Sorry for the missing OOH last week... I was really busy for some reason.
Since last time, we released Horizon and Meridian 73 times, and worked on Prometheus collections, Grafana package signatures, Enlinkd performance, IPC config, reports, docs for daemons, VMware, flows, and topology, config API support, running as non-root, Sentinel, Maven, Minion, flow thresholding, discovery config, OIA, TimescaleDB, Log4j2, Karaf, the Twin API, provisioning, the vue geomap, the new UI, and Helm.
Github Project Updates
Internals, APIs, and Documentation
- Dino created some graphs and collections for prometheus
- I worked on fixing our grafana package signatures and docker publishing
- Stefan did more work on Enlinkd performance improvements
- Chandra updated the IPC code to accept a simplified config for Kafka RPC/Sink/Twin
- Zoë fixed a hardcoded path in IOwait report template
- Mark worked on daemon reload and VMware docs
- Bonnie and Ronny did more work on flow documentation
- Dmitri, Pushkar, Tikayat, and Upendra worked on config API support for notification, SNMP, WSMan, and WMI configs
- I fixed a bug in Minion non-root support
- I updated the installer's non-root write validator to ignore
- Arthur updated the Karaf install to include Alarmd on Sentinel
- I fixed an error in our pom references to Atlassian's maven repo
- Pierre did some fixups to the Minion config schema
- Jesse worked on schema handling in the config API
- Dustin and Christian did more work on thresholding support for flow data
- Alberto wrapped up his changes to support
- Stefan got rid of an unused API in OIA
- Alberto worked on handling TimescaleDB better in upgrades
- Jerry worked on the component cleanup project
- I updated Log4j2
- Stefan wrote a tool for generating fake flow data
- Freddy did more work on config management API upgrades
- Yang Li worked on Collectd and Pollerd support in OIA
- Patrick continued his work to integrate the config manager and Karaf
- Chandra fixed an NPE in the topology linkd provider
- Marcel worked on cleaning up the asset topology provider docs
- Chandra worked on adding metrics to the twin API
- Sean updated the
SnmpMetadataProvisioningAdapterto support specifying exact OIDs
Web, ReST, UI, and Helm
- Mike did more work on UI improvements to the new geomap
- Tripti and Makarand did more updates to the requisition code
- I did some dependency updates and release stuff for Helm
- Farid worked on improving popups in the new geomap
- Maxim cleaned up some stuff in the new UI code
- Stefan added support for querying string properties in Helm
Thanks to the following contributors for committing changes since last OOH:
- Alberto Ramos
- Arthur Naseef
- Benjamin Reed
- Bonnie Robinson
- Chandra Gorantla
- Christian Pape
- Dino Yancey
- Dmitri Herdt
- Dustin Frisch
- Farid Ahmad
- Freddy Chu
- Jane Hou
- Jerry Beuree
- Jesse White
- Makarand Patil
- Marcel Fuhrmann
- Mark Mahacek
- Maxim Brener
- Mike Rose
- Patrick Schweizer
- Pierre Bouffard
- Pushkar Suthar
- Ronny Trommer
- Sean Torres
- Stefan Wachter
- Tikayat Mohanta
- Tripti Bansal
- Upendra Guggilam
- Yang Li
- Zoë Knox
Completed December 2021 Releases - Horizon 29.0.2, Meridians 2021.1.7, 2020.1.15, 2019.1.26
In December, we released updates to all OpenNMS Meridian versions under active support, as well as Horizon 29.
Release 29.0.2 contains a fix for a Jetty CVE, plus a number of bug fixes and small enhancements, including changes to user auth, Twin API, VMware, and running as non-root.
For a high-level overview of what has changed in Horizon 29, see What’s New in OpenNMS Horizon 29.
The codename for Horizon 29.0.2 is Satanic Nightjar.
Meridian Point Releases
Meridian 2019.1.26 contains a fix for a Jetty CVE, and an update to fix a bug in user auth changes.
Meridian 2020.1.15 added some SNMP auth related fixes on top of 2019's changes.
Meridian 2021.1.7 added doc updates, auth fixes, and Trapd improvements on top of 2020's updates.
For a list of changes, see the release notes:
Completed Security Releases - Horizon 29.0.3, Meridians 2021.1.8, 2020.1.16, 2019.1.27
On December 13th, we released off-cycle updates to all OpenNMS Meridian versions under active support, as well as Horizon 29, to address the Log4j2 "Log4Shell" vulnerability.
It is strongly recommended that you upgrade to the latest releases immediately.
- Horizon 29.0.3 (codename Penguin)
- Meridian 2021.1.8 (codename Cassini)
- Meridian 2020.1.16 (codename Stack)
- Meridian 2019.1.27 (codename Ixbalanqué)
Completed Security Releases - Horizon 29.0.4, Meridians 2021.1.9, 2020.1.17, 2019.1.28
On December 16th, we released off-cycle updates to all OpenNMS Meridian versions under active support, as well as Horizon 29, to address additional Log4j2 "Log4Shell" vulnerabilities.
