Cloudify 4.4 – What’s New

• Secrets Encryption – Control who can see the secret’s value
• Deployment Update Enhancements – Update the plugin and inputs which a running deployment is using, Re-Install selected nodes, UI indications for the updated values.
• Monitoring and Policies components are optional and configurable.
• Agent Installation Improvements – Native libraries replacing Celerty for internal communication implementation.
• Dry Run – The ability to see the flow of actions which will be generated by executing a workflow.
• Account Lockout – Configurable option of locking out the account after a number of unsuccessful login attempts.  
• Web Console New capabilities and performance improvements
• Help menus and tours of the web interface
• Pluggable external authentication mechanism
• Plugins -Introducing new POC’s for Terraform Plugin and Execution plugin, and many improvements and enhancements to existing plugins.

Features and Improvements

Here is the detailed list of the Cloudify 4.4 features and improvement, with their associated tasks:

Features

Deployment Update

• CY-382 – Automatically reinstall modified nodes in deployment update
• CY-379 – Mark updated inputs in the deployment update screen
• CY-380 – Message in deployment update screen when no inputs were updated
• CY-357 – Change the execution order in update workflow
• CY-351 – Add ignore_failure flag to deployment update
• CY-325 – Allow deployment update with either blueprint or inputs supplied, not necessarily both
• CY-307 – Deployment update UI improvements
• CY-292 – Save old and new blueprints and inputs for each deployment update
• CY-379 – Mark updated inputs in the deployment update screen
• CY-436 – Make “Update” workflow internal only (in the use of “Deployment Update” operation
• CY-432 – Support plugin update in deployment update
• CY-410 – extend automatically reinstallation of modified nodes in deployment update

Secrets Encryption

• CY-242 – Add the hidden-value option in secret creation
• CY-197 – Encrypt and decrypt the secret’s value
• CY-326 – In a non-hidden secret, only secret’s creator/admins can update the secret’s visibility and “is_hidden” attribute. In a hidden secret, they are the only ones to perform any type of update to the secret.
• CY-247 – Add the ability to update the secret’s property hidden-value
• CY-300 – Support hidden-value secrets in UI

Dry-Run

• CY-149 – User should have the ability to execute a “dry run” of a workflow

Authentication Enhancements

• CY-301 – Support kerberos authentication
• CY-330 – Add external authenticators folder

Account Lockout

• CY-329 – Support account lockout after x failed login retries, and account release after y time passed.

User Experience

• CY-296 – Add Tours to the Cloudify Console
• CY-138 – Allow adding ReadMe files to widgets that will be presented as widget’s help
• CY-465 – Create help description for built-in widgets
• CY-123 – Provide “help” link as part of widget configuration
• CY-119 – Plugin catalog – display plugins according to manager distro
• CY-423 – Plugin catalog to be added to initial templates of the roles: Admin, tenant manager, user

• CY-375 – Allow choosing specific nodes to reinstall in deployment update
• CY-349 – Changes to “number of deployments” widget in the dashboard page
• CY-376 – Change widget’s name in catalog: from “Secret management” to “Secret Store Management”
• CY-366 – Change the “HA” page to “Admin Operations”
• CY-205 – (Premium feature) Make “Is admin” checkboxes in User Management widget interactive
• CY-365 – When lists widgets are empty, present a relevant text message in the widgets.
• CY-352 – Changes to the “number of plugins” widget in the dashboard page
• CY-364 – Create a “Number of running executions” widget
• CY-359 – Create a “Number-of-blueprints” widget
• CY-139 – Change system role display in user management widget to an “admin” checkbox
• CY-383, CY-402 – Adding the ability to create a user with a tenant in UI
• CYBL-385    Add copy to clipboard button in all places where it would potentially be helpful
• CY-377, CY-388, CY-390, CY-391, CY-397    Screens with file upload improvements
• CY-378 – Text can be difficult or impossible to copy out of the web UI

Microservices architecture

• CY-276 – Make existing monitoring components not be installed by default

Plugins

• Plugins and Blueprints Integration Testing Tools
• Terraform Plugin POC:
  • Package a Terraform Project as a Node Template
  • Use VMs from Terraform as Cloudify Compute Nodes
• Execution Plugin POC:
  • Single Node Type
  • Execute any set of instructions in any language in a plugin.
  • Include dependencies

