Release notes


2.2.1

July 22, 2022

This release provides a seamless experience with a reduced number of vulnerabilities reported in the earlier versions.

Known Issues (Errata)

Pure Storage is aware of the following issues, check future release notes for fixes on these issues:

Issue Number Issue Description
OC-1206 In an air-gapped cluster, you must expose the Portworx service using loadbalancer and the service should be reachable from within a pod (for example, backend or middleware).
OC-1219 After deploying PX-Central on AWS EKS cluster, you cannot add a cluster in PX-Central.

Workaround: To add a cluster:
  1. Generate kubeconfig using the kubectl config view --flatten --minify command.
  2. In generated kubeconfig, modify the value of apiVersion under exec from v1beta1 to v1alpha1. For example:
    exec:
    apiVersion: client.authentication.k8s.io/v1alpha1
  3. Specify AWS EKS credentials and other values, and then verify the cluster.
OC-1239 Post-install job pod during PX-Central installation and upgrade will fail, if the nodes contain dangling container images without Name.

Workaround: Clean up the dangling containers with Name from all worker nodes, before starting to install or upgrade PX-Central.
OC-1247 After the Helm upgrade from PX-Central version 2.2.0 to 2.2.1, sometimes, the Cassandra pods can go out of quorum. This will lead to cortex failures, where the pods go to CrashLoopBackOff state.

NOTE: Run the kubectl command with the nodetool parameter to check the quorum status. For example:
  • kubectl -n <namespace> exec -it pxcentral-cortex-cassandra-0 -- nodetool status
  • kubectl -n <namespace> exec -it pxcentral-cortex-cassandra-1 -- nodetool status
  • kubectl -n <namespace> exec -it pxcentral-cortex-cassandra-2 -- nodetool status

If the output does not include all the Cassandra pod IPs or any one of the IP is in Down state (DN), then it is considered to be in out of quorum.

Workaround: Perform the following procedure to achieve quorum in Cassandra and bring back the pods:
  1. Scale down the Casandra STS to 0, and wait for all the Cassandra pods to be removed:
    kubectl -n <namespace> scale sts pxcentral-cortex-cassandra --replicas=0
  2. Scale up the Casandra STS to 3, and wait for all the Cassandra pods to be up and ready:
    kubectl -n <namespace> scale sts pxcentral-cortex-cassandra --replicas=3
  3. Upgrade Helm again to complete the process.

2.2.0

May 04, 2022

This release provides a seamless experience with a reduced number of vulnerabilities reported in the earlier versions.

Note: From this release, you cannot directly upgrade from the PX-Central 1.2.x versions to 2.2.0. So, the etcd backup store is removed from required list of images in PX-Central.

Fixes

Pure Storage has fixed the following issues:

Issue Number Issue Description
OC-1157 There were issues in deploying PX-Monitoring service and Cassandra pods being placed on same nodes.

User Impact: Cassandra and other pods running on the same nodes cause deployment and memory consumption issues.

Resolution: PX-Central now supports the podAntiAffinity=true helm parameter, using which you can place a maximum of one pod per node for statefulsets and deployments having more than one replicas.

2.1.2

March 01, 2022

This release provides a seamless experience with a reduced number of vulnerabilities reported in the earlier versions.

Known Issue (Errata)

Pure Storage is aware of the following issue, check future release notes for fixes on this issue:

Issue Number Issue Description
OC-1136 Only a maximum of 20 license clients are visible on the PX-Central License -> License Entitlements -> Details page. This issue occurs, because the data from the license server is sent in batches of 20, and the PX-Central UI currently does not support pagination to display more than 20 records.

Fixes

Pure Storage has fixed the following issues:

Issue Number Issue Description
OC-1101 Unable to clone the restored volumes using the PX-Central UI.

User Impact: When you clone restored volumes from the PX-Central UI, the clone operation fails with the error Unable to create snapshot: Snapshot has labels match internal snapshot format for cloudsnaps, please specify different labels.

Resolution: Use the pxctl version 2.10.0 to clone restored volumes from the PX-Central UI.
OC-1114 Cannot add the remote cluster with px-operator versions 1.6.0 and above to PX-Central.

User Impact: You cannot view the statistics of remote px-cluster in PX-Central Grafana dashboard.

