Jelastic PaaS 1.9.1 Release Notes

This document is preliminary and subject to change.

Note: More info due to each feature will be added in the nearest future.

In this document you can find all the new features, enhancements and visible changes included in the Jelastic PaaS 1.9.1 release:

For detailed information on using any of Jelastic’s features, please refer to the users' documentation.

New Features

JCA improvements

  1. Improved billing history in JCA

    Managing your income becomes much easier with a new improved Billing history. Navigate to JCA>Billing to open graphs and tables displaying payments for each resource or some total costs. Using the Cost summary tab you can look through the payments for every type of basic resources (Fixed cloudlets, Flexible cloudlets, Flexible cloudlets, External IP, SSL, Billable Traffic). Cloudlets, Storage, External IP, SSL and Billiable traffic tabs provide you information due to the cost and the amount of resources consumed in two separate diagrams and tables.
    Just specify the desired period/interval for displaying detailed payment summary, type of users (free - for trial & beta users; paid - for billing users) and you’ll be shown the following information:
  • Invoiced - the amount paid by the specified type of users for the chosen resources;
  • Bonus - the amount of the chosen resources consumed by the specified type of users as bonuses;
  • Used (for Cloudlets tab only) - the amount of really consumed cloudlets (if a user states the amount of fixed cloudlets more than an application really consumes).

Hover over a particular period block of the diagrams to see the tables displaying the chosen type(s) of resources and the cost for each type separately, as well as the Summary cost.

More info

Back to the list of New Features

  1. Accessing Tools and Documentation from JCA

Being a partner of Jelastic you are provided with a wide range of additional tools and information. So not to face a problem of remembering all the needed links, now you can log in to the main sources right from your JCA panel.

Navigate to JCA > Tools and Docs.

There you can see a short description of each implemented tool with buttons for quick access to their dashboards and appropriate documentation:

  • Zendesk provides an integrated on-demand helpdesk. It is a customer support portal solution based on the latest technologies and design philosophies. This software suite enables customer support or support desk agents to receive, process, and respond to service requests.
  • Zabbix is the ultimate open source availability and performance monitoring solution. It offers advanced monitoring, alerting, and visualization features which are missing in other monitoring systems, even some of the best commercial ones.
  • Pentaho is a powerful business analytics tool. Through an interactive and easy to use web-based interface you can access analyzed and visualized data across multiple dimensions. Jelastic provides you with access to the Pentaho dashboard where a wide range of reports connected with the end-users are presented.
  • Graylog2 is an open source log management solution that stores your logs in ElasticSearch. Using this system you can easily view the current state of each service component, see the result of some changes made, get the logs for each component, subscribe for email notification, etc.

Except mentioned tools, from this JCA option you can easily access Jelastic hosters documentation.
No extra links to remember! JCA becomes even more hoster-friendly!

More info

Back to the list of New Features

  • Sleep results shown in JCA

To see the sleep results for some stated period of time navigate to JCA > Sleep. State the dates you are interested (Start/End date) in and Refresh. In the opened Sleep results tab the table with a following information is displayed:

  • Start and End Period - start and end dates that specify the interval during which the statistics are collected and shown in the table;
  • Envs With HttpRequests - a number of active environments that got at least one HTTP request during the stated period (due to Start/End date);
  • Envs Mentioned In Api Calls - a number of environments called by API method at least once;
  • New Active Envs - a number of environments created during a stated period (due to Start/End date);
  • Inactive Trial Envs - a number of trial account environments without any HTTP requests to application during a stated period (due to Start/End date);
  • Inactive Billing Envs - a number of billing account environments without any HTTP requests to application during a stated period (due to Start/End date);
  • Duration - a period of time between Start and End Period.

More info

Back to the list of New Features

Regulating the sequence of balance charging

One more quota which helps you to manage the billing process even more precise. With account.charge.balance.first quota you can regulate the sequence of withdrawing the funds from your users accounts. Navigate to JCA > Billing > Groups and open Quotas tab for the needed group of users. Find account.charge.balance.first quota and state the value respectively to the scenario of charging you prefer:

  • Value = 1
    In this case, the money from the main balance is taken first. When there are already no credits on the main balance, the bonuses (if there are any) are going to be spent.

  • Value = 0
    In this case, first of all the bonuses are used. Only when there are 0 bonus money, the main balance is going to be charged.

In such a way you can set this quota for some group of users. Also you can configure it just for some specific users through Users option in JCA.

