Skip to content

Documentation

Release Changes

Release Changes¶

This document contains the updates against the previous releases. To see the release contents, please review the release summaries.

This is a summary of the updates made to the published releases. The sections are organized by RackN release trees.

Release v4.13¶

DRP¶

v4.13.27 (2024/11/01)¶

Fix issue with removing consensus members
Fix race condition in Manager code

v4.13.26 (2024/10/23)¶

Allow ad-auth and saml to always work regardless of license expiration
Fix data race when starting a runner and updating contexts
Add feature flag for secure param auto encryption on set
Emit plugin failure to start messages

v4.13.25 (2024/09/30)¶

Fix bootenv override merging by arch type. x86_64 and amd64 now merge correctly.
Update retry in drpcli for catalog urls

v4.13.24 (2024/09/17)¶

Update drpcli catalog debug messages

v4.13.23 (2024/09/06)¶

Fix crash when running jobs while returning Parameter data

v4.13.22 (2024/09/04)¶

Increase performance of concurrent jobs (remove single lock)

v4.13.21 (2024/08/30)¶

Increase performance of Job/Machine Patch operations
Update drpcli system upgrade command to be cluster aware.

v4.13.20 (2024/08/20)¶

Fix license machine counting issues

v4.13.19 (2024/08/08)¶

Allow self upgrade to handle issues around non-root cases better

v4.13.18 (2024/08/08)¶

Fix Filter object to be Paramers so that the task-library can load.

v4.13.17 (2024/08/01)¶

Enabled job sweeper to run every hour (like it should have been). Active systems will notice this less.

v4.13.16 (2024/07/29)¶

Fail endpoint when DRP fails to update or all pending actions fail.
Fix start-up validation failure around template references
Fix MSM memory/crash loop when failing to upgrade a downstream endpoint
Reduce artifact syncing to the MSM
Streamline endpoint update from MSM

v4.13.15 (2024/07/15)¶

Fix ESXi bootenv issue with path expansion (adds backs compatability for older ESXi bootenvs)

v4.13.14 (2024/07/12)¶

SECURITY: Denial of service due to improper 100-continue handling in net/http info
SECURITY: Denial of service via malicious preflight requests in github.com/rs/cors info
SECURITY: Gin mishandles a wildcard in the origin string in github.com/gin-contrib/cors info
Handle missing bootenv when handling DHCP Discovers/Requests - caused a crash loop

v4.13.13 (2024/06/20)¶

Start DRP if DNS ports are block and log warnings to fix upgrade issues
Allow plugins to specify secure parameters
Emit more static filesystem errors
Fix vulnerability in golang code
Handle PTR requests across zones
Add DNS wildcard support
Fix arm path handling for sledgehammer and other bootenvs
Add more stack traces for API panic paths
Automatically set machine arch from DHCP packets (if known)
Fix license expire calculations

v4.13.12 (2024/04/26)¶

Add SkipDAD option on subnets / reservations in objects
Fix Ux* models crashing server as params

v4.13.11 (2024/04/23)¶

Fix start-fail loop when lease is deleted before machine in same transaction

v4.13.10 (2024/04/22)¶

Fix database growth overtime. 2 restarts are required for this fix to be completely installed.
Looking up parameters performance improved after addition of IPAM dynamic parameters feature
Handle secure parameters when loading plugins.
Expand connection cancel error messages
Improve performance of catalog construction
Fix archive exploding

v4.13.9 (2024/04/05)¶

SECURITY: Update net and net/http library to handle vulnerability info
Fix websocket infinite loop

v4.13.8 (2024/03/20)¶

SECURITY: Update protobuf library to handle vulnerability info

v4.13.7 (2024/03/19)¶

Send expanded decrypt URI to the plugin handing secure parameter decryption

v4.13.6 (2024/03/13)¶

Fix race condition in endpoint managning backend code of the manager. This could cause actions to get lost.

v4.13.5 (2024/03/11)¶

Update terraform digital ocean integration fix (v4.13.4 - rackn/provision tree)
Add ReplaceWritable to the VersionSet Component to allow for the manager to push content with ReplaceWritable flag set.
Fix pool operations will restart workflows set if they are the same as existing workflows
Enforce that only one universal-application-* profile can be on the system at a time. This fixes resource-brokers setting pipelines.

