A platform is only useful to developers if it is kept up to date. What are the new features and capabilities in the PCF 1.4 release? Goodies include logging changes, security updates, AutoScaling and many more.
Take a listen and keep up to date.
- Subscribe to the feed
- Feedback: email@example.com
- Links Referred to in the Show:
Welcome to the Pivotal Perspectives podcast. The podcast at the intersection of Agile, Cloud, and Big Data. Stay tuned for regular updates, technical deep dives, architecture discussions, and interviews. Now let’s join Pivotal’s Australia and New Zealand’s CTO, Simon Elisha, for the Pivotal Perspectives podcast.
Hello everyone and welcome to the Pivotal Perspectives podcast. Awesome to have you back, as always. Simon Elisha here, travelling at the moment, so not quite the same audio set up. I’m in a hotel room in Sydney as it happens, so I hope the quality is good enough to listen to.
What are we going to talk about this week? I thought it was well overdue for talking about some of the changes that took place in Pivotal Cloud Foundry, Version 1.4. This has been released a couple of months back, and it has been remiss of me not to talk enough about it. I did cover the Amazon Web Services and support that we rolled out, but there are a bunch of other changes in there, so I thought I’d give you a potted tour as to what’s changed, what things are relevant, and things you’d probably want to know about. Let’s give it a start.
Firstly, we’re using a new stack based on a Ubuntu Trusty 14.04 LTS. One of the nice things about using a platform like Cloud Foundry, Pivotal Cloud Foundry in particular, is you stop managing the operating system. It becomes something the platform looks after, so to do that effectively, we want to make sure we have up-standing versions of that platform rolled in and kept up-to-date and well supported. Now we support this new version of Ubuntu as the platform.
If you’re running existing processes, we also have support added for something called cflinuxfs2 which is drawn from the Unbuntu Trusty 14.04 release, and what you need to do is essentially re-stage your app if you need to upgrade. Basically, it’s as good as the old cf push command, with a dash s cflinuxfs2. It is in the documentation so you don’t have to remember anything, and it will get done for you. This means you’re totally up-to-date, that you’ve got all the security fixes, and that you have a platform that has longevity to it.
In terms of the current list of build packs that is supported on that platform, you can have Java, node JS, PHP, go, or golang, as some people like to call it, Python, and of course, Ruby. You have lots of choice there, and that list will be growing ever larger over time.
What else has been changing? Well, a new service is the GA, generally available on the platform, and that’s the MySQL service in the HA version thereof. And this is really nice because you can deploy it across multiple availability zones in the platform. It also has a new proxy tier that routes SQL connections from internal components to healthy cluster nodes. So you can make sure that you always give a good connection to you database. Easy to roll out one-click deployment BOSH takes care of all the magic, and everything gets rolled out for you, which is kind of nice.
You get a bunch of API and CLI changes. I think we spoke a little bit about plugins. If we didn’t, plugins are now supported in the CF CLI, so you can create your own plugins to the command line interface, which is very cool. But also, admins can now create wildcard routes within particular domains. So this means they can create a catch-all for traffic that may not have been adequately handled. It can go to a placeholder location that you want.
There’s also a bunch of other ORG and Space changes that have been done. A bit about flexibility, improvements, some tweaks to the API, etcetera, so things to look out for if you use that quite closely. That’s something to consider as well.
What else has been changed? Well, I think some of the big ones are around UAA and the Login server. A lot of customers use SAML, so we’ve improved the experience of SAML SSO using the Ops manager console. So in the past, you could only use it up using the meta-data URL for the sample identity provider. But now we provide two different ways to do that. The meta-data URL and meta-data XML. This is useful for those identity providers that don’t support the meta-data URL. We tried to make it as easy as possible to integrate into your environment. Similarly, we have improved the support for mapping LDAP groups to the administrative role of the Ops manager, so now you can do these very simply in the configuration page. Makes it very straight forward and very simple.
What about logging? A few changes to logging. Firstly, we’ve created Loggregator firehose, so everything gets sent into the firehose. You can grab that firehose and consume as you wish and then stream things off that as well. Also if you changed your syslog drain location, you don’t have to restart your applications, it automatically sets up the change. A lot of work going on in the logging space and the metric space, so keep your eye on that for future releases because there’s a lot of great work being done, that will be building up to some pretty cool capabilities in the future.
