×
![]()
Gateway Hub 2.x Release Notes
Overview Copied
Gateway Hub release notes contain the list of enhancements of features, and a set of issues fixed in the current release.
This page contains release notes for all Gateway Hub 2.x releases.
For the latest highlights, see What’s New in Geneos.
Gateway Hub 2.6.0 Copied
Released: November 2022
This release delivers the updated binaries for in the ITRS Downloads page.
Highlights Copied
These are the highlights of this release:
- Added new utility scripts for managing LDAP-related tasks and etcd history.
- Upgraded versions of Kafka and Zookeeper to remove Apache Log4j dependencies.
- Upgraded version of PostgreSQL to address BlackDuck vulnerabilities.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| HB-552 | The new update-ldap-credentials.sh script, which can be used to correctly update the LDAP query user’s username and/or password, has replaced the apid update-ad-password.sh script. Another new script, reset-ldap-config.sh, can reset the LDAP configuration to its default state. |
| HB-554 | To remove Apache Log4j dependencies, Kafka has been upgraded to version 3.3.1, while Zookeeper has been upgraded to version 3.8.0. |
| HB-598 | A new utility script is available for pruning the etcd history of entries used by centralised configuration. |
| HB-601 | PostgreSQL has been upgraded to version 12.12 to address BlackDuck vulnerabilities reported against version 12.8. |
Issues fixed Copied
| Issue key | Release description |
|---|---|
| HB-557 | When the Timescale tuning script is executed during installation, it no longer dedicates all available CPU cores to Timescale. |
Known Issues Copied
| Issue key | Known issue description |
|---|---|
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-14925 | Grafana version 7.2 and higher is incompatible with the Geneos datasource plugin, as a result the query form fields will not display. As a workaround, you should downgrade to Grafana 7.1 until a fix is available. |
| HP-918 | APID must be restarted when changing the Kerberos account. |
| HB-21 | Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed up Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false |
| HB-80 | Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration. |
| HB-604 | CVE-2022-23181 and CVE-2021-42340 are flagged as vulnerabilities in Apache Tomcat Embed which is a dependency of Spring Boot Starter. The latest version of Spring Boot Starter (2.6.3) depends on Apache Tomcat Embed 9.0.56 which still contains these vulnerabilities so no upgrade path is available. CVE-2022-23181 does not affect Gateway Hub because FileStore is not used to persist sessions. CVE-2021-42340 does not affect Gateway Hub since it does not use websockets. |
| HB-606 | CVE-2021-40690 is flagged as a vulnerability in all versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7. The latest OpenSAML version (4.0.1) depends on Santuario 2.1.4, therefore this issue is unresolved in Gateway Hub. |
| HB-608 | CVE-2021-43045 is flagged as a vulnerability in the .NET SDK of Apache Avro, allowing an attacker to allocate excessive resources and potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions, so Gateway Hub 2.5.1 and newer are not impacted. |
| HB-611 | CVE-2020-13936 is flagged as a vulnerability in Apache Velocity Engine versions up to 2.2. The latest OpenSAML version (4.0.1) depends on Apache Velocity Engine 2.2, therefore this issue is unresolved in Gateway Hub. |
| HB-614 | CVE-2022-34169 is flagged as a vulnerability in the Apache Xalan XSLT library. Apache Xalan is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. No future releases of Apache Xalan Java to address this issue are expected. This is a transitive dependency only, and Gateway Hub does not perform any XSLT transformation at runtime, so it is unaffected by this vulnerability. |
| HB-615 | CVE-2020-36518, CVE-2022-42003, and CVE-2022-42004 are flagged as vulnerabilities against jackson-databind versions in the 2.11.0 to 2.13.3 range. CVE-2020-36518 can cause a Java StackOverflow exception and denial-of-service (DoS) through a large depth of nested objects. There is currently no upgrade path available since jackson-databind is a transitive dependency of Kafka’s, and Gateway Hub already depends on the latest Kafka version. CVE-2022-42003 and CVE-2022-42004 can cause resource exhaustion when deserialising XML. Gateway Hub does not perform any XML deserialisation at runtime, so it is unaffected by this vulnerability. |
| HB-616 | CVE-2021-37136 and CVE-2021-37137 are flagged as vulnerabilities against Netty Project 4.1.51. Both vulnerabilities affect frame decompression, which is not used in Gateway Hub, so it is unaffected by this vulnerability. |
| HB-617 | CVE-2022-25857 is flagged as a vulnerability affecting SnakeYAML versions before 1.33, which is vulnerable to denial-of-service (DoS) due to missing nested depth limitation for collections. In Gateway Hub, SnakeYAML is only used to parse local trusted configuration files and is not used to parse network data, so it is unaffected by this vulnerability. |
| HB-618 | CVE-2022-22965 is flagged as a vulnerability affecting Spring Boot 2.4.10, which is vulnerable to remote code execution (RCE) via data binding if the application is deployed as a WAR. The Web Console is deployed as a Spring Boot executable JAR, so it is unaffected by this vulnerability. |
| HB-619 | BDSA-2022-0847, CVE-2016-1000027, and CVE-2022-22965 are flagged as vulnerabilities against Spring Framework 5.3.9. BDSA-2022-0847 causes the Spring Framework to be vulnerable to unsafe deserialisation if unsafe use of certain provided deserialisation functionality is employed. The Web Console does not serialise or deserialise data since acts as a proxy to the Gateway Hub’s REST API, so it is unaffected by this vulnerability. CVE-2016-1000027 causes the Spring Framework to be vulnerable to a potential remote code execution (RCE) issue if used for Java deserialisation of untrusted data. The Web Console does not serialise or deserialise data since it acts as a proxy to the Gateway Hub REST API, so it is unaffected by this vulnerability. CVE-2022-22965 causes the Spring Framework to be vulnerable to remote code execution (RCE) through data binding if the application is deployed as a WAR. The Web Console is deployed as a Spring Boot executable JAR, so it is unaffected by this vulnerability. |
