2020.07.0 Release

Docker tag: quay.io/pganalyze/enterprise:v2020.07.0

Notes

  • We recommend upgrading 2020.07.2 or newer to avoid a bug related to duplicate server entries
  • Important: This release requires at least PostgreSQL 10 for the pganalyze statistics database. Please make sure to upgrade your Postgres version if you are using an older Postgres release.
  • This release includes all bugfixes from the 2019.04.1 patch release
  • Upgrades need to follow our recommended upgrade steps to run necessary database migrations

New features

  • New Charts and Date Picker
  • Automated Postgres EXPLAIN Visualization & Insights
  • New in-app design to match new pganalyze colors and logo
  • Consistent date selection when navigating across the app
  • New "Query Tags" section for queries to show where queries originate from
  • Improved Query Performance Overview
    • 7-day trend analysis
    • Save query filter options across sessions
  • Improved Platform support
    • Amazon RDS: Add RDS 2019 certificate support
    • Azure DB for PostgreSQL and Google Cloud SQL: Add support for Log Insights & EXPLAIN plans
  • Alert policies
    • Ability to configure different alert policies for different team members
  • VACUUM statistics
    • 7 day retention for detailed statistics (increased from 24h)
    • 30 day view of dead tuples for tables (increased from 24h)
  • Smarter server list in navigation menu
    • Shows 5 most recently visited servers
    • This avoids issues when having a lot of servers (which are better viewed on the per-organization server list)
  • Update wait events to include Postgres 12 support
  • Add 7-day trend analysis to table overview

Bugfixes

  • Log Insights
    • Ensure that "temp file created" log events correctly filter for database
    • Improve in-app integration instructions to be correct for setup type
    • Fix Checkpoint Starting and Temp File Created bucketing for larger timeframes
    • Fix visualization bugs for Z00 classification of unknown log lines
    • Connection tracing: Fix connection logs for cases where the log_line_prefix is missing %d
  • Internal Enterprise Edition logging
    • Always output webserver logs to stdout, and hide request_id to make logs easier to read
    • Don't run collector in verbose mode
  • Verify MAILER_URL setting when doing self-check
  • Default to "localhost" for email application domain instead of "pganalyze.com"
    • We recommend setting DOMAIN_NAME to have the correct hostname used in emails sent by the system
  • Turn off automatic retries for statistics snapshot processing
    • This didn't work correctly before and caused unnecessary unique constraint violation errors
  • System data: Fix accidental reversal of network receive and transmit stats
  • Query details: Fix link pointing to Postgres role

Performance improvements

  • Pre-aggregation of multi-hour/multi-day statistics
    • This helps speed up the Query Performance view, as well as Log Insights views
  • Improve performance for per-table query performance list
  • Avoid timeouts processing high number of Postgres functions, cap at 5000 functions
  • Improve per-server connection graph performance
  • Improve Log Insights client-side performance
  • Improve performance for VACUUM timeline and VACUUM history
  • Paginate query performance list
  • Server-side pagination for table/index/function lists
  • Connections list: Automatically stop polling after 1 minute (reduces server performance impact)

Security improvements

  • Non-critical security updates
    • rails (CVE-2020-8185, CVE-2020-8184, CVE-2020-8162, CVE-2020-8164, CVE-2020-8165, CVE-2020-8166, CVE-2020-8167, CVE-2020-5267)
    • websocket-extensions (CVE-2020-7663)
    • puma (CVE-2020-11077, CVE-2020-11076, CVE-2020-5247)
    • json (CVE-2020-10663)
  • Invalidate all sessions on logout (to prevent reusing the session cookie)
  • Use secure cookie flag when FORCE_SSL=1 is configured
  • Add rate limiting for the following actions:
    • Signups (protect against spamming a publicly available installation with bogus accounts)
    • Login (protect against brute-force a user's password)
    • Password reset (protect against flood a user's inbox and lock them out)
  • Filter out non-word characters in invite e-mail bodies (to avoid abuse of the invite system for sending spam)
  • Fix XSS issues with notice messages
  • Introduce audit events for significant user initiated/affecting actions
    • For now this is available in an internal table only. This covers the signup, login, password change and member invitation flows.

Other changes

  • Update included pganalyze collector for Enterprise to 0.31.0
  • Add an explicit Postgres version check (PostgreSQL 10 or newer is now required)
  • Improve color scale colors for tree maps and VACUUM timeline
  • Rename "self-hosted servers" to "self-managed servers"
  • Per-server API keys are no longer created
    • They can still be used for compatibility purposes, going forward the collector utilizes organization API keys for authentication
    • We may deprecate that usage and fully remove per-server API keys in the future, please ensure you use organization API keys when running the collector separately from the main pganalyze container
  • Send cookies with API requests
    • This helps support reverse proxy setups, such as when using Cloudflare Access (which requires the special CF_Authorization cookie to be passed)
  • Add Docker command to perform automated actions using the Rails runner command
    • This should not be needed in normal operations, but may be used to help with support requests
  • Data retention
    • Historic data is now consistently 35 days (Query Performance data) or 7 days (Log Insights data) across the system
    • Previously additional data was stored, but not accessible, which caused performance issues
    • Add appropriate feature notices for pages with limited data available (e.g. Connection Traces)

Couldn't find what you were looking for or want to talk about something specific?
Start a conversation with us →