New features in DSE OpsCenter 6.5
Changes in features, configuration files, metrics, and APIs in OpsCenter 6.5.
New features
The following new and improved features are highlighted for the current DataStax Enterprise (DSE) OpsCenter version 6.5 release.
DataStax Enterprise 6.0 | Support for provisioning and monitoring DataStax Enterprise 6.0 clusters, including:
|
Lifecycle Manager (LCM) |
|
NodeSync Service | Automatically synchronize keyspace and table replicas as a background process. Keep data consistent and monitor status progress with alerts and dashboard graphs based on NodeSync metrics. |
New metrics |
For a comprehensive list of metrics available in OpsCenter, refer to the OpsCenter Metrics Tooltips Reference. |
Backup Service |
|
Best Practice Service |
|
Updates from OpsCenter 6.1
The following changes are updates from the OpsCenter 6.1 major releases.
Support for multiple user roles using LDAP authentication
Users can have multiple roles when using LDAP authentication. If the list of a user's groups map to more than one role in OpsCenter, the user will be granted each of the listed roles, and their resulting OpsCenter permissions will be the merging of permissions for all of their roles. See Adding a role for an LDAP user.
role
attribute cannot be found. The single
role
attribute will be provided for users that have only one
role. If your application or script has users with only one role, then updates are
not required for continued use.Compact storage no longer supported
Tables in the OpsCenter schema are no longer created with compact storage because this feature for thrift-compatible tables has been removed in DSE version 6.0.
ALTER TABLE table.name DROP COMPACT STORAGE
For more information, see migrating from compact storage (for DSE version 5.1.x clusters managed by OpsCenter) or migrating from compact storage (for DSE version 5.0.x clusters managed by OpsCenter). If OpsCenter was not upgraded to 6.5 before upgrading DSE to 6.0, refer to the instructions in this KB article for a workaround until the issue is fixed.
For DSE versions earlier than 6.0, the OpsCenter Backup Service checks for tables that have compact storage and warns that they cannot be created during a restore.
Dropped messages metrics
- The TP: Dropped Paged Range Reads and TP: Dropped Request Responses metrics have been removed for DSE 6.0 and later.
- Several metrics regarding dropped messages have had their labels changed from TP: <message type> to Dropped Messages: <message type>.
- New dropped messages metrics have been added.
Renamed RPC address properties to native transport in LCM UI and API
- The RPC Address field in the LCM UI Add Node and Edit Node dialogs has been renamed to Native Transport (RPC) Address.
- The Broadcast RPC Address field in the LCM UI Add Node and Edit Node dialogs has been renamed to Native Transport (RPC) Broadcast Address.
- The
rpc-address
field in the LCM API has been renamed tonative-transport-address
. - The
broadcast-rpc-address
field in the LCM API has been renamed tonative-transport-broadcast-address
.
rpc-address
and broadcast-rpc-address
.OpsCenter and DataStax Agent API dynamic updates for agent log level
PUT /cluster_id/log/level/log_level
The log level update is not persisted to the log4j.properties configuration or the logback.xml configuration file. Restarting opscenterd or the DataStax Agent returns the agent log level to its original configuration value.
curl -X PUT http://127.0.0.1:8888/Test_Cluster/log/level/debug
The response body contains the IP addresses of the nodes whose agent log levels were updated and skipped.
Change password parameters
The change-default-cassandra-password
and
cassandra-ldap-password
parameters are no longer valid. Supplying these
parameters at run job time made many edge cases impossible to detect. Corresponding
parameters have been added to the cluster model at the /api/v2/lcm/clusters/
endpoint, where they can be persisted across jobs
and facilitate more effective error handling.
Consistent error message fields
The msg
field has been removed from all API errors and replaced with the
message
field. Previously the two fields were used inconsistently. Any
API clients that expect to process a msg
field must be updated to look for
the message
field instead.
More restrictive config_profiles (json validation)
While the config_profiles
API has not technically changed, it has become
considerably more strict about the contents of the json
field. Requests
that previously returned a 200 success code might now fail with a validation error. Many
formerly failing requests that have always been invalid or had undefined results are now
rejected upfront at input submission time by the system rather than failing or behaving
ambiguously later.
POST
and PUT
requests for
config_profiles
, the system now verifies the format of the
json
field against the definitions for the relevant DSE version as
specified in /api/v2/lcm/definitions/
. The following
properties are verified against the definitions:- Every key-name must be a valid DSE configuration property.
- Every value-type must match the type specified in the DSE configuration property.
- Families of fields that have dependencies must be consistent. One cannot disable a
parent field (such as
client_encryption_options.enabled
) and specify a value for a dependent child field (such asclient_encryption_options.keystore
).
LCM API version updates
- Base url version bump from v1 to v2.
- More strict validation of
config_profiles
API for both behavior and json content. - Job password parameters: Change cassandra user password parameters shifted from the run job level to the add (or edit) cluster level. LDAP password changes at the run job level have been removed.
- Multiple endpoints replaced
msg
withmessage
in API errors.
Base URL version change
/api/v2/lcm/
location exactly as they did previously.Declarative password management
The password experience for running jobs and managing the password of the cassandra user has been improved in Lifecycle Manager. Rather than requiring entering the password every time a job was run, the password is now declared at the cluster level. Entering credentials is only required once if an associated Config Profile has internal or password authentication enabled (which is the default behavior). The New DSE password field has been removed from the Job dialogs. Password fields have been added to the Add Cluster and Edit Cluster dialogs for changing the cassandra user password. The improved functionality allows changing the password for the cassandra user at any time, or removing the stored password.
New SSL configuration options
A new SSL configuration option, opscenter_ssl_strict_subject_validation, indicates
that if a certificate subject does not match the IP of the server, the OpsCenter SSL agent
rejects the certificate. The default option is false
, which means the SSL
agent attempts subject validation first. If validation fails, the agent logs a warning and
retries the connection without subject validation. If set to true
, the SSL
agent rejects the certificate without retrying validation.
Repair Service new subrange repair configuration option for parallel tasks
The parallel_tasks_update_interval
configuration option has been added to
the Repair Service. The option determines the length of
time before the Repair Service periodically recalculates the required number of parallel
tasks to run during a subrange repair cycle. The interval is 120 seconds (2 minutes) by
default. For more details, see Setting the maximum for parallel subrange
repairs.
Backup Service new phased staging configuration option for commit logs
The On Server commit log storage has changed. Commit logs are still initially moved into
the backup_staging_dir
, but after the commit logs have been sent to any
other configured locations, the commit logs are moved to the directory specified by a
backup_storage_dir
defined in address.yaml. This
approach should resolve a number of problems customers have encountered when restarting
agents due to large numbers of On Server commit logs being reprocessed. See Configuring commit log backups for details.
Cassandra read request timeout configuration options
[cassandra]
host_read_timeout_ms=
[storage_cassandra]
host_read_timeout_ms=
monitored_dse_host_read_timeout:
storage_dse_host_read_timeout:
New configuration option for OpsCenter failover URL
The new configuration option override_primary_redirect_url for overriding the default URL and port of the OpsCenter primary instance is available in opscenterd.conf.