4.2-8-1.0.0

Fixes

  • Updated RHEL 8.8 base image and system package versions of bpftool, container-selinux, containerd.io, docker-ce, docker-ce-cli, iwl1000-firmware, kernel, linux-firmware, nss, openssl, perf, `postgresql, python39, wget.

  • Updated Cassandra version to 4.1.7 to address security vulnerabilities.

  • Updated NGINX container version to 1.22.0-5 to address critical CVEs (CVE-2024-45491 and CVE-2024-5535)

  • Updated Apache Tomcat version to 9.0.96.

  • Updated Microsoft JDK version to 11.0.24 to address security vulnerabilities (CVE-2024-21147)

  • Fixed csar ansible scripts so RVT upgrades don’t fail halfway through if you did not enter a MW at the start (#1745177)

  • RVT VMs raise an alarm when a Read Only partition is detected (#1865522)

New functionality

  • Compatibility with SIMPL V6.16.2.

  • REM Certificates require IP Addresses as Alternate Names (#1550033)

  • Updated rvtconfig to support references to secret store in configuration YAML files. (#1684972)

  • Updated rvtconfig compare-config command so secrets are not included on such config comparison. (#1867787)

  • Added new rvtconfig commands to support rotation of Cassandra user and password secrets: add-cds-user, remove-cds-user, rotate-cds-password. (#1760090 and #1760091)

4.2-7-1.0.0

Fixes

  • Updated RHEL 8.8 base image and system package versions of avahi-libs, bind, bpftool, container-selinux, containerd.io, cups, cups-client, cups-libs, dhcp, docker-ce, docker-ce-cli, expat-devel, glibc, iproute, iwl1000-firmware, kernel, less, libfastjson, libmaxminddb, libuuid, libxml, linux-firmware, net-snmp, NetworkManager, nss, openssh, openssl, perf, `perl, platform-python-pip, postgresql, python39-setuptools, python3-bind, python3-cryptography, python3-libxml, python3-pip, rpm-plugin-selinux, selinux-policy, sqlite, sudo, tcpdump, util-linx-user, to address security vulnerabilities. (#1586651 and #1650638)

  • Updated Cassandra version to 4.1.5 to address security vulnerabilities.

  • Updated Apache Tomcat version to 9.0.91 to address security vulnerabilities (CVE-2024-34750).

  • Updated Microsoft JDK version to 11.0.23 to address security vulnerabilities (CVE-2023-41993 and CVE-2024-21892)

  • Fix of rvtconfig to support paths with symlinks. (#1611148)

  • Fix of rvtconfig validate with SMO profile tables validation. (#1667728)

  • Corrected an issue that prevented MAG nginx logs from rotating correctly. (#1634237)

  • Updated Cassandra DB GC logging configuration to generate smaller files with required info for memory consumption analysis.

New functionality

  • Added a date field in the output of the "rvtconfig list-config" command that indicates when a specific version of a config was uploaded to the CDS. (#1508571)

  • Compatibility with SIMPL V6.16.1.

4.2-4-1.0.0

Fixes

  • Updated system package versions of bind, bpftool, container-selinux, containerd.io, cups, cups-libs, docker-ce, docker-ce-cli, glibc, kernel, less, libX11, libuuid, nss, perf, platform-python-pip, python3-bind, python3-pip, util-linux-user, NetworkManager, to address security vulnerabilities. (#1512780)

  • Removed SNMP alarm monitoring memAvailReal as this was frequently incorrectly alarming and we now monitor available memory in SIMon. (#1087865)

  • Enhanced NTP setup robustness during bootstrap. (#1521440)

New functionality

  • Alarm raised when XCAP and/or BSF certificates are about to expire (less than 30 days). (#1497920)

4.2-3-1.0.0

Fixes

  • Updated system package versions of avahi-libs, bpftool, container-selinux, containerd.io, curl, docker-ce, docker-ce-cli, gnutls, iproute, iwl1000-firmware, kernel, libfastjson, libmaxminddb, linux-firmware, nss, openssh, perl, postgresql, python, rpm, sqlite, sudo, tcpdump and tzdata, to address security vulnerabilities. (#1336181)

4.2-1-1.0.0

New functionality

  • Redhat 8 is now the base operating system in all the VMs, including custom VMs.

