Skip to main content

49 posts tagged with "a9s"

View All Tags

61.0.0

· 5 min read

Added

  • a9s MariaDB: a9s MariaDB SPI: Add a new custom parameter grant_performance_schema_permissions that grants the user the necessary permissions to access the performance_schema feature.
  • docs: Application Developer: a9s MariaDB: Extend the "Custom Parameter" page with information regarding the new parameter grant_performance_schema_permissions. For more information, see a9s MariaDB - Custom Parameters.
  • docs: Platform Operator: all services: Add missing ports between a9s Backup Manager and a9s Service Broker to the corresponding tables. For more information, see a9s Platform Required Ports.

Changed

  • all services: Adapt the prepare.sh script to not fail, when a9s-pg is not deployed.
  • all services: a9s Bee: Update internal go dependencies to the latest minor version.
  • all services: Update
    • bpm to v1.4.20.
    • nginx to v1.28.0.
    • routing to v0.338.0.
  • all services: a9s Service Broker:
    • Update Rails to v7.2.
    • Update to the newest database field encryption method. After deploying the newest version, the migrate-service-broker-encrypted-database-fields errand needs to be run for each Data Service.
    • The errand migrate-service-broker-encrypted-database-fields is now part of the broker instance group and therefore its dedicated instance group has been removed.
  • a9s-pg: a9s Logstash: Logstash 8: Update logstash8 to v8.18.1.
  • a9s Backup Manager:
    • Update ruby on rails to v7.2.
    • Update to the newest database field encryption method. After deploying the newest version, the migrate-backup-manager-encrypted-database-fields errand needs to be run.
    • The errand migrate-backup-manager-encrypted-database-fields is now part of the backup-manager instance group and therefore its dedicated instance group is removed.
  • a9s Billing:
    • Update Ruby to v3.4.1.
    • Add missing Consul job to the Add a9s Invoices Ops File to fix connection problems with a9s-pg.
    • Add missing bpm job to the grafana instance group of the Add Grafana Route Ops File to fix an issue with the route_registrar.
  • a9s CF Service Guard: Update Rails to v7.2.
  • a9s KeyValue: a9s Logstash: Logstash 8: Update logstash8 to v8.18.1.
  • a9s MariaDB: Update
    • a9s Logstash: logstash8 to v8.18.1.
    • MariaDB 10.6: MariaDB 10.6.22.
    • MariaDB 10.11: MariaDB 10.11.12
  • a9s Messaging: a9s Logstash: Update logstash8 to v8.18.1.
  • a9s MongoDB: Update
    • a9s Logstash:
      • logstash8 to v8.18.1.
    • a9s MongoDB 7:
      • mongodb to v7.0.20.
      • mongosh to v2.5.1.
  • a9s PostgreSQL: a9s Logstash: Update logstash8 to v8.18.1.
  • a9s Prometheus: Update
    • prometheus2:
      • grafana to v10.4.18.
      • bosh_exporter to v3.7.0
    • prometheus-legacy:
      • bosh_exporter to v3.7.0
    • promgraf2:
      • bosh_exporter to v3.7.0
  • a9s Redis: Update
    • a9s Redis 6:
      • redis to v6.2.18
    • a9s Redis 7:
      • redis to v7.2.8
  • a9s Search: a9s Logstash: Update logstash8 to v8.18.1.
  • docs: all services: Fix multiple links, typos, metadata issues and leftover anchors from the recent documentation restructuring.
  • docs: all services: Update all the a9s Data Services logos across all affected index pages to the new style.
  • docs: Application Developer: a9s Prometheus: Fix cross-reference links between the "a9s Prometheus - Service Instance Access" page and the "Grafana Dashboard" page. For more information, see a9s Prometheus - Grapahana Dashboard.
  • docs: Application Developer: a9s Search: Rename misleading id in the "a9s Search - Service Instance Access" page's metadata. For more information, see a9s Search - Service Instance Access.
  • docs: Platform Operator: Update the EOL in Vendor column. For more information, see a9s Platform Operator - Sunrise Sunset.
  • docs: Platform Operator: all services: Fix erroneous a9s Billing Command in "Getting Started" section. For more information, see a9s Data Services Installation - 12. Deploy a9s Billing (optional).
  • docs: Platform Operator: a9s PostgreSQL: Add instructions on how to handle unarchived WAL files after a cluster, with Continuous Archiving enabled, crashes. For more information, see a9s PostgreSQL - Cluster Recovery.
  • BOSH stemcell: all services: Update Jammy stemcell to version 1.824 for internal tests of all supported services.

