This repo is a BOSH release for deploying Diego and associated tasks for testing a Diego deployment. Diego is the new container runtime system for Cloud Foundry, replacing the DEAs and Health Manager.
This release relies on a separate deployment to provide Consul, NATS, and Loggregator. In practice, these typically come from cf-release.
The Diego Design Notes present an overview of Diego, and links to the various Diego components.
- Diego Operator Resources
- Deployment Examples: BOSH-Lite and AWS
- Deployment Requirements and Constraints
- Deploying Diego-Backed Cloud Foundry
- Security Configuration
- Data Store Configuration
- Component Coordination
- Monitoring and Inspection
- CF App Developer Resources
- Diego Contributor Resources
- Deploying CF and Diego to BOSH-Lite provides detailed instructions for deploying a Diego-backed CF to a BOSH-Lite instance.
- Deploying CF and Diego to AWS provides detailed instructions to deploy BOSH, CF, and Diego to a new CloudFormation stack. Alternately, follow the instructions in cf-release to deploy Diego alongside a minimal CF deployment.
- Required BOSH Versions details the minimum versions of the BOSH director, stemcell, and dependency releases required to deploy Diego correctly.
- Deployment Constraints describes the dependencies that must be deployed before deploying the Diego cluster and restrictions on Diego instance update order and rates to ensure correct cluster operation.
- Diego is typically deployed alongside a Cloud Foundry deployment to serve as its new container runtime. See "Deploying Diego Alongside an Existing CF Deployment" for general instructions and guidelines to deploy Diego this way.
- Diego Manifest Generation describes the manifest-generation scripts in this repository.
- Release Compatibility illustrates how to select versions of CF and other BOSH releases to deploy alongside Diego.
- Managing the Migration describes how operators can manage a transition from the DEAs to Diego.
- TLS Configuration describes how to generate TLS certificates for secure communication with Consul, the Diego BBS, and the Diego cell reps.
- Upgrading the cell rep API to mutual TLS explains how to transition an existing Diego deployment to use mutual TLS for communication to the cell rep API without incurring downtime.
- Upgrading the auctioneer API to mutual TLS explains how to transition an existing Diego deployment to use mutual TLS for communication from the BBS to the auctioneer API without incurring downtime.
- (Experimental) Instance Identity explains how to enable instance identity.
- Supported Data Stores for Diego describes how to configure Diego to use either SQL for its data store and how to arrange automatic migration of data from etcd to MySQL or Postgres for old deployment that are using etcd.
- Data Store Encryption explains how to manage the ring of encryption keys that Diego uses to secure data at rest.
- (Experimental) Migrating from Consul to SQL Locks explains how to migrate the BBS and auctioneer from coordinating around a lock in Consul to coordinating around one stored in the Diego relational database.
- Diego Metrics lists the various metrics that Diego emits through the Loggregator system.
cfdotSetup shows how to set up thecfdotCF Diego Operator Tool CLI for use in inspecting and interacting with a Diego deployment.
- Migrating to Diego describes how developers can switch from the DEAs to Diego and details various operational differences between the DEAs and Diego.
- The Docker Support Notes describe how Diego runs Docker-image-based apps in Cloud Foundry.
- The Contribution Guidelines describes the developer workflow for making changes to Diego.
- The CF Runtime Diego Pivotal Tracker project shows active areas of work for the Diego team in the backlog section.
- The Diego Dev Notes provide a detailed explanation of how the Diego components and internal state machine interact, as well as information on development workstation setup.
- The BBS Benchmarks provides information about results from the BBS benchmark tests that run in the Diego team's continuous integration testing pipeline.