  • Compatibility with Redhat 8 based SIMPL V6.15 and MDM 3.8.

  • Updated the OCSS7 version to 5.0 which comes with the latest avaliable release of Hazelcast.

  • Updated the Apache Tomcat version to 9.0.85.

  • Added new default configuration in T-ADS to support 5G Voice over New Radio (VoNR). (#1150080)

  • Added NGINX rate limiting configuration for MAG nodes that improves NGINX DDoS protection for XCAP. (#1293895)

Fixes

  • Fixed the smo-stats file to have attemptedV2Open stat in the right place (#1277637)

  • Added support in rvtconfig to handle SDF files that are symbolic links. (#1296638)

  • Added raising an alarm if MDM certificate is soon to be expired. (#1095098)

4.1-7-1.0.0

Fixes

  • Update Cassandra 4.1 gc.log configuration options to reduce logging printed information and to allow analysis by censum tool. (#1161334)

  • Updated rvconfig set-desired-running-state command so it lowercases instance names for MDM instance IDs (as SIMPL/MDM do) (#994044)

  • Initconf sets directory and file permissions to the primary user (instead of root) when extracting custom data from yaml configuration files. (#510353)

4.1-5-1.0.0

New functionality

  • Add new charging option 'cap-ro' to support mixed CAMEL and Diameter Ro deployment. (#701809)

  • Add support for configuring multiple destination realms for Diameter Ro. (#701814)

Fixes

  • Updated example configuration for conference-mrf-uri to force TCP (#737570)

  • Corrected the SNMP alarm that was previously monitoring totalFree memory, it now checks for availReal memory instead. (#853447)

  • Modified the validation scripts to avoid checking rhino liveness & alerts when IPSMGW is disabled. (#737963)

  • Allow upload config if there is no live node for a given VM type (#511300)

  • Cassandra 4 container upgraded to 4.1.3 (#987347)

  • Updated system package versions of libwebp, bind, bpftool, kernel, open-vm-tools, perf, and python to address security vulnerabilities. (#1023775)

  • Upgraded Apache Tomcat to 8.5.95 version. (#986693)

4.1-3-1.0.0

New functionality

  • The minimum supported version of SIMPL is now 6.13.3. (#290889)

  • TSN upgrades are supported when all other non-TSN nodes are already upgraded to 4.1.3-1.0.0 or higher. Refer to Major upgrade from 4.0.0 of TSN nodes (#290889).

  • TSN VM supports 2 Cassandra releases - 3.11.13 and 4.1.1; the default is 4.1.1 for new deployments, 3.11.13 can be selected by setting the custom-options parameter to cassandra_version_3_11 during a VM deployment. New rvtconfig cassandra-upgrade allows one-way switch from 3.11.13 to 4.1.1 without outage. Refer to Cassandra version switch procedure for TSN nodes (#290935)

  • New rvtconfig backup-cds and rvtconfig restore-cds commands allow backup and restore of CDS data. Refer to Take a CDS backup (#290889)

  • New rvtconfig set-desired-running-state command to set the desired state of non-TSN initconf processes. Refer to Resume Initconf in non-TSN nodes(#290889)

Fixes

  • Fixed a race condition during quiesce that could result in a VM being turned off before it had completed writing data to CDS. (#733646)

  • Improved the output when rvtconfig gather-diags is given hostname or site ID parameters that do not exist in the SDF, or when the SDF does not specify any VNFCs. (#515668)

  • Fixed an issue where rvtconfig would display an exception stack trace if given an invalid secrets ID. (#515672)

  • rvtconfig gather-diags now reports the correct location of the downloaded diagnostics. (#515671)

  • The version arguments to rvtconfig are now optional, defaulting to the version from the SDF if it matches that of rvtconfig. (#380063)

  • There is now reduced verbosity in the output of the upload-config command and logs are now written to a log file. (#334928)

  • Fixed service alarms so they will correctly clear after a reboot. (#672674)

  • Fixed rvtconfig gather-diags to be able to take ssh-keys that are outside the rvtcofig container. (#734624)

