On This Page:
This document covers:
- New features or functionalities
- Enhancements to existing features or functionalities
- Open issues or known issues
- Fixed issues
November 25, 2020
Volterra Node/Site Management
Enhanced HA on SLI
Node mastership is now based on all configured VIPs across Site Local Outside (SLO) and Site Local Inside (SLI) interfaces.
Local UI Enhancements
Introduced status and tooling enhancements to the local UI dashboard of Volterra site.
Automatic API Schema Generation
Introduced per API endpoint Swagger API schema documentation generation. This can be found under
App Namespace ->
Service Mesh ->
API Endpoints ->
Endpoints Details ->
Active Service Policies for HTTP Load Balancers
Introduced the ability to define active service policies for a specific HTTP Load Balancer. You can choose one of the following service policy options for the load balancer:
- Set a default service policy
- Apply active service policies
- Disable the active service policy
IP Prefix & Prefix List Options for Forward Proxy Policy
Introduced ability to match destinations based on IP prefix and IP prefix lists under the custom rule list of the forward proxy policy.
BGP ASN and GeoIP Support for Forward Proxy Policy
Introduced ability to create a forward proxy policty matching on a specific BGP AS, ASN list, and GeoIP labels.
Forward Proxy Support for Global Networks
Introduced support for configuring forward proxy in the network connector when connecting Site Local Inside (SLI) to Global Network Type VNs.
Enhanced vK8s Workload Dashboard
Enhancements are added to the vK8s workload dashboard under
App Namespace ->
Virtual K8s ->
Flow Table Under Site Management
Introduced the ability for the user to view existing flows per node.
Sidebar Navigation Enhancements
Several enhancements are added to the UX of the sidebar in VoltConsole.
Beta Release of Public Terraform Provider
Introduced beta support for Volterra's public terraform provider. See Volterra Terraform Provider for more information.
Changes to Default Behavior
Change to Packaging and Management Providers
In case of a Volterra CE site behind a firewall that is performing URL filtering, ensure that you update it with the latest domains listed in the Network Cloud Reference page.
November 5, 2020
Volterra Node/Site Management
Upgrade Guided Sites (AWS VPC/TGW, Azure & GCP) directly from Site List
Introduced support for users to directly upgrade site deployments via
Site Management for AWS/Azure/GCP/TGW sites and also from the
Site List page for sites.
GCP and Azure support for VoltStack Cluster Deployment Option
Site Management page for Azure VNET & GCP VPC to support a 3rd deployment option called
VoltStack Cluster (One Interface).
Site Health Calculation Enhancements
Enhanced health score calculation to take
Site Admin state into account.
TLS interception support for HTTP Connect & DRP
Introduced support for TLS interception when configuring an HTTP Connect or DRP (Dynamic Reverse Proxy) virtual vost.
Descriptions for Policy Rules
Introduced logging of the description field for the configured policy in the hit logs. The policies include service oolicy, forward proxy policy (simple and custom rule set), network policy, and secret policy.
AWS TGW - East - West Forward Proxy Support
When provisioning an AWS TGW Site, East-West traffic now supports forward proxy policies by default.
vK8s Workload & Jobs View Enhancements
Enhanced the vK8s workload & Pods table view to include deployment name, running pods, total pods, total sites, sites with error, sites without pods, virtual site, upgrade, and actions.
vK8s Virtual Site Descriptions
During vK8s virtual site selection, the selection table now shows descriptions for the virtual sites (system or user created).
Site Security Dashboard
Introduced the beta version of the site security dashboard. This view provides tenant and site level firewall events and logs. This is available at
API Endpoint Enhancements & Fixes
Enhanced UX and navigation of endpoint details in the API Endpoint page.
Notification Dashboard Enhancements
Audit Logs pages under
Revoking API Certificates and Kubeconfig
Support for revoking API certificates and Kubeconfigs is introduced. In case of API certificates and Kubeconfigs created prior to this release, you might receive the
Client certificate is invalid or revoked response for API requests. In such case, create new certificates and download for use.