| HB-620 | CVE-2022-22978 is flagged as a vulnerability affecting Spring Security 5.5.1, which is vulnerable to an authorization bypass when RegexRequestMatcher is used with a certain type of path. The Web Console uses RegexRequestMatcher, but does not use the problematic base paths and is therefore unaffected. |
| HB-622 | CVE-2022-21724 and CVE-2022-26520 are flagged as vulnerabilities against PostgreSQL JDBC driver REL42.2.13. Both vulnerabilities can make a system using pgjdbc vulnerable to attackers who control either the JDBC URL or properties. Gateway Hub does not expose JDBC URLs or properties publicly, so it is unaffected by this vulnerability. |
Gateway Hub 2.5.1 Copied
Released: February 2022
This release delivers the updated binaries for in the ITRS Downloads page.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| HP-1173 | The Gateway Hub’s persistence daemon now handles failures to persist ingestion errors correctly. |
| HP-1176 | The Gateway Hub installation descriptor now allows the Web Console’s read timeout to be configured using the hub.webconsole.read_timeout_s parameter. |
| HP-1234 | The number of open files used by RocksDB in the apid’s cache has been restricted to avoid startup errors due to system limits. The maximum number of files is limited to 1024 by default but can be configured in the installation descriptor. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-14925 | Grafana version 7.2 and higher is incompatible with the Geneos datasource plugin, as a result the query form fields will not display. As a workaround, you should downgrade to Grafana 7.1 until a fix is available. |
| STARK-15235 | There are no newer versions of the dependency published in the Maven central. There are no recommendations to update from Black Duck. |
| STARK-15292 | Apache Log4j 1.2.17 is flagged as a security vulnerability by Black Duck. This vulnerability relates to running a log4j server that listens to log events sent to it by remote applications, but this does not affect Gateway Hub since this feature is not used in Kafka or Zookeeper. |
| HP-145 | Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed up Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false |
| HP-454 | Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper. |
| HP-455 | Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka. |
| HP-456 | Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration. |
| HP-780 | Velocity 1.7 is flagged as a security vulnerability by Black Duck. Velocity is a dependency of OpenSAML, and we do not use it directly in the Gateway Hub, and in particular we do not make any use of Velocity templates. |
| HP-781 | Bouncy Castle 1.61 to 1.68 is flagged as a security vulnerability by Black Duck. There is currently no available fix for this issue but the vulnerability only affects users of the BKS-V1 keystore format that is not in use anywhere in the Gateway Hub. For more information, see bc-java in GitHub. |
| HP-879 | BDSA-2021-1344 is flagged as a security vulnerability by Black Duck. PostgreSQL is vulnerable to denial-of-service (DoS) due to an integer overflow that can lead to an out-of-bounds write. This scenario can only happen if an arbitrary SQL command is executed against Gateway Hub’s PostgreSQL database. This is not a procedure that ITRS supports unless performed following instructions from the engineering team. |
| HP-918 | APID must be restarted when changing the Kerberos account. |
| HP-1247 | CVE-2021-43045 is flagged as a vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions so Gateway Hub 2.5.1 and newer are not impacted. |
| HP-1248 | CVE-2021-36090,CVE-2021-35517,CVE-2021-35516, and CVE-2021-35515 are flagged as vulnerabilities in Apache Commons Compress 1.19 which is a dependency of Apache Avro. Gateway Hub does not use the archive creation features of Apache Commons Compress 1.19 therefore it is not affected by these vulnerabilities. |
| HP-1249 | CVE-2022-23307, CVE-2019-17571, CVE-2022-23305, CVE-2017-5645, CVE-2022-23302, and CVE-2021-4104 are flagged as vulnerabilities related to log4j. Gateway Hub 2.5.1 and newer uses a patched log4j 1.2.17 library that does not contain Chainsaw and none of these CVEs affect Gateway Hub. |
| HP-1250 | CVE-2021-40690 is flagged as a vulnerability in all versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7. The latest OpenSAML version (4.0.1) depends on Santuario 2.1.4 therefore this issue is unresolved in Gateway Hub. |
| HP-1252 | CVE-2020-13936 is flagged as a vulnerability in Apache Velocity Engine versions up to 2.2. The latest OpenSAML version (4.0.1) depends on Apache Velocity Engine 2.2 therefore this issue is unresolved in Gateway Hub. |
| HP-1254 | CVE-2021-37136 and CVE-2021-37137 are flagged as a vulnerabilities in Netty Project 4.1.62.Final and 4.1.63.Final which is a dependency of Kafka and Zookeeper. The latest Kafka version (3.1.0) fixes these vulnerabilities, but there is no Zookeeper update that includes a fix, so these remain as known issues in Gateway Hub. |
| HP-1256 | CVE-2021-37136 and CVE-2021-37137 are flagged as a vulnerability in Netty Project 4.1.62.Final which is a dependency of gRPC. A gRPC update is available but this issue remains unresolved because of HP-1254. |
| HP-1257 | CVE-2017-15288 is flagged as a vulnerability in the compilation daemon of Scala which is not used at runtime so Gateway Hub is not affected. |
| HP-1260 | CVE-2022-23181 and CVE-2021-42340 are flagged as vulnerabilities in Apache Tomcat Embed which is a dependency of Spring Boot Starter. The latest version of Spring Boot Starter (2.6.3) depends on Apache Tomcat Embed 9.0.56 which still contains these vulnerabilities so no upgrade path is available. CVE-2022-23181 does not affect Gateway Hub because FileStore is not used to persist sessions. CVE-2021-42340 does not affectGateway Hub since it does not use websockets. |
Gateway Hub 2.5.0 Copied
Released: October 2021
This release delivers the updated binaries for in the ITRS Downloads page.
Highlights Copied
These are the highlights of this release:
- RHEL 8 support.
