About the VNS3 Edge Plugin System The recent release of VNS3 5.0 is the culmination of years of learning from our...
VNS3:ms Release Notes
Latest Version – 2.3.5
Initial GA 2.0 – April 18, 2019
- FEATURE: Cold HA workflow now allows changing availability zone and instance type for the failover instance
- FEATURE: Controller “tree control” now allows searching by Controller IP address.
- OPTIMIZATION: Improved queuing for background operations allowing larger number of managed controllers
- FEATURE: Superuser “Admin” password can be reset via Amazon AWS Userdata
- Stop VNS3ms instance, add reset_ui_password=”mypassword”, start instance and login Admin with that password. Stop instance, remove userdata.
- ENHANCEMENTS: Ongoing improvements to the webhooks / alert push functions
- OPTIMIZATION: Increased memory for database server allows for larger number of managed controllers.
- OPTIMIZATION: Performance improvements to dashboard display
2.1.1 – 07/17/2019
- FEATURE: Alerts from VNS3 controllers (4.6.1+) can be pushed to new “Alerts” section on Dashboard. VNS3 4.6.1+ can consume “web hooks” to push two initial events (tunnel up, tunnel down) to Webex Teams, PagerDuty, Slack and VNS3ms.
- OPTIMIZATION: Disabled internal server (Nginx) from disclosing its version. Slight security enhancement.
- BUGFIX: Regression in IAM Role verification. This has been corrected.
- BUGFIX: Non-Admin users were able to use the Administer button to create Access URL. Only Admin role should be able to use this feature. This has been corrected.
- BUGFIX: Regression in MFA support. 2.0 release broke the MFA / Google Authenticator function. This has been corrected.
2.0.0 – 4/18/2019
- OPTIMIZATION: Updated hardened OS platform, now shared with VNS3 Controller.
- OPTIMIZATION: Appliance shrunk from 50 gig auxiliary mount and 8 gig boot to a 30gig filesystem image shared with VNS3 Controller.
- OPTIMIZATION: Configuration and HA “success” events were disabled.
Dashboard should only show items of interest. Simple actions should not be displayed.
- OPTIMIZATION: Snapshot and Database Upload size increased to 5gig.
- OPTIMIZATION: Snapshot and Database Upload now displays a progress bar.
- OPTIMIZATION: Reduce disk utilization by database logs.
- OPTIMIZATION: Better support for LDAP groups.
- BUGFIX: Admins not allowed to use credentials created by “Superuser” (built in Admin user). This has been corrected.
- BUGFIX: Cloud Credentials that failed verification could not be deleted. This has been corrected.
- BUGFIX: Database and Snapshot Uploads progress bar failed on Mozilla-based web browsers. This has been corrected.
Version 1.5 – Released June 8, 2017
1.5.0 – 6/8/2017
1.5.6 – 7/23/2018
- FEATURE: Timed Access URLs. Admins can create timed and revokable URLs allowing access to specific controllers. “Administer” button on a controller now automatically generates a 15 minute access url if the controller being referenced is 4.5.0 or higher.
- FEATURE: Extensible API tokens. Admins can now created timed, extensible, and revokable API tokens to specific controllers.
- OPTIMIZATION: Tree search allows VPC-ID or the IP address of a virtual network or its controllers to be searched for. This will take the “tree” UI to the Virtual Network record which encapsulates the VPC or IP. It does not yet “drill down” to expose the specific subset record.
- OPTIMIZATION: Added AWS Gov Cloud Support
- OPTIMIZATION: Configuration snapshot display
- VERY SLOW. An index was added to the database to resolve the issue.
- BUGFIX: Database backups and snapshot backups were stored on smallest internal partition. This caused unnecessary space constrains. The backups are now stored appropriately.
1.5.5 – 12/7/2017
- BUGFIX: Non-Admin users could access and make changes on the Setting panels. This was improper behavior. Only Admins can make these changes.
- BUGFIX: Warm HA failed if the recovery instance was NOT stopped. Warm HA allows recovery instance to be stopped, and will be automatically started via referencing its instance id when HA activated. It is acceptable for it to behave similar to a Hot HA with the instance already running.
- BUGFIX: Timing bugs due to underlying library bug. The library for automated system actions had a bug causing some timed events to fail. This has been corrected.