More info

Back to the list of New Features

Config manager improvement

Your Jelastic environment consists of several application servers? In this case you can face the need to set some custom configurations for each of them separately.

Now Jelastic provides you with such a possibility.

Just click the Config button for your application server. The list of configuration folders will be opened as usual.

At the top of the opened tab now you can see a drop-down menu with a list of your servers. Choose the one you need and make the configurations. To apply the changes:

  • only for the chosen server click Save only for current instance button from drop-down menu;
  • for all the servers click Save.

In such a way you can choose whether you want to configure all the servers together or just some specific one.

More info

Back to the list of New Features

PostgreSQL 9.2.4 support

PostgreSQL is well positioned DB for building and running applications in the cloud. In Jelastic we implemented a new 9.2.4 version which provides you with a number of long-expected features:

  • Synchronous Replication: enable high-availability with consistency across multiple servers
  • Per-Column Collations: support linguistically-correct sorting per database, table or column
  • Unlogged Tables: greatly improves performance for ephemeral data
  • K-Nearest-Neighbor Indexing: index on “distance” for faster location and text-search queries
  • Serializable Snapshot Isolation: keeps concurrent transactions consistent without blocking, using “true serializability”
  • Writeable Common Table Expressions: execute complex multi-stage data updates in a single query
  • Security-Enhanced Postgres: deploy military-grade security and Mandatory Access Control
  • Foreign Data Wrappers: attach and query other databases from PostgreSQL
  • Cascading replication: enables users to run even larger stacks of horizontally scaled servers
  • JSON support: query results can be returned as JSON data types
  • Range Types support: allow developers to create better calendaring, scientific, and financial applications
  • Linear scalability to 64 cores, index-only scans, reductions in CPU power consumption, scalability and flexibility improvements etc. More information about PostgreSQL 9.2.4 security fixes you can find in the Security Issues block.

Also the Posgis module was enabled - a spatial database extender for PostgreSQL object-relational database. It adds support for geographic objects allowing location queries to be run in SQL. Also it provides a list of additional features which you can find here.

More info

Back to the list of New Features

CRON Scheduler

Cron is the time-based job scheduler. It enables users to schedule jobs to run periodically at certain times or dates. Cron is commonly used to automate system maintenance or administration.

In this release cron file was implemented to all compute and database nodes in Jelastic. You can run your programs at specified time with a help of scheduler, which receives your instructions and performs any tasks following derived scenarios.

Earlier a cronjob could be configured in Jelastic environment only using virtual dedicated server (VDS). Now you can perform periodic tasks without necessity to add VDS.

To set up cron just click Config button for your server. Open {server_name} file in cron folder and make all necessary settings.

To perform your script via cron upload it to home directory for your Java server, to directory with your application for the PHP server, or to scripts directory for your database.

The detailed information on cron configuration will be described in documentation.

More info

Back to the list of New Features

Scheduling backups for end user DBs

Scheduled backups are data backup processes which proceed automatically on a scheduled basis without additional computer or user intervention.

The advantage of using scheduled backups is obvious: instead of manual backups, a backup process can be run during off-peak hours when data is unlikely to be accessed, precluding or reducing the impact of backup window downtime.

With Jelastic you can backup your database(s) or just some tables in it right from the configuration files. Open the file in the cron folder and make the needed settings by stating:

  • frequency of the script evoking;
  • the path to the default script (available for MariaDB and MySQL) or to your own (you can upload it to the scripts folder);
  • your database username and password (you received them in the email after adding database to the environment);
  • if you want to backup several databases or some separate tables, then enter their names separated by commas.

After that save your settings and wait the time of backup you’ve scheduled. Then navigate to backup folder where you can see .bz2 files with all executed backups.

That’s all! Now you can be sure that all your data is being saved periodically and can be restored or reused.

Back to the list of New Features

Cutting database tables

Jelastic system includes hivext_statistic, hivext_jbilling and hivext_jelastic databases. As they contain a great amount of data including old functionality, the system performance can be slowed down.

To prevent reducing the speed, Jelastic implemented the system of periodical data cleaning. In such a way, some old functionality can be deleted to greatly increase the speed of the upgrades and the work with databases. Only the data of the destroyed users is the subject to deletion.

Respectively the following information is going to be cut from the database tables:

    • billing history;
    • hardnode statistics;
    • IP and SSL usage statistics;
    • list of actions performed through the dashboard;
    • list of actions performed through JCA.