Gateway Hub 2.5.0 contains a number of bug and performance fixes for dataviews in Web Console and Capacity Planner publishing. Additionally, Red Hat Enterprise Linux versions 8.0-8.4 are now supported.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| CPPUB-51 | Capacity Planner metrics are now compressed, this significantly reduces delivery time. |
| HP-953 | Increased the installer’s default verbosity to level 2. |
| HP-1006 | The Zookeeperlive probe script no longer relies on nc (netcat). |
| HP-1012 | The installer will now detect clock desynchronisation exceeding 1 second between servers and will refuse to install Gateway Hub in these cases. |
| HP-1041 | Hubcheck now enforces the following OS version constraints, Centos: 7.6 - 7.9, RHEL: 7.6 - 8.4. |
| HP-1051 | Upgraded to Timescale 1.7.5 which contains several bug fixes. |
| HP-1052 | The Postgresql stop script is now called only once. This reduces the timeout duration. |
| HP-1053 | In the unlikely situation where the orchestration daemon detects that a service is still running at the time of a shutdown, the persisted run-level is now dropped to zero before exiting. Such situations will require manual intervention to kill the service process, and the run-level will need to be manually adjusted after re-starting Gateway Hub. |
| HP-1054 | RHEL 8 is now fully supported. For more information see the Installation Guide and Gateway Hub Upgrade Notes. Some Python libraries must be installed separately. |
| HP-1060 | Upgraded Kafka to version 2.8.1. |
| STARK-15280 | SSOerrors are now clearer to understand in the Web Console. |
Issues fixed Copied
These are the issues we have fixed in this release:
| Issue key | Release description |
|---|---|
| HP-930 | Errors caused by too many active directory groups causing an HTTP header to overflow are now more clearly worded and displayed to user. |
| HP-963 | Gateway Hub’s normaliser now actively rejects dataview rows with a row name longer than 1,024 characters. |
| HP-995 | Gateway Hub now shuts down when a Zookeeper node fails. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-14925 | Grafana version 7.2 and higher is incompatible with the Geneos datasource plugin, as a result the query form fields will not display. As a workaround, you should downgrade to Grafana 7.1 until a fix is available. |
| STARK-15235 | There are no newer versions of the dependency published in the Maven central. There are no recommendations to update from Black Duck. |
| STARK-15292 | Apache Log4j 1.2.17 is flagged as a security vulnerability by Black Duck. This vulnerability relates to running a log4j server that listens to log events sent to it by remote applications, but this does not affect Gateway Hub since this feature is not used in Kafka or Zookeeper. |
| HP-145 | Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false |
| HP-454 | Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper. |
| HP-455 | Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka. |
| HP-456 | Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration. |
| HP-780 | Velocity 1.7 is flagged as a security vulnerability by Black Duck. Velocity is a dependency of OpenSAML, and we do not use it directly in the Gateway Hub, and in particular we do not make any use of Velocity templates. |
| HP-781 | Bouncy Castle 1.61 to 1.68 is flagged as a security vulnerability by Black Duck. There is currently no available fix for this issue but the vulnerability only affects users of the BKS-V1 keystore format that is not in use anywhere in the Gateway Hub. For more information, see bc-java in GitHub. |
| HP-879 | BDSA-2021-1344 is flagged as a security vulnerability by Black Duck. PostgreSQL is vulnerable to denial-of-service (DoS) due to an integer overflow that can lead to an out-of-bounds write. This scenario can only happen if an arbitrary SQL command is executed against Gateway Hub’s PostgreSQL database. This is not a procedure that ITRS supports unless performed following instructions from the engineering team. |
| HP-918 | APID must be restarted when changing the Kerberos account. |
Gateway Hub 2.4.1 Copied
Released: May 2021
This release delivers the updated binaries for in the ITRS Downloads page.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| CPPUB-18 | Capacity Planner publishing monitoring metrics are now collected by StatsD. |
| CPPUB-23 | Maximum bounds for data retrieved have been added when publishing Capacity Planner data to ensure that memory limits are not exceeded. Retrieving large amounts of data may need to be done using several manual runs. |
| CPPUB-47 | Capacity Planner publishing processing speed has been improved to avoid a fail or retry loop. |
| HP-835 | Metric queries are more tolerant when querying metrics of different types together, resulting in fewer errors with Capacity Planner publishing. |
Issues fixed Copied
These are the issues we have fixed in this release:
| Issue key | Release description |
|---|---|
| HP-828 | Gateway Hub now correctly handles non-default tmp_dir locations when upgrading. |
| HP-830 | Computed dataview row names are no longer inferred as float64. |
| HP-849 | The Show Deleted Rows function in the Web Console now correctly handles dataviews that do not update frequently instead of returning a 404 error. |
| HP-850 | The Metric history now works correctly for cells that refresh slowly instead of returning a 404 error. |
| HP-853 | Updated the Gateway Hub self-monitoring template. For more information, see Gateway Hub self monitoring. |
| HP-863 | Ingestion errors timestamps are now assigned to the correct timezone. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-14925 | Grafana version 7.2 and higher is incompatible with the Geneos datasource plugin, as a result the query form fields will not display. As a workaround, you should downgrade to Grafana 7.1 until a fix is available. |
| STARK-14990 | Issue CVE-2020-28052 (BDSA-2020-3371) reported by Black Duck refers to the OpenBSDBCrypt.checkPassword utility method. Neither this method nor the class are used by Gateway Hub. |
| STARK-15235 | There are no newer versions of the dependency published in the Maven central. There are no recommendations to update from Black Duck. |
| HP-145 | Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false |
| HP-454 | Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper. |
| HP-455 | Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka. |
| HP-456 | Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration. |
| HP-780 | Velocity 1.7 is flagged as a security vulnerability by Black Duck. Velocity is a dependency of OpenSAML, and we do not use it directly in the Gateway Hub, and in particular we do not make any use of Velocity templates. |
| HP-781 | Bouncy Castle 1.61 to 1.68 is flagged as a security vulnerability by Black Duck. There is currently no available fix for this issue but the vulnerability only affects users of the BKS-V1 keystore format that is not in use anywhere in the Gateway Hub. For more information, see bc-java in GitHub. |
| HP-879 | BDSA-2021-1344 is flagged as a security vulnerability by Black Duck. PostgreSQL is vulnerable to denial-of-service (DoS) due to an integer overflow that can lead to an out-of-bounds write. This scenario can only happen if an arbitrary SQL command is executed against Gateway Hub’s PostgreSQL database. This is not a procedure that ITRS supports unless performed following instructions from the engineering team. |
Gateway Hub 2.4.0 Copied
Released: April 2021
This release delivers the updated binaries for in the ITRS Downloads page.
Highlights Copied
These are the highlights of this release:
- Role-based access control for data and includes.
- Updated monitoring UI.
- Simpler Gateway security.
- Schema-less ingestion.
Gateway Hub is a brand new component in the Geneos environment, providing the foundations for smarter monitoring, improved scalability, and a refreshed modern UI.
Role-based access control for data and includes Copied
This release introduces the ability to restrict access to data and Gateway includes files to specific roles. It also adds the ability to create custom roles with specific access permissions. These can be used to prevent unauthorised users from updating global Gateway includes files, or ensure certain business-sensitive metrics can only be viewed by a particular team. By default, all data and includes are accessible to all logged-in users, new roles can be created for more granular access. For more information, see Roles.
