--- canonical: "https://safekit.eviden.com/wp-content/uploads/downloads_safekit/version-82/safekit82releasenotes.htm" llms_index: "https://safekit.eviden.com/llms.txt" llms_section: "Release Notes" section_parent: "2. Major changes > 2.1 Major changes between SafeKit 8.2 and SafeKit 7.5" topics: "2.1.10 Module templates, 2.1.11 Permanent disabling of application checkers, 2.1.12 License check, 2.1.13 SNMP monitoring, 2.1.14 SafeKit package upgrade, 2.1.15 SafeKit email notification agent, 2.1.16 Anonymised module snapshot and log, 2.1.17 Service monitoring with targeted service restart, 2.1.18 Miscellaneous" --- ### 2.1.10 Module templates #### 2.1.10.1 Solution for Podman SafeKit brings high availability to Podman between two redundant servers. For details, see [Podman: the simplest high availability cluster between two redundant servers](https://www.evidian.com/products/high-availability-software-for-application-clustering/podman-the-simplest-high-availability-cluster-between-two-redundant-servers/) #### 2.1.10.2 hyperv.safe and kvm.safe enhancement with software error detection A custom checker is included in the [hyperv.safe](https://www.evidian.com/products/high-availability-software-for-application-clustering/hyper-v-replication-automatic-failover-load-balancing/safekit-quick-installation-guide-with-hyper-v/) and [kvm.safe](https://www.evidian.com/products/high-availability-software-for-application-clustering/linux-kvm-high-availability-replication-automatic-failover-load-balancing/safekit-quick-installation-guide-with-kvm/) modules to detect VM malfunction: VM locked up, crashed, or ceased to function. In addition, you can integrate the automatic restart of your service if it fails inside the VM. #### 2.1.10.3 mirror.safe and farm.safe enhancement The mirror.safe and farm.safe delivered since SafeKit 8.2.4, has been enhanced to allow the definition of the services list using a macro called SERVICES into the module configuration. The module scripts utilize this value to: - check that the listed services exist on the server and disable their automatic startup at boot during module configuration - automatically start and stop the listed services when necessary, during the module runtime Therefore, integrating a new application using mirror.safe or farm.safe is limited to: - getting the names of the relevant services To list all installed services on a server, use: o    the PowerShell cmdlet Get-Service in Windows o    the command systemctl list-unit-files --type=service in Linux - obtaining an unused IP address as the virtual IP - determining the paths of the directories to replicate for a mirror module - determining the load-balancing rules The user no longer needs to modify the scripts to insert the start and stop commands for each service. Indeed, you can still edit the scripts in case you need to adapt them for specific needs. For example, milestone.safe requires starting App pools after the IIS service has been started. It does not present any difficulty to adapt the generic script to insert this operation. ### 2.1.11 Permanent disabling of application checkers To avoid false error detection and automatic failover on application maintenance, you can use the commands: safekit errd suspend|resume –m module and safekit checker on|off –m module. With SafeKit < 8.2, these operations could only be run while the module is started, and the module configuration options were restored on the next stop-start of the module. Since SafeKit 8.2, these operations can be run while the module is stopped and are not resetted when the module stops-starts. Moreover, you can now use safekit errd off|on instead of suspend|resume. ### 2.1.12 License check Before SafeKit 8.2, SafeKit used to check the product license only from the file SAFE/conf/license.txt. Since SafeKit 8.2, this control is less strict and accepts any filename. If many license files are present into SAFE/conf, the most favorable license is selected (permanent over temporary, latest expiration date…). If only expired license is found, the product will stop every 3 days. ### 2.1.13 SNMP monitoring Since SafeKit 8.2, SNMP monitoring implementation differs in Windows and Linux: - in Windows, it uses its own snmp agent service. The service is now named "Net-SNMP Agent" instead of safeagent before SafeKit 8.2. - in Red Hat, it is based on the operating system’s SNMP agent. Therefore, the safekit commands for installing and controlling the SNMP agent used in previous SafeKit releases are deprecated - in Ubuntu, SNMP monitoring is not supported Refer to the section “SNMP monitoring” of the [*SafeKit User’s Guide*](https://customercare.evidian.com/space/OPD/1208320038/SafeKit+8.2?attachment=https://customercare.evidian.com/download/attachments/1208320038/safekit82userguideen.pdf&type=application/pdf&filename=safekit82userguideen.pdf)for the new procedures to manage the SNMP agent in SafeKit 8.2. Moreover, SNMP traps are no more generated. ### 2.1.14 SafeKit package upgrade Since 8.2.1: - In Linux, third-party packages on which SafeKit depends that were automatically installed are no longer uninstalled when running safekit uninstall (for upgrade). These are only uninstalled for the full uninstall with safekit uninstall -all. - In Linux and Windows, when installing the new SafeKit package for the upgrade, previously configured modules are automatically reconfigured. In some cases, described in the migration instructions, it may be necessary to reconfigure modules to account for the configuration changes introduced by the new version of SafeKit. Starting with SafeKit version 8.2.5, on Red Hat, RPM packages are GPG-signed. Thus, the SafeKit GPG public key is automatically imported to allow the installation to continue. ### 2.1.15 SafeKit email notification agent Since SafeKit 8.2.4, SafeKit offers a notification agent that sends emails for major events on modules. These events are extracted from the system log, which is populated by the log messages of modules configured on the SafeKit server. Using this feature requires that your company's IT team has set up an SMTP server that can be accessed by the agent running on SafeKit nodes. Below is an example of an email sent by the SafeKit notification agent set up on node1: With the default agent configuration, when a module critical or state change event occurs on node1, the agent gathers all other events within the following minute and sends them in a single email. To configure and enable the agent, refer to the section “SafeKit email notification agent ” of the [*SafeKit