Resolution: Clusters now include the px-operator 1.6.0 and higher versions, and you can also add the px-operator to PX-Central for monitoring the statistics.
OC-1124 When you install PX-Backup, for the first time, using the PX-Central spec gen wizard by selecting Cloud as your environment and leaving the Storage Class Name field empty,then PX-Central takes the default storage class during the deployment. If you enter a value in the Storage Class Name field during an upgrade, and install PX-Backup, then the deployment fails.

User Impact: If you installed PX-Backup without specifying the storage class in the PX-Central spec gen wizard, then you must not enter the storage class name while upgrading too.

Resolution: PX-Central spec gen wizard enables you to install and upgrade using the default storage class.
OC-1125 When you set the Pod Security Policy (PSP) to run the pods as NonRootUser, PX-Central deployment fails as some pods do not come up.

User Impact: You cannot install PX-Central due to this issue.

Resolution: The default securityContext is now enabled in PX-Central, which you can also specify from values.yaml file.
OC-1128 Cannot add the remote px-cluster with px-operator deployed in any namespaces other than kube-system to PX-Central.

User Impact: You cannot view that statistics of remote px-cluster in the PX-Central Grafana dashboard.

Resolution: You can now add px-cluster with px-operator deployed in any namespace to PX-Central.
OC-1134 Unable to set license to the px-cluster in PX-Central with PX-Security enabled.

User Impact: On the px-cluster cluster, administrator token is mandatory to apply license and to interact with the license server.

Resolution: You can now set license on the px-cluster.
OC-1140 Cannot add the remote Kubernetes version 1.22 cluster to PX-Central.

User Impact: You cannot view the statistics of remote px-cluster in PX-Central Grafana dashboard.

Resolution: You can now add the remote Kubernetes version 1.22 cluster to PX-Central and monitor the statistics.
OC-1147 Supporting service annotations were missing with helm install and upgrade.

User Impact: You cannot set an internal service of type LoadBalancer.

Resolution: The values.yaml now supports setting annotations on the exposed services, which helps to set the internal LoadBalancer service too.

2.1.1

January 19, 2022

This release provides a seamless experience with a reduced number of vulnerabilities reported in the earlier versions.

Known Issues (Errata)

Portworx is aware of the following issues, check future release notes for fixes on these issues:

Issue Number Issue Description
OC-1104 In GKE, if the volumes are spread across different regions, while scheduling the pod for Grafana during helm install, PX-Central fails to start since pod only spins up where the volume exists and causes a conflict.

Workaround: Create the storage class using the volumeBindingMode: WaitForFirstConsumer parameter, instead of the volumeBindingMode: Immediate parameter. This helps to start pod with multiple volume spread across regions.
OC-1114 Adding a remote cluster to PX-Central for monitoring with Portworx installed with portworx-operator version 1.6.0 or above will fail.

Workaround: Edit the storagecluster in the remote cluster by adding the remotewriteendpoint parameter in the monitoring section. For example:

monitoring:
 prometheus:
  enabled: true
  exportMetrics: true
  remoteWriteEndpoint: <central_endpoint>/cortex.

Replace the <central_endpoint> with the URL to access PX-Central.

2.0.1

August 20, 2021

Improvement

Pure Storage has upgraded or enhanced the following functionality:

Improvement Number Improvement Description
OC-933 Keycloak is upgraded from version 9.0.2 to 14.0.0, and additional changes are implemented in PX-Central to accommodate the newer Keycloak version. This provides a seamless experience with reduced number of vulnerabilities reported in the earlier versions.

Known Issues (Errata)

Portworx is aware of the following issues, check future release notes for fixes on these issues:

Issue Number Issue Description
OC-1012 While installing PX-Central, the prometheus-pxcentral-prometheus-0 pod gets stuck in the terminating state.

Workaround: Check if the prometheus-pxcentral-prometheus-0 pod is running on other namespaces. If it is, then update the other prometheus deployments (excluding the prometheus operator installed with PX-Central) with the - -namespaces=<namespace> flag, as shown below:
spec:
containers:
- args:
- -namspaces=<namespace>.
PB-1840 After upgrading from the earlier PX-Central version to 2.0.1 with Keycloak or an external OIDC, sign in to OIDC fails.

Workaround: Clear your browser cache, and then sign in.

