Netdata, a popular monitoring system, has released version v1.44.0 with several exciting new features and improvements. This release further solidifies Netdata’s position as a leading monitoring solution for servers, Linux, DevOps, and home labs.

One of the major highlights of this release is the significant improvement in performance, surpassing even Prometheus, a well-known monitoring system. Netdata now includes a new streaming protocol called SLOTS, which allows for more efficient metric streaming between children and parents. This reduces overhead on parents by about 30% without impacting the children. Additionally, Netdata now supports multiple compression algorithms, including ZSTD, GZIP, and BROTLI, with ZSTD being the default choice for its balance between compression ratio and CPU consumption.

Another major addition is the introduction of Gorilla compression, a time series data compression technique developed by Facebook for their time series database. When enabled, Gorilla compression provides a 30% reduction in memory usage for Netdata, making it even more efficient compared to Prometheus.

Netdata now also has improved support for handling large systemd-journal databases, making it more capable of dealing with huge log volumes. The systemd-journal.plugin has been optimized for performance in such environments, providing prompt responses to queries. Netdata’s logs have also been rewritten to log to the systemd-journal, allowing for easy monitoring and analysis using Netdata’s systemd-journal.plugin user interface.

A new utility called log2journal has been introduced in beta, allowing the conversion of log files into structured systemd-journal log entries. This powerful tool supports processing various log formats, including JSON and logfmt logs, and can be used to extract, convert, transform, and send logs to systemd-journal.

Netdata has also expanded its range of functions, offering new ways to visualize and troubleshoot system metrics. These functions leverage the wide range of collectors and metrics available in Netdata, providing insights into disk I/O activity, resource utilization of containers and virtual machines, IPMI sensor readings, disk usage for mount points, network traffic, process resource usage, and more.

In addition to these feature enhancements, Netdata has added new alert notification integrations to Netdata Cloud, including Amazon Simple Notification Service (Amazon SNS) and Telegram. These integrations provide users with more options for receiving alert notifications from Netdata.

It’s worth noting that some changes have been made in this release, including the removal of the charts.d/nut collector, which has been replaced by go.d/upsd. Netdata’s internal metrics are now disabled by default to reduce data volume, and Gorilla compression will be enabled by default in the next release. Some exporters, such as Google Cloud Pub Sub and AWS Kinesis, will be removed in the next release, and database modes map and save will also be eliminated. Furthermore, per-core CPU metrics will be disabled by default to improve performance, and several eBPF.plugin modules have been disabled to optimize system performance.

Overall, Netdata’s v1.44.0 release brings significant improvements in performance, log handling, compression, and functionality, making it an even more powerful and efficient monitoring system for servers, Linux, DevOps, and home labs.

For more details and to download the latest release, visit the Netdata GitHub page.

Harvester, an open-source hyperconverged infrastructure (HCI) solution built on Kubernetes, has released version v1.3.0-dev-20231208 for testing. Harvester is designed for operators who are looking for a cloud-native HCI solution and runs on bare metal servers. It offers integrated virtualization and distributed storage capabilities, supporting both traditional virtual machines (VMs) and containerized environments through integration with Rancher.

This release is specifically for testing purposes and comes with a few important notes:

• It is not fully tested, so users should proceed with caution.
• Upgrading from previous releases or to future releases is not supported.
• Bug reports are welcome.

Artifacts for this release include the following:

• harvester-v1.3.0-dev-20231208-amd64.iso
• harvester-v1.3.0-dev-20231208-vmlinuz-amd64
• harvester-v1.3.0-dev-20231208-initrd-amd64
• harvester-v1.3.0-dev-20231208-rootfs-amd64.squashfs
• harvester-v1.3.0-dev-20231208-amd64.sha512
• version.yaml

There have been several changes in this release, including bug fixes and feature updates. Notable changes include fixing the SupportBundle CRD additionalPrinterColumns path, restoring the start of VMs if they were voluntarily powered off, and updating various components such as Wharfie, KubeVirt, and Longhorn.

Overall, Harvester’s latest release provides users with an opportunity to test and explore its features and functionalities. However, it is important to remember that this release is not fully tested and should be used at one’s own risk.

XCP-ng, the popular virtualization platform, has released its latest security update for the month of December. The update is specifically for the 8.2 LTS release, which is currently the only supported version of XCP-ng.

The update includes fixes for vulnerabilities in Xen and linux-firmware in the controller domain. These vulnerabilities have been addressed to ensure the security of the virtual machines running on the platform.

One of the fixed vulnerabilities, labeled XSA-445, addresses a mismatch in IOMMU quarantine page table levels on x86 AMD systems. This vulnerability could potentially allow a device in quarantine mode to access leaked data from previously quarantined pages. Although this feature is not enabled by default in XCP-ng, it can still be enabled at Xen boot time.

