Skip to main content

· 6 min read

Fixed

  • a9s Harbor: Fix stop procedure for the consul-master-registrator component when stopping the a9s Harbor service instance.
  • a9s Kubernetes: Fix stop procedure for the consul-master-registrator component when stopping the a9s Kubernetes service instance.
  • a9s MySQL: Fix stop procedure for the consul-master-registrator component when stopping the a9s MariaDB service instance.
  • a9s PostgreSQL: SPI: Allow certificates rotation when certificates are provided via custom parameters. The provided certificates won't be ignored anymore, instead they will be applied on the service instance.
  • a9s Redis: SPI: Allow certificates rotation when certificates are provided via custom parameters. The provided certificates won't be ignored anymore, instead they will be applied on the service instance.
  • a9s Search: SPI: Allow certificates rotation when certificates are provided via custom parameters. The provided certificates won't be ignored anymore, instead they will be applied on the service instance.
  • a9s MongoDB: SPI: Allow certificates rotation when certificates are provided via custom parameters. The provided certificates won't be ignored anymore, instead they will be applied on the service instance.
  • a9s Elasticsearch: SPI: Allow certificates rotation when certificates are provided via custom parameters. The provided certificates won't be ignored anymore, instead they will be applied on the service instance.
  • a9s Messaging: SPI: Allow certificates rotation when certificates are provided via custom parameters. The provided certificates won't be ignored anymore, instead they will be applied on the service instance.
  • all services: a9s BOSH Deployer: Make BOSH director cloud-config request fault tolerant.
  • all services: a9s Backup Agent: Fix issue with the PITR plugin that would not wait for PostgreSQL to fully stop before going ahead restoring the base backup, this caused PostgreSQL to corrupt the base backup and fail to find the required WAL files, causing the operation to get stuck.
  • all services: a9s Service Broker: Ensure the metadata will have all the parameters. Fixes an issue with the a9s Service Dashboard and a9s PostgreSQL service instances that lose the Continuous Archiving view after updating custom parameters.
  • docs: Platform Operator: Fix broken table in the a9s Platform Required Ports documentation. See a9s Platform Required Ports.
  • docs: Application Developer: Fix example for customer-provided Certificates for a Service Instance. See here.
  • docs: Application Developer: Extend documentation explaining how to fork an a9s Messaging service instance with the intention to restore.
  • docs: Platform Operator: Fix curl commands to use JSON formatting on the page anynines Data Services Administrative Tasks. Improve the wording regarding some required params for a restore call.
  • docs: Platform Operator: Fix curl commands to use JSON formatting on the page a9s-pg Backup.
  • INTERNAL RELEASE a9s MySQL: SPI: Improve the certificate generation inside the used library.

Added

  • a9s Backup Manager: Add support for independent certificates for each configured a9s Service Broker. Add ops files to configure the ca and skip_ssl_validation for each service. See ops/tls_configurations/backup-service/add_broker_to_backup_service
  • a9s Backup Manager: Make the a9s Backup Agent job max_attempts property configurable.
  • a9s Dashboard: Add configurable confirmation panel when disabling automatic updates. You can find more information about this in Configure Disable Automatic Update Modal.
  • docs: Application Developer: Extend the a9s SSL/TLS Service Plans documentation to explain how to do certificate rotation for customer-provided certificates. For more information see: Certificate Rotation.
  • docs: Platform Operator: Add information about the a9s Backup Agent job max_attempts property and how to configure it. For more information see a9s Backup Manager.
  • docs: Platform Operator: Extend the TLS configuration documentation to include a step-by-step guide on how to rotate wildcard certificates and their CA. For more information see Common SSL/TLS configuration
  • docs: Application Developer: Add missing contraints for a9s MySQL and a9s Search when using SSL plans. See here for further information.
  • docs: Platform Operator: Add missing documentation on how to use force_certificate_rotation for a9s Redis. See here for further information.
  • docs: Platform Operator: Add missing contraints for a9s Search when configuring TLS. See here for further information. For more information see Common SSL/TLS configuration.
  • INTERNAL RELEASE a9s-pg: Add TLS for the postgresql-backup-endpoint.
  • INTERNAL RELEASE a9s Backup Manager: Add TLS support for the a9s Backup Manager. Create an ops file to configure a9s Backup Manager to support TLS connections.
  • INTERNAL RELEASE a9s Backup Monit: Create an ops file to let the a9s Backup Monit communicate with the a9s Backup Manager via TLS.
  • INTERNAL RELEASE all services: a9s DS API Gateway: Create an ops file to let the a9s DS API Gateway communicate with the a9s Backup Manager via TLS.
  • INTERNAL RELEASE all services: a9s Backup Monit: Update Storage Handler gem to version 1.2.5.

