Skip to main content

33 posts tagged with "release"

View All Tags

· 9 min read

Added

  • breaking change all services: Add new IaaS configuration property iaas.cf.skip_ssl_validation. This property can be used to skip the validation of the Cloud Foundry (CF) certificate when communicating with CF. This is necessary when the CF certificate is signed by a CA which is not trusted by the a9s Data Services components. This new property replaces the iaas.cf_service_guard.skip_ssl_validation and iaas.sso-proxy.skip_ssl_validation properties. The value of the iaas.cf.skip_ssl_validation property should be set to the value of the removed properties. If for whatever reasons the removed properties had different values, an Ops file must be used to configure this accordingly.
  • all services: a9s Template Uploader Errand: Introduce a new template for a9s Prometheus containing Grafana 10.
  • a9s MariaDB: Make the expire_log_days parameter configurable through a custom parameter.
  • a9s MySQL: Add a custom parameters structure to the a9s MySQL SPI.
  • a9s MySQL: Make the expire_log_days parameter configurable through a custom parameter.
  • docs: Application Developer: a9s Prometheus: Add a Migration page to the a9s Prometheus documentation detailing the migration path from Grafana 8 to Grafana 10. For more information, see Migration.
  • docs: Platform Operator: Add a dedicated page explaining the IaaS configuration properties. For more information, see a9s IaaS Configuration Properties.
  • docs: Platform Operator: a9s Prometheus: Add a Migration Considerations page to the a9s Prometheus documentation detailing the migration path from Grafana 8 to Grafana 10 and its limitations. For more information, see a9s Prometheus Migration Considerations.

Changed

  • all services: a9s Template Uploader Errand: Add custom_params key to a9s MySQL templates and extend them to allow adding the custom parameter binlog_expire_days
  • all services: a9s Template Uploader Errand: Extend the a9s MariaDB templates to allow adding the custom parameter binlog_expire_days
  • all services: a9s Template Uploader Errand: Rename the existing prometheus2 release to prometheus-legacy in the previously existing a9s Prometheus' templates to allow the introduction of a new template for Grafana 10 under the prometheus2 release name.
  • all services: Update BOSH releases:
    • bpm BOSH release to version 1.2.16
    • routing BOSH release to version 0.291.0
  • consul-dns:
    • dnsmasq27 v2.90
  • a9s Messaging:
    • a9s Messaging 3.12:
      • Erlang OTP v25.3.2.8
  • a9s MongoDB:
    • a9s MongoDB 5.0:
      • OpenSSL v1.1.1w
  • a9s MongoDB: SPI: Update dependencies in the a9s MongoDB SPI.
  • a9s PostgreSQL:
    • a9s PostgreSQL 15:
      • PostgreSQL 15.6
    • a9s PostgreSQL 13:
      • PostgreSQL 13.14
  • a9s Prometheus: Add the prometheus-legacy release and update the prometheus2 release in the Prometheus' Enable Beta Services Ops file.
  • a9s Prometheus: Update the example a9s Prometheus config to include the addition of the plans using Grafana 10. For more information, see prometheus.yml.example.
  • docs: Application Developer: a9s MariaDB: Add a section explaining how to use custom parameters. For more information, see a9s MariaDB.
  • docs: Application Developer: a9s Messaging: Add a9s Messaging 3.7 migration path to "Migration" page. For more information, see Migration.
  • docs: Application Developer: a9s Prometheus: Add a section explaining Service Instance's plan upgrades to the "Using a9s Prometheus" page. For more information, see a9s Prometheus.
  • docs: Application Developer: a9s Prometheus: Update the "Migration Support" admonition to specify the limitation to plans including Grafana 5 only. For more information, see a9s Prometheus.
  • docs: Platform Operator: Add an admonition explaining the limitations of a9s Prometheus' Service Plan migrations to the "Service Plans" page. For more information, see Available Templates.
  • docs: Platform Operator: Add Grafana 10 to the Sunrise Sunset table. For more information, see a9s Platform Operator - Sunrise Sunset.
  • docs: Platform Operator: Add the new Prometheus template containing Grafana 10 to the list of available templates. For more information, see Available Templates.
  • docs: Platform Operator: a9s MariaDB: Add a section explaining custom parameters configuration. For more information, see a9s MariaDB.
  • BOSH stemcell: all services: Update Jammy stemcell to version 1.379 for internal tests of all supported services.

Removed

  • breaking change all services: Clean-up outdated Ops files:
    • a9s-pg/ops/psql-secgroup.yml
    • ops/a9s-set-var-for-routing-version.yml
    • ops/backup-service-extensions.yml
    • ops/broker-vm-extensions.yml
    • ops/consul-dns-runtime-net.yml
    • ops/delete-failed-backups.yml
    • ops/add-stemcell-centos.yml
  • breaking change all services: Remove the Iaas configuration properties iaas.sso-proxy.skip_ssl_validation and iaas.sso-cf_service_guard.skip_ssl_validation in favor of the generic property iaas.cf.skip_ssl_validation.
  • a9s LogMe2: Remove obsolete key service_guard_skip_ssl_validation from the a9s Template Uploader Errand variables. This key is not used in the a9s LogMe2 templates and can therefore be safely removed.
  • docs: Platform Operator: all services: Remove obsolete "Adding stemcells" section from the "Stemcell" documentation. For more information see Stemcells.

Fixed

  • all services: a9s Smoke Tests: Fix the debug output.
  • all services: a9s Template Uploader Errand: Fix an issue that caused the a9s Template Uploader Errand to fail if there are white-spaces in the value for the replace-values property.
  • a9s Billing: Add a missing property to the Ops file a9s-billing/ops/add_grafana_route.yml so that the Grafana route can also be properly registered when NATS doesn't support TLS yet.
  • a9s CF Service Guard: Add fallback logic to handle inconsistencies in CF and the a9s CF Service Guard.
  • a9s CF Service Guard: Ensure that permanently failing tasks don’t slow down the management of CF ASGs. The workers (security_groups_synchronizer) were dramatically slowed down because of permanently failing tasks. This led to the problem that CF ASGs for new Service Instances were not created in a proper timeframe or CF ASGs for updated Service Instance were not updated in a proper timeframe or CF ASGs for deleted Service Instances were not deleted in a proper timeframe.
  • a9s LogMe2: SPI: Fix credential deletion regarding users that have already been removed from OpenSearch.
  • a9s PostgreSQL: a9s PostgreSQL 15: Fix permissions of the pg_wal directory. This issue is causing the a9s Logstash PostgreSQL Metrics Plugin' to silently fail to collect ha.wal_dir_size and stat_archiver.wal_files_count metrics and report wrong values.
  • docs: Application Developer: Fix typos in the following files Using a9s PostgreSQL, Migration, Using a9s Prometheus.
  • docs: Platform Operator: Fix typos in the following files a9s Backup Process, Grafana Contact Points.
  • docs: Platform Operator: Update outdated Ops-Files in the Rotate Consul certificates documentation. For more information see Rotate Consul certificates.
  • docs: Platform Operator: a9s Deployment Updater Errand: Replace the outdated property name update_type for the current name,strategy.update.instance_type, in the following documentation pages: a9s Data Services Administrative Tasks, a9s Data Service Framework Recovery, Generated Certificates and Wildcard Certificates.

Security

  • consul-dns: Fix CVEs:
    • CVE-2023-50387
    • CVE-2023-50868
  • a9s PostgreSQL: Fix CVEs:
    • CVE-2024-0985

Upcoming

  • a9s Elasticsearch: End of Support: Terminate support, starting from anynines deployment v49.0.0 (expected end of May 2024), for the following deprecated a9s Data Service versions:

    • a9s Elasticsearch 5
    • a9s Elasticsearch 6
    • a9s Elasticsearch 7

    The creation of new a9s Data Service instances for these deprecated versions will be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. The corresponding documentation will also be removed.

    Although we will not intentionally break running instances of these unsupported versions, it cannot be guaranteed that they still work as expected after an update to v49.0.0.

  • a9s Messaging: Deprecation: Prepare for the upcoming deprecation phase, planned for the release v49.0.0 (expected end of May), of the following a9s Data Service versions:

    • a9s Messaging 3.7
    • a9s Messaging 3.8

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same a9s Data Service:

    • for a9s Messaging: a9s Messaging 3.10 and 3.12 are available as GA versions

    The deprecation phase is planned to last until v55.0.0 (expected end of November 2024), in which the deprecated versions will become unsupported. The creation of new a9s Data Service instances for these particular versions will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. The corresponding documentation will also be removed. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset.

    To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

  • a9s PostgreSQL: Deprecation: Prepare for the upcoming deprecation phase, planned for the release v49.0.0 (expected end of May), of the following a9s Data Service version:

    • a9s PostgreSQL 11

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same a9s Data Service:

    • for a9s PostgreSQL: a9s PostgreSQL 13 and 15 are available as GA versions

    The deprecation phase is planned to last until v55.0.0 (expected end of November 2024), in which the deprecated version will become unsupported. The creation of new a9s Data Service instances for this particular version will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed. Therefore, we strongly recommend that you start your migration to a supported GA version as soon as possible and complete it until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset.

    To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

  • a9s Redis: Deprecation: Prepare for the upcoming deprecation phase, planned for the release v49.0.0 (expected end of May), of the following a9s Data Service version:

    • a9s Redis 5

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same a9s Data Service:

    • for a9s Redis: a9s Redis 6 and 7 are available as GA versions

    The deprecation phase is planned to last until v55.0.0 (expected end of November 2024), in which the deprecated version will become unsupported. The creation of new a9s Data Service instances for this particular version will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset.

