Gateway Hub 2.x Release Notes

Overview Copied

Gateway Hub release notes contain the list of enhancements of features, and a set of issues fixed in the current release.

This page contains release notes for all Gateway Hub 2.x releases.

For the latest highlights, see What’s New in Geneos.

Gateway Hub 2.6.0 Copied

Released: November 2022

This release delivers the updated binaries for in the ITRS Downloads page.

Highlights Copied

These are the highlights of this release:

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
HB-552 The new update-ldap-credentials.sh script, which can be used to correctly update the LDAP query user’s username and/or password, has replaced the apid update-ad-password.sh script. Another new script, reset-ldap-config.sh, can reset the LDAP configuration to its default state.
HB-554 To remove Apache Log4j dependencies, Kafka has been upgraded to version 3.3.1, while Zookeeper has been upgraded to version 3.8.0.
HB-598 A new utility script is available for pruning the etcd history of entries used by centralised configuration.
HB-601 PostgreSQL has been upgraded to version 12.12 to address BlackDuck vulnerabilities reported against version 12.8.

Issues fixed Copied

Issue key Release description
HB-557 When the Timescale tuning script is executed during installation, it no longer dedicates all available CPU cores to Timescale.

Known Issues Copied

Issue key Known issue description
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
HP-918 APID must be restarted when changing the Kerberos account.
HB-21 Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed up Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false
HB-80 Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration.
HB-604

CVE-2022-23181 and CVE-2021-42340 are flagged as vulnerabilities in Apache Tomcat Embed which is a dependency of Spring Boot Starter. The latest version of Spring Boot Starter (2.6.3) depends on Apache Tomcat Embed 9.0.56 which still contains these vulnerabilities so no upgrade path is available.

CVE-2022-23181 does not affect Gateway Hub because FileStore is not used to persist sessions.

CVE-2021-42340 does not affect Gateway Hub since it does not use websockets.

HB-606 CVE-2021-40690 is flagged as a vulnerability in all versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7. The latest OpenSAML version (4.0.1) depends on Santuario 2.1.4, therefore this issue is unresolved in Gateway Hub.
HB-608 CVE-2021-43045 is flagged as a vulnerability in the .NET SDK of Apache Avro, allowing an attacker to allocate excessive resources and potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions, so Gateway Hub 2.5.1 and newer are not impacted.
HB-611 CVE-2020-13936 is flagged as a vulnerability in Apache Velocity Engine versions up to 2.2. The latest OpenSAML version (4.0.1) depends on Apache Velocity Engine 2.2, therefore this issue is unresolved in Gateway Hub.
HB-614 CVE-2022-34169 is flagged as a vulnerability in the Apache Xalan XSLT library. Apache Xalan is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. No future releases of Apache Xalan Java to address this issue are expected. This is a transitive dependency only, and Gateway Hub does not perform any XSLT transformation at runtime, so it is unaffected by this vulnerability.
HB-615

CVE-2020-36518, CVE-2022-42003, and CVE-2022-42004 are flagged as vulnerabilities against jackson-databind versions in the 2.11.0 to 2.13.3 range.

CVE-2020-36518 can cause a Java StackOverflow exception and denial-of-service (DoS) through a large depth of nested objects. There is currently no upgrade path available since jackson-databind is a transitive dependency of Kafka’s, and Gateway Hub already depends on the latest Kafka version.

CVE-2022-42003 and CVE-2022-42004 can cause resource exhaustion when deserialising XML. Gateway Hub does not perform any XML deserialisation at runtime, so it is unaffected by this vulnerability.

HB-616 CVE-2021-37136 and CVE-2021-37137 are flagged as vulnerabilities against Netty Project 4.1.51. Both vulnerabilities affect frame decompression, which is not used in Gateway Hub, so it is unaffected by this vulnerability.
HB-617 CVE-2022-25857 is flagged as a vulnerability affecting SnakeYAML versions before 1.33, which is vulnerable to denial-of-service (DoS) due to missing nested depth limitation for collections. In Gateway Hub, SnakeYAML is only used to parse local trusted configuration files and is not used to parse network data, so it is unaffected by this vulnerability.
HB-618 CVE-2022-22965 is flagged as a vulnerability affecting Spring Boot 2.4.10, which is vulnerable to remote code execution (RCE) via data binding if the application is deployed as a WAR. The Web Console is deployed as a Spring Boot executable JAR, so it is unaffected by this vulnerability.
HB-619

BDSA-2022-0847, CVE-2016-1000027, and CVE-2022-22965 are flagged as vulnerabilities against Spring Framework 5.3.9.

BDSA-2022-0847 causes the Spring Framework to be vulnerable to unsafe deserialisation if unsafe use of certain provided deserialisation functionality is employed. The Web Console does not serialise or deserialise data since acts as a proxy to the Gateway Hub’s REST API, so it is unaffected by this vulnerability.

CVE-2016-1000027 causes the Spring Framework to be vulnerable to a potential remote code execution (RCE) issue if used for Java deserialisation of untrusted data. The Web Console does not serialise or deserialise data since it acts as a proxy to the Gateway Hub REST API, so it is unaffected by this vulnerability.

CVE-2022-22965 causes the Spring Framework to be vulnerable to remote code execution (RCE) through data binding if the application is deployed as a WAR. The Web Console is deployed as a Spring Boot executable JAR, so it is unaffected by this vulnerability.

HB-620 CVE-2022-22978 is flagged as a vulnerability affecting Spring Security 5.5.1, which is vulnerable to an authorization bypass when RegexRequestMatcher is used with a certain type of path. The Web Console uses RegexRequestMatcher, but does not use the problematic base paths and is therefore unaffected.
HB-622 CVE-2022-21724 and CVE-2022-26520 are flagged as vulnerabilities against PostgreSQL JDBC driver REL42.2.13. Both vulnerabilities can make a system using pgjdbc vulnerable to attackers who control either the JDBC URL or properties. Gateway Hub does not expose JDBC URLs or properties publicly, so it is unaffected by this vulnerability.

