Cloud Foundry BOSHCloud Foundry Application Runtime manages your applications, Cloud Foundry Container Runtime manages your containers, but what manages the Runtime layers? Say hello to Cloud Foundry BOSH.

Powering and Automating Your Cloud

CF BOSH is a cloud-agnostic open source tool for release engineering, deployment, and lifecycle management of complex distributed systems. Though most Cloud Foundry deployments use CF BOSH, if you’re a developer, you may not have worked with CF BOSH directly. Most distributions and managed Cloud Foundry environments use CF BOSH to holistically manage the environment so that you can focus on coding and delivering business value.

As a developer, you simply write code and push it to the platform where it will run. CF BOSH is working in the background, making sure your environment is configured correctly to accept the software, keeping it up to date when components change, and reconfiguring it to keep it tuned the way it is intended to run when the environment was defined.

Due to the flexibility and power of CF BOSH, Google and Pivotal made it the heart of the Kubo project, now called the Cloud Foundry Container Runtime, based on Kubernetes.

How Cloud Foundry BOSH works

CF BOSH is a tool that prepares your infrastructure for what needs to be managed. CF BOSH espouses software engineering best practices, such as continuous delivery, by making it easy to create software releases that automatically update complex distributed systems with simple commands.

A distributed system is a collection of individual software components, running on different virtual machines, that work collectively as a larger system. Each of those components has its own lifecycle, written by different people working on their own timelines, but each is part of the whole. CF BOSH takes the same approach whether it’s dealing with VMs, containers, or deploying on bare metal.

There’s a process for how CF BOSH maintains the integrity of your cloud environment, using stem cells, releases, and a deployment manifest.

BOSH Diagram

A Stemcell is similar to a golden operating system image used to create virtual machines. It isolates the base operating system from the other software packages bundled in a deployment. The BOSH project maintains a number of different stemcells you can find on

A Release is a layer put on top of a stemcell that describes what software should be deployed and how it should be configured. It contains configuration properties and templates, startup scripts, source code, binary artifacts—everything that’s needed to build and deploy software in a reproducible way. A CF BOSH release packages software so that CF BOSH can deploy it.

A Deployment Manifest is a yaml file that describes what CF BOSH release(s) should be deployed onto which cloud, and how. A Deployment Manifest describes the releases it wants to see deployed on what infrastructure, how it should be configured. CF BOSH uses this manifest file to deploy to the targeted infrastructure, monitor the health of the virtual machines or containers, and repair them when necessary.

Living in a Multi-Cloud World

CF BOSH is the heart of the Cloud Foundry multi-cloud capability, thanks to its Cloud Provider Interface model. A CPI abstracts infrastructure differences from the rest of CF BOSH. A Cloud Provider Interface (CPI) is an API CF BOSH uses to interact with infrastructure to create and manage stemcells, VMs, and disks. Thanks to CPIs, CF BOSH can deploy software to multiple clouds including AWS, Azure, Google Cloud, OpenStack, VMware vSphere, and others.

A Powerful Tool for Managing the Lifecycle of Complex Distributed Systems

Although CF BOSH was created as a tool for deploying the Cloud Foundry Application Runtime, it can manage much more. CF BOSH is being adopted in other environments to package and manage all kinds of software. Unlike configuration management tools that focus on day one tasks, like getting software configured and running, CF BOSH’s strength is that it manages both day one and day two operational tasks, such as upgrading software to new versions, testing the upgrade of an entire system from one version to another, resizing host machines, and handling security updates—without disrupting users. Consistently and reliably.