Ops One AG platform status and maintenance announcements. Times are indicated in local Swiss time. https://opsone.ch/.

All systems are operational

Core

Cluster

Operational

Network

Operational

DNS

Operational

Cockpit

Operational

Domain Registration

Operational

Managed Server

Version 9

Operational

Version 8

Operational

Version 7

Operational

Version 6

Operational

Version 5

Operational

Version 4

Operational

Version 3

Operational

Managed Applications

Matomo

Operational

Nextcloud

Operational

Mailserver

Operational

Discourse

Operational

GitLab

Operational

Scheduled Maintenance

Sentry 24.4.2

We will update Sentry to version 24.4.2.

Start maintenance window: 06/05/2024 23:00
Stop maintenance window: 07/05/2024 02:00

Cluster Maintenance

We will update soft- and firmware throughout our cluster. During the update, a higher disk i/o latency is to be expected.

Start maintenance window: 06/05/2024 23:00
Stop maintenance window: 07/05/2024 02:00

Debian Updates: Managed Server 7

We will update the following packages to the latest version.

docker-ce/buster 5:26.1.1-1~debian.10~buster amd64 [upgradable from: 5:26.1.0-1~debian.10~buster]
docker-ce-cli/buster 5:26.1.1-1~debian.10~buster amd64 [upgradable from: 5:26.1.0-1~debian.10~buster]
docker-ce-rootless-extras/buster 5:26.1.1-1~debian.10~buster amd64 [upgradable from: 5:26.1.0-1~debian.10~buster]
docker-compose-plugin/buster 2.27.0-1~debian.10~buster amd64 [upgradable from: 2.26.1-1~debian.10~buster]
blackfire/any 2:2.27.0 amd64 [upgradable from: 2:2.26.4]

Start maintenance window: 06/05/2024 23:00
Stop maintenance window: 07/05/2024 02:00

Debian Updates: Managed Server 8

We will update the following packages to the latest version.

docker-ce/buster 5:26.1.1-1~debian.10~buster amd64 [upgradable from: 5:26.1.0-1~debian.10~buster]
docker-ce-cli/buster 5:26.1.1-1~debian.10~buster amd64 [upgradable from: 5:26.1.0-1~debian.10~buster]
docker-ce-rootless-extras/buster 5:26.1.1-1~debian.10~buster amd64 [upgradable from: 5:26.1.0-1~debian.10~buster]
docker-compose-plugin/buster 2.27.0-1~debian.10~buster amd64 [upgradable from: 2.26.1-1~debian.10~buster]
blackfire/any 2:2.27.0 amd64 [upgradable from: 2:2.26.4]

Start maintenance window: 06/05/2024 23:00
Stop maintenance window: 07/05/2024 02:00

Debian Updates: Managed Server 9

We will update the following packages to the latest version.

docker-ce-cli/bullseye 5:26.1.1-1~debian.11~bullseye amd64 [upgradable from: 5:26.1.0-1~debian.11~bullseye]
docker-ce-rootless-extras/bullseye 5:26.1.1-1~debian.11~bullseye amd64 [upgradable from: 5:26.1.0-1~debian.11~bullseye]
docker-ce/bullseye 5:26.1.1-1~debian.11~bullseye amd64 [upgradable from: 5:26.1.0-1~debian.11~bullseye]
docker-compose-plugin/bullseye 2.27.0-1~debian.11~bullseye amd64 [upgradable from: 2.26.1-1~debian.11~bullseye]

Start maintenance window: 06/05/2024 23:00
Stop maintenance window: 07/05/2024 02:00

Elasticsearch 7.17.21

We will update Elasticsearch to version 7.17.21.

Start maintenance window: 06/05/2024 23:00
Stop maintenance window: 07/05/2024 02:00

Elasticsearch 8.13.3

We will update Elasticsearch to version 8.13.3.

Start maintenance window: 06/05/2024 23:00
Stop maintenance window: 07/05/2024 02:00

Kibana 8.13.3

We will update Kibana to version 8.13.3.

Start maintenance window: 06/05/2024 23:00
Stop maintenance window: 07/05/2024 02:00

Past Incidents

Tuesday 29th January 2019

NextCloud Update v15.0.2, scheduled 5 years ago

We will update NextCloud to Version v15.0.2. We expect a downtime of ~10 minutes.

Start maintenance window: 29/01/2019 00:00 CEST
Stop maintenance window: 29/01/2019 02:00 CEST

Thursday 17th January 2019

Managed Server Version 5 & 6: TLS/SSH Diffie-Hellman group updated, scheduled 5 years ago

In course of our half-yearly security checks, we updated the globally used Diffie-Hellman group to a new set for TLS and SSH.

Wednesday 16th January 2019

Managed Server Version 6: Add Support for Solr 7 and Remove Outdated Solr Versions

added support for Solr 7, see documentation for details
removed support for Solr 5
removed support for Solr 4
removed tomcat service which is not used anymore

Reference #498

Tuesday 15th January 2019

No incidents reported

Monday 14th January 2019

Managed Server Version 6: Website Service: Enable ModSecurity in DetectionOnly Mode

So far, there was no web application firewall on generation 6 servers, as we had yet to lay some groundwork before. With this change, we will enable ModSecurity and load the OWASP core set, please see the detailed changes below:

update nginx to the latest stable version 1.14.2
load ModSecurity base configuration
load OWASP core rule set
enable ModSecurity in DetectionOnly mode (= logging only)
detected requests are logged into the ModSecurity audit log at /var/log/nginx/modsecurity.log (accessible via devop user)

Next steps:

we will analyze all audit logs and take appropriate actions if required
we might contact you over the next 2 weeks to discuss required changes on our or your end if required
we're going to activate blocking mode (switch engine from DetectionOnly to on) on Monday, January 28th

Reference: #291

Sunday 13th January 2019

No incidents reported

Saturday 12th January 2019

No incidents reported

Friday 11th January 2019

No incidents reported