Gateway Hub 2.5.1 Copied

Released: February 2022

This release delivers the updated binaries for in the ITRS Downloads page.

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
HP-1173 The Gateway Hub’s persistence daemon now handles failures to persist ingestion errors correctly.
HP-1176 The Gateway Hub installation descriptor now allows the Web Console’s read timeout to be configured using the hub.webconsole.read_timeout_s parameter.
HP-1234 The number of open files used by RocksDB in the apid’s cache has been restricted to avoid startup errors due to system limits. The maximum number of files is limited to 1024 by default but can be configured in the installation descriptor.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-15235 There are no newer versions of the dependency published in the Maven central. There are no recommendations to update from Black Duck.
STARK-15292 Apache Log4j 1.2.17 is flagged as a security vulnerability by Black Duck. This vulnerability relates to running a log4j server that listens to log events sent to it by remote applications, but this does not affect Gateway Hub since this feature is not used in Kafka or Zookeeper.
HP-145 Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed up Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false
HP-454 Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper.
HP-455 Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka.
HP-456 Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration.
HP-780 Velocity 1.7 is flagged as a security vulnerability by Black Duck. Velocity is a dependency of OpenSAML, and we do not use it directly in the Gateway Hub, and in particular we do not make any use of Velocity templates.
HP-781 Bouncy Castle 1.61 to 1.68 is flagged as a security vulnerability by Black Duck. There is currently no available fix for this issue but the vulnerability only affects users of the BKS-V1 keystore format that is not in use anywhere in the Gateway Hub. For more information, see bc-java in GitHub.
HP-879 BDSA-2021-1344 is flagged as a security vulnerability by Black Duck. PostgreSQL is vulnerable to denial-of-service (DoS) due to an integer overflow that can lead to an out-of-bounds write. This scenario can only happen if an arbitrary SQL command is executed against Gateway Hub’s PostgreSQL database. This is not a procedure that ITRS supports unless performed following instructions from the engineering team.
HP-918 APID must be restarted when changing the Kerberos account.
HP-1247 CVE-2021-43045 is flagged as a vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions so Gateway Hub 2.5.1 and newer are not impacted.
HP-1248 CVE-2021-36090,CVE-2021-35517,CVE-2021-35516, and CVE-2021-35515 are flagged as vulnerabilities in Apache Commons Compress 1.19 which is a dependency of Apache Avro. Gateway Hub does not use the archive creation features of Apache Commons Compress 1.19 therefore it is not affected by these vulnerabilities.
HP-1249 CVE-2022-23307, CVE-2019-17571, CVE-2022-23305, CVE-2017-5645, CVE-2022-23302, and CVE-2021-4104 are flagged as vulnerabilities related to log4j. Gateway Hub 2.5.1 and newer uses a patched log4j 1.2.17 library that does not contain Chainsaw and none of these CVEs affect Gateway Hub.
HP-1250 CVE-2021-40690 is flagged as a vulnerability in all versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7. The latest OpenSAML version (4.0.1) depends on Santuario 2.1.4 therefore this issue is unresolved in Gateway Hub.
HP-1252 CVE-2020-13936 is flagged as a vulnerability in Apache Velocity Engine versions up to 2.2. The latest OpenSAML version (4.0.1) depends on Apache Velocity Engine 2.2 therefore this issue is unresolved in Gateway Hub.
HP-1254 CVE-2021-37136 and CVE-2021-37137 are flagged as a vulnerabilities in Netty Project 4.1.62.Final and 4.1.63.Final which is a dependency of Kafka and Zookeeper. The latest Kafka version (3.1.0) fixes these vulnerabilities, but there is no Zookeeper update that includes a fix, so these remain as known issues in Gateway Hub.
HP-1256 CVE-2021-37136 and CVE-2021-37137 are flagged as a vulnerability in Netty Project 4.1.62.Final which is a dependency of gRPC. A gRPC update is available but this issue remains unresolved because of HP-1254.
HP-1257 CVE-2017-15288 is flagged as a vulnerability in the compilation daemon of Scala which is not used at runtime so Gateway Hub is not affected.
HP-1260 CVE-2022-23181 and CVE-2021-42340 are flagged as vulnerabilities in Apache Tomcat Embed which is a dependency of Spring Boot Starter. The latest version of Spring Boot Starter (2.6.3) depends on Apache Tomcat Embed 9.0.56 which still contains these vulnerabilities so no upgrade path is available. CVE-2022-23181 does not affect Gateway Hub because FileStore is not used to persist sessions. CVE-2021-42340 does not affectGateway Hub since it does not use websockets.

Gateway Hub 2.5.0 Copied

Released: October 2021

This release delivers the updated binaries for in the ITRS Downloads page.

Highlights Copied

These are the highlights of this release:

Gateway Hub 2.5.0 contains a number of bug and performance fixes for dataviews in Web Console and Capacity Planner publishing. Additionally, Red Hat Enterprise Linux versions 8.0-8.4 are now supported.

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
CPPUB-51 Capacity Planner metrics are now compressed, this significantly reduces delivery time.
HP-953 Increased the installer’s default verbosity to level 2.
HP-1006 The Zookeeperlive probe script no longer relies on nc (netcat).
HP-1012 The installer will now detect clock desynchronisation exceeding 1 second between servers and will refuse to install Gateway Hub in these cases.
HP-1041 Hubcheck now enforces the following OS version constraints, Centos: 7.6 - 7.9, RHEL: 7.6 - 8.4.
HP-1051 Upgraded to Timescale 1.7.5 which contains several bug fixes.
HP-1052 The Postgresql stop script is now called only once. This reduces the timeout duration.
HP-1053 In the unlikely situation where the orchestration daemon detects that a service is still running at the time of a shutdown, the persisted run-level is now dropped to zero before exiting. Such situations will require manual intervention to kill the service process, and the run-level will need to be manually adjusted after re-starting Gateway Hub.
HP-1054 RHEL 8 is now fully supported. For more information see the Installation Guide and Gateway Hub Upgrade Notes. Some Python libraries must be installed separately.
HP-1060 Upgraded Kafka to version 2.8.1.
STARK-15280 SSOerrors are now clearer to understand in the Web Console.

