Skip to main content

· 11 min read

Added

  • a9s LogMe2: Add default placeholder value to configure the number of OpenSearch nodes in the cluster template. For more information see a9s LogMe2 Documentation.
  • docs: Application Developer: Describe the requirements for the Common Name and Subject Alternative Name of user provided certificates. For more information see Common Name And Subject Alternative Name.
  • docs: Platform Operator: Describe the requirements for the Common Name and Subject Alternative Name of a wildcard certificate. For more information see Common Name And Subject Alternative Name.
  • docs: Platform Operator: Update the Service Plans documentation to include the list of currently available a9s Search service plans. For more information see Service Plans.
  • docs: Platform Operator: a9s LogMe2: Add new Platform Plan section to the a9s LogMe2 Documentation. For more information see a9s LogMe2 Documentation.
  • docs: Platform Operator: a9s MariaDB: Create a new page to provide a general overview of a9s MariaDB's cluster setup, and MariaDB Galera Cluster's role in it. For more information see a9s MariaDB Cluster Setup Overview.

Changed

  • breaking change all services: Use stemcell ubuntu-jammy version 1.125 for all internal tests of the a9s Data Services Framework components except the following: a9s Consul, a9s Service Guard, a9s Billing, and a9s-pg. Please make sure to update your stemcells accordingly, as shown in the example IaaS configuration.
  • breaking change all services: Use stemcell ubuntu-bionic version 1.204 for all internal tests of the a9s Data Services. Please make sure to update your stemcells accordingly.
  • breaking change all services: Change vm_type of the a9s Service Dashboard VM from nano to small to better reflect the resource requirements. For more information see a9s Service Dashboard VM size.
  • all services: Update routing BOSH release to latest version 0.271.0.
  • all services: Update bpm BOSH release to latest version 1.2.2.
  • all services: a9s Smoke Tests: Add OpenSSL v1.1.1 for compatibility reasons as Ubuntu Jammy comes with OpenSSL v3 by default, but our tests still rely on OpenSSL v1; wherefore, we had to add it explicitly to be able to run the a9s Smoke Tests on ubuntu-jammy stemcell.
  • a9s Backup Manager: Increase the possible database connections to 50 to be able to parallelize the backup status check.
  • a9s Backup Manager: Parallelize the check of the status of running backups. This improves the performance on environments that have many backups running in parallel.
  • a9s Elasticsearch: Freeze stemcell for a9s Elasticsearch 2, 5, 6, and 7 to ubuntu-bionic v1.204. This is necessary since these versions are not compatible with ubuntu-jammy.
  • a9s MariaDB:
    • MariaDB 10.6
      • MariaDB 10.6.14
  • a9s MongoDB:
    • a9s MongoDB 5.0
      • MongoDB 5.0.18
  • a9s MongoDB: Freeze stemcell for a9s MongoDB 3.2, 3.4, 3.6, 4.0, and 4.0 SSPL to ubuntu-bionic v1.204. This is necessary since these versions are not compatible with ubuntu-jammy.
  • a9s MongoDB: SPI: Add OpenSSL v1.1.1 for compatibility reasons as Ubuntu Jammy comes with only OpenSSL v3 by default, however, MongoDB 5.0 still depends on OpenSSL v1.
  • a9s Messaging:
    • Messaging 3.8
      • Erlang 23.3.4.19
    • Messaging 3.10
      • Erlang 24.3.4.12
      • RabbitMQ 3.10.24
  • a9s Messaging: Freeze stemcell for a9s Messaging 3.6 and 3.7 to ubuntu-bionic v1.204. This is necessary since these versions are not compatible with ubuntu-jammy.
  • a9s PostgreSQL: Freeze stemcell for a9s PostgreSQL 9.4, 10, and 11 to ubuntu-bionic v1.204. This is necessary since these versions are not compatible with ubuntu-jammy.
  • a9s Prometheus: promgraf2 BOSH release now includes:
    • blackbox_exporter 0.24.0
    • bosh_exporter 3.5.0
    • grafana 8.5.26
    • graphite_exporter 0.14.0
    • influxdb_exporter 0.11.4
    • memcached_exporter 0.13.0
    • postgres_exporter 0.12.1
    • prometheus 2.44.0
    • stackdriver_exporter 0.14.1
    • statsd_exporter 0.24.0
  • a9s Prometheus: prometheus2 BOSH release now includes:
    • blackbox_exporter 0.24.0
    • bosh_exporter 3.5.0
    • grafana 8.5.26
    • graphite_exporter 0.14.0
    • influxdb_exporter 0.11.4
    • memcached_exporter 0.13.0
    • postgres_exporter 0.12.1
    • prometheus 2.44.0
    • stackdriver_exporter 0.14.1
    • statsd_exporter 0.24.0
  • consul-dns: Update dnsmasq to latest version 2.89.
  • consul-dns: Add timestamps to log entries of the dnsmasq's control script.
  • docs: Application Developer: Update migration documentation for Redis 3. For more information see Redis Migration.
  • docs: Platform Operator: a9s Elasticsearch: Change wording and fix typos in the Creating Backups on S3 Compatible Services section. For more information see a9s Elasticsearch.
  • docs: Platform Operator: a9s Messaging: Rename page RabbitMQ Managment UI Access to RabbitMQ Managment UI and revision the whole page. For more information see RabbitMQ Managment UI.
  • docs: Platform Operator: a9s Search: Change wording and fix typos in the Creating Backups on S3 Compatible Services section. For more information see a9s Search.
  • docs: Platform Operator: Restructure the documentation regarding configuration of TLS/SSL encrypted communication for the a9s Data Services Framework components. For more information see Securing the a9s Framework with TLS.

Removed

  • breaking change all services: Remove the Ops files to enable TLS/SSL encrypted communication for individual a9s Data Services. Since we decided to enable step by step the TLS/SSL encrypted communication for each a9s Data Services Framework component by default and maintaining both ways are not meaningfull and already lead to several confusions we decided to remove the possibility to enable TLS/SSL encrypted communication for a specific a9s Data Service. For the time being we only support TLS/SSL encrypted communication for the a9s Data Services Framework components where it is enabled by default.
  • breaking change a9s Router: Remove the a9s Router deployment manifest and its Ops files. The a9s Router was only used by a9s Kubernetes, which no longer exists, so the a9s Router is no longer needed.
  • all services: Remove the obsolete a9s Kubernetes, a9s Harbor, and a9s Router configurations from the example IaaS configuration.
  • a9s-pg: Remove the obsolete databases for a9s Harbor and a9s Kubernetes. Since we no longer offer these a9s Data Services, their dedicated databases are no longer needed.
  • docs: Platform Operator: Remove obsolete documentation regarding enabling the TLS/SSL encrypted communication for different a9s Data Services Framework components which are not fully supported yet. We decided to enable the encryption for each a9s Data Services Framework component step by step as default instead of making it optional per a9s Data Service, wherefore, this documentation is no longer needed.
  • docs: Platform Operator: Remove outdated troubleshooting documenation regarding TLS/SSL encrypted communication for the a9s Data Services Framework components.
  • docs: Platform Operator: a9s Messaging: Remove obsolete information from the RabbitMQ TLS/SSL Configuration page in favor of TLS/SSL Service Plans.
  • docs: Platform Operator: a9s PostgreSQL: Remove obsolete PostgreSQL TLS/SSL Configuration documentation in favor of TLS/SSL Service Plans.
  • docs: Platform Operator: a9s Redis: Remove obsolete Redis TLS/SSL Configuration documentation in favor of TLS/SSL Service Plans.
  • docs: Platform Operator: a9s Router: Remove the documentation of the a9s Router.