v4.13.4 (2024/03/04)¶

SECURITY: Fix leak of ad-auth user into job logs. CVE-2024-RKN0001
Handle null ptrs for searching

v4.13.3 (2024/03/03)¶

dr-waltool / passive replication (manager) - decouple locking when doing a backup or manager sync. This will prevent the system from becoming unresponsive on hung or stalled backups.
FEATURE: Allow for RBAC to restrict values in a role.
- e.g. machines.update:Workflow:univeral-discover.*
- This will only allow the user to set the Workflow field on a machine to universal-discover.

v4.13.2¶

Speed up catalog rebuilds on the manager by reusing checksum calculations

v4.13.1¶

Remove a go-routine leak when purging / archiving jobs

UX¶

v4.13.11 (2024/08/14)¶

Update log scrolling for activities view to increase performance and usability

v4.13.10 (2024/08/05)¶

Handle pool action enablement when clicking in the UX

v4.13.9 (2024/05/30)¶

Add confirmation pop-up when changing more than 5 rows or if some rows are not on the current page.

v4.13.8 (2024/05/01)¶

Fix job view with long logs

v4.13.7 (2024/04/23)¶

Fix task column links on nested tables
Fix task log cut-off on failure
Remove extra render button and add doc links

v4.13.6 (2024/04/22)¶

Fix resource link reference
Fix secure parameter infinite loading

v4.13.5 (2024/03/27)¶

Fix stage hover crash

v4.13.4 (2024/03/08)¶

FEATURE: Add support for brokers providing options to clusters in creation
Fix issue with meta data being null

v4.13.3 (2024/03/03)¶

Fix reservation and lease tables not updating on events.

v4.13.2¶

Update default bash template to not use ()
Handle null counts
IPMI pop-up should not cover names

v4.13.1¶

Fix job template render source differences
Fix async closure issue

Provision Content¶

v4.13.24 (2024/11/01)¶

flash: Revert script update and fix issue with Etag directly

v4.13.23 (2024/10/23)¶

flash: Fix issue where HPE minor versions were being read as octal

v4.13.22 (2024/10/21)¶

flash: Update the dell redfish python helper script

v4.13.21 (2024/10/11)¶

hardware-tooling: fix hardware-base dependence upon future function. Caused task to fail.

v4.13.20 (2024/09/29)¶

drp-community-content: fix sledgehammer passing uuid as boot param

v4.13.19 (2024/09/29)¶

cisco-support: Update context version and add bootstrap helper profile - MUST GET NEW CONTAINER

v4.13.18 (2024/09/27)¶

hardware-tooling: Add hardware-base task to enable cisco hardware support
cisco-support: Update docs for requirements

v4.13.17 (2024/08/29)¶

task-library: Add TPM version to inventory (requires redfish and ipmi configuration). May need to add inventory-check task to pipelines after the ipmi-configure task in pipelines to take full effet.

v4.13.16 (2024/08/05)¶

content: Add an alma 8.10 and 9.4 sledgehammer to work around secure boot blacklisting grub images

v4.13.15 (2024/07/02)¶

hpe: Add timeout parameters for some ilorest calls

v4.13.14 (2024/06/26)¶

drp-community-content: exclude the cdc_eem driver from MAC discovery to prevent duplicate detection failures.

v4.13.13 (2024/05/15)¶

hpe-support: remove mcp repo because it is gone for most OSes

v4.13.12 (2024/05/01)¶

drp-community-content: fix debian install

v4.13.11 (2024/04/29)¶

hpe-support: add parameter to enable ssacli installation hpe-install-ssacli
flash: fix error message parameter reference.

v4.13.10 (2024/04/21)¶

drp-community-content: add missing config file for stage start.

v4.13.9 (2024/04/03)¶

drp-community-content: Add support for ignore interfaces and drivers during mac address discovery. The defaults allow for ignoring the USB Driver used by Supermicro BMC that generate random mac addresses.