Issues fixed Copied

These are the issues we have fixed in this release:

Issue key Release description
HP-930 Errors caused by too many active directory groups causing an HTTP header to overflow are now more clearly worded and displayed to user.
HP-963 Gateway Hub’s normaliser now actively rejects dataview rows with a row name longer than 1,024 characters.
HP-995 Gateway Hub now shuts down when a Zookeeper  node fails.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-15235 There are no newer versions of the dependency published in the Maven central. There are no recommendations to update from Black Duck.
STARK-15292 Apache Log4j 1.2.17 is flagged as a security vulnerability by Black Duck. This vulnerability relates to running a log4j server that listens to log events sent to it by remote applications, but this does not affect Gateway Hub since this feature is not used in Kafka or Zookeeper.
HP-145 Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false
HP-454 Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper.
HP-455 Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka.
HP-456 Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration.
HP-780 Velocity 1.7 is flagged as a security vulnerability by Black Duck. Velocity is a dependency of OpenSAML, and we do not use it directly in the Gateway Hub, and in particular we do not make any use of Velocity templates.
HP-781 Bouncy Castle 1.61 to 1.68 is flagged as a security vulnerability by Black Duck. There is currently no available fix for this issue but the vulnerability only affects users of the BKS-V1 keystore format that is not in use anywhere in the Gateway Hub. For more information, see bc-java in GitHub.
HP-879 BDSA-2021-1344 is flagged as a security vulnerability by Black Duck. PostgreSQL is vulnerable to denial-of-service (DoS) due to an integer overflow that can lead to an out-of-bounds write. This scenario can only happen if an arbitrary SQL command is executed against Gateway Hub’s PostgreSQL database. This is not a procedure that ITRS supports unless performed following instructions from the engineering team.
HP-918 APID must be restarted when changing the Kerberos account.

Gateway Hub 2.4.1 Copied

Released: May 2021

This release delivers the updated binaries for in the ITRS Downloads page.

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
CPPUB-18 Capacity Planner publishing monitoring metrics are now collected by StatsD.
CPPUB-23 Maximum bounds for data retrieved have been added when publishing Capacity Planner data to ensure that memory limits are not exceeded. Retrieving large amounts of data may need to be done using several manual runs.
CPPUB-47 Capacity Planner publishing processing speed has been improved to avoid a fail or retry loop.
HP-835 Metric queries are more tolerant when querying metrics of different types together, resulting in fewer errors with Capacity Planner publishing.

Issues fixed Copied

These are the issues we have fixed in this release:

Issue key Release description
HP-828 Gateway Hub now correctly handles non-default tmp_dir locations when upgrading.
HP-830 Computed dataview row names are no longer inferred as float64.
HP-849 The Show Deleted Rows function in the Web Console now correctly handles dataviews that do not update frequently instead of returning a 404 error.
HP-850 The Metric history now works correctly for cells that refresh slowly instead of returning a 404 error.
HP-853 Updated the Gateway Hub self-monitoring template. For more information, see Gateway Hub self monitoring.
HP-863 Ingestion errors timestamps are now assigned to the correct timezone.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-14990 Issue CVE-2020-28052 (BDSA-2020-3371) reported by Black Duck refers to the OpenBSDBCrypt.checkPassword utility method. Neither this method nor the class are used by Gateway Hub.
STARK-15235 There are no newer versions of the dependency published in the Maven central. There are no recommendations to update from Black Duck.
HP-145 Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false
HP-454 Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper.
HP-455 Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka.
HP-456 Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration.
HP-780 Velocity 1.7 is flagged as a security vulnerability by Black Duck. Velocity is a dependency of OpenSAML, and we do not use it directly in the Gateway Hub, and in particular we do not make any use of Velocity templates.
HP-781 Bouncy Castle 1.61 to 1.68 is flagged as a security vulnerability by Black Duck. There is currently no available fix for this issue but the vulnerability only affects users of the BKS-V1 keystore format that is not in use anywhere in the Gateway Hub. For more information, see bc-java in GitHub.
HP-879 BDSA-2021-1344 is flagged as a security vulnerability by Black Duck. PostgreSQL is vulnerable to denial-of-service (DoS) due to an integer overflow that can lead to an out-of-bounds write. This scenario can only happen if an arbitrary SQL command is executed against Gateway Hub’s PostgreSQL database. This is not a procedure that ITRS supports unless performed following instructions from the engineering team.

Gateway Hub 2.4.0 Copied

Released: April 2021

This release delivers the updated binaries for in the ITRS Downloads page.

Highlights Copied

These are the highlights of this release:

Gateway Hub is a brand new component in the Geneos environment, providing the foundations for smarter monitoring, improved scalability, and a refreshed modern UI.

Role-based access control for data and includes Copied

This release introduces the ability to restrict access to data and Gateway includes files to specific roles. It also adds the ability to create custom roles with specific access permissions. These can be used to prevent unauthorised users from updating global Gateway includes files, or ensure certain business-sensitive metrics can only be viewed by a particular team. By default, all data and includes are accessible to all logged-in users, new roles can be created for more granular access. For more information, see Roles.

Updated monitoring UI Copied

The monitoring UI in the Web Console has been updated in a number of ways following your feedback. Firstly metric data is arranged into dataviews rather than the flat list of metrics previously shown. The history of a text value can now be displayed when a dataview text value is selected. Deleted dataview rows can now be visualised, for more visibility of historical data. The performance is also significantly improved when viewing entities with large numbers of metrics.