Removed

  • a9s Prometheus: Remove PostgresDatabaseSize alert as it, due to its misconfiguration, was triggered based on a global threshold for all Service Plans, which can cause premature alerts on Service Instances with large disks.

Security

  • all services: a9s Backup Agent: Fix CVEs:
    • CVE-2025-46727
    • CVE-2025-32414
    • CVE-2025-32415
  • all services: a9s BOSH Deployer: Fix CVEs:
    • CVE-2025-32414
    • CVE-2025-32415
  • all services: a9s Service Broker: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27788
    • CVE-2025-46727
    • CVE-2025-32414
    • CVE-2025-32415
    • CVE-2025-24855
    • CVE-2024-55549
  • all services: a9s Smoke Tests: Fix CVEs:
    • CVE-2025-22869
    • CVE-2025-46727
  • all services: a9s Deployment Updater: Fix CVE: CVE-2025-46727
  • all services: a9s SSO Proxy: Fix CVE: CVE-2025-46727
  • all services: a9s Bee: Fix CVE: CVE-2025-22869
  • all services: a9s CF Service Guard: Fix CVEs:
    • CVE-2025-46727
    • CVE-2025-32414
    • CVE-2025-32415
  • a9s-pg: Fix CVE: CVE-2025-22869
  • a9s Backup Services:
    • a9s Backup Monit: Fix CVEs:
      • CVE-2025-46727
      • CVE-2025-32414
      • CVE-2025-32415
    • a9s Backup Manager: Fix CVEs:
      • CVE-2025-46727
      • CVE-2025-32414
      • CVE-2025-32415
  • a9s Billing: Fix CVEs:
    • CVE-2024-55549
    • CVE-2025-24855
  • a9s KeyValue: a9s KeyValue SPI: Fix CVE: CVE-2025-46727
  • a9s LogMe2: a9s LogMe2 SPI: Fix CVE: CVE-2025-46727
  • a9s MariaDB:
    • a9s MariaDB 10.11: Fix CVE: CVE-2025-22869
    • a9s MariaDB 10.6: Fix CVE: CVE-2025-22869
    • a9s MariaDB SPI: Fix CVE: CVE-2025-46727
  • a9s Messaging: a9s Messaging SPI: Fix CVE: CVE-2025-46727
  • a9s MongoDB: a9s MongoDB SPI: Fix CVE: CVE-2025-46727
  • a9s PostgreSQL: a9s PostgreSQL SPI: Fix CVE: CVE-2025-46727
  • a9s Prometheus: a9s Prometheus SPI: Fix CVE: CVE-2025-46727
  • a9s Redis:
    • a9s Redis SPI: Fix CVE: CVE-2025-46727
    • a9s Redis 7: Fix CVE: CVE-2025-21605
  • a9s Search: a9s Search SPI: Fix CVE: CVE-2025-46727

60.0.0

· 5 min read

Added

  • all services: a9s Template Uploader Errand: Replace Logstash6 with Logstash8 in the a9s MariaDB templates.
  • docs: Application Developer: all services: Add list of a9s Data Services that require the legacy syslog custom parameter. For more information, see Set Up Monitoring - Add a Syslog Endpoint.
  • docs: Platform Operator: Add a page to detail concerns regarding scalability with a9s Consul, particularly with the amount of Consul client agents, as well as the recommended actions for such cases. For more information, see a9s Consul - Known Issues.
  • docs: Platform Operator: all services: Update the "Prepare Environment" section to reflect the latest changes of the prepare.sh script. For more information, see Prepare Environment.

