Added
- breaking change all services: a9s Backup Agent: Add a communication channel through port 3002 (mTLS) of the a9s Backup Manager, so that the a9s Backup Agent can push information to the a9s Backup Manager when necessary. For more information, see a9s Platform Required Ports.
- a9s KeyValue: Introduce a9s KeyValue 8 as Beta. To enable it use the Ops file
ops/enable_beta_services/keyvalue.yml
where the following properties must be set:- keyvalue_service.services.a9s-keyvalue8.name
- keyvalue_service.services.a9s-keyvalue8.guid
- keyvalue_service.services.a9s-keyvalue8.description
- keyvalue_service.services.a9s-keyvalue8.label
- keyvalue_service.services.a9s-keyvalue8.version
- keyvalue_service.services.a9s-keyvalue8.bindable
- keyvalue_service.services.a9s-keyvalue8.requires
- keyvalue_service.services.a9s-keyvalue8.tags
- keyvalue_service.services.a9s-keyvalue8.documentation_url
- keyvalue_service.services.a9s-keyvalue8.metadata
- keyvalue_service.services.a9s-keyvalue8.dashboard_client.id
- keyvalue_service.services.a9s-keyvalue8.plans
- keyvalue_service.services.a9s-keyvalue8.plans-to-test
- keyvalue_service.services.a9s-keyvalue8.planupdates-to-test For more information, see a9s Platform Operator Sunrise Sunset - Beta.
- a9s KeyValue: Add an example config for a9s KeyValue 8 to
config/keyvalue.yml.example
. - a9s LogMe2: Add
instances_fluentd
as an optional property to the logme2-cluster template with a default value of 1. For more information, see Scale Fluentd Nodes. - docs: Application Developer: a9s KeyValue: Add initial documentation for a9s KeyValue. For more information, see a9s KeyValue.
- docs: Application Developer: a9s KeyValue: Update existing common documentation with references to a9s KeyValue.
- docs: Application Developer: a9s MariaDB: Provide an example on how to drop all the custom databases through the
databases
custom parameter. For more information, see Using a9s MariaDB - databases Parameter - docs: Application Developer: a9s Redis: Add further information about persistency behavior. For more information, see Using a9s Redis - Change RDB Persistence Settings.
- docs: Application Developer: a9s Service Dashboard: Add information on how to allow/block automatic updates via the a9s Service Dashboard. For more information, see Using a9s Service Dashboard - Update the Service Instance
- docs: Platform Operator: all services: Add documentation on how to access security logs. For more information, see Security Logs.
- docs: Platform Operator: a9s-pg: Add a page detailing the cluster recovery process for a9s-pg. For more information, see a9s-pg Cluster Recovery.
- docs: Platform Operator: a9s KeyValue: Add initial documentation for a9s KeyValue. For more information, see a9s KeyValue.
- docs: Platform Operator: a9s KeyValue: Update existing common documentation with references to a9s KeyValue.
- docs: Platform Operator: a9s PostgreSQL: Add a new step describing how to clean up the
repmgr
database. For more information, see a9s PostgreSQL Manual Logical Backup Recovery - Cleanup repmgr.
Changed
- breaking change all services: a9s Backup Agent: Complete refactoring of the a9s Backup Agent and overhaul of the
general backup system architecture to:
- support mTLS as the only communication between the a9s Backup Agent and the a9s Backup Manager
- speed up the communication between the a9s Backup Agent and a9s Backup Manager by pushing the necessary information as soon as the task has finished instead of polling the various states at defined intervals
- improve error handling and logging, and increase the resilience of the entire a9s Backup Agent
- breaking change a9s Backup Manager: Rename the deployment manifest variable, which stores the a9s Backup Manager
Server certificate, from
a9s_backup_manager_tls_cert
tobackup_manager_server_cert
for consistency. - breaking change a9s Backup Manager: Change the Common Name (CN) of the a9s Backup Manager Server certificate from
the Fully Qualified Domain Name (FQDN) to the generic string
a9s Backup Manager TLS Certificate
. As the CN can only contain a certain amount of characters, the FQDN can end up being too long, depending on the Consul domain configuration. With this we also follow the deprecation of the CN to verify the server identity as described in RFC2818. - breaking change a9s Backup Manager: Change the default port for the communication from the a9s Backup Manager to the a9s Backup Agent from 3000 (non-TLS) to 3001 (mTLS). For more information, see a9s Platform Required Ports.
- breaking change a9s Billing: Disable the export of invoices to a9s Invoices by default, since this component is
not included by default with a9s Billing. To enable the export once more, the
add_a9s_invoices.yml
ops-file has been extended to setcf_billing.export
to true. - breaking change a9s LogMe2: Enable backup tests of the a9s Smoke Tests by default.