Simpler Gateway security Copied

Centralised Gateway configuration was previously secured using Kerberos. This is now done using generated application keys which are much simpler to set up.

Schema-less ingestion Copied

By default, Gateway Hub will now accept data without a schema and will attempt to infer one based on the number of samples observed. In many cases, this will require no further input from the user, though dataviews with variable data may still result in some ingestion errors which can be resolved by specifying a schema manually in the Gateway Setup Editor. The units of measure are not inferred in this way and should be added manually if required; this is to avoid incorrect inference between KiB, KB, and others.

Gateways will need to be upgraded to version 5.7.x and higher to take advantage of this feature, and will no longer report errors when attempting to publish dataviews without a schema.

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
STARK-14905 You can now restrict access to data and Gateway include files through Role Based Access Control (RBAC).
STARK-15142 Security update for CVE-2020-13936.
STARK-15213 The history chart accompanying the dataview control in the Web Console no longer zooms when using the scroll wheel as this was interfering with page navigation.
HP-106 Memory is allocated to components better, particularly in machines with lower amounts of memory available.
HP-515 Gateway Hub sizing tool now includes size information for all components.
HP-554 Security updates for CVE-2020-25649, CVE-2020-24616, CVE-2020-24750, CVE-2020-14195, CVE-2020-11619.
HP-662 Gateway Hub diagnostics now include a copy of the Gateway Hub certificate and trust chain which can be useful to diagnose TLS-related installation issues.
HP-719 TLS v1 and v1.1 connections are now fully disabled.
HP-720 Weak CBC based TLS cipher suites are now fully disabled.
HP-777 Weak cipher suites have been disabled in the Netprobe included in Gateway Hub.
HP-810 Data published from Gateway 5.7.x and higher without a schema can now be used to infer a schema automatically.

Issues fixed Copied

These are the issues we have fixed in this release:

Issue key Release description
STARK-14892 Metric names with / are now correctly handled in the Web Console.
STARK-15078 Resolved incorrect authorisation issue when releasing a Gateway lock.
STARK-15102 Capacity Planner integration screens no longer appear editable to users without administrator access.
STARK-15226 LDAP group names containing spaces are now correctly handled by the SSO Agent.
HP-602 The liveness check for Kafka has been improved to ensure that data is not accepted before the system is ready to receive it.
HP-604 Gateway Hub no longer fails to install when the supplied TLS PEM file contains one or more intermediate CA certificates.
HP-654 The installer of Gateway Hub now detects when a user-supplied certificate is making use of the deprecated Netscape Cert Type extension in a way which is likely to cause the hub-admin command to fail to connect to the orchestration daemon.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-14990 Issue CVE-2020-28052 (BDSA-2020-3371) reported by Black Duck refers to the OpenBSDBCrypt.checkPassword utility method. Neither this method nor the class are used by Gateway Hub.
STARK-15269 Black Duck flags json-smart 1.3.2 as a security risk (CVE-2021-27568). The dependency is pulled in via nimbus-jose-jwt and they already have a fixed in place for this. For more information, see Nimbus JOSE+JWT 7.9. The latest version of nimbus-jose-jwt is already used by the Gateway Hub.
HP-145 Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false
HP-454 Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper.
HP-455 Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka.
HP-456 Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration.
HP-457 Black Duck has flagged three security vulnerabilities in Postgresql 12.4 which is used by Gateway Hub:
  • A vulnerability issue affecting client applications that create connections in specifying security parameters. Gateway Hub uses the peer authentication method which relies on identifying users using their operating system credentials. So this vulnerability does not affect Gateway Hub.
  • A vulnerability issue allowing regular users to execute SQL functions under the identity of a super user. This vulnerability issue does not impact Gateway Hub which uses Postgresql with a single regular user which is the same as its runtime user, and is identified to the database via its Unix credentials.
  • A vulnerability issue affecting interactive Postgresql sessions, which Gateway Hub does not make use of.
HP-780 Velocity 1.7 is flagged as a security vulnerability by Black Duck. Velocity is a dependency of OpenSAML, and we do not use it directly in the Gateway Hub, and in particular we do not make any use of Velocity templates.
HP-781 Bouncy Castle 1.61 to 1.68 is flagged as a security vulnerability by Black Duck. There is currently no available fix for this issue but the vulnerability only affects users of the BKS-V1 keystore format that is not in use anywhere in the Gateway Hub. For more information, see bc-java in GitHub.

Gateway Hub 2.3.1 Copied

Released: February 2021

This release delivers the updated binaries for in the ITRS Downloads page.

Highlights Copied

These are the highlights of this release:

Issues fixed Copied

These are the issues we have fixed in this release:

Issue key Release description
HP-673 The Linux infrastructure plugin used by the Collection Agent to collect self-monitoring metrics for Gateway Hub can now parse system process information files when a process contains a space in its command name. This allows the Collection Agent to start up correctly.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-14954 The version of the transitive dependency used {{bcprov-ext-jdk15on-1.66.jar}} is the latest one in Maven so updating is not possible.
STARK-14990 Issue CVE-2020-28052 (BDSA-2020-3371) reported by Black Duck refers to the OpenBSDBCrypt.checkPassword utility method. Neither this method nor the class are used by Gateway Hub.
HP-145 Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false
HP-454 Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper.
HP-455 Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka.
HP-456 Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration.
HP-457 Black Duck has flagged three security vulnerabilities in Postgresql 12.4 which is used by Gateway Hub:
  • A vulnerability issue affecting client applications that create connections in specifying security parameters. Gateway Hub uses the peer authentication method which relies on identifying users using their operating system credentials. So this vulnerability does not affect Gateway Hub.
  • A vulnerability issue allowing regular users to execute SQL functions under the identity of a super user. This vulnerability issue does not impact Gateway Hub which uses Postgresql with a single regular user which is the same as its runtime user, and is identified to the database via its Unix credentials.
  • A vulnerability issue affecting interactive Postgresql sessions, which Gateway Hub does not make use of.
HP-601 The Prometheus plugin used by Gateway Hub’s built-in Collection Agent to gather metrics from etcd makes use of the OkHttp client, which has a dependency on Bouncy Castle 1.65. OkHttp is not used by Gateway Hub to check passwords, since it is only used to consume etcd’s public REST API.

