You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Updated UAA Go Client to properly validate tokens presented by clients of Routing API
Routing API clients now receive a generic unauthorized error when token does not include necessary scopes details
Fixed a race condition which caused register and unregister route messages received from NATS would be applied in incorrect order, causing a route to remain in the routing table for a deleted app instance details
BOSH agent no longer reports tcp_router as failing during normal operation details
This required replacing haproxy and router_configurer jobs with new tcp_router job (see Manifest property changes below)
Use of quotes for empty values is now consistent in Gorouter access logs details
When route service url-encodes commas in X-Cf-Forwarded-Url, Gorouter will now successfully validate X-Cf-Proxy-Signature details
Routing acceptance tests no longer test Routing API endpoints for HTTP routes by default as these endpoints are experimental. This test suite can be run by setting manifest property acceptance_tests.include_http_routes: truedetails
TCP Emitter now cleans up connections for unrecognized events from Diego BBS details
Gorouter now logs the NATS host on disconnect details
Manifest Property Changes
gorouter
0.141.0
0.142.0
Default Value
did not exist
uaa.token_endpoint
uaa.service.cf.internal
did not exist
routing_api.uri
http://routing-api.service.cf.internal
routing_api
0.141.0
0.142.0
Default Value
did not exist
uaa.token_endpoint
uaa.service.cf.internal
tcp_emitter
0.141.0
0.142.0
Default Value
did not exist
routing_api.port
3000
did not exist
routing_api.uri
http://routing-api.service.cf.internal
did not exist
uaa.token_endpoint
uaa.service.cf.internal
router_configurer
This job has been replaced by tcp_router
haproxy
This job has been replaced by tcp_router
tcp_router
This is a new job for 0.142.0 and replaces router_configurer and haproxy
Routing API now supports mysql or postgresql as datastore instead of etcd. When routing_api.sqldb property is configured, data will be migrated from etcd. Routing API will continue watching etcd for new data to migrate until it loses connection with etcd (if that component is rolled for a deploy) or the routing_api.etcd property is removed with a subsequent deploy. Property routing_api.etcd is now optional when routing_api.sqldb is present.
Fixed bug for Zipkin tracing support: header X-B3-ParentSpanId is no longer sent when request does not include headers X-B3-TraceId and X-B3-SpanIddetails
Fixed bug introduced in 0.139.0: when router.force_forwarded_proto_https: false gorouter once again sends X-Forwarded-Proto: https to backends when request was received over TLS details
Routing acceptance tests no longer test routing api endpoints for http routes by default (as they are experimental and as yet unused by CF) details
Routing API client no longer sends body null with GET requests details
Gorouter now logs the destination ip and port in access logs details
Manifest generation scripts now pulls etcd certificate properties from cf-release for the metron agent colocated with routing components, so that it can communicate with etcd when it requires TLS details
scripts/update now exits fast when permission denied details
Known Issues
Manifest generation scripts insert two lines of nonsense at the top of the manifest file, causing deploy to fail. Remove these two lines and deploy will succeed. Will be fixed in the next release!
The routing API stores the router_group resource in etcd. Router group data is necessary to maintain consistency with the CC API's shared domains, which means that blowing away the data in etcd is not safe when using TCP routing.
PCRE has been updated in TCP Router to 8.39 details
Gorouter now offers HTTP healthcheck endpoint /health on port 8080 (configurable via existing router.status.port property) with support for properties router.load_balancer_healthy_threshold and router.drain_waitdetails
TCP Router now offers HTTP healthcheck endpoint /health on port 80 (configurable with property haproxy.health_check_port) details
Gorouter will route a request that contains a valid value for X-Cf-App-Instance HTTP header to the specified backend details
Gorouter now accurately reports in access log the number of bytes sent in the response body when returning an error details
Gorouter now supports optionally forcing the value of X-Forwarded-Proto sent to backends to https when an upstream component is terminating TLS but does not support sending HTTP headers
Support for Zipkin tracing
When Zipkin tracing is enabled, if request does not include both X-B3-TraceId and X-B3-SpanId HTTP headers, router will initiate a new trace id details
When Zipkin tracing is enabled, and request includes both X-B3-TraceId and X-B3-SpanId, Gorouter will forward HTTP header X-B3-ParentSpanId to the backend, set to the value of X-B3-SpanId in the received request details
When Gorouter initiates a trace, X-B3-TraceId and X-B3-SpanId headers are set to the same value details
The routing API stores the router_group resource in etcd. Router group data is necessary to maintain consistency with the CC API's shared domains, which means that blowing away the data in etcd is not safe when using TCP routing.
