Release Notes 3.5.X

Disclaimer All versions of Pulse are supported for maintenance for a period of 18 months following their release. This maintenance support includes updates for security vulnerabilities, bug fixes, Common Vulnerabilities and Exposures (CVEs), and the introduction of new features, among other improvements. After the 18-month support period, we strongly recommend transitioning to the most recent version or to another version that continues to receive support. This ensures an enhanced user experience.

Pulse version 3.5.x will reach End of Life (EOL) on 30th April 2026. Please contact Acceldata Support for any assistance.

Version 3.5.3

Date: 30th January, 2025

To use the latest Pulse 3.5.3 version, you must upgrade your Docker version to 20.10.x or higher and perform the required migration steps. For more information, see Upgrade to Version 3.5.3.

This section consists of an enhancement introduced in this release.

New Flag Added in Yarn Optimizer: The utiliseFQDNYarnOptimise flag has been introduced in the Configuration File of Yarn App Metrics. This flag allows the Yarn optimizer to toggle between using the hostname and hostname -f for resolving the node's hostname where the NodeManager or ResourceManager is running.

This section consists of an issue that has been fixed in this release.

Corrected the log rotation file to clear the log file generated by the Pulseaxn Agent.

Version 3.5.2

Date: 14 January, 2025

To use the latest Pulse 3.5.2 version, you must upgrade your Docker version to 20.10.x or higher and perform the required migration steps. For more information, see Upgrade to Version 3.5.2.

This section consists of enhancements and new changes introduced in this release.

Upgraded the Ubuntu Base Image: Upgraded the Ubuntu Base Image of the containers (Logstash, Elastic, and MongoDB) from version 23.04 to 24.04, as the older version has reached End-of-Life (EOL), ensuring continued security updates, stability, and support.
Overriding the default-endpoints.yml File Details: Pulse now allows you to override specific information in the default-endpoints.yml file. For instance, if you need to modify the URL of a single component within a service, you must copy the entire section of that service into the override file and update the required URL. For example, to override the URL of Druid’s coordinator component, you need to copy the entire Druid Service section into the override file and modify only the coordinator URL. For detailed steps on overriding the file details, see Overriding the default-endpoints.yml File Details.

The override applies at the service level, not at the individual component level.

Configuration Update on Yarn Optimizer: The Pulse Yarn Optimizer capability now allows you to configure IsRestEventSupported in ad-yarn-optimizer.yml to enable or disable the REST API call for overcommitment of node memory. For more details, see Enabling the REST API call for Overcommitment of Node Memory.
(Beta) Pulse New Facelift UI : The Pulse UI Home and all other features have undergone a refreshed design to enhance the overall user experience. For detailed information on the Pulse UI Home Landing Page, refer to the Getting Started with the Pulse NextGen UI.

This section consists of the security or vulnerability fixes made in this release.

Sr.No	Vulnerability	Severity	Description
1	Cross-Domain Misconfiguration	Medium	Fixed a cross-domain misconfiguration issue where improper CORS settings could allow untrusted domains to access sensitive data or functionality, posing risks such as data theft or Cross-Site Request Forgery (CSRF) attacks. The solution involved removing the custom CORS configuration, allowing the browser to enforce its default security policies for cross-origin requests.
2	Unencrypted communications	Medium	Fixed an issue where the application permitted unencrypted connections, increasing the risk of user data exposure to eavesdropping and manipulation, especially on public Wi-Fi, shared networks, or compromised infrastructure. To address this, we configured the server to enforce TLS 1.2+ with recommended cipher suites, ensuring all communications are encrypted and secure.
3	Graphql Nested Queries Denial Of Service	Medium	Fixed an issue where attackers could exploit deeply nested or overly complex GraphQL queries, leading to excessive resource consumption that could degrade performance, crash the server, or render it unavailable to legitimate users. This issue was addressed by implementing custom logic to restrict query depth to a maximum of 10 levels. Queries exceeding this depth now return a 500 status code, preventing potential abuse.
4	Cookie No HttpOnly Flag	Medium	Fixed an issue where cookies lacked the HttpOnly flag, allowing JavaScript access and increasing the risk of Cross-Site Scripting (XSS) attacks that could expose sensitive information such as session tokens. The issue was resolved by enabling the HttpOnly flag for XSRF-TOKEN and JWT cookies, preventing client-side scripts from accessing these cookies and reducing XSS risks. Additionally, client-side authentication was updated by replacing direct JWT cookie checks with two new dedicated endpoints.
5	Cookie without SameSite Attribute	Low	Fixed an issue where cookies were being set without the SameSite attribute, exposing them to potential Cross-Site Request Forgery (CSRF) attacks. Without this attribute, cookies could be sent in cross-origin requests, enabling malicious sites to exploit user sessions. This issue was resolved by initializing cookies, including those used for XSRF-TOKEN and JWT, with the SameSite=Strict attribute, ensuring they are only sent in same-site requests and mitigating CSRF risks.
6	Cookie without Secure Flag (JWT)	Low	Fixed an issue where the JWT cookie was not always set with the Secure flag, allowing it to be transmitted over unencrypted HTTP connections, which could expose it to interception and potential session hijacking. The issue was addressed by ensuring the Secure flag was applied based on the protocol. An environment variable has also been introduced as a fallback to override this condition, providing flexibility for different deployment environments.
7	X-Content-Type-Options Header Missing	Low	Fixed an issue where the server omitted the X-Content-Type-Options header, which could allow browsers to interpret files as a different MIME type, increasing the risk of content sniffing attacks. The issue was resolved by setting the X-Content-Type-Options header to nosniff, ensuring that browsers strictly adhere to the declared content types and preventing MIME type misinterpretation.
8	Information Disclosure - Debug Error Messages	Low	Fixed an issue where some API calls exposed full error stack traces, potentially revealing sensitive information about the application's internal structure. Proper error handling has been implemented now to ensure that only relevant error messages are returned, while full error details are securely logged on the server for internal debugging purposes.
9	Server Leaks Version Information via "Server" HTTP Response Header Field	Low	Fixed an issue where the web server exposed version details through the Server and X-Powered-By headers, which could aid attackers in identifying server software and exploiting known vulnerabilities. The fix involved removing the X-Powered-By header from all responses to prevent the exposure of server technology details.

