automation-suite
2024.10
true
  • Linux 版 Automation Suite 发行说明
    • 2024.10.0
  • EKS/AKS 上的 Automation Suite 发行说明
    • 2024.10.0
  • Automation Suite on OpenShift release notes
UiPath logo, featuring letters U and I in white
Automation Suite 发行说明
Last updated 2024年11月11日

2024.10.0

发布日期:2024 年 11 月 11 日

新增功能

Document Understanding modern projects onboarded to Automation Suite

We are happy to announce the addition of Document Understanding modern projects to our Automation Suite product portfolio. This expansion aligns with our aim to maintain parity with the functionalities offered via Automation Cloud.

If you plan to enable Document Understanding modern projects, make sure to check out the cross-product dependencies and that you meet all the prerequisites. Note that Document Understanding modern projects require additional resources, so make sure to take that into account when enabling this product.

All the details about the installation and configuration of these newly onboarded products are available in the Automation Suite on Linux Installation Guide. For details on how make the most out of the functionality of these products, refer to Document Understanding Modern Projects User Guide.

Introducing lite mode

In an attempt to make your start with Automation Suite easier and cost-effective, we are now introducing the lite mode. With it, you can start with fewer infrastructure requirements and when ready, transition to high availability for specific services.

By default, in lite mode, all services are non-high availability to save resources. However, if you want to enable high availability for certain services, you can do it by configuring the profile parameter in the cluster_config.json file or through the use of our interactive installer.

A key benefit of lite mode is its resource efficiency. It offers full functionality without the need for high availability across all services. Consequently, the lite profile needs fewer resources, a value-added feature for infra-budget-conscious organizations.

Notably, lite mode is not just for small-scale operations. This mode is designed with scalability in mind, so as your needs grow, lite mode grows with you.

Lite mode is versatile, accommodating a wide array of scenarios, such as the following:

  • You plan to explore the Automation Suite functionality without a significant infrastructural commitment.

  • You start with a minimal setup but want the flexibility and ease of scaling up as the need arises.

  • You aim to manage infrastructure cost by customizing the availability of services to your unique needs.

  • You aim at smaller-scale use cases and prefer a system that operates efficiently with non-high availability services.

Unifying command line operations with uipathctl

We are thrilled to share that uipathctl extends its role in Automation Suite, as part of our initiative to unify our CLI tools. uipathctl heads toward becoming a stronger and a more convenient single entry point for all your tasks within Automation Suite.

This streamlines your installation and configuration of Automation Suite and creates a more integrated experience.

As a result, uipathctl replaces the following scripts and assimilates their functionalities:
  • install-uipath.sh, previously used to install and customize Automation Suite .
  • configureUiPathAS.sh, previously used to perform operations within the Automation Suite cluster, such as the certificate management, as well as the configuration of objectstore, registry, and monitoring tools.
  • configureUiPathDisks.sh, previously used to configure disks and mounting points for your new Automation Suite cluster, as well as resize data disks post-installation.
  • validateUiPathReadiness.sh, previously used to validate and install the RPM packages and to validate the prerequisite checks required when installing Automation Suite.
  • orchestrator_configurator.sh, previously used to configure files and settings within the Orchestrator deployment in Automation Suite, such as adding storage files, credential store plugins, NLog extensions, and changing appSettings.

We look forward to sharing further enhancements with you.

For more details on the commands you can run, see uipathctl.

RHEL supported versions

We have expanded our OS support to include RHEL 8.6, 8.8, 8.9, 8.10, 9.2 and 9.4 versions.

AWS 签名版本 4 支持

Automation Suite 现在对所有 S3 API 请求使用 AWS 签名版本 4。 这会影响在不支持 AWS 签名版本 4 的 S3 服务器上使用 Automation Suite。

SSE-KMS support

Automation Suite now supports server-side encryption with Key Management Service (SSE-KMS) on AWS S3 buckets.

For more information on SSE-KMS, see the AWS documentation.

Support for TLS 1.3

We now support Transport Layer Security (TLS) 1.3. This new TLS version brings several key improvements, being more secure than its predecessor, TLS 1.2, and offering speedier connections and improved performance.

For details on how to upgrade from TLS 1.2 to TLS 1.3, refer to How to address weak ciphers in TLS 1.2.

