Compatibility with SIMPL V6.17.0. (#1938379)

Redhat 8.10 is now the base operating system in all the VMs, including custom VMs. (#1921689)

Support encrypted rhino keystore passwords. (#1746028)

Updated RHEL 8.8 base image and system package versions of bpftool, container-selinux, containerd.io, docker-ce, docker-ce-cli, iwl1000-firmware, kernel, linux-firmware, nss, openssl, perf, `postgresql, python39, wget.

Updated Cassandra version to 4.1.7 to address security vulnerabilities.

Updated NGINX container version to 1.22.0-5 to address critical CVEs (CVE-2024-45491 and CVE-2024-5535)

Updated Apache Tomcat version to 9.0.96.

Updated Microsoft JDK version to 11.0.24 to address security vulnerabilities (CVE-2024-21147)

Fixed csar ansible scripts so RVT upgrades don’t fail halfway through if you did not enter a MW at the start (#1745177)

RVT VMs raise an alarm when a Read Only partition is detected (#1865522)

Compatibility with SIMPL V6.16.2.

REM Certificates require IP Addresses as Alternate Names (#1550033)

Updated rvtconfig to support references to secret store in configuration YAML files. (#1684972)

Updated rvtconfig compare-config command so secrets are not included on such config comparison. (#1867787)

Added new rvtconfig commands to support rotation of Cassandra user and password secrets: add-cds-user, remove-cds-user, rotate-cds-password. (#1760090 and #1760091)

Updated RHEL 8.8 base image and system package versions of avahi-libs, bind, bpftool, container-selinux, containerd.io, cups, cups-client, cups-libs, dhcp, docker-ce, docker-ce-cli, expat-devel, glibc, iproute, iwl1000-firmware, kernel, less, libfastjson, libmaxminddb, libuuid, libxml, linux-firmware, net-snmp, NetworkManager, nss, openssh, openssl, perf, `perl, platform-python-pip, postgresql, python39-setuptools, python3-bind, python3-cryptography, python3-libxml, python3-pip, rpm-plugin-selinux, selinux-policy, sqlite, sudo, tcpdump, util-linx-user, to address security vulnerabilities. (#1586651 and #1650638)

Updated Cassandra version to 4.1.5 to address security vulnerabilities.

Updated Microsoft JDK version to 11.0.23 to address security vulnerabilities (CVE-2023-41993 and CVE-2024-21892)

Fix of rvtconfig to support paths with symlinks. (#1611148)

Fix of rvtconfig validate with SMO profile tables validation. (#1667728)

Updated Cassandra DB GC logging configuration to generate smaller files with required info for memory consumption analysis.

Added a date field in the output of the "rvtconfig list-config" command that indicates when a specific version of a config was uploaded to the CDS. (#1508571)

Compatibility with SIMPL V6.16.1.

Updated system package versions of bind, bpftool, container-selinux, containerd.io, cups, cups-libs, docker-ce, docker-ce-cli, glibc, kernel, less, libX11, libuuid, nss, perf, platform-python-pip, python3-bind, python3-pip, util-linux-user, NetworkManager, to address security vulnerabilities. (#1512780)

Removed SNMP alarm monitoring memAvailReal as this was frequently incorrectly alarming and we now monitor available memory in SIMon. (#1087865)

Enhanced NTP setup robustness during bootstrap. (#1521440)

Updated system package versions of avahi-libs, bpftool, container-selinux, containerd.io, curl, docker-ce, docker-ce-cli, gnutls, iproute, iwl1000-firmware, kernel, libfastjson, libmaxminddb, linux-firmware, nss, openssh, perl, postgresql, python, rpm, sqlite, sudo, tcpdump and tzdata, to address security vulnerabilities. (#1336181)

Redhat 8 is now the base operating system in all the VMs, including custom VMs.

Compatibility with Redhat 8 based SIMPL V6.15 and MDM 3.8.

