Skip to content

Latest commit

 

History

History
377 lines (263 loc) · 12.3 KB

release-notes-8.17.asciidoc

File metadata and controls

377 lines (263 loc) · 12.3 KB

Release notes

This section summarizes the changes in each release.

Also see:

  • {kibana-ref}/release-notes.html[{kib} release notes]

  • {beats-ref}/release-notes.html[{beats} release notes]

{fleet} and {agent} 8.17.3

Review important information about the {fleet} and {agent} 8.17.3 release.

Enhancements

{agent}

  • Add the configuration files for the Elastic Distribution of OTel Collector that will be provided during the {kib} OpenTelemetry Host and Kubernetes onboarding flow for MOTel. #6630

Bug fixes

{agent}

  • Add missing checks for null values in AST collection nodes. #7009 #6999

  • Set the gateway Kubernetes spec.replicas for the gateway OpenTelemetry Collector to prevent horizontal Pod autoscaler fails. #7011

{fleet} and {agent} 8.17.2

Review important information about the {fleet} and {agent} 8.17.2 release.

Security updates

{fleet-server}

  • Upgrade golang.org/x/net to v0.34.0 and golang.org/x/crypto to v0.32.0. #4405

Enhancements

{agent}

  • Upgrade NodeJS for Heartbeat to LTS v18.20.6. #6641

Bug fixes

{agent}

  • Emit variables even if provider data is empty from the start. #6598

{fleet} and {agent} 8.17.1

Review important information about the {fleet} and {agent} 8.17.1 release.

Breaking changes

Breaking changes can prevent your application from optimal operation and performance. Before you upgrade, review the breaking changes, then mitigate the impact to your application.

{agent}

  • {agent} Docker images for {ecloud} have been reverted from having been based off of Ubuntu 24.04 to being based off of Ubuntu 20.04. This is to ensure compatibility with {ece}, support for new Wolfi-based images, and for GNU C Library (glibc) compatibility. #6393

Known issues

{kib} out of memory crashes on 1 GB {ecloud} {kib} instances using {elastic-sec} view

Details

{ecloud} deployments that use the smallest available {kib} instance size of 1 GB may crash due to out of memory errors when the Security UI is loaded.

Impact

The root cause is inefficient memory allocation, and this is exacerbated when the prebuilt security rules package is installed on the initial load of the {elastic-sec} UI.

As a workaround, you can upgrade your deployment to 8.17.1 in which this issue has been resolved by #208869 and #208475.

New features

The 8.17.1 release added the following new and notable features.

{agent}

Enhancements

{agent}

  • Respond with an error message in case the user running the enroll command and the user who is the owner of the {agent} program files don’t match. #6144 #4889

  • Implement the MarshalJSON method on the component.Component struct, so that when the component model is logged, the output does not contain any secrets that might be part of the component model. #6329 #5675

Bug fixes

{fleet-server}

  • Do not set the unenrolled_at attribute when the audit/unenroll API is called. #4221 #6213

  • Remove PGP endpoint auth requirement so that air-gapped {agents} can retreive a PGP key from {fleet-server}. #4256 #4255

{agent}

  • During uninstall, call the audit or unenroll API before components are stopped, if {agent} is running a {fleet-server} instance. #6085 #5752

  • Update OTel components to v0.115.0. #6391

  • Restore the cloud-defend binary which was accidentally removed in version 8.17.0. #6470 #6469

{fleet} and {agent} 8.17.0

Review important information about the {fleet} and {agent} 8.17.0 release.

Breaking changes

Breaking changes can prevent your application from optimal operation and performance. Before you upgrade, review the breaking changes, then mitigate the impact to your application.

{agent}

  • {agent} is now compiled using Debian 11 and linked against glibc 2.31 instead of 2.19. Drops support for Debian 10. #5847

Known Issues

An {agent} with the Defend integration may report an Orphaned status and will not be able to be issued an upgrade action through {fleet}.

Details
A known issue in the {agent} may prevent it from being targetted with an upgrade action for a future release. This may occur if the Defend integration is used and the agent is stopped on a running instance for too long. An agent may be stopped as part of an upgrade process.

Impact
A bug fix is present in the 8.17.1 release of {fleet} that will prevent this from occuring.

If you have agents that are affected, the workaround is as follows:

# Get a Token to issue an update_by_query request:
curl -XPOST --user elastic:${SUPERUSER_PASS} -H 'x-elastic-product-origin:fleet' -H'content-type:application/json' "https://${ELASTICSEARCH_HOST}/_security/service/elastic/fleet-server/credential/token/fix-unenrolled"

# Issue an update_by_query request that targets effected agents:
curl -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'x-elastic-product-origin:fleet' -H 'content-type:application/json' "https://${ELASTICSEARCH_HOST}/.fleet-agents/_update_by_query" -d '{"query": {"bool": {"must": [{ "exists": { "field": "unenrolled_at" } }],"must_not": [{ "term": { "active": "false" } }]}},"script": {"source": "ctx._source.unenrolled_at = null;","lang": "painless"}}'

New features

The 8.17.0 release Added the following new and notable features.

{fleet}

  • Expose advanced file logging configuration in the UI. #200274

{agent}

  • Add support for running as a pre-existing user when installing in unprivileged mode, with technical preview support for pre-existing Windows Active Directory users. #5988 #4585

  • Add a new custom Filestream logs integration. This will enable migration from the custom log integration which is based on a log input that is planned for deprecation. #11332.

Enhancements

{fleet}

  • Filter the integrations/packages list shown in the UI depending on the policy_templates_behavior field. #200605

  • Add a <type>@custom component template to integrations index template’s composed_of array. #192731

{fleet-server}

  • Update elastic-agent-libs to version 0.14.0. #4042

{agent}

  • Enable persistence in the configuration provided with our OTel Collector distribution. #5549

  • Restrict using the CLI to upgrade for {fleet}-managed {agents}. #5864 #4890

  • Add os_family, os_platform and os_version to the {agent} host provider, enabling differentiating Linux distributions. This is required to support Debian 12 and other distributions that are moving away from traditional log files in favour of Journald. #5941 10797 11618

  • Emit Pod data only for Pods that are running in the Kubernetes provider. #6011 #5835 #5991

  • Remove {endpoint-sec} from Linux container images. {endpoint-sec} cannot run in containers since it has a systemd dependency. #6016 #5495

  • Update OTel components to v0.114.0. #6113

  • Redact common secrets like API keys and passwords in the output from elastic-agent inspect command. #6224

Bug fixes

{fleet}

  • Allow creation of an integration policy with no agent policies. #201051

{fleet-server}

  • Fix server.address field which was appearing empty in HTTP request logs. #4142

  • Remove a race condition that may occur when remote ES outputs are used. #4171 #4170

{agent}

  • Make redaction of common keys in diagnostics case insensitive. #6109