Updated monitoring UI Copied
The monitoring UI in the Web Console has been updated in a number of ways following your feedback. Firstly metric data is arranged into dataviews rather than the flat list of metrics previously shown. The history of a text value can now be displayed when a dataview text value is selected. Deleted dataview rows can now be visualised, for more visibility of historical data. The performance is also significantly improved when viewing entities with large numbers of metrics.
Simpler Gateway security Copied
Centralised Gateway configuration was previously secured using Kerberos. This is now done using generated application keys which are much simpler to set up.
Schema-less ingestion Copied
By default, Gateway Hub will now accept data without a schema and will attempt to infer one based on the number of samples observed. In many cases, this will require no further input from the user, though dataviews with variable data may still result in some ingestion errors which can be resolved by specifying a schema manually in the Gateway Setup Editor. The units of measure are not inferred in this way and should be added manually if required; this is to avoid incorrect inference between KiB, KB, and others.
Gateways will need to be upgraded to version 5.7.x and higher to take advantage of this feature, and will no longer report errors when attempting to publish dataviews without a schema.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| STARK-14905 | You can now restrict access to data and Gateway include files through Role Based Access Control (RBAC). |
| STARK-15142 | Security update for CVE-2020-13936. |
| STARK-15213 | The history chart accompanying the dataview control in the Web Console no longer zooms when using the scroll wheel as this was interfering with page navigation. |
| HP-106 | Memory is allocated to components better, particularly in machines with lower amounts of memory available. |
| HP-515 | Gateway Hub sizing tool now includes size information for all components. |
| HP-554 | Security updates for CVE-2020-25649, CVE-2020-24616, CVE-2020-24750, CVE-2020-14195, CVE-2020-11619. |
| HP-662 | Gateway Hub diagnostics now include a copy of the Gateway Hub certificate and trust chain which can be useful to diagnose TLS-related installation issues. |
| HP-719 | TLS v1 and v1.1 connections are now fully disabled. |
| HP-720 | Weak CBC based TLS cipher suites are now fully disabled. |
| HP-777 | Weak cipher suites have been disabled in the Netprobe included in Gateway Hub. |
| HP-810 | Data published from Gateway 5.7.x and higher without a schema can now be used to infer a schema automatically. |
Issues fixed Copied
These are the issues we have fixed in this release:
| Issue key | Release description |
|---|---|
| STARK-14892 | Metric names with / are now correctly handled in the Web Console. |
| STARK-15078 | Resolved incorrect authorisation issue when releasing a Gateway lock. |
| STARK-15102 | Capacity Planner integration screens no longer appear editable to users without administrator access. |
| STARK-15226 | LDAP group names containing spaces are now correctly handled by the SSO Agent. |
| HP-602 | The liveness check for Kafka has been improved to ensure that data is not accepted before the system is ready to receive it. |
| HP-604 | Gateway Hub no longer fails to install when the supplied TLS PEM file contains one or more intermediate CA certificates. |
| HP-654 | The installer of Gateway Hub now detects when a user-supplied certificate is making use of the deprecated Netscape Cert Type extension in a way which is likely to cause the hub-admin command to fail to connect to the orchestration daemon. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-14925 | Grafana version 7.2 and higher is incompatible with the Geneos datasource plugin, as a result the query form fields will not display. As a workaround, you should downgrade to Grafana 7.1 until a fix is available. |
| STARK-14990 | Issue CVE-2020-28052 (BDSA-2020-3371) reported by Black Duck refers to the OpenBSDBCrypt.checkPassword utility method. Neither this method nor the class are used by Gateway Hub. |
| STARK-15269 | Black Duck flags json-smart 1.3.2 as a security risk (CVE-2021-27568). The dependency is pulled in via nimbus-jose-jwt and they already have a fixed in place for this. For more information, see Nimbus JOSE+JWT 7.9. The latest version of nimbus-jose-jwt is already used by the Gateway Hub. |
| HP-145 | Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false |
| HP-454 | Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper. |
| HP-455 | Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka. |
| HP-456 | Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration. |
| HP-457 | Black Duck has flagged three security vulnerabilities in Postgresql 12.4 which is used by Gateway Hub:
|
| HP-780 | Velocity 1.7 is flagged as a security vulnerability by Black Duck. Velocity is a dependency of OpenSAML, and we do not use it directly in the Gateway Hub, and in particular we do not make any use of Velocity templates. |
| HP-781 | Bouncy Castle 1.61 to 1.68 is flagged as a security vulnerability by Black Duck. There is currently no available fix for this issue but the vulnerability only affects users of the BKS-V1 keystore format that is not in use anywhere in the Gateway Hub. For more information, see bc-java in GitHub. |
Gateway Hub 2.3.1 Copied
Released: February 2021
This release delivers the updated binaries for in the ITRS Downloads page.
Highlights Copied
These are the highlights of this release:
- Gateway Hub 2.3.1 contains a hotfix for the Gateway Hub Linux infrastructure self-monitoring plugin, enabling support for processes that contain a space in the command name.
Issues fixed Copied
These are the issues we have fixed in this release:
| Issue key | Release description |
|---|---|
| HP-673 | The Linux infrastructure plugin used by the Collection Agent to collect self-monitoring metrics for Gateway Hub can now parse system process information files when a process contains a space in its command name. This allows the Collection Agent to start up correctly. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-14925 | Grafana version 7.2 and higher is incompatible with the Geneos datasource plugin, as a result the query form fields will not display. As a workaround, you should downgrade to Grafana 7.1 until a fix is available. |
| STARK-14954 | The version of the transitive dependency used {{bcprov-ext-jdk15on-1.66.jar}} is the latest one in Maven so updating is not possible. |
| STARK-14990 | Issue CVE-2020-28052 (BDSA-2020-3371) reported by Black Duck refers to the OpenBSDBCrypt.checkPassword utility method. Neither this method nor the class are used by Gateway Hub. |
| HP-145 | Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false |
| HP-454 | Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper. |
| HP-455 | Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka. |
| HP-456 | Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration. |
| HP-457 | Black Duck has flagged three security vulnerabilities in Postgresql 12.4 which is used by Gateway Hub:
|
| HP-601 | The Prometheus plugin used by Gateway Hub’s built-in Collection Agent to gather metrics from etcd makes use of the OkHttp client, which has a dependency on Bouncy Castle 1.65. OkHttp is not used by Gateway Hub to check passwords, since it is only used to consume etcd’s public REST API. |
Gateway Hub 2.3.0 Copied
Released: January 2021
This release delivers the updated binaries for in the ITRS Downloads page.
