What's new in the YugabyteDB Anywhere v2025.2 LTS release series

What follows are the release notes for all releases in the YugabyteDB Anywhere (YBA) v2025.2 series. Content will be added as new notable features and changes are available in the patch releases of the YBA v2025.2 series.

For an RSS feed of all release series, point your feed reader to the RSS feed for releases.

v2025.2.0.0 - December 11, 2025

Build: 2025.2.0.0-b131

Third-party licenses: YugabyteDB, YugabyteDB Anywhere

Download

Highlights

We're excited to announce the key features and enhancements in the 2025.2.0.0 release, designed to improve performance, usability, and management of your database environments.

YSQL Audit Logs GA

Support for producing and exporting audit logs of PostgreSQL statements (which is often required for compliance with government, financial, or ISO certifications) to a log aggregator. This is based on the pgaudit extension.

For more information, refer to YSQL Audit Logs.

ARM processor support for Kubernetes universes GA

Added support for running Kubernetes-based universes on ARM CPUs.

For information on deploying on Kubernetes, refer to Create a multi-zone universe.

Support for LDAP/OIDC groups and custom roles in YugabyteDB Anywhere GA

Enhance Role-based Access Control (RBAC) by assigning custom roles to groups sourced from an OIDC-based Identity Provider (IDP) in a scalable and secure way.

For more information, refer to Support for LDAP/OIDC groups and custom roles in YugabyteDB Anywhere.

Relaxed Python version requirements in YugabyteDB Anywhere GA

YugabyteDB Anywhere Python version requirements have been significantly relaxed, thanks to the removal of Ansible dependency. This change simplifies deployment.

Improved time synchronization across nodes for on-premises, AWS, and GCP environments EA

Time synchronization across nodes has been enhanced through the use of the ClockBound library, resulting in improved P99 latency for certain workloads (those with near simultaneous writes and reads).

For more information, refer to ClockBound.

New features

  • CDC Observability. YugabyteDB Anywhere supports monitoring the status of replication slots when using PostgreSQL Logical Replication Protocol for Change Data Capture (CDC). GA

  • Azure support for multiple Resource Groups (one per region). Added support for Azure configurations with one Azure Resource Group per region (and also one network per Azure Resource Group), a configuration providing better network management and resilience. GA

  • Non-root installation of YBA. You can install YugabyteDB Anywhere as a de-privileged user; a root-privileged user is no longer required. This reduces friction and security concerns during initial testing, setup, and proof of concepts. GA

  • Kubernetes

    • Kubernetes immutability. Added support to deploy code via immutable Helm images instead of at runtime, eliminating the use of 'kubectl cp' to push executables into the pod or container. GA

    • Kubernetes service endpoint. For single-region universes in Kubernetes, added support for creating a unified service endpoint. This is in addition to the already-supported one service endpoint per availability zone (AZ). GA

    • Configurable common names for Kubernetes. You can configure a custom common name suffix for Kubernetes cert-manager. GA

    • Rotate certificates. Enables retry for the TLS toggle task in Kubernetes and resolves node task failure for ClientToNode only universes. GA

  • Backups with DDL. Backups succeed even when DDL changes are occurring during the backup process. EA

  • Export metrics. Support for exporting universe metrics to third-party tools for analysis and customization, and adds Dynatrace as a metric export sink. EA

  • CipherTrust support. You can now use Thales CipherTrust as the Key Management System (KMS) for encryption at rest. GA

  • Alerts. Removed the DB Queue Overflow Alert to reduce unnecessary alert noise and enhance user experience. EA

  • Adjusts backup directory structure to include Universe Name, enhancing multi-tenancy and DB portability. GA

  • Allows backup authorization for EKS using a service account annotated to each universe pod, eliminating the need for managing short-lived credentials. GA

  • Back up and restore YBA. Adds support for regularly scheduled backups of your YugabyteDB Anywhere installation for recovery in case of the loss of the node running your YugabyteDB Anywhere instance. Store backups in remote storage buckets, and restore from the YugabyteDB Anywhere UI. GA

  • Certify CIS-hardened RHEL 8 and RHEL 9 (x86) Facilitates running YugabyteDB with a CIS-hardened RHEL 8 and RHEL 9 image, enhancing security measures. GA

  • Backups now capture PostgreSQL users (aka roles) and their permissions (aka grants) (via API). EA

  • Allows dynamic flag validation in YugabyteDB Anywhere when upgrading flags for cloud and Kubernetes provider-based universes, using the 'validateFlagValue' RPC. GA

Known issues

  • For universes with only client-to-node encryption enabled, if you are rotating certificates, a restart is required; choose either the rolling or concurrent restart options. Do not use the Apply all changes which do not require a restart immediately option (which is selected by default) in this configuration.

  • Although the API documentation indicates that the getRawClientRootCA is a required field in UniverseDefinitionTaskParams, it's not mandatory. This error will be fixed in our automated API generation code in a future release. PLAT-19176

Change log

View the detailed changelog

Improvements

  • Enables built-in log rotation for Postgres and integrates logrotate for Prometheus, improving log management. PLAT-15663
  • Enables gallery image ID format validation for Azure provider in Java. PLAT-15964
  • Automatically deletes associated backup policies when a universe is removed. PLAT-17197
  • Excludes system_postgres database from the xCluster Add/Remove Tables display and keeps replicated_ddls hidden. PLAT-17904
  • Displays accurate database name for sequences_data table, replacing the pg schema with _. PLAT-18078
  • Enable volume encryption in YBA APIs and deprecate outdated fields. PLAT-18083
  • Allows skipping of already processed nodes during flag upgrade on retry, enhancing efficiency. PLAT-18146
  • Adds option to disable table-level metrics collection in YugabyteDB. PLAT-18210
  • Enables volume encryption support in the YBA UI and APIs. PLAT-18284
  • Streamlines AWS volume encryption with new CLI fields, removing deprecated options. PLAT-18380
  • Enables automatic bootstrapping for DR configurations in the UI. PLAT-18384
  • Adds a warning for users attempting to promote a standby using a backup older than 24 hours during HA failover. PLAT-18616
  • Removes flags createNewRootCA and createNewClientRootCA to prevent certificate rotation failure in the UI. PLAT-19080
  • Fixes the UI issue where toggling Encryption in Transit during Kubernetes universe creation incorrectly disables both client-server and node-to-node options. PLAT-19135
  • Enables running YBA in FIPS compliant mode, changing the hashing algorithm for user passwords and API keys, and migrating to FIPS validated Bouncy Castle version. PLAT-11945
  • Introduces UNIVERSE.DEBUG for specific debugging actions, enhancing access control. PLAT-14856
  • Enables scraping of internal otel metrics by YBA-I Prometheus. PLAT-16912
  • Adds a new metric to alert users hourly if the Encryption at Rest (EAR) key is invalid in any universe. PLAT-17266
  • Enables public access to the CipherTrust runtime configuration following QA qualification. PLAT-17315
  • Allows custom configuration of GCP connection draining timeout. PLAT-17356
  • Added a runtime flag, enable_backups_during_ddl, allowing control over running backups during DDL operations, and ensuring backups won't fail during a DDL since no catalogue version check is performed. PLAT-17392
  • Fixes AWS KMS exception logging. PLAT-17445
  • Allows retry and abort options for pause and resume universe tasks, with task versions instead of YBA version for comparisons. PLAT-17572
  • Introduces combined total_ysql_ycql_ops_per_sec and total_ysql_ycql_ops_latency metrics for YSQL and YCQL operations. PLAT-17751
  • Allows configuring the catalog upgrade admin ops timeout, now defaulting to 15 minutes. PLAT-17807
  • Allows custom values for service endpoints in operator universe CR to enhance flexibility. PLAT-18044
  • Adds OutlierDB support to metrics view and removes outdated code. PLAT-18272
  • Adds uninstall command details to yba-ctl help section for ease of use. PLAT-18377
  • Allows PA Installer to generate Sping overrides properties file, ensuring correct software directory path. PLAT-18547
  • Allows viewing and filtering of all available TP sinks by their export types using a new API. PLAT-18656
  • Expands supported Graviton instance types in YBA for InstaCart. PLAT-18781
  • Allows force rollback option in API for handling unexpected universe behaviour after detach operation. PLAT-18834
  • Shows a banner for cron-based universes needing an upgrade before v2025.2. PLAT-17422
  • Displays WAL status in CDC metrics for clearer stream expiry info. PLAT-18496
  • Enables viewing estimated sizes for support bundles in the YBA UI. PLAT-16312
  • Adds error logging for Azure load balancer backend pool updates to highlight potential permission issues. PLAT-17475
  • Allows creation of cross-cluster replication without a full table copy by making storage-config optional. PLAT-17555
  • Hides internal runtimeconfig keys from users during LDAP configuration. PLAT-17562
  • Removes code used for cross-compilation in the binary generation for CLI, aligning it with the machine's architecture. PLAT-17568
  • Corrects LDAPCustomerUUID runtimeConfig and enhances help text for group update command. PLAT-17619,PLAT-17651
  • Enables case-insensitive email comparison in YBA CLI. PLAT-17679
  • Masks API Token during register, login, and auth commands by default, unless user enables show-api-token flag. PLAT-17770
  • Removes otho8Aut prefix from PG log lines before export to customer sink in both PG logs and DBAL export. PLAT-18505
  • Introduces soft memory limits to the query log export API, enhancing control over log exports. PLAT-18552
  • Ensures correct backup intervals and adds validation for continuous backups, limiting frequency to less than 2 minutes and longer than 1 day, and restricting restores to empty YBA or backups less than 1 day old. PLAT-18816,PLAT-18839,PLAT-18793
  • Enables allow_connection_pooling by default. PLAT-19061

