- fix: IP address missing from certificate requests
- fix: LDAP compatibility with non Active Directory
- fix: Domain\username syntax can be used for cluster credentials
- fix: improve graph continuity after import to NAbox 4
- fix: PATCH requests on /systems allows for partial parameters list, other parameters will be unchanged
- new: Additional names and IPs can be added to certificate requests
- new: Improve HTTP security : minimum version TLS v1.2, Content-Security-Policy: default-src 'self';, ciphers suite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- new: Implement Content Security Policy headers : default-src 'self' 'unsafe-inline'; img-src 'self' data:
- new: add harvest and nabox version in support bundle
- new: additional scrapers can be manually configured in /etc/nabox/additional-scrapers/*.yaml. This can be used to collect data from Harvest on remote NAbox deployments.
- Harvest 24.11 (new deployments only)
- Grafana 11.4
- Base OS upgrade (Flatcar Container Linux 4081.2.1)
#NAbox 4.0.8 available
young oak
chrome plinth
awesome
abstract kettle
As usual very nice features 😊 @young oak do you have any example how the yaml looks like to collect data from a remote NAbox or is this document on the NAbox website?
nimble fox
Hello. Just upgraded from 4.0.7. Only little issue is I was unable to log in via ssh (GUI was ok). I had to reset the admin password (like explained in the FAQ).
young oak
Hello. Just upgraded from 4.0.7. Only little issue is I was unable to log in via...
That's weird ! I'll keep that in mind
young oak
As usual very nice features 😊 <@323825973718155265> do you have any example how...
Once updated, you can create a file in /etc/nabox/additional-scrapers/, i.e. /etc/nabox/additional-scrapers/external.yaml with content like that :
- targets: ["<harvest_host>:<harvest_port>"]
labels:
instance: "<nabox_host>:<harvest_port>"
also, the remote nabox should have Enable Victoria Metrics guest access checked in preferences
abstract kettle
Once updated, you can create a file in /etc/nabox/additional-scrapers/, i.e. /et...
So that means for every poller on the remote nabox I need to create a new target … that will take some time 🙈
young oak
Ah yes, when you use remote polling, it's still per system.
you could probably sed your way out of this with the remote host scraper config
and replace mentions of havrest by nabox_ip
nimble fox
That's weird ! I'll keep that in mind
Yep, can't really understand why I can still access the GUI. SSH server was running since I was able to be prompted for the password. This was the motivation to add my public key 😄
pearl dew
Have any others reported after upgrading to 4.0.8 that you receive a invalid login for all controllers every hour +- 30 seconds? Re-entering the credentials does not resolve. I'd like to not have to remove the ONTAP systems entirely or rebuild from scratch.
young oak
Can you show some logs ? What is your version of Harvest ?
pearl dew
Can you show some logs ? What is your version of Harvest ?
Harvest version 24.11.1. What logs would you like? Our ONTAP logs show ontapi auth failures once per hour. Changing Auth from Auto to REST within NABOX did not affect it either.