Deprecated

  • a9s Elasticsearch: Deprecation: Deprecate the following data service version:

    • a9s Elasticsearch: all versions

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:

    • for a9s Elasticsearch 7: a9s OpenSearch2 is available as GA version.

    This deprecation follows the announcement in the previous release. The deprecation phase is planned to last until v49.0.0 (in Q2/2024), in which the deprecated version will become unsupported. The creation of new data service instances for this particular version will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset.

    To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

  • a9s Redis: Deprecation: Deprecation phase was extended to give customers more time to migrate to a supported data service version. Contrary to the announcement of upcoming unsupport in v38.0.0, unsupport will not occur in v39.0.0, but in v40.0.0 (expected in Q3/2023) for the following data service versions:

    • a9s Redis v3.2
    • a9s Redis v4 Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:
    • for a9s Redis v3.2: a9s Redis 5, a9s Redis 6, a9s Redis 7 are available as GA versions.
    • for a9s Redis v4: a9s Redis 5, a9s Redis 6, a9s Redis 7 are available as GA versions. The extended deprecation phase is planned to last until v40.0.0 (expected in Q3/2023), in which the deprecated versions will become unsupported.

  • a9s MariaDB: Deprecation: Deprecation phase was extended to give customers more time to migrate to a supported data service version. Contrary to the announcement of upcoming unsupport in v38.0.0, unsupport will not occur in v39.0.0, but in v44.0.0 (expected in Q4/2023) for the following data service version:

    • a9s MariaDB v10.1 Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:
    • for MariaDB v10.1: a9s MariaDB v10.4 is available as GA version. The extended deprecation phase is planned to last until v44.0.0 (expected in Q4/2023), in which the deprecated version will become unsupported.

Fixed

  • all services: a9s Template Uploader Errand: Fix issue when using remote Ops files. When using remote Ops files the output of the Errand showed a no implicit conversion of URI::HTTPS into String and the Errand completed with an error (exit code 1).
  • a9s-pg: Remove logging of credentials from the PostgreSQL pre-start log.
  • a9s Backup Manager: Correct comment in Ops file ops/backup-on-generic-s3.yml to make clear that it is intended to use with the a9s Backup Manager deployment manifest and not with the a9s-pg deployment manifest.
  • a9s Messaging: Handle TLS/SSL plans correctly when registering the RabbitMQ Management UI route. The route was registered via HTTP even though it is HTTPS in the case of a TLS/SSL service instance, wherefore, the access did not work and you saw a 502 Bad Gateway: Registered endpoint failed to handle the request..
  • a9s PostgreSQL: Remove logging of credentials from the PostgreSQL pre-start log.
  • docs: Application Developer: a9s LogMe2: Correct the custom parameter name for setting the protocol of syslog_drain_url. The correct custom parameter name of the binding parameter is syslog-use-udp and not syslog_use_udp. For more information see Using a9s LogMe2: Create a Service Key.
  • docs: Platform Operator: Updated the sidebar links redirection from the old a9s Data Services Release Lifecycle page to our a9s Data Service Sunrise/Sunset for Major Versions.

Upcoming

  • a9s LogMe: Deprecation: Prepare for the upcoming deprecation phase, triggered during the next release of anynines deployment v40.0.0 (expected end of July 2023), of the following data service version:

    • a9s LogMe

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:

    • for a9s LogMe: a9s LogMe2 is available as GA version

    The deprecation phase is planned to last until v43.0.0 (in October 2023), in which the deprecated version will become unsupported. The creation of new data service instances for this particular version will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset.

    To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

Unsupported

  • a9s Messaging: End of Support: Terminate support for the following deprecated data service version:

    • Messaging 3.6

    The creation of new data service instances for this deprecated version is now disabled by default in the a9s Data Service Bundle and we no longer provide regular support for this version.

    Although we will not intentionally break running instances of this unsupported version, it cannot be guaranteed that they still work as expected after an update to this release.

· 5 min read

Added

  • a9s LogMe2: Set file-buffers as the default data buffers. For more information see a9s LogMe2 Documentation.
  • a9s PostgreSQL: Increase default timeout for pg_ctl finish starting a process to avoid timeout errors during startup.

Changed

  • breaking change all services: Enable TLS communication between a9s Service Dashboard and a9s Backup Manager. For more information see a9s Dashboard Service. With this changes the port for the communication between these both components changed from port 3000 (HTTP) to port 3001 (HTTPS). Please ensure that your firewalls allow this new communication channel. For more information see a9s Platform Required Ports.
  • breaking change a9s Backup Manager: Enable both TLS (HTTPS) and non-TLS (HTTP) API support for the a9s Backup Manager. The non-TLS interface will be disabled when the communication channels from all the components to the a9s Backup Manager are set to TLS in the coming releases. For more information see a9s Backup Manager TLS Configuration.
  • all services: Update routing BOSH release to latest version 0.266.0.
  • all services: Update bpm BOSH release to latest version 1.2.1.
  • all services: Set the Common Names of the certificates defined on the service manifests as their hostnames.
  • a9s MongoDB:
    • a9s MongoDB 5.0
      • MongoDB 5.0.17
  • a9s PostgreSQL:
    • a9s PostgreSQL 13
      • PostgreSQL 13.11
    • a9s PostgreSQL 11
      • PostgreSQL 11.20
  • a9s Redis 6:
    • a9s Redis 6.2.12
  • docs: Platform Operator: a9s Backup Manager: Update documentation to explain TLS/SSL configuration options. For more information see a9s Platform TLS General Configuration.
  • INTERNAL RELEASE a9s Backup Manager: Merge backup deletion endpoints together and move it to a new endpoint.

Deprecated

  • a9s MongoDB: Deprecation: Deprecate the following data service versions:

    • a9s MongoDB v3.x
    • a9s MongoDB v4.0

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:

    • for a9s MongoDB v3.x: a9s MongoDB 5.0 is available as GA version
    • for a9s MongoDB v4.0: a9s MongoDB 5.0 is available as GA version

This deprecation follows the announcement in the previous release. The deprecation phase is planned to last until v41.0.0 (in Q3/2023), in which the deprecated versions will become unsupported. The creation of new data service instances for these particular versions will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset. To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

Fixed

  • a9s Backup Manager: Fix the current broken connections rescue logic. During the recent Ruby update, the pg gem was updated as well, which changed the thrown error. This fix shifts the reconnect logic into our clock functionality in order to properly catch the missing broken connections.