    To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

· 7 min read

Added

  • breaking change a9s Messaging: We consider a9s Messaging 3.12 as stable now. You have to set the following properties:
    • rabbitmq_service.services.a9s-messaging312.name
    • rabbitmq_service.services.a9s-messaging312.guid
    • rabbitmq_service.services.a9s-messaging312.description
    • rabbitmq_service.services.a9s-messaging312.label
    • rabbitmq_service.services.a9s-messaging312.version
    • rabbitmq_service.services.a9s-messaging312.bindable
    • rabbitmq_service.services.a9s-messaging312.requires
    • rabbitmq_service.services.a9s-messaging312.tags
    • rabbitmq_service.services.a9s-messaging312.documentation_url
    • rabbitmq_service.services.a9s-messaging312.metadata
    • rabbitmq_service.services.a9s-messaging312.dashboard_client.id
    • rabbitmq_service.services.a9s-messaging312.plans
    • rabbitmq_service.services.a9s-messaging312.plans-to-test-for-release-update
    • rabbitmq_service.services.a9s-messaging312.plans-to-test
    • rabbitmq_service.services.a9s-messaging312.planupdates-to-test
  • a9s CF Service Guard: Introduce an Ops file to add the a9s Prometheus Data Service to the a9s CF Service Guard. For more information see here.
  • a9s Messaging: Release a9s Messaging 3.12 as GA. For more information see a9s Platform Operator - Sunrise Sunset.
  • a9s Prometheus: Make the scrape_config parameter configurable via custom parameters. For more information see a9s Prometheus Custom Parameters and Default Custom Parameter Configuration.
  • docs: Application Developer: a9s Messaging: Add a9s Messaging 3.12 to the Migration documentation. For more information see a9s Messaging Migration.
  • docs: Platform Operator: Add the ports required by a9s Messaging 3.12 to the Required Ports table. For more information see a9s Platform Required Ports.
  • docs: Platform Operator: all services: Add a chapter that explains how to test the custom scrape config. For more information see Custom Scrape Config Test.

Changed

  • all services: a9s DS API Gateway: The a9s DS API Gateway VM will now switch to the state failing if the a9s Beehive is unresponsive for more than one minute.
  • all services: a9s Dashboard: Update route-registrar configuration to maintain backward-compatible non-TLS communication with CloudFoundry NATS.
  • all services: a9s Smoke Tests: Extend the smoke-tests to include tests for a9s Prometheus.
  • all services: a9s Smoke Tests: Update the Go version in the application used in the smoke-tests to v1.17.
  • all services: a9s Template Uploader Errand: Extend the a9s Prometheus templates to allow adding the scrape_config as a custom parameter.
  • all services: Update BOSH releases:
    • bpm BOSH release to version 1.2.13
    • routing BOSH release to version 0.287.0
  • a9s Backup Manager: Refactor worker to delete backups to run within its own process.
  • a9s Billing:
    • Golang v1.21
  • a9s DS API Gateway:
    • Golang v1.21
  • a9s LogMe2:
    • a9s Search:
      • OpenSearch v2.11.1
      • OpenSearch Dashboards v2.11.1
      • OpenSearch Plugin Repository Azure v2.11.1
      • OpenSearch Plugin Repository S3 v2.11.1
  • a9s MariaDB:
    • a9s MariaDB 10.4:
      • MariaDB 10.4.32
      • Golang 1.21
    • a9s MariaDB 10.6:
      • Golang 1.21
  • a9s Messaging:
    • a9s Messaging 3.12:
      • RabbitMQ v3.12.12
      • erlang v25.3.2.8
    • a9s Messaging 3.10:
      • erlang/otp v24.3.4.15
  • a9s MongoDB:
    • a9s MongoDB 5.0:
      • MongoDB v5.0.24 SSPL
  • a9s PostgreSQL:
    • a9s PostgreSQL 13:
      • sqlite v3.45.0
    • a9s PostgreSQL 15:
      • sqlite v3.45.0
  • a9s Prometheus:
    • prometheus2:
      • bosh_exporter v3.6.1
      • cadvisor v0.48.1
      • collectd_exporter v0.6.0
      • consul_exporter to v0.11.0
      • graphite_exporter v0.15.0
      • Golang v1.21
      • influxdb_exporter v0.11.5
      • memcached_exporter v0.14.1
      • postgres_exporter v0.15.0
      • prometheus v2.49.1
      • statsd_exporter v0.26.0
    • promgraf2:
      • bosh_exporter v3.6.1
      • cadvisor v0.48.1
      • collectd_exporter v0.6.0
      • consul_exporter v0.11.0
      • graphite_exporter v0.15.0
      • Golang v1.21
      • influxdb_exporter v0.11.5
      • memcached_exporter v0.14.1
      • postgres_exporter v0.15.0
      • prometheus v2.49.1
      • statsd_exporter v0.26.0
  • a9s Prometheus: Adjust the example configuration to exclude plan update tests as these are currently not supported by the a9s Prometheus Data Service.
  • a9s Redis:
    • a9s Redis 7:
      • Redis 7.2.4
  • a9s Search:
    • OpenSearch v2.11.1
    • OpenSearch Dashboards v2.11.1
    • OpenSearch Plugin Repository Azure v2.11.1
    • OpenSearch Plugin Repository S3 v2.11.1
  • a9s Template Uploader Errand: Update the route-registrar configuration in the deployer templates of a9s Prometheus and a9s LogMe.
  • docs: Application Developer: a9s LogMe2: Remove duplicated information on the page Using a9s LogMe2 and add a missing step in the chapter See Your Service Logs. For more information see Using a9s LogMe2.
  • docs: Application Developer: a9s PostgreSQL: Fix typos on the index page of a9s PostgreSQL. For more information see a9s PostgreSQL.
  • docs: Application Developer: a9s PostgreSQL: Fix a heading on the page Using a9s PostgreSQL by using the correct level. For more information see Upgrade the Service Instance to another Service Plan.
  • docs: Application Developer: a9s Prometheus: Restructure the Application Developer documentation regarding the a9s Prometheus Data Service to match the current documentation layout. For more information see Application Developer documentation.
  • docs: Application Developer: a9s Prometheus: Adapt the URLs in the Service Key example. For more information see: Using a9s Prometheus.
  • docs: Platform Operator: all services: Restructure the page explaining the a9s Smoke Tests to match the current documentation layout. For more information see Smoke Tests.
  • docs: Platform Operator: a9s CF Service Guard: Extend the existing note about cloud_foundry.asg_prefix with additional information. For more information see Cloud Foundry Configuration.
  • docs: Platform Operator: a9s Prometheus: Restructure the Platform Operator documentation regarding the a9s Prometheus Data Service to match the current documentation layout. For more information see Platform Operator documentation.

Removed

  • docs: Application Developer: a9s Prometheus: Remove the page Migrate From Grafana 5.4 to Grafana 8.3 as there is currently no migration path available in the a9s Prometheus Data Service. For more information see here.

Fixed

  • breaking change a9s Prometheus: Fix the properties prometheus_urls, grafana_urls and alertmanager_urls provided in the service binding to match the configured web.external-url in a9s Prometheus.
  • a9s Backup Manager: Fix the pagination for the instances endpoint used by a9s Backup Monit.
  • a9s LogMe2: Fix the service_broker.api_endpoint property in the add_force_deployment_updater Ops file.
  • a9s MariaDB: Fix the mysql_upgrade_info identifier to prevent misbehavior during the upgrade checking process.
  • a9s Messaging: Fix the template-names in the example Service-Plan config for a9s Messaging 3.12. For more information see rabbitmq.yml.example
  • a9s PostgreSQL: Fix permissions and ownership of log files for a9s PostgreSQL 15. Logs created after the post-start script execution had the wrong permission and prevented the PostgreSQL process from starting.
  • docs: Application Developer: a9s MariaDB: Fix Sys Schema objects metrics table in the "Using a9s MariaDB" page. For more information see: Using a9s MariaDB.
  • docs: Application Developer: a9s PostgreSQL: Remove redundant entries in the metric groups table. For more information see: Metric Groups.

Security

  • a9s Billing: Fix CVEs:
    • CVE-2023-45287
    • CVE-2023-39323
  • a9s DS API Gateway: Fix CVEs:
    • CVE-2023-45287
    • CVE-2023-39323
  • a9s MariaDB: Fix CVEs:
    • CVE-2023-45287
    • CVE-2023-39323
  • a9s PostgreSQL: Fix CVEs:
    • CVE-2023-7104
  • a9s Prometheus: Fix CVEs:
    • CVE-2023-45287
    • CVE-2023-39323

Upcoming

  • a9s PostgreSQL: Deprecation: Prepare for the upcoming deprecation phase, triggered during the next release of anynines deployment v46.0.0 (expected end of February 2024), of the following data service version:

    • a9s PostgreSQL 10

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:

    • for a9s PostgreSQL: a9s PostgreSQL 11, 13 and 15 are available as GA version

    The deprecation phase is planned to last until v49.0.0 (in May 2024), in which the deprecated version will become unsupported. The creation of new data service instances for this particular version will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset.

    To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

· 3 min read

Added

  • a9s PostgreSQL: Add vector PostgreSQL extension.
  • docs: Application Developer: a9s LogMe2: Add a section describing the protocols accepted by a9s LogMe2, including the standards these protocols follow. For more information see: Supported Protocols and Limitations.
  • docs: Platform Operator: a9s PostgreSQL: Add a page that explains the known split brain issue of a9s PostgreSQL and how to fix it. For more information see: Split Brain.

Changed

  • all services: a9s Bee: Update Go version in a9s Bee.
  • all services: a9s Service Dashboard: Update NodeJS to v20.10.0 in the a9s Service Dashboard.
  • docs: Application Developer: a9s PostgreSQL: Add vector PostgreSQL extension. For more information see Using a9s PostgreSQL - Available Extensions Migration - Caveats.
  • docs: Application Developer: a9s Redis: Update Redis migration scripts for the DUMP & RESTORE method to account for binary data. For more information see a9s Redis Migration.
  • docs: Platform Operator: Add a warning regarding the usage of TLSv1.3 with a9s Data Services. For more information see SSL-Plans](docs/application-developer/common/ssl-plans/index.md), [TLS-Encryption and Framework-TLS.

Unsupported

  • a9s MariaDB: End of Support: Terminate support for the following deprecated a9s Data Service version:

    • a9s MariaDB 10.1

    The creation of new a9s Data Service instances for this deprecated version is now disabled by default in the a9s Data Service Bundle and we no longer provide regular support for this version. The corresponding documentation has been removed.

    Although we will not intentionally break running instances of this unsupported version, it cannot be guaranteed that they still work as expected after an update to this release.

Fixed

  • all services: a9s SPI: Ensure that credentials are redacted when errors are logged.
  • a9s Backup Manager: Fix failing backups for a9s PostgreSQL service instances with continuous archiving enabled by adding a missing constant.
  • a9s CF Service Guard: Fix a bug in the creation of ASGs for long-running service instances. For these, the required information is provided in a different structure due to recent changes in the OSB API.
  • a9s MongoDB: Fix a smoke-test issue with a9s MongoDB by extending enable-service-instances-aws-instance-profile.yml so that it does not upload the older versions of a9s MongoDB.
  • docs: Platform Operator: Extend the a9s Data Service Sunrise/Sunset for Major Versions document to better reflect the a9s Data Services' release cadence by adding a diagram and rewording some keywords. For more information see a9s Data Service Sunrise/Sunset for Major Versions.

