Skip to Content

Changes for page R13 Docker - Double Lane

Last modified by Carlijn Kokkeler on 2023/11/21 11:51
From version 7.1
edited by Erik Bakker
on 2023/01/23 14:39
Change comment: There is no comment for this version
To version 15.1
edited by Erik Bakker
on 2023/09/13 07:27
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -R5 Docker - Double lane
1 +R11 Docker - Double lane
Content
... ... @@ -1,16 +1,24 @@
1 -Service affecting template; in order to update to this cloud template there is only a single step required.
1 +Service affecting R11 template that improves stability of AWS EFS mounts in running instances when a reconnect to EFS is triggered.
2 2  
3 +**Process**
4 +We upgrade in two steps to use the new R11 release of the cloud template. Of these two steps, the intermediate step is non-service affecting, and the final step is service affecting.
5 +
3 3  **Overview**
4 -This update changes the Carwash - for context on the carwash see [[this link>>doc:Main.eMagiz Academy.Fundamentals.fundamental-emagiz-cloud-inner-workings||target="blank"]]. Note that using this new version of the Carwash involves a DNS change, and thus relies on clients honoring TTLs of DNS records. This update also changes the IP adresses used in the infrastructure. For more details, please contact Expert Services. Furthermore, TLSv1.0 is disabled in this update. Verify legacy software can handle atleast TLSv1.1 before updating.
7 +It improves the stability of the AWS EFS mounts in running instances when a reconnect to EFS is triggered.
5 5  
6 6  **Updates**
7 - * Changed ciphers and cipher suites
8 - * Disabled TLS V1.0 support and enable TLS V1.3 support
9 - * IP addresses available for the new car wash
10 - ** eu-central-1a: 35.158.46.28
11 - ** eu-central-1b: 3.74.190.88
10 +* Updated mount configurations of EFS to adhere to provider's standards.
11 +* Ubuntu version update including latest security patches.
12 +* This upgrade is service-affecting, as all instances have to be recreated.
12 12  
14 +**Update Steps**
15 +* Use the intermediate template (non-service affecting) (duration: 10 minutes)
16 +** This step will upgrade the backup machines hosted in the second Availability Zone in your Cloudslot.
17 +** The network drive containing the Artemis queue store and your Elastic IPs will remain.
18 +* Use the final template (non-service affecting) (duration: 10 minutes)
19 +** This step will update your cloud slot configuration to allow an MQTT broker with failover settings.
20 +* User actions after applying the final template:
21 +** Check if all runtimes are reachable by Deploy Architecture.
22 +** Check if all flows have been installed according to the active release.
23 +** Check if messages pass through the model by verifying a critical message flow in external systems.
13 13  
14 -**Technical notes**
15 -• Supported Ciphers in OpenSSL Format: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:DHE-RSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS@SECLEVEL=1
16 -• Supported TLS Versions: TLSv1.1, TLSv1.2 and TLSv1.3