Updated

  • a9s Backup Monit: Ruby 3.0.4. The Ruby bump addresses internal Ruby issues when using the resolv library, which would trigger an infinite loop when creating a random number during host resolution.
  • a9s Messaging: RabbitMQ 3.10.6 and RabbitMQ 3.8.35
  • stemcell: We've tested our release with Ubuntu Bionic stemcell 1.88.
  • a9s PostgreSQL: a9s PostgreSQL 13: Update the repmgr user to a role with less privileges, now it is a normal user that it is able to create replication connections. This change is made for a9s PostgreSQL 13 only as there are operational repmgr impediments for the older versions. We recommend migrating your data from the previous version to the latest version of a9s PostgreSQL 13.
  • a9s Search: OpenSearch 1.3.4
  • all services: a9s Backup Agent: Update the a9s PostgreSQL plugin for logical backups to drop the repmgr database before registering again to ensure the repmgr extension is recreated with the correct owner.
  • all services: SPIs: Ruby 3.0.4 and rack 2.2.4. The Ruby bump addresses internal Ruby issues when using the resolv library, which would trigger an infinite loop when creating a random number during host resolution.
  • all services: Update routing BOSH release to latest version 0.236.0.
  • all services: Update routing BOSH release to latest version 0.237.0.
  • docs: all services: Change the documentation tooling from Zola to Docusaurus. This changes the user interface of our customer facing documentation at https://docs.anynines.com and it will apply to all anynines-deployment versions starting from v31.0.0. For documentation older than v31.0.0 please visit https://legacy-docs.anynines.com
  • docs: all services: Update documentation's markdown files' metadata from Zola standards to Docusaurus standards. This change affects every markdown in our docs folder.
  • addons/mongodbsspl: MongoDB 5.0.10
  • a9s Backup Manager: Create an ops file to use the a9s Backup Manager with OpenStack.
  • a9s Backup Manager: Remove aliyun_oss_location property from ops file It is not used internally and so it can be removed.
  • a9s Backup Manager: Remove the opensearch-backup properties for the backup-on-alicloud ops file and the backup-on-generic-s3 ops file. These properties are not used internally by these backup stores and so they can be removed.

Removed

  • breaking change stemcell: We do not test anymore against Ubuntu Bionic stemcell 1.51 and 1.54.
  • a9s PostgreSQL: Remove PostgreSQL 13 from enable-production-ready-services-only.yml because it's production ready.