Security

  • a9s Bee: Fix CVEs:
    • CVE-2020-28483
    • CVE-2023-39325
  • a9s Service Dashboard: Fix CVEs:
    • CVE-2023-30590
    • CVE-2023-32002
    • CVE-2023-32006
    • CVE-2023-32558
    • CVE-2023-32559
    • CVE-2023-44487

Upcoming

  • a9s LogMe: End of Support: Terminate support, starting from anynines deployment v47.0.0 (expected end of March 2024), for the following deprecated a9s Data Service version:

    • a9s LogMe

    The creation of new a9s Data Service instances for this deprecated version will be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed.

    Although we will not intentionally break running instances of this unsupported version, it cannot be guaranteed that they still work as expected after an update to v47.0.0.

· 8 min read

Added

  • breaking change a9s PostgreSQL: We consider a9s PostgreSQL 15 as stable now. You have to set the following properties:
    • postgresql_service.services.a9s-postgresql15.name
    • postgresql_service.services.a9s-postgresql15.guid
    • postgresql_service.services.a9s-postgresql15.description
    • postgresql_service.services.a9s-postgresql15.label
    • postgresql_service.services.a9s-postgresql15.version
    • postgresql_service.services.a9s-postgresql15.bindable
    • postgresql_service.services.a9s-postgresql15.requires
    • postgresql_service.services.a9s-postgresql15.tags
    • postgresql_service.services.a9s-postgresql15.documentation_url
    • postgresql_service.services.a9s-postgresql15.metadata
    • postgresql_service.services.a9s-postgresql15.dashboard_client.id
    • postgresql_service.services.a9s-postgresql15.plans-to-test
    • postgresql_service.services.a9s-postgresql15.planupdates-to-test
  • all services: a9s BOSH Deployer: Introduce the tls_ciphers property to configure the allowed TLS ciphers for the HTTPS endpoint.
  • all services: a9s SPI: Introduce the tls_ciphers property to configure the allowed TLS ciphers for the HTTPS endpoint.
  • a9s-pg: a9s Backup Agent: Add the necessary properties and credentials to the input and output plugin's sections of the a9s Backup Agent.
  • a9s LogMe2: Introduce the custom parameter java_garbage_collector to set the JVM Garbage Collector used by OpenSearch. For more information see Tuning a9s LogMe2.
  • a9s Messaging: Add example config for a9s Messaging 3.12 to rabbitmq.yml.example.
  • a9s Messaging: Release a9s Messaging 3.12 as RC. For more information see a9s Platform Operator - Sunrise Sunset.
  • a9s PostgreSQL: Release a9s PostgreSQL 15 as GA. See a9s Platform Operator - Sunrise Sunset.
  • a9s Search: Introduce the custom parameters java_heapspace, java_maxmetaspace and java_garbage_collector to set JVM memory parameters and the Garbage Collector used by OpenSearch. For more information see Tuning a9s Search.
  • docs: Application Developer: a9s LogMe2: Add information on how to set the JVM Garbage Collector used by OpenSearch. For more information see Tuning a9s LogMe2.
  • docs: Application Developer: a9s PostgreSQL: Extract the "Dump and Restore From Origin Instance to New Instance" section of the "Using" page of the a9s PostgreSQL Application Developer Documentation into a new "Migration" page and extend it to describe how to keep track of the progress via the pg_database_size and the available metrics. For more information see Migration.
  • docs: Application Developer: a9s Search: Add information on how to set JVM memory parameters and the Garbage Collector used by OpenSearch. For more information see Tuning a9s Search.
  • docs: Platform Operator: Add an admonition explaining the usage of the compound command used with the decrypting command of the Recovery documentation pages. For more information see a9s MongoDB Manual Logical Backup Recovery, a9s-pg Manual Logical Backup Recovery, a9s PostgreSQL Manual Logical Backup Recovery, a9s PostgreSQL Manual Point-in-Time Recovery.
  • docs: Platform Operator: Add a section on how to use the tls_ciphers property when configuring TLS encryption for the a9s BOSH Deployer and the a9s SPIs. For more information see General Configuration.
  • docs: Platform Operator: Add a9s Messaging 3.10 templates to the Available Templates documentation. For more information see a9s Messaging Available Templates.
  • docs: Platform Operator: Add a9s Messaging 3.12 templates to the Available Templates documentation. For more information see a9s Messaging Available Templates.
  • docs: Platform Operator: Add a9s PostgreSQL 15 templates to the Available Templates documentation. For more information see a9s PostgreSQL Available Templates.
  • docs: Platform Operator: a9s PostgreSQL: Extend the "Migration" page of the a9s PostgreSQL Platform Operator documentation to include a subsection describing how to leverage the maintenance_work_mem value to accelerate the execution of copy_from. For more information see Migration.
  • docs: Platform Operator: a9s PostgreSQL: Include a disclaimer specifying the recommended operating system when executing the suggested command operations. For more information see: a9s Manual Logical Recovery and a9s Manual PITR Recovery.
  • docs: Platform Operator: a9s Service Dashboard: Fix duplicate name issue for the property dashboard-app.theme.colors.custom_text_header_highlight. For more information see Customize Color Theme.

Changed

  • breaking change a9s Messaging: In order to increase the flexibility, Global Audit Logging can now be configured via the custom parameters configuration instead of Ops files. For more information see: a9s Messaging Audit log.
  • all services: Update BOSH releases:
    • bpm BOSH release to version 1.2.11
    • routing BOSH release to version 0.284.0
  • all services: a9s Backup Agent: Update the a9s Backup Agent's configuration to include the necessary properties and credentials to perform backups/restores instead of receiving them from the a9s Backup Manager.
  • all services: a9s Service Dashboard: Update dependencies in the a9s Service Dashboard.
  • a9s LogMe2:
    • Fluentd:
      • openssl 3.2.0
      • fluent-plugin-opensearch 1.1.4
      • fluentd 1.16.2
    • OpenSearch:
      • OpenSearch 2.11
      • OpenSearch Dashboards 2.11
      • OpenSearch Plugin Repository Azure 2.11
      • OpenSearch Plugin Repository S3 2.11
  • a9s MariaDB:
    • a9s MariaDB 10.6:
      • MariaDB 10.6.16
  • a9s Messaging: Update dependencies in the SPI.
  • a9s PostgreSQL:
    • a9s PostgreSQL 13:
      • PostgreSQL 13.13
    • a9s PostgreSQL 11:
      • PostgreSQL 11.22
  • a9s Prometheus:
    • promgraf2:
      • prometheus 2.47.2
      • statsd_exporter 0.25.0
    • prometheus:
      • prometheus 2.47.2
      • statsd_exporter 0.25.0
  • a9s Redis:
    • Redis 7:
      • Redis 7.2.3
    • Redis 6:
      • Redis 6.2.14
  • a9s Search:
    • a9s Search 2:
      • OpenSearch 2.11
      • OpenSearch Plugin Repository Azure 2.11
      • OpenSearch Plugin Repository S3 2.11
  • docs: Platform Operator: a9s Messaging: Adapt the Global Audit Log documentation to reflect the new configuration approach. For more information see a9s Messaging Audit log, Custom Parameter Configuration.
  • BOSH stemcell: all services: Update Jammy stemcell to version 1.301 for internal tests of all supported services.

Removed

  • breaking change a9s Messaging: Remove ops/rabbitmq-globaly-enable-audit-log.yml Ops file.

Fixed

  • all services: Fix typos in the add-force-deployment-updater.yml Ops file that prevented it from being interpolated correctly. For more information see Block Automatic Updates.
  • all services: a9s Logstash: Remove outdated a9s Messaging metrics.
  • a9s Backup Manager: Fix the a9s Backup Manager's thread usage when checking the state of the backups by adding reasonable timeouts.
  • a9s Backup Manager: Fix a bug in the deletion process that prevented the deletion of all backup files of backups with more than 1000 files. This change affects the following a9s Data Services:
    • a9s Elasticsearch
    • a9s LogMe
    • a9s LogMe2
    • a9s Search
  • a9s CF Service Guard: Improve error handling in the SharedInstancesUpdater to not fail when there is an issue while updating the ASG of one Service Instance.
  • a9s CF Service Guard: Introduce dedicated CF_HOME folders for the background workers to mitigate the concurrency issue when using the same CF CLI within multiple threads.
  • a9s LogMe2: Fix the issue that the streaming of application logs to a9s LogMe2 Service Instances stops after a certain amount of logs have been streamed by setting the a9s Fluentd reload_connections option as false.
  • a9s MariaDB: a9s MariaDB 10.6: Fix the issue in which Monit incorrectly sets the mariadb_ctrl process status as Execution failed even though the process continues to run after exceeding the timeout during Monit startup.
  • a9s PostgreSQL: Fix log messages reporting a connection to a database that does not exist.
  • a9s PostgreSQL: a9s PostgreSQL 15: Fix extension handling during copy_from to an a9s PostgreSQL 15 Service Instance. Some extensions were wrongly placed in the shared schema instead of the intended public schema.
  • docs: all services: Fix broken links in the following pages a9s Redis - Application Developer Path TLS/SSL Service Plans.
  • docs: Application Developer: Fix several minor typos and misnaming occurrences in the Application Developer path of the documentation.
  • docs: Application Developer: a9s Messaging: Remove outdated metrics. For more information see Using a9s Messaging.
  • docs: Application Developer: a9s PostgreSQL: Fix metric description in Using a9s PostgreSQL.
  • docs: Platform Operator: Fix a typo in the 'Introduced' column title at the Sunrise Sunset table, see a9s Platform Operator - Sunrise Sunset.
  • docs: Platform Operator: Fix table break in the a9s Platform Required Ports page.
  • docs: Platform Operator: Fix the sorting approach of the decrypting command on the Recovery documentation pages. For more information see a9s MongoDB Manual Logical Backup Recovery, a9s-pg Manual Logical Backup Recovery, a9s PostgreSQL Manual Logical Backup Recovery, a9s PostgreSQL Manual Point-in-Time Recovery.
  • docs: Platform Operator: Fix typos in the a9s Redis table of the Available Templates page, where the entries for the a9s Redis 7 available templates were mislabeled as Redis 6. For more information see Available Templates.
  • docs: Platform Operator: a9s CF Service Guard: Fix typo in the a9s CF Service Guard page that provided the incorrect location of the support-shared-instances.yml Ops file. For more information see a9s CF Service Guard.
  • docs: Platform Operator: a9s PostgreSQL: Fix the explanation how to retrieve the backup-id from the a9s Backup Manager database to recover a Service Instance manually. For more information see: a9s Manual Logical Recovery and a9s Manual PITR Recovery.
  • docs: Platform Operator: a9s Service Broker: Fix a typo in the provided fetch password command in the a9s Service Broker documentation. For more information see Cleanup Purged Service Instances.

