This release fixes a regression introduced with namespaces in 2.10 where advanced permission filters could result in a crash with many concurrent requests. It also fixes the problem that permission filters are sometimes not applied correctly. Thanks VSHN for sponsoring the development time!
Another problem hidden in the dark was introduced in 2.9 with changed reload signals. This caused the reload shutdown handler to deactivate host and hostgroup objects in the IDO database backend, with later activating them on startup reconnect. Large scale environments would suffer from seconds to minutes not seeing objects in Icinga Web 2 then.
Last but not least, our road to better code quality unveiled that certain compilers don’t treat us well with shared pointers references and resulting crashes. This release fixes crashes with logrotate signals and other timer related problems, e.g. state file handling.
We’ve also added some documentation improvements for the REST API, object types, feature overview and technical concepts with JSON-RPC cluster messages – inspired by the feedback from our Icinga Discourse 🙂
Checkout the full changelog for 2.10.5 here. Please note that SLES11 and Ubuntu14 packages are not available anymore.
Special thanks goes out to Elias Ohm from novomind AG 🙂 He’s been debugging and fixing the many issues with us together, magnificent team work!
Note: API and cluster/agent related problems will be fixed in 2.11, requiring us to rewrite large parts of the code base. You can help test the snapshot packages and provide feedback. Thanks in advance!
We are happy to announce a new bugfix release for Icinga Web 2. Official packages are available on packages.icinga.com. Community repositories might need a while to catch up.
You can find issues related to this release on our Roadmap.
LDAP – Community contributions, that’s the spirit
With the help of our users we’ve finally fixed the issue that defining multiple hostnames and enabling STARTTLS has never properly worked. Also, they’ve identified that defining multiple hostnames caused a customized port not being utilized and fixed it themselves.
There has also a rare case been fixed that caused no group members being found in case object classes had a different casing than what we expected. (Good news for all the non-OpenLdap and non-MSActiveDirectory users)
- LDAP connection fails with multiple servers using STARTTLS #3639
- LDAPS authentication ignores custom port setting #3713
- LDAP group members not found #3650
We take care about your data even better now
With this are newlines and HTML entities (such as ) in plugin output and custom variables meant. Sorry if I’ve teased some data security folks now.
- Newlines in plugin output disappear #3662
- Windows path separators are converted to newlines in custom variables #3636
- HTML entities in plugin output are not resolved if no other HTML is there #3707
You’ve wondered how you got into a famous blue police box?
Don’t worry, not only you and the european union are sometimes unsure what’s the correct time.
- Set client timezone on DB connection #3525
- Ensure a valid default timezone is set in any case #3747
- Fix that the event detail view is not showing times in correct timezone #3660
UI – The portal to your monitoring environment, improved
The collapsible sidebar introduced with v2.5 has been plagued by some issues since then. They’re now fixed. Also, the UI should now flicker less and properly preserve the scroll position when interacting with action links. (This also allows the business process module to behave more stable when using drag and drop in large configurations.)
- Collapsible Sidebar Issues #3187
- Fix title when closing right column #3654
- Preserve scroll position upon form submits #3661
Corrected things we’ve broke recently
That’s due to preemptive changes to protect you from bad individuals. Unfortunately this meant that some unforeseen side-effects appeared after the release of v2.6.2. These are now fixed.
- Multiline values in ini files broken #3705
- PHP ini parser doesn’t strip trailing whitespace #3733
- Escaped characters in INI values are not unescaped #3648
Though, if you’ve faced issue #3705 you still need to take manual action (if not already done) as the provided fix does only prevent further occurrences of the resulting error. The required changes involve the transformation of all real newlines in Icinga Web 2’s INI files to literal \n or \r\n sequences. (Files likely having such are the roles.ini and announcements.ini)
The namespace support in 2.10 caused a regression with the registered global scope being evaluated for API permissions with filters. This release fixes the problem, next to a problem with Windows packages not fully starting up. There’s also a fixed oversight with not setting a default environment constant. This affects setups checking the SNI header in external load balancers.
v2.10.1 also fixes a problem with application reload and missing event states in large scale environments.
Icinga 2 v2.9 introduced performance related changes inside the configuration compilation and activation order. This was to ensure a) no unwanted notifications b) use available CPU resources to speed up the overall validation process. These changes had a bad effect on configuration depending on a specific activation order, and slowed it down with many config objects of a specific type. The Icinga Director depends on get_host() being called in service objects to support specific service set overrides. In case you’re having trouble here, v2.9.2 is for you.
TL;DR: in case you’re using Custom Variable Overrides (as probably most of you do), then you’ll face a problem with v1.5.0, an upgrade to v1.5.1 is necessary. Sorry for the noise. (more…)