Release Notes - Platform agent

1.40.0 - 22nd December

Traceable’s 1.40.0 release provides the following:

Updates

• OTEL - The 1.40.0 release updates the OTEL collector to version 0.90.1.

• OPA - The 1.40.0 release updates the OPA version to 0.59.0

• eBPF - The 1.40.0 release updates the eBPF version 1.10.4

1.39.0 - 13th December

Traceable’s 1.39.0 release provides the following:

Updates

• Configurable status code and message - The 1.39.0 release provides options to configure a custom status code and custom message for blocked requests for Kong and Istio. You can configure these fields in Traceable Platform agent configuration.

  ext_cap:
    blocking_config:
      response_status_code: <Your_status_code>
      response_message: "<Your_custom_message>"
  injector:
    blocking_config: 
      response_status_code: <Your_status_code>
      response_message: "<Your_custom_message>"

  If you are using Helm in values.yaml, then configure the following:

  blockingStatusCode: 
  blockingMessage:
  injector:
    blockingConfig:
      blockingStatusCode:
      blockingMessage:    

Resolved issues

1.38.1 - 24th Nov

Traceable’s 1.38.1 release resolves a few internal bugs.

1.38.0 - 22nd Nov

Traceable's 1.38.0 release provides the following:

Updates

• eBPF - 1.38.0 release adds support for eBPF deployment on SUSE Linux using the installation script.

• Helm and Terraform - 1.38.0 release provides Helm and Terraform configuration options for eBPF deployment on Kubernetes. These options are related to connection and request limits.

Resolved issues

1.37.2 - 31st October

Traceable's 1.37.2 release provides the following:

Updates

• HAProxy - 1.37.2 release removes redundant path argument in HAProxy agent configuration.

• User - 1.37.2 release allows running the Platform agent as a non-default user.

• PCF - 1.37.2 release adds options for configuring maximum memory for the eBPF tracer and Platform agent. For more information, see Pivotal Cloud Foundry.

• Java agent - 1.37.2 release updates the Java agent to 1.1.2

• eBPF tracer - 1.37.2 release updates the eBPF tracer to 1.8.1

• OTEL collector - 1.37.2 release upgrades the OTEL collector to 0.87.0

Resolved issues

1.36.2 - 16th October

Traceable's 1.36.2 release provides the following update:

• 1.36.2 release optimizes Traceable's agent for Istio. Zipkin is not needed for the optimized agent.

1.36.1 - 4th October

Traceable's 1.36.1 release provides the following update:

• Mirroring -  1.36.1 release adds support to autoscale Traceable Platform agent for mirroring deployments.

• Mirroring - 1.36.1 release adds support to use specified certificates for the TLS packet capture server that is used in TLS traffic mirroring.

• Helm and Terraform - 1.36.1 release allows specifying image names when using Helm and terraform for deployments.

• eBPF Java TLS capture - 1.36.1 release adds support to enable Java TLS capture in Helm or Terraform and in the installation script.

1.35.1 - 25th September

Traceable's 1.35.1 Platform agent release provides some internal fixes.

1.35.0 - 6th September

Traceable's 1.35.0 release provides the following update:

• GCP - 1.35.0 release adds support for reading the Traceable agent token from Google Secret Manager.

• AWS VPC mirroring - 1.35.0 release adds support for Tags-based discovery of load balancers in AWS VPC mirroring setup. For more information, see AWS VPC mirroring.

1.34.1 - 22nd August

Traceable's 1.34.1 release provides the following update:

• Installation script - 1.34.1 installation script provides you an option to configure the number of log files to back up and the maximum size of each log file. This is applicable to eBPF, eBPF-only and tpa-only deployments. For more information, see Traffic mirroring for VM.

1.34.0 - 18th August

Traceable's 1.34.0 release provides the following updates:

• HTTPS proxy - 1.34.0 release adds support for configuring HTTPS proxy for Traceable Platform agent. The Helm value and Terraform variable are httpsProxy and https_proxy respectively. For more information, see Helm and Terraform values.

• AWS mirroring - 1.34.0 release adds support for AWS mirroring in large-scale deployments with improved error handling.

• HAProxy - 1.34.0 release adds the ability for HAProxy agent to recover from TCP connection accept errors.

• Installation script 1.34.0 release removes stale and existing eBPF and mirroring components before a fresh installation.  

1.32.1 - 24th July

Traceable's 1.32.1 release provides the following updates:

• Redaction - 1.32.1 release supports redaction of XML bodies that are URL encoded.

• AWS API gateway monitoring - 1.32.1 release adds support for AWS API gateway monitoring. For more information, see AWS API gateway monitoring.

• TLS connection to platform - 1.32.1 release adds support to configure custom CA certificate for TLS connection to Traceable Platform agent. The new flag to be configured is --remote-cert-path. For more information, see Traffic mirroring for VM.

• eBPF 

  • 1.32.1 release updates the eBPF tracer version to 0.1.46.

  • 1.32.1 release resolves an issue of agent port configuration when eBPF is installed on a virtual machine (VM) with TLS communication to the Traceable Platform agent enabled.

  • 1.32.1 release provides the ability to set additional annotations for the eBPF tracer daemonset.

• Java agent - 1.32.1 updates the Java agent version to 1.1.1

• OTEL collector - 1.32.1 updates the OTEL collector to version 0.80.0

1.31.0 - 15th June

Traceable's 1.31.0 release provides the following updates:

• gRPC payload - 1.31.0 release increases the default gRPC payload size on collector to 16 MB.

• Platform agent - 1.31.0 release supports Platform agent deployment on an EC2 instance using Terraform.

• Tolerations - 1.31.0 release allows configuring Tolerations for eBPF pods. For more information, see eBPF.

