diff --git a/debian/changelog b/debian/changelog index 57a4559940b4..fa7b893d4901 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +opennms (32.0.5-1) stable; urgency=high + + * Release 32.0.5 contains a bunch of security updates to Drools, + Hibernate, Jetty, and more, plus a number of other bug fixes and + a slew of documentation updates. + + For details on what has changed, see: + https://docs.opennms.com/horizon/32.0.5/index.html + + -- OpenNMS Release Manager Tue, 07 Nov 2023 13:08:00 -0500 + opennms (32.0.4-1) stable; urgency=low * Release 32.0.4 contains documentation updates as well as a number of diff --git a/docs/modules/deployment/nav.adoc b/docs/modules/deployment/nav.adoc index f3b6d90cc06d..470ee22b5152 100644 --- a/docs/modules/deployment/nav.adoc +++ b/docs/modules/deployment/nav.adoc @@ -3,6 +3,7 @@ * xref:core/introduction.adoc[] ** xref:core/system-requirements.adoc[] ** xref:core/getting-started.adoc[] +** xref:core/containers.adoc[] ** xref:core/setup-message-broker.adoc[] ** xref:core/admin-password-reset.adoc[] * xref:minion/introduction.adoc[] diff --git a/docs/modules/deployment/pages/core/containers.adoc b/docs/modules/deployment/pages/core/containers.adoc new file mode 100644 index 000000000000..c81ae40bb1f4 --- /dev/null +++ b/docs/modules/deployment/pages/core/containers.adoc @@ -0,0 +1,90 @@ + +[[container-deployment]] += Containerized Deployment +:description: Learn how to install OpenNMS Horizon/Meridian in a containerized environment like Kubernetes or Red Hat OpenShift. + +If your organization uses Kubernetes or Red Hat OpenShift, OpenNMS makes a Helm chart available to simplify {page-component-title} deployment. +For information on deploying in a Docker environment, see the Docker tabs in https://docs.opennms.com/horizon/latest/deployment/core/getting-started.html[installation and configuration]. + +The OpenNMS Helm Chart is based and tested against the latest {page-component-title}. +The minimum version available is +ifeval::["{page-component-title}" == "Horizon"] +Horizon 32.x. +endif::[] + +ifeval::["{page-component-title}" == "Meridian"] +Meridian 2023.x. +endif::[] + +== Before you begin + +You must have a deep understanding of containerized environments (https://kubernetes.io/docs/home/[Kubernetes], https://access.redhat.com/documentation/en-us/openshift_container_platform/[Red Hat OpenShift]) and https://helm.sh/docs[Helm], which is the package manager for Kubernetes. + +You should also be familiar with {page-component-title}, its components, and how the environment works. + +== Requirements + +* https://kubernetes.io/docs/reference/kubectl/[kubectl] +* https://kubernetes.io/docs/reference/kubectl/[Helm] version 3 +* Kubernetes 1.20+ OR Red Hat OpenShift 4.12+ + +=== External dependencies + +{page-component-title} requires the following as part of its monitoring environment. +Make sure to set them up, with SSL enabled, before deploying {page-component-title}. + +* PostgreSQL server as the central database for OpenNMS and Grafana. +** For Google Cloud, the solution was tested using Google SQL for PostgreSQL with SSL and a private IP. +* Elasticsearch cluster for flow persistence +* Grafana Loki server for log aggregation +** https://grafana.com/docs/loki/v2.8.x/tools/logcli/[logcli] helps extract OpenNMS logs from the command line for troubleshooting purposes. +* https://cert-manager.io/docs/[cert-manager] to provide HTTPS/TLS support to the web-based services the ingress controller manages. +** A `ClusterIssuer` to use it across multiple independent {page-component-title} installations. +* Nginx Ingress Controller, as the solution has not been tested with other Ingress