Pivotal Cloud Foundry 2.4 introduces significant features enhancing speed, stability, scalability, security, and cost savings for operators and developers. Key updates include zero downtime capabilities, dynamic egress policies, and tools for compliance scanning, alongside improvements in application management and monitoring. The platform supports various cloud environments and integrates with existing services to streamline development and operations.

1. © Copyright 2018 Pivotal Software, Inc. All rights Reserved.
Pivotal Cloud Foundry 2.4:
A First Look
Jared Ruckle
@jaredruckle
Dan Baskette
@dbbaskette

3. The platform can deliver on all of these outcomes as efficiently on day 1000 as it does on day 1.
Operators can serve
thousands of devs
within tight budget
constraints.
Operators have
choice around which
cloud to run on.
Developers reduce
waste through small
batch delivery and
fast feedback.
Operators can trust a
secure-by-default
platform that solves
their security needs
without introducing
toil.
Developers
experience the safety
to experiment and
iterate rapidly..
Operators can
provide a platform
that meets their scale
needs.
Developers can ramp
productivity linearly
with personnel.
Developers can run
applications that
handle large-scale
loads.
Operators can reason
about the stability of
the platform and
provide well-
understood SLOs.
Developers can rely
on the platform to
allow them to deliver
outcomes with low
volatility.
Operators can
efficiently manage the
platform and onboard
new teams.
Developers can
iterate on delivering
consumer value
rapidly.
We’re Going to Talk About These 5 Things
Speed Stability Scalability Security Savings
Sustained

4. vSphere Openstack AWS
Google
Cloud
Azure &
Azure Stack
Shared Services
Shared Security
Shared Networking
Logging & Metrics / Services Brokers / API Management
Credhub / UAA / Single Sign On
VMWare NSX
Embedded Operating System (Windows / Linux)
Application Code & Frameworks
Buildpacks / Spring Boot / Spring Cloud / Steeltoe
PAS
Pivotal Application
Service
PKS
Pivotal Container
Service
PFS
Pivotal Function
Service
Pivotal Services
Marketplace
Pivotal and
Partner Products
Any App
Every Cloud
One Platform
PCF — for everything
that matters
Concourse

5. Speed
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.

6. New! Zero Downtime Push & Zero
Downtime Restarts

7. Native Zero Downtime Push and Zero Downtime Restarts
Developers can do this natively for each app in PAS.
• cf v3-zdt-push APP_NAME
• cf v3-zdt-restart APP_NAME
Beta in PAS 2.4.
Previously, CLI plug-ins, custom
scripts, and DIY orchestration
were required.
This meant fiddling with two
different log metrics, and two
different metrics stream. Now, it’s
just part of PAS.

8. Apps Manager 2.4

9. Apps Manager: New Global Search
9
Plus, cf CLI parity for:
Restage
Service instance sharing

10. SMB Volume Driver & Broker

11. For customers with file servers supporting the
CIFS/SMB protocol, PAS 2.4 introduces the SMB
volume service. It will ship as part of the PAS 2.4 tile.
When customers upgrade to PAS 2.4, they can use
either SMB mounts or NFS mounts.
SMB Volume Driver & Broker - Now GA!
SMB mounts have an important
advantage over the NFS option:
password authentication is native
to the protocol.
This allows customers to control
access to file shares without the
additional overhead and
complexity of configuring an
LDAP server.

12. PCF Metrics 1.6

13. Automate the management of monitors for standard gauge metrics,
Spring Boot app metrics, and app events via API and .yml file.
PCF Metrics 1.6: Automate the Management of Monitors
1
3
Plus:
Triggered Monitor Events Can be
Retrieved via API
Automated Logs Datastore
Pruning Boosts Stability

14. Operations Manager 2.4

15. Speed Through Your Day with Operations Manager 2.4
● New tools for IaaS customization.
○ Ops Manager supports Global CPI extensions. Operators can customize their
IaaS deployment using 100s of different config extensions.
● Streamlined workflows for power users.
○ OpsManager "locks" certain fields after a successful deploy. If customers have a
need to unlock some of these fields, they can do so via Advanced Mode.
● Improved permissions logic eases day-to-day administration.
○ Ops Manager users with write access can use the UI and API when another user
with write access is logged in at the same time.
● OpsManager now persists historical Cloud Configs, Runtime Configs,
and CPI Configs.
○ Persisting these primitives are a first step to enabling the diff-ing across
historical and current configs.

16. Stability
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.

17. New! Dynamic Egress Policies

18. Dynamic Egress Policies Overcome the Limitations of ASGs
Network admins can configure dynamic egress policies for CF apps
and spaces using the IP address range.
This feature will allow you to:
● Configure a destination object with details about the external
service that the apps/spaces need access to
● Configure an egress policy from app/space to this destination
object
Perhaps more importantly you can Apply policy changes without an
application restart!
Previously, policy changes
required production downtime.
Beta in PAS 2.4.

