Release notes


2.0.1

August 20, 2021

Improvement

Pure Storage has upgraded or enhanced the following functionality:

Improvement Number Improvement Description
OC-933 Keycloak is upgraded from version 9.0.2 to 14.0.0, and additional changes are implemented in PX-Central to accommodate the newer Keycloak version. This provides a seamless experience with reduced number of vulnerabilities reported in the earlier versions.

Known Issues (Errata)

Portworx is aware of the following issues, check future release notes for fixes on these issues:

Issue Number Issue Description
OC-1012 While installing PX-Central, the prometheus-pxcentral-prometheus-0 pod gets stuck in the terminating state.

Workaround: Check if the prometheus-pxcentral-prometheus-0 pod is running on other namespaces. If it is, then update the other prometheus deployments (excluding the prometheus operator installed with PX-Central) with the - -namespaces=<namespace> flag, as shown below:
spec:
containers:
- args:
- -namspaces=<namespace>.
PB-1840 After upgrading from the earlier PX-Central version to 2.0.1 with Keycloak or an external OIDC, sign in to OIDC fails.

Workaround: Clear your browser cache, and then sign in.

2.0.0

July 30, 2021

New features

PX-Central Lighthouse includes the following UI and functionality enhancements:

  • Drag-and-drop function in the Add License window to add your licenses using your license key file to PX-Central.
  • Assign your license server to the existing cluster using the Set License Server option in the Licenses page.
  • Set cluster security while adding a cluster using the new Portwork Security options (None, Token, OIDC).
  • Updated UI for managing, editing, and removing schedule policies from PX-Central.
  • Updated UI for the Cluster Info, Volume Info, Node Info, and the Volume Analyzer windows.
  • Updated graphical representation of nodes in the cluster details page.

For more information about the updates, see the Add license, Add cluster, Monitor clusters, View cloud snapshots topics.

  • Upgrade PX-Central using a single chart: The PX-Central 2.0.0 includes only the px-central chart using which you can upgrade all three PX-Central components (PX-Backup, License Server, and Monitoring Service). For more information about the upgrade procedure, see Upgrading PX-Central from versions 1.2.x to 2.0.0 topic.

Improvements

Pure Storage has upgraded or enhanced functionality in the following areas:

Improvement Number Improvement Description
OC-303 You can now drag and drop the kubeconfig file to add a cluster.
OC-578 You can now view node related alerts using the Alerts button in the new Node Info window.
OC-597 In the cluster details page, the panel to view all nodes, active nodes, and down nodes has been removed.
OC-603 A search box is now available to filter nodes using hostname and IP. There are also dropdown menus available to filter by region and node status.
OC-655 You can add a secured Portworx cluster to Lighthouse, which now supports Token or OIDC based authentication.
OC-784 If you are in an air-gapped enironment, you can now push the PX-Backup, License server, and Monitoring services images into your repository.
OC-856 PX-Central now provides inbuilt support to add cloud Kubernetes clusters running on AWS (EKS) and GCP (GKE)in Lighthouse and enable metrics, without installing PX-Backup.
OC-871 The PX-Central Redhat nginx front end base image is changed to ubi/ nginx.
OC-912 You can now update the following Volume properties:
  • Size
  • High Availability (HA) level
  • Add and Remove snapshot policies
OC-915 In the Cloud Snapshots page, the cloud credentials list is changed to a dropdown list. Selecting the dropdown list displays all cloud snapshots, by default.
OC-918 The Switch to Cloud Snapshots tab is now replaced with a button.
OC-969 You can now perform case insensitive and substring searches using the Search box.

Fixes

Pure Storage has fixed the following issues:

Issue Number Issue Description
OC-529 Cannot override license server endpoints.

User Impact: Users were unable to install license server by providing the host name of main node and backup node.

Resolution: Similar to IP, you can provide the host name of the license server main node and backup node while enabling license server.
For example:
--set pxlicenseserver.enabled=true,pxlicenseserver.mainNodeIP=ip-70-0-15-33.brbnca.spcsdns.net,pxlicenseserverbackupNodeIP=ip-70-0-29-208.brbnca.spcsdns.net
OC-569 Cannot specify nodes while installing or enabling PX-Central using Helm.

User Impact: Unable to select nodes using the nodeSelector flag while installing PX-Central using Helm.

Resolution: While enabling or installing PX-Backup and monitoring service, you can select nodes using the nodeAffinityLabel flag. If the nodes are labelled with px/central key, then you can set the following helm parameter:
--setnodeAffinityLabel=px/central
OC-576 If there are numerous nodes, then they get wrapped up to the next line in the cluster details page.

User Impact: Added nodes do not appear properly.

Resolution: A carousel is added to display numerous nodes in the cluster.
OC-588 PX-Central services are automatically configured with LoadBalancer and/or NodePort while deploying PX-Central or PX-Backup.