ISV 8000 Series GA
The Industrial Server (ISV) 8000 is now Generally Available. The Volterra Industrial Server is a series of ruggedized edge computing devices providing hyper-converged compute, GPU, storage and networking. They are easy to deploy and operate systems capable of running learning, inference, containerized or legacy (VM) workloads—from manufacturing plants to retail stores and small branch offices. Volterra Industrial Servers combine the capabilities of hyper-converged infrastructure (HCI) with a GPU for machine learning and robust connectivity (4G LTE/GPS/Wi-Fi/Bluetooth) in a single ruggedized device designed to meet the rigorous demands of edge and industrial environments. You can learn more about the Volterra Industrial Server from the data sheet here and the User Manual here.
Changes to Default Behavior
Advanced page is deprecated.
October 14, 2020
Volterra Node/Site Management
Enhanced Remote Tooling (show service status)
The user can now query service specific status on a Per Node basis from VoltConsole. System -> Site -> Tools -> Show services status
During CE setup the user can now configure a default ves.io/fleet type. This is helpful in scenarios where CEs required a basic working configuration on CE registration (i.e., Local breakout).
AWS TGW Site
VoltConsole now supports the deployment of Volterra Sites and management of AWS TGW's. System -> Site Management -> AWS TGW Site.
GCP VPC Site
VoltConsole now supports the deployment and management of Volterra Sites in GCP. System -> Site Management -> GCP VPC Site.
Site Wizard Improvements
The Site Wizard Page has been improved for better UX, readability and error/status reporting.
DDoS forensics and analysis
DDoS forensics and analysis for Load Balancers and Site (Forward Proxy) Enhanced ability to perform forensics and analysis of configured HTTP & TCP Load Balancers and per Site Forward Proxy.
Enhanced Alerting of DoS/DDoS
Using Time Series Analysis (TSA) of the Request Rate, Response Throughput, Latency and Error Rate anomalous enhanced DoS/DDoS alerting has been enabled.
HTTP/HTTPS on additional ports
This release has added additional HTTP & HTTPS ports to be advertised on Volterra's REs (Public Network). Supported HTTP ports are 80 8080 8880 2052 2082 2086 2095 25565. Supported HTTPS ports are 443 2053 2083 2087 2096 8443 25565.
Forward Proxy in Denied Rules Hit
Site Dashboard Denied Rules Tile now includes Forward Proxy. The site dashboard Denied Rules tile now includes Forward Proxy as an option, in addition to Service & Network Policy.
VoltStack DC Cluster
Guided Configuration for Volterra DC Cluster - This feature brings in vK8s application deployment workflow to ease deploying applications on Volterra platform. The interface given caters to the developers, provides application level interface and hides some of the underlying infrastructure related tasks.
Storage Device Support - This feature brings support for Dell EMC Isilon F800 & HPE Nimbus Storage AF40, this is configured in the Fleet object under Storage Configuration.
Simplified Workload Deployments on vk8s
Simplified Workload Deployments on vk8s - This feature brings in vk8s application deployment workflow to ease deploying applications on Volterra platform. The interface given caters to the developers, provides application level interface and hides some of the underlying infrastructure related tasks.
NVIDIA GPU support on ISV 8000 Series - Updated the ISV Certified Hardware Profiles to download to support NVIDIA GPUs.
New User Type: Debug User
There is a new user type called "Debug User". This allowed the tenant admin to provide the Volterra Support team access to the tenant to enhance troubleshooting.
New Alert Receivers (SMS/Email)
Email and SMS are supported receivers under Alert Management.
Enhanced Connection Log Views
The connection log page has been enhanced to render the data in a more user friendly format.
Upcoming Changes to Default Behavior
In the planned November release, the System -> Security -> Advanced will be deprecated.
In case of node hardware, the USB device whitelisting is enabled by default. Connecting a new device after registration of the node does not work.