Improvements

Cluster Improvements (Premium edition)

• CY-372 – Add ability to retrieve logs from all cluster nodes
• CY-328 – cfy_manager configure should be blocked in cluster
• CY-173 – (Premium feature) Block cfy_manager start/restart services on a cluster node
• CY-287 – (Premium feature) Cannot start/join a cluster when internal CA cert is provided but not the key
• CY-249 – cfy_manager remove doesn’t stop all processes and doesn’t remove all services when working with a cluster
• CY-255 – Create a documented way of tearing down & uninstalling a cluster
• CY-472 – Manager cluster configuration uses random port for communication between manager nodes
• CY-408 – `cfy cluster update-profile` should update to node public IPs, not private

Resources Enhancements

• CY-184 – Validate blueprint/deployment/snapshot names: Should not contain the characters ‘”,<>/+%$@!`~
• CY-304 – Add metadata field to blueprints
• CY-290 – Adding size limit to blueprint upload (30 MB)

UX Improvements

• CY-130, CY-131, CY-147, CY-174, CY-175 – Textual search for Blueprints, deployments, plugins, and secrets by name in REST, CLI, Console.
• CY-172 – Hide widgets that users aren’t permitted to use so they don’t get error message upon login
• CY-387 – Add loading indicator to table/catalog search input
• CY-376 – Change widget’s name in catalog: from “Secret management” to “Secret Store Management”
• CY-370 – Support dict & list input types in deployment inputs (currently only strings are supported)
• CY-369 – Improvements to existing widgets – remove redundant fields in Plugins and Executions tables widgets
• CY-366 – Change the “HA” page to “Admin Operations”
• CY-365 – When lists widgets are empty, present a relevant text message in the widgets.
• CY-360 – Non-string inputs not handled properly when YAML input used for deployment creation/update
• CY-204 – Allow sorting fields in the logs and events table
• CY-367 – Align CLI and GUI behavior regarding parsing blueprint input files, when providing empty strings
• CY-422 – Change the default settings of the local blueprint widget to “table” instead of “catalog”
• CY-371, CY-418, CY-419, CY-420, CY-421 – Rename the UI “stage” to “console”
• CY-420 – Add redirect for the UI – from the old “stage” url to the new “console”
• CY-423 – Plugin catalog to be added to initial templates of the roles: Admin, tenant manager, user
• CY-398 – Optimize Form.UrlOrFile component to avoid using refs from the outside
• CY-426 – Blueprint catalog widget should support the new versioning of the examples catalog
• CY-447 – No “Update” button in secret edit modal
• CY-277 – User with tenant role ‘operations’ does not have access to some widgets

Agents

• CY-199 – Replace Celery with direct AMQP calls
• CY-294 – Error message appear when upgrading agents installed using init_script – new agent properties are missing ‘local’ or ‘install_method’
• CY-265 – Stop old agent after upgrading agents
• CY-148 – Agent installation is not idempotent

UI performance

• CFY-7892 – Add pagination to the cli command events list
• CY-243 – widgets polling stops unexpectedly
• CY-234 – Optimize Stage dependencies
• CY-235 – Optimize bundling tools configuration
• CY-248 – prevent unnecessary rendering of widgets
• CY-240 – update widgets polling
• CY-121 – Separate user configuration from internal configuration

Security

• CY-318 – Encrypt the passwords of RabbitMQ vhosts in the DB
• CY-212 – (Premium feature) allow only sys_admins to install new widgets
• CY-429 – Remove the rest_token from the runtime properties

Installation & Configuration

• CY-154 – Users should be able to provide external CA cert+key as inputs for manager installation

Upgrade $ Snapshots

• CY-289 – Add a file system location which is replicated and upgraded to which customization resources can be added
• CY-468 – Snapshot restore fails when deployments number > 1000
• CY-469 – Snapshot restore fails when node instances > 1000

Validation

• CY-216 – cfy_manager validate – to validate the config file

Executions Enhancements  

• CY-103,  – create –force and –ignore_failures options for uninstall
• CY-425 – Expose “ended_at” field in executions list
• CY-384, CY-446 –  Force canceling executions should actually kill the workflow process
• CY-270 – Executing a workflow that doesn’t exist, results in an unremovable execution

