Skip to main content

34.0.0

· 14 min read

Added

  • breaking change a9s MariaDB: Release a9s MariaDB 10.6 as GA. In order to use a9s MariaDB you have to set the following properties:
    • mariadb_service.services.a9s-mariadb106.name
    • mariadb_service.services.a9s-mariadb106.guid
    • mariadb_service.services.a9s-mariadb106.description
    • mariadb_service.services.a9s-mariadb106.label
    • mariadb_service.services.a9s-mariadb106.version
    • mariadb_service.services.a9s-mariadb106.bindable
    • mariadb_service.services.a9s-mariadb106.requires
    • mariadb_service.services.a9s-mariadb106.tags
    • mariadb_service.services.a9s-mariadb106.documentation_url
    • mariadb_service.services.a9s-mariadb106.metadata
    • mariadb_service.services.a9s-mariadb106.dashboard_client.id
    • mariadb_service.services.a9s-mariadb106.plans For more information see a9s Platform Operator - Sunrise Sunset.
  • breaking change a9s Search: Release a9s Search 2 as GA. In order to use a9s Search you have to set the following properties:
    • search_service.services.a9s-search2.name
    • search_service.services.a9s-search2.guid
    • search_service.services.a9s-search2.description
    • search_service.services.a9s-search2.label
    • search_service.services.a9s-search2.version
    • search_service.services.a9s-search2.bindable
    • search_service.services.a9s-search2.requires
    • search_service.services.a9s-search2.tags
    • search_service.services.a9s-search2.documentation_url
    • search_service.services.a9s-search2.metadata
    • search_service.services.a9s-search2.dashboard_client.id
    • search_service.services.a9s-search2.plans For more information see a9s Platform Operator - Sunrise Sunset.
  • a9s Backup Manager: Add /metrics endpoint to return basic information about the backup and queue states.
  • a9s Backup Monit: Consumes the new /metrics endpoint from the a9s Backup Manager, parses them for the Logstash a9s Backup Monit plugin, and offers them at the /v1/backup_manager endpoint.
  • a9s LogMe2: Release a9s LogMe2 as RC. For more information see a9s Platform Operator - Sunrise Sunset
  • all services: a9s Logstash: Consumes the /v1/backup_manager endpoint from the a9s Backup Monit and sends the metrics to the graphite exporter.
  • all services: a9s Service Dashboard: a9s PostgreSQL: Add the end date as the default date picker value during restore operation.
  • all services: consul-dns: Add script to remove the stale node entries for the primary aliases to post-start of the bootstrap node. The execution of this script happens only once and only in the bootstrap node of the a9s Consul Cluster. To avoid issues deleting entries for existing deployment, make sure that no deployment has all nodes stopped during the consul-dns update.
  • a9s Elasticsearch: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • a9s LogMe2: Enable OpenSearch Alerting and OpenSearch Notifications plugins for OpenSearch Dashboards.
  • a9s LogMe2: Enable metrics and logs streaming from OpenSearch nodes in an a9s LogMe2 service instance to a configured sink.
  • a9s LogMe2: Add encrypted TCP endpoint for Fluentd.
  • a9s LogMe2: Add support for SMTP notifications.
  • a9s LogMe2: Add syslog custom parameter to stream OpenSearch and Fluentd logs to third-party log-sink(s).
  • a9s LogMe2: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • a9s MariaDB: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • a9s MongoDB: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • a9s MySQL: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • a9s PostgreSQL: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA. For more information see PostgreSQL TLS/SSL Configuration.
  • a9s Search: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • INTERNAL RELEASE a9s Service Broker: Add finish_undeployment step to request the cleanup of deleted service instances.
  • docs: Application Developer: Add a disclaimer to the "a9s SSL/TLS Service Plans" page to explain that the a9s Data Services do not support plan upgrades from Non-SSL instances into SSL ones. For more information see a9s SSL/TLS Service Plans
  • docs: Application Developer: a9s Elasticsearch: Add a disclaimer specifying the known limitations of a9s Elasticsearch's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of Using a9s Elasticsearch.
  • docs: Application Developer: a9s LogMe: Add a disclaimer specifying the known limitations of a9s Elasticsearch's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of Using a9s LogMe.