    The time period of remaining the data stored is configured by the hoster. It can be set in days for each table separately:

    • for destroyed paid users;
    • for destroyed trial/beta users;
    • for platform data (hardnode statistics).

    Such settings will be specified in advance between a hoster and our Operations team.

    Back to the list of New Features

    Notification about running out of resources (Mem, Disk, CPU)

    While creating an environment a user states the cloudlet limits for each node. In such a way the resources are limited and the spends are regulated.

    When the traffic grows an application requests more resources for normal work. And if the limits stated by a user is too low, this can lead to the failure in the app performance. For such cases the notification about running out of resources is implemented.

    If application resource (Memory, Disk or CPU) consumption reaches an appropriate threshold a user receives the email notifications with a suggestion to increase the cloudlet limit.

    To configure such notifications navigate to JCA > Billing > Groups and open Quotas tab for the needed group of the users. There you can see several quotas connected with warnings about resource consumption:

    • the first warning:
      • resource.notify.warning.cpu (in %)
      • resource.notify.warning.memory (in %)
      • resource.notify.warning.disk (in %)
      • resource.notify.warning.duration (in minutes)
    • the second warning:
      • resource.notify.critical.cpu (in %)
      • resource.notify.critical.memory (in %)
      • resource.notify.critical.disk (in %)
      • resource.notify.critical.duration (in minutes)

    State the percentage the resources should reach for the notifications to be sent. Also state the amount of minutes during which the resource consumption should be of the mentioned above percent. In such a way the notification will be sent if during the specified time the resource consumption is that high as stated in the quota.

    More info

    Back to the list of New Features

    Netbeans IDE Plugin

    NetBeans is a free and open-source integrated development environment (IDE). It supports development of all Java application types (Java SE, Java ME, web, EJB and mobile applications) out of the box. All the functions of the IDE are provided by modules, which allow NetBeans IDE to be extended. Each module provides a well defined function, such as support for the Java language, editing, support for the CVS or SVN versioning system. NetBeans IDE contains all the modules needed for Java development in a single download, allowing the user to start working immediately. Jelastic team has created a plugin for NetBeans development platform that simplifies the process of application management and development in Jelastic Cloud platform. Using this plugin you can easily manage your environments, work with log files and contexts, develop and deploy your projects.

    More info

    Back to the list of New Features

    Generating direct URL for solution deploy

    You can provide your users with a direct URL for deploying solutions automatically. Such link can be generated by hoster and sent to the users as a promotion via emails. There are two kinds of direct URLs you can use:

    • with authentication requested
      Using this link a user is redirected to the Jelastic dashboard and right after entering credentials the deploy is started automatically:

    • with automatical authentication
      Such one time link redirects a user to the dashboard with no need to enter credentials. At the same time the solution deploy is started automatically. To generate such direct URL you should prepare a script for performing the algorithm described in the Solution Deploy URL & Widget document.

    More info

    Back to the list of New Features

    Software stack versions

    The component templates are updated to the latest versions:

    Tomcat 66.0.36
    Tomcat 77.0.37
    Jetty 66.1.26
    Java 61.6.0_38
    Java 71.7.0_11
    PostgreSQL 88.4.17
    PostgreSQL 99.2.4
    Centos 66.4
    NGINX PHP1.2.7

    More info

    Back to the list of New Features

    Security Issues

    1. Fail2Ban

    Fail2ban is an intrusion prevention framework written in the Python programming language. It is able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally (for example, iptables or TCP Wrapper). Generally Fail2Ban then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box jFail2Ban comes with filters for various services (apache, curier, ssh, etc).

    Fail2ban is installed on Jelastic servers and used to block selected IP addresses that may belong to hosts that are trying to breach the system’s security. Fail2ban operates by monitoring log files for selected entries and running scripts based on them. It bans any host IP that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator. After 3 attempts to connect to the container via SSH with incorrect credentials the IP-address of the user will be blocked.

    Back to the list of Security Issues

    1. Migration to CentOS 6.4

    CentOS is an enterprise-class computing platform derived from sources freely provided to the public by Upstream OS Provider (UOP).

    CentOS was updated to 6.4 version in Jelastic due to the following reasons:

    • a wide range of security improvements;
    • the latest version of VZ ostemplate is based on CentOS 6.4.

