December 2023 - PingOne Advanced Services - PingOne Cloud Platform - PingOne

PingOne Advanced Services

bundle
pingoneadvancedservices
ft:publication_title
PingOne Advanced Services
Product_Version_ce
PingOne Advanced Services
PingOne Cloud Platform
PingOne
category
Product
p1
p1advanced
p1cloudplatform
ContentType_ce

Platform version: 1.18.0.0

In this platform version:
These applications are also included:

Delegated Admin

New
Administrators can now upload and download user reports.

Prometheus

New
You can now access Prometheus metrics through a private link or VPN.

PingDirectory

Improved
Several improvements were made to PingDirectory:
  • Backend priming no longer occurs when PingDirectory is started, which decreases PingDirectory startup time.
  • PingDirectory restarts have also been enhanced with increased health checking to reduce the chance of data inconsistencies within the cluster.
  • Backup and restore now occurs within its own PersistentVolume. See About backing up and restoring data in the PingDirectory Server Administration Guide for details regarding these processes.

PingFederate

Improved

Kerberos authentication will no longer support RC4 encryption due to the use of the new 11.0.21 JDK version (which does not support this weak cipher). Any use of RC4 will need to be replaced with AES256 encryption.

Parsing improvement

Improved
Multi-line logs generated from server.log (PingFederate) now appear in Kibana as a single document.

ElasticSearch

Improved
A horizontal pod autoscaler was added and Logstash performance has improved. The number of warm nodes available has also been increased, which has improved performance and survives AZ failures.

Fluentbit

Improved
Now leverages IMDSv2 security instead of IMDSv1.

Grafana

Improved
User authorization now displays in separate customer and internal teams views. Logging and alert metrics are also now available, but only to internal Ping Identity teams.

Storage class provisioner and EBS volume type changes

Improved
The StorageClass provisioner was changed to CSI, and the EBS volume type was changed to GP3, which will improve performance and stability.

Log file handling

Info
Our legacy logging mode (sending log files to Cloudwatch) has been removed and log files are now sent to our internal ELK (Elasticsearch, Logstash, Kibana) stack or to a customer endpoint.

Kibana (1.18 only)

Info

Kibana logs older than 90 days must be dropped for the migration to the new StorageClass provisioner. However, raw PROD logs from this time period are still available in S3 but can be restored to Kibana via a service request after the upgrade.

When searching indexes, results contain the same fields and data, regardless of which index is chosen. For example, pf-audit* and logstash* return the same results.

Argo CD

Info
Argo CD is now only deployed to the one per-region customer hub that is managing the development, staging, testing, and production environments.