· 7 min read

Fixed

  • a9s Backup Manager: Add a meaningful error message for instances that are not provisioned and for which a restoration of a backup has been triggered.
  • a9s Harbor: Fix PostgreSQL cloning during pre-start that would never happen in environments relying only on BOSH DNS, as DNS resolution is not available during pre-start.
  • a9s MySQL: Restoring an empty backup didn't delete existing databases. Now all non system databases are going to be deleted before the restore to allow a restore to an empty database.
  • a9s PostgreSQL: Fix PostgreSQL cloning during pre-start that would never happen in environments relying only on BOSH DNS, as DNS resolution is not available during pre-start.
  • a9s Redis: Fix unnecessary downtime during update run.
  • all services: a9s Service Broker: Fix force_update custom parameter while using cf update-service.
  • all services: a9s Backup Agent: Add log file paths for the aliyun, azure and swift plugins.
  • a9s PostgreSQL: Fix the temp_file_limit custom parameter that was not applied to the deployment, and therefore did not take effect.
  • docs: Application Developer: Fix links on the a9s Redis Migration page.
  • INTERNAL RELEASE docs: Application Developer: a9s Elasticsearch: Fix typos in a9s Elasticsearch's documentation and the current header levels. For further details see a9s Elasticsearch.
  • INTERNAL RELEASE docs: Platform Operator: a9s Elasticsearch: Fix typos in a9s Elasticsearch's documentation and the current header levels. For further details see Creating Backups with Elasticsearch on Azure.

Added

  • breaking change a9s-pg: Add property iaas.a9s_pg.network to configure the network name for the a9s-pg deployment. You must add a corresponding entry to your IaaS configuration file. The previous value for this property was dynamic.
  • breaking change consul-dns: Add property iaas.consul.network to configure the network name for the consul-dns deployment. You must add a corresponding entry to your IaaS configuration file. The previous value for this property was static.
  • breaking change a9s Backup Manager: Add property iaas.backup_service.network to configure the network name for the backup-service deployment. You must add a corresponding entry to your IaaS configuration file. The previous value for this property was dynamic.
  • breaking change a9s Service Guard: Add property iaas.service_guard.network to configure the network name for the service-guard deployment. You must add a corresponding entry to your IaaS configuration file. The previous value for this property was dynamic.
  • breaking change a9s Router: Add property iaas.a9s_router.router.network to configure the network name for the a9s-router deployment. You must add a corresponding entry to your IaaS configuration file. The previous value for this property was static.
  • breaking change a9s Billing: Add property iaas.billing.network to configure the network name for the a9s-billing deployment. You must add a corresponding entry to your IaaS configuration file. The previous value for this property was dynamic.
  • breaking change a9s Backup Monit: Add iaas.backup_service.graphite_endpoints property to the IaaS config file to configure the graphite endpoints to stream the backup metrics to. The graphite endpoint was previously configured via the /global_graphite_endpoint property, which was stored in the corresponding CredHub of the BOSH director used.
  • breaking change a9s Backup Monit: Add iaas.backup_service.metrics_prefix property to the IaaS config file to configure the prefix for the graphite compliant metrics emitted by the a9s Backup Monit. The prefix was previously configured via the /<director_name>/backup-service/backup_monit_graphite_endpoint_metrics_prefix property, which was stored in the corresponding CredHub of the BOSH director used.
  • breaking change a9s Messaging: Release a9s Messaging 3.10 Beta Release, see the Upgrade Guide for a9s Messaging 3.10
  • breaking change a9s Harbor: Change vm_type for the instance group broker from nano to small.
  • breaking change a9s Kubernetes: Change vm_type for the instance group broker from nano to small.
  • breaking change a9s MongoDB: Change vm_type for the instance group broker from nano to small.
  • breaking change a9s PostgreSQL: Change vm_type for the instance group broker from nano to small.
  • a9s Search: The first a9s Search 1 Beta Release.
  • a9s Backup Manager: Rename the migrate-encrypted-database-fields errand to migrate-backup-manager-encrypted-database-fields to make its name more specific. Moreover, add the feature to rotate the encryption key for the a9s Service Broker password.
  • a9s Elasticsearch: Add all a9s trust certificates on the Java keytool.
  • a9s Elasticsearch: Add missing variables to manifest, so that all variables that are used inside the manifest are autogenerated, if possible.
  • a9s MongoDB: Add missing variables to manifest, so that all variables that are used inside the manifest are autogenerated, if possible.
  • a9s PostgreSQL: Add missing variables to manifest, so that all variables that are used inside the manifest are autogenerated, if possible.
  • a9s Messaging: Add missing variables to manifest, so that all variables that are used inside the manifest are autogenerated, if possible.
  • a9s Prometheus: Add a9s Search metrics.
  • a9s Redis: Add missing variables to manifest, so that all variables that are used inside the manifest are autogenerated, if possible.
  • docs: Platform Operator: Add information regarding the use of a backup storage with self-signed certificates into the a9s Search documentation, see a9s Search Resources Considerations.
  • docs: Platform Operator: Add information regarding the use of a backup storage with self-signed certificates into the a9s Elasticsearch documentation, see a9s Elasticsearch Resources Considerations
  • docs: Application Developer: Add information regarding the database use and a note specifying the postgres database for administration purposes only. For more details, see Obtain Service Instance Access Credentials.
  • docs: Platform Operator: Add information regarding the database use and reserves the postgres database for administration purposes only. For more details, see The postgres Database.
  • docs: Platform Operator: a9s PostgreSQL: Add temp_file_limit information to the SPI Custom Parameters configuration secton. For more see temp_file_limit.
  • docs: Platform Operator: Add page a9s Messaging SPI Configuration. See a9s Messaging SPI Configuration for more information.
  • docs: Application Developer: Add information about new TLS custom parameters tls-protocols and tls-ciphers. See tls-protocols and tls-ciphers sections for more information.
  • docs: Platform Operator: Add a9s MongoDB and a9s MySQL to the list of Services supporting TLS.
  • docs: Application Developer: Extend the a9s Service Dashboard documentation to include information on the backup duration, that currently includes the time the task is queued. For more information see Perform a Backup.

