0.185.0

Release Highlights

• If gorouter panics, the healthcheck endpoint now reports a failure so load balancers can do the right thing details
• Fixed fatal error fatal error: sync: Unlock of unlocked RWMutex details
• golang bumped to 1.11.4

Manifest Property Changes

None

0.184.0

Release Highlights

• gorouter no longer logs 404 responses it generates to gorouter.stdout.log; these are still available in access.log. Gorouter generates a 404 when a request is received for a URL that doesn't match any routes in its routing table. details

0.183.0

Release Highlights

• Operator can specify HTTP headers to be added by Gorouter to responses details
• Operator can specify HTTP headers to be removed by Gorouter from responses details
• We have updated locket to the latest commit details
• Fixed an issue introduced with the move to BPM for TCP Router on accumulating TCP-Router HAProxy instances details
• With the move to BPM, operators should colocate syslog-release for access log streaming. enable_access_log_streaming is no longer supported in the Gorouter details
• Gorouter stdout logs includes vcap_request_id so operators can correlate the stdout logs with access logs for easier debugging of issues details
• Route registrar now supports registration of TCP routes details
• When an application instance crashes while processing a request Gorouter now returns an error and takes the backend out of the pool temporarily, without retrying another backend. This change may cause increased 502 rates for existing apps details.
• We have updated from Cflinux2 to Cflinuxfs3 details
• We are still evaluating the issue we are having with performance reports and have not been able to get a root cause details

Manifest Property Changes

0.182.0	0.183.0	Default Value
did not exist	router.tls_port	443
did not exist	router.http_rewrite.responses.add_headers_if_not_present
did not exist	router.http_rewrite.responses.remove_headers
router.enable_access_log_streaming	no longer supported
did not exist	route_registrar.routing_api.api_url	http://routing-api.service.cf.internal:3000
did not exist	route_registrar.routing_api.oauth_url	https://uaa.service.cf.internal:8443
did not exist	route_registrar.routing_api.client_id	routing_api_client
did not exist	route_registrar.routing_api.client_secret
did not exist	route_registrar.routing_api.ca_certs
did not exist	route_registrar.routing_api.skip_ssl_validation	false
did not exist	route_registrar.routes now supports type, router_group, and external_port

0.182.0

Release Highlights

• Gorouter now immediately prunes TLS backends when encountering TCP dial errors details

0.181.0

Release Highlights

• Gorouter now has support for TLS to upstream backends by default and can not be disabled. Manifest property router.backends.enable_tls is no longer supported, and router.ca_cert is required. details
• BOSH Process Manager is now used for the remaining jobs in this release: tcp_router, acceptance_tests, and smoke_tests details details
• The number of concurrent connections to upstream backends is now limited to 500 by default. This can be configured with property router.backends.max_conns details
• HAProxy, used by tcp_router, has been bumped to 1.8.3 details
• Fixed bug introduced in 0.180.0 that caused gorouter to crash when router.enable_access_log_streaming: true; this property now has no affect and will be removed in a subsequent version. Syslog streaming is now enabled by colocation of syslog-release, which requires router.write_access_logs_locally: true details
• golang upgraded to 1.11.0

Manifest Property Changes

0.180.0	0.181.0	Default Value
router.backends.enable_tls	removed
router.ca_cert	now required
router.backends.max_conns	new default	500
router.enable_access_log_streaming	now has no affect; will be removed in subsequent release

0.180.0

Release Highlights

• Operator can see a log message that indicates the number of tries when the Gorouter fails to connect to a backend in the gorouter.log details
• Golang has been updated to 1.10.3 for all routing components details here and here
• Release author can now specify an IP for the route-registrar using the job spec. If a host is not found in the job spec it will default to the IP of the VM the route-registrar is running on details

Using BPM for routing components

• We are now using BPM for gorouter details
• We are now using BPM for routing-api details
• We are now using BPM for route_registrar details

Note: BPM needs to be colocated on the VM for the components that are using BPM. If you are using cf-deployment, BPM is already colocated on the bosh deployed VMs, but if you are not using cf-deployment you would have to colocate the BPM job on the component VMs for gorouter, routing-api and route-registrar.

Bug fixes:

• Fixed a issue where query parameters were not sent to the application when preceded by a // anywhere in the URL. Now when the request URL includes a //, the query parameters are sent to the application by the Gorouter details
• Fixed an issue with symlinks to enable bosh-cli v5.x to work with routing-release details
• PID files are being deleted when the Gorouter stops details

Known Issues

• Due to the enabling of BPM in the gorouter job, if router.enable_access_log_streaming is set to true the gorouter job will fail to start. To get around this, you can set router.enable_access_log_streaming: false if you also have router.write_access_logs_locally: true. If you didn't previously write access logs to disk, then you'll want to keep an eye on disk usage. We'll plan to fix this behavior in the next release.

0.179.0

Release Highlights

Bug Fixes

• We fixed an issue where backends were not being pruned on a TLS handshake failure potentially leading to stale routes in the routing tables, now backends are pruned when the TLS handshake fails details

0.178.0

Release Highlights

• We downgraded from Golang 1.10 to Golang 1.9. We found a breaking change in Golang 1.10 that the parsing of x509 certificates is much stricter. Github issues on the regression here and here. We plan to upgrade to Golang 1.10 when a fix is released for this issue.

0.177.0 - DO NOT USE

Do not use this release in production.

0.176.0

Release Highlights

• Operators can now configure a manifest property router.disable_log_forwarded_for to disable logging of X-Forwarded-For header in gorouter logs. This is to comply with EU regulations that do not allow persisting personal data. For details
• Operators can now configure a manifest property router.disable_log_source_ip to disable logging of source IP in gorouter logs. This is to comply with EU regulations that do not allow persisting personal data. For details

Bug fixes:

• We fixed an issue where Gorouter was not previously forwarding/settings the client certificate in the XFCC header when a request was being proxied through a route service. Gorouter now sets the XFCC header with the client certificate. See the manifest property router.forwarded_client_cert to understand the options available for forwarding a client certificate. For details
• We fixed an issue when sanitizing X-Forwarded-For header, when force_forwarded_proto_https: false and sanitize_forwarded_proto: true. When a request is received on port 443 with the X-Forwarded-Proto: http the Gorouter sanitizes the X-Forwarded-For header to http instead of upgrading the connection. For details

Manifest Property Changes

0.175.0	0.176.0	Default Value
did not exist	router.disable_log_forwarded_for	false
did not exist	router.disable_log_source_ip	false