1.2.10 - February 14th 2023

Version 1.2.10 (14FEB2023)

• Overall

  • [SECURITY] Disabled the automounting of API credentials for all serviceAccount resources associated with deployed
    components. Automounting of credentials is now enabled at the pod level in a small number of cases (Event Router,
    Fluent Bit, Kube State Metrics and Prometheus Operator) where needed to support required functionality. If necessary,
    these changes can be disabled by setting the SEC_DISABLE_SA_TOKEN_AUTOMOUNT environment variable to 'false'.

• Logging

  • [UPGRADE] Moved to OpenSearch and OpenSearch Dashboards version 2.4.1. As part of this change,
    an initContainer (fsgoup-volume - used to run a chown command) and the Performance Analyzer agent
    (which ran alongside OpenSearch) were disabled. Both can be re-enabled, if necessary, by setting
    keys in your $USER_DIR/ user-values-opensearch.yaml file.
  • [CHANGE] The TLS samples, both with host-based and path-based ingress, were modified to work with
    OpenSearch Dashboards 2.4.1.
  • [FIX] On OpenShift, the deployment order of OpenSearch and OpenSearch Dashboards was reversed to resolve a timing
    issue related to the shared serviceAccount.
  • [UPGRADE] Introduced new experimental getlogs script written in python, to retrieve Opensearch logs with filters and save to a file.
  • [UPGRADE] Fluent Bit has been upgraded from version 1.9.9 to 2.0.8

1.2.9 - January 17th 2023

Version 1.2.9 (17JAN2023)

• Overall

  • [FEATURE] Added a new script, renewal-tls-certs.sh, which handles renewing TLS certificates autogenerated during the deployment process, and, restarts application pods to pick up renewed certificates. The script can also be used to restart application pods for organization using their own custom certs.

• Metrics

  • [FEATURE] Added link to the SAS Viya Monitoring for Kubernetes Help Center page on the Welcome screen in Grafana
  • [FEATURE] Add new 'SAS Micro Analytic Service' dashboard to Grafana
  • [FIX] Eliminated 'Templating'/'Datasource not found' error in Grafana PostgreSQL Database dashboard

• Logging

  • [FIX] - Improved handling of log messages from RabbitMQ and Consul

1.2.8 - December 13th 2022

Version 1.2.8 (13DEC2022)

• Overall

  • [ANNOUNCEMENT] - The documentation for this project has been redesigned and is now located in the SAS Viya Monitoring for Kubernetes Help Center. 
    A limited amount of documentation, primarily related to experimental features, remains available as markdown files in the project repo.

• Metrics

  • [FIX] - Restored various container-related metrics that were being filtered out after an update.
  • [FIX] - Restore metrics after move to Crunchy Data v.5
  • [FIX] - Data source created by the create_logging_datasource script no longer shows a depreciation notice.

• Logging

  • [FIX] - Limited Access User Can NOT Generate CSV via OpenSearch Dashboards Reporting

1.2.7 - December 2nd 2022

Version 1.2.7 (02DEC2022)

• Logging
  • [FIX] - Pin to specific Helm chart version (4.15.1) in logging/bin/deploy_esexporter.sh
  • [UPGRADE] - Fluent Bit has been upgraded from version 1.9.6 to 1.9.9

1.2.6 - November 15th 2022

Version 1.2.6 (15NOV2022)

• Metrics

  • [FIX] - Remove v4m-kubelet service when removing cluster-level metric monitoring components
  • [FIX] - Added patch for API Token that caused the deploy_monitoring_openshift script to fail during deployment.

• Logging

  • [FIX] Updated Fluent Bit processing to handle log messages from Crunchy Data version 5
  • [FIX] Updated Fluent Bit configuration to use Allowlist_key instead of Whitelist_key modifier as it has been deprecated and is ignored.

1.2.5 - November 4th 2022

Version 1.2.5 (04NOV22)

• Metrics
  • [SECURITY] Upgraded metrics monitoring components to address CVE-2022-37434
  • [DEPRECATION] For security reasons, access to Prometheus and AlertManager via NodePort is no longer enabled by default. Set the environment variable PROM_NODEPORT_ENABLE=true to replicate previous behavior.
  • [UPGRADE] - Kube-prometheus-stack has been upgraded from version 36.6.1 to 41.7.3
  • [UPGRADE] - Prometheus has been upgraded from version 2.36.2 to 2.39.0
  • [UPGRADE] - Prometheus Operator has been upgraded from version 0.57.0 to 0.60.0
  • [UPGRADE] - Grafana has been upgraded from version 9.0.3 to 9.2.3
  • [UPGRADE] - Kube State Metrics has been upgraded from version 2.5.0 to 2.6.0
  • [UPGRADE] - K8s-sidecar used with Grafana has been upgraded from 1.19.2 to 1.19.5
  • [UPGRADE] - TLS Proxy sidecar (ghostunnel) for monitoring components has been upgraded from 1.6.1 to 1.7.0

1.2.4 - October 18th 2022

Version 1.2.4 (18OCT22)

• Overall

  • [CHANGE] Support for Kubernetes 1.21 has been dropped.
  • [FIX] Updated the Dockerfile so that the subdirectories are preserved in the Docker container.