  • Fixed the rvtconfig validate command to only try to validate the optional files if they are all present. (#735591)

  • The CDS event check now compares the target versions of the most recent and new events before the new event is deemed to be already in the CDS. (#724431)

  • Extend OutputTreeDiagNode data that the non-TSN initconf reports to MDM based on the DesiredRunningState set from rvtconfig. (#290889)

  • Updated system package versions of nss, openssl, sudo, krb5, zlib, kpartx, bind, bpftool, kernel and perf to address security vulnerabilities. (#748702)

  • Hazelcast on SMO and SGC nodes now only binds to the clustering interface, not all interfaces. (#716776)

  • Enable rvtconfig to upload the config containing differences or errors when there is no node alive without using skip_diff. (#738214)

  • Added REM Local instance to MAG nodes for backward compatiblity with REM provisioning requests. (#829927)

  • Updated SMO configuration so that the server for UE-Reachability notifications listens on the internal interface only. (#667685)

  • Fixed an issue where rvtconfig validate would fail on a SMO node when the IP-SM-GW was disabled. (#737963)

4.1-1-1.0.0

  • The minimum supported version of SIMPL is now 6.11.2. (#443131)

  • Added a csar validate test that runs the same liveness checks as rvtconfig report-group-status. (#397932)

  • Added MDM status to csar validate tests and report-group-status. (#397933)

  • Added the same healthchecks done in csar validate as part of the healthchecks for csar update. (#406261)

  • Added a healthcheck script that runs before upgrade to ensure config has been uploaded for the uplevel version. (#399673)

  • Added a healthcheck script that runs before upgrade and enforces the use of rvtconfig enter-maintenance-window. (#399670)

  • rvtconfig upload-config and related commands now ignore specific files that may be in the input directory unnecessarily. (#386665)

  • An error message is now output when incorrectly formatted override yaml files are inputted rather than a lengthy stack trace. (#381281)

  • Added a service to the VMs to allow SIMPL VM to query their version information. (#230585)

  • CSARs are now named with a -v6 suffix for compatibility with version 6.11 of SIMPL VM. (#396587)

  • Fixed an issue where the new rvtconfig calculate-maintenance-window command raised a KeyError. (#364387)

  • Fixed an issue where rvtconfig could not delete a node type if no config had been uploaded. (#379137)

  • Improved logging when calls to MDM fail. (#397974)

  • Update initconf zip hashes to hash file contents and names. (#399675)

  • Fixed an issue where rvtconfig maintenance-window-status would report that a maintenance window is active when the end time had already passed. (#399670)

  • Config check is now done once per node rather than unnecessarily repeated when multiple nodes are updated. (#334928)

  • Fixed an issue where csar validate, update or heal could fail if the target VM’s disk was full. (#468274)

  • The --vm-version-source argument now takes the option sdf-version that uses the version in the SDF for a given node. There is now a check that the inputted version matches the SDF version and an optional argument --skip-version-check that skips this check. (#380063)

  • rvtconfig now checks for, and reports, unsupported configuration changes. (#404791)

  • Fixed Rhino not restarting automatically if it exited unexpectedly. (#397976)

  • Added a csar validate test that checks there are no Rhino alarms. (#379143)

  • Added support to skip checking for Rhino alarms during csar update healthcheck and csar validate. (#468271)

  • Removed the cluster interface for MAG and MMT nodes on all platforms except OpenStack. On OpenStack, the cluster interface remains to workaround a SIMPL VM issue when upgrading from RVT 4.0; it should not be used for new deployments. (#503123)

  • Updated the REM dependency to the 3.2.x release series. (#368280)

  • The Local instance has been removed from REM. (#268280)

  • Upgraded Apache Tomcat to 8.5.84 version. (#479318)

  • Fixed an issue where Rhino management and audit logs would not be updated. (#377792)

  • Added a command prepare-for-40-tsn-upgrade to the TSN CSAR to support upgrades from 4.0 TSNs. (#420379)

  • Added OCSS7 alarms to csar validate tests and report-group-status. (#397933)

  • Added support to skip checking for SGC alarms during csar update healthcheck and csar validate. (#468271)

  • Updated system package versions of bind, bpftool, device-mapper-multipath, expat, krb5-devel, libkadm5 and python-ply to address security vulnerabilities. (#406275, #441719)

4.1-0-1.0.0

First release in the 4.1 series.