Security

  • a9s PostgreSQL: Fix CVEs:
    • CVE-2023-2455
    • CVE-2023-2454

Upcoming

  • a9s Messaging: End of Support: Terminate support, starting from anynines deployment v39.0.0 (expected end of June 2023), for the following deprecated data service version:
    • a9s Messaging v3.6
  • a9s Redis: End of Support: Terminate support, starting from anynines deployment v39.0.0 (expected end of June 2023), for the following deprecated data service versions:
    • a9s Redis v3.2
    • a9s Redis v4
  • a9s MariaDB: End of Support: Terminate support, starting from anynines deployment v39.0.0 (expected end of June 2023), for the following deprecated data service version:
    • a9s MariaDB v.10.1

The creation of new data service instances for these deprecated versions will be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. Although we will not intentionally break running instances of these unsupported versions, it cannot be guaranteed that they still work as expected after an update to v39.0.0.

  • a9s Elasticsearch: Deprecation: Prepare for the upcoming deprecation phase, triggered during the next release of anynines deployment v39.0.0 (expected end of June 2023), of the following data service versions:

    • a9s ElasticSearch: all versions

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:

    • for a9s ElasticSearch 7: a9s OpenSearch2 is available as GA version.

The deprecation phase is planned to last until v42.0.0 (in September 2023), in which the deprecated versions will become unsupported. The creation of new data service instances for these particular versions will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset.

To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

· 4 min read

Added

  • a9s PostgreSQL: a9s PostgreSQL 13: Add switchover capabilities to decrease the downtime during the update of the primary node of the cluster. Switchover is only executed in healthy clusters. For more information see: a9s Postgresql Switchover.
  • a9s Redis: Release a9s Redis 7 as RC. For more information see a9s Platform Operator - Sunrise Sunset
  • docs: Platform Operator: Create a new page to describe a9s PostgreSQL's Switchover feature. For more information see: a9s Postgresql Switchover.

Changed

  • a9s Backup Manager: Update how backups are deleted.
    • The deletion of failed backups is now included in the default deletion process.
    • The delete-failed-backups errand was removed, as the deletion of failed backups is now done automatically.
    • Backups that are deleted inside the storage will be deleted after some time from the database. The default value after deleted backup are removed from the database is 180 days. For more information see table in the Configurable Properties section.
  • a9s Backup Manager: Update Ruby version of a9s Backup Manager to Ruby 3.1.3.
  • a9s MongoDB: Add a new default role to grant collection modification privileges to the users of the default database. For more information see table in the Default Roles section.
  • a9s Smoke Tests: Update Ruby version of a9s Service Smoke Tests to Ruby 3.1.3.
  • docs: Application Developer: a9s MongoDB: Create a new section in the a9s MongoDB documentation describing the default roles granted to an user upon creation. For more information see the Default Roles section.
  • docs: Application Developer: a9s Redis: Updated migration document making it more general, as its migration paths work for multiple Redis versions. For more information see Migration.
  • docs: Platform Operator: Updated the column EOL in Vendorin our a9s Data Service Sunrise/Sunset for Major Versions page to reflect the latest changes to the EOL policies of multiple vendors. For more information see a9s Data Service Release Lifecycle Table section.
  • docs: Platform Operator: a9s Service Dashboard: Add instance requirements for the a9s Service Dashboard. For more information see a9s Service Dashboard.

Unsupported

  • a9s Harbor: End of Support: Terminate support for the following deprecated data service versions:
    • a9s Harbor (all versions) The creation of new data service instances for these deprecated versions is now disabled by default in the a9s Data Service Bundle and we no longer provide regular support for these versions.
  • a9s Kubernetes: End of Support: Terminate support for the following deprecated data service versions:
    • a9s Kubernetes (all versions) The creation of new data service instances for these deprecated versions is now disabled by default in the a9s Data Service Bundle and we no longer provide regular support for these versions.

Although we did not intentionally break running instances of these unsupported versions, it cannot be guaranteed that they still work as expected after an update to this release.

Fixed

  • a9s MariaDB:
    • a9s MariaDB 10.6 and 10.4: Fix an issue preventing the bootstrapping node from rejoining the cluster in case of a failure.
  • docs: Platform Operator: a9s Service Dashboard: Fix duplicate documentation ID between the "Customize Color Theme" and the "Allow Automatic Updates" documents, as well as the disfunctional link to the "Customize Color Theme" document in the CHANGELOG.

Upcoming

  • a9s MongoDB: Deprecation: Prepare for the upcoming deprecation phase, triggered during the next release of anynines deployment (v38.0.0, expected by end of May), of the following data service versions:
    • a9s MongoDB v3.x
    • a9s MongoDB v4.0 Please ensure that you organize the migration of your existing instances to more up-to-date version of the same data service:
    • for a9s MongoDB v3.x: a9s MongoDB 5.0 is available as GA version
    • for a9s MongoDB v4.0: a9s MongoDB 5.0 is available as GA version

The deprecation phase is planned to last until v41.0.0 (in Q3/2023), in which the deprecated versions will become unsupported. The creation of new data service instances for these particular versions will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset. To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

· 2 min read

Added

  • all services: a9s Service Dashboard: Make the style of the a9s Service Dashboard customizable. For more information see a9s Service Dashboard Color Theme.
  • a9s Billing:
    • cf_billing
      • Add property cf_billing.efforts.oauth to enable OAuth2 authentification for efforts endpoints
      • Add property cf_billing.time_zone to be able to use different time zones than UTC
  • a9s Search: Introduce discovered_master and discovered_cluster_manager metrics in the a9s Logstash OpenSearch plugin.
  • docs: Application Developer: Update a9s Search documentation with the discovered_master and discovered_cluster_manager metrics. For more information see a9s Search Metrics.
  • INTERNAL RELEASE all services: a9s Service Broker: Add a search endpoint to find a service instance by its deployment name.

Changed

  • all services: Update routing BOSH release to latest version 0.262.0.
  • all services: Update bpm BOSH release to latest version 1.2.0.
  • a9s MongoDB:
    • a9s MongoDB 50
      • MongoDB 5.0.16
  • docs: Platform Operator: a9s PostgreSQL: Add a table describing the accepted backup-manager-service-instance-id, now referred to as backup-file-id, values to retrieve the backup encryption secret when executed a manual logical backup recovery. For more information see a9s PostgreSQL Manual Logical Backup Recovery.
  • docs: Platform Operator: a9s Service Dashboard: Add customize service dashboard page. For more information see a9s Service Dashboard Color Theme.
  • INTERNAL RELEASE all services: a9s Backup Agent: Make request timeout and maximum wait time to finish an operation for the backup and restore plugins of a9s Search, a9s Elasticsearch, a9s LogMe, and a9s LogMe 2 configurable.