v4.13.8 (2024/04/01)¶

hpe-support: Don't install a raid tool that conflicts with the raid system

v4.13.7 (2024/03/25)¶

drp-community-content: Handle spurious files in the sys net space

v4.13.6 (2024/03/22)¶

drp-community-content: discovery can now have a configurable list of macs to ignore by parameter: discovery-mac-ignore-list
drp-community-content: Add Supermicro X9 USB BMC NIC MAC to ignore list
drp-community-content: Add install_lookup function to helper templates that can look-up packages by distro

v4.13.5 (2024/03/11)¶

drp-community-content: add a bootstrap utility blueprint and task to download a set of bootenvs during the bootstrap phase.
task-library: Add return-pipeline and return-workflow for the pool-broker to clean up machines on return to the pool.
task-library: ansible-playbooks can provide a galaxay requirements file.

v4.13.4 (2024/03/08)¶

flash: Handle AMD HPE packages better

v4.13.3 (2024/03/03)¶

cloud-wrappers: Update vsphere terraform provider
cloud-wrappers: Add helpers for resource brokers when creating machines
cloud-wrappers: vsphere machines can set firmware and secure-boot options
cloud-wrappers: Add datastore-type to allow for cloud and normal datastore selections
drp-community-content: Convert centos-8 to alma-9-min as default OS

v4.13.2¶

drp-community-content: remove dependency upon os-other

v4.13.1¶

drp-community-content: manager bootstrap should not pull tip packages by default
drp-community-content: disk-stress test had a typo that was fixed
os-other: fix broken rhel-7.7 bootenv

Plugins¶

v4.13.21 (2024/10/28)¶

bios: Fix issue with the bioscfg tool not finding the onecli tool

v4.13.20 (2024/09/04)¶

ipmi: fix ipmi scan machines to have correct ip and mac.

v4.13.19 (2024/08/29)¶

ipmi: Add redfish actions nextboothttp and forceboothttp to support HTTP booting

v4.13.18 (2024/08/13)¶

vmware: fix make-esxi.sh to support -8 option

v4.13.17 (2024/08/08)¶

bios: Fix issue with dell-pending-config-jobs get set to a structure

v4.13.16 (2024/07/12)¶

SECURITY: Denial of service due to improper 100-continue handling in net/http info
SECURITY: Leak of sensitive information to log files in github.com/hashicorp/go-retryablehttp info
SECURITY: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity info
SECURITY: Archiver Path Traversal vulnerability in github.com/mholt/archiver info

v4.13.15 (2024/07/10)¶

bios: Fix issue with missing function in bios-configure - add setup.tmpl to get helper functions

v4.13.14 (2024/07/09)¶

vmware: handle config erasure by vmware tools on upgrade/install of vibs

v4.13.13 (2024/05/30)¶

bios: Update parsing of dell pending jobs - fixes bad parameter error

v4.13.12 (2024/05/15)¶

vmware: fix make-esxi.sh to work with latest changes and add -8 flag for esxi 8
vmware: A standard networking task for advanced networking configurations.

v4.13.11 (2024/05/01)¶

vmware: fix checksums in vcf-5.0.0 pipeline
vmware: Update network and hostname task to use ParamExpand.

v4.13.10 (2024/04/05)¶

SECURITY: Update net and net/http library to handle vulnerability info

v4.13.9 (2024/04/06)¶

blancco-lun-eraser: Update the plugin with the latest Blancco tooling and workflows

v4.13.8 (2024/04/01) - Requires DRP v4.11.32 or higher¶

image-deploy: Add curtin/patches parameter to allow for hacking on curtin
image-deploy: allow curtin dd to work on md raid devices
raid: Allow bootenv of raid-encryption to be set in the flexiflow list
raid: Rework raid-install-tools to allow for future and past raid tools
raid: Update the perccli tools
raid: Fix perccli to stop if it finds unparsable data
raid: Fix perccli-json to handle bus data better
azkeyvault: Add support for certificates and update docs

v4.13.7 (2024/03/20)¶

SECURITY: all: Update protobuf library to handle vulnerability info

v4.13.6 (2024/03/19) - Requires DRP v4.13.7 or higher¶

awssecman: New plugin that can used AWS security manager to retrieve secrets.
azkeyvault: New plugin that can used Azure Key Vaults to retrieve secrets.
cmdvault: New plugin that can used command line tools to get secrets.