Highlights Copied
These are the highlights of this release:
- Monitoring Coverage.
- Gateway Hub self-monitoring.
- Upgrades support.
Monitoring Coverage Copied
The Monitoring Coverage page allows you to determine if you are monitoring everything correctly. It works by comparing each monitored entity with a number of custom policies and then flagging any breaches in an easy-to-use UI.
In this version, the policies that can be set enforce the use of attributes and plugins. Some examples of policies that can be set using Monitoring Coverage are:
- All entities must have Department and Application attributes populated.
- Entities in the Securities Division must have the Environment attribute populated with one of
Dev,QA,Pre-production, andProduction. - All entities are collecting CPU, Disk, and Hardware metrics.
The Monitoring Coverage page also provides an interactive report for determining the coverage of the policies which provides an additional layer of assurance that all monitored hosts are configured correctly.
For more information, see Monitoring Coverage.
Self-monitoring Copied
Self-monitoring is now provided by default through a pre-packaged Netprobe which can be assigned to a Gateway 5.5 or higher. You can use the available metrics to ensure the Gateway Hub runs smoothly, as well as alerting you when additional resources, such as Disk IO and storage are required.
Upgrades Copied
Upgrades are now supported beginning Gateway Hub 2.2.1.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| STARK-12511 | The default address of the Web Console is now 8443 instead of 8080. |
| STARK-14780 | SAML and traditional LDAP SSO can now coexist in the Web Console. |
| HP-68 | The hub-check can now scan UDP ports in addition to TCP ports. This requires that the package net-tools are installed. |
| HP-102 | You can now configure the apid and Web Console to use HTTP instead of HTTPS. |
| HP-106 | Memory is allocated to components better, particularly in machines with lower amounts of memory available. |
| HP-115 | The Gateway Hub installer includes additional build information in the Gateway Hub package. |
| HP-141 | The Gateway Hub installer package now contains a sample installation descriptor. |
| HP-143 | The Gateway Hub can no longer mistakenly be started by a user other than the configured runtime user. |
| HP-147 | etcd metrics are now available through Gateway Hub self-monitoring. |
| HP-159 | Improved the suggested systemd configuration to avoid incorrectly reporting that the Gateway Hub has failed after a successful shut down. |
| HP-170 | The sizing tool has been updated to include all component storage requirements. |
| HP-172 | You can now use the command hubctl to upgrade prior versions of the Gateway Hub beginning 2.2.1. |
| HP-181 | You can now configure the Postgresql user. |
| HP-199 | The Gateway Hub checker now checks the system parameters by running sysctl rather than inspecting /etc/sysctl.conf directly. |
| HP-220 | You can now use the Postgresql Collection Agent plugin for self-monitoring. |
| HP-224 | The Gateway Hub checker no longer validates if JMX is externally available. |
| HP-237 | The Gateway Hub installer now generates JKS keystore and truststore passwords instead of prompting when passwords are not specified in the installation descriptor. |
| HP-243 | When performing a local install, setting installation.connection.local_host_name is now required, and its value cannot be equal to localhost. |
| HP-323 | You can now configure the log level of the Gateway Hub services through the installation descriptor. |
| HP-386 | The ports used to monitor the orchestrationd, kafka, and zookeeper through JMX are now configurable. |
| HP-446 | Gateway Hub now works on RHEL 7.9. |
| HP-453 | The Gateway Hub installer performs additional checks of the supplied PEM file to detect any potential issues (invalid CA, expired certificate, or invalid SAN hostname). |
| HP-465 | The Address already in use errors now provide the relevant port. |
| HP-485 | The Gateway Hub installer now provides the relevant username when prompting for an SSH password during installation. |
| MCOV-272 | You can now use the Monitoring Coverage in the Web Console to check attributes and metrics. |
Issues fixed Copied
These are the issues we have fixed in this release:
| Issue key | Release description |
|---|---|
| STARK-14528 | The Copy buttons in the Web Console > Application keys no longer throw errors when generating an application key. |
| STARK-14799 | Late arriving data in Gateway Hub no longer throws an error in addition to the warning. |
| STARK-14853 | Setting a variable that uses the Gateway name macro no longer causes centralised configuration validation failures. |
| STARK-14886 | The refresh token handling in the Web Console has been improved to reduce the possibility of an unauthorised error. |
| STARK-14936 | Fixed an issue where centralised Gateways without resources could not have resources added. |
| HP-71 | The hub-checker now asks for the SSH password if a private key has not been supplied. |
| HP-73 | The Java check explicitly checks if the runtime user exists. |
| HP-79 | Gateway Hub no longer supports changing the etcd peer port using the hubctl setup reconfigure command. |
| HP-479 | The self-signed certificates generated by the Gateway Hub installer now have an expiry of 397 days. |
| HP-553 | Fixed memory leak in the Webhooks publisher. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-14925 | Grafana version 7.2 and higher is incompatible with the Geneos datasource plugin, as a result the query form fields will not display. As a workaround, you should downgrade to Grafana 7.1 until a fix is available. |
| STARK-14954 | The version of the transitive dependency used {{bcprov-ext-jdk15on-1.66.jar}} is the latest one in Maven so updating is not possible. |
| STARK-14990 | Issue CVE-2020-28052 (BDSA-2020-3371) reported by Black Duck refers to the OpenBSDBCrypt.checkPassword utility method. Neither this method nor the class are used by Gateway Hub. |
| HP-145 | Ansible 2.10 is not yet compatible with Mitogen, a tool used to greatly speed Ansible installations. To install Gateway Hub with Ansible 2.10, specify the following in your installation descriptor: installation.ansible.use_mitogen_strategy: false |
| HP-454 | Library jackson-databind 2.10.3 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Zookeeper. Gateway Hub does not use XML configuration for Zookeeper. |
| HP-455 | Library jackson-databind 2.10.2 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the deserialisation of XML, but it does not impact Gateway Hub since the dependency is coming from Kafka. Gateway Hub does not use XML configuration for Kafka. |