Changed

  • breaking change all services: a9s Smoke Tests: Change Graphite metrics tests to no longer depend on an external Prometheus Service Instance.
  • breaking change a9s-pg: Modify the manifest of a9s-pg to use a9s PostgreSQL 15 by default. It requires the manual upgrade of a9s-pg from a9s PostgreSQL 11 to a9s PostgreSQL 15, if not already executed. Otherwise, the update to anynines-deployment v60.0.0 will be aborted automatically, as a forced and unattended update of a9s-pg could lead to misbehavior and data loss. The necessary steps to upgrade a9s-pg are described in our documentation.
  • all services: Update
    • bpm to v1.4.17.
    • nginx to v1.27.5.
    • routing to v0.334.0.
  • all services: a9s DS API Gateway: Update
    • krakend-custom-plugins to v2.9.4.
    • krakend to v2.9.4.
  • a9s-pg: a9s Logstash: Logstash 8: Update logstash8 to v8.17.4.
  • a9s KeyValue:
    • a9s Logstash: Logstash 8: Update logstash8 to v8.17.4.
    • a9s KeyValue 8: Update valkey to v8.1.0.
  • a9s MariaDB: a9s Logstash: Logstash 8: Update logstash8 to v8.17.4.
  • a9s Messaging:
    • a9s Logstash: Update logstash8 to v8.17.4.
    • a9s Messaging 3.12: Update erlang to v25.3.2.20.
    • a9s Messaging 3.13: Update erlang to v26.2.5.11.
    • a9s Messaging 4.0: Update
      • erlang to v26.2.5.11.
      • rabbitmq to v4.1.0.
  • a9s MongoDB: a9s Logstash:
    • Logstash 8:
      • Update logstash8 to v8.17.4.
    • a9s MongoDB 7:
      • Update mongodb to v7.0.18.
      • Update mongosh to v2.5.0.
  • a9s PostgreSQL:
    • a9s Logstash: Logstash 8:
      • Update logstash8 to v8.17.4.
    • a9s PostgreSQL 13:
      • Update cmake3 v3.31.7.
  • a9s Prometheus: a9s Prometheus SPI: Update dependencies.
  • a9s Search: a9s Logstash: Logstash 8: Update logstash8 to v8.17.4.
  • docs: Application Developer: a9s PostgreSQL: Add missing information regarding Forking via Disaster Recovery feature. For more information, see a9s PostgreSQL Forking & Migration.
  • docs: Platform Operator: Extend the certificate rotation admonition of the TLS Encryption documentation to urge the Platform Operator to rotate and clean up before the certificates expire. For more information, see TLS Encryption.
  • docs: Platform Operator: Update ports used by a9s Smoke Tests. For more information, see a9s Platform Required Ports.
  • docs: Platform Operator: a9s-pg: Update the documentation of a9s-pg to set a9s PostgreSQL 15 as the new default.
  • BOSH stemcell: all services: Update Jammy stemcell to version 1.822 for internal tests of all supported services.

Unsupported

  • a9s-pg: End of Support: Terminate support for the a9s Data Service Framework Component a9s-pg using a9s PostgreSQL 11, as PostgreSQL 11 has been marked as end-of-life by their vendor since November 2023.

    The a9s-pg Data Service Framework Component needs to be upgraded to use a9s PostgreSQL v15 before the update to anynines-deployment v60.0.0 can be done. The necessary steps to upgrade a9s-pg are described in our documentation.

    Important: Please note that an attempt to upgrade to anynines-deployment v60.0.0 will be aborted automatically if a9s-pg is still using a9s PostgreSQL v11, as a forced and unattended update of a9s-pg could lead to misbehavior and data loss.

  • a9s MongoDB: End of Support: Terminate support for the following deprecated a9s Data Service version:

    • a9s MongoDB 5: MongoDB 5 has been marked as end-of-life by their vendor since October 2024.

    The creation of new a9s Data Service Instances for this deprecated version is now disabled by default in the a9s Data Service Bundle, and we no longer provide regular support for this version. The corresponding documentation has been removed.

    Although we will not intentionally break running Service Instances of this unsupported version, it cannot be guaranteed that they still work as expected after an update to this release.

Removed

  • docs: all services: Remove outdated information about a9s MongoDB 5 within the scope of unsupporting a9s MongoDB 5.

Fixed

  • a9s Backup Services: a9s Backup Manager: Fix the population of the msg field for BackupAgentTask, to ensure the error messages do not return as nil.

Upcoming

  • all services: Ubuntu Bionic stemcell: End of Support: Terminate support, starting from anynines deployment v63.0.0 (expected end of July 2025), for the following deprecated Stemcell version:

    • Ubuntu Bionic Stemcell: Ubuntu Bionic has been marked as end-of-life by their vendor since April 2023.

    The creation of new a9s Data Service Instances for this deprecated version will be disabled by default in the a9s Data Service Bundle, and we will not provide regular support for this stemcell anymore. The corresponding documentation will also be removed. We strongly recommend migrating to a newer Stemcell (Jammy).

    Although we will not intentionally break running Service Instances using this stemcell, it cannot be guaranteed that they still work as expected after an update to v63.0.0.