Added support in rvtconfig to handle SDF files that are symbolic links. (#1296638)

Added raising an alarm if MDM certificate is soon to be expired. (#1095098)

Update Cassandra 4.1 gc.log configuration options to reduce logging printed information and to allow analysis by censum tool. (#1161334)

Updated rvconfig set-desired-running-state command so it lowercases instance names for MDM instance IDs (as SIMPL/MDM do) (#994044)

Initconf sets directory and file permissions to the primary user (instead of root) when extracting custom data from yaml configuration files. (#510353)

Add new charging option 'cap-ro' to support mixed CAMEL and Diameter Ro deployment. (#701809)

Add support for configuring multiple destination realms for Diameter Ro. (#701814)

Updated example configuration for conference-mrf-uri to force TCP (#737570)

Corrected the SNMP alarm that was previously monitoring totalFree memory, it now checks for availReal memory instead. (#853447)

Modified the validation scripts to avoid checking rhino liveness & alerts when IPSMGW is disabled. (#737963)

Allow upload config if there is no live node for a given VM type (#511300)

Cassandra 4 container upgraded to 4.1.3 (#987347)

Updated system package versions of libwebp, bind, bpftool, kernel, open-vm-tools, perf, and python to address security vulnerabilities. (#1023775)

The minimum supported version of SIMPL is now 6.13.3. (#290889)

TSN upgrades are supported when all other non-TSN nodes are already upgraded to 4.1.3-1.0.0 or higher.

TSN VM supports 2 Cassandra releases - 3.11.13 and 4.1.1; the default is 4.1.1 for new deployments, 3.11.13 can be selected by setting the custom-options parameter to cassandra_version_3_11 during a VM deployment. New rvtconfig cassandra-upgrade allows one-way switch from 3.11.13 to 4.1.1 without outage.

New rvtconfig backup-cds and rvtconfig restore-cds commands allow backup and restore of CDS data.

New rvtconfig set-desired-running-state command to set the desired state of non-TSN initconf processes.

Fixed a race condition during quiesce that could result in a VM being turned off before it had completed writing data to CDS. (#733646)

Improved the output when rvtconfig gather-diags is given hostname or site ID parameters that do not exist in the SDF, or when the SDF does not specify any VNFCs. (#515668)

Fixed an issue where rvtconfig would display an exception stack trace if given an invalid secrets ID. (#515672)

rvtconfig gather-diags now reports the correct location of the downloaded diagnostics. (#515671)

The version arguments to rvtconfig are now optional, defaulting to the version from the SDF if it matches that of rvtconfig. (#380063)

There is now reduced verbosity in the output of the upload-config command and logs are now written to a log file. (#334928)

Fixed service alarms so they will correctly clear after a reboot. (#672674)

Fixed rvtconfig gather-diags to be able to take ssh-keys that are outside the rvtcofig container. (#734624)

Fixed the rvtconfig validate command to only try to validate the optional files if they are all present. (#735591)

The CDS event check now compares the target versions of the most recent and new events before the new event is deemed to be already in the CDS. (#724431)

Extend OutputTreeDiagNode data that the non-TSN initconf reports to MDM based on the DesiredRunningState set from rvtconfig. (#290889)

Updated system package versions of nss, openssl, sudo, krb5, zlib, kpartx, bind, bpftool, kernel and perf to address security vulnerabilities. (#748702)

Added a nodetool-password parameter that can be used when upgrading from 4.0 to 4.1 - this should only be used if TSN is also deployed. (#503124)

Added support for parallel upgrades (except for TSN, SMO and SGC). Refer to Notes on parallel vs sequential upgrade for more details.

Added support for VM Recovery. Depending on different situations, this allows you to recover from malfunctioning VM nodes without affecting other nodes in the same VM group.

Added a low-privilege user, named viewer. This user has read-only access to diagnostics on the VMs and no superuser capabilities. (OPT-4831)

Updated VM sizing for TSN and MMT nodes. The old sizes are retained for upgrades, but new sizes should be used for new deployments. (#370050)

Access to VMs is now restricted to SSH keys only (no password authentication permitted). (OPT-4341)

The minimum supported version of SIMPL is now 6.10.1. (OPT-4677, OPT-4740, OPT-4722, OPT-4726, #207131) This includes different handling of secrets, see Secrets in the SDF for more details.