Version 3.5.1

Date: 22nd November, 2024

To use the latest Pulse 3.5.1 version, you must upgrade your Docker version to 20.10.x or higher and perform the required migration steps. For more information, see Upgrade to Version 3.5.1.

Note This build is certified on the docker base deployment.

This section consists of enhancements introduced in this release.

Security Enhancement on the Pulse Agent Side: This release strengthens security on the Pulse Agent by enforcing strict file ownership and permissions within the directory. All the files have an owner defined by Acceldata and there are no file permissions given to other users.
Security Enhancement for the Template Files: This release enhances security by removing the default plain text passwords from the template or configuration files to avoid access to unauthorized users.
Support for Yarn Optimizer on the CDP distribution: Pulse now provides support for Yarn Optimizer on the CDP distribution by allowing you to configure the port details. For details about configuring the port, see Configure the OverCommit Timeout Value and Node ID Port.
Enhancement in Setting the Yarn Optimisation OverCommit Timeout Value: Pulse now improves the Yarn Optimization workflow by allowing you to configure the OverCommit Connection Timeout Value to the pipeline. If the optimization is not done within the timeout value due to the NATS connection issue or any other issues, the memory automatically gets reverted to the original value without any optimization to ensure system stability. For details about the configuration, see Configure the OverCommit Timeout Value and Node ID Port.
Upgraded the Postgres Version: This release upgraded the Postgres version from 12.X to 16.4, as the Postgres version 12.X has reached End-Of-Life now.
Removed the Agent Status Trend Chart: This release removes the Agent Status Trend chart from the Pulse Audit UI page as normally users are interested in knowing only the current status of Agents rather than tracking status trends over time.
Split the Agents Summary: This release splits the Agents summary into individual Agents Summary. The individual Agents Summary now shows the count of hosts for each Agent where the status is currently down.

Version 3.5.0

Date: 31st October, 2024

To use the latest Pulse 3.5.0 version, you must upgrade your Docker version to 20.10.x or higher and perform the required migration steps. For more information, see Upgrade to Version 3.5.0.

To upgrade to a newer version of Pulse 3.5.0, make sure that you are on the Pulse version 3.3.x or 3.4.x.

This section consists of new features and enhancements introduced in this release.