59.0.0

· 12 min read

Added

  • breaking change a9s PostgreSQL: We consider PostgreSQL 17 as stable now. You have to set the following properties:
    • postgresql_service.services.a9s-postgresql17.name
    • postgresql_service.services.a9s-postgresql17.guid
    • postgresql_service.services.a9s-postgresql17.description
    • postgresql_service.services.a9s-postgresql17.label
    • postgresql_service.services.a9s-postgresql17.version
    • postgresql_service.services.a9s-postgresql17.bindable
    • postgresql_service.services.a9s-postgresql17.requires
    • postgresql_service.services.a9s-postgresql17.tags
    • postgresql_service.services.a9s-postgresql17.documentation_url
    • postgresql_service.services.a9s-postgresql17.metadata
    • postgresql_service.services.a9s-postgresql17.dashboard_client.id
    • postgresql_service.services.a9s-postgresql17.plans-to-test
    • postgresql_service.services.a9s-postgresql17.planupdates-to-test
  • all services: a9s Bee: Add NGINX as reverse proxy in front of a9s Bee to handle handle TLS termination in the future.
  • all services: a9s BOSH Deployer: Add NGINX as reverse proxy in front of a9s BOSH Deployer to handle TLS termination.
  • all services: a9s Service Broker: Add NGINX as reverse proxy in front of a9s Service Broker to handle TLS termination.
  • all services: a9s SPIs: Add NGINX as reverse proxy in front of a9s SPIs to handle TLS termination.
  • a9s Backup Services: a9s Backup Manager: Extend the response of the Public API v1 endpoint list_backups to return the backup_id, which can be used to specify a backup to restore from, via the Disaster Recovery API or CF Plugin.
  • a9s Backup Services: a9s Backup Manager: Update dependencies.
  • a9s CF Service Guard: Add NGINX as reverse proxy in front of a9s CF Service Guard to handle TLS termination.
  • a9s MariaDB: a9s MariaDB SPI: Introduce reconcile logic to update the value of the default_database attribute in the a9s Service Broker database after restoring an external backup. This enables the Disaster Recovery feature.
  • a9s Prometheus: Introduce a static landing page for the dashboard URL, providing quick access to the following web UIs: Alert Manager, Grafana, and Prometheus.
  • docs: Application Developer: Add a page detailing how Data Service Forking via the Disaster Recovery funcionality works, as there are small but critical differences between them. For more information, see Forking a Service Instancce.
  • docs: Application Developer: all services: Add a "Getting Started" section to host the common functionality from across the a9s Data Services documents. For more information, see Getting Started.
  • docs: Platform Operator: all services: Add a "Getting Started" section to host the overall installation of the a9s Data Services and its framework. For more information, see Getting Started.
  • docs: Platform Operator: a9s PostgreSQL: Add a9s PostgreSQL 17 as a9s General Availability. For more information, see a9s Platform Operator Sunrise Sunset.
  • docs: Platform Operator: a9s PostgreSQL: Add information about the wal_receivers parameter. For more information, see Cluster Status - Status Script.

