Resolved Issues in 26.1.0-PCE
These release notes describe the resolved issues in this release.
Issue | Fix Description |
|---|---|
E-135781 | PCE Incorrectly Rejected Updates to Unmanaged Workloads PCE now properly processes updates to unmanaged workloads when a network interface uses both IPv4 and IPv6 with a public-style name. This prevents update failures and ensures that inbound rules include the correct cluster addresses, avoiding unintended drops of internal traffic. |
E-135445 | VEN Became Stuck After Triggering Resync A VEN could remain stuck in an Active Sync state after a resync triggered by PCE maintenance mode, preventing it from returning to normal operation. This release fixes the resync handling so the VEN completes resync and resumes normal policy |
E-135208 | Improved Performance for Rule Overlap Checks Illumio resolved an issue that caused slow response times when checking for rule overlaps. Backend optimizations have reduced the response time by approximately 50%. In addition, the frontend now performs overlap checks asynchronously, allowing rule search results to appear immediately while overlap information loads in the background. |
E-134720 | Deny Rule Port and Protocol Change Issue Resolved Illumio resolved an issue where changing the port or protocol in a Deny rule did not update the policy on workloads after provisioning. The fix ensures that any changes to port or protocol in Deny rules now correctly apply to workloads. |
E-134665 | Policy Last Applied Filter Output Did Not Match Date Selection Illumio resolved an issue in the Kubernetes Workload section that prevented the Policy Last Applied output from matching the dates selected in the filter. |
E-134679 | Faster Policy API Responses with Large Subnet Ranges Illumio resolved an issue where policy and policy view API requests slowed down when a large number of subnet ranges were combined during evaluation. Response times are now faster, reducing timeouts when policies are retrieved. |
E-133477 | Workload Search Limitation on Switches Page The Switches page now returns complete, accurate results when you search for or select workloads, rather than showing only a partial list. This improvement makes it easier to find and manage the workloads you need. In addition, copying and pasting in the workload selection field works as expected, improving usability when working with large lists. |
E-132333 | Improved Flow Attribution for Overlapping Kubernetes Cluster Networks Illumio resolved an issue in which traffic between Kubernetes clusters with overlapping network ranges could display incorrect source or destination cluster information, causing single-cluster traffic to appear as cross-cluster activity. The system now caches cluster references with workload details and prioritizes same-cluster matching during IP lookups to improve flow attribution accuracy and reduce investigation time. |
E-131845 | Kafka Could Not Parse Kafka Event Bus Messages Kafka could not parse messages on the Kafka event bus because the JSON parser converted all keys to symbols. This caused lookups using string keys to fail. The updated implementation |
E-131764 | Traffic Export and Ransomware Risk Reports Cannot Be Generated Restricted users may see an error and may not be able to generate the Traffic Export and Ransomware Risk reports whereas unrestricted users can generate them. This issue has been resolved and authorized restricted users can now generate these reports successfully. |
E-130769 | Workload Digest Redis Service Failure Prevents PCE Upgrade to 25.2 The PCE upgrade to 25.2 failed in some environments where the workload_digest_redis_service had to fetch the private key from a file using a script. As a result, the PCE was partially operational, rendering the system unusable on version 25.2. The latest version has resolved the issue, ensuring a smooth upgrade process and system functionality. |
E-129614 | K3s Upgrade Failure in CLAS Mode Illumio resolved an issue that caused some K3s upgrades to CLAS mode to fail due to a duplicate record blocking the Kubelink component from starting. Upgrades are now complete successfully, and Kubelink is operating normally, so your workloads remain visible and enforced as expected. |
E-126643 | Improved Handling of Kubernetes Virtual Service References in Rule Set Exports Illumio resolved an issue where async export jobs for active rule sets could fail if a Security Rule referenced a deleted Kubernetes-managed virtual service. The release removes invalid rules and prevents the creation or re-enabling of rules that directly reference Virtual Service objects in the CLAS cluster. This improves export reliability. |