2.0.0

July 30, 2021

New features

PX-Central Lighthouse includes the following UI and functionality enhancements:

  • Drag-and-drop function in the Add License window to add your licenses using your license key file to PX-Central.
  • Assign your license server to the existing cluster using the Set License Server option in the Licenses page.
  • Set cluster security while adding a cluster using the new Portwork Security options (None, Token, OIDC).
  • Updated UI for managing, editing, and removing schedule policies from PX-Central.
  • Updated UI for the Cluster Info, Volume Info, Node Info, and the Volume Analyzer windows.
  • Updated graphical representation of nodes in the cluster details page.

For more information about the updates, see the Add license, Add cluster, Monitor clusters, View cloud snapshots topics.

  • Upgrade PX-Central using a single chart: The PX-Central 2.0.0 includes only the px-central chart using which you can upgrade all three PX-Central components (PX-Backup, License Server, and Monitoring Service). For more information about the upgrade procedure, see Upgrading PX-Central from versions 1.2.x to 2.0.0 topic.

Improvements

Pure Storage has upgraded or enhanced functionality in the following areas:

Improvement Number Improvement Description
OC-303 You can now drag and drop the kubeconfig file to add a cluster.
OC-578 You can now view node related alerts using the Alerts button in the new Node Info window.
OC-597 In the cluster details page, the panel to view all nodes, active nodes, and down nodes has been removed.
OC-603 A search box is now available to filter nodes using hostname and IP. There are also dropdown menus available to filter by region and node status.
OC-655 You can add a secured Portworx cluster to Lighthouse, which now supports Token or OIDC based authentication.
OC-784 If you are in an air-gapped enironment, you can now push the PX-Backup, License server, and Monitoring services images into your repository.
OC-856 PX-Central now provides inbuilt support to add cloud Kubernetes clusters running on AWS (EKS) and GCP (GKE)in Lighthouse and enable metrics, without installing PX-Backup.
OC-871 The PX-Central Redhat nginx front end base image is changed to ubi/ nginx.
OC-912 You can now update the following Volume properties:
  • Size
  • High Availability (HA) level
  • Add and Remove snapshot policies
OC-915 In the Cloud Snapshots page, the cloud credentials list is changed to a dropdown list. Selecting the dropdown list displays all cloud snapshots, by default.
OC-918 The Switch to Cloud Snapshots tab is now replaced with a button.
OC-969 You can now perform case insensitive and substring searches using the Search box.

Fixes

Pure Storage has fixed the following issues:

Issue Number Issue Description
OC-529 Cannot override license server endpoints.

User Impact: Users were unable to install license server by providing the host name of main node and backup node.

Resolution: Similar to IP, you can provide the host name of the license server main node and backup node while enabling license server.
For example:
--set pxlicenseserver.enabled=true,pxlicenseserver.mainNodeIP=ip-70-0-15-33.brbnca.spcsdns.net,pxlicenseserverbackupNodeIP=ip-70-0-29-208.brbnca.spcsdns.net
OC-569 Cannot specify nodes while installing or enabling PX-Central using Helm.

User Impact: Unable to select nodes using the nodeSelector flag while installing PX-Central using Helm.

Resolution: While enabling or installing PX-Backup and monitoring service, you can select nodes using the nodeAffinityLabel flag. If the nodes are labelled with px/central key, then you can set the following helm parameter:
--setnodeAffinityLabel=px/central
OC-576 If there are numerous nodes, then they get wrapped up to the next line in the cluster details page.

User Impact: Added nodes do not appear properly.

Resolution: A carousel is added to display numerous nodes in the cluster.
OC-588 PX-Central services are automatically configured with LoadBalancer and/or NodePort while deploying PX-Central or PX-Backup.

User Impact: Cannot configure all PX-Central services explicitly as the ClusterIP.

Resolution: While installing or upgrading PX-Central chart, you can set up the services according to your environment using the following command:
--set service.pxBackupUIServiceType=ClusterIP,service.grafanaServiceType=ClusterIP,service.cortexNginxServiceType=ClusterIP
OC-594 After adding a cluster, when you select the View metrics icon, it launches Grafana using http, instead https

User Impact: Redirection to Grafana fails with SSL enabled for monitoring service.