Changed

  • all services: Extract the renaming of the a9s Service Broker endpoint for the a9s Service DashboardRefactor from the ops/rename-service-deployment.yml Ops file into the dedicated ops/dashboard-rename-broker-endpoint.yml.
  • all services:
    • a9s DS API Gateway:
      • Update KrakenD to v2.9.3.
      • Update krakend-custom-plugins to v2.9.3.
    • Update bpm to v1.4.16.
    • Update routing to v0.331.0.
  • all services: a9s Backup Agent: Update Ruby to v3.4.1.
  • all services: a9s Backup Agent: Extend the support for special characters when setting the backup encryption key via the a9s Dashboard or the a9s Public API v1.
  • all services: a9s Bee: Change the bind_address property to listen only on localhost, following the introduction of NGINX as reverse proxy in front of it.
  • all services: a9s BOSH Deployer: Update Ruby to v3.4.1.
  • all services: a9s BOSH Deployer: Change the bind_address property to listen only on localhost, following the introduction of NGINX as reverse proxy in front of it.
  • all services: a9s CF Service Guard: Update Ruby to v3.4.1.
  • all services: a9s Deployment Updater Errand: Update Ruby to v3.4.1.
  • all services: a9s Logstash: Logstash 6: Update Ruby to v3.4.1.
  • all services: a9s Service Broker: Update Ruby to v3.4.1.
  • all services: a9s Service Broker: Change the bind_address property to listen only on localhost, following the introduction of NGINX as reverse proxy in front of it.
  • all services: a9s SSO Proxy: Update Ruby to v3.4.1.
  • all services: a9s Smoke Tests: Update Ruby to v3.4.1.
  • all services: a9s SPIs: Change the bind_address property to listen only on localhost, following the introduction of NGINX as reverse proxy in front of them.
  • all services: a9s SPIs: Update dependencies.
  • all services: a9s Template Uploader Errand: Replace Logstash6 with Logstash8 in the a9s MongoDB templates.
  • all services: a9s Template Uploader Errand: Update Ruby to v3.4.1.
  • a9s-pg: a9s Logstash:
    • Logstash 8:
      • Update logstash8 to v8.17.3.
      • Update Ruby to v3.4.1.
  • a9s Backup Services: a9s Backup Manager: Update Ruby to v3.4.1.
  • a9s Backup Services: a9s Backup Monit: Update Ruby to v3.4.1.
  • a9s Backup Services: a9s Backup Monit: Change the bind_address property to listen only on localhost, following the introduction of NGINX as reverse proxy in front of it, and adapt the related Logstash configuration accordingly.
  • a9s Backup Services: a9s Backup Monit: Update a9s Backup Manager related configuration to use the TLS encrypted port for communication.
  • a9s CF Service Guard: Change the bind_address property to listen only on localhost, following the introduction of NGINX as reverse proxy in front of it.
  • a9s KeyValue: a9s Logstash:
    • Logstash 8:
      • Update logstash8 to v8.17.3.
      • Update Ruby to v3.4.1.
  • a9s LogMe2:
    • Fluentd:
      • Update Ruby to v3.4.1.
  • a9s MariaDB:
    • MariaDB 10.6: Update Ruby to v3.4.1.
    • MariaDB 10.11: Update Ruby to v3.4.1.
  • a9s Messaging:
    • a9s Logstash:
      • Logstash 8:
        • Update logstash8 to v8.17.3.
        • Update Ruby to v3.4.1.
    • a9s Messaging 4: Update rabbitmq to v4.0.7.
  • a9s MongoDB: Replace Logstash6 with Logstash8.
  • a9s MongoDB:
    • a9s MongoDB 7: Update mongosh to v2.4.2.
  • a9s PostgreSQL:
    • a9s Logstash:
      • Logstash 8:
        • Update logstash8 to v8.17.3.
        • Update Ruby to v3.4.1.
    • a9s PostgreSQL SPI: Update rack to v3.1.12.
    • a9s PostgreSQL 17: Update PostgreSQL to v17.4.
    • a9s PostgreSQL 13: Update PostgreSQL to v3.13.0.
  • a9s Prometheus:
    • prometheus2: Update
      • alertmanager to v0.28.1.
      • blackbox_exporter to v0.26.0.
      • cadvisor to v0.52.1.
      • elasticsearch_exporter to v1.9.0.
      • mysqld_exporter to v0.17.2.
      • postgres_exporter to v0.17.1.
      • prometheus to v2.53.4.
    • prometheus-legacy: Update
      • alertmanager to v0.28.1.
      • blackbox_exporter to v0.26.0.
      • cadvisor to v0.52.1.
      • elasticsearch_exporter to v1.9.0.
      • mysqld_exporter to v0.17.2.
      • postgres_exporter to v0.17.1.
      • prometheus to v2.53.4.
    • promgraf2: Update
      • alertmanager to v0.28.1.
      • blackbox_exporter to v0.26.0.
      • cadvisor to v0.52.1.
      • elasticsearch_exporter to v1.9.0.
      • mysqld_exporter to v0.17.2.
      • postgres_exporter to v0.17.1.
      • prometheus to v2.53.4.
  • a9s Redis: a9s Redis SPI: Update Ruby to v3.4.1.
  • a9s Search: a9s Logstash:
    • Logstash 8: Update
      • logstash8 to v8.17.3.
      • opensearch2 to v2.24.0.
      • Ruby to v3.4.1.
  • docs: Application Developer: Add a9s MariaDB to the list of Data Services that support the Disaster Recovery feature. For more information, see Disaster Recovery.
  • docs: Application Developer: Add backup_id property description to the list_backup endpoint of the Public API V1 with examples of the response. For more information, see API V1 Endpoints - List All Backups.
  • docs: Application Developer: all services: Restructure overall layout and provide more granularity to each a9s Data Services section. For more information, see Application Developer.
  • docs: Application Developer: a9s KeyValue: Reorganize the Custom Parameters page into topics rather than using the parameters themselves as sections. For more information, see Custom Parameters.
  • docs: Application Developer: a9s PostgreSQL: Improve the information regarding a9s PostgreSQL migration caveats.
  • docs: Application Developer: a9s Prometheus: Add information about the newly added index page that enables easier access to the Service Instance's dashboards. For more information, see Service Instance Access.
  • docs: Platform Operator: Add a9s MariaDB to the list of Data Services that support the Disaster Recovery feature. For more information, see Disaster Recovery.
  • docs: Platform Operator: Extend the TLS Encryption with a list of the certificates in use, and a detailed overview of the different use cases for certificate rotation. For more information, see TLS Encryption.
  • docs: Platform Operator: all services: Extend the "Block Automatic Updates" documentation by cross-referencing the individual pages in the a9s Service Broker and a9s Service Dashboard sections. For more information, see a9s Service Broker - Block Automatic Updates and a9s Service Dashboard - Allow Automatic Updates.
  • docs: Platform Operator: all services: Restructure overall layout and provide more granularity to all major components and the general configuration of the a9s Data Services. For more information, see Platform Operator.
  • docs: Platform Operator: a9s Backup Monit: Add link to the Retention Policy section in the a9s Backup Manager Metrics. For more information, see Retention Policy.
  • docs: Platform Operator: a9s Backup Services: Improve the Retention Policy section by adding information about the backup deletion process, fixing typos, and restructuring the section. For more information, see Retention Policy.
  • docs: Platform Operator: a9s PostgreSQL: Add information about resource requirements in face of piled-up WAL files. For more information, see a9s PostgreSQL - Resource Considerations.
  • BOSH stemcell: all services: Update Jammy stemcell to version 1.785 for internal tests of all supported services.