It is strongly recommended that you upgrade to the latest releases immediately.
- Horizon 29.0.4 (codename The Bird)
- Meridian 2021.1.9 (codename Venera 6)
- Meridian 2020.1.17 (codename Blowhole)
- Meridian 2019.1.28 (codename Xolotlan)
Helm 7.2.0 and 7.3.0 were released recently as well.
7.2.0 bumps a bunch of dependencies, improves documentation, tweaks plugin signing, and adds a number of new features, including:
- More Helm flow dashboard updates (Issue HELM-277)
- A new "About Helm" dashboard (Issue HELM-281)
- Support for returning node primary ifIndex and IP address in the entity datasource (Issue HELM-188)
- New entities in the entity datasource: IP interface, SNMP interface, ifService, outagers (Issue HELM-228)
- Support for prefixing/suffixing label names of flow series and summaries (Issue HELM-298)
- Support multiple flow queries per panel (Issue HELM-299)
- A new dashboard for flow aggregations using data from Cortex/Prometheus (Issue NMS-13374)
- Fixes for host traffic aggregations from Nephron (Issue NMS-13534)
Packages are available in our repos, as well as the Helm github page.
I am in the process of revamping how we deal with Helm plugin releases so we can get it (re-)submitted to Grafana's upstream plugin registry.
7.3.0 adds a new feature to allow querying string properties in the perf datasource.
- support string properties in performance datasource (Issue HELM-293)
Upcoming January Releases
OpenNMS is on a monthly release schedule, with releases happening on the second Wednesday of the month.
The next OpenNMS release day is January 12th, 2021.
We currently expect minor updates to Horizon 29 and all supported Meridian releases.
Next Horizon: 30 (Q2 2022)
The next major Horizon release will be Horizon 30.
Horizon 30 is currently expected to have the following features:
- the start of a new Vue-based UI using the Feather Design System
- thresholding support for Flow data
- support for running OIA plugins on Minion and Sentinel
- support for backing up router configuration files
Next Meridian: 2022 (Q1 2022)
The current expectation is that we will release Meridian 2022 in Q1 of next year. It will be based on Horizon 29 plus any bug fixes that happen between November and the Meridian release.
Note that this is just based on current plans; dates, features, and releases can change or slip depending on how development goes.
The statements contained herein may contain certain forward-looking statements relating to The OpenNMS Group that are based on the beliefs of the Group’s management as well as assumptions made by and information currently available to the Group’s management. These forward-looking statements are, by their nature, subject to significant risks and uncertainties.
...We apologize for the excessive disclaimers. Those responsible have been sacked.
Mynd you, møøse bites Kan be pretti nasti...
We apologise again for the fault in the disclaimers. Those responsible for sacking the people who have just been sacked have been sacked.
Until Next Time…
If there’s anything you’d like me to talk about in a future OOH, or you just have a comment or criticism you’d like to share, don’t hesitate to say hi.
Resolved Issues Since Last OOH
- HELM-291: debian package for Helm 7.1.2 - unsigned message in Grafana
- HELM-293: string properties can't be used easily in Helm
- HELM-296: Create Helm 7.2.0 Release
- NMS-9889: Update VMWare import documentation regarding multiple parameters
- NMS-11725: HTTPS monitor with letsencrypt certificates
- NMS-13507: Enlinkd API response extremely slow for some nodes
- NMS-13564: Dynamic Configuration of Trap Listener
- NMS-13589: Geo-Map: port Geo-Map code to ui-foundation
- NMS-13610: Consolidate all IPC features into one / need conf.d changes
- NMS-13708: Flow Thresholds: Data collection
- NMS-13711: Flow Thresholds: Housekeeping
- NMS-13712: Flow Thresholds: Allow to enable/disable thresholding/data collection
- NMS-13718: Add "exclude-url" to Discoverd's configuration
- NMS-13743: Allow collectors exposed via OIA to be scheduled via collectd
- NMS-13744: Allow monitors exposed via OIA to be scheduled with pollerd
- NMS-13778: Permission check in ./install -dis flags unwriteable files in the .git directory
- NMS-13789: 29.0.1 minion should be RUNAS=minion
- NMS-13790: Flow Thresholds: Compute sequence numbers to support distributed flow thresholding
- NMS-13807: Phase 1 flows documentation: "Basic" setup
- NMS-13812: Missing RRD package definition in BMP persisting adapter
- NMS-13824: Flesh out Prometheus datacollection shipped config
- NMS-13832: CVE-2021-28164: access to WEB-INF
- NMS-13842: Extend SnmpMetadataProvisioningAdapter configuration to support exact OID matches
- NMS-13850: Log4j2 0-day: CVE-2021-44228
- NMS-13851: Customer is not able to view Topology
- NMS-13854: validate doc merge
- NMS-13855: Flow Thresholds: Add ifName to strings.properties
- NMS-13858: CVE-2021-45046: incomplete Log4j2 vulnerability mitigation