Changelog Release 29.0.2 Release 29.0.2 contains a fix for a Jetty CVE, plus a number of bug fixes and small enhancements, including changes to user auth, Twin API, VMware, and running as non-root. The codename for Horizon 29.0.2 is Satanic Nightjar. Bug Update labelling in Configure Discover screen (Issue NMS-12992) Link to release notes in web Help / About needs updating (Issue NMS-13579) Twin logs doesn’t appear in ipc.log (Issue NMS-13731) Authorization changes not taking immediate effect (Issue NMS-13761) VMware sessions not correctly closed in all cases (Issue NMS-13774) Permission check in ./install -dis flags unwriteable files in the .git directory (Issue NMS-13778) Uncatched exception when importing a VMware virtual machine without an IP interface (Issue NMS-13781) opennms-webapp-hawtio %post chown errors (Issue NMS-13788) 29.0.1 minion should be RUNAS=minion (Issue NMS-13789) Missing RRD package definition in BMP persisting adapter (Issue NMS-13812) CVE-2021-28164: access to WEB-INF (Issue NMS-13832) Enhancement Dynamic Configuration of Trap Listener (Issue NMS-13564) Tracing support for twin communication (Issue NMS-13650) Document how to install from source (Issue NMS-13685) Improve Related Events box in Alarm detail page (Issue NMS-13749) Optionally include a table of event parameters on the event detail page (Issue NMS-13765) Remove link to wiki from the landing page (Issue NMS-13779) Add support for VMware 7.0.3 performance data collection (Issue NMS-13780) Release 29.0.1 Release 29.0.1 is a quick release outside of the normal schedule to address some bugs found in 29.0.0 mostly related to running as non-root, and Minion communication. The codename for Horizon 29.0.1 is Emu. Bug Kafka topics should start with OpenNMS Instance ID for Twin (Issue NMS-13733) opennms.spec file tries to find out if gid 1000 is used but doesn’t actually check hat (Issue NMS-13734) Events from Hardware Inventory Provisioning Adapter and SNMP Metadata Provisioning Adapter cannot be distinguished (Issue NMS-13735) Upgrade to 29: fix-permissions script fails changing ownership (Issue NMS-13736) Minion user not authorized to read from topic OpenNMS.Twin.Sink (Issue NMS-13742) opennms-plugin-provisioning-wsman-asset missing on Debian (Issue NMS-13747) Upgrade to 29: "$RUNAS is not set" (Issue NMS-13748) SNMP Metadata XSD does not allow multiple <config> elements (Issue NMS-13752) Enhancement Support multiple auth params for same SNMPV3 username (Issue NMS-13490) Add retry for RPC calls (Issue NMS-13652) Migrate Discovery settings from wiki into docs (Issue NMS-13730) Release 29.0.0 Release 29.0.0 is the first in the Horizon 29 series, introducing running as non-root by default, optimizations to Minion communication, time-series improvements, support for Cortex for storing flow data, and more. The codename for Horizon 29.0.0 is Turkey. Bug Add Validation for Metadata in Thresholds (Issue NMS-12689) Prometheus collector won’t process untyped metrics (Issue NMS-12717) Confd doesn’t replace telemetryd config in etc (Issue NMS-13265) The node and interface counters of the Evaluation Layer are incorrect (Issue NMS-13283) EvaluationMetrics.log is contaminated with non-related metrics. (Issue NMS-13284) Meta-Data cannot be deleted using UI (Issue NMS-13314) Maven: external HTTP insecure URLs are blocked (Issue NMS-13323) Installation with non-root user failes on CentOS 8 (Issue NMS-13415) Starting opennms with systemd as non-root fails with access denied for pid (Issue NMS-13417) Fresh install requires to run fix-permissions script for iplike.so (Issue NMS-13418) Docker not able to access etc overlay as non-root (Issue NMS-13436) The Info ReST endpoint is not showing the services status (Issue NMS-13437) Fix ipInterface PrimaryType Hibernate mapping (Issue NMS-13469) Relaunch of bin/opennms script as opennms user fails due to missing arguments (Issue NMS-13470) Reflected XSS in webapp notice wizard (Issue NMS-13496) IFTTT integration not working anymore (Issue NMS-13501) Minion stops processing flows with "Invalid packet: null" until restart (Issue NMS-13539) Components that use JavaMail unable to use TLS 1.2+ (Issue NMS-13636) Hardware information not displayed for some devices (SnmpMetadataProvisioningAdapter) (Issue NMS-13648) Lock contention when processing large volume of REST API requests (Issue NMS-13655) Clean unused data in srv001.txt and srv002.txt (Issue NMS-13657) Nodes with complex hardware configuration are not correctly rendered (Issue NMS-13660) automation