Major new functionality

  • Added support for parallel upgrades (except for TSN, SMO and SGC). Refer to Notes on parallel vs sequential upgrade for more details.

  • Added support for VM Recovery. Depending on different situations, this allows you to recover from malfunctioning VM nodes without affecting other nodes in the same VM group.

  • Added a low-privilege user, named viewer. This user has read-only access to diagnostics on the VMs and no superuser capabilities. (OPT-4831)

  • Migrated XCAP server from REM in Tomcat to the new XCAP service in Rhino on the MAG node. (VOLTE-9819)

  • Updated VM sizing for TSN and MMT nodes. The old sizes are retained for upgrades, but new sizes should be used for new deployments. (#370050)

Backwards-incompatible changes

  • Access to VMs is now restricted to SSH keys only (no password authentication permitted). (OPT-4341)

  • The minimum supported version of SIMPL is now 6.10.1. (OPT-4677, OPT-4740, OPT-4722, OPT-4726, #207131) This includes different handling of secrets, see Secrets in the SDF for more details.

  • Made the system-notification-enabled, rhino-notification-enabled, and sgc-notification-enabled configuration options mandatory. Ensure these are specified in snmp-config.yaml. (#270272)

  • MMT and MAG nodes no longer use a clustering interface.

  • Changed prefix of internal XCAP hostname in DNS template from internal-xcap. to xcap.internal.. XCAP requests are now required to have a Host starting with xcap. to conform to the format outlined in the 3GPP TS 23.003 specification. (OPT-4714)

  • Settings in the product-options section of the SDF now raise an error if specified in high-level YAML (as they once used to be), rather than simply warning the user that they have moved. (OPT-3380)

  • Made mag-vmpool-config.yaml xcap-domains value format more strict. Each value in xcap-domains must now start with xcap. (including the .). Previously they only needed to start with xcap (without the .). This stricter check brings it more in-line with the XCAP (and BSF) domain name format outlined in the 3GPP TS 23.003 specification. (OPT-4352)

  • Removed NAF filter configuration related to local nonce storage — only cassandra-based nonce storage is supported now. Also removed NAF filter-specific Cassandra connection details as Cassandra connection is now via the Cassandra CQL RA, the same as the BSF. (VOLTE-9616)

  • The Local instance from REM is no longer functional, and will be removed in the next maintenance release. To manage the MAG nodes in REM, use the host-specific instance instead (normally RVT-mag.DC1-<hostname>).

  • Improved ShCM security by automatically restricting ShCM API access only to nodes that need it - MMT, SMO & MAG. (VOLTE-10193)

  • Added support for Rhino Node IDs to be configurable for unclustered VMs, and made this field mandatory. (#235644)

  • The SGC JMX management API now only listens on localhost. (OPT-4834)

  • SMO/SGC VMs now refuse to apply OCSS7 configuration changes unless the documented SGC reconfiguration procedure is followed. (#276422)

Other new functionality

  • Added a list of expected open ports to the documentation. (OPT-3724)

  • Added enter-maintenance-window and leave-maintenance-window commands to rvtconfig to control scheduled tasks. (OPT-4805)

  • Added a command liveness-check to all VMs for a quick health overview. (OPT-4785)

  • Added a command rvtconfig report-group-status for a quick health overview of an entire group. (OPT-4790)

  • Split rvtconfig delete-node-type into rvtconfig delete-node-type-version and rvtconfig delete-node-type-all-versions commands to support different use cases. (OPT-4685)

  • Added rvtconfig delete-node-type-retain-version command to search for and delete configuration and state related to versions other than a specified VM version. (OPT-4685)

  • Added rvtconfig calculate-maintenance-window to calculate the suggested duration for an upgrade maintenance window. (#240973)

  • Added rvtconfig gather-diags to retrieve all diags from a deployment. This has been optimised to gather diags in parallel safely based on the node types alongside disk usage safety checks. (#399682, #454095, #454094)