Bug fixes

  • Backups succeed even when DDL changes are occurring during the backup process. PLAT-17628
  • Enables rotation of self-signed and Hashicorp certificates in K8s universe using rolling, non-rolling, or non-restart upgrade options. PLAT-12143
  • Enable non-rolling toggling of TLS on Kubernetes universes for node-to-node encryption. PLAT-12508
  • Secures LDAP passwords in logs by redacting sensitive flags during operations. PLAT-12639
  • Includes universe name and DB name in backup directory structure for easier identification. PLAT-15459
  • Allows preflight checks to pass for nodes experiencing drift greater than 400ms. PLAT-15864
  • Enhances latency alerts to display affected node names and ensures alert thresholds are in milliseconds. PLAT-16426
  • Activates Role-Based Access Control in Unit Tests by default and updates overlooked API authorizations. PLAT-16494
  • Packages earlyoom into the node agent package during build. PLAT-16584
  • Adds a health check to verify earlyoom's functionality and mlock capability, along with a metric to count earlyoom kills. PLAT-16591
  • Introduce a runtime configuration flag for controlling features via the UI/API interface. PLAT-16593
  • Introduces protection for applying grants to nonexistent roles and supports ON_ERROR_STOP during restore. PLAT-16613,PLAT-16614
  • Switches SSL certificate verification to use fingerprint comparison, enhancing compatibility and reducing task failures. PLAT-16726
  • Brings back missing commits for xCluster DR, preventing setup failure when source has empty tables. PLAT-16771
  • Triggers full backup instead of incremental if a scheduled full backup is missed. PLAT-17116
  • Adds THP configuration parameters to legacy provisioning documentation. PLAT-17169
  • Removes restriction on xCluster table status metric, ensuring it's always reported even when tasks are running. PLAT-17290
  • Corrects per zone replica setting in geo-partitioned cases during K8s universe creation. PLAT-17374
  • Allows non-sudo users to set YNP in a fully manual provisioned universe using remote node tmp directory. PLAT-17391
  • Allows software upgrade in a 9-node 3 rf universe to follow user-defined batch size instead of upgrading one-by-one. PLAT-17420
  • Ensures TLS toggle and cert rotation manage YBC flags on dedicated masters. PLAT-17472
  • Eliminates collection of WARN logs in support bundles to save space as they duplicate INFO logs. PLAT-17480
  • Automates recovery from pending Helm upgrade status without needing manual intervention. PLAT-17485
  • Ensures YBA runs in UTC to maintain consistent timestamp handling. PLAT-17486
  • Increases the nproc limit to support larger T-Servers. PLAT-17490
  • Packages YBC as part of YBDB container image, offering built-in executable functionality for Kubernetes universes. PLAT-17505,PLAT-17500
  • Allows new YBC deployment flow and gflags upgrade via helm override, using pre-packaged YBC binary and mounted controller flag secret. PLAT-17506,EPIC-17500
  • Revamps YBA installer handling of self-signed certs, adding yba-ctl certs generate command. PLAT-17535
  • Enables users to configure Prometheus for remote write and HTTPS via yba-ctl. PLAT-17546
  • Automatically roll back universe edit if no new nodes are created, preventing nodes from being incorrectly marked To Be Removed. PLAT-17549
  • Enables BackupAdmin Role to perform old RBAC restore preflight checks. PLAT-17553
  • Prevents unnecessary reinstallation of node agent if root-level systemd is detected. PLAT-17665
  • Disables Yugabyte managed image bundles for air-gapped installations, requiring custom images instead. PLAT-17699
  • Enhances yba-ctl rollback to better handle filesystem and service restoration. PLAT-17717
  • Blocks installs and upgrades on systems with incompatible GLIBC versions. PLAT-17725
  • Enables appending a custom suffix to the CN field of certificates created by cert-manager. PLAT-17732
  • Adds support for setting up and maintaining the config in YBA for xCluster with DDL replication setup. PLAT-17775
  • Prometheus logs for YBA now write to the data directory, solving issues with permission and HA setup. PLAT-17877
  • Adds a check to block non-restart upgrades when universe nodes are in-transit. PLAT-17905
  • Allows hot reload of certificates on Kubernetes universes without restart during task changes. PLAT-17956
  • Enhances method to decide if use_sudo is needed for Ansible runbooks based on tserver status. PLAT-17963
  • Enables runtime config by default for rolling nodes in Kubernetes and VMs starting in 2025.1. PLAT-17966
  • Enables automatic DDL replication mode in the YBA UI for easier schema changes. PLAT-17969
  • Updates Java dependencies to address multiple CVEs. PLAT-17981
  • Upgrades the Cassandra client library to enhance security. PLAT-18007
  • Upgrades Ansible version to enhance security and prepare for its future removal. PLAT-18009
  • Upgrades braces to version 3.0.3 to prevent memory exhaustion. PLAT-18011
  • Disables the ddl replication for xCluster configurations by default to prevent exceptions. PLAT-18025
  • Ensures YSQL migration file consistency during upgrades and backups. PLAT-18057
  • Allows usage of k8s_parent.py script for container image-based YBC deployment. PLAT-18062,EPIC-17500
  • Prevents entire configuration restart when a database with more failed tables than healthy ones fails to replicate. PLAT-18073
  • Allows dynamic GFlag validation in YBA when upgrading GFlags for CSP and k8s-based universes, using the validateFlagValue RPC. PLAT-18095,PLAT-18097
  • Enhances node operations for on-premises nodes by conducting prechecks for node consistency and failing operations if Node not found condition arises. PLAT-18131
  • Speeds up backups by updating universe details when all nodes are upgraded, not just when the background task detects it. PLAT-18165,PLAT-18175
  • Allows use of node hostname on master to fix pg_upgrade and InitDb issues in Kubernetes with encryption enabled. PLAT-18177
  • Ensures safer K8s rollbacks by tracking tserver upgrades and flag settings. PLAT-18178
  • Removes the DB Queue Overflow Alert due to its frequent false positives causing more issues. PLAT-18185
  • Allows setting a higher open file limit, includes a license reading command, stops services in reverse order to avoid dependencies, and displays binary location in status output. PLAT-16518,PLAT-18186,PLAT-15718,PLAT-17373
  • Allows asynchronous upgrading of YBC throttle parameters through the UI. PLAT-18199
  • Introduces the immutable YBC flow in Kubernetes universes, allowing users to modify throttle parameters for immutable YBC on Kubernetes universes using a new async API. PLAT-18140,PLAT-18200,PLAT-18198
  • Enables retry for the Tls toggle task in K8s and resolves node task failure for ClientToNode only universes. PLAT-18136,PLAT-18208
  • Allows super users other than "cassandra" to perform LDAP database syncs. PLAT-18209
  • Fixes race condition by saving temporary root CA with a unique label, preventing constraint check failure during simultaneous root CA rotation for multiple universes. PLAT-18214
  • Corrects the propagation of earlyoom state in universe creation, ensuring it's not incorrectly enabled on new nodes. PLAT-18221
  • Default runtime flag validation now occurs as skip_runtime_gflag_validation default value is changed to false. PLAT-18228
  • Simplify flag validation during VM universe creation and include redaction in task logs for improved data privacy. PLAT-18096,PLAT-18233
  • Removes outdated Path sections and updates logging to use journal in systemd files. PLAT-18249