支持需要项目的外部注册表

我们很高兴地宣布,Automation Suite 现在支持 Orchestrator 和其他外部注册表,这些注册表要求您先创建一个项目,然后才能从注册表中推送或拉取映像。

新先决条件检查

我们添加了更多先决条件检查,以优化安装和配置 Automation Suite 的整体体验,并尽早发现缺失的要求。以下是一些重点内容:

  • Automation Suite 现在会检查外部对象存储是否支持通过预签名 URL 向存储桶发出 POST 请求。Document Understanding 需要 POST 请求支持才能从存储桶下载文件。

  • We have introduced a new prerequisite check for configurations using a single node RKE2 with in-cluster storage. An additional disk of a minimum 512GB is now required to store Ceph data backups. To partition the disk for Ceph, you must use the following command: 

    ./bin/uipathctl rke2 disk --backup-disk-name <disk-name>./bin/uipathctl rke2 disk --backup-disk-name <disk-name>
  • A new prerequisite check validates that you have enough disk space to enable Document Understanding modern projects. This check verifies disk space availability on the /datadisk/registry and /var/lib/rancher disks.

实例元数据服务版本 2 支持

我们现在在 AWS 的高可用性部署中支持 Instance Metadata Service 版本 2 (IMDSv2)。 有关 IMDSv2 的更多信息,请参阅AWS 文档

Apps subdomain requirement

To take full advantage of the features that Apps offers, you now must provide a unique subdomain with a Fully Qualified Domain Name (FQDN). You must make the following changes:

  • Update your certificate with a Subject Alternative Name (SAN) entry for Apps. Details...

  • Adjust your DNS server to accommodate the new Apps subdomain. Details...

Automatic rotation for identity token-signing certificates

Automation Suite 2024.10 introduces automatic identity token-signing certificate rotation. This feature automates the lifecycle of your signing keys, offering enhanced security and reducing the need for manual certificate management.

If you're deploying Automation Suite 2024.10 for the first time, this feature is enabled by default. The option for manual management of signing certificates remains available, and those who prefer manual control or have specific operational requirements can disable automatic certificate rotation.

For users upgrading to 2024.10 from an older version, automatic management is disabled by default but can be enabled if desired.

For details on how to enable or disable automatic certificate rotation, see Automatic certificate rotation in the Automation Suite on Linux documentation, or Automatic certificate rotation in the Automation Suite on AKS/EKS documentation.

许可证新闻

新的消耗品监控选项

现在,您可以借助新的“消耗品”选项卡以更精细的方式监控许可证分配。它位于组织级别和租户级别的“管理”部分中,细分了许可的使用单位(例如 AI Unit、Robot Units 和 API 调用)的分配和使用情况。

引入 SAP 传输单位

现在提供了一种新的服务使用单位,称为 SAP 传输单位。它用于在 Test Manager 中授权 SAP 变更影响分析功能。

与许可证相关的租户限制更改

如果您的许可证包含以下任何服务,您将很高兴知道现在可以在不限数量的租户上启用这些服务:
  • Automation Hub
  • Process Mining
  • Test Manager
  • Insights

删除许可证超额分配横幅

到目前为止,当分配给服务的许可证数量超过组织可用的许可证数量时,系统会显示警告横幅。但是,它没有提供任何明确的超额分配信息,也没有提供用于解决此问题的操作项目。

因此,为了增强用户体验并消除任何干扰,我们决定将其删除。您仍然可以通过查看分配抽屉找到所有相关详细信息。

通过 AI Unit 许可 Process Mining

就像我们的几个 AI 产品一样,Process Mining 现在通过 AI Unit 进行许可。

有关使用的详细信息,请参阅 Process Mining 指南中的“许可证”页面。

弃用从主机门户激活许可证

我们正在努力更好地支持 UiPath™ Platform 不断发展的商业产品,为此,我们将弃用从主机门户激活许可证的选项。为了帮助轻松完成这一过渡,我们添加了一个警告横幅,通知管理员许可证已弃用,并提供了许可证激活的最佳实践。

请放心,这不会影响相关功能,并且您仍然可以从主机门户激活许可证,直到该功能被删除

Personal access tokens (PATs)

We are excited to introduce personal access tokens (PATs). PATs provide developers with an efficient and secure method to obtain tokens with user-scoped access. PATs can limit risk when working with applications or automations that do not allow for other authentication mechanisms, or where you do not want to provide your credentials. If the app is compromised, you simply revoke the PAT.

备注:

个人访问令牌仅用于本地用户。

核心功能:

  • 系统会自动撤销从组织中删除的用户的关联 PAT,以防止未经授权的访问。

  • 组织管理员可以管理已发布的 PAT,从而在必要时轻松撤销访问权限。

For detailed information on implementing PATs, please refer to the docs on personal access tokens.

