Skip to end of metadata
Go to start of metadata

Xray 2.9

Released: September 2, 2019

Feature Enhancements


Securing MongoDB with TLS Support on Xray

You can add an additional layer of encryption to Xray by configuring TLS support in MongoDBAdd Link to MongoDB section


Improved RabbitMQ Clustering for HA

Xray supports full RabbitMQ clustering allowing new nodes to connect to any active node in the cluster removing the limitation of only connecting to an active Master node and is enabled during adding HA Nodes installation process.

Enhanced Python Support
  • Expanded  Python Package Type Support in Docker: As part of our effort to support the Python community, Xray now also scans the Python .py file extension in Docker images in addition to the existing Python packages extensions: .whl, .egg, tar.gz, .tgz.
  • Scanning Entire Python Builds: You can now scan an entire Python build following the JFrog CLI 17.1.0 release that supported creating build info for Python builds
Increased Queue Worker Ranges in the UI  

The Queue Workers ranges in the UI have been increased to provide flexibility when configuring your system queues in large systems.



Issues Resolved

  1. Security mapping correctly maps medium and minor issues.
  2. Creating or using a webhook will not display the password in the response.
  3. When running the automatic npm audit fix command, the Xray audit fix failed due to a format issue. Now, the npm audit fix runs successfully. 
  4. Xray SaaS user can now view the License Management section.
  5. Passwords containing special characters are supported in the xray_config.yaml file.
  6. Changing the Xray port during the Docker installation is supported. 
  7. The filters.json file is not returned to the default settings upon Xray restart. 
  8. The debug/pprof/ endpoints are accessible only from the local host machine. 
  9. RabbitMQ is now masterless and the user can remove inactive nodes during the HA installation process. 
  10. The DB sync progress bar shows synchronization progress correctly. 



Changes/Updates to Documentation

Enabling TLS on MongoDB 

Instructions: the Securing MongoDB with TLS Support on Xray to the following page: TLS Certificates.

You can set up TLS certificates to enable encrypted connections from Xray to PostgreSQL, RabbitMQ and MongoDB.   

Securing MongoDB with TLS Support on Xray - see the separate page

============================================================================================


Improved RabbitMQ Clustering for HA

Add to the following section: HA Installation and Setup#InstallingAdditionalNodes

Installing Additional Nodes

The additional cluster nodes should also be installed according to the general Xray installation instructions.

Make sure to respond with a "Yes" to the "Are you adding this node to an existing cluster?" question at the beginning of the installation.

The installer will prompt you for the following additional information:

  • A 32 bytes master.key, found in <XRAY DATA FOLDER>/security/master.key of the initial node.
  • The short host name of the initial node, retrieved by using the 'hostname -s' command in the initial node.
  • database connection string, in order to connect to the same DB as the initial node.
  • Enable full RabbitMQ HA clustering, by setting the host name of any of the active nodes in the HA cluster and not only to the active master node.

    Provide the short host name of an active cluster node (to retrieve it use the 'hostname -s' command):
  • During the installation process of the new node, you have an option to run a cluster cleanup.  If any of the nodes is down, you will be asked if you want to remove the node from the cluster.

    Looks like node '<NODE_NAME>' is NOT running. Would you like to remove node '<NODE_NAME>' from cluster? [y/n]:

    Please note that this will disconnect the node from the cluster. 


Increased Worker Allocation

Replace the Image - Replace the Queue Works columns

  • No labels