Gateway Hub 2.3.0 Copied

Released: January 2021

This release delivers the updated binaries for in the ITRS Downloads page.

Highlights Copied

These are the highlights of this release:

Monitoring Coverage Copied

The Monitoring Coverage page allows you to determine if you are monitoring everything correctly. It works by comparing each monitored entity with a number of custom policies and then flagging any breaches in an easy-to-use UI.

In this version, the policies that can be set enforce the use of attributes and plugins. Some examples of policies that can be set using Monitoring Coverage are:

The Monitoring Coverage page also provides an interactive report for determining the coverage of the policies which provides an additional layer of assurance that all monitored hosts are configured correctly.

For more information, see Monitoring Coverage.

Self-monitoring Copied

Self-monitoring is now provided by default through a pre-packaged Netprobe which can be assigned to a Gateway 5.5 or higher. You can use the available metrics to ensure the Gateway Hub runs smoothly, as well as alerting you when additional resources, such as Disk IO and storage are required.

Upgrades Copied

Upgrades are now supported beginning Gateway Hub 2.2.1.

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
STARK-12511 The default address of the Web Console is now 8443 instead of 8080.
STARK-14780 SAML and traditional LDAP SSO can now coexist in the Web Console.
HP-68 The hub-check can now scan UDP ports in addition to TCP ports. This requires that the package net-tools are installed.
HP-102 You can now configure the apid and Web Console to use HTTP instead of HTTPS.
HP-106 Memory is allocated to components better, particularly in machines with lower amounts of memory available.
HP-115 The Gateway Hub installer includes additional build information in the Gateway Hub package.
HP-141 The Gateway Hub installer package now contains a sample installation descriptor.
HP-143 The Gateway Hub can no longer mistakenly be started by a user other than the configured runtime user.
HP-147 etcd metrics are now available through Gateway Hub self-monitoring.
HP-159 Improved the suggested systemd configuration to avoid incorrectly reporting that the Gateway Hub has failed after a successful shut down.
HP-170 The sizing tool has been updated to include all component storage requirements.
HP-172 You can now use the command hubctl to upgrade prior versions of the Gateway Hub beginning 2.2.1.
HP-181 You can now configure the Postgresql user.
HP-199 The Gateway Hub checker now checks the system parameters by running sysctl rather than inspecting /etc/sysctl.conf directly.
HP-220 You can now use the Postgresql Collection Agent plugin for self-monitoring.
HP-224 The Gateway Hub checker no longer validates if JMX is externally available.
HP-237 The Gateway Hub installer now generates JKS keystore and truststore passwords instead of prompting when passwords are not specified in the installation descriptor.
HP-243 When performing a local install, setting installation.connection.local_host_name is now required, and its value cannot be equal to localhost.
HP-323 You can now configure the log level of the Gateway Hub services through the installation descriptor.
HP-386 The ports used to monitor the orchestrationd, kafka, and zookeeper through JMX are now configurable.
HP-446 Gateway Hub now works on RHEL 7.9.
HP-453 The Gateway Hub installer performs additional checks of the supplied PEM file to detect any potential issues (invalid CA, expired certificate, or invalid SAN hostname).
HP-465 The Address already in use errors now provide the relevant port.
HP-485 The Gateway Hub installer now provides the relevant username when prompting for an SSH password during installation.
MCOV-272 You can now use the Monitoring Coverage in the Web Console to check attributes and metrics.

Issues fixed Copied

These are the issues we have fixed in this release:

Issue key Release description
STARK-14528 The Copy buttons in the Web Console > Application keys no longer throw errors when generating an application key.
STARK-14799 Late arriving data in Gateway Hub no longer throws an error in addition to the warning.
STARK-14853 Setting a variable that uses the Gateway name macro no longer causes centralised configuration validation failures.
STARK-14886 The refresh token handling in the Web Console has been improved to reduce the possibility of an unauthorised error.
STARK-14936 Fixed an issue where centralised Gateways without resources could not have resources added.
HP-71 The hub-checker now asks for the SSH password if a private key has not been supplied.
HP-73 The Java check explicitly checks if the runtime user exists.
HP-79 Gateway Hub no longer supports changing the etcd peer port using the hubctl setup reconfigure command.
HP-479 The self-signed certificates generated by the Gateway Hub installer now have an expiry of 397 days.
HP-553 Fixed memory leak in the Webhooks publisher.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-14954 The version of the transitive dependency used {{bcprov-ext-jdk15on-1.66.jar}} is the latest one in Maven so updating is not possible.
STARK-14990 Issue CVE-2020-28052 (BDSA-2020-3371) reported by Black Duck refers to the OpenBSDBCrypt.checkPassword utility method. Neither this method nor the class are used by Gateway Hub.
HP-145 Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false
HP-454 Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper.
HP-455 Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka.
HP-456 Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration.
HP-457 Black Duck has flagged three security vulnerabilities in Postgresql 12.4 which is used by Gateway Hub:
  • A vulnerability issue affecting client applications that create connections in specifying security parameters. Gateway Hub uses the peer authentication method which relies on identifying users using their operating system credentials. So this vulnerability does not affect Gateway Hub.
  • A vulnerability issue allowing regular users to execute SQL functions under the identity of a super user. This vulnerability issue does not impact Gateway Hub which uses Postgresql with a single regular user which is the same as its runtime user, and is identified to the database via its Unix credentials.
  • A vulnerability issue affecting interactive Postgresql sessions, which Gateway Hub does not make use of.
HP-601 The Prometheus plugin used by Gateway Hub’s built-in Collection Agent to gather metrics from etcd makes use of the OkHttp client, which has a dependency on Bouncy Castle 1.65. OkHttp is not used by Gateway Hub to check passwords, since it is only used to consume etcd’s public REST API.