| HP-456 | Jetty 9.4.24 is flagged as a security vulnerability by Black Duck. This vulnerability issue relates to the use of the system’s temporary directory by the Jetty web server. Jetty is only a transitive dependency of Gateway Hub’s through Kafka and Zookeeper. Kafka uses Jetty for its RESTful proxy, while Zookeeper uses Jetty for its admin server. Gateway Hub does not use any of these features, which are turned off via configuration. |
| HP-457 | Black Duck has flagged three security vulnerabilities in Postgresql 12.4 which is used by Gateway Hub:
|
| HP-601 | The Prometheus plugin used by Gateway Hub’s built-in Collection Agent to gather metrics from etcd makes use of the OkHttp client, which has a dependency on Bouncy Castle 1.65. OkHttp is not used by Gateway Hub to check passwords, since it is only used to consume etcd’s public REST API. |
Gateway Hub 2.2.2 Copied
Released: October 2020
This release delivers the updated binaries for in the ITRS Downloads page.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| STARK-14854 | Gateway files are now compressed to ensure that they fit within the Kafka message limit. |
| HP-243 | When performing a local install, setting installation.connection.local_host_name is now required and its value cannot be localhost. |
Issues fixed Copied
These are the issues we have fixed in this release:
| Issue key | Release description |
|---|---|
| HP-79 | Gateway Hub no longer supports changing the etcd peer port using the hubctl setup reconfigure command. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-14448 | If a Gateway Hub node is taken down abruptly (for example, due to a loss of power), it is possible for Kafka to report an error when restarting because its session with Zookeeper was not properly terminated. To resolve this problem, you must restart the Gateway Hub for a second time. |
| HP-119 | SnakeYAML 1.24 is flagged as a security vulnerability by Black Duck. This vulnerability affects the loading of YAML aliases, which are not used in Gateway Hub configuration files. |
| HP-189 | Netty-4.1.45.Final is flagged as a security vulnerability by Black Duck. This dependency is pulled in by Kafka 2.5 (which is the latest version) and jetcd-0.5.3. The vulnerability will be resolved once both Kafka 2.5 and jetcd-0.5.3 provide upgrades with a fix. |
| HP-234 | PostgreSQL Database Server REL_12_3 is flagged as a security vulnerability by Black Duck. This vulnerability relates to the PostgreSQL schema search path and impacts logical replication and the installation of PostgreSQL extensions. This does not impact Gateway Hub, which does not rely on PostgreSQL replication and does not require additional PostgreSQL extensions to be installed after the initial setup. |
Gateway Hub 2.2.1 Copied
Released: September 2020
This release delivers the updated binaries for in the ITRS Downloads page.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| STARK-13070 | Kafka retention settings are now configurable during installation. |
| STARK-14393 | The Kafka log format now aligns with other components. |
| STARK-14396 | Log formats are now consistent across all Gateway Hub components. |
| STARK-14599 | Application log retention settings are now configurable during installation. |
Issues fixed Copied
These are the issues we have fixed in this release:
| Issue key | Release description |
|---|---|
| STARK-11874 | Log entries are now displayed in UTC instead of local time. |
| STARK-14582 | Memory now correctly allocated for machines with 16 GB memory. |
| STARK-14648 | If installation.connection.user is not specified, the Hub checker now uses hub.user when connecting to the remote node. |
| STARK-14679 | Chart axes and tooltips in the Entity metrics view no longer report duplicate rounded values. |
| STARK-14680 | Web Console no longer displays 401 errors when multiple cookies are available for the same domain. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-13049 | In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store. |
| STARK-14448 | If a Gateway Hub node is taken down abruptly (for example, due to a loss of power), it is possible for Kafka to report an error when restarting because its session with Zookeeper was not properly terminated. To resolve this problem, you must restart the Gateway Hub for a second time. |
| HP-119 | SnakeYAML 1.24 is flagged as a security vulnerability by Black Duck. This vulnerability affects the loading of YAML aliases, which are not used in Gateway Hub configuration files. |
| HP-234 | PostgreSQL Database Server REL_12_3 is flagged as a security vulnerability by Black Duck. This vulnerability relates to the PostgreSQL schema search path and impacts logical replication and the installation of PostgreSQL extensions. This does not impact Gateway Hub, which does not rely on PostgreSQL replication and does not require additional PostgreSQL extensions to be installed after the initial setup. |
Gateway Hub 2.2.0 Copied
Released: August 2020
This release delivers the updated binaries for in the ITRS Downloads page.
Highlights Copied
These are the highlights of this release:
- Simplified Gateway Hub installation.
- SAML security.
- Capacity Planner integration. Gateway Hub 2.2.x is a significant upgrade, further simplifying the installation process, and reducing the software and hardware requirements. Although the look and feel of the Web Console remains largely the same, it is now far simpler to deploy. The hardware requirements for Gateway Hub have been decreased further, though as always, additional hardware will provide better performance.
Simplified installation Copied
Gateway Hub is now deployed as a single tar file, with a simple Ansible script for installing the relevant components. Typical installations will take a few minutes, and root access is not required.
For more information, see Install in Gateway Hub documentation.
SAML security Copied
A new security scheme, SAML has been introduced, providing simpler integration with compatible security infrastructures. SAML authentication also allows access to the Web Console outside the firewall for environments that permit this. In order to use SAML authentication, you must map the LDAP (or equivalent) groups to a field in the SAML token typically memberOf.
For more information, see SAML configuration in Gateway Hub documentation.
Capacity Planner integration Copied
Integration with Capacity Planner is now provided via a new app, allowing capacity data to be sent to Capacity Planner with minimal configuration required. The Capacity Planner app supersedes the Capacity Planner Helper plugin.
