \
+ -d '{
+ "revision": {
+ "guid": "REVISION-GUID"
+ },
+ "relationships": {
+ "app": {
+ "data": {
+ "guid": "APP-GUID"
+ }
+ }
+ }
+ }'
+ ```
+
+ Where:
+ REVISION-GUID is the GUID of the revision.APP-GUID is the GUID of the app.
+
## Add metadata to a revision
From 721905b311d03778bbf26b874496040cd6f6b0b3 Mon Sep 17 00:00:00 2001
From: Paul Spinrad REVISION-GUID is the GUID of the revision.APP-GUID is the GUID of the app.
It is important to note that changes
to environment variables and service bindings are not reverted.
CAPI v3 is the recommended API version for revisions. While revisions work with CAPI v2, there are several inconsistencies. For example, revision descriptions for apps with multiple processes can be inaccurate because CAPI v2 does not support apps with multiple processes. Additionally, pushing an app for the first time with revisions in CAPI v2 creates two revisions.
@@ -64,27 +67,27 @@ This section describes how to use CAPI endpoints for viewing revisions. To list revisions for an app: * Using the `revisions` command: - - ``` - cf revisions APP-NAME - ``` - Where `APP-NAME` is the name of your app. -* Using the `curl` command - - 1. Retrieve the GUID of the app by running: + ``` + cf revisions APP-NAME + ``` + Where `APP-NAME` is the name of your app. + +* Using the `curl` command: - ``` - cf app APP-NAME --guid - ``` - Where `APP-NAME` is the name of your app. + 1. Retrieve the GUID of the app by running: - 1. Run: + ``` + cf app APP-NAME --guid + ``` + Where `APP-NAME` is the name of your app. - ``` - cf curl /v3/apps/GUID/revisions - ``` - Where `GUID` is the GUID you retrieved in an earlier step. + 1. Run: + + ``` + cf curl /v3/apps/GUID/revisions + ``` + Where `GUID` is the GUID you retrieved in an earlier step. ### List deployed revisions for an app @@ -92,26 +95,26 @@ Deployed revisions are revisions linked to started processes in an app. To list * Using the `revision` command: - ``` - cf revision APP-NAME - ``` - Where `APP-NAME` is the name of your app. + ``` + cf revision APP-NAME + ``` + Where `APP-NAME` is the name of your app. * Using the `curl` command - 1. Retrieve the GUID of the app by running: + 1. Retrieve the GUID of the app by running: - ``` - cf app APP-NAME --guid - ``` - Where `APP-NAME` is the name of your app. + ``` + cf app APP-NAME --guid + ``` + Where `APP-NAME` is the name of your app. - 1. Run: + 1. Run: - ``` - cf curl /v3/apps/GUID/revisions/deployed - ``` - Where `GUID` is the GUID you retrieved in an earlier step. + ``` + cf curl /v3/apps/GUID/revisions/deployed + ``` + Where `GUID` is the GUID you retrieved in an earlier step. ### Retrieve a revision @@ -119,19 +122,19 @@ To retrieve a revision: * Using the `revision` command: - ``` - cf revision APP-NAME --version VERSION - ``` - Where `APP-NAME` is the name of your APP and `VERSION` is the revision version. + ``` + cf revision APP-NAME --version VERSION + ``` + Where `APP-NAME` is the name of your APP and `VERSION` is the revision version. * Using the `curl` command: - 1. Run: + 1. Run: - ``` - cf curl /v3/revisions/GUID - ``` - Where `GUID` is the GUID of the revision. + ``` + cf curl /v3/revisions/GUID + ``` + Where `GUID` is the GUID of the revision. ## Roll back to a previous revision @@ -140,23 +143,23 @@ To roll back to a previous revision: * Using the `rollback` command: - ``` - cf rollback APP-NAME --version VERSION - ``` - Where `APP-NAME` is the name of your APP and `VERSION` is the revision version you want to rollback to. + ``` + cf rollback APP-NAME --version VERSION + ``` + Where `APP-NAME` is the name of your APP and `VERSION` is the revision version you want to rollback to. * Using `curl` command: - 1. Retrieve the GUID of the app: + 1. Retrieve the GUID of the app: - ``` - cf app APP-NAME --guid - ``` - Where `APP-NAME` is the name of your app. + ``` + cf app APP-NAME --guid + ``` + Where `APP-NAME` is the name of your app. - 1. Retrieve the GUID of the revision. See [Retrieve a revision](#get). + 1. Retrieve the GUID of the revision. See [Retrieve a revision](#get). - 1. Create a deployment using CAPI by running: + 1. Create a deployment using CAPI by running: ``` cf curl v3/deployments \ @@ -198,14 +201,14 @@ To deactivate revisions for an app: 1. Retrieve the GUID of the app by