bosh-linux-stemcell-builder

bosh-linux-stemcell-builder copied to clipboard

Noble Numbat stemcell no longer uses `runit` to launch the agent

4

Currently the `bosh-agent` is started [using a separate process manager `runit`](https://github.com/cloudfoundry/bosh-linux-stemcell-builder/blob/ubuntu-jammy/master/stemcell_builder/stages/bosh_go_agent/apply.sh). This issue proposed removing `runit` in favor of the existing process manager on Ubuntu, `systemd`. Having a single process...

aramprice

Noble Numbat vSphere/vCloud stemcells forbid SSH password authentication

2

The Stemcells have the SSH password authentication disabled, with the exception of the stemcells created for vsphere/vcloud which allow password authentication. It might be a good idea to standardize the...

danielfor

Noble uses control groups (cgroups) v2 instead of v1

4

Control Groups v2 is the new standard; Ubuntu [switched to it](https://kubernetes.io/blog/2022/08/31/cgroupv2-ga-1-25/) as the default since pre-Jammy Impish Indra (21.10). Kernel 6.5 + cgroups v1 has caused problems (OOM during staging):...

cunnie

Noble: No longer have separate master/version.X branches

1

Did we get any value out of this separation?

jpalermo

AWS stemcell is missing from cn-north-1 region since v1.423

4

Hi team, I want to report the Stemcell AMI for `cn-north-1` is missing from the `stemcell.MF` lightweight package in the `v1.423` release. We also couldn't find the AMI associated with...

garyliu-philips

Risk of false positive on systemd rc.local logics when execution of firstboot.sh fails

2

Existing implementation on systemd [rc.local](https://github.com/cloudfoundry/bosh-linux-stemcell-builder/blob/ubuntu-jammy/master/stemcell_builder/stages/base_ubuntu_firstboot/assets/etc/rc.local#L5) could have the risk of false positive if execution of `firstboot.sh` fails. This is because execution of `firstboot.sh` is in a new shell and it...

AJLfleos

[noble] revise the generate_dev_tools_file_list

1

we need to revise https://github.com/cloudfoundry/bosh-linux-stemcell-builder/blob/ubuntu_noble_poc/stemcell_builder/stages/dev_tools_config/assets/generate_dev_tools_file_list.sh as package names changes etc

ramonskie

rkoster

remove go_agent in the stemcell name

3

as the go agent is the only bosh agent installed. it makes no sense to add it in the file name. with this change we will break some pipelines as...

ramonskie

The `ssh-audit` tool suggest to remove certain algorithms from the ssh configuration: ``` (kex) ecdh-sha2-nistp256 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National...

danielfor