  • docs: Application Developer: a9s LogMe2: Add information on how to set a syslog and graphite endpoint. For more information see Using a9s LogMe2 and a9s LogMe2.
  • docs: Application Developer: a9s LogMe2: New custom parameters:
    • opensearch-tls-protocols
    • opensearch-tls-ciphers
    • fluentd-udp
    • fluentd-tcp
    • fluentd-tls
    • fluentd-tls-ciphers
    • fluentd-tls-version
    • fluentd-tls-min-version
    • fluentd-tls-max-version
  • docs: Application Developer: a9s LogMe2: Add documentation for OpenSearch's Alerts creation/usage, as a step-by-step guide. For more information see the "Creating an Alert (Monitor)" section of Alerting and Notifications Plugins.
  • docs: Application Developer: a9s LogMe2: Add documentation for OpenSearch's Notification Channels creation/usage, as a step-by-step guide. For more information see the "Creating a Notification Channel" section of Alerting and Notifications Plugins.
  • docs: Application Developer: a9s LogMe2: Add a warning, explaining the current limitations when restoring an instance with ISM configured. For more information see Using a9s LogMe2.
  • docs: Application Developer: a9s LogMe2: Add a warning to the explaining that the indices of the alertingDashboards and notificationsDashboards plugins cannot be deleted or removed. For more information see Alerting and Notifications Plugins.
  • docs: Application Developer: a9s Search: Add a disclaimer specifying the known limitations of a9s Search's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of Using a9s Search.
  • docs: Application Developer: a9s Search: Add a warning to explain that the disk space for the same indexes may be different between Elasticsearch and OpenSearch, which is why data cannot be checked by index size after migration. For more information see a9s Search Migration
  • docs: Platform Operator: Add detailed information about the a9s Data Services release policy. For more information see a9s Data Service Sunrise/Sunset for Major Versions.
  • docs: Platform Operator: Move the Release Lifecycle Table information to the a9s Data Service Sunrise/Sunset for Major Versions page. For more information see a9s Data Service Sunrise/Sunset for Major Versions.
  • docs: Platform Operator: Add a disclaimer to the "a9s SSL/TLS Service Plans" and "Service Plans" pages to explain that the a9s Data Services do not support plan upgrades from Non-SSL instances into SSL ones. For more information see Service Plans and Securing the a9s Framework with TLS.
  • docs: Platform Operator: a9s Backup Manager: Add a new page to the current a9s Backup Manager's documentation, as part of making the section visible on the website's sidebar. For more information see a9s Backup Manager BOSH Properties
  • docs: Platform Operator: a9s Backup Monit: Extend the documentation with the new metrics provided by the a9s Backup Monit service. For more information see a9s Backup Manager Metrics.
  • docs: Platform Operator: a9s Backup Services: Add a disclaimer to the relevant "a9s Backup Services" documentation pages to explicitly state the supported AWS S3 Storage Classes. For more information see a9s Backup Process, a9s Backup Service, a9s Data Services Installation and Disaster Recovery.
  • docs: Platform Operator: a9s Elasticsearch: Add a disclaimer specifying the known limitations of a9s Elasticsearch's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of a9s Elasticsearch Resources Considerations.
  • docs: Platform Operator: a9s LogMe: Add a disclaimer specifying the known limitations of a9s Elasticsearch's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of a9s LogMe Resources Considerations.
  • docs: Platform Operator: a9s LogMe2: Add new custom parameters to section Default Custom Parameter Configuration on the page a9s LogMe2 SPI Configuration.
  • docs: Platform Operator: a9s LogMe2: Add a warning explaining that the indices of the alertingDashboards and notificationsDashboards plugins cannot be deleted or removed. For more information see a9s LogMe2 SPI Configuration.
  • docs: Platform Operator: a9s PostgreSQL: Add a disclaimer to the "a9s PostgreSQL Manual Point-in-Time Recovery" page to explicitly state the supported AWS S3 Storage Classes. For more information see a9s PostgreSQL Manual Point-in-Time Recovery.
  • docs: Platform Operator: a9s Search: Add a disclaimer specifying the known limitations of a9s Search's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of a9s Search Resources Considerations.
  • docs: Platform Operator: Add a redirect from the defunct "a9s Data Services Release Lifecycle" page to the a9s Platform Operator - Sunrise Sunset.