- all services:
- bpm v1.3.3
- nginx to v1.27.1
- routing v0.311.0
- all services: a9s DS API Gateway:
- Go to v1.22.7
- KrakenD to v2.7.2
- a9s Backup Manager: Adapt the a9s Backup Manager and overhaul of the general backup system architecture to:
- support mTLS as the only communication between the a9s Backup Manager and the a9s Backup Agents
- speed up the communication between the a9s Backup Manager and the a9s Backup Agents by pushing the necessary information as soon as the task has finished instead of polling the various states at defined intervals
- improve the resilience of the entire backup system in error cases
- a9s Backup Services:
- nginx to v1.27.1
- a9s Messaging: a9s Messaging SPI: Update dependencies.
- a9s MongoDB:
- mongodb50sspl:
- mongodb to v5.0.29
- mongodb70sspl:
- mongodb to v7.0.14
- mongosh to v2.3.1
- mongodb50sspl:
- a9s PostgreSQL:
- a9s PostgreSQL 13:
- cmake3 to v3.30.3
- a9s PostgreSQL 13:
- a9s PostgreSQL: Optimize the backup and restore of WAL files for Service Instances with continuous archiving enabled. In combination with the adaptation of the backup system architecture, a major increase of the amount of archived WAL files per minute can be achieved.
- a9s Prometheus:
prometheus2
:- cadvisor to v0.50.0
- consul_exporter to v0.12.1
- graphite_exporter to v0.15.2
- influxdb_exporter to v0.11.7
- prometheus to v2.53.2
- stackdriver_exporter to v0.16.0
- statsd_exporter to v0.27.1
promgraf2
:- cadvisor to v0.50.0
- consul_exporter to v0.12.1
- graphite_exporter to v0.15.2
- influxdb_exporter to v0.11.7
- prometheus to v2.53.2
- stackdriver_exporter to v0.16.0
- statsd_exporter to v0.27.1
prometheus-legacy
:- cadvisor to v0.50.0
- consul_exporter to v0.12.1
- graphite_exporter to v0.15.2
- influxdb_exporter to v0.11.7
- prometheus to v2.53.2
- stackdriver_exporter to v0.16.0
- statsd_exporter to v0.27.1
- a9s Search:
- a9s Search 2:
- opensearch to v2.16.0
- opensearch-dashboards to v2.16.0
- opensearch-plugin-repository-azure to v2.16.0
- opensearch-plugin-repository-s3 to v2.16.0
- a9s Search 2:
- docs: Application Developer: Update the links in the Disaster Recovery documentation to use the a9s Public API v1 and fix some broken links. For more information, see Disaster Recovery.
- docs: Application Developer: Mention a9s KeyValue as an a9s Data Service supporting Disaster Recovery. For more information, see Disaster Recovery.
- docs: Application Developer: a9s Prometheus: Update the links related to the
telegraf-buildpack
, as the existing version's stack was deprecated. Additionally, include a screenshot of an example dashboard to visualize the metrics being streamed from the application. For more information, see Using a Sidecar to Collect Application Metrics With a9s Prometheus. - docs: Platform Operator: Clean up the "a9s Platform Required Ports" page. For more information, see a9s Platform Required Ports.
- docs: Platform Operator: all services: Extend documentation to clarify the handling of expired certificates. For more information, see Generated Certificates.
- docs: Platform Operator: a9s PostgreSQL: Enhance the guide on how to identify the cluster primary during the cluster recovery process. For more information, see a9s PostgreSQL Cluster Recovery - 0. Identify the Cluster Primary and Cluster Status - Identifying Current Valid Primary of the Cluster.
- BOSH stemcell: all services: Update Jammy stemcell to version
1.572
for internal tests of all supported services.
Deprecated
a9s MariaDB: Deprecation: Deprecate the following a9s Data Service version:
- a9s MariaDB 10.4
Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same a9s Data Service:
- for a9s MariaDB: a9s MariaDB 10.6 and 10.11 are available as GA versions.
This deprecation follows the announcement in v50.0.0 . The deprecation phase is planned to last until v56.0.0 (expected end of December 2024), in which the deprecated version will become unsupported. The creation of new a9s Data Service instances for this particular version will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information, see a9s Platform Operator Sunrise Sunset.
To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.
Unsupported
a9s PostgreSQL: End of Support: Terminate support for the following deprecated a9s Data Service version:
- a9s PostgreSQL 10
The creation of new a9s Data Service instances for this deprecated version is now disabled by default in the a9s Data Service Bundle and we no longer provide regular support for this version. The corresponding documentation has been removed.
Although we will not intentionally break running instances of this unsupported version, it cannot be guaranteed that they still work as expected after an update to this release.
Removed
- breaking change a9s Backup Manager: Remove obsolete variables from the deployment manifest.
- docs: Application Developer: a9s Service Dashboard: Remove unnecessary header from the "Using a9s Service Dashboard" page. For more information, see Using a9s Service Dashboard.