running: - ``` - cf app APP-NAME --guid - ``` - Where `APP-NAME` is the name of your app. + ``` + cf app APP-NAME --guid + ``` + Where `APP-NAME` is the name of your app. 1. Run: - ``` - cf curl /v3/apps/GUID/features/revisions -X PATCH -d '{ "enabled": false }' - ``` - Where `GUID` is the GUID you retrieved in an earlier step. + ``` + cf curl /v3/apps/GUID/features/revisions -X PATCH -d '{ "enabled": false }' + ``` + Where `GUID` is the GUID you retrieved in an earlier step. From d2534a1905cdf82a9f408f1b66aa72fd6599a949 Mon Sep 17 00:00:00 2001 From: Paul SpinradCAPI v3 is the recommended API version for revisions. While revisions work with CAPI v2, there are several inconsistencies. For example, revision descriptions for apps with multiple processes can be inaccurate because CAPI v2 does not support apps with multiple processes. Additionally, pushing an app for the first time with revisions in CAPI v2 creates two revisions.
--The app revisions API is experimental, and future releases might have breaking changes.
-## Revisions use cases +## Overview + +Every <%= vars.platform_name %> app has a name. +When you first deploy an app, <%= vars.platform_name %> gives it the revision version number `1`. +When you re-deploy the app under the same name, for example as an update, <%= vars.platform_name %> increments its version number and saves the old version. + +This saved application history is used by the `revisions` and `revision` CAPI endpoints and cf CLI commands to let you: -Some use cases for revisions include: +* **View revisions for an app:** To help you understand how your app has changed over time. -* **Viewing revisions for an app:** This can help you understand how your app has changed over time. +* **Roll back to a previous revision:** To deploy a version of the app that you had running previously without needing to track that previous state yourself or have multiple apps running. When roll back an app, the specified revision deploys as the new current version of your app. -* **Rolling back to a previous revision:** This allows you to deploy a version of the app that you had running previously without needing to track that previous state yourself or have multiple apps running. When you create a deployment and reference a revision, the revision deploys as the current version of your app. +> **Note** The `cf revision` command takes a `--version` flag to specify a version number, but the command's output lists the same number as its `revision`. -### Events that trigger revisions +### When current app revision changes -Revisions are generated through these events: +The app's revision version number increments when: * A new droplet is deployed for an app. -* An app is deployed with new environment variables. +* An app is deployed with `--strategy rolling` or `--strategy canary` as described in [Configuring app deployments](deploy-apps.html). +* An app is deployed with a new environment variables. * An app is deployed with a new or changed custom start command. * An app rolls back to a prior revision. + - In this case, the newly-running version is identical to the specified old version. By default, CAPI retains a maximum of 100 revisions per app. @@ -89,9 +92,9 @@ To list revisions for an app: ``` Where `GUID` is the GUID you retrieved in an earlier step. -### List deployed revisions for an app +### List current revision for an app -Deployed revisions are revisions linked to started processes in an app. To list deployed revisions: +The current revision of an app is its currently-deployed revision, linked to started processes. To list an app's current revision: * Using the `revision` command: @@ -116,6 +119,9 @@ Deployed revisions are revisions linked to started processes in an app. To list ``` Where `GUID` is the GUID you retrieved in an earlier step. + When the current app is still deploying or is in a `stopped` state, the command output states, `It is not possible to show which revision is currently deployed.` + + ### Retrieve a revision To retrieve a revision: From c57bedc16add9af2a4b624a7334800af842b2928 Mon Sep 17 00:00:00 2001 From: Paul Spinradprocess_id and revision_version values. e.g. APP/REV/4/PROC/WEB/1
@@ -173,6 +173,19 @@ The following table describes the limitations when using these deployments.