Updated

  • docs: Platform Operator: Adapt the information from release date to release version in the following columns from the Release Lifecycle documentation:
    • a9s Beta Release
    • a9s Release Candidate For more details, see a9s Data Services Release Lifecycle
  • all services: Update routing BOSH release to latest version 0.235.0.
  • all services: Update bpm BOSH release to latest version 1.1.18.
  • all services: SPIs: Update puma to 4.3.12. Fixes CVE-2022-23634 and CVE-2022-24790.
  • a9s-pg: PostgreSQL 11.16.
  • a9s PostgreSQL: PostgreSQL 10.21, PostgreSQL 11.16 and PostgreSQL 13.7.
  • a9s Harbor: PostgreSQL 10.21.
  • addons/mongodbsspl: MongoDB 5.0.9
  • a9s Messaging:
    • a9s Messaging 3.8
      • RabbitMQ 3.8.34
      • Erlang 23.3.4.15
    • a9s Messaging 3.10
      • RabbitMQ 3.10.5
      • Erlang 24.3.4.2
  • a9s MySQL: MariaDB 10.4.25
  • a9s Prometheus: promgraf2 BOSH release now includes:
    • graphite_exporter 0.12.1
    • influxdb_exporter 0.9.1
    • statsd_exporter 0.22.5
    • Grafana 8.5.6
    • blackbox_exporter 0.21.1
    • memcached_exporter 0.10.1
    • prometheus 2.36.2
  • a9s Prometheus: prometheus2 BOSH release now includes:
    • graphite_exporter 0.12.1
    • influxdb_exporter 0.9.1
    • statsd_exporter 0.22.5
    • blackbox_exporter 0.21.1
    • memcached_exporter 0.10.0
    • prometheus 2.36.2
  • INTERNAL RELEASE all services: a9s Dashboard: a9s SSO Proxy: Update token handling.
  • INTERNAL RELEASE all services: SPIs: Run puma in --daemon mode.

Removed

  • a9s Elasticsearch: Remove obsolete variables from manifest.
  • a9s Messaging: Remove obsolete variables from manifest.
  • a9s Redis: Remove obsolete variables from manifest.
  • all services: Removed all nano plan examples from the config files.
  • all services: Removed ops/README.md.