Updated

  • all services: Update routing BOSH release to latest version 0.254.0.
  • all services: Update bpm BOSH release to latest version 1.1.21.
  • all services: a9s Dashboard: Update AntD and ReactScripts.
  • all services: a9s Dashboard: Update UX with minor improvements.
  • all services: Template Uploader Errand: Update templates for a9s LogMe2 to support individual certificates for the dedicated components in an a9s LogMe2 service instance.
  • a9s Backup Manager: Add field backup_type to the backups configuration of the V1 API. For more information see a9s Service Dashboard - API V1.
  • a9s Harbor: PostgreSQL 10.23
  • a9s LogMe2: OpenSearch 2.4.1
  • a9s Messaging:
    • a9s Messaging 3.10
      • RabbitMQ 3.10.14
      • Erlang 24.3.4.8
  • a9s PostgreSQL:
    • a9s PostgreSQL 13
      • PostgreSQL 13.9
    • a9s PostgreSQL 11
      • PostgreSQL 11.18
    • a9s PostgreSQL 10
      • PostgreSQL 10.23
  • a9s Prometheus: promgraf2 BOSH release now includes:
    • Prometheus 2.41.0
    • Grafana 8.5.15
    • graphite_exporter 0.13.1
    • blackbox_exporter 0.23.0
    • cadvisor 0.47.1
    • consul_exporter 0.9.0
    • haproxy_exporter 0.14.0
    • alertmanager 0.25.0
    • statsd_exporter 0.23.0
    • influxdb_exporter 0.11.1
  • a9s Prometheus: prometheus2 BOSH release now includes:
    • Prometheus 2.41.0
    • graphite_exporter 0.13.1
    • blackbox_exporter 0.23.0
    • cadvisor 0.47.1
    • consul_exporter 0.9.0
    • haproxy_exporter 0.14.0
    • influxdb_exporter 0.11.1
    • statsd_exporter 0.23.0
    • alertmanager 0.25.0
  • a9s Redis:
    • a9s Redis 6
      • Redis 6.2.10
  • a9s Search:
    • a9s Search 2:
      • OpenSearch 2.4.1
    • a9s Search 1:
      • OpenSearch 1.3.7
  • addons/mongodbsspl: MongoDB 5.0.14
  • INTERNAL RELEASE all services: a9s Backup Agent: Simplify logger configuration.
  • INTERNAL RELEASE all services: a9s Backup Agent: Improve a9s Backup Agent logs by logging more information during the backup/restore process, and adding additional debug and info messages.
  • INTERNAL RELEASE a9s Backup Manager: Improve a9s Backup Manager logs by separating the API logs from the worker logs, and adding additional debug and info messages.
  • docs: Application Developer: Make the a9s Dashboard API's deprecation notice more prominent. For more information see a9s Service Dashboard - API.
  • docs: Application Developer: Update the documentation regarding TLS/SSL Plans. For more information see SSL Plans.
  • docs: Platform Operator: Extend the "Known Limitations of a9s Backup Service" section in the a9s Data Services Installation guide. For more information see Known Limitations of a9s Backup Service.
  • docs: Platform Operator: Up-to-date Vendor DS Version on the a9s Data Services Release Lifecycle page
  • docs: Platform Operator: Update the documentation regarding TLS/SSL Plans. For more information see SSL Plans.
  • docs: Platform Operator: Simplify the a9s Data Service Release Lifecycle Table by changing the a9s Non-GA column into the Introduced column and removing the a9s GA column, since the DS State column provides concise information already. For more information see a9s Data Service Sunrise/Sunset for Major Versions.

Deprecated

  • a9s Harbor: Deprecate a9s Harbor. For more information see a9s Platform Operator - Sunrise Sunset

Removed

  • breaking change all services: Remove the Ops-file enable-production-ready-services-only.yml. This Ops-file was used to remove the Non-GA services from their corresponding a9s Data Service. Instead of this opt-out solution, an explicit opt-in solution for Non-GA services is now used. For more information see Enable Non-GA Services.
  • breaking change a9s Harbor: Remove deprecated Harbor from the service catalog.
  • breaking change a9s Kubernetes: Remove deprecated Kubernetes from the service catalog.
  • breaking change a9s LogMe2: Remove LogMe2 from the service catalog. For information on how to enable release candidate services, see Enable Release Candidates Services.
  • breaking change a9s MariaDB: Remove MariaDB 10.6 from the service catalog. For information on how to release candidate services, see Enable Release Candidates Services.
  • breaking change a9s Messaging: Remove Messaging 3.10 from the service catalog. For information on how to enable release candidate services, see Enable Release Candidates Services.
  • breaking change a9s PostgreSQL: Remove deprecated PostgreSQL 9.4 from the service catalog. This removal follows the deprecation process started in version 16.0.0.
  • breaking change a9s Prometheus: Remove Prometheus from the service catalog. For information on how to enable beta services, see Enable Beta Services.
  • breaking change a9s Search: Remove deprecated Search 1 from the service catalog. This removal follows the deprecation process started in version 33.0.0.
  • docs: Platform Operator: Remove a9s Data Services Release Lifecycle page.