  • Ensures support bundles correctly collect flag overrides in Kubernetes environments. PLAT-18255
  • Prevents simultaneous run of promotion and demotion operations to avoid system instability. PLAT-18279
  • Enables customization of tserver liveness probes in the Helm chart. PLAT-18285
  • Introduces disk throttling support during backup/restore in YBC throttle parameters window. PLAT-18300
  • Adds retries to systemctl commands for better stability during service management. PLAT-18321
  • Ensures bootstrapping is always indicated as required for automatic DDL replication setups. PLAT-18344
  • Enhances switchover reliability by excluding replicated_ddls from replication prechecks. PLAT-18346
  • Allows specifying a custom home directory during YNP provisioning for on-premises auto-provisioning. PLAT-18347
  • Reduces lock scope in XClusterScheduler to prevent UI unresponsiveness during node failures. PLAT-18398
  • Prevents errors by checking PITR configuration existence before deletion. PLAT-18401
  • Allows tracking of client activities and identification of slow APIs through the new YBA web server access log. PLAT-18403
  • Ensures the UI reads tableId from sourceTableInfo for sequence data tables, resolving issues related to UUID truncation and comparison for equality. PLAT-18421
  • Allows users to configure cloud volume encryption at runtime. PLAT-18432
  • Disables DDL atomicity check for YCQL only universes to avoid unnecessary failures. PLAT-18442
  • Adds UI option for S3 "SIGNING_REGION" configuration behind a runtime flag. PLAT-18451
  • Allows restarts to be triggered when needed due to YBC flag changes by adding YBC flags annotation to tserver pod template. PLAT-18453
  • Allows deletion and recreation of PITR schedule during all upgrades, limiting xCluster DR operations during upgrade process. PLAT-18466
  • Corrects DR config issue for proper snapshot and retention settings. PLAT-18473
  • Reduces logical replication lag reporting issues by using cdcsdk_flush_lag metric. PLAT-18479
  • Changes query_id to string for compatibility in live queries. PLAT-18481
  • Updates xCluster schema change mode config descriptions for clarity. PLAT-18489
  • Prevents unexpected pod restarts during partial upgrades by setting the partition value as the number of pods, not 0. PLAT-18497
  • Allows installation scripts to run successfully as either root or non-root user, preventing permission errors. PLAT-18500
  • Allows toggling of TLS, hot certificate rotation, and updating of APIs for Kubernetes. PLAT-18502,PLAT-17695,PLAT-17696
  • Fixes the issue where the standby UI of YBA HA didn't respect UI restrictions for LDAP users, now correctly displaying a 401 error message for unauthorized requests. PLAT-18503
  • Disables misleading systemd precheck alerts for cron-based universes. PLAT-18515
  • Upgrades Postgres image in charts to address new customer-reported CVEs. PLAT-18517
  • Corrects text and suggestions for the xCluster command in the CLI. PLAT-18535
  • Accommodates future crypto policies by updating keys to use 3072 bits instead of 2048. PLAT-18556
  • Fixes the issue of excess masters by updating preflight checks and improving health monitoring. PLAT-18573
  • Adds support for the new use_privileges flag in YBC, enabling backup and restore of roles. PLAT-18588
  • Allows pausing and resuming of read replica clusters in Kubernetes deployments. PLAT-18663
  • Allows using yugabyte as the default SSH user in the provider creation page if left blank, specifically for on-premise manual configurations. PLAT-18666
  • Enables validation of NFS return codes in YBC for better error handling. PLAT-18671
  • Allows non-root users to correctly run yba-ctl status for global systemd. PLAT-18733
  • Solves the issue of not being able to rotate to a new certificate in an EIT enabled universe. PLAT-18794
  • Allows yb-server-ctl script to run successfully with system level systemd universes. PLAT-18804
  • Converts PKCS12 keystore to BCFIPS format and ensures compatibility with both JKS and PKCS12 format for java truststore file post-upgrade. PLAT-18815
  • Enhances error reporting for flag validation, ensuring all zones of every cluster get validated and display descriptive error messages for illegal value type errors. PLAT-18820,PLAT-18788
  • Allows individual certificate rotation on Kubernetes universe when either server or client cert is disabled. PLAT-18843
  • Allows TLS toggle, hot cert reload, and selection of different root certs for K8s universe, with enhanced API and UI options. PLAT-17695,PLAT-18791,PLAT-18502,PLAT-18845,PLAT-17696,PLAT-18237,PLAT-18790
  • Adds validation for flags during read replica cluster creation. PLAT-18859
  • Enables consistent TLS support for c2n on K8s universe by setting rootCa and clientRootCA the same. PLAT-18864
  • Enables non-restart certificate rotation for VM-based universes by passing the rolling-restart option. PLAT-18873
  • Streamlines CA certification error messages for K8s universes. PLAT-18979
  • Allows subdomain and CIDR support in YBA's custom proxy selector. PLAT-18925
  • Adds UI functionality to disable TLS in the creation of K8s universe. PLAT-18987
  • Refines Certs rotate API to create new root CA, avoiding reliance on null values. PLAT-18989
  • Fixes issue with creating a Kubernetes universe with TLS disabled and corrects payload generation errors. PLAT-19002,PLAT-18987
  • Ensures special characters in flag values are escaped to prevent bash-related errors. PLAT-19018
  • Allows client-to-node server certificate rotation in YBA UI. PLAT-19054
  • Allows non-bash method in ValidateGFlags command to simplify escaping of special characters. PLAT-19067
  • Simplify certificate rotation in K8s universe with support for c2n only TLS, resolving rotation failures. PLAT-19083,PLAT-18989
  • Prevents null pointer exceptions during backup restores in YBA. PLAT-17627
  • Enables password changes for ReadOnly and ConnectOnly roles via the reset_password API. PLAT-16734
  • Send notifications to users when changes, including password resets, are made to their accounts. PLAT-16735
  • Handles commas in TLS algorithm lists for different OS compatibility. PLAT-16931
  • Adds a critical alert for invalid THP settings on a node based on health check metric. PLAT-17170
  • Ensures Ansible provisioning validation works on Ubuntu by updating the scripting method. PLAT-17349
  • Enables retrying CreateUniverse for on-prem nodes by modifying preflight checks. PLAT-17368
  • Ensures YBA HA promotion success even if it fails midway after a restore. PLAT-17369
  • Ensures node updates during tasks won't overwrite live data with stale information. PLAT-17405
  • Enables the "Install Node Agent" action for on-prem universes with available SSH keys. PLAT-17436
  • Enables a UI banner to prompt enabling Node Agent auto-installation for convenience. PLAT-17437
  • Disables background node agent installer by default, but tracks universes needing migration. PLAT-17435,PLAT-17449
  • Reduces queue size for dead node agents' processor, minimizing delay in resolving unreachable state when connection is restored. PLAT-17518
  • Adds a field to track node agent status updates on universe nodes. PLAT-17520
  • Skips THP setting on CentOS 7 and AL2 to enhance stability. PLAT-17545
  • Simplifies running multiple shell commands in the node agent. PLAT-17625
  • Adds a critical alert to identify when RSS memory growth is due to incorrect THP settings, especially in busy servers. PLAT-17637
