We’ve released v3.1 of IBM Cloud Foundry Enterprise Environment (CFEE), and there are some great new features and capabilities now available.

This post will highlight some of the most exciting aspects of CFEE v3.1.0.

CFEE instance private-only endpoint access

CFEE instances can now work on private-only access endpoints to communicate with their supporting services (i.e., without using any public service endpoints). Use of private-only access endpoints requires enabling CFEE access to the Kubernetes access through the Kubernetes cluster master. Note that use of access endpoints in CFEE requires that the IBM Cloud account is enabled for Virtual Routing and Forwarding (VRF) and IBM Cloud Service Endpoint. See “CFEE communication with supporting services” for more information.

CFEE instance log persistence in LogDNA

Log persistence in CFEE instances is enabled through integration with the IBM Log Analysis with LogDNA service, replacing the deprecated Log Analysis service.

Client security certificates

Client certificates can be whitelisted along with the Certificate Authority (CA) certificates required to authenticate them. This provides customers a convenient way to create mutual Transport Layer Security (TLS) authentication, scoping the authentication to specific custom domains. This enables customers more granular control over client access to their Cloud Foundry applications. See “Managing domains” for more information.

Administration operation update check

Updating to a new CFEE version is disabled while an administration operation is in progress (e.g., scaling, auditing, or logging enablement).

Getting started with this release

To get started, you can deploy a new Cloud Foundry Enterprise Environment. If you already have one, you can upgrade your environment to this version by going to the Updates and Scaling page in the CFEE’s user interface and clicking Update.

Consult the documentation for details on how to use all these new features.