Portworx Central on-premises Release Notes
2.6.0
December 7, 2023
This release offers enhanced security for your Portworx Central.
2.5.0
June 27, 2023
This release offers enhanced security for your Portworx Central.
note
Portworx Central version 2.5.0 uses Keycloak version 21.1.1 to provide enhanced security.
- Port forwarding to localhost is deprecated from Keycloak version 21.1.1. To access Portworx Central user interface refer, Access Portworx Central UI using a node IP.
- For more information on:
-
How to configure access to Portworx Central over HTTPS and HTTP, refer Access Portworx Central UI.
-
How to configure Keycloak for your environment, you can refer Keycloak configuration settings.
-
2.4.0
March 14, 2023
This release provides an option to update Portworx Backup component in the configmap.
2.3.3
February 15, 2023
This release provides added security for your Portworx Central.
2.3.2
December 14, 2022
This release offers enhanced security for your Portworx Central.
2.3.1
October 06, 2022
This release provides a seamless experience with a reduced number of vulnerabilities reported in the earlier versions.
Known Issues (Errata)
Pure Storage is aware of the following issue, check future release notes for fixes on this issue:
| Issue Number | Issue Description |
|---|---|
| OC-1249 | When you upgrade Portworx Central from the version 2.2.0 to a newer version and apply licenses on a cluster, the Licenses page does not show the correct license count. |
2.3.0
September 15, 2022
This release provides a seamless experience with a reduced number of vulnerabilities reported in the earlier versions.
2.2.1
July 22, 2022
This release provides a seamless experience with a reduced number of vulnerabilities reported in the earlier versions.
Known Issues (Errata)
Pure Storage is aware of the following issues, check future release notes for fixes on these issues:
| Issue Number | Issue Description |
|---|---|
| OC-1206 | In an air-gapped cluster, you must expose the Portworx service using loadbalancer and the service should be reachable from within a pod (for example, backend or middleware). |
| OC-1219 | After deploying Portworx Central on AWS EKS cluster, you cannot add a cluster in Portworx Central. Workaround: To add a cluster:
|
| OC-1239 | Post-install job pod during Portworx Central installation and upgrade will fail, if the nodes contain dangling container images without Name. Workaround: Clean up the dangling containers with Name from all worker nodes, before starting to install or upgrade Portworx Central. |
| OC-1247 | After the Helm upgrade from Portworx Central version 2.2.0 to 2.2.1, sometimes, the Cassandra pods can go out of quorum. This will lead to cortex failures, where the pods go to CrashLoopBackOff state.:::noteNOTE: Run the kubectl command with the nodetool parameter to check the quorum status. For example:
If the output does not include all the Cassandra pod IPs or any one of the IP is in Down state (DN), then it is considered to be in out of quorum.::: Workaround: Perform the following procedure to achieve quorum in Cassandra and bring back the pods:
|
2.2.0
May 04, 2022
This release provides a seamless experience with a reduced number of vulnerabilities reported in the earlier versions.
note
Note: From this release, you cannot directly upgrade from the Portworx Central 1.2.x versions to 2.2.0. So, the etcd backup store is removed from required list of images in Portworx Central.
Fixes
Pure Storage has fixed the following issues:
| Issue Number | Issue Description |
|---|---|
| OC-1157 | There were issues in deploying PX-Monitoring service and Cassandra pods being placed on same nodes. User Impact: Cassandra and other pods running on the same nodes cause deployment and memory consumption issues. Resolution: Portworx Central now supports the podAntiAffinity=true helm parameter, using which you can place a maximum of one pod per node for statefulsets and deployments having more than one replicas. |
2.1.2
March 01, 2022
This release provides a seamless experience with a reduced number of vulnerabilities reported in the earlier versions.