Security

  • a9s Messaging: Fix CVE:
    • CVE-2023-27530
  • a9s PostgreSQL: Fix CVEs:
    • CVE-2023-5868
    • CVE-2023-5869
    • CVE-2023-5870
  • a9s Service Dashboard: Fix CVEs:
    • CVE-2023-45133

Upcoming

  • a9s MariaDB: End of Support: Terminate support, starting from anynines deployment v44.0.0 (expected end of December 2023), for the following deprecated a9s Data Service version:

    • a9s MariaDB 10.1

    The creation of new a9s Data Service instances for this deprecated version will be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed.

    Although we will not intentionally break running instances of this unsupported version, it cannot be guaranteed that they will still work as expected after an update to v44.0.0.

· 4 min read

Added

  • all services: a9s Deployment Updater Errand: Extend the a9s Deployment Updater Errand to run Service Instance updates in parallel. For more information see a9s Deployment Updater.
  • all services: Add Ops file add-force-deployment-updater.yml to each a9s Data Service. For more information see the Installation section of Block Automatic Updates. For more information see a9s Deployment Updater.
  • docs: all services: Add admonition informing both the Application Developer and the Platform Operator that it is necessary to rebind and restage all applications using the affected a9s Service Instance.
  • docs: Application Developer: a9s DS API Gateway: Extract all information related to the a9s Public API from the existing a9s Service Dashboard page into a new section with pages describing its usage and considerations. For more information see a9s Public API.
  • docs: Application Developer: a9s Service Dashboard: Add dedicated section explaining the a9s Parachute information displayed by the a9s Service Dashboard. For more information see the "a9s Parachute" section of a9s Service Dashboard.
  • docs: Application Developer: a9s Service Dashboard: Extract all information related to the a9s Service Dashboard from the existing a9s Service Dashboard page into a new section with pages describing its usage and considerations. For more information see a9s Service Dashboard.
  • docs: Platform Operator: a9s Deployment Updater Errand: Add a dedicated section for the a9s Deployment Updater Errand. For more information see a9s Deployment Updater.

Changed

  • breaking change all services: a9s Deployment Updater Errand: Refactor the properties of the deployment-updater Instance Group. For more information see a9s Deployment Updater - Properties.
  • all services: a9s Backup Agent: Update dependencies in the a9s Backup Agent.
  • all services: a9s BOSH Deployer: Update dependencies in the a9s BOSH Deployer.
  • all services: a9s CF Service Guard: Update dependencies in the a9s CF Service Guard.
  • all services: a9s Service Broker: Update dependencies in the a9s Service Broker.
  • all services: a9s SSO Proxy: Update dependencies in the a9s Dashboard.
  • all services: Update BOSH releases:
    • routing BOSH release to version 0.282.0
    • bpm BOSH release to version 1.2.9
  • a9s Backup Manager: a9s Backup Monit: Update dependencies in the a9s Backup Monit.
  • a9s PostgreSQL:
    • a9s PostgreSQL 13:
      • PostgreSQL 13.12
  • a9s Prometheus:
    • promgraf2:
      • postgres_exporter 0.14.0
    • prometheus:
      • postgres_exporter 0.14.0
  • a9s Prometheus: SPI: Update dependencies in the a9s Prometheus SPI.
  • docs: Platform Operator: Update the chapter Update All Service Instances in the Administration page to link to the new a9s Deployment Updater page.
  • docs: Platform Operator: a9s Service Broker: Update information about the new Ops File add-force-deployment-updater.yml to Block Automatic Updates documentation.

Unsupported

  • a9s MongoDB: End of Support: Terminate support for the following deprecated data service versions:

    • a9s MongoDB 3.x
    • a9s MongoDB 4.0

    The creation of new data service instances for these deprecated versions is now disabled by default in the a9s Data Service Bundle and we no longer provide regular support for these versions. The corresponding documentation has been removed.

    Although we will not intentionally break running instances of these unsupported versions, it cannot be guaranteed that they still work as expected after an update to this release.

Removed

  • breaking change all services: Remove the Instance Group force_deployment_updater from all a9s Data Service deployment manifests. This errand is only needed when the feature Block Automatic Updates is enabled. For more information see Block Automatic Updates.

Fixed

  • a9s Backup Manager: Fix the InitializeBackupDeletionJob job by refactoring it into separate methods to deal with a specific type of backup each. This fixes the cases where, at times, backups without a backup name would cause the job to fail and restart.
  • docs: all services: Fix several minor typos and misnaming ocurrences.
  • docs: all services: Fix the internal documentation links to reflect the restructuring of the a9s Service Dashboard documentation and the a9s Installation Guide.

Security

  • all services: a9s Backup Agent: Fix CVEs:
    • CVE-2023-27530
    • CVE-2022-45442
    • CVE-2022-29970
  • all services: a9s BOSH Deployer: Fix CVEs:
    • CVE-2022-21831
    • CVE-2022-23633
    • CVE-2022-32224
    • CVE-2022-44566
    • CVE-2023-22794
    • CVE-2022-23476
    • CVE-2022-23514
    • CVE-2022-23517
    • CVE-2023-27530
    • CVE-2022-44570
  • all services: a9s CF Service Guard: Fix CVEs:
    • CVE-2023-40175
  • all services: a9s Service Broker: Fix CVEs:
    • CVE-2023-27530
    • CVE-2023-40175
  • all services: a9s SSO Proxy: Fix CVEs:
    • CVE-2023-27530
    • CVE-2023-40175
  • a9s Backup Manager: a9s Backup Monit: Fix CVEs:
    • CVE-2022-45442
  • a9s Prometheus: SPI: Fix CVEs:
    • CVE-2023-27530
    • CVE-2022-45442

· 13 min read

Added

  • all services: a9s Backup Services: Add the option to enable the use of AWS IAM Profiles when using an AWS S3 storage. For more information see Using AWS Instance Profiles
  • all services: a9s Backup Agent: Add support to a9s PostgreSQL 15.
  • all services: a9s Logstash: Add support to a9s PostgreSQL 15.
  • all services: a9s Template Uploader Errand: Add templates for a9s PostgreSQL 15.
  • a9s PostgreSQL: Add example config for a9s PostgreSQL 15 to postgresql.yml.example.
  • a9s PostgreSQL: Add new custom parameter maintenance_work_mem. For more information see Service Instance Resource Usage.
  • a9s PostgreSQL: Release a9s PostgreSQL 15 as RC. For more information see a9s Platform Operator - Sunrise Sunset.
  • docs: Application Developer: a9s Elasticsearch: Add deprecation notice to a9s Elasticsearch's documentation. For more information see a9s Elasticsearch.
  • docs: Application Developer: a9s LogMe: Add deprecation notice to a9s LogMe's documentation. For more information see a9s LogMe.
  • docs: Platform Operator: Add a9s LogMe2 templates' information to the Available Templates page. For more information see Service Catalog - Available Templates.
  • docs: Platform Operator: Add a9s Redis 7 templates' information to the Available Templates page. For more information see Service Catalog - Available Templates.
  • docs: Platform Operator: Add a dedicated section for the Service Catalog. For more information see Service Catalog.
  • docs: Platform Operator: Extract available templates from Service Plans page and add them as dedicated Availble Templates page under the Service Catalog section. For more information see Service Catalog - Available Templates.
  • docs: Platform Operator: a9s Backup Services: Add a new documentation page describing the configuration and use of AWS Instance Profiles in the a9s Backup Service. For more information see Using AWS Instance Profiles.
  • docs: Platform Operator: a9s Backup Services: Add an admonition to the Disaster Recovery documentation, explaining the necessary changes to the plugin configuration when using AWS Instance Profiles in the a9s Backup Service. For more information see Disaster Recovery.
  • docs: Platform Operator: a9s Elasticsearch: Add deprecation notice to a9s Elasticsearch's documentation. For more information see a9s Elasticsearch.
  • docs: Platform Operator: a9s LogMe: Add deprecation notice to a9s LogMe's documentation. For more information see a9s LogMe.
  • docs: Platform Operator: a9s PostgreSQL: Add the new standby_latest_receive_wal value in the Cluster Status documentation. For more information see Cluster Status.
  • docs: Platform Operator: a9s PostgreSQL: Add new section, within the a9s PostgreSQL documentation, that describes the the a9s PostgreSQL Ubunty Jammy Upgrade. For more information see PostgreSQL Jammy Upgrade.
  • docs: Platform Operator: a9s Service Broker: Add a dedicated section for the a9s Service Broker. For more information see a9s Service Broker.
  • INTERNAL RELEASE all services: Add .gitkeep to ops/enable_rc_services to keep the folder visible in the anynines-deployment Git repository.