Retrieve the logs by running the cf CLI command cf logs APP_NAME.
cf curl /v3/deployments?status_values=ACTIVE?app_guid=$(cf app APP_NAME --guid).
+ Add the X-CF-PROCESS-INSTANCE: header to traffic
to the app. Optionally, to send traffic to one specific canary instance,
add an index:
- `X-CF-PROCESS-INSTANCE:X-CF-PROCESS-INSTANCE:: .
From 7b7be2f343f82d16b6444547aa38ad5bd473db36 Mon Sep 17 00:00:00 2001
From: Amelia Downs cf curl /v3/deployments?status_values=ACTIVE?app_guid=$(cf app APP_NAME --guid).
+ Get the canary process guid via cf curl /v3/deployments?status_values=ACTIVE&app_guid=$(cf app APP_NAME --guid).
Add the X-CF-PROCESS-INSTANCE: header to traffic
to the app. Optionally, to send traffic to one specific canary instance,
add an index:
From 61116c4174faa773833eb59e72189a67a61f626a Mon Sep 17 00:00:00 2001
From: Amelia Downs
-Use of the X-Cf-App-Instance header is available only for users on the Diego architecture.
-
+$ cf app example-app ++ +The following example shows a request made to instance `9` of an process with GUID `5cdc7595-2e9b-4f62-8d5a-a86b92f2df0e` and mapped to route +`example-app.<%= vars.private_app_domain %>`. + +
+$ curl example-app.<%= vars.private_app_domain %> -H "X-Cf-Process-Instance: 5cdc7595-2e9b-4f62-8d5a-a86b92f2df0e:9" ++ +The following example shows a request made a process with GUID `5cdc7595-2e9b-4f62-8d5a-a86b92f2df0e` and mapped to route +`example-app.<%= vars.private_app_domain %>`. + +
+$ curl example-app.<%= vars.private_app_domain %> -H "X-Cf-Process-Instance: 5cdc7595-2e9b-4f62-8d5a-a86b92f2df0e" ++ +If the `X-Cf-Process-Instance` header is set to an invalid value, Gorouter returns a `400` status code and the response from Gorouter contains a +`X-Cf-Routererror` header with more information about the error. + +These are the possible error responses: + +
| X-Cf-Routererror value | +Reason for error + | Response body | +
|---|---|---|
invalid_cf_process_instance_header |
+ The value provided for X-Cf-Process-Instance was an incorrectly formatted GUID. |
+ None | +
unknown_route |
+ The value provided for X-Cf-Process-Instance is a correctly formatted GUID, but no backend is found with that GUID and index for the route
+ requested. |
+ 400 Bad Request: Requested process instance ('1') with guid ('aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa') does not exist for route
+ ('example-route.cf.com') |
+
unknown_route |
+ The value provided for X-Cf-Process-Instance is a correctly formatted GUID but no backend is found with that GUID for the route
+ requested. |
+ 400 Bad Request: Requested process instance with guid ('aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa') does not exist for route
+ ('example-route.cf.com') |
+
SYSLOG-DRAIN-URL is the syslog URL from Step 1: Configure the Log Management Service.
