v4.2.4 Release Notes¶
Review v4.2.4 Compatibility & Breaking Changes before installing or upgrading Morpheus
SCAP Scans Confirm Security Compliance¶
The SCAP program (Security Content Automation Program) from NIST (National Institute of Standards and Technology) is designed to create an automated and reliable method for setting or verifying security configurations for a system or group of systems. Morpheus v4.2.4 adds the ability to call in SCAP security packages and perform SCAP scans using pre-existing scan checklists and security profiles.
Ensure security compliance of any Morpheus-managed Instance(s) or server(s)
Call in existing SCAP packages and checklists from online repositories
Create Jobs to run SCAP scans against any group of Instances or Servers either on-demand or on recurring schedules
View complete SCAP evaluation reports on your systems from inside the Morpheus UI
ServiceNow Incident Report Improvements¶
Through its ServiceNow integration, Morpheus can pass incident data for viewing and handling through the ServiceNow console. In Morpheus 4.2.4, additional details are passed through to the ServiceNow incident record to directly link back to the specific incident in Morpheus, as well as provide details on the severity and current resource status.
Link directly to the matching incident object in Morpheus
See incident severity information
Link directly to the associated Check or Check Group in Morpheus
See additional details on the check including its interval, number of failed checks, and whether this incident impacts availability percentage
All New Features¶
Amazon: Deploying MySQL or SQL Server with Amazon RDS now automatically creates the corresponding check and Instance status is reported
Amazon: Routes on AWS routers are now editable (Infrastructure > Network > Selected AWS Network > Routing tab > Pencil icon) in addition to viewing, creating and deleting which could be done previously
Amazon: Cloud Sync enhancements, reduced sync times
Amazon EKS: Support Added for version k8s v1.17.11
Azure Public Cloud: Azure Cloud Integration Improvements
Option to enable Azure Guest OS Diagnostics when provisioning Instance or App
Added option to enable Azure Boot Diagnostics when provisioning an Instance or App
Set disk encryption (user or platform-managed) and an encryption set (if user-managed) for an Azure Cloud integration (Add/Edit Cloud modal)
Azure AKS: Support added for version 1.17.11
Azure Stack: Added support for ARM templates
Automation: Option Types:
DISPLAY VALUE ON DETAILSflag added to Option Types to toggle display of associated Option Type values on Instance Detail pages
BlueCat: Support added for Bluecat 9.x
Clouds: Cloud sync enhancements including variable sync schedules that auto-adjust per cloud, resulting in optimized sync times and reduction in sync overlaps and record lock conflicts.
Clusters: Docker Hosts: Added the ability to set and edit security groups on Docker hosts for clouds that support native security groups (amazon, azure, openstack)
KVM: KVM Improvements
KVM Windows provisioning support added
Console access is now available for VMs on the KVM server which were not provisioned by Morpheus
OpenStack: Backup process improved to handle longer running jobs for backing up large instances
NSX-V: Create and manage DHCP Pools for Edge Gateway routers
Policies: Load balancer pricing is factored when enforcing budget policies during provisioning and reconfiguration
Pricing: Load Balancer Price Tracking
Load balancer support in Price Plans, Price Sets, and Prices (Administration > Plans & Pricing)
Load balancer price data sync for Azure and Amazon
Automatically apply Price Plans to load balancers based on Plan configuration
Usage and Billing data for load balancers
Provisioning: Enhancements added to speed up provisioning when “Install Agent” is skipped.
Provisioning: Set a value to be prepended to all environment variables loaded as part of Instance or App provisioning
Proxies: Global proxy setting now applies to all Morpheus functionality, including local integrations such as Ansible and Terraform
Roles: Role Permission Changes
Network integration firewall permissions (Infrastructure > Network > Integrations > Selected integration > Firewalls) now have their own setting (Infrastructure: Network Firewalls). Previously they were inherited from the “Network: Integrations” permission
Security: ScanningFeature Access Permission added
Determines access to the Security Packages tab on the Jobs list page (Provisioning > Jobs), Security Scanning type Jobs, and Security Subtab inside the Software tab on a server detail page where the results of security scans are viewed
Allows access to view, create, and run security scans on existing systems, as well as view the results of previously-run scans
This permission is recommended for those responsible for security compliance of existing systems
SCVMM: If virtual image advanced options has vm tools installed (unchecked) system will auto skip network wait on SCVMM now. Matches existing VMware and KVM behavior.