• Metrics

  • [FIX] Added Service Monitor definition to permit metric collection from OpenSearch instance within individual SAS Viya deployments.
  • [FIX] Customizations in the user-values-prom-operator.yaml file under the alertmanagerSpec will now be applied correctly.

• Logging

  • [UPGRADE] Opensearch and Opensearch Dashboards has been upgraded from 1.32 to 1.35
  • [UPGRADE] Elasticsearch Exporter has been upgraded from 1.2.1 to 1.5.0

1.2.3 - September 20th 2022

Version 1.2.3 (20SEP22)

• Overall

  • [FEATURE] - The V4M container now includes OpenSSL so that you can run the deployment with TLS.
  • [FEATURE] - IMAGE_INVENTORY.md file now includes init containers that are used in the project.
  • [FIX] - A temporary file created when using OpenSSL for TLS certificate generation is no longer left behind after certs are generated

• Metrics

  • [UPGRADE] - Kube-prometheus-stack has been upgraded from version 32.0.0 to 36.6.1
  • [UPGRADE] - Prometheus has been upgraded from version 2.33.1 to 2.36.2
  • [UPGRADE] - Prometheus Operator has been upgraded from version 0.54.0 to 0.57.0
  • [UPGRADE] - Grafana has been upgraded from version 8.4.1 to 9.0.3
  • [UPGRADE] - AlertManager has been upgraded from version to 0.24.0
  • [UPGRADE] - Kube State Metrics has been upgraded from version 2.3.0 to 2.5.0
  • [UPGRADE] - PushGateway has been upgraded from version 1.4.2 to 1.4.3

• Logging

  • [UPGRADE] - Fluent Bit has been upgraded from version 1.8.7 to 1.9.6
  • [FIX] - Removed unnecessary retrieval of the OpenSearch 'admin' credentials from logging/bin/deploy_osd.sh

1.2.2 - August 16 2022

Version 1.2.2 (16AUG22)

• Overall

  • [CHANGE] - The 'master' branch of the project repository was renamed to "main".

• Metrics

  • [CHANGE] - Added 'sas-viya' and 'sas-workload-orchestrator' tags to the two SAS Launched Jobs dashboards in Grafana.
  • [CHANGE] - Support for tenant-level metric monitoring (specifically, deploying tenant-level instances of Prometheus and Grafana) has been moved to "experimental" status. This reflects concerns about its architecture, scalability and supportability.

• Logging

  • [CHANGE] - The documentation about log monitoring has been extensively revised and relocated to the SAS Viya Administration Help Center. The affected markdown-based documentation files stored in this repository have been updated to point to the new documentation location.
  • [FIX] - OpenSearch tenant-level indexes with apparently missing tenant information (i.e. index names fitting the pattern "viya_logs-myviya-____-2022-07-23") were being created rather than storing some log messages in namespace-level indexes.
  • [FIX] - A change in the container name used by SAS CAS Server resulted in some log messages not being stored in the right OpenSearch index.

1.2.1 - July 19 2022

Version 1.2.1 (19JUL22)

• Monitoring

  • [FEATURE] - change_grafana_admin_password script has been created to change the Grafana admin password.
  • [FIX] - Fixed issue where the logging data source would not be successfully created if you changed the Grafana admin password using the kubectl exec command provided at the end of the monitoring deployment tasks.
  • [FIX] - Fixed a bug where the Viya monitoring deployment script would not remove older, v4m-viya Helm chart.

• Logging

  • [CHANGE] The es_nodeport_enable.sh and es_nodeport_disable.sh scripts used to enable and disable access to OpenSearch via NodePort, respectively, have been replaced with bin/configure_nodeport.sh which includes additional functionality. See Configure Access Via NodePorts.
  • [CHANGE] Completed various clean-up tasks and tweaks related to the move to OpenSearch. The order in which the log monitoring components are deployed has been modified to reduce start-up time and increase reliability. Logic related to creating access controls has been moved to deploy_opensearch_content.sh (rather than deploy_osd_content.sh). Message text has been revised to eliminate references to Elasticsearch and Kibana, replacing them (as appropriate) with references to OpenSearch and OpenSearch Dashboards (respectively).