  • Added support for Cassandra username/password authentication. (OPT-4846)

  • system-config.yaml and routing-config.yaml are now fully optional, rather than requiring the user to provide an empty file if they didn’t want to provide any configuration. (OPT-3614)

  • Added tool mdm_certificate_updater.py to allow the update of MDM certificates on a VM. (OPT-4599)

  • Added support for configuring SAS connectivity using DNS hostnames. (OPT-4716)

  • Added support for configuring REM debug logging through high level config. (OPT-4799)

  • The VMs' infrastructure software now runs on Python 3.9. (OPT-4013, OPT-4210)

  • All RPMs and Python dependencies updated to the newest available versions.

  • Updated the linkerd version to 1.7.5. (#360288)

  • Updated the Cassandra version to 3.11.13. (#255349)

  • Upgraded PostgreSQL to version 12. (OPT-5022)

  • Use the Microsoft build of OpenJDK instead of the CentOS OpenJDK. (#255345)

Fixes

  • Fixed issue with default gateway configuration.

  • initconf is now significantly faster. (OPT-3144, OPT-3969)

  • Added some additional clarifying text to the disk usage alarms. (OPT-4046)

  • Ensured tasks which only perform configuration actions on the leader do not complete too early. (OPT-3657)

  • Tightened the set of open ports used for SNMP, linkerd and the Prometheus stats reporter. (OPT-4061, OPT-4058)

  • Disabled NTP server function on the VMs (i.e. other devices cannot use the VM as a time source). (OPT-4061)

  • The report-initconf command now returns a meaningful exit code. (DEV-474)

  • Alarms sent from initconf will have the source value of RVT monitor. (OPT-4521)

  • Removed unnecessary logging about not needing to clear an alarm that hadn’t been previously raised. (OPT-4752)

  • Authorized site-wide SSH authorized public keys specified in the SDF on all VMs within the site. (OPT-4729)

  • Reduced coupling to specific SIMPL VM version, to improve forwards compatibility with SIMPL. (OPT-4699)

  • Moved initconf.log, mdm-quiesce-notifier.log and bootstrap.log to /var/log/tas, with symlinks from old file paths to new file paths for backwards compatibility. (OPT-4904)

  • Added the rvt-gather_diags script to all node types.

  • Increased bootstrap timeout from 5 to 15 minutes to allow time (10 minutes) to establish connectivity to NTP servers. (OPT-4917)

  • Increase logging from tasks which run continuously, such as Postgres and SSH key management. (OPT-2773)

  • Avoid a tight loop when the CDS server is unavailable, which caused a high volume of logging. (OPT-4925)

  • SNMPv3 authentication key and privacy key are now stored encrypted in CDS. (OPT-3822)

  • Added a 3-minute timeout to the quiesce task runner to prevent quiescing from hanging indefinitely if one of the tasks hangs (OPT-5053)

  • The report-initconf command now reports quiesce failure separately to quiesce timeout. (#235188)

  • Added a list of SSH authorized keys for the low-privilege user to the product options section of the SDF. (#259004)

  • Store the public SSH host keys for VMs in a group in CDS instead of using ssh-keyscan to discover them. (#262397)

  • Add mechanism to CDS state to support forward-compatible extensions. (#230677)

  • Logs stored in CDS during quiesce will be removed after 28 days. (#314937)

  • The VMs are now named "Metaswitch Virtual Appliance". (OPT-3686)

  • Updated mmt-gsm-stats.xml stats config to use SCCCamelToIMSReoriginationIN SBB parameter set. (OPT-4137)

  • Fixed issue where SAS config was required on SMO nodes even if the IPSMGW function was disabled. (OPT-3614)

  • Enabled SAS on the MAG node — NAF/BSF/XCAP requests will now be reported to the configured SAS. (OPT-4255)

  • Removed the rvtconfig split-sdf and shcm-properties-to-yaml tools that are no longer required for upgrades. (OPT-3395)

  • Fixed issue where replication would be enabled for call types where it is not supported. (VOLTE-10172)