Introduced the Airflow Observability: Pulse now provides the observability capability for Apache Airflow including real-time monitoring of Airflow from StatsD metrics, detailed scheduler logs for easier debugging and analysis, and comprehensive tracking of DAG runs and related events. These observability capabilities enable efficient monitoring and management of Airflow workflows, ensuring better performance and reliability. For more information, see Airflow.
Introduced the YARN Optimizer Capability: The Pulse Yarn Optimizer capability is designed to enhance the performance of Yarn Clusters by optimizing the allocation of memory for yarn jobs, leading to a significant performance improvement. The Beta Yarn Optimizer capability is now generally available with improved configurations and dashboards. For more information, see Yarn Optimizer.
Introduced the Pulse Auditing Capability: Pulse now introduces an Auditing capability to show the Agent and Pulse statistics such as hosts where the Agent status is down, page login activity, the most viewed pages of Pulse, etc. For more information, see Pulse Audit.
Introduced the Kafka Connect Observability: The Pulse observability platform now observes Kafka Connect and its components such as Workers, Connectors, Tasks, etc. Also, monitors the entire data pipeline between Kafka and other systems, providing detailed insights into the nature and location of failures. These capabilities allow for quick corrective actions to resolve issues in the Kafka Connect. For more information, see Kafka Connect.
Introduced Kafka Cruise Control Observability: Pulse provides comprehensive observability of Cruise Control by monitoring key performance metrics to ensure optimal operation and resource utilization. These observability capabilities enable efficient monitoring and management of Kafka Cruise Control workflows. For more information, see Kafka Cruise Control.
Introduced the Schema Registry Observability: Pulse now provides observability capabilities such as monitoring the overall health and performance of the Schema Registry, providing insights into the percentage of successful and failed requests processed, the total number of errors encountered, etc. These observability capabilities enable you to ensure that the Schema Registry is scaled appropriately to handle the data load. For more information, see Schema Registry.
Introduced the NiFi Registry Observability: Pulse now provides the observability capability for NiFi Registry and raises an alert when the system hosting NiFi Registry is not active. For more information, see NiFi Registry.
Enhanced the NiFi Observability: Pulse now provides NiFi service details such as issues with the service, non-response, shutdown or startup view, etc. For more information, see NiFi.
Introduced the Impala Coordinator metrics: Pulse now provides the Impala coordinator metrics to create dashboards and alerts. For details about the available Impala Coordinator metrics, see Impala Metrics. For details about the newly added Impala alerts and the complete list, see Impala Alerts.
Introduced the New Action Service Runbooks: Pulse now introduces these three action runbooks to automate tasks: Perform HDFS Non Admin Operations, HDFS Top 10 Directories, and Kerberos. Also, the Actions Service workflow has been improved:
- Drag and drop multiple action runbooks on the Action Workflow box to create a single action plan.
- Send notifications to Email, JIRA, and Slack channels when the execution is completed.
- Schedule and Save action plans.
- In essence, when an alert is generated, Pulse automatically performs certain tasks and sends notifications to specific channels without requiring manual intervention. For more information, see Actions Service.
Support for Big Panda Notification Channels: Pulse now supports notifications via the Big Panda notification channel. For more information, see Big Panda Notifications.
Enhanced the Impala service: The Impala agent now collects Impala coordinator metrics. For more information about enabling the Impala data collection see Impala Connector and Configuring Pulse Agents.
Enhanced the HDFS Filtering Records Capability: Pulse now provides the following filter options on the HDFS > File Explorer page to filter files and folders:
- File Replication: Displays the file folders based on the selected file replication value for non-standard replication, that is, greater or less than 3.
- Using the Last Modified and Last Accessed options, you can now select the custom date range to fetch the older records.
Update in Deploying Playbooks: The steps used to deploy Playbooks using the command accelo deploy playbooks are no longer supported. For details about the new steps, see Deploy Playbooks.
Deprecated the accelo CLI commands: The following CLI commands have been now removed from the list of supported commands from the Pulse version 3.5.0:
- accelo admin database purge-db
- accelo admin database init-tsdb
- accelo deploy ad-sa-logsearch
- accelo deploy ad-sa-db
- accelo deploy fsa-es
- accelo admin recreate

In place of accelo admin database purge-db and accelo admin database init-tsdb commands, you can now use Gauntlet to clean up the data from MongoDB, which is enabled by default with the Pulse version 3.4.0.

Removed the flags from accelo set: The following accelo set flags have been removed effective this release:
- -c, --cluster string Cluster name to set
- -m, --multi-cluster Enable multicluster

This section lists the issues that have been resolved in this release.

Sr.No	Description
1	Resolved an issue with the HEAP MEMORY REGION SERVER dashboard under HBase, showing incorrect information.
2	Resolved an issue where the Kernel log alerts were not getting triggered on the Pulse deployed clusters.
3	Resolved an issue with the File Explorer page not loading data when the Fsanalytics component is migrated to a new server.
4	Resolved an issue with Impala metrics missing from the Impala dashboard page.
5	The issue with NiFi ElasticSearch missing authentication credentials is now fixed.
6	Resolved an issue with the HDFS log cleanup as Pulse now considers the provided path as is during the cleanup.
7	This release fixes the vulnerabilities reported in the Pulse 3.3.X release.
8	This release now includes the Impala runtime metrics. These metrics (such as hdfs read, hdfs write, memory spill, etc.) allow you to create custom alerts for running impala queries.

Last updated on

Was this page helpful?