  • Ensures NFS backups in Kubernetes universes proceed despite minor errors. PLAT-17638
  • Removes the memory preflight check from node_agent in YNP. PLAT-17647
  • Enables skipping software download when starting a master node in UpgradeTaskSubType, if software is already present. PLAT-17661
  • Ensures collect_metrics.sh script re-uploads if a node name is reused. PLAT-17671
  • Corrects file ownership for files generated using templates when run as root user. PLAT-17701
  • Upgrades YBC to version 2.2.0.2-b5 for client and server. PLAT-17736
  • Adds two tasks for OSS Cluster to YBA universe migration and includes support to add sudoers. PLAT-17747
  • Updates outdated CRDs in the charts repo manually and sets up automation for future updates. PLAT-17749
  • Sets execute permission on core dump files for accurate reporting. PLAT-17750
  • Ensures node agent installs correctly on hardened images by fixing permission issues. PLAT-17777
  • Updates gonja dependency for Node Agent to support newer syntax style. PLAT-17783
  • Separates runtime configuration for existing and new Performance Advisor to prevent regression issues. PLAT-17842
  • Transfers preview flags checks to an asynchronous task to prevent universe creation timeouts. PLAT-17878
  • Allows synchronous installation of node agent during add, edit, and VM image upgrade tasks using a runtime config. PLAT-17892
  • Deprecates the "role" field in the Users API response. PLAT-17902
  • Enables manual flow control for Java node agent gRPC streaming to prevent buffer overflow. PLAT-17927
  • Upgrades setuptools to 78.1.1 to address high-severity CVEs. PLAT-17982
  • Enhances security by updating Go libraries to address multiple CVEs. PLAT-17983
  • Disables creation of new cron-based universes in backend, anticipating users have migrated to systemd. PLAT-17993
  • Enables platform systemd timers to start via node agent. PLAT-18029
  • Allows changing ports in CP even if pgsql_proxy_bind_address is set manually. PLAT-18058
  • Ensures YBA Installer works on RHEL8/9 by handling native libs correctly. PLAT-18081
  • Adds support for CRUD operations for CipherTrust KMS configs in CLI. PLAT-18102
  • Reduces large allocations in TabletClient with defensive measures and added logs for RPC operation details. PLAT-18106
  • Removes devops from the node-agent package extraction. PLAT-18149
  • Reduces buffer size to 1MB and switches to heap memory for easier management. PLAT-18164
  • Allows passing of request ID in node agent for easier debugging. PLAT-18171
  • Reduces high CPU usage by eliminating infinite loops in YBC upgrades. PLAT-18174
  • Clears the node agent error field after a successful heartbeat. PLAT-18176
  • Adjusts node agent to prevent JWT from expiring in less than a second during registration. PLAT-18187
  • Allows node agent to recommission on-premises nodes using absolute paths and conditional node-exporter disabling. PLAT-18196
  • Upgrades Prometheus in Helm charts to v3.5.0, addressing over 10 vulnerabilities. PLAT-18201
  • Allows creation of a pre-check binary to verify node agent and systemd activation for all universes. PLAT-18211
  • Allows externalizing node agent client connection parameters and enables grpc logging for easier debugging. PLAT-18224
  • Upgrades node_exporter to version 1.9.1, enhancing security. PLAT-18315
  • Removes enable field from NodeAgentEnabler and makes node agent mandatory in live nodes after migration. PLAT-18337
  • Simplifies earlyoom installation in onprem by removing incorrect and unnecessary script lines. PLAT-18412
  • Updates protobuf python dependency and setuptools for enhanced security and to fix high severity CVE-2025-4565. PLAT-18428,PLAT-17982
  • Allows overriding pgsql_proxy_bind_address to internalYsqlServerRpcPort when CP is enabled without restarting. PLAT-18434
  • Upgrades Go version to 1.24.6 and updates dependencies to enhance security. PLAT-18446,PLAT-18447
  • Adds retry mechanism for systemctl commands in node agent to manage unstable dbus connections. PLAT-18450
  • Allows server configuration via node agent by disabling ansible with the flag disable_configure_server set to false. PLAT-18492
  • Addresses CVE-2025-58367 with a Deep Diff update. PLAT-18557
  • Resolves an issue where stopped on-prem nodes were incorrectly removed from the blacklist after release. PLAT-18572
  • Fixes YNP's handling of settings to correctly replace lines in the file, preventing incorrect values after reboot. PLAT-18584
  • Excludes k8s universes during YBA upgrade precheck for node agents. PLAT-18586
  • Fixes rollback upgrade failure on OpenShift clusters by using pod config for cleanup. PLAT-18664
  • Fixes an issue causing failure in scaling up read replica cluster due to null pointer exception. PLAT-18703
  • Ensures checks for already enabled ybmaster service to prevent unnecessary crash loops. PLAT-18759
  • Sets default flags for Cost-Based Optimizer and read committed isolation levels on new clusters for version 2025.2. PLAT-18800
  • Allows installation of node agent on resume-universe for paused universes pending migration. PLAT-18847
  • Fixes issue with S3 cross-region bucket access due to AWS SDK upgrade, ensuring correct use of endpoint override for non-standard S3 endpoints only. PLAT-18936
  • Eliminates unreliable sudo access check and always installs service during node agent installation. PLAT-18940,PLAT-18881
  • Pass "ENABLE" opType to activate encryption at rest in new EAR workflow through the CLI. PLAT-18950
  • Adds a pre-upgrade hook to update password and prevent login failure during pg 11 to 14 upgrade. PLAT-18857
  • Upgrades Jinja2 to version 3.1.6 to address CVE-2025-27516 vulnerability. PLAT-18964
  • Fixes node agent installation failure for CSPs on Ubuntu. PLAT-19023
  • Corrects master state removal in node-agent by passing arguments accurately. PLAT-19086
  • Corrects the Switchover DR failure in older YBA versions by setting a default value for automaticDdlMode. PLAT-19136
  • Removes NGINX from YBA Helm charts in versions 2.14 to 2.20. PLAT-10837
  • Prevents client from making getUniverseLbState API calls while a task is active or before universe creation. PLAT-11782
  • Shows if YBA UI is running in FIPS mode through a new pill indicator. PLAT-12651
  • Adds more metrics for tracking read/write operations and latency on the tables metrics page. PLAT-14381
  • Enables configuration of continuous backup from the YBA platform admin tab, with the inclusion of a new backup storage config select field and a feature flag for activation. PLAT-14456
  • Add a restore backup feature in the YBA interface to support both cloud and local backups. PLAT-14457
  • Allows creating a one-time local backup of YBA through the user interface. PLAT-14484
  • Introduces a new folder structure for features using common components library in the Create Universe. PLAT-16231
  • Enhances user interface for Create Universe with tooltips, improved rank display, new review and summary step, better validation, error messages, and accessibility. PLAT-16236
  • Introduces a new Hardware Settings page in the Create Universe section. PLAT-16239
  • Adds a Database Settings page with options to enable YSQL, YCQL, and Auth, and manage Connection Pool and Ports. PLAT-16240
  • Adds a Security Settings Page with options for enabling node-to-node and client-to-node encryption. PLAT-16241
  • Enhances "Create Universe" workflow by integrating RBAC logic, adding new parameters, introducing validation schema for settings, fixing UI bugs, optimizing Single Node selection, and introducing a Preferred Info modal. PLAT-16244