- docs: Platform Operator: a9s PostgreSQL: Remove a9s PostgreSQL 10 from the "a9s Data Service Release Lifecycle Table" page. For more information, see a9s Platform Operator Sunrise Sunset - a9s Data Services Life-Cycle Stages.
- REMOVAL OF OFFERING a9s Elasticsearch: Remove the offering of
a9s Elasticsearch 2
from the a9s Data Services, as this version is now unsupported on account of it reaching its EOL on February 2018. We removed the files, version specific examples, references and documentation that relate to the unsupported version. - REMOVAL OF OFFERING a9s Messaging: Remove the offering of
a9s Messaging 3.6
from the a9s Data Services, as this version is now unsupported on account of it reaching its EOL on May 2018. We removed the files, version specific examples, references and documentation that relate to the unsupported version. - REMOVAL OF OFFERING a9s MySQL: Remove the offering of
a9s MySQL 10.1
from the a9s Data Services, as this version is now unsupported on account of it reaching its EOL on Octobre 2020. We removed the files, version specific examples, references and documentation that relate to the unsupported version. - REMOVAL OF OFFERING a9s Redis: Remove the offering of
a9s Redis 3.2
from the a9s Data Services, as this version is now unsupported on account of it reaching its EOL on January 2017. We removed the files, version specific examples, references and documentation that relate to the unsupported version. - REMOVAL OF OFFERING a9s Redis: Remove the offering of
a9s Redis 4.0
from the a9s Data Services, as this version is now unsupported on account of it reaching its EOL on January 2019. We removed the files, version specific examples, references and documentation that relate to the unsupported version.
Fixed
- all services: a9s BOSH Deployer: Improve error handling.
- all services: a9s DS API Gateway: Forward
Content-Type
andAccept
header to the corresponding backends. This is necessary so that the respective backends can interpret the request correctly. - a9s-pg: Fix issue disabling reindex on major upgrade that would cause
pre-start
on the bootstrap node to fail. - a9s-pg: Fix potential exposure to data loss when executing a major upgrade. Data inserted to a blocked cluster would be discarded during the upgrade, causing data loss. The fix ensures the bootstrap node is up-to-date with the primary before moving on with the update procedure.
- a9s-pg: Fix scenario with two primaries during a major upgrade. This occured when the last node to be updated was promoted to primary. This caused the update to fail and left the nodes unable to identify the current primary of the cluster.
- a9s LogMe2: Ensure that the OpenSearch VM is updated first in order to prevent potential downtime in the OpenSearch Dashboards VM.
- a9s MariaDB: a9s MariaDB SPI: Introduce connection timeouts to help prevent the SPI from being locked due to misbehaving Service Instances.
- a9s PostgreSQL: Fix the panic message, occuring when archiving WAL files, in logs on Service Instances with continuous archiving enabled.
- a9s Redis: a9s Redis 7: Fix an inconsistency in
post-start
that could incorrectly configure the cluster. This issue specifically affected clustered Service Instances with persistence enabled. - docs: all services: Fix several broken relative links under the Platform Developer and Application Developer paths to reflect the trailing slash configuration change.
- docs: Application Developer: a9s DS API Gateway: Amend minor errors in the example
cURL
command of multiple endpoint. For more information, see a9s Public API. - docs: Application Developer: a9s DS API Gateway: Fix general typos. For more information, see a9s Public API.
- docs: Application Developer: a9s LogMe2: Fix broken admonition in the "Using a9s LogMe2" page. For more information, see Using a9s LogMe2 - Supported Protocols and Limitations.
- docs: Platform Operator: a9s Parachute: Update information regarding interdependency with
ext4
file system reserved blocks. For more information, see a9s Parachute Concerns. - Add-on: a9s MongoDB SSPL: Adapt
post-deploy
script to ensure proper waiting for cluster initialization.
Security
- a9s Backup Manager: Fix CVEs:
- CVE-2024-28103
- CVE-2024-41123
- CVE-2024-41946
- a9s Service Dashboard: Fix CVEs:
- CVE-2024-22018
- CVE-2024-22020
- CVE-2024-27980
- CVE-2024-36138
Upcoming
a9s Prometheus: End of Support: Terminate support, starting from anynines deployment v56.0.0 (expected end of December 2024), for the following deprecated a9s Data Service versions:
- a9s Prometheus: Grafana 5
- a9s Prometheus: Grafana 8
The creation of new a9s Data Service instances for these deprecated versions will be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. The corresponding documentation will also be removed.
Although we will not intentionally break running instances of these unsupported versions, it cannot be guaranteed that they still work as expected after an update to v56.0.0.
a9s Redis: End of Support: Terminate support, starting from anynines deployment v56.0.0 (expected end of December 2024), for the following deprecated a9s Data Service version:
- a9s Redis 6.2
The creation of new a9s Data Service instances for this deprecated version will be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed.
Although we will not intentionally break running instances of this unsupported version, it cannot be guaranteed that they still work as expected after an update to v56.0.0.