19. Embedded OS

20. Upgrade to a New Embedded OS with Zero Downtime
Ubuntu 16.04 v1803
PCF 2.3 updated several core tiles to include a new embedded OS. In recent months, even more tiles
feature a new OS. (RabbitMQ 1.14+, Redis 1.14+, PKS 1.2+, Isolation Segments 2.3+, PCF Healthwatch 1.4)

21. New! Metric Registrar

22. Metric Registrar Brings Custom Metrics to Downstream Systems
Metrics Registrar allows app developers to export custom metrics as
native CF Metrics. Now developers can easily create custom metrics
that better signal app health and performance, using standard client
libraries like Micrometer or Prometheus.
Useful alternative to Metrics
Forwarder
GA in PAS 2.4; disabled by
default

23. Operations Manager 2.4

24. Ops Manager 2.4 will proactively show a warning when
certs may be close to expiring.

25. Scalability
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.

26. App Automator for PCF

27. App Automator for PCF [beta]
For app developers that need to run workloads based on a schedule
or demand, App Automator for PCF enables flexible workload
scheduling with an easy-to-use manifest.
Developers can express when & what workloads should run via
“Triggers” & “Actions.”
● These parameters live an App Automator manifest that lives
within the app code. PAS will include predefined Triggers and
Actions based on common scenarios.
Here’s why this matters:
● It’s easier to build pipelines. Scheduling and scaling behavior
lives in the Apps Tools manifest.
● Simplified operations. No database, no service broker. Just
install via CLI, and the tool is available in the Space.

28. Security
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.

29. Compliance Scanner for PCF

30. Compliance Scanner for PCF
A new offering that helps customers assess compliance. How? By
scanning all BOSH managed VM’s against industry-recognized
guidelines for secure configurations.
The add-on tile includes:
● The OpenSCAP scanner that does the actual scanning
● Tests written by Pivotal Compliance Innovation in YML
● XGen: xccdf generator, which translates our yml tests to xccdf
formatted (xml), that is needed by the OSCAP scanner.
Beta in PCF 2.4

31. TLS in More Places

32. PAS 2.4
Security
TLS encrypts more traffic flows throughout PAS 2.4.
● PAS operator can configure PAS to use TLS for all
components' connections to the internal PXC MySQL
database.
● PAS operator can configure PAS to use TLS for all
components' connections to an external MySQL
database by providing a CA cert.
● App developers can use CF SSH when PAS operator
enables authenticated container ingress.
● PAS operator always has improved routing consistency,
security, and stability from gorouters to Linux cells.
This further advances PAS’ security profile towards removing
the need for the IPsec Add-on.

33. cflinuxfs3 Stack & Related Buildpacks

34. PAS 2.4
Security
PAS 2.4 will now use cflinuxfs3 stack and related
buildpacks by default on new installs.
● Additional default system buildpacks for
cflinuxfs3 will appear along with cflinuxfs3.
● Buildpacks will have same name, different stack.
● cflinuxfs2 remains default stack for 2.2/2.3.
● The default stack can be toggled between
cflinuxfs2 and cflinuxfs3. This setting will be
inherited upon upgrade.
Work with your account team to get ready for this
change as needed!

35. PCF Ops
Manager 2.4
Security
● More options for compliance. Operators can
now install and configure their own anti-virus
software on Ops Manager's BOSH Director VM.
○ Helpful for compliance/security conscience
customers, especially those that prefer to
“bring their own” anti-virus solution
● Ops Manager 2.4 makes it easy to trust the root
CA from all VMs. Operators no longer have to
check the checkbox.

36. Savings
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.

37. Spring Cloud Data Flow for PCF 1.3

38. Spring Cloud Data Flow for PCF 1.3
Use SCDF for PCF to create
modern data processing
pipelines.
Reduce your dependency on
expensive legacy schedulers.

39. PAS for Windows 2.4

40. Memory & Disk Overcommit
Control how many AIs end up on Windows cells. Choose to use fewer Windows
VMs and reduce your IaaS footprint.

41. PSA
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.

42. PCF 2.4 will not support cf-mysql
See the PCF 2.4 Upgrade Checklist for warning and link to documentation.
Please work with your account team to upgrade!

43. Partner Ecosystem
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.

44. ISV Ecosystem Momentum Drives Platform Advantage
ETL
DATABASE
IaaS
CACHE / LB
COMMERCE
SEARCH
IAM
SECURITY
TEST
ANALYTICS
BATCH
APM
MOBILE
CI / CD
NETWORKING
ITIL
BPM
IDE/CODE
API / SOA /
uS / IOT
MESSAGING SIEM / LOG /
AUDIT
CRM
Microsoft Azure
Microsoft Azure
Google Cloud Platform
Google Cloud Platform

45. © Copyright 2018 Pivotal Software, Inc. All rights Reserved. Version 1.0
● Software published to
network.pivotal.io
● Many features available now
run.pivotal.io
● Contact your account team for
updates on PKS & PFS availability
● Contact your account team to join
roadmap call in March

46. Transforming How The World Builds Software
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.