Changed

  • all services: Adapt Consul-DNS to display the state failing as soon as the Consul connection is gone for more than one minute. Once the connection resumes, the state will switch back to running.
  • all services: Update BOSH releases:
    • routing BOSH release to version 0.281.0
    • bpm BOSH release to version 1.2.7
  • all services: Update support URLs in example config files.
  • all services: a9s Dashboard: Update dependencies in the a9s Service Dashboard.
  • all services: a9s Template Uploader: Add new Templates for a9s PostgreSQL 13 Bionic plans.
  • a9s-pg:
    • PostgreSQL 11.21 Important a9s-pg currently does not support ubuntu-jammy!
  • a9s Elasticsearch: Update dependencies in the a9s Elasticsearch SPI.
  • a9s LogMe: Update dependencies in the a9s LogMe SPI.
  • a9s LogMe2: Update dependencies in the a9s LogMe2 SPI.
  • a9s MariaDB: Update dependencies in the a9s MariaDB SPI.
  • a9s MariaDB:
    • a9s MariaDB 10.4:
      • MariaDB 10.4.31
  • a9s Messaging:
    • a9s Messaging 3.10:
      • Erlang 24.3.4.13
      • RabbitMQ 3.10.25
  • a9s Messaging: Update documentation URLs in the example config file.
  • a9s MongoDB: Change reference from mongodb34 to mongodb40 on property sso-proxy.dashboard_client_id of the sso-proxy job of the service-dashboard instance group in the mongodb-service/mongodb-service.yml.
  • a9s MongoDB: Update dependencies in the a9s MongoDB SPI.
  • a9s MongoDB:
    • a9s MongoDB 5.0:
      • MongoDB 5.0.20
  • a9s MySQL: Update dependencies in the a9s MySQL SPI.
  • a9s PostgreSQL:
    • a9s PostgreSQL 11:
      • PostgreSQL 11.21
  • a9s PostgreSQL: a9s PostgreSQL 13: Changed paths of the recovery and standby files to recovery.signal and standby.signal.
  • a9s PostgreSQL: SPI: Add support to PostgreSQL v15 with capabilities to handle the new schema configuration.
  • a9s Prometheus: Update dependencies in the a9s Prometheus SPI.
  • a9s Prometheus:
    • promgraf2:
      • alertmanager 0.26.0
      • bosh_exporter 3.6.0
      • cadvisor 0.47.3
      • jq 1.7
      • postgres_exporter 0.13.2
      • prometheus 2.47.0
    • prometheus:
      • alertmanager 0.26.0
      • bosh_exporter 3.6.0
      • cadvisor 0.47.3
      • jq 1.7
      • postgres_exporter 0.13.2
      • prometheus 2.47.0
  • a9s Redis: Change reference from redis40 to redis7 on property sso-proxy.dashboard_client_id of the sso-proxy job of the service-dashboard instance group in the redis-service/redis-service.yml.
  • a9s Redis: Update dependencies in the a9s Redis SPI.
  • a9s Redis:
    • a9s Redis 7:
      • Redis 7.2.1
  • a9s Search: Update dependencies in the a9s Search SPI.
  • a9s Search:
    • a9s Search 2:
      • opensearch 2.9.0
      • opensearch-dashboards 2.9.0
      • opensearch-plugin-repository-azure 2.9.0
      • opensearch-plugin-repository-s3 2.9.0
  • docs: Application Developer: a9s Backup Services: Improve clarity of the disaster recovery documentation regarding usage restrictions. For more information see Disaster Recovery.
  • docs: Application Developer: a9s LogMe: Update documentation URL in documentation example. For more information see Using a9s LogMe - See Your Applications Logs.
  • docs: Application Developer: a9s LogMe2: Update documentation URL in documentation example. For more information see Using a9s LogMe2 - See Your Applications Logs.
  • docs: Application Developer: a9s PostgreSQL: Add new custom parameter maintenance_work_mem. For more information see Using a9s PostgreSQL.
  • docs: Application Developer: a9s PostgreSQL: Enhance the documentation to comprehensively address the distinctions between PostgreSQL 15 and its predecessor versions. For more information see a9s PostgreSQL - Overview.
  • docs: Application Developer: a9s PostgreSQL: Add descriptions for the new metrics implemented on a9s Postgresql 15. For more information see a9s Postgresql Documentation.
  • docs: Application Developer: a9s PostgreSQL: Update the dump and restore documentation regarding PostgreSQL 15 public schema changes. For more information see: a9s Application Developer - Using a9s PostgreSQL.
  • docs: Application Developer: a9s PostgreSQL: Update the forking service instance documentation section to add the method limitations. For more information see: a9s Application Developer - Using a9s PostgreSQL.
  • docs: Application Developer: a9s Prometheus: Update documentation URL in documentation example. For more information see Using a9s Prometheus - Access the a9s Prometheus Dashboards.
  • docs: Platform Operator: Improve clarity of the disaster recovery documentation regarding usage restrictions. For more information see Disaster Recovery.
  • docs: Platform Operator: Improve the documentation in the "Interact with the Backup Manager" section of the "Administrative Tasks" page. For more information see a9s Data Services Administrative Tasks.
  • docs: Platform Operator: Update documentation URL in documentation example for the Service Plans. For more information see Customizing the Documentation and Support URLs.
  • docs: Platform Operator: Update the Stemcell documentation with information about Jammy Stemcell. For more information see Stemcells.
  • docs: Platform Operator: Update the wildcard certificates documentation to reflect the latest changes regarding the vendored dashboards. For more information see a9s Platform Operator - Wildcard Certificates.
  • docs: Platform Operator: Add a9s LogMe2 port information to the table. For more information see a9s Platform Required Ports.
  • docs: Platform Operator: Add a9s Search port information to the table. For more information see a9s Platform Required Ports.
  • docs: Platform Operator: Update documentation URL in documentation example for the Service catalog. For more information see Services Configuration.
  • docs: Platform Operator: Update vendor versions for multiple data services in the Release Lifecycle Table. For more information see Release Lifecycle Table
  • docs: Platform Operator: Move page Service Plans under the Service Catalog section. For more information see Service Catalog - Service Plans.
  • docs: Platform Operator: a9s Consul: Set proper title for the a9s Consul Properties page. For more information see a9s Consul - Properties.
  • docs: Platform Operator: a9s MongoDB: Make correction to refer to MongoDB v5.0 as Generally Available instead of Release Candidate. For more information see a9s Platform Operator - Wildcard Certificates.
  • docs: Platform Operator: a9s PostgreSQL: Update the service instance resource limits list regarding the new custom parameter maintenance_work_mem. For more information see Service Instance Resource Usage.
  • docs: Platform Operator: a9s PostgreSQL: Enhance the documentation to provide comprehensive coverage of the new Data Service version, including key differentiators between a9s PostgreSQL 15 and its earlier iterations. For more information see a9s-pg Manual Logical Backup Recovery, a9s PostgreSQL Resources Considerations, a9s Postgresql Cluster Recovery, Replication Lag, a9s PostgreSQL Manual Logical Backup Recovery, a9s PostgreSQL Manual Point-in-Time Recovery, Cluster Status, Template Uploader Errand, a9s Platform Required Ports.
  • docs: Platform Operator: a9s Redis: Clarify the difference between tls-ciphers and tls-ciphersuites Redis SPI parameters. For more information see Redis SPI Parameters.
  • docs: Platform Operator: a9s Service Broker: Move page a9s Service Broker Properties under the a9s Service Broker section. For more information see a9s Service Broker - Properties.
  • docs: Platform Operator: a9s Service Broker: Move page Cleanup Purged Service Instances under the a9s Service Broker section. For more information see a9s Service Broker - Cleanup Purged Service Instances.
  • docs: Platform Operator: a9s Service Broker: Move page Configure Broker Callback URL under the a9s Service Broker section. For more information see a9s Service Broker - Configure a Callback URL.
  • docs: Platform Operator: a9s Service Broker: Move page Configure a9s Service Broker To Block Automatic Updates under the a9s Service Broker section. For more information see a9s Service Broker - Block Automatic Updates.
  • docs: Platform Operator: a9s Service Broker: Move page Service Instance Limits under the a9s Service Broker section. For more information see a9s Service Broker - Service Instance Limits.
  • docs: Platform Operator: a9s Service Dashboard: Update the a9s Service Dashboard documentation with the new dashboard customization properties. For more information see Customize Color Theme.
  • docs: Platform Operator: a9s Service Dashboard: Move page a9s Dashboard - Error Codes under the a9s Service Dashboard section. For more information see a9s Service Dashboard - Error Codes.
  • docs: Platform Operator: a9s Service Dashboard: Move page Dashboard - Static Navigation Entries under the a9s Service Dashboard section. For more information see a9s Service Dashboard - Static Navigation Entries.
  • docs: Platform Operator: a9s Service Dashboard: Move page Dashboard - Support Mail Address under the a9s Service Dashboard section. For more information see a9s Service Dashboard - Support Mail Address.
  • BOSH stemcell: all services: Update Jammy stemcell to version 1.232 for internal tests of all supported services.
  • BOSH stemcell: a9s PostgreSQL: Use stemcell ubuntu-jammy version 1.232 for all internal tests of a9s PostgreSQL 13. WARNING Please make sure you are aware of the limitations that come with stemcell upgrades of existing a9s PostgreSQL 13 instances or upgrades from lower versions! Carefully read a9s Platform Operator - Updating PostgreSQL 13 to Jammy before upgrading a9s PostgreSQL 13 instances to ubuntu-jammy.
  • INTERNAL RELEASE a9s Backup Manager: The collection of the Backup Manager metrics is now configurable.

Removed

  • a9s-pg: Remove the deprecated variable a9s_pg_backup_encrypt_password from a9s-pg/a9s-pg.yml.
  • docs: all services: Remove the unused docs/changelog path, and its contents, from the documentation structure.
  • docs: Application Developer: Remove duplicate page of the Creating Local Copy of the Data from the a9s MongoDB documentation. For more information see Creating Local Copy of the Data.
  • docs: Platform Operator: Remove obsolete overview page of the a9s Service Broker. The main content is moved to the a9s Service Broker section. For more information see a9s Service Broker.
  • docs: Platform Operator: Remove obsolete Service Catalog page from the common section. The main content is moved to the Service Catalog section. For more information see Service Catalog.

Fixed

  • all services: Fixed Parachute plugin to disable a9s Parachute when max_disk_threshold custom parameter is set to 0.
  • a9s LogMe2: Replaced the variable /cf_nats_password by the variables /cf_nats_credentials.username and /cf_nats_credentials.password on the template-uploader variables.
  • a9s Messaging: Fix a bug that prevents the drain script to terminate peacefully when the RabbitMQ service is already stopped.
  • a9s PostgreSQL: a9s PostgreSQL 13: Fix cloning happening again during monit start after it already happened during pre-start.
  • a9s PostgreSQL: a9s PostgreSQL 13: Fix switchover that, in some situations, was electing the wrong node to be promoted to primary.
  • docs: all services: Fix broken documentation links after the restructuring of multiple documentation path.
  • docs: all services: Fix the internal documentation links so that they fit the current TrailingSlash configuration of our Docusaurus settings.
  • docs: Platform Operator: Fix a typo in the Target Group section of the a9s Data Service Framework Recovery documentation.
  • docs: Platform Operator: a9s PostgreSQL: Fix the Manual Point-in-Time Recovery by adding the differences when recovering a9s PostgreSQL version equals and above the 13 version. Moreover, fix some misleading step instructions in the same documentation. For more information see: a9s PostgreSQL Manual Point-in-Time Recovery.
  • docs: Platform Operator: a9s Redis: Fix the typo in the ID in the page's metadata and the broken links in the a9s Redis SPI Configuration page. For more information see Redis SPI Parameters.