· One min read

Fixed

  • all services: a9s SPI: Fix an issue that was introduced in the context of "Revision of certificate handling and standardization between the different a9s Data Services". As soon as the SPI and the templates of an a9s Data Service are updated, no new backups or restores can be triggered, and the bindings of the corresponding TLS/SSL service instances cannot be changed until the service instance is updated too. This is caused by an internal migration of the data structure which is only performed during an update of a service instance. Non-TLS/SSL service instances and newly created service instances are not affected.

· One min read

Fixed

  • a9s Backup Manager: Add missing configuration anynines-backup-manager.jobs.backup_fragment.max_attempts. This configuration is only relevant if you have at least one a9s PostgreSQL service instance in your environment with Continuous Archiving enabled. In this case, without the mentioned configuration, backups for these service instances cannot be handled and it leads to failing background workers of the a9s Backup Manager and so to a decreasing functionality of the a9s Backup Service.

· 7 min read

Changed

  • all services: Add functionality to migrate from self-signed certificates for TLS/SSL plans to an external CA that is used to generate certificates for all service instances using a TLS/SSL plan. For more information please see the "Upgrading to v36" Wiki page. Note This doesn't apply to a9s LogMe, a9s Harbor, a9s Kubernetes and a9s Prometheus.
  • all services: Update Logstash Ruby version to Ruby 3.1.3.
  • all services: Update routing BOSH release to latest version 0.260.0.
  • a9s Backup Agent: Update Backup Agent Ruby version to Ruby 3.1.3.
  • a9s Backup Monit: Update Ruby version of a9s Backup Monit to Ruby 3.1.3.
  • a9s BOSH Deployer: Update Ruby version of a9s BOSH Deployer to Ruby 3.1.3.
  • a9s Deployment Updater: Update Ruby version of a9s Deployment Updater to Ruby 3.1.3.
  • a9s LogMe 2:
    • OpenSearch 2.6.0
    • OpenSearchDashboards 2.6.0
  • a9s Search: OpenSearch 2.6.0
  • a9s-pg:
    • a9s PostgreSQL 11
      • PostgreSQL 11.19
  • a9s PostgreSQL:
    • a9s PostgreSQL 13
      • PostgreSQL 13.10
    • a9s PostgreSQL 11
      • PostgreSQL 11.19
  • a9s Prometheus: promgraf2 BOSH release now includes:
    • Grafana 8.5.22
    • graphite_exporter 0.13.3
    • haproxy_exporter 0.15.0
    • statsd_exporter 0.23.1
    • influxdb_exporter 0.11.3
    • memcached_exporter 0.11.2
    • postgres_exporter v0.12.0
    • prometheus v2.43.0
  • a9s Prometheus: prometheus2 BOSH release now includes:
    • graphite_exporter 0.13.3
    • haproxy_exporter 0.15.0
    • influxdb_exporter 0.11.3
    • memcached_exporter 0.11.2
    • statsd_exporter 0.23.1
    • postgres_exporter v0.12.0
    • prometheus v2.43.0
  • a9s Redis:
    • a9s Redis 6
      • Redis 6.2.11
  • a9s Service Broker: Update Ruby version of a9s Service Broker to Ruby 3.1.3.
  • a9s SSO Proxy: Update Ruby version of a9s SSO Proxy to Ruby 3.1.3.
  • a9s Template Uploader: Update Ruby version of a9s Template Uploader to Ruby 3.1.3.
  • docs: Application Developer: Revision of the TLS/SSL Service Plans documentation. For more information see TLS/SSL Service Plans.
  • docs: Application Developer: Revise the documentation for TLS/SSL Service Plans. For more information see a9s TLS/SSL Service Plans.
  • docs: Application Developer: a9s Elasticsearch: Inform the users about existing credentials limitation. Different service keys are created on service instances have the same set of credentials. For more information see a9s ElasticSearch - Obtain Access Credentials
  • docs: Application Developer: a9s MariaDB: Update Migration documentation with the migration path for MariaDB 10.1 to MariaDB 10.6.
  • docs: Application Developer: a9s Messaging: Update the migration page with information regarding the migration path from the deprecated version 3.6 to the current GA version 3.10.
  • docs: Application Developer: a9s Redis: Inform the users about existing credentials limitation. Different service keys are created on service instances have the same set of credentials. For more information see a9s Redis - Obtain Access Credentials
  • docs: Application Developer: a9s LogMe: Inform the users about existing credentials limitation. Different service keys are created on service instances have the same set of credentials. For more information see a9s LogMe - Obtain Access Credentials
  • docs: Application Developer: a9s PostgreSQL 9.4: Removing documentation references to the unsupported PostgreSQL 9.4.
  • docs: Platform Operator: Adjust wording and elaborate various points related to the a9s Data Services release policy. For more information see a9s Data Service Sunrise/Sunset for Major Versions.
  • docs: Platform Operator: Mark a9s Messaging 3.6 as deprecated in the a9s Data Service Release lifecycle Table. For more information see a9s Platform Operator Sunrise Sunset.
  • docs: Platform Operator: Mark the following a9s Redis versions as deprecated in the a9s Data Service Release Lifecycle Table:
    • a9s Redis 3.2
    • a9s Redis 4.0 For more information see a9s Platform Operator - Sunrise Sunset.
  • docs: Platform Operator: Revision of the TLS/SSL Service Plans documentation. For more information see TLS/SSL Service Plans.
  • docs: Platform Operator: a9s PostgreSQL 9.4: Removing documentation references to the unsupported PostgreSQL 9.4.

Deprecated

  • a9s Messaging:
    • Deprecate a9s Messaging 3.6
  • a9s Redis:
    • Deprecate a9s Redis 3.2
    • Deprecate a9s Redis 4.0

Removed

  • a9s LogMe2: Remove unused BOSH release a9s-node-guard from manifest.
  • a9s Search: Remove unused BOSH release a9s-node-guard from manifest.

