================================================================================ Replify Accelerator 6.4.0-31701 Release Notes ================================================================================ This document details the content of the Replify Accelerator release 6.4.0. This release contains several features and improvements along with bug fixes. The previous GA release of Replify Accelerator was version 6.3. ================================================================================ Release Highlights ================================================================================ - Added Support for Custom Hook Scripts for Replify Events - Secure Peering Usability Improvements ================================================================================ Upgrade Instructions ================================================================================ The following versions of the Virtual Appliance (VA) and Enterprise Manager (REM) can be upgraded directly to 6.4.0: = 6.3.0 = 6.2.1 = 6.2.0 = 6.1.0 = 6.0.0 = 5.6.0 To upgrade your system, the REM should be updated first (if you have a REM), followed by the Virtual Appliance and then clients. To upgrade the REM or VA please run the following commands at the console: apt-get update --allow-relaseinfo-change replify-ctl upgrade You will be prompted for an activation code after running the above command. Please contact support@replify.com for this code. Windows clients can be updated by navigating to 'Tools > Options > Updates' in the Replify client user interface. To avail of updates, the client must be connected to an upgraded REM or VA. Detailed installation instructions can be found in the Replify Installation & Configuration Guide. The Accelerator Client can also be downloaded from the web interface of VAs and REMs. ================================================================================ Changes in Behaviour this Release ================================================================================ -------------------------------------------------------------------------------- [ACC-5980] Client Will No Longer Check for Updates by Default -------------------------------------------------------------------------------- In previous releases, the Windows Replify Accelerator Clients had the 'Check for updates on startup' and 'Enable automatic update detection' enabled by default. For 6.4, this has been switched off by default. In some cases customers did not want their user base alerted when updates were available, so this change was made. The Virtual Appliance will alert the administrator with a visual prompt on the user interface when an upgrade is available. -------------------------------------------------------------------------------- [ACC-5948] Secure Peering Default Behaviour has Changed -------------------------------------------------------------------------------- GUI enhancements in 6.4 has improved the ease with which secure peering can be managed and configured. As such, there has been a change in the default behaviour. Customers using securing peering will need to add the CA certificates of any remote peers to the 'Custom CA List' on the 'SSL Management > SSL Settings' page. -------------------------------------------------------------------------------- Deprecation of Windows 32-bit Client Support -------------------------------------------------------------------------------- 6.4 will be the last release that officially supports the Replify Accelerator Client on 32-bit versions of Windows. This means that, while the client may still work without any issues, Replify Support will advise of an upgrade in the first instance of an issue on this platform. -------------------------------------------------------------------------------- Deprecation of Official Stretch Support -------------------------------------------------------------------------------- 6.4 will be the last release that officially supports the Replify Virtual Appliance or Enterprise Manager on Debian Stretch (9). This means that, while the system may still work without any issues, Replify Support will advise of an upgrade in the first instance of an issue on this platform. ================================================================================ Disk Space ================================================================================ When deploying from VMWare, the default disk configuration will be a 16GB disk with 'Thin Provisioning'. We would recommend 'Thick Provisioning' which will be faster when running but slower to deploy. If resources are particularly constrained on the server, you may use 'Thin Provisioning' to ensure the disk space is only consumed when required. For many production environments, 16GB may not be sufficient to hold all cache data. Please see the Quick Start Configuration Guide for details on how to add extra disk space. ================================================================================ MAC addresses with Hyper-V ================================================================================ Once the image is deployed on the Hyper-V server the MAC address allocation will be set to 'dynamic' by default. When the machine boots Hyper-V will generate a MAC address for the connected virtual network interface. Replify recommends changing this to use a static MAC address instead. ================================================================================ Download Links ================================================================================ Downloads are available for VMware ESX 6.5 and above and Microsoft Hyper-V 2016 and above. Other deployments, such as Citrix Xen, Amazon EC2 and Microsoft Azure may be available on request from Replify Support. Please refer to the Replify Installation and Configuration Guide for deployment instructions. -------------------------------------------------------------------------------- VMWare ESX -------------------------------------------------------------------------------- REM OVF: https://s3.replify.com/v6.x/v6.4.0/Replify-Manager-6.4.0-31701/Replify-Manager-6.4.0-31701.ovf REM VMDK: https://s3.replify.com/v6.x/v6.4.0/Replify-Manager-6.4.0-31701/Replify-Manager-6.4.0-31701-disk1.vmdk VA OVF: https://s3.replify.com/v6.x/v6.4.0/Replify-Appliance-6.4.0-31701/Replify-Appliance-6.4.0-31701.ovf VA VMDK: https://s3.replify.com/v6.x/v6.4.0/Replify-Appliance-6.4.0-31701/Replify-Appliance-6.4.0-31701-disk1.vmdk -------------------------------------------------------------------------------- Hyper-V -------------------------------------------------------------------------------- REM: https://s3.replify.com/v6.x/v6.4.0/Replify-Manager-6.4.0-31701-hyperv.zip VA: https://s3.replify.com/v6.x/v6.4.0/Replify-Appliance-6.4.0-31701-hyperv.zip -------------------------------------------------------------------------------- QEMU -------------------------------------------------------------------------------- REM: https://s3.replify.com/v6.x/v6.4.0/Replify-Manager-6.4.0-31701.qcow2 VA: https://s3.replify.com/v6.x/v6.4.0/Replify-Appliance-6.4.0-31701.qcow2 -------------------------------------------------------------------------------- Docker -------------------------------------------------------------------------------- VA: https://hub.docker.com/r/replifyltd/accelerator/ REM: https://hub.docker.com/r/replifyltd/manager/ -------------------------------------------------------------------------------- SHA256SUMS -------------------------------------------------------------------------------- SHA256 hashes for each file listed above have been generated for this release, they can be downloaded from this link: SHA256SUMS: https://s3.replify.com/v6.x/v6.4.0/SHA256SUMS ================================================================================ New Features and Improvements ================================================================================ [ACC-6046] Added new 'graceful-stop' and 'graceful-restart' options to replify-ctl [ACC-6038] GUI alerts user that service restart is recommended if the cache size changes [ACC-6036, ACC-5974, ACC-5968, ACC-5955, ACC-5954, ACC-5932, ACC-5128] Improved throughput and stability when system is under load [ACC-6022] Process for configuring Replify in a bridging configuration has been simplified [ACC-6020, ACC-5948] Improved user experience when configuring secure peering [ACC-6019] CPU information is now included in VA/REM diagnostic reports [ACC-6015] Logging improvements [ACC-6012] TLS session re-use has been disabled for securely peered connections for additional security [ACC-6006] Addition of Secure Peering functionality to API [ACC-6003] Additional error information displayed on UI when there is an unexpected error [ACC-6002] Removing information from cache is now more efficient [ACC-6000] GUI can be configured to automatically redirect to HTTPS [ACC-5995, ACC-5967, ACC-5308] Replify Accelerator hooks added for startup, shutdown and interception events [ACC-5993] Accelerator clients that use secure peering are identified on the VA web UI [ACC-5989, ACC-5947, ACC-5946] Improved logic when reconnecting to remote peers after a timeout [ACC-5986, ACC-5984, ACC-5983, ACC-5982] Increased efficiency and memory use when adding multiple application servers in quick succession [ACC-5985] Optimization how services are represented to reduce space and memory usage. [ACC-5980] The Windows client no longer checks for updates by default [ACC-5979] UI improvements in REM overview graph [ACC-5973, ACC-5972] Improved offload/throughput for SMB1 traffic [ACC-5963] Wildcard Domain List is included in system backup [ACC-5953] VA UI improvements [ACC-5952] Latest version of ZStandard compression library is now used [ACC-5943] VA diagnostic reports now include lists of SNI's that dynamic certificates have been generated for [ACC-5939] replify-ctl get-dynamic-snis now writes to standard output [ACC-5938] Optimization alerts now include client's NATted IP where relevant [ACC-5909] Improved offload/throughput on high latency connections [ACC-5908] Replify Debian key is stored in dedicated keyring instead of Debian KeyRing [ACC-5897] Extra validation of client upgrade packages sent to client from VA [ACC-5686] Quiescence options have been added to replify-ctl to shut down service gracefully ================================================================================ Fixes ================================================================================ [ACC-6069] replify-ctl status now lists peered VAs correctly [ACC-6065] Fixed error with cache resizing under load [ACC-6050] REM stats period dropdown on report pages now correct on page load [ACC-6042] Muxing and Secure Peering can now not be enabled at the same time [ACC-6039] Debian packages can now be upgraded if Debian release has changed [ACC-6035] Removed extraneous data from the health graph [ACC-6033] 'replify-ctl set-cache-config-value' command now works with Erlang terms [ACC-6024] User is informed if they try to delete a service that is already in use [ACC-6018] Resolved crash condition that can occur on service shutdown when using WAN connection pooling [ACC-5999] Scenario where appliance configuration can become corrupted has been resolved [ACC-5998] VA/REM Password can now be correctly changed using web UI [ACC-5988] Interception rules are always deleted after the service has shut down [ACC-5987] Existing data connections are no longer disrupted if interception rules need changed [ACC-5944] Hostname changes made from the VA user interface are correctly applied [ACC-5795] Issue where cache blocks never get deleted from disk has been resolved [ACC-5521] Resolved crash condition that could occur when system was under load ================================================================================ Errata or Known Issues ================================================================================ [ACC-6078] Raspbian data connections may be interrupted if application servers or peering is modified while transfers are in progress. [ACC-5083] SMB Connections are not optimized by the Mac client [ACC-4719] STARTTLS and HTTP CONNECT content is not cached in client to local VA scenarios [ACC-4648] Mac client service stops when it connects to a VA that is using a non-standard block size [ACC-4427] Android client requires a reboot before upgrade or client re-install [ACC-4255] AVG anti-virus software incorrectly detects a threat during Replify client uninstallation [ACC-4137, ACC-4170] applications that use SSL pinning (e.g. Skype for Business, Dropbox, some applications depending on Apple certificates etc) will have their connections blocked if configured in the VA to use SSL optimization, unless the pinned certificate is also uploaded to the VA. [ACC-3825] Un-rooted Android devices can only accelerate HTTP(s) traffic [ACC-3718] Intel based processors on Android devices not supported