Gateway Hub 2.2.2 Copied

Released: October 2020

This release delivers the updated binaries for in the ITRS Downloads page.

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
STARK-14854 Gateway files are now compressed to ensure that they fit within the Kafka message limit.
HP-243 When performing a local install, setting installation.connection.local_host_name is now required and its value cannot be localhost.

Issues fixed Copied

These are the issues we have fixed in this release:

Issue key Release description
HP-79 Gateway Hub no longer supports changing the etcd peer port using the hubctl setup reconfigure command.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-14448 If a Gateway Hub node is taken down abruptly (for example, due to a loss of power), it is possible for Kafka to report an error when restarting because its session with Zookeeper was not properly terminated. To resolve this problem, you must restart the Gateway Hub for a second time.
HP-119 SnakeYAML 1.24 is flagged as a security vulnerability by Black Duck. This vulnerability affects the loading of YAML aliases, which are not used in Gateway Hub configuration files.
HP-189 Netty-4.1.45.Final is flagged as a security vulnerability by Black Duck. This dependency is pulled in by Kafka 2.5 (which is the latest version) and jetcd-0.5.3. The vulnerability will be resolved once both Kafka 2.5 and jetcd-0.5.3 provide upgrades with a fix.
HP-234 PostgreSQL Database Server REL_12_3 is flagged as a security vulnerability by Black Duck. This vulnerability relates to the PostgreSQL schema search path and impacts logical replication and the installation of PostgreSQL extensions. This does not impact Gateway Hub, which does not rely on PostgreSQL replication and does not require additional PostgreSQL extensions to be installed after the initial setup.

Gateway Hub 2.2.1 Copied

Released: September 2020

This release delivers the updated binaries for in the ITRS Downloads page.

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
STARK-13070 Kafka retention settings are now configurable during installation.
STARK-14393 The Kafka log format now aligns with other components.
STARK-14396 Log formats are now consistent across all Gateway Hub components.
STARK-14599 Application log retention settings are now configurable during installation.

Issues fixed Copied

These are the issues we have fixed in this release:

Issue key Release description
STARK-11874 Log entries are now displayed in UTC instead of local time.
STARK-14582 Memory now correctly allocated for machines with 16 GB memory.
STARK-14648 If installation.connection.user is not specified, the Hub checker now uses hub.user when connecting to the remote node.
STARK-14679 Chart axes and tooltips in the Entity metrics view no longer report duplicate rounded values.
STARK-14680 Web Console no longer displays 401 errors when multiple cookies are available for the same domain.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-13049 In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store.
STARK-14448 If a Gateway Hub node is taken down abruptly (for example, due to a loss of power), it is possible for Kafka to report an error when restarting because its session with Zookeeper was not properly terminated. To resolve this problem, you must restart the Gateway Hub for a second time.
HP-119 SnakeYAML 1.24 is flagged as a security vulnerability by Black Duck. This vulnerability affects the loading of YAML aliases, which are not used in Gateway Hub configuration files.
HP-234 PostgreSQL Database Server REL_12_3 is flagged as a security vulnerability by Black Duck. This vulnerability relates to the PostgreSQL schema search path and impacts logical replication and the installation of PostgreSQL extensions. This does not impact Gateway Hub, which does not rely on PostgreSQL replication and does not require additional PostgreSQL extensions to be installed after the initial setup.

Gateway Hub 2.2.0 Copied

Released: August 2020

This release delivers the updated binaries for in the ITRS Downloads page.

Highlights Copied

These are the highlights of this release:

Simplified installation Copied

Gateway Hub is now deployed as a single tar file, with a simple Ansible script for installing the relevant components. Typical installations will take a few minutes, and root access is not required.

For more information, see Install in Gateway Hub documentation.

SAML security Copied

A new security scheme, SAML has been introduced, providing simpler integration with compatible security infrastructures. SAML authentication also allows access to the Web Console outside the firewall for environments that permit this. In order to use SAML authentication, you must map the LDAP (or equivalent) groups to a field in the SAML token typically memberOf.

For more information, see SAML configuration in Gateway Hub documentation.

Capacity Planner integration Copied

Integration with Capacity Planner is now provided via a new app, allowing capacity data to be sent to Capacity Planner with minimal configuration required. The Capacity Planner app supersedes the Capacity Planner Helper plugin.

For more information, see Capacity Planner app configuration in Gateway Hub documentation.

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
STARK-12078 Business hours are now configurable instead of having a fixed value of 9-5.
STARK-12815 The granularity of all charts has been increased.
STARK-12973 Stacked area chart visualisation is now available on the Web Console.
STARK-13084 Web Console now has better handling of concurrent updates to dashboards.
STARK-13475 You can now deselect metrics in the entity monitoring screen to clear the history chart and show all events relevant for that entity.
STARK-13494 The Events overlay in the monitoring screen now shows aggregated error information.
STARK-13602 You can now import and export dashboards in the Web Console.
STARK-13619 The System Errors screen is no longer available in the Web Console.
STARK-13840 Gateway Hub now supports RHEL 7.8.
STARK-14546 Gateway Hub no longer requires SELinux to be disabled.

Issues fixed Copied

These are the issues we have fixed in this release:

Issue key Release description
STARK-11343 Autocomplete now correctly handles the keywords EXISTS and NOT EXISTS.
STARK-12371 Webhooks are correctly displayed as read-only for Operators.
STARK-13190 Error message no longer displays after a Webhook is deleted.
STARK-13275 The entity filter autocomplete is now displayed correctly when the NOT IN keyword is used.
STARK-13466 Show in dashboard control improved for dashboards with long names.
STARK-13477 Dashboard panels referring to missing metrics no longer show a loading indicator.
STARK-13609 Gateway IDs are no longer assigned sequentially.
STARK-13696 The certificate chain is now correctly generated when using self-signed certificates.
STARK-13941 Gateway Hub now supports Oracle JRE.
STARK-13945 Editing a dashboard name no longer deletes unsaved widgets.
STARK-14532 Web Console now uses 8443 as its default HTTPS port.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-13049 In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store.
STARK-14448 If a Gateway Hub node is taken down abruptly (for example, due to a loss of power), it is possible for Kafka to report an error when restarting because its session with Zookeeper was not properly terminated. To resolve this problem, you must restart the Gateway Hub for a second time.