For more information, see Capacity Planner app configuration in Gateway Hub documentation.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| STARK-12078 | Business hours are now configurable instead of having a fixed value of 9-5. |
| STARK-12815 | The granularity of all charts has been increased. |
| STARK-12973 | Stacked area chart visualisation is now available on the Web Console. |
| STARK-13084 | Web Console now has better handling of concurrent updates to dashboards. |
| STARK-13475 | You can now deselect metrics in the entity monitoring screen to clear the history chart and show all events relevant for that entity. |
| STARK-13494 | The Events overlay in the monitoring screen now shows aggregated error information. |
| STARK-13602 | You can now import and export dashboards in the Web Console. |
| STARK-13619 | The System Errors screen is no longer available in the Web Console. |
| STARK-13840 | Gateway Hub now supports RHEL 7.8. |
| STARK-14546 | Gateway Hub no longer requires SELinux to be disabled. |
Issues fixed Copied
These are the issues we have fixed in this release:
| Issue key | Release description |
|---|---|
| STARK-11343 | Autocomplete now correctly handles the keywords EXISTS and NOT EXISTS. |
| STARK-12371 | Webhooks are correctly displayed as read-only for Operators. |
| STARK-13190 | Error message no longer displays after a Webhook is deleted. |
| STARK-13275 | The entity filter autocomplete is now displayed correctly when the NOT IN keyword is used. |
| STARK-13466 | Show in dashboard control improved for dashboards with long names. |
| STARK-13477 | Dashboard panels referring to missing metrics no longer show a loading indicator. |
| STARK-13609 | Gateway IDs are no longer assigned sequentially. |
| STARK-13696 | The certificate chain is now correctly generated when using self-signed certificates. |
| STARK-13941 | Gateway Hub now supports Oracle JRE. |
| STARK-13945 | Editing a dashboard name no longer deletes unsaved widgets. |
| STARK-14532 | Web Console now uses 8443 as its default HTTPS port. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-13049 | In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store. |
| STARK-14448 | If a Gateway Hub node is taken down abruptly (for example, due to a loss of power), it is possible for Kafka to report an error when restarting because its session with Zookeeper was not properly terminated. To resolve this problem, you must restart the Gateway Hub for a second time. |
Gateway Hub 2.1.2 Copied
Released: June 2020
This release delivers the updated binaries for in the ITRS Downloads page.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| STARK-13762 | Manually triggered data retention jobs now finish considerably quicker than before. |
| STARK-13761 | Snapshot and API daemon logging has been reduced, resulting in smaller disk usage. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-13049 | In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store. |
| STARK-13925 | Netty-4.1.45.Final is flagged as a security vulnerability by Black Duck. The dependency is pulled in by Kafka 2.5 (which is the latest version) and jetcd-0.5.3. The vulnerability will be resolved once both Kafka 2.5 and jetcd-0.5.3 provide upgrades with a fix. |
Gateway Hub 2.1.1 Copied
Released: June 2020
This release delivers the updated binaries for in the ITRS Downloads page.
Issues fixed Copied
These are the issues we have fixed in this release:
| Issue key | Release description |
|---|---|
| STARK-13742 | The java.io.tmpdir directory is no longer hardcoded in the warden.conf.j2 template. This prevents a java.lang.UnsatisfiedLinkError occurring when deploying Gateway Hub with custom folders. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-13049 | In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
Gateway Hub 2.1.0 Copied
Released: May 2020
This release delivers the updated binaries for in the ITRS Downloads page.
Highlights Copied
These are the highlights of this release:
- Performance improvements
- Anomaly detection
Performance improvements Copied
Gateway Hub now handles entities with up to 10,000 metrics correctly. Additionally, resource allocation has been improved.
Anomaly detection Copied
Gateway Hub now includes an Anomaly Detection UI component. You can now overlay metric charts with the expected normal bounds of that metric based on historical data.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| STARK-13386 | The Events browser chart now provides more granular data. |
| STARK-13340 | The entity filter parameter in the Grafana datasource plugin no longer requires quotes. |
| STARK-13302 | Percentiles are now displayed more compactly, for example p95. |
| STARK-13245 | The Grafana datasource plugin now supports Entity queries. |
| STARK-13244 | The Grafana datasource plugin now supports Event queries. |
| STARK-13237 | GPG keys are now correctly removed when uninstalling. |
| STARK-13205 | Gateway Hub diagnostic files now include syslog. |
| STARK-13199 | Metric queries now have improved performance. |
| STARK-13184 | Entity metrics can now be filtered by typing in the column headers in the Web Console. |
| STARK-13078 | The Dashboard home list now shows Dashboard descriptions. |
| STARK-13053 | Dashboard panels can now display metrics filtered by row name. |
| STARK-13047 | Users with Operator privileges can no longer modify other users’ dashboards when SSO is enabled. |
| STARK-13046 | Dashboard panels now support the following aggregations: first, last, p1, and p99. |
| STARK-13042 | You can now set the output of an entity query as a Global parameter in a Dashboard. Panels can be configured to use the Global parameter. This allows you to quickly switch the targets of panels from one entity to another. |
| STARK-12974 | Area charts are now available in Dashboard panels. |
| STARK-12907 | Dashboard metric selector has been made more compact. |
| STARK-12838 | Gateway Hub can now handle entities with large numbers of metrics, for example 10,000+. |
| STARK-12732 | Infinity and negative infinity values are now handled correctly. |
| STARK-12712 | Hub checker no longer checks Spark configuration. |
| STARK-12642 | The Gateway config UI now displays the Gateway validation messages when include files are assigned. |
| STARK-12058 | Gateway Hub no longer supports using a KeyStore and TrustStore to configure TLS/SSL. You must provide PEM files instead. |
| STARK-12045 | All hosts must now be specified using fully qualified domain names (FQDNs). IP addresses are no longer accepted as these cause SSL issues. |
| STARK-9804 | The Dashboard list is now searchable. |
| STARK-9182 | The entity overview metric table now displays a floating header. |
| STARK-5997 | You can now display the expected normal bounds when viewing metric history charts. This allows you to compare current values with the expected values based on historical data. |
Issues fixed Copied
These are the issues we have fixed in this release:
| Issue key | Release description |
|---|---|
| STARK-13496 | Gateway Hub’s data retention processes no longer causes NoClassDefFoundError errors. |
| STARK-13373 | Restarting Gateway Hub is now less likely to result in apid errors. |
| STARK-13351 | TimescaleDB packages included in the Gateway Hub installer are now signed correctly. |
| STARK-13347 | The Web Console no longer incorrectly shows an Enable storage to show historical data prompt when viewing an entity without historical data. |
| STARK-13322 | Hub checker now correctly fails if a non-existing child device is supplied as a MapR disk. |
| STARK-13312 | Dashboard text panels now correctly show their text contents. |
| STARK-13304 | Hub checker now correctly accepts CentOS 7.7.1908 as a supported version. |
| STARK-13301 | Dashboard metric charts no longer interpolate empty buckets. |
| STARK-13289 | Hub checker now correctly fails when mapr_disks is not set. |
| STARK-13278 | Hub checker no longer reports a false positive for a missing Java runtime when installing as root. |
| STARK-13277 | Hub checker now correctly handles blank lines in the hosts file. |
| STARK-13268 | Hub checker no longer requires disks to be located in the /dev directory. |
| STARK-13249 | Hub checker now tests for syslinux as a prerequisite. |
| STARK-13222 | Removing a Managed Entity no longer causes a crash in the normaliser. |
| STARK-13220 | Hub checker now correctly handles non-existing disks. |
| STARK-13219 | Hub checker will no longer allow partitioned disks for MapR. |
| STARK-13193 | Adding an include file through the Gateway config UI no longer adds an empty include group. |
| STARK-13119 | Open API definitions now correctly refer to Roles rather than Groups. |
| STARK-13100 | Dashboard errors now clear after some time has elapsed. |
| STARK-13099 | The Dashboard panel KPI preview now correctly reflects the user’s timezone. |
| STARK-13089 | The Open API documentation now correctly shows the ITRS-Doc-Version. |
| STARK-13085 | Displaying a tooltip is now easier for metric charts with a single point. |
| STARK-13068 | The Dashboard header now follows the page when scrolling. |
| STARK-13035 | KPI icons are now optional. |
| STARK-12609 | The Gateway config UI now identifies locked Gateways and resources. |
| STARK-12597 | Dashboard panels now account for the user timezone correctly. |
| STARK-12521 | Changing a Dashboard panel’s visualisation type will no longer reset the title and description. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-13049 | In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store. |
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
Gateway Hub 2.0.0 Copied
Released: 8 April 2020
This release delivers the updated binaries for in the ITRS Downloads page. Note: Upgrading from Gateway Hub 1.x.x to 2.0.0 is not currently supported.