Fixed

  • all services: Fix a typo with the certificate property name in the use-wildcard-certificate.yml Ops-files.
  • all services: a9s SSO Proxy: Fix an issue that prevents the metrics to be fetched inside the a9s Dashboard.
  • a9s MongoDB: Fix an issue in the MongoDB SPI with the parsing of the MongoDB response when it includes a timestamp.
  • a9s MySQL: Remove use-wildcard-certificate.yml Ops-file. This data service does not support wildcard certificates.
  • docs: Application Developer: Fix a typo with the certificate name. For more information see the a9s TLS/SSL Service Plans section.
  • docs: Application Developer: a9s Messaging: Update the usage documentation with the correct management dashboard links for NON-TLS/SSL and TLS/SSL service instance. For more information see Using a9s Messaging.
  • docs: Application Developer: a9s Messaging: Add additional notes about the backup behavior regarding queues and their data. For more information see Backup and Restore Service Instances.
  • docs: Platform Operator: Fix a typo with the certificate name. For more information see the a9s Deployer Properties, and RabbitMQ TLS/SSL Configuration, and TLS/SSL Service Plans sections.
  • docs: Platform Operator: Adapt the section "Configure TLS" in "Securing the a9s Framework with TLS" to be more precise on what must be exported from CredHub when configuring TLS and setting the certificate information from the Gorouter in CredHub under /cf_router_ssl. It is not necessary to expose the GoRouter private key, only the certificate and the CA are required. For more information see Export the CredHub Variable.
  • docs: Platform Operator: Fix the redirect from the defunct "a9s Data Services Release Lifecycle" page to the a9s Platform Operator - Sunrise Sunset.
  • docs: Platform Operator: Fix the instructions of the Scenario: A Data Service Breaks section of the a9s Data Service Framework Recovery Documentation. For more information see a9s Data Service Framework Recovery.
  • docs: Platform Operator: Fix typos and amend the TLS/SSL documentation:
    • Remove warnings regading the usage of TLS in production.
    • Add missing service to the list of supported data services. For more information see Securing the a9s Framework with TLS.
  • docs: Platform Operator: a9s MySQL: Add an explicit disclaimer to inform that the a9s MySQL Data Service does not support wildcard certificates. For more information see TLS/SSL Service Plans.
  • docs: Platform Operator: a9s Redis: Fix a typo in the BOSH use_dns_addresses parameter. For more information see Disable use_dns_addresses.

Upcoming End of Support

In the next anynines-deployment release, v37.0.0, we plan to end support for the following services:

  • a9s Kubernetes: The creation of new service instanes for the already deprecated offering will then be disabled by default in the a9s Data Service Bundle, and we will not provide regular support for this offering. Although we will not intentionally break running instances, it cannot be guaranteed that they still work as expected after an update to v37.0.0. For more information see a9s Platform Operator Sunrise Sunset.
  • a9s Harbor: The creation of new service instanes for the already deprecated offering will then be disabled by default in the a9s Data Service Bundle, and we will not provide regular support for this offering. Although we will not intentionally break running instances, it cannot be guaranteed that they still work as expected after an update to v37.0.0. For more information see a9s Platform Operator Sunrise Sunset.

· One min read

Fixed

  • a9s Messaging: SPI: Fix typo in the alternative name of the SPI certificate. The problem causes issues with the communication between the a9s Service Broker and a9s Messaging SPI.
  • all services: consul-dns: Fix failure when bootstrapping. The post-start script would fail when attempting to remove the stale entries.

· 6 min read

Added

  • breaking change all services: a9s BOSH Deployer: Enable TLS (HTTPS) encrypted API by default. Check the a9s Deployer Properties for more information. With this change, the default port has changed from 3000 (plain text) to 3001 (TLS). See the a9s Platform Required Ports for more information.
  • breaking change all services: a9s SPI: Enable TLS (HTTPS) encrypted API by default. Check the General Configuration for more information. With this change, the default port has changed from 3000 (plain text) to 3001 (TLS). See the a9s Platform Required Ports for more information.
  • all services: Create bin/prepare.sh script to prepare the environment for the installation of a9s Data Services.
  • a9s Backup Manager: Add parallel_backups_limit for each a9s Service Broker and parallel_manual_backup_tasks to allow a seperate limit for manual backups. For more information see a9s Backup Manager BOSH Properties.
  • a9s LogMe: Create new variable called extensive_teststo enable/disable full set of backup tests on smoke-tests. Basic backup tests enabled by default.
  • a9s LogMe2: Create new variable called extensive_teststo enable/disable full set of backup tests on smoke-tests. Basic backup tests enabled by default.
  • a9s LogMe2: Release a9s LogMe 2 as GA, see a9s Platform Operator - Sunrise Sunset.
  • a9s Messaging 3.10: Add a9s Messaging 3.10 to the service manifest.
  • docs: Application Developer: a9s LogMe2: Add a disclaimer specifying the known limitation of a9s LogMe2's TLS syslog drain functionality and OpenSearch Dashboards when using a user provided certificate. The Certificate Authority used to sign the certificate must be trusted by Cloud Foundry. For further information see Using a9s LogMe2.
  • docs: Application Developer: a9s LogMe2: Add migration path between a9s LogMe and a9s LogMe2 service instances. This is only available for service instances that can reach the log source, as the intent is to synchronize both instances as a log sink. For More information see Migrate From a9s LogMe To a9s LogMe2.
  • docs: Platform Operator: a9s LogMe2: Add a disclaimer specifying the known limitation of a9s LogMe2's TLS syslog drain functionality and OpenSearch Dashboards, which require either an intermediate certificate or a wildcard certificate to provided by the Platform Operator. The certificate must be trusted by Cloud Foundry. For further information see Using a9s LogMe2.
  • docs: Platform Operator: a9s Backup Manager: Extend the a9s Backup Manager's documentation with the new properties parallel_backups_limit, parallel_manual_backup_tasks and shared_parallel_backup_tasks. These properties enable the limitations for parallel backups tasks, both automatically and manually triggered. For more information see a9s Backup Manager BOSH Properties.
  • docs: Platform Operator: Add the Certificate Rotation section, with information on how to rotate the CA Certificates used by the internal communication of the a9s Framework Components.
  • docs: Platform Operator: Move General Configuration from Configure TLS to its own section.
  • docs: Platform Operator: Create new section on the installation documentation to explain the usage of the script to prepare the environment. For more information see the installation page.