Note: You can see the USB devices by navigating to your site dashboard via
Site Listpath. Open the
Nodestab and click on a node to open its dashboard view. Click
Hardware Informationtab to see the USB devices list.
September 24, 2020
Volterra Node/Site Management
Per Node Tooling from Site Dashboard
The site dashboard in VoltConsole allows additional troubleshooting and status commands to be executed remotely.
Fleet Configuration Enhancements
Fleet Configuration and related objects (Network Interface, Virtual Networks, Network Connectors, Network Firewall, Network and Forward Policies) can be initially configured during Fleet creation. This is configured under
Site Management ->
For information on fleet configuration, see Create Fleet.
Fast ACL Configuration Enhancements
Guided form is introduced to enable easier configuration of fast ACLs. See Fast ACLs for configuration instructions.
Hub Group Only Mesh
For smaller deployments, it is desired to configure site-to-site mesh groups without a hub & spoke model. This release introduces the ability to configure a mesh with a hub group only.
HTTP Connect & Dynamic Reverse Proxy Wizard
Guided forms are introduced to enable easier configuration of HTTP Connect & Dynamic Reverse Proxy under the
The vK8s dashboard is updated for a better UX experience and end-to-end view of pods deployments, statistics, and health.
IGW 5000 Series
GA Support for Volterra's Industrial Gateway 5008 & 5508 series is introduced.
Site List & Connectivity Enhancements
Updates are made to the default
Site List page to provide clear views of per site data. Connectivity topologies are now arranged based on site longitude/latitude and no longer based on alphabetical order.
App Traffic Enhancements in App Namespaces
Optimizations are delivered to the app traffic graphs views under
General Tab Updates
Updates are introduced to the
General tab and layout for simplified UX for
A new section called
Tenant Settings is added. The tenant settings section provides an overview of tenant information such as tenant ID, domain and company name. System wide IAM credentials can be configured here.
Updates are introduced to billing reports, usage details, and billing settings. These include options to request changes to existing plans and viewing existing tenant wide quotas.
Updates to the escalation processes are added to team and organizational plans.
Changes to Default Behavior
The default time interval for App Firewall Dashboard is changed to 12hrs from 5 minutes.
- Performing reboot of active master node of a multi-node site from the VoltConsole requires you to wait till the reboot is completed before attempting the reboot of other nodes.
August 13, 2020
New FeaturesVolterra Node/Site Management
Site Deployment WizardsIn this release, we've introduced a simplified Site Deployment Wizard. Initial Cloud Providers include AWS and Azure.
Site Local UI and Volterra CLI Enhancements
Introduction of Site Local UI Dashboard at
https://<volterranode-ip>:65500. Various debugging enhancements to Volterra Admin CLI are added.
Volterra CLI for Cloud InstancesCloud instances for Volterra Node now support the Volterra CLI for enhancement debugging. Users can access it using the ssh key used when used in the deployment of the Cloud instance.
Enhanced Site MonitoringThis feature enhanced existing site monitoring pages in the Site Dashboard. Enhancements included per node health, metrics (CPU/Memory), DHCP Server (Client Leases, Hostnames, IPs, etc.), Per Interface metrics, etc.
Multi-Node Master Node Replacement Support
Support for replacing a master node in a multi-node cluster configuration. Details can be found here.
VoltMesh - Virtual Hosts - Load Balancers
Default Pages Error Pages for JS Challenge, Captcha and ErrorsAdded default pages for all VIPs configured using an HTTP Load Balancer or advanced Virtual Host configurations.
VoltMesh - Delegated Domains
Delegated Domain - EnhancementsWe now support native integration with LetsEncrypt for those customers who don't want to BYOC and want a secure app experience, this is available as part of the Virtual Host -> HTTP Load Balancer configuration. Provided enhancements in the Domains Verification setup and post-verification displays.
Delegated Domain - DNSSEC
We now support DNSSEC for Delegated Domains. More information here.