v4.13.5 (2024/03/13)¶

ipmi: Update redfish library and ipmi-status-validation to fail on critial errors and optionally on warnings

v4.13.4 (2024/03/11)¶

vmware: update bootenvs with group-by data
vmware: improve the esxi-image-install to handle device paths and better error handling

v4.13.3 (2024/03/03)¶

raid: fix perccli2 issues around clear and quoted names

v4.13.2¶

raid: fix perccli2 to have a force on the clear function

v4.13.1¶

ipmi: Fix Lenovo naming in IPMI to set IMM.IMMInfo_Name to the machine name.

RackN Plugins¶

v4.13.5 (2024/11/01)¶

docker-context: Handle container restart if the container is corruprt on server restart

v4.13.4 (2024/07/12)¶

SECURITY: Denial of service due to improper 100-continue handling in net/http info
docker-context: fix podman mount options for drpcli in the container

v4.13.3 (2024/04/05)¶

SECURITY: Update net and net/http library to handle vulnerability info

v4.13.2 (2024/03/20)¶

SECURITY: all: Update protobuf library to handle vulnerability info
SECURITY: all: Update net library to handle vulnerability
SECURITY: all: Update crypto library to handle vulnerability

v4.13.1 (2024/03/03)¶

billing: remove from tree because it is embedded in DRP

Universal¶

v4.13.5 (2024/11/06)¶

Restrict universal/hardware value to valid profile name characters

v4.13.4 (2024/09/27)¶

add hardware-base to universal-discover and universal-hardware pre-flexiflow tasks

v4.13.3 (2024/07/29)¶

add esxi-standard-network config to the esxi config pipeline elements

v4.13.2 (2024/03/22)¶

universal-decommission can now replace some or all of the default decommission tasks.

v4.13.1 (2024/03/03)¶

Convert centos-8 to alma-9-min as base OS.
Reorder discover classifier to enable specific profiles to be applied instead of general profiles

Cohesity¶

v4.13.1 (2024/03/20)¶

Add support for the Cohesity 6.6.0d release

Release v4.12¶

DRP¶

v4.12.28 (2024/09/06)¶

Fix crash when running jobs while returning Parameter data

v4.12.27 (2024/09/04)¶

Increase performance of concurrent jobs (remove single lock)

v4.12.26 (2024/08/29)¶

Increase performance of Job/Machine Patch operations
drpcli golang security updates

v4.12.25 (2024/04/22)¶

Fix database growth overtime. 2 restarts are required for this fix to be completely installed.

v4.12.24 (2024/03/20)¶

SECURITY: Update protobuf library to handle vulnerability info

v4.12.23 (2024/03/19)¶

Send expanded decrypt URI to the plugin handing secure parameter decryption

v4.12.22 (2024/03/04)¶

SECURITY: Fix leak of ad-auth user into job logs. CVE-2024-RKN0001
Handle null ptrs for searching

v4.12.21 (2024/03/03)¶

dr-waltool / passive replication (manager) - decouple locking when doing a backup or manager sync. This will prevent the system from becoming unresponsive on hung or stalled backups.
Remove a go-routine leak when purging / archiving jobs (drpcli v4.12.9)

v4.12.20¶

Allow for removal of duplicate objects across layers

Provision Content¶

v4.12.16 (2024/11/01)¶

flash: Revert script update and fix issue with Etag directly

v4.12.15 (2024/10/23)¶

flash: Fix issue where HPE minor versions were being read as octal

v4.12.14 (2024/10/21)¶

flash: Update the dell redfish python helper script

v4.12.13 (2024/10/14)¶

task-library: Add TPM version to inventory (requires redfish and ipmi configuration). May need to add inventory-check task to pipelines after the ipmi-configure task in pipelines to take full effet.

