Version 3.0.1 of Kubernetes connection settings schema deleted
Infrastructure Observability | Kubernetes
Version 3.0.1 of the Kubernetes connection settings schema (ID: builtin.cloud.kubernetes) has been removed, as it introduced a vulnerability that has been fixed in a subsequent release.
If you reference this exact version of the schema, you need to either change your integrations to reference a later version of the schema instead (the latest version is 3.1.0) or not reference the schema version at all (if it's not needed). See below for details.
With the Settings API, it's possible to specify this schema version for the following requests:
Fetching the definition of the schema for a specific version—with the schemaVersion query parameter
GET api/v2/settings/schemas/builtin:cloud.kubernetes?schemaVersion=3.0.1
Creating a new settings object using version 3.0.1 of the schema definition—with the schemaVersion parameter of the JSON body
POST api/v2/settings/objects with JSON body:
[
{
"schemaId": "builtin:cloud.kubernetes",
"schemaVersion": "3.0.1",
"scope": "KUBERNETES_CLUSTER-D3A3C5A146830A79",
"value": {
...
}
}
]
Updating an existing settings object using PUT api/v2/settings/objects with JSON body:
In each of these requests, the version parameter is optional.
If you have integrations that use any of these API calls with the schemaVersion parameter set to 3.0.1, they won't work anymore, because that specific version of the schema has been removed.
As stated earlier, to make your integrations work again, do one of the following:
Remove the schemaVersion parameter (if it's not needed)
Use another schemaVersion value (for example, 3.0.2 or 3.1.0)
Announcements
Official support of Dynatrace Terraform Provider for configuration as code
Automations | Configuration as code
The Dynatrace Terraform Provider, enabling configuring Dynatrace environments as code using Terraform, is now officially supported and covered by the Dynatrace product support models.
Enabled new log configuration
Infrastructure Observability | Logs
We have migrated all tenants to the latest Log Monitoring configuration page as an enhancement. The change affects environments currently using Logs Classic.
Affected configuration pages:
Log sources and storage
This section is migrated to Log ingest rules:
Maintenance window tag and management zone filter settings.
Platform | Maintenance windows
Information about tag and management zone delays has been added to alerting profile and maintenance window tag and management zone filter settings.
Stability check for OneAgent Automatic Updates
Infrastructure Observability | Hosts
The defaults for automatic updates and stability checks are reduced to 45 minutes for both EC2 and non-EC2 hosts. This change improves the Automatic Updates process when maintenance windows are used.
Additional metadata on Kubernetes cluster page
Infrastructure Observability | Kubernetes
The following metadata has been added to the Kubernetes cluster page: ActiveGate version and Dynatrace Operator version.
JRE upgrade
To take advantage of performance improvements, bug fixes, and the latest security and vulnerability fixes, we've updated the JRE 17.0.8.1 for Elasticsearch, Server, and ActiveGate components.
Email notification of sign-in from new browser or location
Cluster | Access control
To improve account protection, Dynatrace now detects sign-ins from new browsers or locations and notifies the user by email.
This applies to Dynatrace Managed users who have an account in SaaS services such as the support system, Dynatrace Community, and Dynatrace University.
You can open vulnerabilities with the Third-party vulnerabilities app that were resolved more than two hours ago using Notebooks or Dashboards. (SIA-2862)
Cluster
Vulnerability: Improved input validation for Cloud Foundry settings. (K8S-6898)
The `getCredentialsDetails` resource from the Classic Dynatrace Environment API v2 SDK for Dynatrace apps now returns code 403 instead of 401 when the current user is authenticated but does not have access to the requested credentials. (SYNTH-9933)
Fixed an infrequent case on single-server clusters where the event timeout information was not stored properly, causing new events to use the default timeout of 15 minutes and, for some events, possibly leading to events closing and reopening more often than expected. (DI-7801)
Fixed the process of migrating cluster to rack-aware. (CLD-10377)
On the "Threat exposure template" created in Dashboards from the "Third-party vulnerabilities" page with the "Open with" button, data for the "Vulnerability count by risk level" tile is now displayed as expected. (SIA-2650)
The total amount of allowed rules per management zone has been increased to 900. (PS-13613)
Fixed bug causing rejection of bulk log storage when one has empty content. (LOG-6641)
Fixed broken SAML authentication when IdP is configured to use signature algorithm set to rsa-sha1 or digest algorithm set to sha1. (CLD-10364)
Fixed refreshing log ingest limit for Managed clusters. (LOG-6497)
A metric query with default(always) and rollup(...) in the metric selector now always has the correct number of timeslots. (GRAIL-25286)
The alerting profile filter summary now shows the latest values for severity rules and event filters. (DI-7887)
Fixed missing “Response time” column and chart data in the Topology card of the Service page. (TI-10960)
Improved performance of OneAgent registration to avoid false positive alerts about monitored hosts being unavailable. (PS-12755)
When you create a query in Data Explorer with a timeshift (for example, two metrics, one with a timeshift) and then use "Open with" in Data Explorer to add the query to Dashboards or Notebooks, the timeshift is now reflected in the Dashboards tile or Notebooks section. (PAPA-10173)
Fix CCR indexes pausing during PHA cluster update. (CLD-9380)
Since SaaS 280, OS service events also match the tags from the host entity where they originate. This matching is now used for maintenance window evaluation. (DI-7907)
Update 106 (Build 1.286.106)
This cumulative update contains 1 resolved issue and all previously released updates for the 1.286 release.
Synthetic Monitoring
We fixed the incorrect generation of the YAML deployment template for Managed offline clusters. The YAML was generated without the VUC workers section and contained improper image versions. Apart from fixing the problem with YAML generation, we added a possibility to provide custom repo, ActiveGate, and synthetic build version tag as request parameters when generating the template via REST API. (SYNTH-10729)
Update 109 (Build 1.286.109)
This cumulative update contains 1 resolved issue and all previously released updates for the 1.286 release.
Cluster
The Java v17.0.8 was replaced with v17.0.10. (CLD-10689)
Update 129 (Build 1.286.129)
This cumulative update contains 1 resolved issue and all previously released updates for the 1.286 release.
Cluster
Fixed an issue for Managed clusters, where the policy update API call returned 403 but applied part of the changes. The described situation occurred only if the changed policy was bound to a deleted environment. (PS-22769)