The notifications for the platform is always something that people are interested in and want to understand what’s going on. There is now a new centrally-managed application service that will notify users about platform and application events. So these are things like new service invitations, any planned down-time alerts, application performance warnings, etcetera. Essentially this means that everything comes to one place and can be distributed easily, and you can configure your own SMTP server in the run-time tile as well. So you can choose how those notifications get sent out. It makes that management process just a little bit easier, a little bit more straight forward.
Autoscaling, our old friend Autoscaling, is now officially GA after a successful beta period. We can set the minimum and maximum number of instances by percentage CPU utilization or calendar schedule. You will find that in the apps manager console to be able to manage that on a per-application basis. Which is pretty cool, and pretty handy.
Also, a number of security fixes and improvements, and patch updates, etcetera, took place. But one of the things I really wanted to talk about was the application security groups will now support login of the first packet of app-bound TCP traffic. So this is useful from an auditing perspective, if you want to see what is actually traveling out of your security groups. We now will capture those particular instances or cases of application communication so you can track it, manage it, and maintain it as you see fit.
Now, what else has happened? A number of changes on the operations manager side of things. We improved the visibility of the resource allocation for infrastructures of service. So you can see all the different instance types you’ve allocated and the defaults that have been set. And of course that’s where you can change it. That’s also where you can select whether you want to use internal storage or external storage for things like blobstores, etcetera. So if you’re running on Amazon Web Services you can choose to use S3. You can also choose where the particular databases are stored, be they internal databases or external databases. Also, a change in the choice of database you can use. You can use PostgreSQL or you can use MySQL. And of course you can use RDS hosting MySQL as well for the AWS version. And we also now support the elastic loadbalancer as well. If you’re not using the internal loadbalancer. So a few little changes, a few little fixes, a few little improvements there, which always makes it nice.
We’ve also improved the application dashboard and made that kind of cleaner, easier to use, some better work flows for creating and binding service instances. A really simple way of viewing recent logs and any environment variables. And also have provided a streaming logs feature with-in the browser. So you don’t have to jump to the command line to see what’s streaming logs, you can just jump into the console and immediately see the logs, flicking by, as you like. Also, uses with the space auditor role can now see events, logs, and a read-only list of bound service instances. You can imagine from an auditor perspective, that’s kind of interesting and exciting for those types of users.
Also, we’ve enabled you to add new roles to an existing user via the invitation flag, and we also update the ORG quota usage every thirty seconds. We’re giving you far more frequent information and far up-to-date information as well. Also, if you’re anyone who uses the usage service, or look at the usage report in the apps manager, it has a new super funky design that I’m sure people will like. Also, we now exposed those service usage events as a billing metric for internal charge records show that as well. So we control that, or expose that, which is probably a fair way to say, in a much clearer way. And also we have implemented some security constraints to limit access to the usage service and usage reports to users with the ORG manager role on a per-ORG basis, or people within the Cloud Control Admin scope across all reports. So a few changes there.
As ever, software is available to download network.pivotal.io, and you can roll your changes out. So you can do an upgrade, you can do a rolling upgrade at the platform, and get all the benefits of the latest version. If you’re running Pivotal Cloud Foundry, you should always be looking to keep yourself reasonably up to date, not only from a security perspective, but also from a feature function capability perspective. It’s a really important thing to keep a fresh and live experience. Remember if you’re providing a platform for developers, they expect the most modern and up-to-date platforms so, you need to put it in place for them. If you haven’t had a play with it at all, or the platform, you should give it a go, see what it’s like. You can download it and have an experiment. It’s always a good thing to see what’s out there. You will probably be pleasantly surprised.
So that’s a bit of an update of what is in 1.4. 1.5 just around the corner, so I’m sure we’ll be talking about that sooner rather than later. I hope to share some pretty cool stuff in that release as well. So until then, links and the shout outs to these particular components, and talk to you next time. Keep on building.
Thanks for listening to the Pivotal Perspectives podcast with Simon Elisha. We trust you’ve enjoyed it and ask that you share it with other people who may also be interested. And we’d love to hear your feedback, so please send any comments or suggestions to firstname.lastname@example.org. We look forward to having you join us next time on the Pivotal Perspectives podcast.
About the Author
Simon Elisha is CTO & Senior Manager of Field Engineering for Australia & New Zealand at Pivotal. With over 24 years industry experience in everything from Mainframes to the latest Cloud architectures - Simon brings a refreshing and insightful view of the business value of IT. Passionate about technology, he is a pragmatist who looks for the best solution to the task at hand. He has held roles at EDS, PricewaterhouseCoopers, VERITAS Software, Hitachi Data Systems, Cisco Systems and Amazon Web Services.More Content by Simon Elisha