implementations. + +== Deployment on Kubernetes +Once you have set up Helm properly, use the following commands to deploy {page-component-title} on Kubernetes: + +[source, console] +---- +helm repo add opennms https://opennms.github.io/helm-charts + +helm install monms opennms/horizon --set domain=domain1.com --create-namespace +---- + +Update configuration values in the `values.yml` file, as required, for your environment. +These values include various passwords (Kafka, database, PostgreSQL), timezone, CPU limits, and so on. +For a list of values and their defaults, see https://github.com/OpenNMS/helm-charts/blob/main/horizon/README.md#values[Values] in the project's readme file on GitHub. + +== Installation on OpenShift + +There are a few known issues and limitations with installation on OpenShift: + +* Removing `CAP_NET_RAW` capability or setting allowPrivilegeEscalation to false will impact ICMP and auto discovery features. + ** WORKAROUND: Use a Minion that is located outside of the OpenShift cluster. + + * By default, OpenNMS will create a ClusterRole, ClusterRoleBinding, Route, SecurityContextConstraints, and ServiceAccount. + The user used to install OpenNMS must have the required permissions to make these modifications the OpenShift Cluster, including admin access. + There are options to disable the creation of these elements, but if you do so, you will need to figure out a way to get the pods to work. + +To install {page-component-title} on OpenShift, follow these steps: + +1. Log in to OpenShift and switch to Developer view. +2. Create a project with a unique name. +3. Go to the Helm section. +4. In the Create drop-down menu, select Repository. + * In the Create Repository page, + * Add a unique name and display name. + * Use https://opennms.github.io/helm-charts/ for the URL. + * Save the changes. +5. In the Create drop-down menu, select Helm Release. +6. Under Repository, select the newly created repository entry. +7. Click on Horizon. +8. Make sure that the project name matches the name you set in step 2. + * Skip this step if you are setting “CreateNamespace” option to true. +9. Make the required modifications (for example, set the PostgreSQL information). +10. Click Create. +11. Wait for the pods to come up. This may take a few minutes. + +NOTE: The process to install the Minion is similar. + diff --git a/docs/modules/deployment/pages/core/system-requirements.adoc b/docs/modules/deployment/pages/core/system-requirements.adoc index 4292e0b3dab3..a4e60eef4d36 100644 --- a/docs/modules/deployment/pages/core/system-requirements.adoc +++ b/docs/modules/deployment/pages/core/system-requirements.adoc @@ -92,3 +92,6 @@ Components marked with an asterisk are required: | Browser * | Latest https://www.mozilla.org[Mozilla Firefox] or https://www.google.com/intl/en_us/chrome/[Google Chrome] |=== + +== Containerized environments +See xref:deployment:core/containers.adoc[containerized deployment] for information on deploying {page-component-title} via Kubernetes or OpenShift. \ No newline at end of file diff --git a/docs/modules/releasenotes/pages/changelog.adoc b/docs/modules/releasenotes/pages/changelog.adoc index e7021ef08d01..eae4ca77bf24 100644 --- a/docs/modules/releasenotes/pages/changelog.adoc +++ b/docs/modules/releasenotes/pages/changelog.adoc @@ -2,6 +2,37 @@ = Changelog +[[releasenotes-changelog-32.0.5]] + +== Release 32.0.5 + +Release 32.0.5 contains a bunch of security updates to Drools, Hibernate, Jetty, and more, plus a number of other bug fixes and a slew of documentation updates. + +The codename for Horizon 32.0.5 is https://volt.fm/genre/6385/deep-swedish-rock[_Deep Swedish Rock_]. + +=== Enhancement + +* BMP docs could use some TLC (Issue https://issues.opennms.org/browse/NMS-13891[NMS-13891]) +* Provisiond threads description discrepancies (Issue https://issues.opennms.org/browse/NMS-14766[NMS-14766]) +* OpenShift: Documentation (Issue https://issues.opennms.org/browse/NMS-16108[NMS-16108]) +* Backport Drools 8.x to foundation 2023 to address a couple of CVEs (Issue https://issues.opennms.org/browse/NMS-16179[NMS-16179]) +* Integrate hibernate-core related patch from Debian (Issue https://issues.opennms.org/browse/NMS-16181[NMS-16181]) +* Version bump of json for CVE-2023-5072 (Issue https://issues.opennms.org/browse/NMS-16191[NMS-16191]) +* Version bump of jetty to 9.4.53 version (Issue https://issues.opennms.org/browse/NMS-16192[NMS-16192]) +* Bump to the latest netty 4 version (Issue https://issues.opennms.org/browse/NMS-16193[NMS-16193]) +* Version bump of snappy java (Issue https://issues.opennms.org/browse/NMS-16194[NMS-16194]) +* Docs: Remove deprecated resourcecli section (Issue https://issues.opennms.org/browse/NMS-16216[NMS-16216]) +* Post install/upgrade instructions on how to join OpenNMS Community (Issue https://issues.opennms.org/browse/NMS-16213[NMS-16213]) + +=== Bug + +* Local Geo Map (using gwt.openlayers.url) working in version 29.0.1 is not anymore in 31.0.3-1 (Issue https://issues.opennms.org/browse/NMS-15400[NMS-15400]) +* Access Denied when deleting a node with admin user (Issue https://issues.opennms.org/browse/NMS-15746[NMS-15746]) +* Map dashlet for Ops Boards references old map systems (Issue https://issues.opennms.org/browse/NMS-16044[NMS-16044]) +* Reports -> Chart page does not load graphs (Issue https://issues.opennms.org/browse/NMS-16085[NMS-16085]) +* Event parameters with `<>` not rendering in event/alarm views (Issue https://issues.opennms.org/browse/NMS-16157[NMS-16157]) +* Add Basic Auth to OpenConfig gNMI for Call Credentials (Issue https://issues.opennms.org/browse/NMS-16158[NMS-16158]) + [[releasenotes-changelog-32.0.4]] == Release 32.0.4 diff --git a/opennms-assemblies/minion/src/main/filtered/debian/changelog b/opennms-assemblies/minion/src/main/filtered/debian/changelog index e5911ef3652f..96876fc4c511 100644 --- a/opennms-assemblies/minion/src/main/filtered/debian/changelog +++ b/opennms-assemblies/minion/src/main/filtered/debian/changelog @@ -1,3 +1,14 @@ +opennms-minion (32.0.5-1) stable; urgency=high + + * Release 32.0.5 contains a bunch of security updates to Drools, + Hibernate, Jetty, and more, plus a number of other bug fixes and + a slew of documentation updates. + + For details on what has changed, see: + https://docs.opennms.com/horizon/32.0.5/index.html + + -- OpenNMS Release Manager Tue, 07 Nov 2023 13:08:00 -0500 + opennms-minion (32.0.4-1) stable; urgency=low * Release 32.0.4 contains documentation updates as well as a number of diff --git a/opennms-assemblies/sentinel/src/main/filtered/debian/changelog b/opennms-assemblies/sentinel/src/main/filtered/debian/changelog index 1f6f1abdbf96..82568be0bf28 100644 --- a/opennms-assemblies/sentinel/src/main/filtered/debian/changelog +++ b/opennms-assemblies/sentinel/src/main/filtered/debian/changelog @@ -1,3 +1,14 @@ +opennms-sentinel (32.0.5-1) stable; urgency=high + + * Release 32.0.5 contains a bunch of security updates to Drools, + Hibernate, Jetty, and more, plus a number of other bug fixes and + a slew of documentation updates. + + For details on what has changed, see: + https://docs.opennms.com/horizon/32.0.5/index.html + + -- OpenNMS Release Manager Tue, 07 Nov 2023 13:08:00 -0500 + opennms-sentinel (32.0.4-1) stable; urgency=low * Release 32.0.4 contains documentation updates as well as a number of