Security

  • all services: a9s Service Dashboard: Fix CVEs:
    • CVE-2020-36632
    • CVE-2021-44906
    • CVE-2022-3517
    • CVE-2022-24999
  • a9s PostgreSQL: SPI: Fix CVEs:
    • CVE-2023-27530
    • CVE-2023-27539

Upcoming

  • a9s MongoDB: End of Support: Terminate support, starting from anynines deployment v42.0.0 (expected end of October 2023), for the following deprecated data service versions:

    • a9s MongoDB 3.x
    • a9s MongoDB 4.0

    The creation of new Data Service Instances for these deprecated versions will be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. The corresponding documentation will also be removed.

    Although we will not intentionally break running instances of these unsupported versions, it cannot be guaranteed that they still work as expected after an update to v42.0.0.

Stemcell Support

a9s DS NameStemcell NameStemcell Version
a9s LogMeBionic1.204
a9s LogMe2Jammy1.232
a9s Elasticsearch 7Bionic1.204
a9s Elasticsearch 6Bionic1.204
a9s Elasticsearch 5Bionic1.204
a9s MongoDB 5.0 SSPLJammy1.232
a9s MongoDB 4.0 SSPLBionic1.204
a9s MongoDB 4.0Bionic1.204
a9s MongoDB 3.6Bionic1.204
a9s MySQL 10.4Jammy1.232
a9s MySQL 10.1Xenial621.232
a9s MariaDB 10.6Jammy1.232
a9s PostgreSQL 13Jammy1.232
a9s PostgreSQL 11Bionic1.204
a9s PostgreSQL 10Bionic1.204
a9s Messaging 3.10Jammy1.232
a9s Messaging 3.8Jammy1.232
a9s Messaging 3.7Bionic1.204
a9s Redis 7Jammy1.232
a9s Redis 6Jammy1.232
a9s Redis 5.0Jammy1.232
a9s PrometheusJammy1.232
a9s Search 2Jammy1.232

· 2 min read

Added

  • docs: Application Developer: a9s Search: Add the Elasticsearch 6 migration instructions to the documentation. For more information see a9s Search Migration
  • docs: Platform Operator: Add a EOL Policy column to the vendored software table in the Sunrise/Sunset documentation. This column contains the corresponding link to the vendored software's current EOL/Versioning policies pages. For more information see the a9s Data Services Release Cycles section in the a9s Data Service Sunrise/Sunset for Major Versions page.
  • docs: Platform Operator: a9s Redis: Add disclaimer explaining the limitation on single to cluster plan upgrades for a9s Redis 6 and above, and present a path to block/disallow such upgrades. For more information see a9s Redis Concerns.

Changed

  • docs: Application Developer: a9s PostgreSQL: Correct contradicting statement regarding the max_connections parameter. For more information see Using a9s PostgreSQL.
  • docs: Application Developer: a9s Messaging: Update the Queue Mectrics section with the current naming examples for the queues metrics. For more information see a9s Messaging.
  • docs: Application Developer: a9s PostgreSQL: Improve the wording of the Dump and Restore From Origin Instance to New Instance section of the a9s PostgreSQL documentation. For more information see Using a9s PostgreSQL.
  • docs: Application Developer: a9s Redis: Extend the current disclaimer explaining the limitation on single to cluster plan upgrades for a9s Redis 6 and above, by presenting an alternate path via our migration feature. For more information see Using a9s Redis.
  • docs: Application Developer: a9s Redis: Update documentation with information regarding the upgrade from a9s Redis 7 RC to a9s Redis 7 GA. For more information see: a9s Redis Migration and Using a9s Redis.
  • docs: Platform Operator: consul-dns: Replace broken link in a9s Consul docs.
  • docs: Platform Operator: a9s MariaDB: Add a section about the cluster load balancing behavior. For more information see a9s MariaDB Cluster Setup Overview.
  • docs: Platform Operator: a9s PostgreSQL: Improve the wording of the Prepare PostgreSQL section of the a9s PostgreSQL documentation. For more information see a9s PostgreSQL Manual Logical Backup Recovery
  • docs: Platform Operator: a9s Redis: Add a9s Redis 7 RC information in the general a9s Redis documentation. For more information see: a9s Redis Resources Considerations.

Fixed

  • docs: Application Developer: a9s Messaging: Correct the section with an example which had a swapped username and password. For more information see a9s Messaging

· 9 min read

Added

  • a9s-pg: Add new database cfserviceguard, which is used by the a9s CF Service Guard v2.
  • a9s CF Service Guard: Add new deployment manifest cf-service-guard/cf-service-guard.yml to deploy the new a9s CF Service Guard v2. For more information see a9s CF Service Guard: Installation.
  • a9s CF Service Guard: Add Ops file cf-service-guard/ops/add-elasticsearch.yml to add a9s Elasticsearch to the list of known service brokers for the a9s CF Service Guard. For more information see a9s CF Service Guard: Installation.
  • a9s CF Service Guard: Add Ops file cf-service-guard/ops/add-mariadb.yml to add a9s MariaDB to the list of known service brokers for the a9s CF Service Guard. For more information see a9s CF Service Guard: Installation.
  • a9s CF Service Guard: Add Ops file cf-service-guard/ops/add-messaging.yml to add a9s Messaging to the list of known service brokers for the a9s CF Service Guard. For more information see a9s CF Service Guard: Installation.
  • a9s CF Service Guard: Add Ops file cf-service-guard/ops/add-mongodb.yml to add a9s MongoDB to the list of known service brokers for the a9s CF Service Guard. For more information see a9s CF Service Guard: Installation.
  • a9s CF Service Guard: Add Ops file cf-service-guard/ops/add-mysql.yml to add a9s MySQL to the list of known service brokers for the a9s CF Service Guard. For more information see a9s CF Service Guard: Installation.
  • a9s CF Service Guard: Add Ops file cf-service-guard/ops/add-postgresql.yml to add a9s PostgreSQL to the list of known service brokers for the a9s CF Service Guard. For more information see a9s CF Service Guard: Installation.
  • a9s CF Service Guard: Add Ops file cf-service-guard/ops/add-redis.yml to add a9s Redis to the list of known service brokers for the a9s CF Service Guard. For more information see a9s CF Service Guard: Installation.
  • a9s CF Service Guard: Add Ops file cf-service-guard/ops/add-search.yml to add a9s Search to the list of known service brokers for the a9s CF Service Guard. For more information see a9s CF Service Guard: Installation.
  • a9s CF Service Guard: Add Ops file cf-service-guard/ops/support-shared-instances.yml to enable the support of shared service instances for the a9s CF Service Guard. For more information see a9s CF Service Guard: Background Workers.
  • a9s Redis: Release a9s Redis 7 as GA. For more information see a9s Platform Operator - Sunrise Sunset.
  • a9s Redis: a9s Redis 7: Add User Management Control based on ACL. For more information Obtain Service Instance Access Credentials.
  • a9s Redis SPI: a9s Redis 7: Add support to unique credentials for service bindings and keys. For more information see Obtain Service Instance Access Credentials.
  • docs: Application Developer: a9s Redis: Add user credentials management documentation. For more information see Obtain Service Instance Access Credentials.
  • docs: Application Developer: a9s Redis: Update migration document with the commands for Redis 7 instances. For more information see a9s Redis Migration.
  • docs: Platform Operator: Mark a9s Redis 7 as GA in the a9s Data Service Release Lifecycle Table. For more information see a9s Platform Operator - Sunrise Sunset.
  • docs: Platform Operator: a9s Redis: Add user credentials management documentation. For more information see User Credentials Management.
  • docs: Platform Operator: a9s CF Service Guard: Add dedicated section for the a9s CF Service Guard documentation. For more information see a9s CF Service Guard.

Changed

  • breaking change all services: The property iaas.service_guard is changed to iaas.cf_service_guard. The references of this variable has been adapted accordingly.
  • breaking change all services: Use stemcell ubuntu-jammy version 1.125 for all internal tests of the following a9s Data Services Framework components: a9s Billing, a9s CF Service Guard. Please make sure to update your stemcells accordingly, as shown in the example IaaS configuration.
  • breaking change all services: Use stemcell ubuntu-jammy version 1.125 for all internal tests of the following a9s Data Services: a9s LogMe2, a9s MariaDB, a9s Messaging >= 3.8, a9s MongoDB >= 5.0, a9s MySQL 10.4, a9s Prometheus, a9s Redis, a9s Search >= 2. Please make sure to update your stemcells accordingly, as shown in the example IaaS configuration.
  • breaking change a9s Messaging: Replace the periods (.) with underscores (_) of the RabbitMQ queue names in the Graphite metrics. This is necessary since a period is reserved as path separator for Graphite metric names. For more information see Using a9s Messaging: Queue Metrics.
  • all services: Update routing BOSH release to latest version 0.274.0.
  • all services: Update bpm BOSH release to latest version 1.2.3.
  • all services: a9s Smoke Tests: Update bindingo to support the new credentials structure of a9s Redis 7.
  • all services: a9s Smoke Tests: Add support for the configurable prefix used for Cloud Foundry App Security Groups created by the a9s CF Service Guard. For more information see Smoke Tests Properties.
  • a9s Prometheus: promgraf2 BOSH release now includes:
    • elasticsearch_exporter 1.6.0
    • mysqld_exporter 0.15.0
    • postgres_exporter 0.13.1
    • prometheus 2.45.0
    • grafana 8.5.27
    • cadvisor 0.47.2
  • a9s Prometheus: prometheus2 BOSH release now includes:
    • elasticsearch_exporter 1.6.0
    • graphite_exporter 0.14.0
    • mysqld_exporter 0.15.0
    • postgres_exporter 0.13.1
    • prometheus 2.45.0
    • cadvisor 0.47.2
  • a9s Redis:
    • a9s Redis 6
      • a9s Redis 6.2.13
    • a9s Redis 7
      • a9s Redis 7.0.12
  • docs: Platform Operator: Add documentation how to configure a deployment name prefix per service plan. For more information see Deployment Prefix Per Plan.

Deprecated

  • a9s LogMe: Deprecation: Deprecate the following data service version:

    • a9s LogMe

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:

    • for a9s LogMe: a9s LogMe2 is available as GA version

    This deprecation follows the announcement in the previous release. The deprecation phase is planned to last until v42.0.0 (in October 2023), in which the deprecated version will become unsupported. The creation of new data service instances for this particular version will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset.