User Impact: Cannot configure all PX-Central services explicitly as the ClusterIP.

Resolution: While installing or upgrading PX-Central chart, you can set up the services according to your environment using the following command:
--set service.pxBackupUIServiceType=ClusterIP,service.grafanaServiceType=ClusterIP,service.cortexNginxServiceType=ClusterIP
OC-594 After adding a cluster, when you select the View metrics icon, it launches Grafana using http, instead https

User Impact: Redirection to Grafana fails with SSL enabled for monitoring service.

Resolution: Support for providing the certificates is now available using a secret and Grafana deployment is successful:
  1. Create the secret
  2. kubectl -npx-central create secret tls cert-secret --key ${KEY_FILE} --cert ${CERT_FILE}
  3. Set the following while enabling px-monitor: --set caCertsSecretName=cert-secret
OC-679 The pxcentral-cortex-nginx and pxcentral-grafana services are part of the PX-Central chart, and created when you install monitoring service.

User Impact: Since the pxcentral-cortex-nginx and pxcentral-grafana services are a prerequisite for monitoring service, these services are installed along with PX-Central even if you do not install monitoring service.

Resolution: Only the monitoring service is installed when the pxcentral-cortex-nginx and pxcentral-grafana services are enabled.
OC-742 When you install PX-Backup, the pxcentral-backend and px central-frontend pods do not start.

User Impact: The px-backup chart fails on Kubernetes version 1.21.

Resolution: The PX-Central installation now supports Kubernetes versions from 1.16 to 1.21.
OC-746 The cassandra pods do not follow the node affinity rules.

User Impact: If px-monitor is installed with node affinity rules, then cassandra pods do not follow the node affinity rules.

Resolution: Similar to the other monitoring service components, cassandra pods follow the node selector rules that you can set using the nodeAffinityLabel flag.
OC-758 If the Kubernetes cluster is using CIDR that does not comply with the RFC-6890 standard, then the Consul does not start.
Following are the accepted IP ranges:
  • 10.0.0.0/8 - RFC 1918 IPv4 private network address
  • 100.64.0.0/10 - RFC 6598 IPv4 shared address space
  • 127.0.0.0/8 - RFC 1122 IPv4 loopback address
  • 169.254.0.0/16 - RFC 3927 IPv4 link local address
  • 172.16.0.0/12 - RFC 1918 IPv4 private network address
  • 192.0.0.0/24 - RFC 6890 IPv4 IANA address
  • 192.0.2.0/24 - RFC 5737 IPv4 documentation address
  • 192.168.0.0/16 - RFC 1918 IPv4 private network address
  • ::1/128 - RFC 1884 IPv6 loopback address
  • fe80::/10 - RFC 4291 IPv6 link local addresses
  • fc00::/7 - RFC 4193 IPv6 unique local addresses
  • fec0::/10 - RFC 1884 IPv6 site-local addresses
  • 2001:db8::/32 - RFC 3849 IPv6 documentation address
User Impact: The pxcentral-cortex-consul and pxcentral-cortex-alertmanager pods of px-monitor crashloop if the pod IP is not RFC-6890 standard.

Resolution: While enabling px-monitor, set the following two Helm parameters:
  • pxmonitor.consulBindInterface=“eth0”
  • pxmonitor.cortex.alertmanager.advertiseAddress=“pod_ip

Known Issues (Errata)

Portworx is aware of the following issues, check future release notes for fixes on these issues:

Issue Number Issue Description
OC-748 The px-backup-ui service will be deprecated in the future PX-Central versions.

User Impact: No user impact in the PX-Central 2.0.0 version. It may occur in the future version.

Recommendation: In the future PX-Central versions, use the px-central-ui service to access the UI.
OC-867 Timeout error when high volume of nodes and volumes connect to the Lighthouse at the same time.

User Impact: PX-Central displays a timeout error when the number of volumes and nodes try to connect the Lighthouse at the same time.

Recommendation: Refresh Lighthouse and wait for the volumes and nodes to load.
OC-879 When you add a cluster with metrics enabled, PX-Central displays the following error:

Cannot get Kubernetes Version, please check KubeConfig provide valid kubeconfig: Get 127.0.0.1:6443/version?timeout=32s: dial tcp 127.0.0.1:6443: connect: connection refused

User Impact: Unable to add a cluster with metrics enabled, because in the kubeconfig the server IP points to 127.0.0.1:6443.

Recommendation: Update the server IP 127.0.0.1:6443 with master IP https://:6443 in the kubeconfig.
OC-977 For the PX-License-Server, the UPDATED ON field is empty in the Service Status page.

User Impact: When you log in to PX-Central and navigate to the Service Status page, the UPDATED ON field for PX-License-Server is empty. You cannot view the last updated details for license server.

Recommendation: Disable license server and enable it again to view the last updated details.

Last edited: Tuesday, Aug 31, 2021