$ cf create-user-provided-service DRAIN-NAME -l SYSLOG-URL?drain-data=DRAIN-DATA-VALUE
@@ -124,6 +124,22 @@ You can create a syslog drain service and bind apps to it using Cloud Foundry Co
$ cf create-user-provided-service DRAIN-NAME -l SYSLOG-URL -p '{"ca":"-----BEGIN CERTIFICATE-----\nMIIH...-----END CERTIFICATE-----", "cert":"-----BEGIN CERTIFICATE-----\nMIIH...-----END CERTIFICATE-----","key":"-----BEGIN PRIVATE KEY-----\nMIIE...-----END PRIVATE KEY-----"}'
+ When setting up your syslog drain, it is important to choose the correct scheme for your SYSLOG-URL:
+
+ * Use the syslog-tls scheme for endpoints that require TLS or mTLS.
+ * Use the syslog scheme for endpoints that do not require TLS.
+ * Use the https scheme when shipping logs to an HTTPS endpoint.
+
+ If you need to use TLS or mTLS, ensure that you provide the necessary CA certificate. Additionally to the CA certificate for mTLS configuration, both the client certificate and the key must be provided.
+
+ Ensure that certificates and keys are PEM-encoded as specified in RFC-1422. They should be provided as string values, with new lines represented by the `\n` character, and must not have trailing new lines. You can convert a PEM-encoded certificate string to a processable format using the following command:
+
+
+ $ awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' cert.pem | sed 's/\\n$//' | tr -d '\n'
+
+
+ The `cf create-user-provided-service` command accepts any JSON payload without validating the certificates or credentials while creating the syslog drain. There is no error message for wrong certificates or credentials in the cf CLI; you can only validate in your target log service if your syslog drain was configured correctly. To troubleshoot your certificates, you can use the openssl command line tool.
+
For more information, see [User-provided service instances](./user-provided.html).
2. To bind an app to the service instance, do one of these:
From 44229b20e268d287847b87bb175a5d4396a3b923 Mon Sep 17 00:00:00 2001
From: Amelia Downs cf curl /v3/deployments?status_values=ACTIVE&app_guid=$(cf app APP_NAME --guid).
From be9b341c188b8e34decb67da66ad03b9e1fc6177 Mon Sep 17 00:00:00 2001
From: Amelia Downs | Step | +Step Weight | +Original Instances | +Canary Instances | +Actual Weighting | +
|---|---|---|---|---|
| Pre-deploy | +n/a | +10 | +0 | +0 | +
| 1 | +1% | +10 | +1 | +9% | +
| 2 | +20% | +9 | +2 | +18% | +
| 3 | +45% | +6 | +5 | +45% | +
| 4 | +80% | +3 | +8 | +72% | +
| 5 | +100% | +0 | +10 | +100% | +
| Post-deploy | +n/a | +0 | +10 | +100% | +
-Do not use user-provided environment variables for security-sensitive information such as credentials. They might unintentionally show up in cf CLI output and Cloud Controller logs. Use user-provided service instances instead. The system-provided environment variable VCAP_SERVICES is properly redacted for user roles such as Space Supporter and in Cloud Controller log files.
+Do not use user-provided environment variables for security-sensitive information such as credentials. They might unintentionally show up in cf CLI output and Cloud Controller logs. Use user-provided service instances instead. Credentials which are provided to the app via service bindings are redacted for user roles such as Space Supporter and in Cloud Controller log files.
The maximum size of an environment variable is 130 KB. This limit applies also to <%= vars.app_runtime_abbr %> system environment variables such as VCAP_SERVICES and VCAP_APPLICATION.
You must restart or in some cases re-push your app for changes to be applied to the VCAP_SERVICES environment variable and for the app to recognize these changes.