Plugins

• Kubernetes Provider:

• • • Trello – Support any CNI network provider (flannel, weave, calico examples provided).
  • AWS:
    • PR134 – Support Multiple NICs
    • PR126 – Support Modify VM attribute in Workflow and Install
    • PR127 – Support Modify NIC attribute in Workflow and Install
    • PR132 – Improve Resource Status Check
    • PR133 – Improve Delete Cleanup and Delete Wait
    • PR134 – Connect NIC to Security Group via relationship
  • Azure:
    • PR75 – Support Azure Stack
    • PR87 – Improve Heal and Day 2 Performance
    • PR93 – Improvements on NIC-VM, Disk-VM relationships. Support VM with multiple NIC and multiple Public IPs.

• Openstack:

• • • PR220 – Improve Heal and Day 2 Performance
    • PR239 – Support Backup/Restore Workflow

• Utility Plugin:

• • Deployment Proxy
    • Improvements/Reliability
    • Include Local Blueprint with Deployment Proxy (Does not require URL).
    • External Resource Improvements
  • REST Plugin
    • Specify Error Behavior in Blueprint/Retries
  • Terminal Plugin
    • Support CISCO
  • Backup/Restore Workflow Handlers
  • Improved Docs for all sub-plugins.

• VSphere:

• • Support Unknown VM Type
  • Support Use Existing Resource
  • Support Backup/Restore Workflow
  • Support Suspend/Resume Workflow

Resolved Issues

Here is the detailed list of issues from previous releases that are resolved in Cloudify 4.4:

• CY-267 – Riemann not deleting monitoring when deployments are deleted
• CY-238 – (Premium feature) There are no certificates of cluster nodes in context file
• CY-227 – offline installation fails
• CY-203 – Windows agent installation broken on Windows 2012 R2
• CY-187 – cfy_manager start/stop fails if service not installed

• CY-193 – Login fails for manager with more than 1000 tenants.
• CY-181 – mgmtworker will only run up to 5 operations concurrently
• CY-153 – ctx is not available for bash scripts running in local mode
• CY-102 – Installation fails when invoked through SSH
• CY-99 – Create snapshot fails for manager with more than 1000 tenants

• CY-395 – Page filter selector shows drill down pages named as parent pages
• CY-367 – Align CLI and GUI behavior regarding parsing blueprint input files, when providing empty strings
• CY-343 – Duplicated widgets in deployment drill-down page

• CY-348 – Clients can’t connect to rabbitmq if an internal certificate with intermediaries is used
• CY-346 – Stage manager.json config must not be replicated
• CY-318 – Encrypt the passwords of RabbitMQ vhosts in the DB
• CY-244 – The restore of stage files overrides existing files
• CY-323 – Deployment update CLI parameter workflow_id is defaulted to `update` instead of `None`
• CY-424 – Service status indicator in web UI shows green even when some services are down
• CY-321 – User can modify page (use edit mode) when it is not allowed after switching tenants
• CY-395 – Page filter selector shows drill down pages named as parent pages
• CY-170 – Error while trying to upload  Azure plugin from plugin catalog widget
• CY-169 – Error while trying to upload plugin from plugin catalog widget
• CY-479 – Fix misleading message if deleting a deployment takes more than 5 seconds
• CY-455 – download script path changes script name
• CY-439 – Exception’s “causes” are only printed in debug level
• CY-386 – Deployment deletion bug fix
• CY-285 – Error when users try to update deployment with no new node types
• CY-284 – Deployment Update to Rollback DNW
• CY-282 – –rest-certificate shouldn’t be mandatory for “cfy profiles use –ssl”

Known Issues

These issues are found in Cloudify 4.4:

• CY-416 – Original blueprint name appears in deployment’s logs and events, even after deployment update to a new blueprint
• CYBL-31 – Choosing “Reset Templates” from “Template Management page” does not work properly
• CYBL-185 – When changing Topology widget’s settings, the widget will keep loading until exiting “edit mode”
• CYBL-138 – Blueprint Source widget – changes in settings option “Content pane initial width in %” only take effect when exiting “edit mode”
• CY-464 – Graphs widgets in Initial templates present errors when no InfluxDB endpoint is configured
• CY-415 In Deploy screen, filled-in Inputs disappear when browsing for inputs yaml file and canceling