  • Streamlines the Create Universe process with enhanced user experience and cleaner code. PLAT-16244
  • Upgrades yugabyte-core library to version 2.0.1 and adds data-test id's for all components. PLAT-16245
  • Fixes UI bugs and adds YBSmart tag component for region in Create Universe. PLAT-16245
  • Refactors UI validation, adds translations, and manages dependent fields in Create Universe feature. PLAT-16246
  • Adds missing time module import and a retry loopin AWS elastic IPs deletion script. PLAT-16802
  • Enables on-prem provider server-side validation by default and standardizes validation controls. PLAT-16934
  • Enables expanding K8s universe with OIDC enabled by using task params universe details, resolving Kubernetes config cannot be null error. PLAT-17053
  • Adds a scheduled task to store and monitor slow queries data in each universe's system_platform DB for performance comparison, with a retention period of 7 days. PLAT-17072
  • Adds logging to Azure provider validator and creates network interface in the same resource group as VM. PLAT-17115
  • Simplifies attach/detach flow by ensuring source and destination platforms are of the same version. PLAT-17125
  • Refactors YBClient usage to consistently use try-with-resources, enhancing memory leak prevention. PLAT-17164
  • Enhances IP validation in multi-cluster deployments for accuracy. PLAT-17205
  • Enables updating server flags directly in the node agent. PLAT-17217
  • Reduces the occurrence of exceptions during load of previous results by shifting node_health process stats from /tmp. PLAT-17219
  • Enables software installation and certificate upload after package download in the node-agent. PLAT-17221
  • Streamlines the software upgrade process by enhancing the tserver check and ensuring the new API supports rollback requests. PLAT-17254
  • Allows for universe key rotation validation after recreating a new key with the same name, preventing later failures. PLAT-17264
  • Shifts Attach/Detach APIs to v2 for CLI support, includes custom vendor extensions, and marks v1 APIs as deprecated. PLAT-17294,PLAT-17285
  • Enables setting of custom NTP server in the provider for universe creation. PLAT-17303
  • Enables task checkpointing with an optional runtime flag for easy disabling. PLAT-17325
  • Adds checkbox to filter PgAudit logs from support bundles to protect sensitive data. PLAT-17371
  • Allows concurrent GFlag upgrades without displaying server delay in the UI. PLAT-17379
  • Writes PG upgrade check logs to a temporary file for better error parsing. PLAT-17418
  • Allows accurate display of master placement changes in the modal when moving from dedicated to colocated masters. PLAT-17443
  • Integrates old Gflag UI with necessary modifications in database settings. PLAT-17460
  • Enables FIPS compliance through Helm by passing -Dorg.approved_only=true to Yugaware via YBA K8S helm chart. PLAT-17482
  • Preserves reserved on-prem nodes in memory until transaction success, allowing for potential retries. PLAT-17499
  • Enables Istio compatibility for TLS-enabled YugabyteDB clusters. PLAT-17513
  • Ensures custom pre-provisioning hooks run before any software installations. PLAT-17531
  • Enables new task details user interface by default. PLAT-17541
  • Adds support to modify disk rate limiting parameters on YBC via an API, and introduces new runtime configs for controlling disk I/O read/write bytes per second. PLAT-17560
  • Adds CLI support for attach/detach APIs, currently under the PREVIEW feature flag. PLAT-17564
  • Implements configure server and setup provision in node-agent, leaving otel-collector installation and cgroups setup. PLAT-17577
  • Ensures arrow key presses do not change tabs when using the support bundle modal. PLAT-17578
  • Adds support for configuring otel collector for universe using node-agent. PLAT-17613
  • Introduce cgroup setup RPC in node-agent for smoother operations. PLAT-17614
  • Enables server destruction for on-premises setups using Ansible in the node agent. PLAT-17655
  • Resolves pod restart issues during Kubernetes volume resize combined with other spec changes. PLAT-17659
  • Fixes the tablespace backup issue by correctly setting backup flags. PLAT-17682
  • Ensures restore preflight fails correctly when PITR is out of window. PLAT-17719
  • Exits early if a YNP node cannot connect to YBA. PLAT-17734
  • Incorporates waitForServerReady into universe creation task to ensure stable tablet operation. PLAT-17741
  • Updates minimum version for PG-15 upgrade to 2024.2.3.0. PLAT-17752
  • Resolves inconsistency in displayed instance type changes during smart resize, ensuring accurate tag representation. PLAT-17755
  • Ensures UI updates correctly when preflight checks fail during Linux upgrades. PLAT-17756
  • Allows admin users to view detailed subtask list under task details. PLAT-17761
  • Expands GLIBC precheck compatibility for various system versions. PLAT-17784
  • Resolves broken retryability and rollback issues during the PG-15 software upgrade in K8s. PLAT-17798
  • Enables resource reservation for Azure, grouped by instance type and region, which can be activated for operations like CREATE, EDIT, RESIZE, and RESUME. PLAT-17801
  • Adds resource reservation feature for AWS in YBA, grouped by instance type and region, but disabled by default. PLAT-17804
  • Adds Dynatrace as a metric export sink, custom prefix to all metrics, and validation for telemetry providers. PLAT-17818,PLAT-17830,PLAT-17823
  • Adds a new API for metrics export and incorporates a task to install otel collector if needed. PLAT-17833,PLAT-17825,PLAT-17824,PLAT-17817
  • Fixes an issue where GCP validation fails with null during universe key rotation. PLAT-17843
  • Ensures software upgrades correctly rollback by preserving the initial autoflag version. PLAT-17854
  • Now includes pg_upgrade_dump*.log and init db logs in the support bundle for easier PG11 to PG15 upgrade troubleshooting. PLAT-17855
  • Enhances backup reliability by preventing hangs during master address resolution failures. PLAT-17886
  • Adds configurable soft and hard memory limits to otel collector in config and systemd service files. PLAT-17827,PLAT-17897,PLAT-17828
  • Adds OpenShift compatibility to Helm charts via the ocpCompatibility.enabled flag. PLAT-17919
  • Enables OpenShift compatibility for Helm charts by using ocpCompatibility.enabled flag. PLAT-17919
  • Prevents Universe Overview page from crashing when retrieving LB state details fails. PLAT-17921
  • Adds a check to avoid null pointer exception when unable to fetch taskInfo. PLAT-17926
  • Allows getting the pricing of the universe before its creation via the POST universe_resources API in v2 APIs. PLAT-17939
  • Ensures YBA upgrades from 2.18 to 2025.1 handle migrations correctly on first attempt. PLAT-17940
  • Increases PG catalog operations default timeout to 1 hour for all universes. PLAT-17987
  • Adds a point-in-time recovery (PITR) warning to the database upgrade process. PLAT-17997
  • Enables architecture selection during On-Prem Universe deployment. PLAT-18036
  • Corrects issues with server flag configuration, OIDC key uploads, and folder symlinking during software upgrades. PLAT-17922,PLAT-18046,PLAT-17930
  • Adds a check to ensure correct otel collector placement when the config file is disabled. PLAT-18061
  • Adds an API to display if a YBA instance complies with FIPS in the UI. PLAT-18063
  • Automatically enables FIPS during universe creation on FIPS enabled systems. PLAT-18064