Deprecated

  • a9s Messaging: Deprecation: Deprecate the following a9s Data Service versions:

    • a9s Messaging 3.12: RabbitMQ 3.12 is end-of-life by their vendor since June 2024
    • a9s Messaging 3.13: RabbitMQ 3.13 is end-of-life by their vendor since Sept 2024

    Please ensure that you organize the migration of your existing Service Instances to a more up-to-date version of the same a9s Data Service:

    • for a9s Messaging 3.12: a9s Messaging 4.0 is available as GA version.
    • for a9s Messaging 3.13: a9s Messaging 4.0 is available as GA version.

    This deprecation follows the announcement in v56.0.0. The deprecation phase is planned to last until v62.0.0 (expected end of June 2024), in which the unsupport phase of the deprecated versions will start. The creation of new a9s Data Service Instances for these particular versions will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. The corresponding documentation will also be removed. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator - Sunrise Sunset.

    To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

Unsupported

  • a9s MySQL: End of Support: Terminate support for the following deprecated a9s Data Service version:

    • a9s MySQL 10.4: MariaDB 10.4 is end-of-life by their vendor since June 2024

    The creation of new a9s Data Service Instances for this deprecated version is now disabled by default in the a9s Data Service Bundle and we no longer provide regular support for this version. The corresponding documentation has been removed.

    Although we will not intentionally break running Service Instances of this unsupported version, it cannot be guaranteed that they still work as expected after an update to this release.

Removed

  • docs: all services: Remove outdated information about a9s MySQL within the scope of unsupporting a9s MySQL.

Fixed

  • a9s-pg: a9s PostgreSQL 15: Fix race condition in the a9s PostgreSQL Info Webservice Switchover, where during the switchover operation, the checkpoint LSN location would change while a9s PostgreSQL Info Webservice is executing the election to promote a new node to primary. This could cause an extended downtime during the deployment update and could even lead, in some situations, to an unhealthy cluster after a failover.
  • a9s-pg: a9s PostgreSQL: Fix race condition between the a9s PostgreSQL Info Webservice Failover Monitor and repmgrd, where during a repmgrd failover that could make repmgrd lose track of the correct view cluster sometimes led to a broken cluster with a standby that is not able to follow the new primary.
  • a9s PostgreSQL: a9s PostgreSQL 17: Fix the issue where, during the failover, the checkpoint LSN location would change while repmgrd is executing the election to promote a new node to primary, this could cause an extended downtime during the deployment update, and could even lead, in some situations, to an unhealthy cluster after a failover. This is fixed by enabling repmgr's standby_disconnect_on_failover configuration property.
  • a9s PostgreSQL: a9s Logstash: Fix connection initialization logic causing the Logstash process in a9s PostgreSQL Service Instances to fail during upgrades from single Service Instances to cluster Service Instances. This issue prevented instances from being marked healthy from the director, and occurred during the time in which the replica nodes synchronize with the primary node in the cluster.
  • a9s PostgreSQL: Fix race condition between the a9s PostgreSQL Info Webservice Failover Monitor and repmgrd, where a repmgrd failover could cause repmgrd to lose track of the correct view of the cluster, potentially led to a broken cluster with a standby that is not able to follow the new primary.
  • a9s PostgreSQL: Fix race condition in the a9s PostgreSQL Info Webservice Switchover, where during the switchover operation, the checkpoint LSN location would change while a9s PostgreSQL Info Webservice is executing the election to promote a new node to primary. This could cause an extended downtime during the deployment update and could even lead, in some situations, to an unhealthy cluster after a failover.
  • docs: Application Developer: all services: Fix recurring typos across all the a9s Data Services' index pages.

