Hl7 V2.8

[Lucrecio Poinson]

Sen2Corv2.8 installation packages are provided as standalone installers. For a short introduction of how to install the standalone version of Sen2Cor, read the installation steps described in section 4 of the release note S2-PDGS-MPC-L2A-SRN-V2.8.pdf

I just bought a new CPE210 from Amazon and surprise surprise ... the label on the box which arrived two days ago says v 2.8 - guess it will stay plastic wrapped so I can return it to Amazon if there are going to be issues with it being usable sometime soon. Thanks for the heads-up and keeping me from getting all tangled up in it as well. Thanks to Joe and the team for the upcoming "small change".

- Don - AA7AU

Don, Wayne, can you ssh into the device with Pharos OS running and capture the output of this command, below? The usual method of finding all the product string options is not bearing fruit. We usually do a strings command on the Pharos .bin to find all the flavors, but not seeing any 2.8 strings. We can at least add in to the AREDN image, the string from your devices, which is necessary so our image will be accepted.

dd if=/dev/mtd2 bs=1 skip=4360 2>/dev/null head -n 1 tr -d '\r'

[edit] refer to this link, more dialog to collect this information: -cpe210-will-not-program

The output would look something like one of these, but have the 2.8 version:

If you are sure that its the right device and you know how to recover using the recovery process try the following to force it to load

sysupgrade -v -n -F aredn-3.20.3.0-ar71xx-cpe510-v3-sysupgrade.bin

K4TTZ What version of the AREDN software are you trying to load? Is it the very latest release as older versions will probably not work on the TP Link CPE210 v2.8. For that device you will need the very latest version.

Amazon has started to delay shipping and 2-day Prime has gone the way of social contact. One silver-lining I just found is that Amazon has now extended the "Return Eligible" date on my CPE210 v2.8 node out another month, so I'm going to keep it for a while longer in the hopes that this issue will get fully resolved before then. My apologies for not wanting to "unwrap" it to help with the testing as I can't afford to keep this myself ($$) if it's not going to work out of the box for the intended agency's use.

Thanks for everyone else's work on this - sorry to be such a cry-baby,

- Don - AA7AU

Our new Rancher Kubernetes API (RK-API) lets you manage Rancher in the same way you manage Kubernetes. You can now use the Rancher Kubernetes API to interact with Rancher CRDs via Kubernetes tooling. This includes convenient documentation via the kubectl explain command. A limited set of our most widely-used CRDs will be available in Rancher v2.8.0. More are on the way.

Global Role configuration is now more flexible. Additional fields are being added to the Global Role CRD, starting with the inheritedClusterRoles field, which allows users to give permissions for all downstream clusters with a single GlobalRole and GlobalRoleBinding. This lets you easily define and apply roles tailored to specific use cases, creating a level of flexibility not present in built-in global roles, such as Restricted Admin.

Scaling up etcd nodes on RKE may fail, with nodes stuck waiting to register with Kubernetes. This causes the cluster to hang. There are two workarounds available, depending on whether the cluster is active or hanging. See #43356.

The built-in restricted-admin role is being deprecated in favor of a more flexible global role configuration, which is now available for different use cases other than only the restricted-admin. If you want to replicate the permissions given through this role, use the new inheritedClusterRoles feature to create a custom global role. A custom global role, like the restricted-admin role, grants permissions on all downstream clusters. See #42462. Given its deprecation, the restricted-admin role will continue to be included in future builds of Rancher through the v2.8.x and v2.9.x release lines. However, in accordance with the CVSS standard, only security issues scored as critical will be backported and fixed in the restricted-admin role until it is completely removed from Rancher.

In Rancher v2.6.0 and later, in the Apps & Marketplace UI, many Rancher Helm charts are named with a major version that starts with 100. This avoids simultaneous upstream changes and Rancher changes from causing conflicting version increments. This also complies with semantic versioning (SemVer), which is a requirement for Helm. You can see the upstream version number of a chart in the build metadata, for example: 100.0.0+up2.1.0. See #32294.