Managing personal access tokens

Personal access tokens (PATs) can be managed by organization administrators. PATs can limit risk when working with applications or automations that do not allow for other authentication mechanisms, or where you do not want to provide your credentials. If the app is compromised, you simply revoke the PAT.

备注:

个人访问令牌仅适用于本地用户,并由组织管理员管理。

组织管理员可以管理已发布的 PAT,从而在必要时轻松撤销访问权限。

For detailed information on managing PATs, please refer to Managing PATs.

改进

In-place upgrade enhancements

To ensure a more secure stack and minimize common vulnerabilities and exposures, we’ve increased the frequency of Kubernetes updates.

Typically, Kubernetes requires sequential version upgrades, which can mean multiple intermediate steps to upgrade to your target Automation Suite version. In Automation Suite 2024.10, we’ve introduced chained Kubernetes upgrades, allowing you to reach your target Automation Suite version directly, without intermediate jumps. The entire process is handled seamlessly in the background.

You can now upgrade from, for instance, Automation Suite 2023.10.2 to 2024.10.0, progressing through multiple Kubernetes versions automatically. The enhancement ensures a secure stack, with an even smoother upgrade experience.

To accommodate this improvement, you should know that we have made several modifications in the upgrade workflow. These changes include updates to existing steps or new additions, such as the following ones:

  • Running the prerequisite checks, separately for infrastructure and services;

  • Migrating Longhorn workloads to local PV, shifting MongoDB data to SQL, and moving Ceph to a Helm-based deployment, before the actual upgrade;

  • Installing the services and shared components to their target version.

Also, one additional change is that, where applicable, you now use uipathctl for the in-place upgrade commands.

For more details, see Performing an in-place upgrade.

Extended support for Active/Active deployments

We have extended the list of products that you can deploy in Active/Active mode. Previously, this feature was only available for Orchestrator, but we have now also included the following products to give you more flexibility:

  • Action Center

  • AI Center

  • Apps

  • Automation Ops

  • Automation Suite 机器人

  • Computer Vision

  • Data Service

  • Document Understanding

  • Test Manager

Simplified installation process for enhanced efficiency

We have improved our installation experience by reducing the number of steps required by the installation process. Now, this process involves two main parts, namely the infrastructure installation and the cluster installation. With these improvements to the installation flow, you can expect considerably reduced installation time.

Enhanced shared components management using OSS base

We are excited to announce a significant improvement focused on the management of shared components.

In previous versions, we relied heavily on a component delivery system provided by Rancher. While effective, this approach has its challenges, notably dealing with inconsistent component versions.

Now, we have shifted towards an Open-Source Software (OSS) base for our component management. Furthermore, we leverage uipathctl for installing and upgrading components.

This strategic shift not only simplifies the shared components installation process but also provides the ability to manage each component individually. Moreover, you can also expect improved time efficiency in the reinstallation process for individual components.

Enhanced backup and restore flow

We have enhanced the configuration instructions for the external NFS server to ensure a smoother backup and restore experience. We now include guidance to create a subdirectory at the /asbackup/asetcdbackup location or your equivalent NFS mount path, in order to prevent any potential mounting issues. For details on the updated commands, refer to Configuring the mount path.

集群内 Docker 注册表的映像清理

现在,您可以轻松删除升级后的过时映像。 此功能是专门针对具有集群内 Docker 注册表的离线设置而设计的。 有关更多详细信息,请参阅执行升级后操作

UiPath Automation Suite Install Sizing Calculator enhancements

We're happy to announce various fixes and improvements that ensure an even more accurate estimate of the hardware requirements for any Automation Suite deployment. The tool now takes into account the additional data disk required by Document Understanding and AI Center. Also, it now takes a single click to share the UiPath Automation Suite Install Sizing Calculator URL along with your currently selected configuration.

如果您想试用 UiPath Automation Suite 安装大小调整计算器,请参阅容量规划

FQDN update enhancement

我们很高兴宣布我们的完全限定域名 (FQDN) 更新流程得到了增强。 现在,您可以从单台计算机更新集群 FQDN,从而代替以前的多步骤过程。 此更新旨在简化流程,使其更加人性化和高效。

有关 FQDN 更新过程的更多信息,请参阅在安装后配置 FQDN。

Istio dashboards management

The Istio-related dashboards are switched off by default. If you need to use these dashboards, you must enable them through additional configuration steps within the ArgoCD UI. However, be aware that enabling these dashboards could impact Istio performance.