Fixed

  • all services: SSO-Proxy: Redirect to the Cloud Foundry Authentication page when the CF Token is no longer valid or it is not possible to refresh the token.
  • a9s Elasticsearch: a9s Backup Agent: Make the a9s Backup Agent backup process fail when it reaches the PARTIAL or INCOMPATIBLE snapshot state.
  • a9s Harbor: Remove the node entries for the primary aliases from a9s Consul when the service instance is deleted.
  • a9s LogMe2: a9s Backup Agent: Fix an issue that causes restore operations to fail when OpenSearch Alerting and Notifications are configured.
  • a9s Messaging: Fix custom param roles during service binding creation.
  • a9s Messaging: Emit backing_queue_status metrics only if available.
  • a9s Messaging: Fix force_certificate_rotation for SSL service plans. This change ensures that only the leaf certificate is rotated and not the CA.
  • a9s PostgreSQL: Remove the node entries for the primary alias from a9s Consul when the service instance is deleted.
  • a9s PostgreSQL: Fix force_certificate_rotation for SSL service plans. This change ensures that only the leaf certificate is rotated and not the CA.
  • a9s PostgreSQL: Fix WAL archival backing up files with huge commit entries when enabling continuous_archiving. When the huge commit entry would fill the buffer, the archival process would get stuck, blocking any WAL file from being archived and preventing base backups to finish executing.
  • a9s Redis: Remove the node entries for the primary alias from a9s Consul when the service instance is deleted.
  • a9s Redis: Fix force_certificate_rotation for SSL service plans. This change ensures that only the leaf certificate is rotated and not the CA.
  • a9s Search: a9s Backup Agent: Make the a9s Backup Agent backup process fail when it reaches the PARTIAL or INCOMPATIBLE snapshot state.
  • a9s Service Guard: Fix the security_groups:remove Rake task so it does not remove security groups that are in use.
  • a9s Service Guard: Run only one SyncSharedInstancesJob at a time.
  • INTERNAL RELEASE a9s-pg: Fix WAL archival backing up files with huge commit entries when enabling continuous_archiving. When the huge commit entry would fill the buffer, the archival process would get stuck, blocking any WAL file from being archived and preventing base backups to finish executing.
  • INTERNAL RELEASE a9s Harbor: a9s PostgreSQL: Fix WAL archival backing up files with huge commit entries when enabling continuous_archiving. When the huge commit entry would fill the buffer, the archival process would get stuck, blocking any WAL file from being archived and preventing base backups to finish executing.
  • docs: Application Developer: Fix typos, formatting mistakes, and metadata issues across the entire documentation.
  • docs: Application Developer: Add note backing_queue_metrics are optional.
  • docs: Platform Operator: Fix typos, formatting mistakes, and metadata issues across the entire documentation.
  • docs: Platform Operator: a9s Backup Manager: Fix the a9s Backup Manager documentation to that it is visible on the website's sidebar. For more information see a9s Backup Manager

Security

  • all services: a9s Backup Agent: Fix CVEs:
    • CVE-2022-29181
    • GHSA-2qc6-mcvw-92cw
    • GHSA-cgx6-hpwq-fhv5
  • all services: a9s Dashboard: Fix CVEs:
    • CVE-2022-37601
    • CVE-2021-3918
    • CVE-2021-42740
    • CVE-2021-23436
  • a9s Backup Manager: Fix CVEs:
    • CVE-2022-29181
    • GHSA-2qc6-mcvw-92cw
    • GHSA-cgx6-hpwq-fhv5
  • a9s Backup Monit: Fix CVEs:
    • CVE-2022-29181
    • GHSA-2qc6-mcvw-92cw
    • GHSA-cgx6-hpwq-fhv5