Highlights Copied
These are the highlights of this release:
- Dashboards
- Metric query improvements
- Reduced hardware requirements
- Centralised configuration UI
Dashboards Copied
The Web Console now includes Dashboard functionality for easy visualisation of metrics and their related events. This release includes line charts, bar charts, KPIs, and table visualisations.
Metric query improvements Copied
Metric storage and query performance has been improved. Queries that previously took up to a minute now take a few seconds or less. This is due to a change in the way that metric data is being stored, as well as various improvements to how metric data is being retrieved.
Reduced hardware requirements Copied
Another benefit of improved query performance is reduced hardware required to run the Gateway Hub. The minimum memory requirements have decreased from 32 GB to 16 GB, and the disk space required for storage has also decreased.
The Gateway Hub sizing tool has been updated to account for these new minimums, although it is important to note that just like with all software, better hardware will result in better performance.
Centralised configuration UI Copied
A new administration UI is provided for centralised configuration. Although the Gateway Setup Editor is still the best place to work with include files directly, the new Web Console pages provide some additional tools such as the ability to see which Gateways are using which includes and vice versa. It also provides the ability to see the history of include files, including the diffs between versions, as well as a UI tool to upload Gateway binaries to Gateway Hub, which is required for centralised setup validation.
New features and enhancements Copied
These are the new features and enhancements of this release:
| Issue key | Release description |
|---|---|
| STARK-13034 | Added a View in Dashboard control to the Events viewer, allowing the current entity date filters to be passed to a dashboard. |
| STARK-12685 | Gateway Hub no longer requires JDK for installation. JRE is now sufficient to install. |
| STARK-12454 | A tooltip has been added to the Events overlay in metric history charts. |
| STARK-12419 | Additional pre-install checks were added:
|
| STARK-12295 | Entities that have been grouped by severity are now displayed in decreasing order of severity instead of by count. |
| STARK-12117 | A legend has been added to the Events chart in the Web Console. |
| STARK-11134 | Creation time was added to the Events result table in the Web Console. |
| STARK-11098 | First and Last aggregations have been added. |
| STARK-10296 | Web Console no longer displays generic 401 error messages when a more specific error is available from the backend. |
Issues fixed Copied
These are the issues we have fixed in this release:
| Issue key | Release description |
|---|---|
| STARK-13142 | Significantly decreased storage requirements for events. |
| STARK-13117 | The documentation link in the About page of the snapshot versions of the Web Console (used in the snapshot versions of MiniGeneos) now correctly points to the latest published version of the documentation. |
| STARK-13088 | Fixed a null pointer exception when Webhooks is publishing events from dataview headlines. |
| STARK-13023 | Added ITRS-Doc-Version that was missing from the API definition for GET /documents/{id}. |
| STARK-12936 | The Events chart tooltip now works correctly. |
| STARK-12782 | Gateway Hub install checker now handles multiple Kafka directories correctly. |
| STARK-12750 | Empty entity filters can no longer be set in the Web Console Monitoring home page. |
| STARK-12652 | Events screen chart X-axis no longer overflows the panel. |
Known issues Copied
These are the known issues affecting this release:
| Issue key | Known issue description |
|---|---|
| STARK-13049 | In order to use HTTPS with Webhooks, the SSL certificate used in the Webhooks target must be added to the Gateway Hub certificate store. |
| STARK-13180 | For large scale deployments, the Gateway Hub 2.0.0 installer can set PostgreSQL min_wal_size and max_wal_size values smaller than they should be. These values are found in the {{ hub.install.postgres_data }}/postgresql.conf file, where hub.install.postgres_data is the directory you specified in your hubctl configuration file. When these values are too small the Hub will perform poorly for both ingesting and querying metric data. You will also see entries like the following in the PostgreSQL logs at {{ hub.install.postgres_data }}/log:
|
| STARK-6505 | Gateway Hub will not correctly handle a dataview defined in a Gateway with columns named sampleTime, netprobeTime, or dataViewId. |
| STARK-4463 | Dataview data from additional rows computed in the Gateway is not stored for regular or non-computed columns. |
| STARK-4350 | Data that is received without a timestamp has a default timestamp incorrectly applied with the timezone of the local machine. |
Other Gateway Hub releases Copied
| Release Notes | Release Date |
|---|---|
| 2.x Release Notes | Released: 8 April 2020 |
| 1.x Release Notes | Released: 21 January 2019 |
Disclaimer
The information contained in this document is for general information and guidance on our products, services, and other matters. It is only for information purposes and is not intended as advice which should be relied upon. We try to ensure that the content of this document is accurate and up-to-date, but this cannot be guaranteed. Changes may be made to our products, services, and other matters which are not noted or recorded herein. All liability for loss and damage arising from reliance on this document is excluded (except where death or personal injury arises from our negligence or loss or damage arises from any fraud on our part).
["Gateway Hub"]
["Release Notes"]