For more details about Istio dashboards, see Monitoring the network.

Enhanced prerequisites check output

The prerequisites check output generated by uipathctl is now more user-friendly. The simplified and organized display enhances readability and gives more control over the type of info you get.
如果需要更详细的信息,可以使用--verbose标志来访问完整的详细输出。 如果更简洁的信息更能满足您的需求,只需跳过--verbose标志,即可获得清晰、易于理解的输出。

有关先决条件检查的更多详细信息,请参阅先决条件检查

Security enhancements

我们将继续提供安全更新和补丁程序,以解决常见漏洞和披露 (CVE)。

SAML SSO 改进

我们推出了一些旨在改进 SAML SSO 的重大更新。 以下是新功能的简要概述:

  1. 在实体 ID 格式之间切换:获取身份提供程序设置的 UiPath 详细信息时,可以在旧版实体 ID 格式(不包含组织 ID)和新格式包含组织 ID 之间进行更改。

  2. 自定义唯一标识符:我们引入了用于设置自定义属性以实现唯一标识的选项。 在以下情况下,此功能特别有用:

    • 电子邮件地址未分配给您的用户。

    • 电子邮件地址不能充当唯一标识符(它们在身份提供程序中不是唯一的)。

    重要提示:

    一旦设置了 “唯一标识符”,如要更改此标识符,可能会导致系统可能无法再识别先前已识别的用户,因为这些用户可能会丢失。

  3. 身份验证请求签名:此功能允许 UiPath 对所有 SAML 身份验证请求进行签名。 如果您的身份提供程序需要签名身份验证请求,这将非常有用。

  4. 单点注销:我们的 SAML 配置现在包括单点注销 (SLO) 功能,可在您的身份提供程序下统一实现所有应用程序的同时注销。

高对比度主题选项

我们引入了高对比度主题,以确保增强一组用户界面元素的对比度。

有关更多信息,请参阅选择主题

用户界面中的服务可见性

现在,您可以在左侧导航栏中管理三项新服务的可见性,以便为每个用户自定义用户界面:

  • Automation Hub

  • AI Center

  • Process Mining

有关更多信息,请参阅隐藏未使用的服务文档。

错误修复

  • We fixed an issue that caused the uipathctl binary to ignore any SQL connection string you provided in the orchestrator.testautomation section of the cluster configuration file.

  • 我们修复了在仅启用 IMDSv2 的 AWS 计算机上安装或升级失败的问题。

  • 在代理环境中,如果代理服务器使用与 Istio 服务网格中任何其他服务的 TCP 端口相同的端口(例如端口 8080),则 Pod 无法与 FQDN 通信,并会显示错误消息。 现在不会再发生此行为。
    Note: If you previously created a service entry according to the workaround in Pods cannot communicate with FQDN in a proxy environment, we recommend that you delete the service entry after you upgrade to Automation Suite 2024.10.0 or later. To delete the service entry, use the following command:
    kubectl delete serviceentry proxy -n uipathkubectl delete serviceentry proxy -n uipath
  • 我们修复了与uipathctl相关的问题,该问题会在升级期间导致注册表配置损坏。 以前, cluster_config.json的 Helm URL 中的端口被视为外部注册表,从而导致registries.yaml被遗漏。 现在,无论 Helm URL 中是否存在端口, insecure_skip_verify: true都会正确包含在registries.yaml中。
  • 我们修复了一个问题:在不执行rke2-killall.sh的情况下关闭rke2-server服务可能会导致代理计算机间歇性地生成未就绪的报告。
  • 我们修复了由于卸载 Longhorn 后仍存在 Longhorn 存储类而导致从 Automation Suite 2023.10.x 升级失败的问题。
  • 我们修复了导致支持捆绑包不包含历史日志,也不上传到已配置的外部对象存储的问题。 在使用外部 OCI 注册表的离线环境中会发生此问题。
  • 我们修复了导致 RKE2 升级后snapshot-controller-crds Pod 仍处于 CrashLoopBackOff 状态的问题。 由于新安装的snapshot-controller与 RKE2 升级期间现有的 之间存在冲突,因此会发生此问题。
  • 我们修复了一个问题,该问题会由于 Dex 映像版本差异而阻止您为 ArgoCD 启用 SSO。
  • We have fixed an issue that prevented licenses from being allocated at the organization level.

