Changes for page R14 Docker - Single Lane
Last modified by Erik Bakker on 2025/04/07 10:12
From version 28.1
edited by Erik Bakker
on 2025/01/13 09:26
on 2025/01/13 09:26
Change comment:
There is no comment for this version
Summary
-
Page properties (3 modified, 0 added, 0 removed)
Details
- Page properties
-
- Title
-
... ... @@ -1,1 +1,1 @@ 1 -R 13Docker - SingleLane1 +R5 Docker - Single lane - Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki.e bakker1 +XWiki.eMagiz - Content
-
... ... @@ -1,20 +1,17 @@ 1 -Service affecting template to use the R13singlelane release.1 +Service affecting template; in order to update to this cloud template there is only a single step required. 2 2 3 -**Process** 4 -To use the new R13 template on your environment, we upgrade the control agent of **all** machines and disk encryption on **cloud** machines. This update is service affecting. The goal of this update is to increase the security of the disks related to your machine by encrypting them and to update the control agent version to 2.21.4. 5 - 6 6 **Overview** 7 -* Security improvements to the eMagiz infrastructure. 8 -* Update control agent version. 4 +This update changes the Carwash (See https://docs.emagiz.com/bin/view/Main/eMagiz%20Academy/Fundamentals/fundamental-emagiz-cloud-inner-workings). Note that using this new version of the Carwash involves a DNS change, and thus relies on clients honoring TTLs of DNS records. This update also changes the IP adresses used in the infrastructure. For more details, please contact Expert Services. Furthermore, TLSv1.0 is disabled in this update. Verify legacy software can handle atleast TLSv1.1 before updating. 9 9 10 -**Update Steps** 11 -* Use the final template (service affecting)(duration: 10 minutes) 12 -** This step will upgrade the primary machines in the first Availability Zone in your cloudslot 13 -** This step will upgrade the control agent version on **all** machines (cloud and on-premise) to version 2.21.4 14 -*** The runtimes on the machines will be restored using the active release in the eMagiz portal 6 +**Updates** 7 + * Changed ciphers and cipher suites 8 + * Disabled TLS V1.0 support and enable TLS V1.3 support 9 + * IP addresses available for the new car wash 10 + ** eu-central-1a: 35.158.46.28 11 + ** eu-central-1b: 3.74.190.88 15 15 16 -* User actions after applying the final template: 17 -** Check if all runtimes are up via the runtime overview 18 -** Check if all runtimes have been installed according to the active release 19 -** Check if messages pass through the bus by verifying a critical message flow in external systems 20 20 14 +**Technical notes** 15 +• Supported Ciphers in OpenSSL Format: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:DHE-RSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS@SECLEVEL=1 16 +• Supported TLS Versions: TLSv1.1, TLSv1.2 and TLSv1.3 17 +