• Reverse proxy in Platform agent - 1.31.0 release provides an option to create a reverse proxy when http_reverse_proxy_enabled is set to true. By default, it is set to false. Port number 5442 is used for reverse proxy.

• Java agent version - 1.31.0 release updates the Java agent used by the injector to version 1.1.0.

1.30.1 - 16th May

Traceable Platform agent's 1.30.1 resolves a few internal bugs.

1.30.0 - 8th May

Traceable's 1.30.0 release provides the following updates:

• Warning logs - 1.30.0 release of Platform agent resolves the issue of excessive warning logs in the Platform agent processing pipeline.

• Platform agent ports - 1.30.0 allows you to configure all the Platform agent ports.

  ActionScript ActionScript

  collector:
    ports:
      opentelemetry: 5317
      opentelemetryHttp: 5318
      opencensus: 5319
      zipkin: 5320
      jaeger: 5321
      jaegerthrift: 5322
      prometheus: 5323
      prometheus_receiver: 5324
      zpages: 5325
      pprof: 5326
      health_check: 5327

• Port 443 as default port - 1.30.0 release of Platform agent makes port number 443 as the default port in cases when a port number is not provided in the agent configuration.

• AWS VPC mirroring - 1.30.0 release of Platform updates the following for VPC mirroring:

  • Resolves an issue with VPC where NLB continues to send data packets even mirroring target is deregistered.

  • External Terraform - 1.30.0 removes the dependency of external Terraform provider for AWS VPC mirroring deployment.

  • CloudFormation template - If you are using AWS VPC mirroring CloudFormation template with DeployTraceableAgentInECS=false, the platform agent instances are created through a managed instance group. Traceable creates an NLB to send the traffic to these instances.

  • Timeout value  - Provides support to configure the Terraform timeout value for mirroring session lambda. The default value is 600 seconds.

  • AMI configurable - You can customize the AMI ID used for Traceable Platform agent instances by configuring the custom_ami_id value.

• Node selector - 1.30.0 release supports NodeSelectors for eBPF, Platform agent, and Daemonset deployments. Use ebpfNodeSelectors for eBPF and nodeSelectors for Platform agent and Daemonset deployment. Node Selector in Kubernetes is a feature that allows you to constrain the pods to run on specific nodes in the cluster. When you create a pod, you can use the nodeSelector field to specify a set of labels that must match the labels on a node for the pod to be scheduled on that node.

• Mirroring - 1.30.0 resolves an issue where, when the TLS traffic was captured by mirroring, the URL was not reflected as HTTPS.

• ext_cap - 1.30.0 Platform agent handles case where body is already unzipped even though content type header specifies body is zipped.

• eBPF

  • 1.30.0 release supports Pivotal Cloud Foundry deployment.

  • 1.30.0 resolves an issue where high memory usage by eBPF led system getting out of memory.

• AWS API calls - 1.30.0 resolves the following issues regarding AWS API calls:

  • Graceful handling of paginated responses from AWS API calls.

  • Resolution of an issue where Lambda output to CloudFormation template could go beyond the limits.

  • Output now provides a summary of successes and failures.

1.29.4 - 12th April

Traceable's 1.29.4 release provides the following update:

• Data parsing - Traceable agent drops the truncated request response attributes when their parsing fails.

• AWS VPC mirroring - 1.29.4 release fixes a bug where response data was associated with incorrect request data for AWS VPC mirroring.

1.29.3 - 5th April

Traceable's 1.29.3 release has a set of internal bug fixes that improve the Platform agent. The release provides the ability to add port/process name-based filters to identify processes to instrument. For more information, see the eBPF section in Traffic mirroring for VM topic. It provides -P | -ports PORTS the option for a comma separated list of ports that you wish to track.

1.29.1 – 24th March

Traceable's 1.29.1 release provides support for configuring the OTLP ports using Helm chart or Terraform value. For more information, see Collector's Helm and Terraform values.

1.29.0 – 15th March

Traceable's 1.29.0 release has the following updates:

• Custom image registry – Platform agent 1.29.0 supports custom image registry without credentials in helm and terraform deployments.

• DaemonSet mirroring – Platform agent 1.29.0 adds support for capturing egress traffic for DaemonSet Suricata mirroring.

• NGINX ingress controller and OpenResty – Platform agent 1.29.0 corrects the issue of missed capture of request body for TLS traffic for NGINX Ingress Controller and OpenResty.

• AWS mirroring – Platform 1.29.0 supports multiple source VPCs for AWS VPC mirroring.

• AWS VPC mirroring – Platform 1.29.0 corrects the issue where a public IP address was being assigned to the Traceable Platform agent in a private subnet.

• XML redaction – Platform 1.29.0 corrects the issue of redaction when XML bodies contain namespace.

1.28.1 – 27th January

Traceable's 1.28.1 release has the following updates:

• Traffic mirroring – Platform agent 1.28.1 provides traffic mirroring install packages for airgapped environments. For more information, see Traffic mirroring for VM.

1.28.0 – 25th January

Traceable's 1.28.0 release has the following updates:

• Performance improvement – Platform agent 1.28.0 improves data capture performance for agents that use ext_cap to capture data.

• Request blocking – Platform agent 1.28.0 provides support to block IP addresses based on the type of IP address, for example, bot IP address, TOR IP address, or an anonymous VPN IP address.

• Default XML data capture – Platform agent 1.28.0 captures the XML data by default for TME based agents, for example, HAProxy, NGINX ingress controller, and so on.

• Platform agent installation – Platform agent 1.28.0 provides an option ( -tpa-only) in the installation script that installs only the Platform agent and does not set up traffic mirroring.

• Traffic mirroring (uninstall) – Platform agent 1.28.0 provides an uninstallation script for traffic mirroring agent.