Unimus 2.1.0 & Unimus Core 2.1.0 release

Official news and announcements
Post Reply
User avatar
Tomas
Posts: 1206
Joined: Sat Jun 25, 2016 12:33 pm

Thu Aug 12, 2021 12:50 am

Unimus version 2.1.0 is being released today! 2.1.0 has been in development for 9 months, and is a major feature release with many included bug fixes and security improvements.

We have published a Release Overview on our blog if you prefer to read up on this release.
Alternatively, you can watch the Release Overview video below:



Release highlights:
- New "Backup filters" feature
- "NMS Sync" upgraded to preset-based
- "Advanced Settings" for Mass Config Push
- NetXMS Agent as a proxy for Zones
- 11 other minor new features
- Bug fixes and security improvements
- Support for 21 new device types

We focused heavily on security in 2.1, as outlined in our Update on Unimus codebase and release security article earlier this year. We have updated both our backend and frontend frameworks to latest LTS releases, reviewed Unimus build security and infrastructure and introduced code-signing to all binary releases. All of these were quite a major undertaking, but Unimus security should be noticeably improved.

Links at https://unimus.net/download.html have been updated with the newest version. Starting with this release, all binary releases of Unimus and Unimus Core will be code-signed!

Full Changelog:
= Version 2.1.0 =
Features:
Added notifications if a Zone goes offline (can be configured in the "Notifications" screen)
You can now select which Zone the "Basic import" imports devices into
Config Push History (on the Dashboard) now shows which user ran the Push, or if it was scheduled
Improved Diff performance (diffs with a large change-set could be very slow)
Improved Import / NMS Sync handling - import/sync jobs are now queued, so a single job doesn't block you from queueing others
You can now disable the Core connection listener if desired (if not using remote Cores)
The "get" endpoints for "devices" in the API ("/api/v2/devices/...") now also return the status of the last device job
"Sensitive data stripping" has been moved from "Other settings" to "Backups > Configuration"
"Advanced settings" > "Discover un-discovered devices when new Credentials are added", "added" was changed to "added or bound"
Improved Output Group matching in Mass Config Push
Added new icons for Comments / Tags / Filters in all tables
Added "unimus.core.tcp.connect-timeout" config option to control Core->Unimus connection timeout (default 5 seconds)
You can now disable specific job types (Discovery, Backup, Scan, Config Push) if desired
Added support for devices which ask "Configure from terminal?" when the "configure" command is sent
On JunOS devices, "monitor stop" will be sent before backup to make sure logs are not present in backup
Improved support for Adtran NetVanta devices
Improved support for Datacom devices
Improved support for ExtremeWare devices
Improved support for Quanta devices

New "Custom Backup Filters" feature:
- you can create custom filtering rules on backups to filter any data you don't want inside backups
- both completely deleting and/or replacing data for a filtered text are available
- allows for creation of rules based on Tags, device vendors or device types
- https://unimus.net/blog/backup-filters-unimus-210

"NMS Sync" is now configured using Presets, and now properly works with Zones
- you can now define as many NMS Sync connections as you like
- fully integrated with Zones, you can now use NMS Sync to sync devices to multiple Zones
- existing configuration automatically migrated to Presets
- https://unimus.net/blog/nms-sync-improv ... unimus-210

Ability to use the NetXMS Agent as a proxy for Zones:
- you can use a NetXMS Agent as a poller for an Unimus Zone instead of an Unimus Core
- if you use NetXMS, you no longer need to deploy both a NetXMS Agent and an Unimus Core for the Zone
- https://wiki.unimus.net/display/UNPUB/N ... Zone+Proxy

New "Advanced Settings" feature for Mass Config Push:
- allows overriding credentials used to connect to devices by this Push Preset
- allows overriding timeouts used in device communication by this Push Preset
- allows settings the prompt matching mode used by this Push Preset
- https://unimus.net/blog/config-push-adv ... unimus-210

Unimus Core version is now checked by Unimus and shown in Zones
- added versioning to the Core communication protocol
- Unimus now checks if Cores are using a supported version during connection
- Unimus will notify on the Dashboard if any "older" version Cores are connected
- Core version is now shown in the "Zones" screen (if the Zone is using an Unimus Core as it's proxy)

Added support for:
- Adit 600 series
- Brocade G620
- Cisco FirePOWER for AWS
- Datacom DmOS devices
- Datacom DmSwitch devices
- D-Link DXS 5000 series
- Extreme 200 series
- Extreme VOSS / VSP OS
- Extreme Wing AP 510
- Fiberhome devices
- Fiberstore (FS.com) Campus switches
- Fortinet FortiWeb
- IBM Flex System Fabric
- IBM RackSwitch
- Netgear GSM switches
- Nomadix EG devices
- Nomadix NSE devices
- Siklu Terragraph
- Ubiquiti airFiber 60 5G
- Ubiquiti airFiber 60 LR
- Ubiquiti GigaBeam
- ZTE ZXA devices

