3.15.0 Confluent release
Note on EPEL pysnmp issue for EL9
EPEL contains a broken vintage of python3-snmp, and this is reflected in the confluent rpm requirements, which may manifest as rpm conflicts. To resolve if the newer pysnmp is already installed:
# dnf --disablerepo=epel downgrade python3-pysnmp
To address ongoing dnf upgrades, filter the problematic version:
# dnf versionlock exclude python3-pysnmp-0:7.1.16-2.el9.noarch
ARM node enhancements
Management node repositories are now provided for ARM management nodes, improvements for ARM diskless images.
Fixed and enhanced support for ThinkSystem N1380 chassis
Support is improved for N1380 chassis and associated systems
Discovery support for more MegaRAC based systems
A variety of systems using MegaRAC can now do zero power discovery
Cisco NX-OS fix for discovery
A bug in the NX-OS switch support prevented successful discovery when using that platform, this has been remedied.
Diskless image changes
Untethered diskless images are now placed into zram on boot rather than on demand, making such environments more straightforward. This improves performance and reduces overall memory usage over time. Reduce cache pressure for tethered diskless to reduce cache usage for disk operation. A new ‘uncompressed’ method is also added, which has maximum memory impact for a modest bump in performance and more deterministic memory footprint.
Improved imgutil compatibility with containers
When running imgutil within containers, it will do more to ensure certain dependencies if possible.
SNMP privacy protocol may now be specified
`snmp.privacyprotocol’ attribute is now available to opt for AES privacy protocol, where supporetd
New automatic id.index attribute
There’s a new id.index attribute, which enumerates a number that may be used in expressions without having to rely upon number in naming schemes.
New attribute expression features
Attributes may now have ‘.replace()’ to substitute some string value for another, .upper() to uppercase the result, .lower() to lowercase, .block_number() and .block_offset() to make it easier to break continuous numbers into blocks.
Extend autoconsole to cover broader scenarios
If console.method is set to trigger autoconsole checks, it will now work even without SPCR if exactly one viable serial console is detected. Works for a number of servers as well as virtual machines.
Revised TLS certificate settings
The TLS certificates and authorities generated by confluent by default now comply with stricter compliance policies. This includes applying more constraints and changing to sha384 instead of sha256
Expanded TLS certificate management
Confluent can now manage XCC certificates, including autosigning XCC certificates on discovery. This occurs when the version of python cryptography is new enough, as is the case when installing confluent on el10.