The second fixed vulnerability, XSA-446, deals with memory content inference in PV guests. XCP-ng strongly advises against using PV guests and recommends switching to HVM for better security. If you are still using PV guests, it is highly recommended to consider making the switch.

In addition to the security updates, XCP-ng has also released non-security updates to pave the way for upcoming refreshed installation ISOs. These updates include improvements to the linux-firmware, gpumon, tzdata, and vendor-drivers components.

The linux-firmware update includes an update to the AMD microcode, specifically for the family 19h (Zen 3, Zen3+). This update helps mitigate hardware vulnerabilities and bugs. However, it is important to note that updating the hardware’s firmware remains the preferred method for updating microcode, and any newer microcode found in the firmware will take precedence over the microcode provided in XCP-ng.

Other changes include a small change to suppress unnecessary logging in gpumon, updated timezones with the latest CentOS 7 update of the tzdata package, and the integration of new drivers into XCP-ng in preparation for the upcoming refreshed installation ISOs. These new drivers include the igc module for Intel device drivers for I225/I226, the r8125 module for Realtek r8125 device drivers, and the mpi3mr module for Broadcom mpi3mr RAID device drivers.

Overall, the December 2023 security update for XCP-ng brings important security fixes and improvements to the virtualization platform, ensuring the safety and performance of virtual machines. Users are encouraged to update their systems to benefit from these enhancements and to maintain a secure environment for their workloads.

AdGuard Home, the popular ad-blocker, has released its latest version, v0.108.0-b.51. This update brings several improvements and fixes compared to the previous beta, v0.108.0-b.50.

In terms of security, the Go version has been updated to address potential vulnerabilities. This update specifically prevents the exploitation of the CVE-2023-39326, CVE-2023-45283, and CVE-2023-45285 Go vulnerabilities. These vulnerabilities have been fixed in Go 1.20.12, ensuring a more secure experience for users.

One notable addition in this release is the ability to set a client’s custom DNS cache. This feature, requested by users, allows for more personalized DNS caching, enhancing the overall performance and customization options of AdGuard Home.

Furthermore, this update also addresses a memory leak issue when using parallel queries. The fix for this problem, identified as issue #6438, ensures better memory management and stability.

For a complete list of changes and updates in AdGuard Home v0.108.0-b.51, please refer to the CHANGELOG.md file.

The latest version of the web server Caddy, version v2.7.6, has just been released. This update brings several fixes and enhancements, thanks to the contributions of various contributors. While most of the changes are small, there are a few notable ones worth mentioning.

One significant improvement is the official extensibility of the templates middleware. This experimental feature allows modules to add custom functions and actions for templates to execute, providing more flexibility for developers.

Another important enhancement is the synchronized TLS storage cleaning across the cluster, which is now remembered across restarts. This improvement is particularly beneficial for expensive storage backends, as it significantly reduces costs.

In addition, placeholders are now evaluated in the configuration for certificate loaders, enabling more dynamic and flexible configurations.

The release also includes numerous bug fixes, addressing various issues reported by users and improving the overall stability and reliability of the web server.

To view the complete list of changes and contributions, you can refer to the changelog on the official Caddy GitHub repository.

K3s, a lightweight and highly available Kubernetes distribution, has released version v1.28.4+k3s1. This certified Kubernetes distribution is specifically designed for production workloads in resource-constrained and unattended environments, such as remote locations or IoT appliances. The new release updates Kubernetes to v1.28.4 and includes several fixes for various issues.

Some of the changes and improvements in this release include:

• Update channels latest to v1.27.7+k3s2
• Add etcd status condition for easy monitoring of etcd status from each node
• Automatic discovery of WebAssembly runtimes
• Improved dualStack log
• Optimized Dockerfile for simplified installation and runtime
• Addition of timezone info in the Docker image, enabling the use of spec.timeZone in CronJobs
• Bumped kine to v0.11.0, resolving issues with postgres and NATS, improving watch channel performance, and enhancing compatibility
• QoS-class resource configuration for containerd
• Addition of agent flag disable-apiserver-lb to disable load balance proxy
• Various bug fixes and improvements

For a full list of changes, please refer to the Kubernetes release notes.

The embedded component versions in this release are as follows:

• Kubernetes v1.28.4
• Kine v0.11.0
• SQLite 3.42.0
• Etcd v3.5.9-k3s1
• Containerd v1.7.7-k3s1
• Runc v1.1.8
• Flannel v0.22.2
• Metrics-server v0.6.3
• Traefik v2.10.5
• CoreDNS v1.10.1
• Helm-controller v0.15.4
• Local-path-provisioner v0.0.24

For more information and resources on K3s, you can visit the official documentation, join the Slack channel, or contribute to the project on GitHub.