Gorouter can now be optionally configured to send Zipkin tracing HTTP headers X-B3-TraceId and X-B3-SpanId; these are also logged in the access log details
Gorouter now logs the NATS IP and port it connects to details
Gorouter now supports a configurable delay after which a newly started router begins listening for requests before bosh considers the process up details
Gorouter now logs unregister and pruning messages at an Info log level details
The HTTP User-Agent header for which Gorouter responds to healthchecks from load balancers is now configurable details
Gorouter route pruning can optionally be suspended when NATS is unavailable details
Gorouter now healthchecks NATS every 20 seconds so in the event of a NATS failure it will failover to a health NATS node and still have enough time to receive route registrations before pruning routes details
Route-registrar now healthchecks NATS every 20 seconds details
In Progress: Routing API support for MySQL/PostgreSQL details
In order to support a relational database, and still support event streams, Routing API instances now run in active/standby configuration, using Consul for lock details
Bug Fixes
TCP Router generates connection errors under load details
unfamiliar error in router_configurer_ctl.err.log details
Known Issues
The routing API stores the router_group resource in etcd. Router group data is necessary to maintain consistency with the CC API's shared domains, which means that blowing away the data in etcd is not safe when using TCP routing.
All routing components have been upgraded to golang1.6 details
Note: GoRouter does not currently support proxying HTTP/2 connections. Requests to backends will be made with HTTP/1.1 details
New manifest property suspend_pruning_if_NATS_unavailable can now be used to suspend pruning of HTTP routes if Gorouter cannot connect to NATS details
Bug Fixes
Pruning of root route in the presence of a route with a context path previously resulted in an unexpected 502 details
TCP Emitter attempted to map routes with no external ports details
Deployment with incorrect manifest configuration for Routing API, TCP Router, and TCP Emitter only failed on Routing API job details
Deployment did not fail when Routing API cannot save its own route in the database details
Known Issues
The routing API stores the router_group resource in etcd. Router group data is necessary to maintain consistency with the CC API's shared domains, which means that blowing away the data in etcd is not safe when using TCP routing.
BOSH does not report tcp_router job as failing when reloading configuration, and runs as vcap user details
Fixed bug: gorouter doesn't send logs to syslog details
Continued improving documentation around metrics sent on the firehose details
Routing components support manifest property to configure a trusted CA certificate for TLS communication between the components and UAA server. details
Output meaningful error when running routing acceptance tests errand when Routing API is not running details
Allow an operator to update router group reservable_ports field through the API. details
Expose uptime metric in the firehose for the GoRouter details
Fixed bug: x-cf-forwarded-url header to route service no longer includes port details
Manifest Property Changes
acceptance_tests
0.134.0
0.135.0
Default Value
skip_ssl_validation
acceptance_tests.uaa.skip_ssl_validation
false
property did not exist
acceptance_tests.system_domain
Required property
uaa.tls_port
Removed property since we now use system_domain to contact UAA
Note: final release is in routing-release/releases/routing/routing-0.133.0.yml. In subsequent releases this has been symlinked back to routing-release/releases
TCP Routes are now pruned from TCP Router on a TTL when Routing API is unavailable, to prevent requests from being routed to the wrong backends details
When registering routes with Routing API, a TTL can be optionally specified (defaults to 120s) details
TCP Routes are now pruned from Routing API if client ceases to heartbeat route registration, to prevent requests from being routed to the wrong backends details
TCP Router will only overwrite data received in periodic bulk fetches with buffered events if events are newer details
Log level can be configured for routing api using a manifest property details
Documented use of modification tags for router authors to reconcile data received from events and bulk fetch endpoints Additional Routing API docsdetails