User’s Guide*](https://customercare.evidian.com/space/OPD/1208320038/SafeKit+8.2?attachment=https://customercare.evidian.com/download/attachments/1208320038/safekit82userguideen.pdf&type=application/pdf&filename=safekit82userguideen.pdf). ### 2.1.16 Anonymised module snapshot and log Since SafeKit 8.2.6, SafeKit provides the anontool utility, which allows generating a filtered and anonymized snapshot from a full snapshot. This snapshot can then be shared with third parties, such as SafeKit support, while limiting the disclosure of sensitive information about the cluster. The filtered snapshot contains the minimal subset necessary to analyze an issue: - the configuration of the cluster and module - the module log, the module script logs, and the SafeKit command log Each of these files is anonymized. The sensitive values they contain (IP addresses, hostnames, etc.) are replaced with a structured identifier, which masks the real data while still allowing analysis by support Refer to the section “Anonymised snapshot” of the [*SafeKit User’s Guide*](https://customercare.evidian.com/space/OPD/1208320038/SafeKit+8.2?attachment=https://customercare.evidian.com/download/attachments/1208320038/safekit82userguideen.pdf&type=application/pdf&filename=safekit82userguideen.pdf)for a complete description of the new syntax. ### 2.1.17 Service monitoring with targeted service restart Since SafeKit 8.2.6, the new restart\_services attribute, for the service monitoring (), allows targeted restarts of specific services instead of restarting all services globally. This attribute contains the names of the services to restart, listed in startup order and separated by commas as described below:       In this example, if *Service2* stops, errd triggers the module restart action. This results in the execution of stop\_prim followed by start\_prim with the additional parameter -Services "Service2, Service3". If the scripts are designed to handle this parameter, they could stop and start only the specified list of services instead of all services. The mirror.safe and farm.safe modules, delivered since SafeKit 8.2.4, include the start\_xx/stop\_xx scripts that support the -Services parameter. For a full description, refer to section “Service monitoring with targeted service restart” of the [*SafeKit User’s Guide*](https://customercare.evidian.com/space/OPD/1208320038/SafeKit+8.2?attachment=https://customercare.evidian.com/download/attachments/1208320038/safekit82userguideen.pdf&type=application/pdf&filename=safekit82userguideen.pdf) ### 2.1.18 Miscellaneous - Linux package Since SafeKit 8.2, all third-party libraries and bins that can be delivered with the Linux operating system are no longer included in the SafeKit package. During SafeKit installation, these packages will be automatically installed, if necessary, with the yum command (except the packages for the file replication or load-balancing that must be manually installed according to your needs). - Windows package Two SafeKit packages are available: o    a Windows Installer package (safekit\_windows\_x86\_64\_8\_x\_y\_z.msi) It depends on the VS2022 C runtime which must be previously installed. o    a standalone executable bundle (safekit\_windows\_x86\_64\_8\_x\_y\_z.exe) It includes the SafeKit package and the VS2022 C runtime. Since SafeKit 8.2.3, at the end of the SafeKit install, it is possible to proceed with firewall setup and web service initialization (with the admin password setup). This eliminates the need for manual calls to firewallcfg and webservercfg. - Module snapshot The structure and content of the snapshot have slightly changed in SafeKit 8.2. For a full description, see section “Analysis from snapshots of the module” in the [*SafeKit User’s Guide*](https://customercare.evidian.com/space/OPD/1208320038/SafeKit+8.2?attachment=https://customercare.evidian.com/download/attachments/1208320038/safekit82userguideen.pdf&type=application/pdf&filename=safekit82userguideen.pdf). See also the new SafeKit training resources “[Support tools](https://www.evidian.com/products/high-availability-software-for-application-clustering/safekit-training-support-tools/)”. Since SafeKit 8.2.4, the zips generated for snapshots are protected by the password safekit. This allows the snapshot to be received in its entirety when sent via email. - Module status Since SafeKit 8.2, the internal module status previously represented by the color’s red, magenta, green has been replaced by NotReady, Transient and Ready. These values are displayed in the module log, module state and some module resources. - User scripts dynamic reconfiguration Since SafeKit 8.2, dynamic re-configuration of scripts is supported except for running scripts in Windows (such as custom checkers). - SafeKit web server port change Before SafeKit 8.2, when changing the default value of the SafeKit web server, it was also necessary to change its value into the internal file safeini.xml. This is no longer required. - Catalog files for internationalizing backend and frontend messages have changed format - Since SafeKit 8.2.4: o    the Linux Secure boot setup has been simplified o    the webservercfg command allows to setup a custom username, to access the web console, instead of using the default one, which is admin o    in Windows, the demonstration module vhost.safe includes the example of setting and testing the virtual hostname for a service o    SafeKit includes a configurable mechanism for encrypting and decrypting sensitive data used within its components. See section “Encryption of sensitive files in SafeKit” in the [*SafeKit User’s Guide*](https://customercare.evidian.com/space/OPD/1208320038/SafeKit+8.2?attachment=https://customercare.evidian.com/download/attachments/1208320038/safekit82userguideen.pdf&type=application/pdf&filename=safekit82userguideen.pdf) - Since SafeKit 8.2.5 o    in Linux, the firewallcfg add command also automatically activates firewall configuration for modules as soon as they are set up. Prior to this version, it was necessary to run the command firewallcfg add *AM* (where *AM* is the name of the module) o    japanese translation is now available in the module logs and the web console o    add the command safekit prim fullsync to trigger a full reintegration of all replicated directories on the secondary when it is started - Since SafeKit 8.2.6 o    in Linux, the SafeKit installation logs are generated in /tmp/safekit directory o    The healthcheck script is delivered to perform a global verification of a SafeKit environment on a SafeKit node.