    To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

Unsupported

  • a9s Redis: End of Support: Terminate support for the following deprecated data service versions:

    • a9s Redis 3.2
    • a9s Redis 4

    The creation of new data service instances for these deprecated versions is now disabled by default in the a9s Data Service Bundle and we no longer provide regular support for these versions. The corresponding documentation has been removed.

    Although we will not intentionally break running instances of these unsupported versions, it cannot be guaranteed that they still work as expected after an update to this release.

Removed

  • breaking change a9s-pg: Remove obsolete database serviceguard since the new a9s CF Service Guard v2 uses cfserviceguard as database.
  • breaking change a9s CF Service Guard: Remove deployment manifest service-guard/service-guard.yml in favor of cf-service-guard/cf-service-guard.yml.
  • breaking change a9s CF Service Guard: Remove Ops file ops/add-elasticsearch-broker-to-service-guard.yml in favor of cf-service-guard/ops/add-elasticsearch.yml.
  • breaking change a9s CF Service Guard: Remove Ops file ops/add-mariadb-broker-to-service-guard.yml in favor of cf-service-guard/ops/add-mariadb.yml.
  • breaking change a9s CF Service Guard: Remove Ops file ops/add-mongodb-broker-to-service-guard.yml in favor of cf-service-guard/ops/add-mongodb.yml.
  • breaking change a9s CF Service Guard: Remove Ops file ops/add-mysql-broker-to-service-guard.yml in favor of cf-service-guard/ops/add-mysql.yml.
  • breaking change a9s CF Service Guard: Remove Ops file ops/add-postgresql-broker-to-service-guard.yml in favor of cf-service-guard/ops/add-postgresql.yml.
  • breaking change a9s CF Service Guard: Remove Ops file ops/add-rabbitmq-broker-to-service-guard.yml in favor of cf-service-guard/ops/add-messaging.yml.
  • breaking change a9s CF Service Guard: Remove Ops file ops/add-redis-broker-to-service-guard.yml in favor of cf-service-guard/ops/add-redis.yml.
  • breaking change a9s CF Service Guard: Remove Ops file ops/add-search-broker-to-service-guard.yml in favor of cf-service-guard/ops/add-search.yml.
  • breaking change a9s CF Service Guard: Remove Ops file ops/service-guard-enable-shared-instances in favor of cf-service-guard/ops/support-shared-instances.yml.
  • docs: Platform Operator: a9s Messaging: Remove page a9s Messaging Queue Name Restrictions. The restriction over the use of periods in the RabbitMQ queue names is no longer valid. For more information see Using a9s Messaging: Queue Metrics.

Fixed

  • all services: a9s Backup Agent: Fix backup/restore configuration for a9s Elasticsearch, a9s LogMe, a9s LogMe2, and a9s OpenSearch to use higher values and avoid timeout errors when dealing with huge backups.
  • a9s BOSH Deployer: Allow removal of director configurations when no running/active deployments exist anymore. Before it was not possible to remove a director configuration from the a9s BOSH Deployer when the deployments existed at some point.
  • a9s LogMe2: Fix OpenSearch node_dn property to use a regex pattern for accurate matching of certificates, eliminating the order dependency in the pattern when using the wildcard pattern.
  • a9s PostgreSQL: a9s PostgreSQL 13: Update postgresql-info-webservice to correctly identify when one node of the cluster is cloning during post-start and avoid a timeout failure when cloning takes too long.
  • a9s Search2: Fix OpenSearch node_dn property to use a regex pattern for accurate matching of certificates, eliminating the order dependency in the pattern when using the wildcard pattern.
  • docs: Platform Operator: Fix broken link inside a9s Data Services Administrative Tasks.

Security

  • a9s LogMe2, a9s Search2, a9s Logstash: Fix CVEs:
    • CVE-2023-21930
    • CVE-2023-21954
    • CVE-2023-21967
    • CVE-2023-21939
    • CVE-2023-21938
    • CVE-2023-21937
    • CVE-2023-21968
    • CVE-2022-34169
    • CVE-2022-21541
    • CVE-2022-21549
    • CVE-2022-21540

Stemcell Support

a9s DS NameStemcell NameStemcell Version
a9s LogMeBionic1.204
a9s LogMe2Jammy1.125
a9s Elasticsearch 7Bionic1.204
a9s Elasticsearch 6Bionic1.204
a9s Elasticsearch 5Bionic1.204
a9s MongoDB 5.0 SSPLJammy1.125
a9s MongoDB 4.0 SSPLBionic1.204
a9s MongoDB 4.0Bionic1.204
a9s MongoDB 3.6Bionic1.204
a9s MySQL 10.4Jammy1.125
a9s MySQL 10.1Xenial621.125
a9s MariaDB 10.6Jammy1.125
a9s PostgreSQL 13Bionic1.204
a9s PostgreSQL 11Bionic1.204
a9s PostgreSQL 10Bionic1.204
a9s Messaging 3.10Jammy1.125
a9s Messaging 3.8Jammy1.125
a9s Messaging 3.7Bionic1.204
a9s Redis 7Jammy1.125
a9s Redis 6Jammy1.125
a9s Redis 5.0Jammy1.125
a9s PrometheusJammy1.125
a9s Search 2Jammy1.125

· 11 min read

Added

  • a9s LogMe2: Add default placeholder value to configure the number of OpenSearch nodes in the cluster template. For more information see a9s LogMe2 Documentation.
  • docs: Application Developer: Describe the requirements for the Common Name and Subject Alternative Name of user provided certificates. For more information see Common Name And Subject Alternative Name.
  • docs: Platform Operator: Describe the requirements for the Common Name and Subject Alternative Name of a wildcard certificate. For more information see Common Name And Subject Alternative Name.
  • docs: Platform Operator: Update the Service Plans documentation to include the list of currently available a9s Search service plans. For more information see Service Plans.
  • docs: Platform Operator: a9s LogMe2: Add new Platform Plan section to the a9s LogMe2 Documentation. For more information see a9s LogMe2 Documentation.
  • docs: Platform Operator: a9s MariaDB: Create a new page to provide a general overview of a9s MariaDB's cluster setup, and MariaDB Galera Cluster's role in it. For more information see a9s MariaDB Cluster Setup Overview.

Changed

  • breaking change all services: Use stemcell ubuntu-jammy version 1.125 for all internal tests of the a9s Data Services Framework components except the following: a9s Consul, a9s Service Guard, a9s Billing, and a9s-pg. Please make sure to update your stemcells accordingly, as shown in the example IaaS configuration.
  • breaking change all services: Use stemcell ubuntu-bionic version 1.204 for all internal tests of the a9s Data Services. Please make sure to update your stemcells accordingly.
  • breaking change all services: Change vm_type of the a9s Service Dashboard VM from nano to small to better reflect the resource requirements. For more information see a9s Service Dashboard VM size.
  • all services: Update routing BOSH release to latest version 0.271.0.
  • all services: Update bpm BOSH release to latest version 1.2.2.
  • all services: a9s Smoke Tests: Add OpenSSL v1.1.1 for compatibility reasons as Ubuntu Jammy comes with OpenSSL v3 by default, but our tests still rely on OpenSSL v1; wherefore, we had to add it explicitly to be able to run the a9s Smoke Tests on ubuntu-jammy stemcell.
  • a9s Backup Manager: Increase the possible database connections to 50 to be able to parallelize the backup status check.
  • a9s Backup Manager: Parallelize the check of the status of running backups. This improves the performance on environments that have many backups running in parallel.
  • a9s Elasticsearch: Freeze stemcell for a9s Elasticsearch 2, 5, 6, and 7 to ubuntu-bionic v1.204. This is necessary since these versions are not compatible with ubuntu-jammy.
  • a9s MariaDB:
    • MariaDB 10.6
      • MariaDB 10.6.14
  • a9s MongoDB:
    • a9s MongoDB 5.0
      • MongoDB 5.0.18
  • a9s MongoDB: Freeze stemcell for a9s MongoDB 3.2, 3.4, 3.6, 4.0, and 4.0 SSPL to ubuntu-bionic v1.204. This is necessary since these versions are not compatible with ubuntu-jammy.
  • a9s MongoDB: SPI: Add OpenSSL v1.1.1 for compatibility reasons as Ubuntu Jammy comes with only OpenSSL v3 by default, however, MongoDB 5.0 still depends on OpenSSL v1.
  • a9s Messaging:
    • Messaging 3.8
      • Erlang 23.3.4.19
    • Messaging 3.10
      • Erlang 24.3.4.12
      • RabbitMQ 3.10.24
  • a9s Messaging: Freeze stemcell for a9s Messaging 3.6 and 3.7 to ubuntu-bionic v1.204. This is necessary since these versions are not compatible with ubuntu-jammy.
  • a9s PostgreSQL: Freeze stemcell for a9s PostgreSQL 9.4, 10, and 11 to ubuntu-bionic v1.204. This is necessary since these versions are not compatible with ubuntu-jammy.
  • a9s Prometheus: promgraf2 BOSH release now includes:
    • blackbox_exporter 0.24.0
    • bosh_exporter 3.5.0
    • grafana 8.5.26
    • graphite_exporter 0.14.0
    • influxdb_exporter 0.11.4
    • memcached_exporter 0.13.0
    • postgres_exporter 0.12.1
    • prometheus 2.44.0
    • stackdriver_exporter 0.14.1
    • statsd_exporter 0.24.0
  • a9s Prometheus: prometheus2 BOSH release now includes:
    • blackbox_exporter 0.24.0
    • bosh_exporter 3.5.0
    • grafana 8.5.26
    • graphite_exporter 0.14.0
    • influxdb_exporter 0.11.4
    • memcached_exporter 0.13.0
    • postgres_exporter 0.12.1
    • prometheus 2.44.0
    • stackdriver_exporter 0.14.1
    • statsd_exporter 0.24.0
  • consul-dns: Update dnsmasq to latest version 2.89.
  • consul-dns: Add timestamps to log entries of the dnsmasq's control script.
  • docs: Application Developer: Update migration documentation for Redis 3. For more information see Redis Migration.
  • docs: Platform Operator: a9s Elasticsearch: Change wording and fix typos in the Creating Backups on S3 Compatible Services section. For more information see a9s Elasticsearch.
  • docs: Platform Operator: a9s Messaging: Rename page RabbitMQ Managment UI Access to RabbitMQ Managment UI and revision the whole page. For more information see RabbitMQ Managment UI.
  • docs: Platform Operator: a9s Search: Change wording and fix typos in the Creating Backups on S3 Compatible Services section. For more information see a9s Search.
  • docs: Platform Operator: Restructure the documentation regarding configuration of TLS/SSL encrypted communication for the a9s Data Services Framework components. For more information see Securing the a9s Framework with TLS.