Security

  • all services: a9s Backup Agent: Fix CVEs:
    • CVE-2024-56171
    • CVE-2025-24928
    • CVE-2025-27610
    • CVE-2025-27788
  • all services: a9s BOSH Deployer: Fix CVEs:
    • CVE-2024-56171
    • CVE-2025-24928
    • CVE-2025-27788
  • all services: a9s CF Service Guard: Fix CVEs:
    • CVE-2024-56171
    • CVE-2025-24928
    • CVE-2025-27610
  • all services: a9s Deployment Updater:
    • CVE-2025-27788
  • all services: a9s Service Broker: Fix CVEs:
    • CVE-2024-56171
    • CVE-2025-24928
  • all services: a9s Smoke-Tests: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27788
  • all services: a9s SSO Proxy: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27788
  • a9s Backup Services: a9s Backup Monit: Fix CVEs:
    • CVE-2024-56171
    • CVE-2025-24928
    • CVE-2025-27610
    • CVE-2025-27788
  • a9s Backup Services: a9s Backup Manager: Fix CVEs:
    • CVE-2025-27788
    • CVE-2025-27610
  • a9s Billing: Fix CVEs:
    • CVE-2024-56171
    • CVE-2025-24928
  • a9s KeyValue: a9s KeyValue SPI: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27788
  • a9s LogMe2: a9s LogMe2 SPI: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27788
  • a9s MariaDB: a9s MariaDB SPI: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27788
  • a9s Messaging: a9s Messaging SPI: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27788
  • a9s MongoDB: a9s MongoDB SPI: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27788
  • a9s PostgreSQL: a9s PostgreSQL SPI: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27111
    • CVE-2025-25184
  • a9s Prometheus: a9s Prometheus SPI: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27788
  • a9s Redis: a9s Redis SPI: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27788
  • a9s Search: a9s Search SPI: Fix CVEs:
    • CVE-2025-27610
    • CVE-2025-27788

58.0.0

· 5 min read

Added

  • all services: a9s Deployment Updater Errand: Add a new property to allow the configuration of the amount of retries when a Service Instance's update is blocked due to already running operations. For more information, see a9s Deployment Updater - Properties.
  • all services: a9s Service Broker: Ensure that a Service Instance has no running backup or restore actions when starting an update for said Service Instance. For more information, see a9s Service Broker - Update a Service Instance.
  • a9s MongoDB: a9s MongoDB SPI: Add new custom parameter set_stream_parameters that allows the user to configure the cluster parameters. The only supported cluster parameter is changeStreamOptions.preAndPostImages.expireAfterSeconds. For more information, see Using a9s MongoDB - MongoDB Custom Parameters.
  • docs: Platform Operator: a9s KeyValue: Add missing Valkey-Sentinel port to the list of required ports. For more information, see a9s Platform Required Ports.
  • docs: Platform Operator: a9s Redis®*: Add missing table for the required ports of a9s Redis®. For more information, see a9s Platform Required Ports - a9s-redis7-instance.
  • docs: Platform Operator: a9s Redis®: Add the Redis®-Sentinel port to the list of required ports. For more information, see a9s Platform Required Ports.
  • INTERNAL RELEASE a9s Backup Services: a9s Backup Manager: Add a new API endpoint that allows the a9s Service Broker to verify if any of its Service Instances is currently running a backup or restore action.