VoltStack - vK8s
vK8s AuditabilityThis enables the ability to get audit logs for Create/Update operations on k8s objects (for e.g deployment, service, etc.) in vk8s.
UI/UX EnhancementsVoltConsole sidebar and overall navigation has been augmented to enhance the UX and to simply NetOps, DevOps, Secops and Developer workflows.
2FA AuthenticationThis feature allows the ability for customers to enable 2FA Authentication for freemium tenants and tenants who use Volterra for Authentication. This does not apply to tenants that use SSO Authentication.
Okta SSO supportThis release introduces tenant SSO support for Okta.
July 23, 2020
vK8s PVC Storage on Regional Edges
Volterra Regional Edge sites the Volterra ADN now support Persistent Volume Claims (PVC) for vK8s pods.
Ability to Select a List of Sites for vK8s Objects
This feature provides the ability to select a list of sites (using the
ves-io/sites: site1,site2 annotation) for vK8s objects. This is an enhancement to the current ability to select a list of virtual sites(using the
ves.io/virtual-sites: vsite1,vsite2 annotation).
See vK8s Resource Management for more details.
Audit Logs for Operations on K8s Objects in vK8sThis feature enables audit logs for the Create/Update operations on K8s objects (such as deployment, service, etc.) in vK8s.
Ability to Test Alert Notifications
This feature enables user to test alert notifications to an alert receiver. Once an alert receiver is created, a verify API on the alert receiver will generate a test alert to that receiver.
API User/Client Rate Limiting
This feature introduces the support for rate limiting the number of API requests per user over a time period. Rate limiting per user is based on the user identification configured on the rate limiter object. For more information, see Configure Rate Limiting.
Support TLS Fingerprinting in Service Policy Rules
This feature introduces the support for configuring a service policy rule to match TLS fingerprint and action. Actions are deny and rate-limit. For more information, see Configure TLS Fingerprinting.
Two Factor Authentication (2FA) VoltConsle Support
This feature introduces support for enabling 2FA for all plans for customers who use Volterra for authentication. This does not apply to tenants that use SSO for authentication.
API Tokens for Volterra APIs
This feature introduces support for API tokens to be used with Volterra APIs. This is in addition to the already supported API certificates. For more information, see Obtain Credentials.
Delegate Domains to Volterra
This feature introduces support for delegation of domains to Volterra for DNS management. When a domain is delegated to Volterra, all subsequent HTTP load balancer names created will result in the proper DNS RR records to be created. For more information, see Delegate Domains.
HTTPS Load Balancer Automatic SSL certificate Creation for Delegated Domains
This feature introduces support to enable automatic TLS certificate minting and verifying for a HTTPS load balancer provided a DNS domain is delegated to Volterra. For more information, see Create HTTP Load Balancer.
Support for GCP
This feature introduces support for site deployment in GCP using the Volterra Node GCP images.
CentOS Support for VMWare ImagesVolterra Node CentOS support is introduced on VMware ESXi hypervisors.
June 9, 2020
Verify Domain Ownership in the Bring Your Own Certificate (BYOC)Volterra will confirm domain ownership by verifying the domain in the virtual-host field matches that in the TLS certificates. If there is no match, the configuration is rejected.
Enable Wizard Forms for Alert NotificationsThis feature presents simplified configuration views for alert notifications.
Volterra Site on MiniKube, EKS, and AKSThis feature introduces the ability to deploy a Volterra node on MiniKube, EKS, and AKS for site creation and use in VoltConsole tenant.
vK8s: K8s Pod DeleteThis feature introduces support for pod deletion in vK8s and is supported using kubectl.
Support API TokenIn addition to certificates, this introduces support for API tokens for 3rd party/external API to access VoltConsole services.
Caveats & Changes to Default Behavior
Network policies to implicitly deny traffic is now the system default behavior the moment network policy is configured. Prior to R1.2, the behavior was an implicit allow. In case you have an existing network policy set with no explicit rule to allow the ingress or egress traffic, the traffic will be dropped.