  • Update MAG nginx config to add X-Ua-OpenSSL-Cipher-Suite header to xcap server requests containing UE-nginx SSL connection cipher. (#340633)

  • Corrected a defect that could cause the uplevel SGC/SMO VM to be unable to rejoin the cluster following an upgrade. (#230582)

  • Fixed bug where Rhino SLEE state would not be preserved across a Rhino restart. (RHI-6378)

  • Ignored exceptions thrown when attempting to start the SLEE immediately after it has been started. (OPT-4019)

  • During upgrades, make the Rhino quiesce stage more efficient by splitting up tasks, and allowing the leader node more time to perform Postgres connection management. Allow 3 attempts to upload logging before continuing. (OPT-4859)

  • Fixed rare cases where initconf could become stuck on a call to the flushconfiguration command. (OPT-4810)

  • Ensured Rhino only listens for management commands on the management interface. (OPT-4934)

  • Moved all Rhino logs to /var/log/tas/rhino. (OPT-4906)

  • Changed permissions on the log files rhino.log and alarms.csv, so that all users - notably the viewer user - can now read them. (OPT-4906)

  • Fixed rare failure to converge when a node was booting while a different node was configuring an RA. (OPT-4927)

  • Updated postgres stop systemd timeout timer to from 60 minutes to 5 minutes. (OPT-5050)

  • Rhino will no longer restart or stop when PostgreSQL is restarted or stopped via systemctl. (#260638)

  • Failure to stop Rhino during quiesce will no longer prevent quiesce completing. (#296266)

  • Removed saving/restoring of OID mappings on nodes running Rhino. OID mappings are static now in Rhino. (OPT-4144)

  • Fixed an issue around enabling SNMP v3 in Rhino before the credentials had been configured. (#233470)

  • Removed the seeds_allocation Cassandra table. (OPT-4786)

  • Added support for repair and cleanup scheduling. Repairs are scheduled for peers after a Cassandra node has been assassinated. Cleanups are scheduled for peers after a TSN recovery. All scheduled actions are run sequentially on each peer node to avoid parallel invocation.

  • All TSN nodes now check for keyspace availability and schema version agreement. (OPT-5060)

  • Store Cassandra logs in CDS after quiesce. (OPT-4693)

  • The CDS replication factor is now proportional to the number of TSN nodes in the cluster. If there are more than 5 TSN nodes in the cluster the replication factor is capped at 5. (OPT-4823)

  • Increase TSN commissioning timeout to 30 minutes from 20 minutes. (#308746)

  • Alarms are now raised when the ramdisk Cassandra partition reaches 80% and 90% usage (instead of 90% and 95%). (#338936)

  • The replication factor is now correctly set to 1 on Cassandra keyspaces in lab deployments with one or two TSN nodes. (#187408)

4.0.0-34-1.0.0

  • Added IM-SSF O_BCSM and T_BCSM stats to the MMT-GSM set to aid with monitoring of call behaviour during IN Bypass. (#258859)

4.0.0-31-1.0.0

  • Updated system package versions of bpftool, kernel, perf, python and xz to address security vulnerabilities.

  • Corrected a defect that could cause the uplevel SGC/SMO VM to be unable to rejoin the cluster following an upgrade. (#230582)

4.0.0-30-1.0.0

  • Fixed an issue where VMs would send DNS queries for the localhost hostname. (#206220)

4.0.0-29-1.0.0

  • Fixed issue that meant rvtconfig upload-config would fail when running in an environment where the input device is not a TTY. When this case is detected upload-config will default to non-interactive confirmation -y. This preserves 4.0.0-26-1.0.0 (and earlier versions) in environments where an appropriate input device is not available. (#258542)

4.0.0-28-1.0.0

  • Fixed an issue where scheduled tasks could incorrectly trigger on a reconfiguration of their schedules. (#167317)

  • Added rvtconfig compare-config command and made rvtconfig upload-config check config differences and request confirmation before upload. There is a new -f flag that can be used with upload-config to bypass the configuration comparison. -y flag can now be used with upload-config to provide non-interactive confirmation in the case that the comparison shows differences. (OPT-4517)

Previous page Next page
Rhino VoLTE TAS VMs Version 4.2