ServiceNow: “Morpheus Incident” alerts are now more insightful including links to the related Morpheus incident or check, severity information, and other details about the failing check
Security Scanning: Security scan job type added (Provisioning > Jobs) to perform SCAP scans against secure baselines to confirm compliance
Security: Tomcat version removed from default server error pages
Settings: Cloud refresh interval is now user-configurable, the settings can be changed in Administration > Settings > Appliance (Default: 300 seconds)
UI: Interface and Usability Improvements
Icons added for AWS services (such as in Service Catalog), including AWS App Mesh, AWS SQS, and AWS SDB
When applying state to Terraform and CloudFormation Apps, a friendly progress bar is displayed to indicate the change
Session expiration times can now be configured (Administration > Settings > Appliance), if desired a window can also be displayed at a specified time to warn about the impending logout
MySQL tmp file location moved from
Advanced table view added to Clusters list page (Infrastructure > Clusters) and Load Balancers list page (Infrastructure > Load Balancers)
Windows: Windows VMs will now auto-expand their root storage partitions to fill drive space, previously this was done manually
vCloud Director: Create and delete Snapshots in a vCD Cloud
Veeam: Backup Jobs can now be deleted
Backup Jobs are deleted from the ACTIONS menu on the Backup Jobs list page (Backups > Jobs)
Delete action existed previously but, due to Veeam API limitations, Morpheus could only disable the job
Backup job delete is supported only on Veeam version 10
VMware: VMware Cloud syncs are now up to 10x faster
ACI: Fixed invalid display error when creating ACI Application Profile
ACI: Fixed network deletion issue caused by illegal characters in CIDR
ACI: Fixed tabs not displaying on ACI integration detail pages when accessed via
/infrastructure/networks(displayed when accessed via
Amazon: ALB’s: Fix for adding ALBs in a subtenant -2
Amazon: Cloud Summary Page: Resources: Fixed
Security Groupsstat always showing
Amazon: Route53: Updates to handle rate limits when syncing large number of Route53 domain records
Amazon: Fixed issue with S3 bucket sync that could cause excessive Appliance memory usage.
Ansible Tower: Fixed invalid Ansible Tower integration link in cloud details pages
Ansible: Fixed Ansible Proxy check -2
API/CLI: Fixed Task creation when using Repository Source.
Apps: Fixed inconsistent app, node and execution statuses during App provisioning when a Workflow Task fails during Provision Phase.
Apps: Updated the NAME property for VM and Container lists on App Detail views to match Instance Detail views
Azure: Added support for adding and removing non-primary nic’s on single nic VM’s
Azure: ARM Instance Spec Templates: Fixed long running provision timeouts
Azure: Cloud Summary Page: Resources: Fixed
Security Groupsstat always showing
Azure: Fix for automated Active Directory domain joins due to -NewName
Azure: Fixed AKS Cluster Deployment failure when Azure Cloud is scoped to single Resource Group (note: Cloud discovery must be enabled for AKS provisions in this scenario to discover worker vm’s)
Azure: Fixed issue adding Azure Security Group Rule names containing spaces
Azure: Fixed issue with deleting a Resource Group created from an ARM App when an Azure Cloud is scoped to a single Resource Group.
Azure: Fixed provisioning issue when specifying mixed managed disk types
Azure: Fixed user provided disk labels being overwritten with external_id names
Backups: Fixed enable/disable flag for Veeam Backups
Budgets: Fixed current years actuals displaying in future years budgets
Cisco ACI: Fixed potential issues preventing deletion of Cisco ACI Integrations
Cloud Formation: Fixed issue creating Lambda resources from CF Blueprints. (Note: Lambda resource objects will be added in future release)
Cloud Removal not clearing storage volumes
Clusters: Hosts: Fixed Workflow execution not displaying in History tab on Host detail pages
Convert To Managed: Removed legacy
Existing <X>layout from available layout options during Convert to Managed action
ElasticSearch: Added auto-reconnect or rebuilding of es client on runtime exceptions
Git: Fixed issue deleting Git Integrations with existing file content associations
Health: Fixed display of
Memory: System Swapand
Memory: Free Swapvalues in the Appliance Health section.
Infrastructure: Hosts: Virtual Machines: The Remove Infrastructure and Preserve Volumes checkboxes are now present and functional when performing bulk VM delegations.
Load Balancers: Added read socket timeouts for F5 connections -2
Networks: Fixed display of invalid Groups in Network Group Access section, causing Group Access changes to not persist
Networks: If a user has only read permissions for the Infrastructure: Network Routers feature permission, that user no longer has the ability to edit or delete router firewall rules.