Made the system-notification-enabled, rhino-notification-enabled, and sgc-notification-enabled configuration options mandatory. Ensure these are specified in snmp-config.yaml. (#270272)

Added support for Rhino Node IDs to be configurable for unclustered VMs, and made this field mandatory. (#235644)

The internal traffic type is now mandatory for unclustered VMs. (#334955)

Added a list of expected open ports to the documentation. (OPT-3724)

Added enter-maintenance-window and leave-maintenance-window commands to rvtconfig to control scheduled tasks. (OPT-4805)

Added a command liveness-check to all VMs for a quick health overview. (OPT-4785)

Added a command rvtconfig report-group-status for a quick health overview of an entire group. (OPT-4790)

Split rvtconfig delete-node-type into rvtconfig delete-node-type-version and rvtconfig delete-node-type-all-versions commands to support different use cases. (OPT-4685)

Added rvtconfig delete-node-type-retain-version command to search for and delete configuration and state related to versions other than a specified VM version. (OPT-4685)

Added rvtconfig calculate-maintenance-window to calculate the suggested duration for an upgrade maintenance window. (#240973)

Added rvtconfig gather-diags to retrieve all diags from a deployment. This has been optimised to gather diags in parallel safely based on the node types alongside disk usage safety checks. (#399682, #454095, #454094)

Added support for Cassandra username/password authentication. (OPT-4846)

system-config.yaml and routing-config.yaml are now fully optional, rather than requiring the user to provide an empty file if they didn’t want to provide any configuration. (OPT-3614)

Added tool mdm_certificate_updater.py to allow the update of MDM certificates on a VM. (OPT-4599)

Added support for configuring SAS connectivity using DNS hostnames. (OPT-4716)

Added a new option for specifying JVM garbage collection settings in node-parameters.yaml. (#358929)

Added extra diagnostics when a VM build fails. (OPT-3938)

Added ability for custom VMs to configure healthcheck-timeout and decommission-timeout. (OPT-4040)

Added some additional validation for build and initconf hook archives. (#219484)

Added the Cassandra nodetool and cqlsh commands to custom VMs. (#315242)

Pooled custom VMs, and those with replication enabled, now assume the Cassandra database used for Rhino persisting resources / replication does not require authentication by default. We strongly recommend that operators deploy VMs with Cassandra authentication enabled. (#341477)

The VMs' infrastructure software now runs on Python 3.9. (OPT-4013, OPT-4210)

All RPMs and Python dependencies updated to the newest available versions.

Updated the linkerd version to 1.7.5. (#360288)

Updated the Cassandra version to 3.11.13. (#255349)

Upgraded PostgreSQL to version 12. (OPT-5022)

Use the Microsoft build of OpenJDK instead of the CentOS OpenJDK. (#255345)

Fixed issue with default gateway configuration.

initconf is now significantly faster. (OPT-3144, OPT-3969)

Added some additional clarifying text to the disk usage alarms. (OPT-4046)

Ensured tasks which only perform configuration actions on the leader do not complete too early. (OPT-3657)

Tightened the set of open ports used for SNMP, linkerd and the Prometheus stats reporter. (OPT-4061, OPT-4058)

Disabled NTP server function on the VMs (i.e. other devices cannot use the VM as a time source). (OPT-4061)

The report-initconf command now returns a meaningful exit code. (DEV-474)

Alarms sent from initconf will have the source value of RVT monitor. (OPT-4521)

Removed unnecessary logging about not needing to clear an alarm that hadn’t been previously raised. (OPT-4752)

Authorized site-wide SSH authorized public keys specified in the SDF on all VMs within the site. (OPT-4729)

Reduced coupling to specific SIMPL VM version, to improve forwards compatibility with SIMPL. (OPT-4699)

Moved initconf.log, mdm-quiesce-notifier.log and bootstrap.log to /var/log/tas, with symlinks from old file paths to new file paths for backwards compatibility. (OPT-4904)

Added the rvt-gather_diags script to all node types.