- BUGFIX: The “create VNS3 controller” record was not fully populating all of the data received. This has been corrected.
1.5.4 – 10/10/2017
- FEATURE REMOVED: Map display removed. Feedback from customers was that the map did not help in understanding deployments and screen real estate better served via Dashboard view.
- OPTIMIZATION: Re-verify Cloud Credentials when importing database backup. Since the time the database backup was made, cloud credentials stored in the database may have been deleted or revoked. Re-verification upon database import prevents cascading errors due to lack of credentials.
- OPTIMIZATION: Added ability to sort dashboard events table by event type or timestamp.
- OPTIMIZATION: Surfaced the Cold and Warm HA activation types via the API (previously UI only)
- OPTIMIZATION: Better handling of when underlying AWS account gets “API Rate Limit Exceeded” error. The system now backs off and sleeps before retrying.
- BUGFIX: Disable Src/Dest Checking on Cold HA recovery instances. Cold recovery instances were not having this AWS flag set, required for proper controller function. This has been corrected.
- BUGFIX: Timing issues when confirming recovery instance has rebooted. This would cause failed activations. This has been corrected.
- BUGFIX: Internal queuing software for events (snapshots, HA, etc.) was attempting DB access during DB restore. This has been corrected.
- BUGFIX: Users with Admin role could not see each others data elements. This has been corrected.
1.5.2 – 9/28/2017
- OPTIMIZATION: Improved HA activation log messages visible.
- BUGFIX: Cold HA was not working in multi-subnet configurations in a VPC. This has been corrected.
- BUGFIX: Improper instance id lookup on some Warm HA activations. This has been corrected.
- BUGFIX: Warm and Cold HA activation not confirming assets exist. Warm HA was not confirming existence of instance id provided by user, Cold HA was not checking the AMI ID provided by the user. This has been corrected.
1.5.1 – 9/12/2017
- FEATURE: IAM role can now be assigned to VNS3ms instance for use as API credentials. The cloud credentials screen now allows choosing “Use IAM Role” for EC2 Credential type. This is only valid for single account usage, as there is not yet an integration to “assume role” capabilities for AWS API.
- FEATURE: Addition of Cold HA and Warm HA modes. Cold HA will recover a previously launched instance that has been stopped as the recovery instance. Warm HA will launch a new instance from a specified AMI and use ti as the recovery instance.
- BUGFIX: Improperly trying snapshot retrieval on unlicensed controllers. When a controller is unlicensed, the retrieve snapshot call is invalid. This has been corrected.
- BUGFIX: Some error responses from controller were being parsed improperly. This has been corrected.
- BUGFIX: Corrected HA error messages. Some error messages from HA actions were being improperly parsed. This has been corrected.
- BUGFIX: Cloud Credential records could be saved with no data. This would cause “downstream” errors when blank credentials were referenced. This has been corrected.
- Initial support for APIv1.5/APIv2 in VNS3 controllers
- Remote Support URLs
- Enhanced VNS3 Controller details page with increased load speed
- Updated to use the newer API Key/API Token approach for API
- Added revocation of SSL certificate
- Allow user to directly modify individual VNS3 controller API keys via UI
- AWS IAM Role Support for Cloud Credentials
Version 1.4 – Released March 1, 2016
Beta – February 12, 2016
1.4.3 – 6/2/2016
- Upgrade underlying VNS3:ms OS to v1.4.3.
- Updated default sorting for automatic daily VNS3 snapshots.
- Added HA configuration, sync and activation logging and added high level status and progress displays to the HA page.
- Bug Fix: HA configuration update on an existing HA configuration now appropriately modifies any settings that changed.
1.4.2 – 4/18/2016
- Added HA enabled setting to database backups.
- Added state and status checking to HA Update process to ensure the HA components are setup correctly during configuration.
- Bug Fix: Stop old primary action during activation is fixed.
1.4.1 – 3/15/2016
- Updated the left column menu navigation tree to allow for larger number of Network Objects. Improved response times by factors of 10 and 100 for ordering and filtering respectively.
- Bug Fix: database import encoding issues remedied.
- Bug Fix: LDAP user/group validation test failing and added distinction between SSL and unencrypted LDAP connection setting.
