zCompute R8 Release Notes¶
This document describes the Zadara Compute (zCompute) release notes. These release notes contain important information available at the time of the release. New features, important bug fixes, known limitations are addressed here.
Release R8 is an enhancement release to the previous Zadara R7 release which includes scalability, security, usability improvements, new features and bug fixes.
The following section will breakdown the additions and updates to the Zadara Compute Cloud platform (zCompute).
R8 (V21.6.0) - Release Highlights¶
CentOS 8 has been added to the zCompute Machine Images Marketplace¶
Following customer requests, we added a link to download CentOS 8 to our marketplace.
The nginx SSL certificate can now be replaced via the API or UI¶
MSPs that have cloud administration rights can now easily update the nginx SSL certificate via the API or UI, without the need to contact Zadara support.
Go to configuration -> Cluster certificates. You’ll see the default self signed certificate To upload the certificate just click the + button and upload the public certificate and private key.
Certificate - The certificate file is the end-user certificate for your domain which you received from the certificate authority. Drop the certificate file in the designated area, -or- Browse to the location.
Private Key - The private key file is the file which contains the private key which matches your certificate. Drop the private key file in the designated area, -or- Browse to the location.
Private Key Passphrase - In case the private key is encrypted by password, the passphrase should be specified in this field, otherwise the field should be omitted.
On certificate creation the cluster will validate that the certificate is not expired. After creating the certificate, it can be installed by selecting it and clicking “Install”.
Known issues: The certificate can’t be updated while there are nodes in maintenance or in failed states and therefore unreachable. There is a GUI validation to prevent certificate change in these cases.
Cluster certificate operation validates nodes are active before starting
The granularity of the protection plan can now be set in minutes¶
Force delete vm-snapshot with timer based on snapshot creation¶
The UI now contains a force delete button action to terminate stuck snapshots. Note that when creating a snapshot between different storage pools is an operation that may take a long time. To prevent premature attempts to delete snapshots that may succeed the button is grayed out until a 10 minute timer has been completed.
Clear indication added for incompatible instance sizes¶
Users are now allowed to create an instance type of any size, even when the size is larger than the node’s size (RAM or CPU). However, both the UI and API indicate the instance type is incompatible with the hardware size.
lbaas-manager and Core DNS image updates¶
A new load balancer and core DNS engine images have been created to account for bug fixes that were carried out. Once the first phase of the upgrade is done, the admin needs to go to the upgrade panel and click upgrade all engines (no screenshot attached). Once image upgrade is done and the engines are updated all the users that have LBAAS and core DNS instances will see that updates are ready
Notable Bug Fixes and Other Changes¶
After refresh on the account page, the Enforce MFA always looked unenforced¶
What was fixed
The status now always reflects the actual setting
After a long network disconnect, DNS and LBAAS go into an error state¶
What was fixed Fixed issue where after a long disconnect, managed services fail to refresh state and lose the state. Relevant for CoreDNS (VPC) and LBAAS
Workaround for pre-R8 In order to fix it in the field, identify the VMs supporting the service and restart the service VMs from the symp CLI.
R7 (V21.4.0) - Key Enhancements¶
VPSA based VM and Volume DR¶
zCompute can now orchestrate the protection and restore of individual Instances and Volumes between two zCompute systems connected to different VPSAs. The data transfer is done using VPSA volume mirroring between sites, and zCompute has enhanced the protection plans capability to support setting of mirroring on the volumes and to place the required metadata for restoration on an NFS share on the destination VPSA.
Self service password reset¶
Users can reset their passwords directly from the login page using the “Forgot your password?”.
Added support for virtual network appliances within a VPC¶
Some virtual network appliances are either a virtual firewall that requires full control of the traffic coming in/out of the interface, or may be a VPN appliance that has extra IPs representing the client endpoints.
To support the above, there are now two new settings:
Enable/Disable Source/Dest Check - which only controls the L3 IP check. Item 3 above. (This operation can be done by any tenant member)
Enable/Disable Port security. This one can only be set by MSP or Cloud admins.
The options were added to the security groups settings of the interface
Improve VNC console security¶
Starting of R7 version, users must explicitly allow Zadara administrators or MSP administrators to connect to the VM VNC, otherwise only users from the same project can access the VM VNC.
Auto-populate instance name as a DNS record¶
When creating a new instance from the Management user interface, the DNS name field in the VM creation wizard will auto populate the VM name as the DNS name.
VPC deletion wizard¶
A VPC is a construct with many sub resources and/or attached resources. A VPC deletion wizard was added to easily delete a VPC and it’s related resources as long as there are no running workloads in the VPC.
Allow user to set VPC as default VPC¶
The user is now able to change the default VPC by setting a new VPC as the default one.