Known Issue (Errata)
Pure Storage is aware of the following issue, check future release notes for fixes on this issue:
| Issue Number | Issue Description |
|---|---|
| OC-1136 | Only a maximum of 20 license clients are visible on the Portworx Central License -> License Entitlements -> Details page. This issue occurs, because the data from the license server is sent in batches of 20, and the Portworx Central UI currently does not support pagination to display more than 20 records. |
Fixes
Pure Storage has fixed the following issues:
| Issue Number | Issue Description |
|---|---|
| OC-1101 | Unable to clone the restored volumes using the Portworx Central UI. User Impact: When you clone restored volumes from the Portworx Central UI, the clone operation fails with the error Unable to create snapshot: Snapshot has labels match internal snapshot format for cloudsnaps, please specify different labels.Resolution: Use the pxctl version 2.10.0 to clone restored volumes from the Portworx Central UI. |
| OC-1114 | Cannot add the remote cluster with px-operator versions 1.6.0 and above to Portworx Central.User Impact: You cannot view the statistics of remote px-cluster in Portworx Central Grafana dashboard.Resolution: Clusters now include the px-operator 1.6.0 and higher versions, and you can also add the px-operator to Portworx Central for monitoring the statistics. |
| OC-1124 | When you install Portworx Backup, for the first time, using the Portworx Central spec gen wizard by selecting Cloud as your environment and leaving the Storage Class Name field empty,then Portworx Central takes the default storage class during the deployment. If you enter a value in the Storage Class Name field during an upgrade, and install Portworx Backup, then the deployment fails. User Impact: If you installed Portworx Backup without specifying the storage class in the Portworx Central spec gen wizard, then you must not enter the storage class name while upgrading too. Resolution: Portworx Central spec gen wizard enables you to install and upgrade using the default storage class. |
| OC-1125 | When you set the Pod Security Policy (PSP) to run the pods as NonRootUser, Portworx Central deployment fails as some pods do not come up.User Impact: You cannot install Portworx Central due to this issue. Resolution: The default securityContext is now enabled in Portworx Central, which you can also specify from values.yaml file. |
| OC-1128 | Cannot add the remote px-cluster with px-operator deployed in any namespaces other than kube-system to Portworx Central.User Impact: You cannot view that statistics of remote px-cluster in the Portworx Central Grafana dashboard.Resolution: You can now add px-cluster with px-operator deployed in any namespace to Portworx Central. |
| OC-1134 | Unable to set license to the px-cluster in Portworx Central with PX-Security enabled.User Impact: On the px-cluster cluster, administrator token is mandatory to apply license and to interact with the license server.Resolution: You can now set license on the px-cluster. |
| OC-1140 | Cannot add the remote Kubernetes version 1.22 cluster to Portworx Central. User Impact: You cannot view the statistics of remote px-cluster in Portworx Central Grafana dashboard.Resolution: You can now add the remote Kubernetes version 1.22 cluster to Portworx Central and monitor the statistics. |
| OC-1147 | Supporting service annotations were missing with helm install and upgrade. User Impact: You cannot set an internal service of type LoadBalancer.Resolution: The values.yaml now supports setting annotations on the exposed services, which helps to set the internal LoadBalancer service too. |
2.1.1
January 19, 2022
This release provides a seamless experience with a reduced number of vulnerabilities reported in the earlier versions.
Known Issues (Errata)
Portworx is aware of the following issues, check future release notes for fixes on these issues:
| Issue Number | Issue Description |
|---|---|
| OC-1104 | In GKE, if the volumes are spread across different regions, while scheduling the pod for Grafana during helm install, Portworx Central fails to start since pod only spins up where the volume exists and causes a conflict. Workaround: Create the storage class using the volumeBindingMode: WaitForFirstConsumer parameter, instead of the volumeBindingMode: Immediate parameter. This helps to start pod with multiple volume spread across regions. |
| OC-1114 | Adding a remote cluster to Portworx Central for monitoring with Portworx installed with portworx-operator version 1.6.0 or above will fail. Workaround: Edit the storagecluster in the remote cluster by adding the remotewriteendpoint parameter in the monitoring section. For example:monitoring:prometheus:enabled: trueexportMetrics: trueremoteWriteEndpoint: <central_endpoint>/cortex.Replace the <central_endpoint> with the URL to access Portworx Central. |
2.0.1
August 20, 2021
Improvement
Pure Storage has upgraded or enhanced the following functionality:
| Improvement Number | Improvement Description |
|---|---|
| OC-933 | Keycloak is upgraded from version 9.0.2 to 14.0.0, and additional changes are implemented in Portworx Central to accommodate the newer Keycloak version. This provides a seamless experience with reduced number of vulnerabilities reported in the earlier versions. |
Known Issues (Errata)
Portworx is aware of the following issues, check future release notes for fixes on these issues:
| Issue Number | Issue Description |
|---|---|
| OC-1012 | While installing Portworx Central, the prometheus-pxcentral-prometheus-0 pod gets stuck in the terminating state.Workaround: Check if the prometheus-pxcentral-prometheus-0 pod is running on other namespaces. If it is, then update the other prometheus deployments (excluding the prometheus operator installed with Portworx Central) with the - -namespaces=<namespace> flag, as shown below:spec: containers: - args: - -namspaces=<namespace>. |
| PB-1840 | After upgrading from the earlier Portworx Central version to 2.0.1 with Keycloak or an external OIDC, sign in to OIDC fails. Workaround: Clear your browser cache, and then sign in. |
2.0.0
July 30, 2021
New features
Portworx Central Lighthouse includes the following UI and functionality enhancements:
- Drag-and-drop function in the Add License window to add your licenses using your license key file to Portworx Central.
