Skip to Content

Changes for page R9 Docker - Double lane

Last modified by Erik Bakker on 2023/07/10 15:13
From version 7.1
edited by Erik Bakker
on 2023/01/23 14:39
Change comment: There is no comment for this version
To version 9.1
edited by Erik Bakker
on 2023/04/28 08:36
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -R5 Docker - Double lane
1 +R8 Docker - Double lane
Content
... ... @@ -1,16 +1,16 @@
1 -Service affecting template; in order to update to this cloud template there is only a single step required.
1 +Non service affecting final template to use the R8 double lane release.
2 +Process: To use the new R8 release of our cloud template we upgrade in one steps, the update is non service affecting.
2 2  
3 3  **Overview**
4 -This update changes the Carwash - for context on the carwash see [[this link>>doc:Main.eMagiz Academy.Fundamentals.fundamental-emagiz-cloud-inner-workings||target="blank"]]. Note that using this new version of the Carwash involves a DNS change, and thus relies on clients honoring TTLs of DNS records. This update also changes the IP adresses used in the infrastructure. For more details, please contact Expert Services. Furthermore, TLSv1.0 is disabled in this update. Verify legacy software can handle atleast TLSv1.1 before updating.
5 +This update improves the security and enhances the auto-healing functionality on our 3rd generation runtimes.
5 5  
6 6  **Updates**
7 - * Changed ciphers and cipher suites
8 - * Disabled TLS V1.0 support and enable TLS V1.3 support
9 - * IP addresses available for the new car wash
10 - ** eu-central-1a: 35.158.46.28
11 - ** eu-central-1b: 3.74.190.88
8 +* Improve Locking mitigation in the Artemis server (autohealing).
9 +* Improve security by disabling SSH access to cloud machines.
12 12  
13 -
14 -**Technical notes**
15 -• Supported Ciphers in OpenSSL Format: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:DHE-RSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS@SECLEVEL=1
16 -• Supported TLS Versions: TLSv1.1, TLSv1.2 and TLSv1.3
11 +**Update Steps**
12 +* Use the final R8 template (non service affecting) (duration: 4 minutes)
13 +* User actions after applying the final template:
14 +** Check if all runtimes are reachable by Deploy Architecture.
15 +** Check if all images have been installed according to the active release.
16 +** Check if messages pass through the bus by verifying a critical message flow in external systems.