Changed

  • all services:
    • BPM to v1.4.15.
    • routing to v0.330.0.
  • all services: a9s Logstash: a9s Logstash 8: Update Logstash to v8.17.1.
  • all services: a9s Service Dashboard: Update NodeJS to v22.13.1.
  • all services: a9s SSO Proxy: Update
    • NGINX to v1.27.4.
    • PCRE2 to v10.45.
  • all services: a9s Deployment Updater Errand: Update Ruby to v3.4.1.
  • all services: a9s Service Broker: Update Ruby to v3.4.1.
  • a9s-pg: Improve cleanup after in-place major upgrade.
  • consul-dns: Dnsmasq: Update Ruby to v3.4.1.
  • a9s Backup Services: a9s Backup Manager: Extend list of the logs' allowed keys to facilitate analysis.
  • a9s Backup Services: a9s Backup Manager: Update Ruby to v3.4.1.
  • a9s Elasticsearch: a9s Elasticsearch SPI: Update Ruby to v3.4.1.
  • a9s KeyValue: a9s KeyValue SPI: Update Ruby to v3.4.1.
  • a9s LogMe: a9s LogMe SPI: Update Ruby to v3.4.1.
  • a9s LogMe2: a9s LogMe2 SPI: Update Ruby to v3.4.1.
  • a9s MariaDB:
    • a9s MariaDB 10.11: Update mariadb to v10.11.11.
    • a9s MariaDB 10.6: Update mariadb to v10.6.21.
    • a9s MariaDB SPI: Update Ruby to version 3.4.1.
  • a9s Messaging:
    • a9s Messaging 3.12: Update erlang to v25.3.2.18.
    • a9s Messaging 3.13: Update erlang to v26.2.5.9.
    • a9s Messaging 4.0: Update
      • erlang to v26.2.5.9.
      • rabbitmq to v4.0.6.
    • a9s Messaging SPI: Update Ruby to version 3.4.1.
  • a9s MongoDB:
    • a9s MongoDB 5: Update mongosh to v5.0.31.
    • a9s MongoDB 7: Update mongosh to v2.4.0.
    • a9s MongoDB SPI: Update Ruby to version 3.4.1.
  • a9s MySQL: a9s MySQL SPI: Update Ruby to version 3.4.1.
  • a9s PostgreSQL:
    • a9s PostgreSQL 13: Update
      • cmake to v3.31.5.
      • PostgreSQL to v13.20.
    • a9s PostgreSQL 15: Update PostgreSQL to v15.12.
    • a9s postgreSQL 17: Update PostgreSQL to v17.3.
    • a9s PostgreSQL SPI: Update Ruby to version 3.4.1.
  • a9s Prometheus:
    • a9s Prometheus SPI: Update Ruby to version 3.4.1.
    • prometheus-legacy: Update
      • mysqld_exporter to v0.17.1.
      • postgres_exporter to v0.17.0.
      • stackdriver_exporter to v0.18.0.
    • prometheus2: Update
      • grafana to v10.4.16.
      • mysqld_exporter to v0.17.1.
      • postgres_exporter to v0.17.0.
      • stackdriver_exporter to v0.18.0.
    • promgraf2: Update
      • mysqld_exporter to v0.17.1.
      • postgres_exporter to v0.17.0.
      • stackdriver_exporter to v0.18.0.
  • a9s Search: a9s Search SPI: Update Ruby to version 3.4.1.
  • docs: Platform Operator: a9s MongoDB: Extend the Custom Parameter documentation with information regarding the new parameter set_cluster_parameter. For more information, see Default Custom Parameter Configuration.
  • docs: Platform Operator: Update the Vendor DS Version. For more information, see a9s Platform Operator - Sunrise Sunset.
  • BOSH stemcell: all services: Update Jammy stemcell to version 1.737 for internal tests of all supported services.

Removed

  • docs: Platform Operator: all services: Remove obsolete memory limit threshold documentation.

Fixed

  • all services: a9s Backup Agent: Fix issue with a9s LogMe2 and a9s Search where the a9s Backup Agent could not connect to the underlying OpenSearch because the leaf certificate could not be verified when a certificate chain with intermediate certificates was used.
  • a9s-pg: Fix the handling of the version lock directory, where after the upgrade from a9s PostgreSQL 11 to a9s PostgreSQL 15 the previous version lock directory (/var/vcap/store/postgresql11-locks) would be kept. This directory is now properely removed.
  • a9s-pg: a9s PostgreSQL 15: Fix the issue where, during the failover, the checkpoint LSN location would change while the repmgrd is executing the election to promote a new node to primary, this could cause an extended downtime during the deployment update, and could even lead in some situations to an unhealthy cluster after a failover. This is fixed by enabling the repmgr standby_disconnect_on_failover configuration property.
  • a9s PostgreSQL: a9s PostgreSQL 15: Fix the issue where, during the failover, the checkpoint LSN location would change while the repmgrd is executing the election to promote a new node to primary, this could cause an extended downtime during the deployment update, and could even lead in some situations to an unhealthy cluster after a failover. This is fixed by enabling the repmgr standby_disconnect_on_failover configuration property.
  • docs: all services: Fix admonitions, internal guidelines non-conformities, and typos across all documentation pages.

Security

  • all services: a9s Service Dashboard: Fix CVEs:
    • CVE-2025-1094
    • CVE-2025-23083
    • CVE-2025-23084
    • CVE-2025-23085
  • a9s-pg: a9s PostgreSQL 15: Give SUPERUSER privileges to the role used by repmgrd to ensure that, during an failover, the cluster is not led to an unhealthy state. For more information, see the Fixed section of this CHANGELOG.
  • a9s PostgreSQL: a9s PostgreSQL 15: Give SUPERUSER privileges to the role used by repmgrd to ensure that, during an failover, the cluster is not led to an unhealthy state. For more information, see the Fixed section of this CHANGELOG.