Updated

  • breaking change all services: a9s SPI: Revision of certificate handling and standardization between the different a9s Data Services. For more information see TLS/SSL Service Plans
  • breaking change a9s Backup Manager: Rename the property parallel_backup_tasks to shared_parallel_backup_tasks For more information see a9s Backup Manager BOSH Properties.
  • breaking change all services: Update the ops/rename-service-deployment.yml to support the default TLS configuration for the a9s Deployer and a9s SPI.
  • all services: Make the deploy non serial by default. Now, all components of the a9s Data Service Framework are updated at the same time instead of one after the other.
  • all services: Update routing BOSH release to latest version 0.256.0.
  • a9s Elasticsearch: Update Ruby version of ElasticSearch-SPI to Ruby 3.1.3.
  • a9s LogMe: Update Ruby version of LogMe-SPI to Ruby 3.1.3.
  • a9s LogMe2:
    • OpenSearch 2.5.0
    • opensearch-dashboards 2.5.0
    • repository-azure 2.5.0
    • repository-s3 2.5.0
  • a9s LogMe2: Update Ruby version of LogMe2-SPI to Ruby 3.1.3.
  • a9s MariaDB: Update Ruby version of MariaDB-SPI to Ruby 3.1.3.
  • a9s Messaging:
    • a9s Messaging 3.10
      • RabbitMQ 3.10.17
  • a9s Messaging: Update Ruby version of RabbitMQ-SPI to Ruby 3.1.3.
  • a9s MongoDB: Update Ruby version of MongoDB-SPI to Ruby 3.1.3.
  • a9s MySQL:
    • a9s MySQL 10.4
      • MariaDB 10.4.28
  • a9s MySQL: Update Ruby version of MySQL-SPI to Ruby 3.1.3.
  • a9s PostgreSQL: Update Ruby version of PostgreSQL-SPI to Ruby 3.1.3.
  • a9s Prometheus: promgraf2 BOSH release now includes:
    • Prometheus 2.42.0
    • Grafana 8.5.20
    • influxdb_exporter 0.11.2
    • stackdriver_exporter 0.13.0
  • a9s Prometheus: prometheus2 BOSH release now includes:
    • Prometheus 2.42.0
    • influxdb_exporter 0.11.2
    • stackdriver_exporter 0.13.0
  • a9s Prometheus: Update Ruby version of Prometheus-SPI to Ruby 3.1.3.
  • a9s Redis: Update Ruby version of Redis-SPI to Ruby 3.1.3.
  • a9s Search:
    • a9s Search 2:
      • OpenSearch 2.5.0
      • repository-azure 2.5.0
      • repository-s3 2.5.0
  • a9s Search: Update Ruby version of OpenSearch-SPI to Ruby 3.1.3.
  • docs: Application Developer: Revision of the TLS/SSL Service Plans documentation.
  • docs: Platform Operator: Revision of the TLS/SSL Service Plans documentation.
  • docs: Platform Operator: Mark a9s Messaging 3.10 as GA in the a9s Data Service Release Lifecycle Table. For more information see a9s Platform Operator - Sunrise Sunset.
  • docs: Platform Operator: Mark a9s LogMe 2 as GA in the a9s Data Service Release Lifecycle Table. For more information see a9s Platform Operator - Sunrise Sunset.
  • docs: Platform Operator: Mark a9s MySQL 10.1 as deprecated in the a9s Data Service Release Lifecycle Table. For more information see a9s Platform Operator - Sunrise Sunset.

Deprecated

  • a9s MySQL 10.1: Deprecate a9s MySQL 10.1.

Removed

  • breaking change a9s Messaging 3.10: Remove the ops file for adding a9s Messaging 3.10 to the service manifest. a9s Messaging 3.10 is released as GA and does not have to be activated via Ops file anymore.

Fixed

  • a9s Backup Manager: Improve the backup fragment process, preventing leaving zombie jobs in state queued that would never be picked for execution. Note that a9s PostgreSQL WAL continuous archiving uses backup fragments for the WAL files.
  • a9s LogMe 2: Fix an issue that causes some indices to be left in the 'closed'-state after a restore operation.
  • docs: Platform Operator: Fix broken links, remove external documentation, and restore missing diagram within the installation page. For more information see a9s Data Services Installation.
  • docs: Platform Operator: a9s Backup Services: Fix typo in the General Metrics table of the Backup Monit documentation. For further information see Metrics.

Security

  • all services: a9s SPIs: Fix CVEs:
    • CVE-2022-29970
    • CVE-2022-45442
    • CVE-2021-41136
    • CVE-2022-23634
    • CVE-2022-24790
    • CVE-2022-44570
    • CVE-2022-44571
    • CVE-2022-44572
    • GHSA-5pq7-52mg-hr42

