Release Notes for Citrix ADM 13.1-17.42 Release
This release notes document describes the enhancements and changes, fixed and known issues that exist for the Citrix ADM release Build 13.1-17.42.
This release notes document does not include security related fixes. For a list of security related fixes and advisories, see the Citrix security bulletin.
The enhancements and changes that are available in Build 13.1-17.42.
Management and Monitoring
ADM support for BLX cluster
You can now add the BLX cluster in ADM. In the ADM GUI, the Cluster IP address (CLIP) is added and the count of the cluster nodes is now visible in the dashboard.
Improvements to handle broken DB streaming channel issues
In a high availability deployment setup, whenever there is a streaming replication error, Citrix ADM automatically detects that the DB streaming channel is broken, and the DB sync is triggered automatically in the background. The recovery of the broken DB streaming channel happens once every 24 hours. A user can also manually synchronize the database from the GUI using the Sync database button. The configuration files are synchronized automatically from the primary node to the secondary node and the self-replication of the database happens. You can view the progress of the database synchronization by clicking the View Logs button under Settings > Deployment.
Manage ADC instances in a GSLB cluster
Sometimes, in a GSLB cluster, the configuration objects of the ADC instances try to overwrite each other. And, it leads to a race condition. To address such issues, you need to control the master node selection in the GSLB cluster. The configuration in the master node will be applied to the remaining ADC instances. In Citrix ADM, you can now create a GSLB cluster group and add ADC instances. You can also select a master node among the ADC instances and set the priority order for master node selection.
Under Network Functions > GSLB, a user can now view only the entities from the master ADC node.
IPv6 support in bot insight
When you drill down an application under Bot in Security > Security Violations > Application Overview, the Logs now display the IPv6 address for the Client IP and Bot True Client IP.
View analytics for Content Switching virtual server bound to Load Balancing virtual server
In Security > Security Violations, the Application Overview tab now displays analytics for content switching virtual server that is bound with load balancing virtual servers. Click the content switching virtual server and under Bound Load Balancing Server, you can view the list of load balancing servers bound to the content switching virtual server.
A unified process to enable analytics on virtual servers
Apart from the existing process to enable analytics, you can now use a single-pane workflow to configure analytics on:
- All the existing licensed virtual servers
- The subsequent licensed virtual servers
After configuration, this feature eliminates the necessity to manually enable analytics on the existing and subsequent virtual servers.
For more information, see A unified process to enable analytics.
Security violation - JSON SQL Injection Grammar
In Security > Security Violations, under WAF, you can now view the JSON SQL Injection Grammar violation for the selected application. For more information, see https://docs.citrix.com/en-us/citrix-application-delivery-management-service/analytics/security/application-overview.html.
StyleBooks support nested parameter-conditions
In a StyleBook definition, you can now specify a parameter condition within a parameter condition. These conditions are called nested parameter conditions and use a repeat construct to define these conditions. The nested parameter conditions are useful when you want to apply an action to each item of a list parameter.Example:
parameters-conditions: - repeat: $parameters.lbvservers repeat-item: lbvserver parameters-conditions: - target: $lbvserver.port action: set-allowed-values condition: $lbvserver.protocol == "HTTPS" value: $parameters.ssl-ports <!--NeedCopy-->
In this example, when the user selects the HTTPS protocol for a load balancing virtual server, the port values are dynamically populated. And, it applies for each load balancing virtual servers in the list.
The issues that are addressed in Build 13.1-17.42.
Sometimes, the ADM GUI displays the SSL cipher name as NA.
In Citrix ADM, when you schedule an upgrade of your Citrix ADC instances at a particular time, the upgrade triggers immediately. It does not happen at the scheduled time.
Management and Monitoring
For an ADC high-availability pair, you cannot create a backup of the secondary node from the ADM GUI.
An error message is displayed when you navigate to Settings > Deployment. This error message is displayed, when you:
- Navigate to Infrastructure > Instances > Citrix ADC > SDX, select an instance, and click Dashboard to view details.
- Return to the SDX tab, select the same instance, and click Unmanage from the Select Action list.
When you click on View Logs, the Database Sync Logs message appears and you can view the real-time details of the synchronization progress. However, if DB sync procedure is not initiated, an exception message appears.
With this fix, the exception message does not appear, but it will now show the appropriate message.
NTP sync may stop working after reboot of Citrix ADM.
Sometimes, the ConfigAuditOnTrapJob triggers the config audit on all ADC instances, instead of only to the required ADC instances.
In Infrastructure > Configuration > Configuration Jobs, the configuration job using the Record and Play displays an error message.
When the sync fails in the ADC high-availability pair, the secondary server cannot replicate the configuration changes from its primary server. As a result, the partitions and associated user group configuration get removed from ADM. And, the partitions count appear as zero.
In Infrastructure > Events > Event Settings, the disk failure events of Citrix ADC SDX instances are not displayed.
When you configure the schedule export using the email option, the attachment is received as an empty report.
The report generated using the Schedule Export option might not work as expected.
If the source ADC configuration has any command which requires a user input, the replicate configuration fails. The following is an example command:
set ssl parameter - defaultProfile ENABLED
In the ADM GUI, when you repackage SDX using the TAR command, the status of the repackage activity is shown as In progress even when there is a failure.
ADM subsystems do not start after the ADM high-availability failover. This issue occurs because the ADM database is started in the read-only mode.
The Citrix ADM 13.1-12.x build supports only two free virtual server licenses. For more information, see Licensing.
After upgrading to the
13.1-12.x build, if any virtual server (with analytics enabled already) gets unlicensed, the Analytics Status in the All Virtual Servers page (Settings > Licensing & Analytics Configuration > Configure Analytics) might still show it as enabled, but the analytics data is not shown in ADM.
After upgrading Citrix ADM to
13.1.12.x, the ADM GUI doesn’t load the StyleBooks page.
When you deploy a configuration pack on the primary node of the ADC high-availability pair and that node goes down, the configuration pack does not update on the secondary server. So, the configurations are not maintained on the target instances as expected.
The issues that exist in release 13.1-17.42.
When you enable analytics on a virtual server, some required information might be lost between ADC and ADM. As a result, the transaction data becomes invalid and is unavailable on the ADM reports.
When you configure a Citrix ADM 13.1 on-prem agent on Azure cloud, an error message is displayed.
You can ignore this error message and continue to configure.
When you create a member on OpenStack Lbaas using ADM orchestration, the member creation fails on OpenStack intermittently. This issue happens when a proxy request from ADM to orchestration services times out after 30 seconds. With this fix, the request timeout for orchestration APIs has increased to 120 seconds.
If you are using OpenStack Queens for LBaas workflow, the Load Balancing virtual server is not bound to the Content Switching virtual server. This issue impacts the traffic.
- Create a pool with Load Balancing virtual server.
- Create a listener with the pool ID. If you already have a listener, update the listener with the pool ID.