What’s New in OpenNMS Meridian 2023

System requirements

  • Java 11: OpenNMS Meridian 2023 runs on JDK 11.

  • PostgreSQL 10 or higher: Meridian 2023 requires any supported version of PostgreSQL from 10 up to (and including) 15.

  • RHEL 7, 8, or 9: Meridian 2023 requires Red Hat Enterprise Linux 7, 8, or 9, or a substantially identical derivative distribution. RHEL 7 will enter extended life cycle support in June 2024, and Meridian 2024 will no longer support RHEL 7 or its derivatives.

Breaking Changes

OpenNMS Plugin API required version updated to 1.3.0

The OpenNMS Plugin API required version has been updated to 1.3.0, following its first stable release in Horizon 30. Plugins intended to run in Meridian 2023 must implement version 1.0.0 (or higher).

Removal of XMP support

Support for the XML Management Protocol (XMP) has been removed.

Container images

The Meridian and Sentinel OCI images are now based on a minimal install of Ubuntu, rather than CentOS. Symlinks are provided to match the old paths in /opt, but it’s possible you will run into subtle differences when transitioning.

Collectd strict interval

The org.opennms.netmgt.collectd.strictInterval setting now defaults to true.

Previously, collectd would not reschedule collection for a device until after the previous collection completes. This means that if Meridian is collecting at a 5-minute interval, and it takes 1 minute to collect the data, then the next collection will start 6 minutes after the previous collection was launched.

The new default behavior is to always schedule collection as a predictable interval.

You can switch to the previous behavior by creating a property file in $OPENNMS_HOME/etc/opennms.properties.d/ with the following line of code: org.opennms.netmgt.collectd.strictInterval=false.

New features and improvements

OpenNMS Plugins

Meridian 2023 supports plugins using the OpenNMS Plugin API version 1.0 through 1.3.

OPA offers UI extensions, time-series performance enhancements and off-heap support, APIs for flow persistence and poller configuration extensions, enhanced event and monitored service metadata, management of entries in the Secure Credentials Vault (SCV), and more.

OPA can also be used to extend Minion and Sentinel. A subset of APIs are supported, as appropriate for each platform.

Cloud Services Connector with Time Series DB Support

Meridian 2023 includes the Cloud Services Connector in its default RPM install, providing access to OpenNMS Time Series DB – a new hosted cloud service which enables scalable metrics storage without the administrative overhead.

Cortex Time-Series Plugin

Meridian 2023 is the first new major Meridian release to support writing time-series data to a Cortex instance via the optional OpenNMS Cortex Plugin.

New UI Technology

We have begun to use a new UI library in portions of the Meridian 2023 web UI, in the form of Vue 3 and the Feather Design System (GitHub). This stack will be the basis for new UI implementation in Meridian going forward.

It is also now possible to write OpenNMS Plugin API plugins that include UI extensions implemented in Feather / Vue.

Topology Improvements

Network topology discovery ("Enlinkd") has received significant refactoring to make it smarter and more performant.

Containers

Container Cleanup and Refactoring

We have cleaned up and standardized how our container images are built. All images (Meridian, Minion, and Sentinel) use the same core, and are now available in amd64, arm64, and arm7 varieties. Only the amd64 images are supported for production use.

OpenShift Support

We have done considerable work to improve the experience of running Meridian 2023 on OpenShift in particular. This work is ongoing, and we will continue to expand and improve the set of available deployment artifacts throughout the life cycle of Meridian 2023. If you run into problems in an OpenShift environment that are not reproducible in other Kubernetes distributions, please log an issue report in Jira.

Collection and Thresholding

We have added configurations for thresholding on collectd and pollerd threads.

Device Configuration Backup

Initial support has been added for performing configuration backups of infrastructure devices like routers and switches. Backups are performed as part of polling the device, and can be viewed (and triggered) in the web UI.

Secure Credentials Vault

You can now validate credentials stored in the secure credential vault with the scv-validate Karaf command. Additionally, support for encrypted credentials has been extended to more places inside Meridian, most notably in metadata interpolation. Also, a REST API endpoint has been added for accessing and updating the secure credentials vault.

Flows and Nephron

It is now possible to configure thresholding on flow data. This powerful new capability enables traffic for a particular application to be used as the input for the existing threshold subsystem, enabling improved insights into what’s using the bandwidth on your network.

Minion

Polling, Metadata, and Collection

  • The XML collector can now treat a collected value as an enumerated value, which lets you convert strings into integers to store as a gauge.

  • It is now possible to passively "collect" data from incoming events as time-series data, including those that come from traps or syslog. The eventconf has additional options to configure what data to collect from parameters including regular-expression matches.

  • The BgpSessionMonitor can now be configured to use a custom OID prefix for devices that publish peer tables in a non-standard location.

Additions or updates to graphs and collections have been made for:

  • F5 Devices

  • Flows

  • Node Exporter

  • Prometheus

  • Windows Exporter

REST API

  • A new configuration management REST service has been added at /rest/cm, and a small number of configuration files have been migrated from XML in the filesystem to the underlying configuration repository.

  • Improvements have been made to the criteria querying API to support "Multi-And" and regexp restrictions, allowing for queries involving multiple event parameters, or complex string matching.

Documentation

Our documentation team has grown, and has been doing unspeakable amounts of work cleaning up, expanding, and improving the documentation.

Notable additions include:

  • A new Quick Start Guide that provides simple steps to set up basic monitoring with a minimal configuration of Meridian.

  • Developer documentation for OSGi in OpenNMS, the OpenNMS Plugin API (formerly OIA), the config management API, device config backup APIs, and the Health REST service.

  • Operation documentation updates relating to SNMP property extenders, performance data and collection, thresholding, the log file viewer, SCV, and the new UI preview.

  • Documentation improvements regarding "housekeeping" and other administrative tasks, alarms, Business Service Monitoring, Passive Status Monitoring, and more.

Single Sign-on

We have improved support for pre-authenticated use cases in the Meridian web UI, making it easier to use an external reverse proxy to integrate Meridian with a variety of identity providers such as Azure Active Directory, Keycloak, or Okta. For example, Apache HTTPD with mod_auth_mellon may be used to integrate via SAMLv2 with the Azure Active Directory IdP. More details are available in the documentation.

Appliance Integration

If you are using the virtual, 1U, or mini Appliance, you will now see additional performance data collected from your appliances via SNMP. This new capability is fully automatic, with no action is required to configure SNMP on Appliance nodes.

Important Internal Changes

  • Kafka components have been updated to version 3.0.0.

  • Our embedded Karaf has been updated to version 4.3.6.

  • security-related HTTP headers (Strict-Transport-Security, Content-Security-Policy, X-Content-Type-Options, Permissions-Policy, Referrer-Policy) were added in web.xml