- Assign your license server to the existing cluster using the Set License Server option in the Licenses page.
- Set cluster security while adding a cluster using the new Portwork Security options (None, Token, OIDC).
- Updated UI for managing, editing, and removing schedule policies from Portworx Central.
- Updated UI for the Cluster Info, Volume Info, Node Info, and the Volume Analyzer windows.
- Updated graphical representation of nodes in the cluster details page.
For more information about the updates, see the Add license, Add cluster, Monitor clusters, View cloud snapshots topics.
- Upgrade Portworx Central using a single chart: The Portworx Central 2.0.0 includes only the Portworx Central chart using which you can upgrade all three Portworx Central components (Portworx Backup, License Server, and Monitoring Service). For more information about the upgrade procedure, see Upgrading Portworx Central from versions 1.2.x to 2.0.0 topic.
Improvements
Pure Storage has upgraded or enhanced functionality in the following areas:
| Improvement Number | Improvement Description |
|---|---|
| OC-303 | You can now drag and drop the kubeconfig file to add a cluster. |
| OC-578 | You can now view node related alerts using the Alerts button in the new Node Info window. |
| OC-597 | In the cluster details page, the panel to view all nodes, active nodes, and down nodes has been removed. |
| OC-603 | A search box is now available to filter nodes using hostname and IP. There are also dropdown menus available to filter by region and node status. |
| OC-655 | You can add a secured Portworx cluster to Lighthouse, which now supports Token or OIDC based authentication. |
| OC-784 | If you are in an air-gapped enironment, you can now push the Portworx Backup, License server, and Monitoring services images into your repository. |
| OC-856 | Portworx Central now provides inbuilt support to add cloud Kubernetes clusters running on AWS (EKS) and GCP (GKE)in Lighthouse and enable metrics, without installing Portworx Backup. |
| OC-871 | The Portworx Central Redhat nginx front end base image is changed to ubi/ nginx. |
| OC-912 | You can now update the following Volume properties:
|
| OC-915 | In the Cloud Snapshots page, the cloud credentials list is changed to a dropdown list. Selecting the dropdown list displays all cloud snapshots, by default. |
| OC-918 | The Switch to Cloud Snapshots tab is now replaced with a button. |
| OC-969 | You can now perform case insensitive and substring searches using the Search box. |
Fixes
Pure Storage has fixed the following issues:
| Issue Number | Issue Description |
|---|---|
| OC-529 | Cannot override license server endpoints. User Impact: Users were unable to install license server by providing the host name of main node and backup node. Resolution: Similar to IP, you can provide the host name of the license server main node and backup node while enabling license server. For example: --set pxlicenseserver.enabled=true,pxlicenseserver.mainNodeIP=ip-70-0-15-33.brbnca.spcsdns.net,pxlicenseserverbackupNodeIP=ip-70-0-29-208.brbnca.spcsdns.net |
| OC-569 | Cannot specify nodes while installing or enabling Portworx Central using Helm. User Impact: Unable to select nodes using the nodeSelector flag while installing Portworx Central using Helm. Resolution: While enabling or installing Portworx Backup and monitoring service, you can select nodes using the nodeAffinityLabel flag. If the nodes are labelled with px/central key, then you can set the following helm parameter:--setnodeAffinityLabel=px/central |
| OC-576 | If there are numerous nodes, then they get wrapped up to the next line in the cluster details page. User Impact: Added nodes do not appear properly. Resolution: A carousel is added to display numerous nodes in the cluster. |