Networks:: If a user has only read permissions for the Infrastructure: Network Routers feature permission, the Create Neighbor button on the router detail page’s BGP tab is now hidden
NSX-T: Fixed inaccessible Routers displaying for Subtenants
NSX-T: Fixed issue with NSX-T IP Pool creation
NSX-V: CIDR is no longer required when editing existing Logical Switches
NSX: The Name field is now visually identified as a required field on the Create Rule dialog for NSX-v and NSX-t network firewalls
NSX: Added validation to prevent deletion of NSX networks still in use by existing entities.
Nutanix: Fixed issue provisioning custom images stored in S3
Nutanix: Removed root disk storage container selection during provisioning as root disk must be created on same Storage Container as Template (Nutanix req).
Openstack Clouds: Fixed security groups scoped to “All” Clouds not displayed during provisioning.
OTC: Fixed issue with long running Instance backups not exporting.
Policies: Fixed issue with Expiration policies not removing resources in a Failed state
Policies: Fixed issue with sub-tenant whitelabling of full page MOTD policies
Policies: Tags: Fixed issue where vm tags were allowed to be changed to values not compliant with an active, strictly enforced Tag policy.
Policies: Updated email notification Instance links to redirect to subtenant logins
PowerDNS: Fixed display issue with Power DNS records “Content” field
Provisioning: Fixed sudoer permissions for Users created during provisioning when users linux username contains a
PXE Boot: Fixed editing of discovered Mac Addresses
RDS: Fixed issue with editing Power Schedules for AWS RDS Instances
Reconfigure: Fixed issue with core count being set to plan default vs existing count when reconfiguring and selecting a custom plan with customizable cores
Reconfigure: Fixed page error when decimal is specified in a disk size during reconfigure
Reports: Fixed issue with Instance Inventory Summary Report potentially showing old resource values on reconfigured Instances
Reports: Fixed Tenant Cost Reports not displaying correct Instance counts
Reports: Updates and fixes to Cloud Cost and Tenant Cost Reports
SCVMM: Adding a disk, resizing a data disk, or removing a data disk during Reconfigure will no longer trigger a restart.
SCVMM: Fixed adding disks during reconfigure of Generation 2 virtual machines
SCVMM: Fixed issue where selected SCVMM Cloud was not being passed in SCVMM VM config
SCVMM: Fixed issue with Optical drive being removed during provisioning of Generation 2 virtual machines
SCVVM: Fixed Instance reconfigure startup memory and fixed memory allocation
SCVVM: Fixed startup memory and fixed memory allocations when dynamic memory is enabled
Security: XSS vulnerability removed
Stats: Fixed offline server stats updates -2
Tags: Fixed error when trying to create a tag without a value
Tags: Fixed masked tags issue found in 4.2.4-1 -2
Terraform: App Provision: Resolved issue where Next button would become re-enabled prior to completion of validations over 35 seconds
UI: Updates to prevent Invalid CSRF Token Error on stale pages.
User Profiles: Clouds listed in
Default Cloudnow filtered by Group association/access
vCloud Director: Fixed issue with frequent usage record restarts
VMware: Fixed datastore cluster references for datastores shared across multiple clusters
VMware: Fixed issue with Subtenant setting VMware Folder Group Access permissions.
VMware: Fixed some sync issues found in 4.2.4-1 -2
VMware: Hypervisor Console: Fixed issue with high resolution consoles showing blank on initial uncompressed connection
Waiting for network message during SCVMM provisioning
White-labelling: Fixed page refresh issue with custom
Terms and Conditionsand
Workflows: Fixed issue with Reboot tasks potentially causing Instance state to show as Running when a Provision phase task has failed
Morpheus API & CLI Updates¶
Deployments: Deployments API/CLI Improvements
Support for adding files to a Deployment version
Support for managing Instance deploys (appDeploys). This used to only provide endpoints for a specific instance to deploy and list deploys. Now it has full CRUD, and list shows account wide deploys. See morpheus deploys.
Hosts: Search by tag names and values
Instances: Search by tag names and values
Instances: Support added for filtering by
Search: Global search added similar to the global search bar that has existed in the UI
Billing: Optional parameters added to support pagination of large returns
Deployments: The command
morpheus deploywas fixed to correct some unwanted behavior, the
--helpflag output was also improved
service-plans addmonthly price set association
Fixed issue when creating a blueprint and passing a yaml or json file
Fixed issue when creating a blueprint and passing a yaml or json file
Fixed missing config properties issue with Azure Virtual Images
Proper error message returned when provision request exceeds max cores policy limit.
Validation and response added when passing invalid value for
virtual-images GET no longer returns information on soft deleted Virtual Images