Changelog of the base of the orchestrator

5.30 (2026-04-10)

  • Enabled user management in Kibana
  • Fixed nginx certificate regeneration when using the cyberwatch configure command
  • Fixed a warning during certificate generation on satellite nodes

5.29 (2026-03-18)

  • Updated the validity period of certificates used by the application:
    • 10 years for the root certificate
    • 1 year for service certificates
  • Automatic renewal of service certificates:
    • 45 days before expiration by default
    • The renewal period can be changed by setting the CERT_RENEWAL_DAYS variable in the config.env file
  • Use of the root certificate for database backup and restore:
    • For instances using an external database, the certificate used is the one concatenated in the cbw-root-ca-cert.pem file
  • Ability to configure the number of replicas for the following services via variables in the config.env file:
    • web with the CBW_WEB_REPLICAS variable
    • sidekiq_node with the CBW_SIDEKIQ_NODE_REPLICAS variable
    • container-scanner with the CBW_CONTAINER_SCANNER_REPLICAS variable
  • Added a storage space check for containers (/var/lib/containerd) via the cbw doctor command
  • Fixed an issue with adding API_KEYS to the secret file
  • Fixed the minimum required Docker version for apt and rpm packages

5.28 (2025-11-28)

  • Added timestamp to Cyberwatch update logs in /var/log/cyberwatch.log
  • Fixed generation of empty backup file when a backup is interrupted
  • Fixed warning message related to security options in the container-scanner container

5.27 (2025-04-09)

  • Added a check during container startup to prevent the deletion of images for containers that have not yet been started
  • Fixed the display of a warning related to the use of the CBW_DONT_PRUNE_UNUSED_IMAGES option
  • New images are now pulled before stopping the stack to minimize application downtime

5.26 (2025-03-18)

  • Fixed a volume issue when configuring a node as an offline satellite
  • Removed support for MicroK8s orchestrator
  • The IP address of the Docker network used for container-scanner has been configured to be in a similar range to the default Docker network

5.25 (2025-01-06)

  • Automatically sets privileged: true for the container-scanner service, if the kernel version of the machine hosting Cyberwatch is lower than 5.11
  • The configuration file /etc/cyberwatch/configs-enabled/compose-service/container-scanner.yml has been renamed to /etc/cyberwatch/configs-enabled/compose-service/35-container-scanner.yml for the container-scanner service.
  • Fixed a problem in the order of use of configuration files in /etc/cyberwatch/configs-enabled/

5.24 (2024-12-10)

  • Improved cyberwatch commands for container-scanner:
    • Add cyberwatch exec container-scanner command
    • Add cyberwatch log container-scanner command
    • Add container-scanner when executing cyberwatch status
  • Improved timeout when using the cyberwatch restart command
  • Fixed a problem when importing the security database for offline instances. The new command is cyberwatch exec sidekiq_master security_database_import_task
  • Moved the directory where the container-scanner service is stored to /etc/cyberwatch/configs-enabled/compose-service/container-scanner.yml
  • Private keys created with cyberwatch configure now have a size of 3072 bits

Back to top

English Français Español