v4.12.12 (2024/07/02)¶

hpe: Add timeout parameters for some ilorest calls

v4.12.11 (2024/04/01)¶

bios: Don't install a raid tool that conflicts with the raid system

v4.12.10 (2024/03/08)¶

flash: Handle AMD HPE packages better

Plugins¶

v4.12.19 (2024/08/08)¶

bios: Fix issue with dell-pending-config-jobs get set to a structure

v4.12.18 (2024/07/09)¶

vmware: handle config erasure by vmware tools on upgrade/install of vibs

v4.12.17 (2024/04/01) - Requires DRP v4.11.32 or higher¶

raid: Rework raid-install-tools to allow for future and past raid tools
raid: Update the perccli tools
raid: Fix perccli to stop if it finds unparsable data
raid: Fix perccli-json to handle bus data better

v4.12.16 (2024/03/20)¶

SECURITY: all: Update protobuf library to handle vulnerability info

v4.12.15 (2024/03/19) - Requires DRP v4.12.23 or higher¶

awssecman: New plugin that can used AWS security manager to retrieve secrets.
azkeyvault: New plugin that can used Azure Key Vaults to retrieve secrets.
cmdvault: New plugin that can used command line tools to get secrets.

v4.12.14 (2024/03/13)¶

ipmi: Update redfish library and ipmi-status-validation to fail on critial errors and optionally on warnings

RackN Plugins¶

v4.12.2 (2024/03/20)¶

SECURITY: all: Update protobuf library to handle vulnerability info
SECURITY: all: Update net library to handle vulnerability
SECURITY: all: Update crypto library to handle vulnerability

Universal¶

v4.12.1 (2024/03/22)¶

universal-decommission can now replace some or all of the default decommission tasks.

Release v4.11¶

DRP¶

v4.11.32 (2024/03/19)¶

Send expanded decrypt URI to the plugin handing secure parameter decryption

v4.11.31 (2024/03/03)¶

dr-waltool / passive replication (manager) - decouple locking when doing a backup or manager sync. This will prevent the system from becoming unresponsive on hung or stalled backups.
Remove a go-routine leak when purging / archiving jobs (drpcli v4.11.13)

v4.11.30¶

Allow for removal of duplicate objects across layers

Provision Content¶

v4.11.26 (2024/11/01)¶

flash: Revert script update and fix issue with Etag directly

v4.11.25 (2024/10/23)¶

flash: Fix issue where HPE minor versions were being read as octal

v4.11.24 (2024/10/21)¶

flash: Update the dell redfish python helper script

v4.11.23 (2024/10/14)¶

task-library: Add TPM version to inventory (requires redfish and ipmi configuration). May need to add inventory-check task to pipelines after the ipmi-configure task in pipelines to take full effet.

v4.11.22 (2024/07/02)¶

hpe: Add timeout parameters for some ilorest calls

v4.11.21 (2024/04/01)¶

bios: Don't install a raid tool that conflicts with the raid system

v4.11.20 (2024/03/08)¶

flash: Handle AMD HPE packages better

Plugins¶

v4.11.18 (2024/08/08)¶

bios: Fix issue with dell-pending-config-jobs get set to a structure

v4.11.17 (2024/07/09)¶

vmware: handle config erasure by vmware tools on upgrade/install of vibs

v4.11.16 (2024/04/01) - Requires DRP v4.11.32 or higher¶

raid: Rework raid-install-tools to allow for future and past raid tools
raid: Update the perccli tools
raid: Fix perccli to stop if it finds unparsable data
raid: Fix perccli-json to handle bus data better

v4.11.15 (2024/03/19) - Requires DRP v4.11.32 or higher¶

awssecman: New plugin that can used AWS security manager to retrieve secrets.
azkeyvault: New plugin that can used Azure Key Vaults to retrieve secrets.
cmdvault: New plugin that can used command line tools to get secrets.

v4.11.14 (2024/03/13)¶

ipmi: Update redfish library and ipmi-status-validation to fail on critial errors and optionally on warnings

Release Groupings¶

The following are the groupings of updates. There versions travel together. Where possible, the change notes which specific piece is updated.

DRP¶

UX¶

Content Packs¶

Plugins¶

bios
blancco-lun-eraser
callback
certs
eikon
endpoint-exec
event2audit
filebeat
image-deploy
ipmi
netbox
packet-ipmi
raid
slack
tower
triggers
vault
virtualbox-ipmi
vmware

RackN Plugins¶

ad-auth
agent
docker-context
rack

Universal¶

Solidfire¶

Cohesity¶