  • 我们修复了一个问题,如果您调整集群内 Docker 注册表使用的 Docker 注册表 PVC 的大小,则在升级过程中会导致出现问题。 现在,可以在升级过程中准确识别并考虑新的大小。

已知问题

Full migration from standalone products to Automation Suite not supported

You cannot currently perform a full migration from standalone products version 2024.10 to Automation Suite 2024.10 using the UiPath.OrganizationMigrationApp tool. We are actively working on introducing support for this scenario.

In the meantime, you can perform a single-tenant migration. For details on this migration option, refer to Single tenant migration.

Document Understanding limitations and known issues

In this release, Document Understanding modern projects are not supported in Automation Suite offline deployments and Azure Government environments.

包括生成式批注和生成式提取在内的 AI 功能当前在 Automation Suite 的 Document Understanding 中不可用。

If Document Understanding is enabled on your tenant without the activation of Document Understanding modern projects, the Document Understanding application (accessible from the list on the left side) will not work.

For more information, refer to the Document Understanding Release Notes guide.

Split as.tar.gz not available

Split as.tar.gz is currently not available. You can use full as.tar.gz in the meantime.

启用 Connaisseur 会导致安装或升级失败

在配置符合 OCI 的外部注册表期间启用 Connaisseur 时,问题会导致安装或升级失败。 当您在cluster_config.json文件中将registries.trust.enabled参数设置为true时,会出现此问题。

Forwarding logs to Splunk is currently unavailable

Forwarding infrastructure logs to Splunk is currently not possible in Automation Suite 2024.10 because the Splunk Connect plugin for Kubernetes is no longer supported. The OpenTelemetry Collector, which you can use to gather logs, is also not supported in this Automation Suite version.

For more information on managing external tools, refer to Responsibility matrix.

Custom directory for pod logs not working

You cannot currently use custom directories for storing your pod logs. This is due to the switch to kube-logging.

External service monitoring not enabled by default

When using kube Prometheus for service monitoring, the ServiceMonitor file is not tracked by default. This issue specifically affects services such as Redis or Istio when attempting to enable the monitoringConfigure.enableEnhancedMonitoring field.
To address the issue, you must manually add an explicit release: monitoring label to the ServiceMonitor YAML configuration file, as shown in the following configuration sample. 
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
  name: istio-component-monitor
  namespace: {{ .Values.monitoringConfigure.namespaces.istio }}
  labels:
    monitoring: istio-components
    release: monitoring
spec:
  jobLabel: istio
  targetLabels: [app]
  selector:
    matchExpressions:
    - {key: istio, operator: In, values: [pilot]}
  namespaceSelector:
    any: true
  endpoints:
  - port: http-monitoring
    interval: 15sapiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
  name: istio-component-monitor
  namespace: {{ .Values.monitoringConfigure.namespaces.istio }}
  labels:
    monitoring: istio-components
    release: monitoring
spec:
  jobLabel: istio
  targetLabels: [app]
  selector:
    matchExpressions:
    - {key: istio, operator: In, values: [pilot]}
  namespaceSelector:
    any: true
  endpoints:
  - port: http-monitoring
    interval: 15s

弃用时间表

我们建议您定期查看弃用时间表,以获取有关针对即将弃用和删除功能的任何更新。

捆绑详情

产品版本

要了解每个 Automation Suite 产品的更改,请访问以下链接。

如果产品显示为灰色,则此 Automation Suite 新版本不会对其进行任何更改。

发现构建管理互动
AI Center 2024.10.0Action Center 2024.10.0
Task Mining 2024.10.0AI Computer Vision 2024.10.0Insights 2024.10.0Apps 2024.10.0
Orchestrator 2024.10.0 
  Test Manager 2024.10.0 
    

内部第三方组件版本

此 Automation Suite 版本捆绑了以下内部组件:

组件

版本

RKE2

1.30.5

ArgoCD

2.11.3

Gatekeeper

3.17.0

rook

1.14.6

ceph

17.2.6

prometheus-pushgateway

2.12.0

证书管理器

1.14.5

Istio

1.23.0

kube-logging/logging-operator

4.9.1

Prometheus

2.54.1

Grafana

11.1.5

velero

6.2.0

redis 运算符

7.4.6-2

redis 集群

7.4.6-22

oauth2-proxy

7.6.0

此页面有帮助吗?

支持与服务
获取您需要的帮助
UiPath Academy
了解 RPA - 自动化课程
UiPath 论坛
UiPath Community 论坛
Uipath Logo White
信任与安全
使用条款
隐私策略
Cookie 政策
© 2005-2024 UiPath。保留所有权利。