1.4.0 – 3/1/2016
- The API has been significantly expanded to include all new features and functions. This includes added functions for user credentials, add/edit/remove functions for all Virtual Networks and Cloud VLAN objects, NTP, LDAP, Messaging, VNS3:ha and reporting.
- Improvements to LDAP including added support for LDAP grouping, test/validation functionality for each type of data entered on the LDAP screen, and ability for more user types to edit LDAP information.
- Added safety features around default access credentials that require users to change both the default password and API key before using the appliance.
- Message client integration (e.g. Slack) to provide message updates to specific lists or channels based on a set of user configurable event.
- Support for users to upload a custom SSL certificate for secure connections to the VNS3:ms UI and API via https.
- Addition of the VNS3:ha functionality. VNS3:ha provides an instance-based failover mechanism for VNS3 controllers.
Version 1.3 – Released October 8, 2015
1.3.1 – 10/14/2015
- Added API functions for creation/deletion/inspection of user credentials
- Bug Fixes:
- Credentials creation when optional fields exist but aren’t created with null
- Stop unnecessary call to an API status function
- License API detail updates
1.3.0 – 10/8/2015
- Added API functions for creation/deletion/inspection of user credentials
- Fixed bug in credentials creation when optional fields exist but aren’t created with nulls
- Bug fix stopping unnecessary call to an API status function
- Multiple region support for HA
- Bug fixes to HA support from 1.2.x
- Require strong API for all users including admin
- Changed default passwords to use cloud runtime data (e.g. instance id) if available.
- VPC Route instance ID switchover
- Bug fix – removal of alphabetical sorting no longer sets sort order to ID
- Bug fix – new items created by a different user are now included in all displays
- Fixes to get API redirects working correctly (302 browser bug versus use of 307)
- Automatic API documentation generation
1.2.1 – 9/17/2015
- Network object tree alphabetisation option
- Fix for the default timezone
- Object ownership is now updated to admin upon deletion of owner which makes the objects still accessible
- Fixed issue with snapshot timeout errors leaving a blank screen. Now reports error.
- Filtering out of secure information from the logs
- Improved error trapping
- Improved rendering for the VNS3 controller pages, making more use of the API
1.2.0 – 8/11/2015
- Improved performance of the Status page with a large number of IPsec tunnels
- Support for administrator setting for MFA token expiration
- Cloud VLAN details and most tables are now sortable
- VNS3 license details are retrieved and stored, updating as necessary
- Display of controller license details
- Display of connected client tag if ‘name’ tag exists for client on controller detail page
- Support for idle user timeout/logout
- User password expiration
- Navigation tree scrolling
- Deletion of snapshots is now handled via AJAX and the API in order to provide better UX
- Support for multiple snapshot deletion
- AWS cloud credential account ID is now optional and will be filled in (if possible) on validation of creds
- Creation of configuration snapshot on VNS3 record creation
- Improved backup retrieval – support for (a single) snapshot backup file
- Full API functionality for DB and snapshot backup creation, retrieval, push and restore
- New scheduled worker for task cleanups
- Administration system status page
- Bug Fixes:
- Fix for validation of cloud credentials due to DNS conflict
- Minor cosmetic fix to account for discrepancies in values returned from API calls in VNS3 controller 3.5.x
- Improved scripts for building release AMI
Version 1.1 – Released February 23, 2015
Beta – February 6, 2015
1.1.0 – 2/23/2015
Initial release of version 1.0 API
VNS3:ms GUI integration with API to exclusively use API function calls.
AWS EC2/VPC support bug fixes for additional regions.
VNS3:net snapshot fixes to better handle snapshot storage and rotation (delete or overwrite previous snapshot).
Added ability to move components/objects to different parents via the edit function. This allow regrouping of existing objects instead of removing and re-adding.
Added log rotation.
Added LDAP user information in the VNS3:ms user list and allowed LDAP users to modify locally stored user information like real name, phone number, etc.
Updated Copyright and new company name changes.
Added the ability to sort the VPC VLAN subnet network objects.
Unavailable VNS3 Controller object was not displaying snapshot list.
Status of database backup was not being displayed
API call was not working for exports for customer. Reverted to using controller-based call – same functionality, alternate path.
Version 1.0 – Initial Release November 7, 2014
Beta – October 20, 2014 | Alpha – September 5, 2014