Dual-stack and IPv6-only support for RKE1 clusters using the Flannel CNI has been experimental since v1.23.x. See the upstream Kubernetes docs. Dual-stack is not currently supported on Windows. See #165.

In June 2023, Microsoft deprecated the Azure AD Graph API that Rancher had been using for authentication via Azure AD. When updating Rancher, update the configuration to make sure that users can still use Rancher with Azure AD. See the documentation and issue #29306 for details.

There is a workaround available to re-start the kubelet container on affected worker nodes. This approach recreates the kubelet container on all nodes, not just the worker nodes. Rancher handles the process to ensure zero downtime, just like for any other modification of the cluster. If you prefer to use the extra_args blob, be sure both the arg and its value are valid. See the Kubernetes documentation for available options:

Due to the backoff logic in various components, downstream provisioned K3s and RKE2 clusters may take longer to re-achieve Active status after a migration. If you see that a downstream cluster is still updating or in an error state immediately after a migration, please let it attempt to resolve itself. This might take up to an hour to complete. See #34518 and #42834.

With the 2.8 release entrypoint.sh will be removed from the containers,because starting with 2.7, the implicit entrypoint is set to tini in theDockerfile explicitly, and the Kubernetes manifests has been updated to useit. Simply updating the containers without updating the deployment manifestswill result in pod startup failures, as the old manifests are relying onentrypoint.sh instead of tini. Please make sure the manifests are updatedproperly before moving to 2.8.

Prior to v2.8, the List endpoint on the ClusterService did not filterclusters when responding, despite accepting query parameters. This bug hasbeen addressed, and query parameters are now taken into account to filter theresulting list of clusters.

In version 2.7, the CMP plugin was changed to open Git/Helm files with all executable bits set (unless preserveFileMode was specified).

Version 2.8 removes the executable bits in cases where they are not necessary.

i've running traefik v2.8.3 as a docker container since a long time and the automatic certification renewal worked fine so far.

A few days ago, i've got the reminder mail from letsencrypt that i should nenew the cert for my domain.

I've nothing changed in the configuration, network, router etc.

The Dyndns resolves the correct ip.

Both Ports (80, 443) are forwarded to the server and are working properly. I doublechecked this with a simple webserver.

I cannot say since when this error occurs. In the last time there was several updates for docker-ce engine.

I've already tested with the latest traefik 2.9, but there is exact the same behaviour. I have no idea why this happens.

Looks like it is using ipv6 for acme-v02.api.letsencrypt.org, does your system/network support ipv6 ?

You may have to reconfigure the docker daemon or the system to disable ipv6 if ipv6 does not work.

Your curl test has the same results on my system.

Can i prevent the traefik container to use ipv6 or better to force the use of ipv4 or is the container the wrong place to configure that? I dont want use ipv6.

ok i could fix the problem. The change was not on my system.

In the last months my Domain-Provider added an AAAA-Record to the DynDNS-config. And every request to my domain from letsencrypt was answered with the ipv6 address in the AAAA Record. But my system is not configured for ipv6. Why traefik only was affected...idk.

I've removed the AAAA-Record and than it worked again.

Rajiv Sharma had posted a blog (link) that came the closest to a near working suggestion; at least proving that running GIMP v2.8 can run on CentOS with the right packages. It was his post that inspired me to take his efforts to another level. My only problem with his approach was that it required you to haul development libraries into your native working environment along with the lack of package management.

In the end everything (about 250MB worth) is installed into /opt/gimp28. It will not impact or touch anything you may or may not have had already installed on your system. This includes running perfectly in parallel with GIMP v2.6 if you choose to keep running it as something to fall back to.

The following shell scripts were created by the RPM automatically to make accessing GIMP v2.8 easier. They will look after setting up the appropriate environment variables and executing the tools they represent.

You can now press Ctrl-D (or type: exit) to return back to your regular working environment. You would have produced 2 new RPMs (the binary and source package) which you can now install into your system.

This is my first blog post and I truly hope readers will find this information useful! Please note that this information took me several weeks to put together and test thoroughly. I may not blog often; but I want to re-assure the stability and testing I put into everything I intend share.

3a8082e126