| OC-588 | Portworx Central services are automatically configured with LoadBalancer and/or NodePort while deploying Portworx Central or Portworx Backup. User Impact: Cannot configure all Portworx Central services explicitly as the ClusterIP. Resolution: While installing or upgrading Portworx Central chart, you can set up the services according to your environment using the following command: --set service.pxBackupUIServiceType=ClusterIP,service.grafanaServiceType=ClusterIP,service.cortexNginxServiceType=ClusterIP |
| OC-594 | After adding a cluster, when you select the View metrics icon, it launches Grafana using http, instead https User Impact: Redirection to Grafana fails with SSL enabled for monitoring service. Resolution: Support for providing the certificates is now available using a secret and Grafana deployment is successful:
kubectl -npx-central create secret tls cert-secret --key ${KEY_FILE} --cert ${CERT_FILE} |
| OC-679 | The pxcentral-cortex-nginx and pxcentral-grafana services are part of the Portworx Central chart, and created when you install monitoring service. User Impact: Since the pxcentral-cortex-nginx and pxcentral-grafana services are a prerequisite for monitoring service, these services are installed along with Portworx Central even if you do not install monitoring service. Resolution: Only the monitoring service is installed when the pxcentral-cortex-nginx and pxcentral-grafana services are enabled. |
| OC-742 | When you install Portworx Backup, the pxcentral-backend and px central-frontend pods do not start. User Impact: The px-backup chart fails on Kubernetes version 1.21. Resolution: The Portworx Central installation now supports Kubernetes versions from 1.16 to 1.21. |
| OC-746 | The cassandra pods do not follow the node affinity rules. User Impact: If px-monitor is installed with node affinity rules, then cassandra pods do not follow the node affinity rules. Resolution: Similar to the other monitoring service components, cassandra pods follow the node selector rules that you can set using the nodeAffinityLabel flag. |
| OC-758 | If the Kubernetes cluster is using CIDR that does not comply with the RFC-6890 standard, then the Consul does not start. Following are the accepted IP ranges:
Resolution: While enabling px-monitor, set the following two Helm parameters:
|
Known Issues (Errata)
Portworx is aware of the following issues, check future release notes for fixes on these issues:
| Issue Number | Issue Description |
|---|---|
| OC-748 | The px-backup-ui service will be deprecated in the future Portworx Central versions. User Impact: No user impact in the Portworx Central 2.0.0 version. It may occur in the future version. Recommendation: In the future Portworx Central versions, use the px-central-ui service to access the UI. |
| OC-867 | Timeout error when high volume of nodes and volumes connect to the Lighthouse at the same time. User Impact: Portworx Central displays a timeout error when the number of volumes and nodes try to connect the Lighthouse at the same time. Recommendation: Refresh Lighthouse and wait for the volumes and nodes to load. |
| OC-879 | When you add a cluster with metrics enabled, Portworx Central displays the following error: Cannot get Kubernetes Version, please check KubeConfig provide valid kubeconfig: Get 127.0.0.1:6443/version?timeout=32s: dial tcp 127.0.0.1:6443: connect: connection refused User Impact: Unable to add a cluster with metrics enabled, because in the kubeconfig the server IP points to 127.0.0.1:6443. Recommendation: Update the server IP 127.0.0.1:6443 with master IP https://<Master-IP>:6443 in the kubeconfig. |
| OC-977 | For the PX-License-Server, the UPDATED ON field is empty in the Service Status page. User Impact: When you log in to Portworx Central and navigate to the Service Status page, the UPDATED ON field for PX-License-Server is empty. You cannot view the last updated details for license server. Recommendation: Disable license server and enable it again to view the last updated details. |