Increased bootstrap timeout from 5 to 15 minutes to allow time (10 minutes) to establish connectivity to NTP servers. (OPT-4917)

Increase logging from tasks which run continuously, such as Postgres and SSH key management. (OPT-2773)

Avoid a tight loop when the CDS server is unavailable, which caused a high volume of logging. (OPT-4925)

SNMPv3 authentication key and privacy key are now stored encrypted in CDS. (OPT-3822)

Added a 3-minute timeout to the quiesce task runner to prevent quiescing from hanging indefinitely if one of the tasks hangs (OPT-5053)

The report-initconf command now reports quiesce failure separately to quiesce timeout. (#235188)

Added a list of SSH authorized keys for the low-privilege user to the product options section of the SDF. (#259004)

Store the public SSH host keys for VMs in a group in CDS instead of using ssh-keyscan to discover them. (#262397)

Add mechanism to CDS state to support forward-compatible extensions. (#230677)

Logs stored in CDS during quiesce will be removed after 28 days. (#314937)

The VMs are now named "Metaswitch Virtual Appliance". (OPT-3686)

Disabled vCloud guest customizations. (OPT-4548)

Fixed bug where Rhino SLEE state would not be preserved across a Rhino restart. (RHI-6378)

Ignored exceptions thrown when attempting to start the SLEE immediately after it has been started. (OPT-4019)

During upgrades, make the Rhino quiesce stage more efficient by splitting up tasks, and allowing the leader node more time to perform Postgres connection management. Allow 3 attempts to upload logging before continuing. (OPT-4859)

Fixed rare cases where initconf could become stuck on a call to the flushconfiguration command. (OPT-4810)

Ensured Rhino only listens for management commands on the management interface. (OPT-4934)

Moved all Rhino logs to /var/log/tas/rhino. (OPT-4906)

Changed permissions on the log files rhino.log and alarms.csv, so that all users - notably the viewer user - can now read them. (OPT-4906)

Fixed rare failure to converge when a node was booting while a different node was configuring an RA. (OPT-4927)

Updated postgres stop systemd timeout timer to from 60 minutes to 5 minutes. (OPT-5050)

Rhino will no longer restart or stop when PostgreSQL is restarted or stopped via systemctl. (#260638)

Failure to stop Rhino during quiesce will no longer prevent quiesce completing. (#296266)

Removed saving/restoring of OID mappings on nodes running Rhino. OID mappings are static now in Rhino. (OPT-4144)

Fixed an issue around enabling SNMP v3 in Rhino before the credentials had been configured. (#233470)

Removed the seeds_allocation Cassandra table. (OPT-4786)

Added support for repair and cleanup scheduling. Repairs are scheduled for peers after a Cassandra node has been assassinated. Cleanups are scheduled for peers after a TSN recovery. All scheduled actions are run sequentially on each peer node to avoid parallel invocation.

All TSN nodes now check for keyspace availability and schema version agreement. (OPT-5060)

Store Cassandra logs in CDS after quiesce. (OPT-4693)

The CDS replication factor is now proportional to the number of TSN nodes in the cluster. If there are more than 5 TSN nodes in the cluster the replication factor is capped at 5. (OPT-4823)

Increase TSN commissioning timeout to 30 minutes from 20 minutes. (#308746)

Alarms are now raised when the ramdisk Cassandra partition reaches 80% and 90% usage (instead of 90% and 95%). (#338936)

The replication factor is now correctly set to 1 on Cassandra keyspaces in lab deployments with one or two TSN nodes. (#187408)

Fixed rare edge cases where benign extra Postgres connection references were added, or where the leader node could fail to converge due to a change in the set of desired Postgres connections. (OPT-5032)

Fixed an issue with rvt-config upload-config looking in the wrong directory for config files for custom nodes. (#268226)