Resolution: Support for providing the certificates is now available using a secret and Grafana deployment is successful:
  1. Create the secret
  2. kubectl -npx-central create secret tls cert-secret --key ${KEY_FILE} --cert ${CERT_FILE}
  3. Set the following while enabling px-monitor: --set caCertsSecretName=cert-secret
OC-679 The pxcentral-cortex-nginx and pxcentral-grafana services are part of the PX-Central chart, and created when you install monitoring service.

User Impact: Since the pxcentral-cortex-nginx and pxcentral-grafana services are a prerequisite for monitoring service, these services are installed along with PX-Central even if you do not install monitoring service.

Resolution: Only the monitoring service is installed when the pxcentral-cortex-nginx and pxcentral-grafana services are enabled.
OC-742 When you install PX-Backup, the pxcentral-backend and px central-frontend pods do not start.

User Impact: The px-backup chart fails on Kubernetes version 1.21.

Resolution: The PX-Central installation now supports Kubernetes versions from 1.16 to 1.21.
OC-746 The cassandra pods do not follow the node affinity rules.

User Impact: If px-monitor is installed with node affinity rules, then cassandra pods do not follow the node affinity rules.

Resolution: Similar to the other monitoring service components, cassandra pods follow the node selector rules that you can set using the nodeAffinityLabel flag.
OC-758 If the Kubernetes cluster is using CIDR that does not comply with the RFC-6890 standard, then the Consul does not start.
Following are the accepted IP ranges:
  • 10.0.0.0/8 - RFC 1918 IPv4 private network address
  • 100.64.0.0/10 - RFC 6598 IPv4 shared address space
  • 127.0.0.0/8 - RFC 1122 IPv4 loopback address
  • 169.254.0.0/16 - RFC 3927 IPv4 link local address
  • 172.16.0.0/12 - RFC 1918 IPv4 private network address
  • 192.0.0.0/24 - RFC 6890 IPv4 IANA address
  • 192.0.2.0/24 - RFC 5737 IPv4 documentation address
  • 192.168.0.0/16 - RFC 1918 IPv4 private network address
  • ::1/128 - RFC 1884 IPv6 loopback address
  • fe80::/10 - RFC 4291 IPv6 link local addresses
  • fc00::/7 - RFC 4193 IPv6 unique local addresses
  • fec0::/10 - RFC 1884 IPv6 site-local addresses
  • 2001:db8::/32 - RFC 3849 IPv6 documentation address
User Impact: The pxcentral-cortex-consul and pxcentral-cortex-alertmanager pods of px-monitor crashloop if the pod IP is not RFC-6890 standard.

Resolution: While enabling px-monitor, set the following two Helm parameters:
  • pxmonitor.consulBindInterface=“eth0”
  • pxmonitor.cortex.alertmanager.advertiseAddress=“pod_ip

Known Issues (Errata)

Portworx is aware of the following issues, check future release notes for fixes on these issues:

Issue Number Issue Description
OC-748 The px-backup-ui service will be deprecated in the future PX-Central versions.

User Impact: No user impact in the PX-Central 2.0.0 version. It may occur in the future version.

Recommendation: In the future PX-Central versions, use the px-central-ui service to access the UI.
OC-867 Timeout error when high volume of nodes and volumes connect to the Lighthouse at the same time.

User Impact: PX-Central displays a timeout error when the number of volumes and nodes try to connect the Lighthouse at the same time.

Recommendation: Refresh Lighthouse and wait for the volumes and nodes to load.
OC-879 When you add a cluster with metrics enabled, PX-Central displays the following error:

Cannot get Kubernetes Version, please check KubeConfig provide valid kubeconfig: Get 127.0.0.1:6443/version?timeout=32s: dial tcp 127.0.0.1:6443: connect: connection refused

User Impact: Unable to add a cluster with metrics enabled, because in the kubeconfig the server IP points to 127.0.0.1:6443.

Recommendation: Update the server IP 127.0.0.1:6443 with master IP https://:6443 in the kubeconfig.
OC-977 For the PX-License-Server, the UPDATED ON field is empty in the Service Status page.

User Impact: When you log in to PX-Central and navigate to the Service Status page, the UPDATED ON field for PX-License-Server is empty. You cannot view the last updated details for license server.

Recommendation: Disable license server and enable it again to view the last updated details.

Last edited: Friday, Jul 22, 2022