  • Hides LDAP passwords in the YBA flags configuration UI to enhance security. PLAT-18069
  • Allows connection pooling and flag groups in the v2 create universe API. PLAT-18072
  • Ensure local build uses craco instead of react-scripts, fixing import alias issue and preventing orphaned processes. PLAT-18076,PLAT-18075
  • Ensures appropriate utility versions for ARM architectures during Node Agent setup. PLAT-18093
  • Eliminates universe creation failures due to missing Node Exporter in primary read replica in on-prem environments. PLAT-18103
  • Refactors Hardware & Proxy Settings code and fixes UI/UX issues on the same page in Create Universe. PLAT-18115
  • Restores from backups now compare against the earliest snapshot time for accuracy. PLAT-18117
  • Updates YugabyteDB to version 2.2.0.2-b9, supporting backups during DDL. PLAT-18120
  • Uses pod-specific configuration to execute commands, enhancing permission accuracy during upgrades. PLAT-18121
  • Ensures correct kubeconfig is used when adding a new AZ in Kubernetes setups. PLAT-18154
  • Upgrades OAuth2 in Go services to fix a CVE. PLAT-18193
  • Switches Onprem Node Reprovision task from using Ansible to YNP. PLAT-18202
  • Allows new nodes to use the updated image by ignoring the machine_image in the edit universe flow. PLAT-18203
  • Enables Azure backups to operate correctly with subdirectory specifications. PLAT-18207
  • Enables yugaware precheck to confirm all universes use node agent for upgrades >=2025.2. PLAT-18212
  • Restores old backups correctly without migration errors. PLAT-18235
  • Integrates the review page with the backend API for Create Universe, adding PG Compatibility and fixing checkbox height. PLAT-18240
  • Introduces UI support for Dynatrace telemetry provider, along with a new column to show universes using specific export configurations. PLAT-18262
  • Increases YBC client and server version to 2.2.0.2-b12, fixing a race condition and dangling pointer issue. PLAT-18271
  • Allows user-specified task time-out to apply to async tasks, improving execution time control. PLAT-18275
  • Adjusts the config template file for correct PA service startup path. PLAT-18277
  • Enables PgAudit log filtering by default in support bundles, with an option to include via UI checkbox. PLAT-18302
  • Offers corrected region tags and map coordinates in the Create Universe feature. PLAT-18327
  • Update YBC client and server to the new version 2.2.0.3-b5. PLAT-18340
  • Enables successful PG-15 upgrades with DB audit logging. PLAT-18358
  • Ensures the Yugabyte home directory in the on-prem provider matches that on the DB node to prevent errors. PLAT-18366
  • Enables database metrics export functionality in the YBA UI with an added metrics export modal. PLAT-18369
  • Restores now allowed even with conflicting tablespaces detected, unless unsupported tablespaces are present. PLAT-18423
  • Increases success marker download timeout and makes it configurable using the flag ybc.success_marker_download_timeout_secs. PLAT-18429
  • Fixes symlink issues to prevent rolling restart failures in OpenShift. PLAT-18433
  • Adds new Mexico regions to YBA metadata files in both AWS and GCP. PLAT-18436
  • Fixes capacity leakage during universe creation failure and improves deletion in certain edge cases. PLAT-18440
  • Ensures YNP Onprem provisioning supports custom home directories. PLAT-18445
  • Prevents null pointer exceptions during continuous backups when the last backup record is null. PLAT-18449
  • Enhances stability by ignoring irrelevant index table IDs in the list universe tables API with xClusterSupportedOnly=True. PLAT-18485
  • Simplifies Perf Advisor Service setup by always running it in dedicated mode and removing withPlatform option. PLAT-18509
  • Removes the need to search for pa folder in perf-advisor and ensures correct installation by initializing version string. PLAT-18512
  • Shifts runtime configuration to provider level for enhanced flexibility. PLAT-18518
  • Fixes version check for dump_role_check in backups to apply flags correctly. PLAT-18533
  • Blocks database restore during the monitoring phase for all upgrades. PLAT-18555
  • Ensures Prometheus correctly uses self-signed certificates in HTTPS mode. PLAT-18561
  • Refactors tablespace handling during restore and enhances UI feedback for conflicts or unsupported tablespaces. PLAT-18565
  • Renames export log components to export telemetry to support both logs and metrics. PLAT-18574
  • Allows automatic rollback and retries on capacity reservation failures, and ensures unused resources aren't paid for. PLAT-18585
  • Adds tooltip, placeholder and helper text to Dynatrace telemetry provider form for enhanced user experience. PLAT-18589
  • Ensures the ybp_universe_connection_pooling_status metric is consistently exported, even when the universe is paused. PLAT-18590
  • Corrects the format of the query parameter for universe task list fetch. PLAT-18592
  • Allows picking any live tserver when the master leader node is unavailable during a PG-Upgrade check. PLAT-18618
  • Allows PITR configs to stay enabled during upgrades without necessary finalization. PLAT-18619
  • Moves Perf Advisor's JAVA spring properties to the installer template, sets JAVA environment variable for new VMs, and aligns service names. PLAT-18622,PLAT-18583
  • Ensures AWS KMS Endpoint and S3 Bucket Host Base include https scheme when overriding endpoints. PLAT-18625
  • Allows SSH access to DB nodes using yugabyte user directly in RHEL 9 by fixing Selinux labeling issue. PLAT-18631
  • Export configuration options now filter based on the required support for logs or metrics export. PLAT-18654
  • Revamps the metrics export attributes processor to include exporter tags and manage scenarios with no added attributes. PLAT-18657
  • Updates the -netty-shaded to version >=1.75.0 to address CVE-2025-55163 and upgrades -security-crypto from version 5.8.16 to 5.8.18 or higher. Also, migrates spring libraries from 5.x to 6.x. PLAT-18658
  • Allows access to the telemetry providers page if either metrics export or audit logging is enabled. PLAT-18660
  • Allows metrics export enabling on a fresh universe by conditionally setting install_otel_collector to true. PLAT-18662,PLAT-18661
  • Fixes an error in CLI describe output when accessing latest flags without setting the environment variable. PLAT-18672
  • Fixes issue where creating a universe with EBS encryption led to incorrect cmk id on volumes. PLAT-18718
  • Allows skipping universe ownership validation if the universe is incompatible with the check, such as for old or non-YSQL universes, or if the yb.attach_detach.enabled runtime configuration is not enabled. PLAT-18725
  • Upgrades java dependencies to fix multiple vulnerabilities, including a Denial of Service issue and Netty's MadeYouReset HTTP/2 DDoS vulnerability. PLAT-18659,PLAT-18737
  • Integrates regex to enable volume stats metrics matching in OCP. PLAT-18763
  • Adds support for Python 12 and 13 in YBA installer. PLAT-18765
  • Enables CipherTrust Key Management System (KMS) runtime configuration by default. PLAT-18770
  • Marks all telemetry provider APIs as preview, excluding the query logging API, and sets the DBME runtime config metrics_export_enabled as public but disabled by default. PLAT-18772
  • Allows node exporter installation for non-login users without failure. PLAT-18782,PLAT-18639
  • Adds common attributes to database metrics export for consistency with audit and query logs. PLAT-18808
