Workflow now adds additional metadata to the application environment. This is useful for debugging application environments, can help with auditing, and might be something you want to include in an application health response.
We've cut new base images across the board which include fixes for the recent OpenSSL CVEs.
The logger component went to summer camp and cleaned up its act and is no longer using excessive cpu.
The best way to roll into the weekend is with fresh software, hot off the
presses. The Deis Workflow team just merged the final charts for 2.5!
We've got a ton of functionality packed into 2.5, so hold on to your horses!
Workflow 2.5 includes initial support for Kubernetes Horizontal Pod
Autoscaling. Which is not only a mouthful, but pretty neat to boot. Workflow
2.5's theme song is "Glassworks" by Philip Glass. I'm pretty sure this is what
a Horizontal Pod Autoscaler would sound like if it made noise.
Cast scale at the darkness...
Setting a scaling policy for your application is straightforward. Policies are
set per process-type, which allows developers to easily scale processes
The Kubernetes HorizontalPodAutoscaler (HPA) does require CPU limits to be set for
the application process type, so makes sure you set a limit:
Behind the scenes, the HorizontalPodAutoscaler (HPA) will spring into action, adding
or removing pods so that the average CPU utilization of your application processes
approach the CPU target.
There is a bit of nuance to the way HPAs work so spend a bit of time with the
Kubernetes documentation on the algorithm.
Viewing and removing scaling policies are simple CLI commands as well:
Autoscaling in Workflow should be considered Alpha and we would love your feedback!
Build Result Caching
Thanks to community member @jeroenvisser101
the Workflow build system now caches build results. This change greatly speeds
up the process on subsequent builds.
Enforce SSL Application by Application
Workflow 2.5 now allows developers to require TLS on a per-application basis.
Instead of a global setting in the router (via
router.deis.io/nginx.ssl.enforce), Workflow CLI has a few new tricks:
Now, connections on port 80 for this application will be be redirected with
HTTP status code 301 to the HTTPS version. Since this interaction occurs at the
edge router, developers aren't required to use application middleware to
To allow both HTTP and HTTPS traffic for an application (which is the default) use tls:disable:
Application-specific IP Address Whitelisting
Developers and operators who need to control access to applications by IP
address, Workflow 2.5 makes this process much easier!
Using the CLI developers may manage IP whitelisting per application:
Adding a whitelist to an application automatically rejects connections from any
un-listed address. Removing the last IP address from a whitelist returns the
application to the default behavior, which accepts connections from any IP
Full Release Changelogs
Workflow 2.5 changes are now available in the Workflow
documentation. No more
crawling through GitHub repositories or past blog posts to learn about changes.
Our next release is scheduled for September 28th, 2016. You can check out the 2.6
milestone on each of the component repositories, or take a gander at the
Another two weeks, another Workflow release. The 2.3 release brings with it
some internal release changes, improved private registry support, tools to call
for help, and faster deploys. You might say Papa's got a brand new bag.
Happy Tuesday, I hope everyone had a wonderful weekend! Before we struck out
for fun in the weekend sun we cut a hot and fresh release of Workflow. Arriving
as version 2.1 we've got lots of fixes and a few goodies to boot.
I am proud to announce the first stable release of Deis Workflow. This means the Deis community now considers Workflow suitable for production deployments. Deis Workflow is the first PaaS built on Kubernetes to reach this milestone.
Deis Workflow is the new name for our open source PaaS, and is the second major version of what we are now calling Deis v1.
Deis v1 is trusted in production by hundreds of companies, including Mozilla, The RealReal, Hearst Corporation, and dozens of others.
What did we change in version two?
Well, the most significant thing we did was re-platform from CoreOS Fleet to Kubernetes. The switch to Kubernetes gives us a stable cluster manager, a better scheduler, a smaller overall footprint, and a great Kubernetes community to work with.