    More info

    Back to the list of Security Issues

    1. Update of MongoDB to 2.4.1

    MongoDB is a scalable, high-performance, open source, document-oriented database. In this release the new MongoDB 2.4.1 version was implemented. It provides you with a number of new features, which you can see below. Update to the 2.4.1 version includes the following security improvements:

    • Role Based Access Control and New Privilege Documents - role based access control system that provides more granular privileges to MongoDB users. 2.4.1 also introduces a new format for documents in a database’s system.user collection.
    • Enhanced SSL Support - instances can optionally require clients to provide SSL certificates signed by a Certificate Authority.

    More info

    Back to the list of Security Issues

    1. Update of phpMyAdmin

    Jelastic updated phpMyAdmin to 3.5.7 version to solve a set of security issues with fetching the version information from a non-SSL site, which was vulnerable to a MITM attack.

    Earlier to display information about the phpMyAdmin version on the main page, a piece of JavaScript was fetched from the website in non-SSL mode. In such a way a man-in-the-middle could modify this script on the wire to cause mischief.

    The updated version involves fetching a JSON file instead of JavaScript file that makes the process more secure.

    More info

    Back to the list of Security Issues

    1. Update php to 5.4.13 and 5.3.23

    PHP was updated to 5.4.13 and 5.3.23 versions in Jelastic. These update fixed about 15 bugs, including fixes for CVE-2013-1643 and CVE-2013-1635.
    The SOAP parser in PHP before 5.3.22 and 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions.
    ext/soap/soap.c in PHP before 5.3.22 and 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory.
    More info

    Back to the list of Security Issues

    1. PostgreSQL 8.4.17 and 9.2.4

    We implemented PostgreSQL 9.2.4 and updated the current version of the database to 8.4.17. This update fixes a high-exposure security vulnerability, such as:

    • possibility for a connection request containing a database name that begins with “-” to be crafted, that could damage or destroy files within a server’s data directory. Anyone with access to the port the PostgreSQL server listens on could initiate this request;
    • random numbers generated by contrib/pgcrypto functions were easy for another database user to guess;
    • possibility for an unprivileged user to run commands that could interfere with in-progress backups;
    • insecure passing of superuser passwords to a script;
    • usage of predictable filenames.

    Add PostgreSQL node to your environment and experience all the benefits of the updated versions.

    More info

    Back to the list of Security Issues

    Fixes and Improvements

    The following table lists the bug fixes in Jelastic PaaS 1.9.1

    JE-4723Ability to add external IP for trial account environment
    JE-4937Environments can’t be loaded after signing in
    JE-8573Error sometimes appears while installing xWiki from JPS
    JE-8624Fund History in JCA doesn’t show funds for PBA/PBAS methods
    JE-8761“Undeploy failed” error while deleting context
    JE-8771SSL Connection Error while trying to log in admin page by HTTPS
    JE-8773“Flexible pricing model is not supported for current user” error
    JE-8782When SSL is enabled a warning appears: WARNING: [SetAllPropertiesRule] Unknown macro: {Server/Service/Connector} Setting property ‘Disabled’ to ‘true’ did not find a matching property.
    JE-8859Can not upload nothing but .jar to lib folder
    JE-8876Container return error message: Warning: –directory (-d) option is undocumented and no-op. Use -rf for deleting non-empty dirs
    JE-8883Wrong parameter DISKINODES in all templates and existing containers after 1.9 update
    JE-8901Evacuation can not start
    JE-8932Missing public IP from ext.{hoster_domain} after environment falls asleep
    JE-8993502 - application down {Install applications using solutions}
    JE-9022Jetty app server does not delete old context automatically
    JE-9048Error appears while resetting MySQL password
    JE-9096Container returns error message after deploy: rmdir: /var/www/webroot/steins//index.php: Not a directory
    JE-9097Container returns error message: rmdir: failed to remove /var/www/webroot/api//aethas-api': Directory not empty
    JE-9100Container returns error message after deploy: /usr/lib/jelastic/libs/php-common-deploy.lib: line 70: [: missing `]'
    JE-9103Custom SSL works for ROOT context only in NginxPHP node
    JE-9165Missing public IP from ext.{hoster_domain} after account deactivated
    JE-9242Authentication Failed error while cloning project by link with port number
    JE-9421Wrong configuration of ssl.conf file for NGINX-balancer node
    JE-9461Can not add environment with ‘mysql.’ name to zone
    JE-9496Inability to awake sleeping environment by URL except App Server (entry point) link
    JE-9551Need to improve performance of Pentaho reports
    JE-9632iolimit and iopslimit are not set during node creation