  • Adds additional warnings to backup restore process, updates user-facing text for clarity, integrates stricter access controls for backups, and improves UI error reporting for invalid backup intervals. PLAT-18841,PLAT-18812,PLAT-18819,PLAT-18818,PLAT-18858,PLAT-18836
  • Ensures correct disabling of Otel process after stopping metrics/logs export. PLAT-18888
  • Mark attach/detach APIs as preview instead of internal, affecting detach universe, attach universe, and delete attach detach metadata. PLAT-18898
  • Ensures Otel runs on newly added nodes in the universe after enabling metrics export and rectifies the validate function. PLAT-18908
  • Allows Otel health checks to function correctly even when DBME is disabled. PLAT-18928
  • Fixes three issues with the attach/detach feature: prevents unnecessary copying of ybc releases, ensures non-null expiry date, and properly sets universe uuid for backed up universes. PLAT-17078,PLAT-17256,PLAT-9573
  • Allows for handling an empty string as null in case of k8s releases to avoid parsing exceptions. PLAT-18999
  • Allows successful backup restoration on Kubernetes by ignoring node-agent releases. PLAT-19026
  • Turns on the audit_logging_enabled flag by default. PLAT-19032
  • Sets default resources for yb controller and yb cleanup containers to 1 CPU and 1GB memory. PLAT-11861
  • Adds KMS configuration names to EAR expiry alerts for clearer identification. PLAT-15668
  • Adds support for Python versions 3.6 and above, including 3.12, by installing setuptools and pywheel using .whl files and introducing a new flag use_system_python for system python usage. Ends script if venv isn't settable. PLAT-16111
  • Enable users to set latitude and longitude during custom region setup in YNP. PLAT-16184
  • Adds Encryption in Transit field in Security Settings and Connection Pool field in Database Settings with ports override feature. PLAT-16241,PLAT-16240
  • Adds Advanced/Proxy Settings and Advanced/Other Settings pages for universe creation with deployment ports, user tags, and additional options. PLAT-16242,PLAT-16243
  • Ensures query call counts exceed integer limits by using long data types. PLAT-16470
  • Allows capturing memory usage of top non-YugabyteDB processes on nodes, with configurable number of processes. PLAT-17159
  • Adds a loading indicator and feedback message when applying K8s overrides during universe creation. PLAT-17174
  • Fixes incorrect updates in ysql_pg_conf_csv after a concurrent flag upgrade and removes unnecessary red dot in the Actions dropdown of the Overview page. PLAT-17181
  • Adds LDAP configuration via CLI and allows users to override the default domain name in the universe specification using the Kubernetes operator. PLAT-17265
  • Enhances handling and defaults of YBA installer configs. PLAT-17426,PLAT-17361
  • Resolves conflict between old and new versions of Leaflet in platform and yugabyte-ui-library. PLAT-17438
  • Allows configuring the timeout for PostgreSQL upgrade checks, defaulting to 600 seconds. PLAT-17473
  • Allows YBC installation through the node-agent. PLAT-17511
  • Enables linger to prevent systemd failures during service launches. PLAT-17556
  • Enables the addition of Geo partitions during universe editing. PLAT-17598
  • Shows original messages for failed tasks for better clarity. PLAT-17626
  • Removes "Use SystemD" option from the Create Universe workflow. PLAT-17779
  • Enable yb.skip_version_checks to bypass software upgrade version checks. PLAT-17780
  • Revamps YSQL and YCQL metrics chart for better visibility and readability. PLAT-17788
  • Allows node_agent RPCs by default, replacing ansible for configuring nodes. PLAT-17849
  • Updates YBA dashboards to display new Master RPC metrics. PLAT-17851
  • Fixes overlapping issue of checkbox and upgrade modal in Kubernetes. PLAT-17856
  • Retry of EditUniverse task now works correctly even when a node is in a terminated state. PLAT-17881
  • Adds options to set IP preferences and custom arguments in service configurations. PLAT-18055,PLAT-18045,PLAT-18054
  • Returns a 503 error when attempting to submit tasks while the system is in a shutdown state. PLAT-18065
  • Adds subtask execution time display on UI and refactors API endpoint for enhanced performance. PLAT-18074
  • Displays the current directory in the system prompt to reduce confusion. PLAT-18155
  • Enables creating and using custom Kubernetes regions. PLAT-18243
  • Fixes sensitive data exposure, helm template failure, and kubectl diff failure in Kubernetes. PLAT-18356,PLAT-18325
  • Allows filtering and adding of specific scrape configs to the otel config generation pipeline. PLAT-17832,PLAT-18357,PLAT-17831,PLAT-17899
  • Adds support to Restore API for erroring out if tablespaces with same names already exist. PLAT-18392
  • Enables publishNotReadyAddress for all cases, ensuring DNS records for not-ready pods remain available. PLAT-18438
  • Introduces a bloom usefulness graph to outlier table/database views, enhancing metrics panel with rocksdb_bloom_filter_checked and rocksdb_bloom_filter_useful metrics. PLAT-18443
  • Defaults to operator's namespace if no namespace is set in the provider's custom resource in Kubernetes. PLAT-18532
  • Allows choosing disk type for boot disk based on volume type for c4(d,a) and n4 instance types. PLAT-18546
  • Fixes Prometheus startup issue on Ubuntu by adjusting redirect commands and logrotate timer frequency. PLAT-18587
  • Adds more validation to prevent scrape interval from exceeding scrape timeout and removes unnecessary fields from the DBME API. PLAT-18735,PLAT-18736
  • Hides the node agent installation banner for k8s universes where it's not required. PLAT-18869
  • Allows group_mapping_rbac_support flag by default, matching the default enabled status of RBAC. PLAT-18717
  • Removes unnecessary custom serializer and deser from PlatformInstance. PLAT-19709
  • Enables creating Kubernetes providers using the kubectl interface. PLAT-12862
  • Allows specifying node placementInfo in a universeCR for fine-grain control over pod placement across different zones. PLAT-12863
  • Enables importing existing universes created via UI into the operator for efficient workflow management. PLAT-12874
  • Allows editing PITR retention period directly from the DR config modal in YBA UI. PLAT-15144
  • Allows filtering of users in the GET list user API based on email addresses. PLAT-15811
  • Enable OIDC CRUD operations using CLI commands for smoother user management. PLAT-16132
  • Adds CLI commands to list, describe, download, and delete support bundles. PLAT-16362
  • Enables the creation of support bundles via the YBA CLI. PLAT-16363
  • Allows custom TLS certificate management and integration with Cert Manager in Kubernetes and Openshift environments. PLAT-16381
  • Allows disabling of otel health check when audit logs are turned off. PLAT-17095
  • Resets provider state if locked during the UpdateProviderMetadata task, preventing intermediate states. PLAT-17113
  • Ensures only Running tables are added to xCluster replication edits. PLAT-17387
  • Enables Single Sign-On (SSO) login through the Command Line Interface (CLI). PLAT-17410
  • Reduces wait times between pod rolling restarts and skips prechecks on task reruns for operators. PLAT-17412,PLAT-17413
  • Simplifies enabling and disabling of connection pooling for dual NIC cases, resolving issues with wrongly formed host addresses. PLAT-17417
  • Adds hyperscalar storage options and IOPS details for GCP dedicated mode. PLAT-17441
  • Resolves issue where XCluster edit command incorrectly removes tables from replication. PLAT-17521