cleanUpRpStatusChanges that references removed action with same name remains in default vacuumd-configuration.xml configuration (Issue NMS-13661) ALEC in distributed mode doesn’t start on Sentinel (Issue NMS-13664) property name importer.adapter.dns.reverse.level is incorrect in commented out example (Issue NMS-13670) Fix JtiTelemetryIT smoke test (Issue NMS-13687) START_TIMEOUT ignored when run from systemd (Issue NMS-13702) macOS Monterey: older OpenNMS branches do not start anymore (Issue NMS-13703) related events box in alarm detail shows all events when alarm has no node / interface / service / ifindex (Issue NMS-13705) SNMP Metadata Provisioning Adapter: wrong line in debian/rules (Issue NMS-13717) invalid permissions in /var/opennms on fresh install (Issue NMS-13725) JMS Twin doesn’t work with minion user (Issue NMS-13726) Remove reference to DHCP plugin from docs (Issue NMS-13727) GeoIP Provisioning Adapter: SubnetUtils does not support IPv6 (Issue NMS-13728) Enhancement Change the webUI so it runs as a non-root user easily and reliably (Issue NMS-1231) Create opennms user on install (Issue NMS-11970) syslogd as non-root user (Issue NMS-11982) opennms.service in non-root environment (Issue NMS-12005) opennms init script "runas" setting (Issue NMS-12007) TrapD won’t run as non-root user (Issue NMS-12026) non-root user:group file permissions (Issue NMS-12034) Documentation for reloadable daemons (Issue NMS-12611) Incorporate node related information to events and alarms topic in opennms-kafka-producer feature (Issue NMS-12778) Update Provisioning chapter (Issue NMS-12810) Create docs about Newts confd parameters (Issue NMS-13005) Allow OpenNMS Core service to run as non-root (Issue NMS-13016) Improve usability and self-contained features of the Kafka Producer payload for metrics (Issue NMS-13191) Upgrade Kafka components to 2.8.0 (Issue NMS-13264) Monitor localhost in a fresh install (Issue NMS-13313) Location dropdown on Add Node does not sort/filter (Issue NMS-13316) Persist monitor status in RRD (Issue NMS-13324) TSS 2.0: Improved Tag handling (Issue NMS-13356) Provide ability to store aggregated flow data from Nephron in Cortex (Issue NMS-13372) Investigate the Conversations related performance with Cortex & large amount of data (Issue NMS-13375) Nephron: Get rid of convo_key and grouped_by_key (Issue NMS-13377) Define Minion/OpenNMS Object replication Interfaces (Issue NMS-13401) Integrate Object replication with Trapd (for SNMPV3 Users) (Issue NMS-13402) Limit CollectionSet size in Kafka Producer to less than 1MB. (Issue NMS-13407) Remove remote repository dependencies during Minion OCI build (Issue NMS-13432) Implement gRPC broker for Object replication (Twin) (Issue NMS-13460) Implement ActiveMQ broker for Object replication ( Twin) (Issue NMS-13461) Implement In-memory broker for Object replication ( Twin) (Issue NMS-13462) Implement Kafka broker for Object replication ( Twin) (Issue NMS-13463) Changes to review bulk indexing with raw flow data (Issue NMS-13478) Grpc IPC and Twin should be able to run from the same port (Issue NMS-13487) Add Karaf Command to add query and publish Twin Objects (Issue NMS-13488) delete the opennms-tools directory (Issue NMS-13563) Upgrade Karaf to v4.3.2 (Issue NMS-13565) Support partial updates to Twin API (Issue NMS-13576) Optimize ip address handling in flow classification engine (Issue NMS-13577) optimize repeated reloads of the flow classification engine (Issue NMS-13580) The implementation of HealthCheck.performAsyncHealthCheck is not async (Issue NMS-13590) Add 'tag' argument to health-check command (Issue NMS-13592) Provide basic implementation for patch support for Twin (Issue NMS-13594) Show Link State when viewing links on the Enlinkd topology maps (Issue NMS-13619) Topologies menu (Issue NMS-13622) Documentation for the new feature persisting flows in Cortex (Issue NMS-13635) Discover LLDP topology on devices running MikroTik RouterOS (Issue NMS-13637) Drop SQS support (Issue NMS-13640) Remove Rest Client / OpenNMS Rest Health Checks on Minion (Issue NMS-13641) Update docs with Twin implementation (Issue NMS-13642) Check doc source for wiki links (Issue NMS-13688) Create Release Notes for Horizon 29 (Issue NMS-13700) Add Twin feature/strategy to conf.d/smoke test (Issue NMS-13701) GeoIP Provisioning Adapter (Issue NMS-13704) Allow PostgreSQL 14 (Issue NMS-13714) Add hint for time sync on OpenNMS components (Issue NMS-13724) What’s New in OpenNMS Horizon 29 Basic Horizon deployment