It’s been a busy week at Flynn. Most importantly, Flynn binaries and container images are now distributed securely using faster servers. We also created a script that replaces the manual installation instructions.
- The Update Framework is now used for secure artifact distribution (#974, #980). All binaries and container images are cryptographically signed. Also, container images are now hosted on a much faster CDN. We removed the debian package in favor of an installation script that allows us to have a distro-agnostic install process in the future.
- The container manager is now capable of registering with service discovery on
behalf of a process (#933). In
addition to basic registration, it also does HTTP and TCP health checks and
can unregister or kill unhealthy processes. The
sdutilbinary was removed as this functionality supersedes it.
PGHOSTenvironment variable is now added when a postgres database is provisioned (#987). This allows apps to connect to postgres without using the service discovery protocol.
- The HTTP/TCP router now stores routes in Postgres instead of etcd (#959). This was the only service that stored persistent data in etcd, leaving discoverd as the only etcd client.
- Minor improvements were added to deployer logging and cleanup (#983)
- Router and other layer 0 bootstrap jobs allowed to use discoverd DNS (#985)
- Removed unused port allocator from host daemon (#991)
- Script usage is printed when too many arguments are provided (#1006)
- Simplified the installation docs (#996)
- Bare IPv6 resolver addresses are handled in discoverd (#997)
- IP address allocations are tracked during host daemon state restoration (#990)
- Cron is disabled before provisioning VM images (#959)
- Deploys are only rolled back if jobs fail to start (#1005)