Gateway Hub 2.1.2 Copied

Released: June 2020

This release delivers the updated binaries for in the ITRS Downloads page.

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
STARK-13762 Manually triggered data retention jobs now finish considerably quicker than before.
STARK-13761 Snapshot and API daemon logging has been reduced, resulting in smaller disk usage.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-13049 In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store.
STARK-13925 Netty-4.1.45.Final is flagged as a security vulnerability by Black Duck. The dependency is pulled in by Kafka 2.5 (which is the latest version) and jetcd-0.5.3. The vulnerability will be resolved once both Kafka 2.5 and jetcd-0.5.3 provide upgrades with a fix.

Gateway Hub 2.1.1 Copied

Released: June 2020

This release delivers the updated binaries for in the ITRS Downloads page.

Issues fixed Copied

These are the issues we have fixed in this release:

Issue key Release description
STARK-13742 The java.io.tmpdir directory is no longer hardcoded in the warden.conf.j2 template. This prevents a java.lang.UnsatisfiedLinkError occurring when deploying Gateway Hub with custom folders.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-13049 In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.

Gateway Hub 2.1.0 Copied

Released: May 2020

This release delivers the updated binaries for in the ITRS Downloads page.

Highlights Copied

These are the highlights of this release:

Performance improvements Copied

Gateway Hub now handles entities with up to 10,000 metrics correctly. Additionally, resource allocation has been improved.

Anomaly detection Copied

Gateway Hub now includes an Anomaly Detection UI component. You can now overlay metric charts with the expected normal bounds of that metric based on historical data.

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
STARK-13386 The Events browser chart now provides more granular data.
STARK-13340 The entity filter parameter in the Grafana datasource plugin no longer requires quotes.
STARK-13302 Percentiles are now displayed more compactly, for example p95.
STARK-13245 The Grafana datasource plugin now supports Entity queries.
STARK-13244 The Grafana datasource plugin now supports Event queries.
STARK-13237 GPG keys are now correctly removed when uninstalling.
STARK-13205 Gateway Hub diagnostic files now include syslog.
STARK-13199 Metric queries now have improved performance.
STARK-13184 Entity metrics can now be filtered by typing in the column headers in the Web Console.
STARK-13078 The Dashboard home list now shows Dashboard descriptions.
STARK-13053 Dashboard panels can now display metrics filtered by row name.
STARK-13047 Users with Operator privileges can no longer modify other users’ dashboards when SSO is enabled.
STARK-13046 Dashboard panels now support the following aggregations: first, last, p1, and p99.
STARK-13042 You can now set the output of an entity query as a Global parameter in a Dashboard. Panels can be configured to use the Global parameter. This allows you to quickly switch the targets of panels from one entity to another.
STARK-12974 Area charts are now available in Dashboard panels.
STARK-12907 Dashboard metric selector has been made more compact.
STARK-12838 Gateway Hub can now handle entities with large numbers of metrics, for example 10,000+.
STARK-12732 Infinity and negative infinity values are now handled correctly.
STARK-12712 Hub checker no longer checks Spark configuration.
STARK-12642 The Gateway config UI now displays the Gateway validation messages when include files are assigned.
STARK-12058 Gateway Hub no longer supports using a KeyStore and TrustStore to configure TLS/SSL. You must provide PEM files instead.
STARK-12045 All hosts must now be specified using fully qualified domain names (FQDNs). IP addresses are no longer accepted as these cause SSL issues.
STARK-9804 The Dashboard list is now searchable.
STARK-9182 The entity overview metric table now displays a floating header.
STARK-5997 You can now display the expected normal bounds when viewing metric history charts. This allows you to compare current values with the expected values based on historical data.

Issues fixed Copied

These are the issues we have fixed in this release:

Issue key Release description
STARK-13496 Gateway Hub’s data retention processes no longer causes NoClassDefFoundError errors.
STARK-13373 Restarting Gateway Hub is now less likely to result in apid errors.
STARK-13351 TimescaleDB packages included in the Gateway Hub installer are now signed correctly.
STARK-13347 The Web Console no longer incorrectly shows an Enable storage to show historical data prompt when viewing an entity without historical data.
STARK-13322 Hub checker now correctly fails if a non-existing child device is supplied as a MapR disk.
STARK-13312 Dashboard text panels now correctly show their text contents.
STARK-13304 Hub checker now correctly accepts CentOS 7.7.1908 as a supported version.
STARK-13301 Dashboard metric charts no longer interpolate empty buckets.
STARK-13289 Hub checker now correctly fails when mapr_disks is not set.
STARK-13278 Hub checker no longer reports a false positive for a missing Java runtime when installing as root.
STARK-13277 Hub checker now correctly handles blank lines in the hosts file.
STARK-13268 Hub checker no longer requires disks to be located in the /dev directory.
STARK-13249 Hub checker now tests for syslinux as a prerequisite.
STARK-13222 Removing a Managed Entity no longer causes a crash in the normaliser.
STARK-13220 Hub checker now correctly handles non-existing disks.
STARK-13219 Hub checker will no longer allow partitioned disks for MapR.
STARK-13193 Adding an include file through the Gateway config UI no longer adds an empty include group.
STARK-13119 Open API definitions now correctly refer to Roles rather than Groups.
STARK-13100 Dashboard errors now clear after some time has elapsed.
STARK-13099 The Dashboard panel KPI preview now correctly reflects the user’s timezone.
STARK-13089 The Open API documentation now correctly shows the ITRS-Doc-Version.
STARK-13085 Displaying a tooltip is now easier for metric charts with a single point.
STARK-13068 The Dashboard header now follows the page when scrolling.
STARK-13035 KPI icons are now optional.
STARK-12609 The Gateway config UI now identifies locked Gateways and resources.
STARK-12597 Dashboard panels now account for the user timezone correctly.
STARK-12521 Changing a Dashboard panel’s visualisation type will no longer reset the title and description.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-13049 In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store.
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.