· 14 min read

Added

  • breaking change a9s MariaDB: Release a9s MariaDB 10.6 as GA. In order to use a9s MariaDB you have to set the following properties:
    • mariadb_service.services.a9s-mariadb106.name
    • mariadb_service.services.a9s-mariadb106.guid
    • mariadb_service.services.a9s-mariadb106.description
    • mariadb_service.services.a9s-mariadb106.label
    • mariadb_service.services.a9s-mariadb106.version
    • mariadb_service.services.a9s-mariadb106.bindable
    • mariadb_service.services.a9s-mariadb106.requires
    • mariadb_service.services.a9s-mariadb106.tags
    • mariadb_service.services.a9s-mariadb106.documentation_url
    • mariadb_service.services.a9s-mariadb106.metadata
    • mariadb_service.services.a9s-mariadb106.dashboard_client.id
    • mariadb_service.services.a9s-mariadb106.plans For more information see a9s Platform Operator - Sunrise Sunset.
  • breaking change a9s Search: Release a9s Search 2 as GA. In order to use a9s Search you have to set the following properties:
    • search_service.services.a9s-search2.name
    • search_service.services.a9s-search2.guid
    • search_service.services.a9s-search2.description
    • search_service.services.a9s-search2.label
    • search_service.services.a9s-search2.version
    • search_service.services.a9s-search2.bindable
    • search_service.services.a9s-search2.requires
    • search_service.services.a9s-search2.tags
    • search_service.services.a9s-search2.documentation_url
    • search_service.services.a9s-search2.metadata
    • search_service.services.a9s-search2.dashboard_client.id
    • search_service.services.a9s-search2.plans For more information see a9s Platform Operator - Sunrise Sunset.
  • a9s Backup Manager: Add /metrics endpoint to return basic information about the backup and queue states.
  • a9s Backup Monit: Consumes the new /metrics endpoint from the a9s Backup Manager, parses them for the Logstash a9s Backup Monit plugin, and offers them at the /v1/backup_manager endpoint.
  • a9s LogMe2: Release a9s LogMe2 as RC. For more information see a9s Platform Operator - Sunrise Sunset
  • all services: a9s Logstash: Consumes the /v1/backup_manager endpoint from the a9s Backup Monit and sends the metrics to the graphite exporter.
  • all services: a9s Service Dashboard: a9s PostgreSQL: Add the end date as the default date picker value during restore operation.
  • all services: consul-dns: Add script to remove the stale node entries for the primary aliases to post-start of the bootstrap node. The execution of this script happens only once and only in the bootstrap node of the a9s Consul Cluster. To avoid issues deleting entries for existing deployment, make sure that no deployment has all nodes stopped during the consul-dns update.
  • a9s Elasticsearch: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • a9s LogMe2: Enable OpenSearch Alerting and OpenSearch Notifications plugins for OpenSearch Dashboards.
  • a9s LogMe2: Enable metrics and logs streaming from OpenSearch nodes in an a9s LogMe2 service instance to a configured sink.
  • a9s LogMe2: Add encrypted TCP endpoint for Fluentd.
  • a9s LogMe2: Add support for SMTP notifications.
  • a9s LogMe2: Add syslog custom parameter to stream OpenSearch and Fluentd logs to third-party log-sink(s).
  • a9s LogMe2: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • a9s MariaDB: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • a9s MongoDB: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • a9s MySQL: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • a9s PostgreSQL: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA. For more information see PostgreSQL TLS/SSL Configuration.
  • a9s Search: Add custom parameter force_certificate_rotation for SSL service plans. This change enables the Application Developer to rotate the leaf certificate but not the CA.
  • INTERNAL RELEASE a9s Service Broker: Add finish_undeployment step to request the cleanup of deleted service instances.
  • docs: Application Developer: Add a disclaimer to the "a9s SSL/TLS Service Plans" page to explain that the a9s Data Services do not support plan upgrades from Non-SSL instances into SSL ones. For more information see a9s SSL/TLS Service Plans
  • docs: Application Developer: a9s Elasticsearch: Add a disclaimer specifying the known limitations of a9s Elasticsearch's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of Using a9s Elasticsearch.
  • docs: Application Developer: a9s LogMe: Add a disclaimer specifying the known limitations of a9s Elasticsearch's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of Using a9s LogMe.
  • docs: Application Developer: a9s LogMe2: Add information on how to set a syslog and graphite endpoint. For more information see Using a9s LogMe2 and a9s LogMe2.
  • docs: Application Developer: a9s LogMe2: New custom parameters:
    • opensearch-tls-protocols
    • opensearch-tls-ciphers
    • fluentd-udp
    • fluentd-tcp
    • fluentd-tls
    • fluentd-tls-ciphers
    • fluentd-tls-version
    • fluentd-tls-min-version
    • fluentd-tls-max-version
  • docs: Application Developer: a9s LogMe2: Add documentation for OpenSearch's Alerts creation/usage, as a step-by-step guide. For more information see the "Creating an Alert (Monitor)" section of Alerting and Notifications Plugins.
  • docs: Application Developer: a9s LogMe2: Add documentation for OpenSearch's Notification Channels creation/usage, as a step-by-step guide. For more information see the "Creating a Notification Channel" section of Alerting and Notifications Plugins.
  • docs: Application Developer: a9s LogMe2: Add a warning, explaining the current limitations when restoring an instance with ISM configured. For more information see Using a9s LogMe2.
  • docs: Application Developer: a9s LogMe2: Add a warning to the explaining that the indices of the alertingDashboards and notificationsDashboards plugins cannot be deleted or removed. For more information see Alerting and Notifications Plugins.
  • docs: Application Developer: a9s Search: Add a disclaimer specifying the known limitations of a9s Search's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of Using a9s Search.
  • docs: Application Developer: a9s Search: Add a warning to explain that the disk space for the same indexes may be different between Elasticsearch and OpenSearch, which is why data cannot be checked by index size after migration. For more information see a9s Search Migration
  • docs: Platform Operator: Add detailed information about the a9s Data Services release policy. For more information see a9s Data Service Sunrise/Sunset for Major Versions.
  • docs: Platform Operator: Move the Release Lifecycle Table information to the a9s Data Service Sunrise/Sunset for Major Versions page. For more information see a9s Data Service Sunrise/Sunset for Major Versions.
  • docs: Platform Operator: Add a disclaimer to the "a9s SSL/TLS Service Plans" and "Service Plans" pages to explain that the a9s Data Services do not support plan upgrades from Non-SSL instances into SSL ones. For more information see Service Plans and Securing the a9s Framework with TLS.
  • docs: Platform Operator: a9s Backup Manager: Add a new page to the current a9s Backup Manager's documentation, as part of making the section visible on the website's sidebar. For more information see a9s Backup Manager BOSH Properties
  • docs: Platform Operator: a9s Backup Monit: Extend the documentation with the new metrics provided by the a9s Backup Monit service. For more information see a9s Backup Manager Metrics.
  • docs: Platform Operator: a9s Backup Services: Add a disclaimer to the relevant "a9s Backup Services" documentation pages to explicitly state the supported AWS S3 Storage Classes. For more information see a9s Backup Process, a9s Backup Service, a9s Data Services Installation and Disaster Recovery.
  • docs: Platform Operator: a9s Elasticsearch: Add a disclaimer specifying the known limitations of a9s Elasticsearch's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of a9s Elasticsearch Resources Considerations.
  • docs: Platform Operator: a9s LogMe: Add a disclaimer specifying the known limitations of a9s Elasticsearch's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of a9s LogMe Resources Considerations.
  • docs: Platform Operator: a9s LogMe2: Add new custom parameters to section Default Custom Parameter Configuration on the page a9s LogMe2 SPI Configuration.
  • docs: Platform Operator: a9s LogMe2: Add a warning explaining that the indices of the alertingDashboards and notificationsDashboards plugins cannot be deleted or removed. For more information see a9s LogMe2 SPI Configuration.
  • docs: Platform Operator: a9s PostgreSQL: Add a disclaimer to the "a9s PostgreSQL Manual Point-in-Time Recovery" page to explicitly state the supported AWS S3 Storage Classes. For more information see a9s PostgreSQL Manual Point-in-Time Recovery.
  • docs: Platform Operator: a9s Search: Add a disclaimer specifying the known limitations of a9s Search's Backups, to match the updated information included in the a9s Data Services Installation guide. For more information see the Backup and Restore Service Instances section of a9s Search Resources Considerations.
  • docs: Platform Operator: Add a redirect from the defunct "a9s Data Services Release Lifecycle" page to the a9s Platform Operator - Sunrise Sunset.

Updated

  • all services: Update routing BOSH release to latest version 0.254.0.
  • all services: Update bpm BOSH release to latest version 1.1.21.
  • all services: a9s Dashboard: Update AntD and ReactScripts.
  • all services: a9s Dashboard: Update UX with minor improvements.
  • all services: Template Uploader Errand: Update templates for a9s LogMe2 to support individual certificates for the dedicated components in an a9s LogMe2 service instance.
  • a9s Backup Manager: Add field backup_type to the backups configuration of the V1 API. For more information see a9s Service Dashboard - API V1.
  • a9s Harbor: PostgreSQL 10.23
  • a9s LogMe2: OpenSearch 2.4.1
  • a9s Messaging:
    • a9s Messaging 3.10
      • RabbitMQ 3.10.14
      • Erlang 24.3.4.8
  • a9s PostgreSQL:
    • a9s PostgreSQL 13
      • PostgreSQL 13.9
    • a9s PostgreSQL 11
      • PostgreSQL 11.18
    • a9s PostgreSQL 10
      • PostgreSQL 10.23
  • a9s Prometheus: promgraf2 BOSH release now includes:
    • Prometheus 2.41.0
    • Grafana 8.5.15
    • graphite_exporter 0.13.1
    • blackbox_exporter 0.23.0
    • cadvisor 0.47.1
    • consul_exporter 0.9.0
    • haproxy_exporter 0.14.0
    • alertmanager 0.25.0
    • statsd_exporter 0.23.0
    • influxdb_exporter 0.11.1
  • a9s Prometheus: prometheus2 BOSH release now includes:
    • Prometheus 2.41.0
    • graphite_exporter 0.13.1
    • blackbox_exporter 0.23.0
    • cadvisor 0.47.1
    • consul_exporter 0.9.0
    • haproxy_exporter 0.14.0
    • influxdb_exporter 0.11.1
    • statsd_exporter 0.23.0
    • alertmanager 0.25.0
  • a9s Redis:
    • a9s Redis 6
      • Redis 6.2.10
  • a9s Search:
    • a9s Search 2:
      • OpenSearch 2.4.1
    • a9s Search 1:
      • OpenSearch 1.3.7
  • addons/mongodbsspl: MongoDB 5.0.14
  • INTERNAL RELEASE all services: a9s Backup Agent: Simplify logger configuration.
  • INTERNAL RELEASE all services: a9s Backup Agent: Improve a9s Backup Agent logs by logging more information during the backup/restore process, and adding additional debug and info messages.
  • INTERNAL RELEASE a9s Backup Manager: Improve a9s Backup Manager logs by separating the API logs from the worker logs, and adding additional debug and info messages.
  • docs: Application Developer: Make the a9s Dashboard API's deprecation notice more prominent. For more information see a9s Service Dashboard - API.
  • docs: Application Developer: Update the documentation regarding TLS/SSL Plans. For more information see SSL Plans.
  • docs: Platform Operator: Extend the "Known Limitations of a9s Backup Service" section in the a9s Data Services Installation guide. For more information see Known Limitations of a9s Backup Service.
  • docs: Platform Operator: Up-to-date Vendor DS Version on the a9s Data Services Release Lifecycle page
  • docs: Platform Operator: Update the documentation regarding TLS/SSL Plans. For more information see SSL Plans.
  • docs: Platform Operator: Simplify the a9s Data Service Release Lifecycle Table by changing the a9s Non-GA column into the Introduced column and removing the a9s GA column, since the DS State column provides concise information already. For more information see a9s Data Service Sunrise/Sunset for Major Versions.

