Skip to Content

Changes for page R12 Docker - Single Lane

Last modified by Carlijn Kokkeler on 2024/03/29 13:47
From version 10.2
edited by Erik Bakker
on 2023/03/03 11:02
Change comment: Update document after refactoring.
To version 14.1
edited by Erik Bakker
on 2023/06/06 08:08
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -R6 Docker - Single lane
1 +R8 - Docker Single lane
Content
... ... @@ -1,17 +1,21 @@
1 -Service affecting template; in order to update to this cloud template there is only a single step required.
1 +Service affecting R8 template that improves security and allows for the retrieval of Static IP addresses from Deploy Architecture.
2 2  
3 +**Process**
4 +We upgrade in one step to use the new R8 release of the cloud template. This step is service affecting.
5 +
3 3  **Overview**
4 -This update changes the Carwash - for context on the carwash see [[this link>>doc:Main.eMagiz Academy.Fundamentals.fundamental-emagiz-cloud-inner-workings||target="blank"]]. Note that using this new version of the Carwash involves a DNS change, and thus relies on clients honoring TTLs of DNS records. This update also changes the IP adresses used in the infrastructure. For more details, please contact Expert Services. Furthermore, TLSv1.0 is disabled in this update. Verify legacy software can handle atleast TLSv1.1 before updating.
7 +It improves the ease with which Static IP Addresses can be gathered and distributed by a user while at the same thing improving the security by upgrading the Ubuntu version.
5 5  
6 6  **Updates**
7 - * Changed ciphers and cipher suites
8 - * Disabled TLS V1.0 support and enable TLS V1.3 support
9 - * IP addresses available for the new car wash
10 - ** eu-central-1a: 35.158.46.28
11 - ** eu-central-1b: 3.74.190.88
10 +* Ability to fetch Static IP Addresses
11 +* New Ubuntu version with new security patches.
12 12  
13 +**Update Steps**
14 +* Use the final template (service affecting) (duration: 10 minutes)
15 +** This step will upgrade the primary machines in the first Availability Zone in your Cloudslot.
16 +** The runtimes on the machines will be restored using the active release in the eMagiz portal.
17 +* User actions after applying the final template:
18 +** Check if all runtimes are reachable by Deploy Architecture.
19 +** Check if all flows have been installed according to the active release.
20 +** Check if messages pass through the model by verifying a critical message flow in external systems.
13 13  
14 -**Technical notes**
15 -• Supported Ciphers in OpenSSL Format: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:DHE-RSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS@SECLEVEL=1
16 -• Supported TLS Versions: TLSv1.1, TLSv1.2 and TLSv1.3
17 -