Removed

  • breaking change all services: Remove the Ops files to enable TLS/SSL encrypted communication for individual a9s Data Services. Since we decided to enable step by step the TLS/SSL encrypted communication for each a9s Data Services Framework component by default and maintaining both ways are not meaningfull and already lead to several confusions we decided to remove the possibility to enable TLS/SSL encrypted communication for a specific a9s Data Service. For the time being we only support TLS/SSL encrypted communication for the a9s Data Services Framework components where it is enabled by default.
  • breaking change a9s Router: Remove the a9s Router deployment manifest and its Ops files. The a9s Router was only used by a9s Kubernetes, which no longer exists, so the a9s Router is no longer needed.
  • all services: Remove the obsolete a9s Kubernetes, a9s Harbor, and a9s Router configurations from the example IaaS configuration.
  • a9s-pg: Remove the obsolete databases for a9s Harbor and a9s Kubernetes. Since we no longer offer these a9s Data Services, their dedicated databases are no longer needed.
  • docs: Platform Operator: Remove obsolete documentation regarding enabling the TLS/SSL encrypted communication for different a9s Data Services Framework components which are not fully supported yet. We decided to enable the encryption for each a9s Data Services Framework component step by step as default instead of making it optional per a9s Data Service, wherefore, this documentation is no longer needed.
  • docs: Platform Operator: Remove outdated troubleshooting documenation regarding TLS/SSL encrypted communication for the a9s Data Services Framework components.
  • docs: Platform Operator: a9s Messaging: Remove obsolete information from the RabbitMQ TLS/SSL Configuration page in favor of TLS/SSL Service Plans.
  • docs: Platform Operator: a9s PostgreSQL: Remove obsolete PostgreSQL TLS/SSL Configuration documentation in favor of TLS/SSL Service Plans.
  • docs: Platform Operator: a9s Redis: Remove obsolete Redis TLS/SSL Configuration documentation in favor of TLS/SSL Service Plans.
  • docs: Platform Operator: a9s Router: Remove the documentation of the a9s Router.

Deprecated

  • a9s Elasticsearch: Deprecation: Deprecate the following data service version:

    • a9s Elasticsearch: all versions

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:

    • for a9s Elasticsearch 7: a9s OpenSearch2 is available as GA version.

    This deprecation follows the announcement in the previous release. The deprecation phase is planned to last until v49.0.0 (in Q2/2024), in which the deprecated version will become unsupported. The creation of new data service instances for this particular version will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset.

    To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

  • a9s Redis: Deprecation: Deprecation phase was extended to give customers more time to migrate to a supported data service version. Contrary to the announcement of upcoming unsupport in v38.0.0, unsupport will not occur in v39.0.0, but in v40.0.0 (expected in Q3/2023) for the following data service versions:

    • a9s Redis v3.2
    • a9s Redis v4 Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:
    • for a9s Redis v3.2: a9s Redis 5, a9s Redis 6, a9s Redis 7 are available as GA versions.
    • for a9s Redis v4: a9s Redis 5, a9s Redis 6, a9s Redis 7 are available as GA versions. The extended deprecation phase is planned to last until v40.0.0 (expected in Q3/2023), in which the deprecated versions will become unsupported.
  • a9s MariaDB: Deprecation: Deprecation phase was extended to give customers more time to migrate to a supported data service version. Contrary to the announcement of upcoming unsupport in v38.0.0, unsupport will not occur in v39.0.0, but in v44.0.0 (expected in Q4/2023) for the following data service version:

    • a9s MariaDB v10.1 Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:
    • for MariaDB v10.1: a9s MariaDB v10.4 is available as GA version. The extended deprecation phase is planned to last until v44.0.0 (expected in Q4/2023), in which the deprecated version will become unsupported.

Fixed

  • all services: a9s Template Uploader Errand: Fix issue when using remote Ops files. When using remote Ops files the output of the Errand showed a no implicit conversion of URI::HTTPS into String and the Errand completed with an error (exit code 1).
  • a9s-pg: Remove logging of credentials from the PostgreSQL pre-start log.
  • a9s Backup Manager: Correct comment in Ops file ops/backup-on-generic-s3.yml to make clear that it is intended to use with the a9s Backup Manager deployment manifest and not with the a9s-pg deployment manifest.
  • a9s Messaging: Handle TLS/SSL plans correctly when registering the RabbitMQ Management UI route. The route was registered via HTTP even though it is HTTPS in the case of a TLS/SSL service instance, wherefore, the access did not work and you saw a 502 Bad Gateway: Registered endpoint failed to handle the request..
  • a9s PostgreSQL: Remove logging of credentials from the PostgreSQL pre-start log.
  • docs: Application Developer: a9s LogMe2: Correct the custom parameter name for setting the protocol of syslog_drain_url. The correct custom parameter name of the binding parameter is syslog-use-udp and not syslog_use_udp. For more information see Using a9s LogMe2: Create a Service Key.
  • docs: Platform Operator: Updated the sidebar links redirection from the old a9s Data Services Release Lifecycle page to our a9s Data Service Sunrise/Sunset for Major Versions.

Upcoming

  • a9s LogMe: Deprecation: Prepare for the upcoming deprecation phase, triggered during the next release of anynines deployment v40.0.0 (expected end of July 2023), of the following data service version:

    • a9s LogMe

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:

    • for a9s LogMe: a9s LogMe2 is available as GA version

    The deprecation phase is planned to last until v43.0.0 (in October 2023), in which the deprecated version will become unsupported. The creation of new data service instances for this particular version will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for this version. The corresponding documentation will also be removed. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset.

    To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

Unsupported

  • a9s Messaging: End of Support: Terminate support for the following deprecated data service version:

    • Messaging 3.6

    The creation of new data service instances for this deprecated version is now disabled by default in the a9s Data Service Bundle and we no longer provide regular support for this version.

    Although we will not intentionally break running instances of this unsupported version, it cannot be guaranteed that they still work as expected after an update to this release.

· 5 min read

Added

  • a9s LogMe2: Set file-buffers as the default data buffers. For more information see a9s LogMe2 Documentation.
  • a9s PostgreSQL: Increase default timeout for pg_ctl finish starting a process to avoid timeout errors during startup.

Changed

  • breaking change all services: Enable TLS communication between a9s Service Dashboard and a9s Backup Manager. For more information see a9s Dashboard Service. With this changes the port for the communication between these both components changed from port 3000 (HTTP) to port 3001 (HTTPS). Please ensure that your firewalls allow this new communication channel. For more information see a9s Platform Required Ports.
  • breaking change a9s Backup Manager: Enable both TLS (HTTPS) and non-TLS (HTTP) API support for the a9s Backup Manager. The non-TLS interface will be disabled when the communication channels from all the components to the a9s Backup Manager are set to TLS in the coming releases. For more information see a9s Backup Manager TLS Configuration.
  • all services: Update routing BOSH release to latest version 0.266.0.
  • all services: Update bpm BOSH release to latest version 1.2.1.
  • all services: Set the Common Names of the certificates defined on the service manifests as their hostnames.
  • a9s MongoDB:
    • a9s MongoDB 5.0
      • MongoDB 5.0.17
  • a9s PostgreSQL:
    • a9s PostgreSQL 13
      • PostgreSQL 13.11
    • a9s PostgreSQL 11
      • PostgreSQL 11.20
  • a9s Redis 6:
    • a9s Redis 6.2.12
  • docs: Platform Operator: a9s Backup Manager: Update documentation to explain TLS/SSL configuration options. For more information see a9s Platform TLS General Configuration.
  • INTERNAL RELEASE a9s Backup Manager: Merge backup deletion endpoints together and move it to a new endpoint.

Deprecated

  • a9s MongoDB: Deprecation: Deprecate the following data service versions:

    • a9s MongoDB v3.x
    • a9s MongoDB v4.0

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:

    • for a9s MongoDB v3.x: a9s MongoDB 5.0 is available as GA version
    • for a9s MongoDB v4.0: a9s MongoDB 5.0 is available as GA version

This deprecation follows the announcement in the previous release. The deprecation phase is planned to last until v41.0.0 (in Q3/2023), in which the deprecated versions will become unsupported. The creation of new data service instances for these particular versions will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset. To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.

Fixed

  • a9s Backup Manager: Fix the current broken connections rescue logic. During the recent Ruby update, the pg gem was updated as well, which changed the thrown error. This fix shifts the reconnect logic into our clock functionality in order to properly catch the missing broken connections.

Security

  • a9s PostgreSQL: Fix CVEs:
    • CVE-2023-2455
    • CVE-2023-2454

Upcoming

  • a9s Messaging: End of Support: Terminate support, starting from anynines deployment v39.0.0 (expected end of June 2023), for the following deprecated data service version:
    • a9s Messaging v3.6
  • a9s Redis: End of Support: Terminate support, starting from anynines deployment v39.0.0 (expected end of June 2023), for the following deprecated data service versions:
    • a9s Redis v3.2
    • a9s Redis v4
  • a9s MariaDB: End of Support: Terminate support, starting from anynines deployment v39.0.0 (expected end of June 2023), for the following deprecated data service version:
    • a9s MariaDB v.10.1

The creation of new data service instances for these deprecated versions will be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. Although we will not intentionally break running instances of these unsupported versions, it cannot be guaranteed that they still work as expected after an update to v39.0.0.

  • a9s Elasticsearch: Deprecation: Prepare for the upcoming deprecation phase, triggered during the next release of anynines deployment v39.0.0 (expected end of June 2023), of the following data service versions:

    • a9s ElasticSearch: all versions

    Please ensure that you organize the migration of your existing instances to a more up-to-date version of the same data service:

    • for a9s ElasticSearch 7: a9s OpenSearch2 is available as GA version.

The deprecation phase is planned to last until v42.0.0 (in September 2023), in which the deprecated versions will become unsupported. The creation of new data service instances for these particular versions will then be disabled by default in the a9s Data Service Bundle and we will not provide regular support for these versions. Therefore, we strongly recommend that you start your migrations to a supported GA version as soon as possible and complete them until the end of the deprecation phase. For more information see a9s Platform Operator Sunrise Sunset.

To inquire about extended support for a deprecated version, please get in contact with our sales department at sales@anynines.com.