Deprecated

  • a9s Harbor: Deprecate a9s Harbor. For more information see a9s Platform Operator - Sunrise Sunset

Removed

  • breaking change all services: Remove the Ops-file enable-production-ready-services-only.yml. This Ops-file was used to remove the Non-GA services from their corresponding a9s Data Service. Instead of this opt-out solution, an explicit opt-in solution for Non-GA services is now used. For more information see Enable Non-GA Services.
  • breaking change a9s Harbor: Remove deprecated Harbor from the service catalog.
  • breaking change a9s Kubernetes: Remove deprecated Kubernetes from the service catalog.
  • breaking change a9s LogMe2: Remove LogMe2 from the service catalog. For information on how to enable release candidate services, see Enable Release Candidates Services.
  • breaking change a9s MariaDB: Remove MariaDB 10.6 from the service catalog. For information on how to release candidate services, see Enable Release Candidates Services.
  • breaking change a9s Messaging: Remove Messaging 3.10 from the service catalog. For information on how to enable release candidate services, see Enable Release Candidates Services.
  • breaking change a9s PostgreSQL: Remove deprecated PostgreSQL 9.4 from the service catalog. This removal follows the deprecation process started in version 16.0.0.
  • breaking change a9s Prometheus: Remove Prometheus from the service catalog. For information on how to enable beta services, see Enable Beta Services.
  • breaking change a9s Search: Remove deprecated Search 1 from the service catalog. This removal follows the deprecation process started in version 33.0.0.
  • docs: Platform Operator: Remove a9s Data Services Release Lifecycle page.

Fixed

  • all services: SSO-Proxy: Redirect to the Cloud Foundry Authentication page when the CF Token is no longer valid or it is not possible to refresh the token.
  • a9s Elasticsearch: a9s Backup Agent: Make the a9s Backup Agent backup process fail when it reaches the PARTIAL or INCOMPATIBLE snapshot state.
  • a9s Harbor: Remove the node entries for the primary aliases from a9s Consul when the service instance is deleted.
  • a9s LogMe2: a9s Backup Agent: Fix an issue that causes restore operations to fail when OpenSearch Alerting and Notifications are configured.
  • a9s Messaging: Fix custom param roles during service binding creation.
  • a9s Messaging: Emit backing_queue_status metrics only if available.
  • a9s Messaging: Fix force_certificate_rotation for SSL service plans. This change ensures that only the leaf certificate is rotated and not the CA.
  • a9s PostgreSQL: Remove the node entries for the primary alias from a9s Consul when the service instance is deleted.
  • a9s PostgreSQL: Fix force_certificate_rotation for SSL service plans. This change ensures that only the leaf certificate is rotated and not the CA.
  • a9s PostgreSQL: Fix WAL archival backing up files with huge commit entries when enabling continuous_archiving. When the huge commit entry would fill the buffer, the archival process would get stuck, blocking any WAL file from being archived and preventing base backups to finish executing.
  • a9s Redis: Remove the node entries for the primary alias from a9s Consul when the service instance is deleted.
  • a9s Redis: Fix force_certificate_rotation for SSL service plans. This change ensures that only the leaf certificate is rotated and not the CA.
  • a9s Search: a9s Backup Agent: Make the a9s Backup Agent backup process fail when it reaches the PARTIAL or INCOMPATIBLE snapshot state.
  • a9s Service Guard: Fix the security_groups:remove Rake task so it does not remove security groups that are in use.
  • a9s Service Guard: Run only one SyncSharedInstancesJob at a time.
  • INTERNAL RELEASE a9s-pg: Fix WAL archival backing up files with huge commit entries when enabling continuous_archiving. When the huge commit entry would fill the buffer, the archival process would get stuck, blocking any WAL file from being archived and preventing base backups to finish executing.
  • INTERNAL RELEASE a9s Harbor: a9s PostgreSQL: Fix WAL archival backing up files with huge commit entries when enabling continuous_archiving. When the huge commit entry would fill the buffer, the archival process would get stuck, blocking any WAL file from being archived and preventing base backups to finish executing.
  • docs: Application Developer: Fix typos, formatting mistakes, and metadata issues across the entire documentation.
  • docs: Application Developer: Add note backing_queue_metrics are optional.
  • docs: Platform Operator: Fix typos, formatting mistakes, and metadata issues across the entire documentation.
  • docs: Platform Operator: a9s Backup Manager: Fix the a9s Backup Manager documentation to that it is visible on the website's sidebar. For more information see a9s Backup Manager

Security

  • all services: a9s Backup Agent: Fix CVEs:
    • CVE-2022-29181
    • GHSA-2qc6-mcvw-92cw
    • GHSA-cgx6-hpwq-fhv5
  • all services: a9s Dashboard: Fix CVEs:
    • CVE-2022-37601
    • CVE-2021-3918
    • CVE-2021-42740
    • CVE-2021-23436
  • a9s Backup Manager: Fix CVEs:
    • CVE-2022-29181
    • GHSA-2qc6-mcvw-92cw
    • GHSA-cgx6-hpwq-fhv5
  • a9s Backup Monit: Fix CVEs:
    • CVE-2022-29181
    • GHSA-2qc6-mcvw-92cw
    • GHSA-cgx6-hpwq-fhv5