+### Credential Delivery Methods + +After your service instance is created and bound to your app, the credentials together with some metadata are available in the app container and can be consumed by your app. +There are the following three delivery methods, which are mutually exclusive. The developer can choose which one to use and needs to adjust the consumption in the app accordingly. +For details about consuming credentials specific to your development framework, see the Service Binding section in the documentation for your framework's [buildpack](../../buildpacks/index.html). + +#### Default VCAP_SERVICES environment variable + +By default credentials and additional metadata for all bound service instances are stored in the VCAP_SERVICES environment variable. + +There are two methods developers can use to have their apps consume binding credentials. + +* **Parse the JSON yourself:** See the documentation for [VCAP_SERVICES](../deploy-apps/environment-variable.html#VCAP-SERVICES). Helper libraries are available for some frameworks. +* **Auto-configuration:** Some buildpacks create a service connection for you by creating additional environment variables, updating config files, or passing system parameters to the JVM. + +For checking the binding data manually app devlopers can use `cf env`. See [View Env](../deploy-apps/environment-variable.html#view-env). + ++The maximum size of content of the VCAP_SERVICES environment variable is 130 KB. If you want to bind more services to the app or the services you want to bind provide lots of data, you can use one of the other methods.
+ +#### File-based VCAP services (experimental) + +This delivery method is used when the app feature [file-based-vcap-services](https://v3-apidocs.cloudfoundry.org/index.html#app-features) is enabled. +The environment variable [VCAP_SERVICES_FILE_PATH](../deploy-apps/environment-variable.html#VCAP-SERVICES-FILE-PATH) will be made available in the app container and contains the path to a file containing the same content as the VCAP_SERVICES environment variable above. + +The binding data can be viewed like this: + +~~~ +cf ssh+The vcap_services file content cannot exceed 1 MB, otherwise an `IncompatibleBindings` error is raised.
+ +#### Service Binding K8s (experimental) + +This delivery method is used when the app feature [service-binding-k8s](https://v3-apidocs.cloudfoundry.org/index.html#app-features) is enabled. +The environment variable [SERVICE_BINDING_ROOT](../deploy-apps/environment-variable.html#SERVICE-BINDING-ROOT) will be made available in the app container and contains the path to the root folder of a file structure containing binding information. +This method is fully compatible with the specification on [servicebinding.io](https://servicebinding.io/), which is used by Kubernetes as well. + +The binding data can be viewed like this: + +~~~ +cf ssh+The bytesize of all files and their content combined cannot exceed 1 MB, otherwise an `IncompatibleBindings` error is raised.
+ +Here are some examples outlining the transformation of VCAP_SERVICES to the file structure: + +Nested structures inside their value will be serialized as JSON objects. The same applies if the value is a list. + +~~~ +VCAP_SERVICES= { + "foo": [ + { + "name": "foo", + "credentials": { + "simple": "value", + "deeply": { + "nested": "value" + }, + "list": ["v", "a", "l", "u", "e"] + } + } + ] +} + +Service Binding Files: + foo/name: foo + foo/simple: value + foo/deeply: {"nested":"value"} + foo/list: ["v","a","l","u","e"] +~~~ + +Existing credential keys can be overwritten by other attributes, that are [VCAP_SERVICES](../deploy-apps/environment-variable.html#VCAP-SERVICES) attributes plus type and provider. The full list of reserved file names is: binding-guid, binding-name, instance-guid, instance-name, name, label, tags, plan, syslog-drain-url, volume-mounts, type, and provider. Overwriting an existing key does not result in an error. + +~~~ +VCAP_SERVICES= { + "foo": [ + { + "name": "foo", + "credentials": { + "name": "user", + "secret": "password" + } + } + ] +} + +Service Binding Files: + foo/name: foo + foo/secret: password +~~~ + +Empty lists or null values are omitted, i.e. no file will be created. + +~~~ +VCAP_SERVICES= { + "foo": [ + { + "name": "foo", + "binding_guid": "45436ca8-0a7c-45e3-9439-ca1b44db7a2b", + "syslog_drain_url": null, + "volume_mounts": [] + } + ] +} + +Service Binding Files: + foo/name: foo + foo/binding-guid: 45436ca8-0a7c-45e3-9439-ca1b44db7a2b +~~~ + +Binding names and keys resulting in filenames must match [a-z0-9\-.]