Major Changes & bug fixes¶
NK-1103 - Clone image operation to allow creation of an image with IDE devices or extra data disks
NK-1082 - Add the option to export filtered event list to CSV from the management user interface
NK-1108 - Delete project now deletes all the default resources created with the project
NK-797 - Fixed an issue where Compute Overview’s “Top VMs” sort worked only with CPU
R5 (V21.1.0) - Key Enhancements¶
NK-227 - Managed resources (like: ENI, EIP, Security Groups,etc…) are now hidden by default and need to explicitly toggle to see them in all views
NK-294 - Added a capability to the GUI to change Direct Network IP addresses allocation pool
NK-470 - An issue if a wrong error when extending volume on a live instance was resolved
NK-502 - VM snapshots are now restored to the requested pool
NK-594 - MFA is now supported using authenticator application on a mobile device (e.g. Google Authenticator), for both Console and CLI login
NK-771, NK-777 - The system now allows admins and tenant_admins to create instance types and also specify the CPU topology over sockets
NK-795 - A network mini-graph was added on the nodes list view
NK-809 - Added clear indication and system alarm to the cloud admin when running out of EIP per IP pool
NK-831 - Prevent deletion of ENI from the GUI
NK-865 - Ability to export filtered lists as CSV file was added to all GUI tables
NK-897 - GUI and Sym/AWS web shell now work even if firewall is forwarding different public port to 443
NK-904 - Snapshots and volumes are now deleted when deleting image from the marketplace
NK-906 - Tenant Admin gets all the permissions of a member
NK-913 - Images and Marketplace Images now have an Operating system field The Operating system is inherited by the Instances created out of these images
NK-955 - The reboot button was removed from the instance view
NK-967 - A new inspector command was added that can be used to validate the MTU of all network interfaces after changing the MTU in the cluster
R4 (V5.5.4) - Key Enhancements¶
Improvements to the VM Creation dialogue¶
NK-733 - Instance creation wizard Steps are according to functionality
Step1 - Compute
Step2 - Storage
Step3 - Network
Step4 - Config
Show the VPC virtual router IP on the direct subnet¶
NK-668 - It is, now, easier to set the static routes in the external routers in case that VMs on non direct VPC subnets need to be accessed via the direct subnets or need to access entities on the direct subnet that are outside of the direct subnet allocation pool
Major Changes & bug fixes¶
NK-234 - An issue, where direct-network was not listed as route in route-table, was fixed
NK-444 - Improved Resource Consumption tile to make it easier to understand
NK-546 - create default VPC operation was added to the GUI
NK-621 - When attaching Elastic IP, if there is only one network available, it’s now selected automatically
NK-648 - The issue of Load Balancer creation with elastic IP that belong to an instance was resolved
NK-661 - Basic event filtering was fixed, and now working as expected
NK-663 - Project delete is now possible even if a NAT gateway still exists in the project but in a deleted state
NK-681 - AWS compatible API now support import from snapshot
NK-703 - CoreDNS VMs removed from the network topology diagram. Clicking the VPC shows if DNS is enabled
NK-729 - When creating key pair for a VM the keys are automatically download, to prevent inaccessible instance
NK-730 - Neokarm Policies were renamed Symp Policies
NK-739 - Cleanup of aging images from the marketplace
NK-800 - The “default” security group is properly displayed even if a load balancer is configured in the same VPC
R3 (V5.5.3) - Key Enhancements¶
Quick start button and screens¶
Look for the quick start button on the main navigation bar
It will easily guide you via the most common tasks such as creating VM instances, attaching storage volumes, etc…
New VPC creation wizard¶
A wizard was added to assist you with creating the 3 common topologies of VPCs with private or public subnets
The Wizard can activated from the Quick Start and from the VPCs pane
Elastic Network Interfaces¶
A new screen was added to manage Network Interfaces. Network interfaces may be attached and detached from an instance and may even move between instances or be a route target. Until now, you could only create it implicitly when connecting an instance to a subnet. Now it has its own screen that exposes the full functionality.
A user can now Create/attach/detach/add security groups and update the name of any network interface.
A VM with client tools available on the marketplaces Toolbox v5.5.0. The images contain the Symp CLI, AWS CLI, Python 2.7, Boto3 and Terraform. The instance should be created with an SSH key pair.
Major Changes & bug fixes¶
NK-386 - Added Storage Pool update mechanism
NK-405 - The GUI was fixed to allow subnet name change
NK-422 - The GUI was fixed to enable detach security groups from a network interface
NK-467 - Account members can now generate Access keys
NK-468 - All the networking related tabs are now merged into the networks tab Under instance view. EIP, Security groups and Interfaces operations are done from the same place.
R7, V21.4.0, April 2021
R5, V21.1.0, January 2021
R4, V5.5.4, November 2020
R3, V5.5.3, October 2020