Fixes:
Fixed Slack notifications not working with new Slack Apps (changes in Slack API for new Apps)
Fixed issue when writing into an input box, a desync may occur that caused a character to get lost, and the cursor to jump to the start of the input box
Fixed built-in backup filtering in rare cases could add many "<--filtered-->" text instances into a backup
Fixed config change notification not sent if a backup was pushed over the API
Fixed API limited max page size to 50, even if user specified a much larger size
Fixed Import and/or NMS Sync could get stuck if there was an internal error during import/sync
Fixed Unimus could stop working on HSQL after a long period of time if data retention cleanup settings were enabled
Fixed running discovery/backups on all devices over the API did not work (single device requests worked properly)
Fixed Import and NMS Sync running UI notifications could get lost when moving around the application
Fixed wrong Config Change Notifications on specific Cisco IOS versions
Fixed wrong Config Change Notifications when a few specific config items were present on F5 devices
Fixed "Backup it very long, do you want to continue?" warning boxes not working properly
Fixed errors when trying to add extremely long passwords (over 130) characters in the "Credentials" screen
Fixed inconsistent case sensitivity in Config Search (normal matching is now always CI, regex matching is done per regex settings)
Fixed Config Search showing whole backup when Context Size was set to 0
Fixed multiple edge-case issues and errors in Config Search
Fixed multiple edge-cases where a device address with a whitespace was not properly trimmed
Fixed checkbox and selection not being properly reloaded after refresh (F5)
Fixed "last run" value not being updated in a Config Push preset in some circumstances
Fixed multiple UI issues (element overflows, wrong element sizing on small resolutions) in Config Push
Fixed "$[no-wait]" not properly working in Config Push under certain circumstances
Fixed Discovery failing on newer firmware version of HP/HPE ProCurve devices
Fixed devices that used "enter" as pagination not working over Telnet
Fixed jobs failing on newer Adtran NetVanta devices
Fixed jobs failing on a few specific HP Comware devices
Fixed jobs failing on a few specific devices over Telnet
Fixed jobs failing on specific configurations of ExtremeWare devices

Security fixes:
Upgraded the frontend framework to the latest LTS version
Upgraded the backend framework to the latest LTS version
Fixed not properly invalidating all sessions of a logged-in account if it was removed (sessions would work until session timeout)
Fixed users being able to see Tags they did not have access to in Config Search (only list of Tags affected, search results were properly secured)
Finally, there are some known issues to be aware of. We are working to resolve all of these in an upcoming release in the following weeks:
Known issues:
ISSUE: When many jobs are running, and you scroll or re-order the Devices table, some rows can be duplicated and/or malformed
WORKAROUND: table re-render fixes this - scroll out and back in, or reorder again and elements will rerender properly
STATUS: issues in framework after upgrade to latest LTS - we are investigating how to fix :(

ISSUE: Opening a Config Push preset is slow and locks the UI session with large results (1000+ devices)
WORKAROUND: none
STATUS: issue scheduled for fix in next version

ISSUE: Search in Config Push preset outputs is slow and locks the UI session with large results (1000+ devices)
WORKAROUND: none
STATUS: issue scheduled for fix in next version

ISSUE: Device ownership (Owner) is not properly set when using Basic Import
WORKAROUND: none
STATUS: issue scheduled for fix in next version

ISSUE: An API call to the "devices" endpoint using PATCH doesn't work
WORKAROUND: none
STATUS: issue scheduled for fix in next version

ISSUE: Already logged in user gets 'Access denied' when they manually navigate to '/'
WORKAROUND: none
STATUS: issue scheduled for fix in next version

ISSUE: When moving many devices across Zones, an error can occur
WORKAROUND: none, retry the move again
STATUS: issue scheduled for fix in next version

ISSUE: Notifications don't contain a list of addresses of filtered devices (no connectors, Core offline, etc.)
WORKAROUND: none
STATUS: issue scheduled for fix in next version

ISSUE: Config push creation - 'Require "enable" mode' is not automatically checked when 'Require "configure"' is checked
WORKAROUND: none, works properly after preset has already been created
STATUS: issue scheduled for fix in next version

ISSUE: Data put into HTTP query parameters are not escaped in NMS Sync importers that use HTTP protocols
WORKAROUND: none
STATUS: issue scheduled for fix in next version

ISSUE: Sorting by Job Status in Devices does not work properly if Unmanaged devices are present
WORKAROUND: none
STATUS: issue scheduled for fix in next version

ISSUE: Some screens in Unimus show time in server's time zone, others in client's (browser's) time zone
WORKAROUND: none, issue only relevant if client has different time zone than server
STATUS: we are debating on how to fix this - will likely create a setting to select which TZ should be used
Let us know if you have any feedback / questions on this release, or if you run into any issues!
Post Reply