{1,253}. Invalid binding names and keys will result in IncompatibleBindings error. VCAP_SERVICES attributes are transformed to comply to this schema, i.e. underscores are replaced by hyphens, so that e.g. VCAP_SERVICES attribute binding_guid becomes file name binding-guid. + +~~~ +VCAP_SERVICES= { + "foo": [ + { + "name": "foo", + "binding_guid": "45436ca8-0a7c-45e3-9439-ca1b44db7a2b", + "instance_guid": "83745ca8-0a7c-45e3-9439-ca1b44db7a2b" + } + ] +} + +Service Binding Files: + foo/name: foo + foo/binding-guid: 45436ca8-0a7c-45e3-9439-ca1b44db7a2b + foo/instance-guid: 83745ca8-0a7c-45e3-9439-ca1b44db7a2b +~~~ + ### Arbitrary parameters Some services support additional configuration parameters with the bind request. These parameters are passed in a valid JSON object containing service-specific configuration parameters, provided either in-line or in a file. For a list of supported configuration parameters, see documentation for the particular service offering. @@ -102,15 +238,6 @@ The provided name is available in the `name` and `binding_name` properties in th } ~~~ -### Using bound service instances - -After your service instance is created and bound to your app, you must configure the app to dynamically fetch the credentials for your service instance. The [VCAP_SERVICES](../deploy-apps/environment-variable.html#VCAP-SERVICES) environment variable contains credentials and additional metadata for all bound service instances. There are two methods developers can use to have their apps consume binding credentials. - -* **Parse the JSON yourself:** See the documentation for [VCAP_SERVICES](../deploy-apps/environment-variable.html#VCAP-SERVICES). Helper libraries are available for some frameworks. -* **Auto-configuration:** Some buildpacks create a service connection for you by creating additional environment variables, updating config files, or passing system parameters to the JVM. - -For details about consuming credentials specific to your development framework, see the Service Binding section in the documentation for your framework's [buildpack](../../buildpacks/index.html). - ## Update service credentials This section describes how to update service instance credentials. diff --git a/services/managing-services.html.md.erb b/services/managing-services.html.md.erb index 127dd4ac..be0ea4a9 100644 --- a/services/managing-services.html.md.erb +++ b/services/managing-services.html.md.erb @@ -82,7 +82,7 @@ OK ### Instance tags _Instance tags require cf CLI v6.12.1+_ -Some services provide a list of tags that Cloud Foundry delivers in the [VCAP_SERVICES environment variable](../deploy-apps/environment-variable.html#VCAP-SERVICES). These tags provide developers with a more generic way for apps to parse `VCAP_SERVICES` for credentials. Developers might provide their own tags when creating a service instance by including the `-t` flag followed by a comma-separated list of tags. +Some services provide a list of tags that Cloud Foundry delivers to the app when the service is bound. These are included in the [VCAP_SERVICES environment variable](../deploy-apps/environment-variable.html#VCAP-SERVICES) or the file system epending on the chosen [Credential Delivery Method](./application-binding.html#credential-delivery-methods). These tags provide developers with a more generic way for apps to parse the service binding data for credentials. Developers might provide their own tags when creating a service instance by including the `-t` flag followed by a comma-separated list of tags. Example providing a comma-separated list of tags: @@ -151,7 +151,7 @@ Not all services support binding, as some services deliver value to users direct Depending on the service, binding a service instance to your app might deliver credentials for the service instance to the app. See [Delivering service credentials to an app](application-binding.html) for more information. Binding a service instance to an app can trigger app logs to be streamed to the service instance. See [Streaming app logs to log management services](log-management.html). -You must restart, or in some cases, re-push your app for changes to be applied to the VCAP_SERVICES environment variable and for the app to recognize these changes. +You must restart, or in some cases, re-push your app, so that new or changed binding data is delivered in the VCAP_SERVICES environment variable or the file system depending on the chosen [Credential Delivery Method](./application-binding.html#credential-delivery-methods).