Gateway Hub 2.0.0 Copied

Released: 8 April 2020

This release delivers the updated binaries for in the ITRS Downloads page. Note: Upgrading from Gateway Hub 1.x.x to 2.0.0 is not currently supported.

Highlights Copied

These are the highlights of this release:

Dashboards Copied

The Web Console now includes Dashboard functionality for easy visualisation of metrics and their related events. This release includes line charts, bar charts, KPIs, and table visualisations.

Metric query improvements Copied

Metric storage and query performance has been improved. Queries that previously took up to a minute now take a few seconds or less. This is due to a change in the way that metric data is being stored, as well as various improvements to how metric data is being retrieved.

Reduced hardware requirements Copied

Another benefit of improved query performance is reduced hardware required to run the Gateway Hub. The minimum memory requirements have decreased from 32 GB to 16 GB, and the disk space required for storage has also decreased.

The Gateway Hub sizing tool has been updated to account for these new minimums, although it is important to note that just like with all software, better hardware will result in better performance.

Centralised configuration UI Copied

A new administration UI is provided for centralised configuration. Although the Gateway Setup Editor is still the best place to work with include files directly, the new Web Console pages provide some additional tools such as the ability to see which Gateways are using which includes and vice versa. It also provides the ability to see the history of include files, including the diffs between versions, as well as a UI tool to upload Gateway binaries to Gateway Hub, which is required for centralised setup validation.

New features and enhancements Copied

These are the new features and enhancements of this release:

Issue key Release description
STARK-13034 Added a View in Dashboard control to the Events viewer, allowing the current entity date filters to be passed to a dashboard.
STARK-12685 Gateway Hub no longer requires JDK for installation. JRE is now sufficient to install.
STARK-12454 A tooltip has been added to the Events overlay in metric history charts.
STARK-12419 Additional pre-install checks were added:
  • Operating system is Red Hat 7 or CentOS 7.
  • Architecture is x86_64. * If metric data and write ahead log locations are already created, then these are empty.
STARK-12295 Entities that have been grouped by severity are now displayed in decreasing order of severity instead of by count.
STARK-12117 A legend has been added to the Events chart in the Web Console.
STARK-11134 Creation time was added to the Events result table in the Web Console.
STARK-11098 First and Last aggregations have been added.
STARK-10296 Web Console no longer displays generic 401 error messages when a more specific error is available from the backend.

Issues fixed Copied

These are the issues we have fixed in this release:

Issue key Release description
STARK-13142 Significantly decreased storage requirements for events.
STARK-13117 The documentation link in the About page of the snapshot versions of the Web Console (used in the snapshot versions of MiniGeneos) now correctly points to the latest published version of the documentation.
STARK-13088 Fixed a null pointer exception when Webhooks is publishing events from dataview headlines.
STARK-13023 Added ITRS-Doc-Version that was missing from the API definition for GET /documents/{id}.
STARK-12936 The Events chart tooltip now works correctly.
STARK-12782 Gateway Hub install checker now handles multiple Kafka directories correctly.
STARK-12750 Empty entity filters can no longer be set in the Web Console Monitoring home page.
STARK-12652 Events screen chart X-axis no longer overflows the panel.

Known issues Copied

These are the known issues affecting this release:

Issue key Known issue description
STARK-13049 In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store.
STARK-13180 For large scale deployments, the Gateway Hub 2.0.0 installer can set PostgreSQL min_wal_size and max_wal_size values smaller than they should be. These values are found in the {{ hub.install.postgres_data }}/postgresql.conf file, where hub.install.postgres_data is the directory you specified in your hubctl configuration file. When these values are too small the Hub will perform poorly for both ingesting and querying metric data. You will also see entries like the following in the PostgreSQL logs at {{ hub.install.postgres_data }}/log:
  • 2020-04-07 09:08:35.566 UTC [26000] LOG: checkpoints are occurring too frequently (1 second apart).
  • 2020-04-07 09:08:35.566 UTC [26000] HINT: consider increasing the configuration parameter max_wal_size.
To resolve the situation, do the following on each Hub node after installation:
  1. Check the size of the disk that will contain your PostgreSQL write ahead log:
df {{ hub.install.postgres_wal }} -BG
  1. Modify the PostgreSQL configuration by running the following command as the postgres user or via sudo:
timescaledb-tune -pg-config /usr/pgsql-11/bin/pg_config -conf-path {{ hub.install.postgres_data }}/postgresql.conf -wal-disk-size {{ postgres_wal_disk_gb }}GB
  1. Restart PostgreSQL:
systemctl restart postgresql-11.service
STARK-6505 Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId.
STARK-4463 Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns.
STARK-4350 Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine.

Other Gateway Hub releases Copied

Release Notes Release Date
2.x Release Notes Released: 8 April 2020
1.x Release Notes Released: 21 January 2019

Disclaimer

The information contained in this document is for general information and guidance on our products, services, and other matters. It is only for information purposes and is not intended as advice which should be relied upon. We try to ensure that the content of this document is accurate and up-to-date, but this cannot be guaranteed. Changes may be made to our products, services, and other matters which are not noted or recorded herein. All liability for loss and damage arising from reliance on this document is excluded (except where death or personal injury arises from our negligence or loss or damage arises from any fraud on our part).
["Gateway Hub"] ["Release Notes"]

Was this topic helpful?