  • Ensures PYTHON_EXECUTABLE is set for ntpd service checks in clock-skew configuration. PLAT-17524
  • Simplifies yba-ctl configuration by organizing all related code into a dedicated template package. PLAT-17536
  • Sets default values for new config structs, eliminating the need for complete fill-outs. PLAT-17537
  • Ensures yba-ctl clean succeeds even with incorrect configurations. PLAT-17547
  • Allows KMS config to be directly included in the universe creation process without separate input. PLAT-17581
  • Stores upgrade details like finalizeRequired and ysqlMajorVersionUpgrade in the audit table to facilitate smoother transition for YBM, even when auth is disabled in userIntent but enabled through flag override. PLAT-17586,PLAT-17244
  • Ensures HTTP requests redirect to HTTPS when collecting dump entities in TLS-enabled k8s environments. PLAT-17587
  • Adds Loki exporter support for DB Audit logging under the runtime flag allow_loki. PLAT-17280,PLAT-17279,PLAT-17664
  • Solves an issue where replace and decommission node operations fail due to non-existing nodes. PLAT-17669
  • Adds validation to Loki config creation to ensure readiness for log reception. PLAT-17677
  • Throws an error if universe names in GCP or K8s don't match the lowercase, numbers, and hyphen format. PLAT-17687
  • Allows editing of communication ports in the universe without replacing nodes, ensuring port overrides are respected. PLAT-17691
  • Allows direct access to create, update, and full copy commands by removing xCluster from preview flag. PLAT-17703
  • Allows separate configuration of Prometheus certificate/key paths from YBA to avoid permission issues. PLAT-17712
  • Incorporates the latest Performance Advisor updates into YBA, including file and variable renaming, package installation, and tab management. PLAT-17733
  • Allows explicit specification of group during Yugabyte user creation on CIS hardened images. PLAT-17738
  • Corrects RBS metric calculation and provides updated metrics in YBA graphs. PLAT-17792
  • Aligns tooltip with label in the Loki configuration UI for better visibility. PLAT-17794
  • Removes LDAP and group commands from preview, moves them to authentication and access-management. PLAT-17841
  • Allows background YBC upgrades using node_agent RPC calls, also correcting virtual environment permissions. PLAT-17862
  • Adds hooks to restart services after node upgrade and port changes. PLAT-17869
  • Respects Kubernetes override settings for CPU core calculations. PLAT-17874
  • Enables default service account to access opentelemetry-collector. PLAT-17884
  • Enables installation, initialization, restart, start, stop, status checking, and upgrade of Perf Advisor Service using yba-installer, along with integrated logging functionality. PLAT-17890
  • Lists user roles accurately using role binding APIs in CLI descriptions. PLAT-17901
  • Preserves the vm.max_map_count setting after reboot when is_cloud=true. PLAT-17967
  • Enhances clockbound health checks to include systemd status and log analysis. PLAT-17978
  • Disallow PITR after PG-15 upgrade rollback or during upgrade finalization. PLAT-17999,PLAT-17998
  • Allows creating universe support bundles without compulsory Prometheus queries. PLAT-18000
  • Introduces retries for deleting blobs in GCP to enhance reliability of storage cleanup. PLAT-18006
  • Introduces a new API for query log export and a runtime configuration option, query_logging_enable, for enabling query logging in universes. PLAT-18040,PLAT-18037
  • Fixes upgrade failure when services are not defined in the statefile in the updated services implementation. PLAT-18068
  • Adjusts pex build to confirm PEX_ROOT directory exists and is writable, addressing disruption from the latest pex release. PLAT-18101
  • Adds a dropdown for automatic or legacy provisioning in the YBA UI when creating on-prem providers. PLAT-18112
  • Adds an API to set zone priorities, allowing for better control over data placement. PLAT-18158
  • Enables retrieving all user groups from Azure AD by adding pagination support. PLAT-18181
  • Adds delete, describe, and list commands for telemetry providers to the CLI. PLAT-18183
  • Reduces import snapshot timeout and adds additional RPC error retries. PLAT-18206
  • Adds skipKeyValidateAndUpload flag for AWS provider setup to bypass SSH key validation. PLAT-18230
  • Supports fetching flags checksum using both old and new Helm naming styles. PLAT-18232
  • Adds hybrid_clock_error metric to YBA for better node health assessment. PLAT-18238
  • Ensures target YSQL migration files include all source files in xCluster replication. PLAT-18248
  • Introduces a new metric to monitor the state of connection pooling in a Universe, beneficial for alert definition in YBM. PLAT-18254
  • Introduces subtasks for modifying query log exporting in universes and adds a health check for Otel processes. PLAT-18151,PLAT-18082,PLAT-18258,PLAT-18039
  • Enables ON_ERROR_STOP by default during restores on master. PLAT-18264
  • Automatically includes inherited values in runtime config fetches. PLAT-18267
  • Allows using node-agent RPC for cGroup configuration during smart resize. PLAT-18309
  • Optimizes YBA metrics endpoint for better CPU and memory use by implementing buffered writing and gzip compression. PLAT-18312
  • Enables GCP Cloud monitoring by adding telemetry providers to CLI create operations. PLAT-18324
  • Streamlines functions and duplicates host label with yugabyte.node_name for efficient query log export. PLAT-18332
  • Adds common labels to Kubernetes resources and Yugaware charts. PLAT-18353
  • Updates YBC client and server version to 2.2.0.3-b6. PLAT-18470
  • Removes log_line_prefix from API until YBM confirms compatibility with new OTEL config filters. PLAT-18501
  • Adds a universeDetached state and universe owner to universe details to regulate delete metadata operations and attach/detach flow. PLAT-18510,PLAT-17543,PLAT-17984
  • Prevents YBA backups from overwriting each other using timestamped temp directories. PLAT-18514
  • Introduces a runtime flag allow_s3 to block S3 exporter support for log export. PLAT-18528
  • Automatically converts disk throttle parameters from MB to bytes on the UI screen. PLAT-18531
  • Enables task state filtering option in the paginated tasks_list API. PLAT-18562
  • Adjusts the default value of revert_to_pre_roles_behaviour to true, impacting dump_role_checks and on_error_stop. PLAT-18594
  • Eliminates duplicate "SSH Private Key Content" label from the GCP provider creation form. PLAT-18602
  • Allows controlled server upgrades within availability zones with user-defined sleep time and enhanced logging for visibility. PLAT-18669,PLAT-18667
  • Ensures the config map is created before the job, preventing failure during helm yba upgrades due to unavailable storage class issues. PLAT-18726
  • Prevents cleaning up the PG logs directory during rollback to retain initial logs after a software upgrade failure. PLAT-18752
  • Reduces unnecessary stack trace by ensuring TryLock for HA returns an empty optional when lock acquisition fails. PLAT-18758
  • Allows capacity reservation for single node operations. PLAT-18685,PLAT-18870
  • Adds check to stop Azure universes from using clockbound to prevent creation failures. PLAT-18912
  • Updates and adds missing files for new and existing AWS regions, including new instance types. PLAT-18920
  • Adds support for hot reloading of TLS certificates in the YBC gRPC server. PLAT-18953
  • Allows successful rotation of clientRootCA for C2N in VM universes where only C2N TLS is enabled. PLAT-19145