Buscar

Este contenido no está disponible en el idioma seleccionado.

Chapter 4. Unsupported and deprecated features

download PDF

Cryostat 3.0 removes some features because of their high maintenance costs, low community interest, and better alternative solutions.

Target TLS certificate upload

The Security view of the Cryostat web console no longer offers a way to upload SSL/TLS certificates directly into the Cryostat server truststore. The Security view now only displays a list of certificates that have already been loaded.

From Cryostat 3.0 onward, new certificates must be added to the storage volume that Cryostat reads at startup. You can configure any new certificates by using the existing TrustedCertSecrets property in the Cryostat CR.

JMX target credentials passed through API requests

The X-JMX-Authorization header is no longer supported. This means that Cryostat no longer accepts API requests from target applications to allow Cryostat to authenticate itself and store credentials in memory for the duration of a JMX connection to an application.

From Cryostat 3.0 onward, JMX credentials for target applications are always stored in an encrypted database that is stored on a persistent volume claim (PVC) on Red Hat OpenShift. The Settings view of the Cryostat web console also no longer offers an advanced configuration for selecting which authentication mechanism to use.

Cryostat self-discovery

When you install Cryostat by using the Cryostat Operator or a Helm chart, Cryostat no longer discovers itself as a target application by default. In previous releases, Cryostat exposed a JMX port on a Kubernetes service and the Cryostat Operator generated credentials and assigned a TLS certificate to help secure this port.

From Cryostat 3.0 onward, the JMX port exposed by Cryostat is disabled and the corresponding Service port is removed, which means that Cryostat can no longer discover itself as a connectable target. This also means that Cryostat no longer appears in the target selection list or in the Topology view of the Cryostat web console.

Note

If you want to connect Cryostat to itself to check performance, you can create a Custom Target with the URL value localhost:0. This value instructs the JVM to open a local JMX connection to itself, without exposing a port to the network, which means that additional authentication and TLS encryption is unnecessary.

Cryostat Operator installation for a single namespace

Support is no longer provided for installing the Cryostat Operator in a single namespace or subset of cluster namespaces.

From Cryostat 3.0 onward, the Cryostat Operator can only be installed on a cluster-wide basis. Cluster-wide installation is the preferred mode for the Operator Lifecycle Manager and per-namespace installations are a deprecated feature.

Cluster Cryostat API

The Cluster Cryostat API is no longer supported. In this release, when installing a Cryostat instance by using the Cryostat Operator, you can no longer select a Cluster Cryostat option in the the Provided APIs section of the Details tab.

From Cryostat 3.0 onward, you can use the Cryostat API to create both single-namespace and multi-namespace Cryostat instances. When you install a Cryostat instance by using the Cryostat Operator, the Cryostat API now enables you to specify an optional list of target namespaces.

Red Hat logoGithubRedditYoutubeTwitter

Aprender

Pruebe, compre y venda

Comunidades

Acerca de la documentación de Red Hat

Ayudamos a los usuarios de Red Hat a innovar y alcanzar sus objetivos con nuestros productos y servicios con contenido en el que pueden confiar.

Hacer que el código abierto sea más inclusivo

Red Hat se compromete a reemplazar el lenguaje problemático en nuestro código, documentación y propiedades web. Para más detalles, consulte el Blog de Red Hat.

Acerca de Red Hat

Ofrecemos soluciones reforzadas que facilitan a las empresas trabajar en plataformas y entornos, desde el centro de datos central hasta el perímetro de la red.

© 2024 Red Hat, Inc.