What's new in Kasm 1.16.0
Highlights
- Added Harvester and KubeVirt Providers to support autoscaling Virtual Machines inside a K8s cluster.
- Added ability to add inline help to fields to make it easier to understand what the field is for and to point to our docs if more context is needed.
- Added standalone workspace PWAs. This allows individual workspaces to be installed as remote apps.
- Added RDP gateway capability to provide RDP client access to Kasm Windows servers.
- Added Egress Providers to Kasm Container Workspaces to allow routing network traffic through Egress Gateways.
- Added support for path based reverse proxies.
- Added support for running the Kasm services in Kubernetes.
Features
-
Usability Enhancements
- Added a group setting for the default language of the application user interface, users can still override the setting in their profile.
- Added improved support for using rclone crypt wrappers in Custom Storage Mappings. Encryption Keys are automatically generated for all users.
- Added improved support for {ref}
storage-provider-variable-substitution
to Storage Mappings. - Added the ability to set the background image on casting links
- Added editable columns to the workspace list view for cores, memory, docker image and persistant profile path to make bulk editing easier.
- Added a selection dropdown for the CAPTCHA type in Server Settings and added Cloudflare Turnstile and hCaptcha to the currently supported Google reCAPTCHA v2.
- Made the user dashboard more keyboard accessible, this is a work in progress but the improvements include, tiles are now focusable and interactive, all actions on open sessions are now accessible, Search, Categories and User profile are now usable. Across the application toggle buttons are now usable via keyboard.
- GCP Provider updates: now supports expanded startup script types including Windows scripting via powershell, batch file or command shell. If you are updating existing
GCP Providers
please see this note - When launching a workspace, the document title and favicon now update to match that of the workspace being launched.
- Updated registry schema to 1.1, this adds the ability for individual registries to have "channels" in order to give users an idea of which tags are available and allow them to choose which to use.
- Added resolution and scaling options to Guac based workspaces, similar to those available in container based workspaces under Streaming Quality / Advanced.
- Removed display of Kasm Guac Token from installer since it is no longer needed.
-
Infrastructure Support Enhancements
- Upgrade Kasm Database to use PostgreSQL 14.x
- Improve functionality of Kasm Manager health check to guard against managers stuck on provisioning and ensure Primary Manager does not change when many Servers are provisioned at once.
- Improve behavior of autoscaling, allow multiple autoscale configs to be scaled up and down concurrently. Improve concurrency of orphan server cleanup.
- Added Microsoft RemoteApp support at the Workspace Image level for easier administration of Windows RemoteApps.
- Added support to specify maximum simultaneous sessions and maximum simultaneous users independently for RDP servers, allowing for greater flexibility for RemoteApps and scenarios in Windows RDS and terminal services environments.
- Windows server health is now tracked for servers with the Kasm Service installed. Sessions will not be assigned to servers that are not reporting in, enhancing reliability of created sessions.
- Add support for installing on Ubuntu Noble 24.04.
- Managers and Connection Proxy components automatically register as stopped when the containers are stopped for normal deployments and in Kubernetes will automatically deregister themselves.
- Connection Proxy components perform health checks and will automatically register as missing if they fail to check in within Component Missing Expiration. If configured to do so, Kasm can automatically remove these components if they fail to check in within Component Dead Expiration.
- Removed support for Slim (Alpine) based service images.
- Added support for Kasm to manage Active Directory users.
- Added support for Managed Egress Providers.
- Added support for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9
-
Kasm Image Enhancements
- Added Forensic OSINT image for amd64.
- Added watermark support for RDP sessions with default global and per server settings.
- Added Fedora 40 Desktop images for x86_64/aarch64
- Added Fedora 40 Core images for x86_64/aarch64
- Added Ubuntu Noble Desktop images for x86_64/aarch64
- Added Ubuntu Noble Core images for x86_64/aarch64
- Added Alpine 3.20 Desktop images for x86_64/aarch64
- Added Alpine 3.20 Core images for x86_64/aarch64
- Added Ubuntu Noble DinD images for x86_64/aarch64
- Added Ubuntu Noble DinD Rootless images for x86_64/aarch64
- Retroarch rebased to Ubuntu Jammy from Focal
-
Kasm Desktop Service
- Simplified Windows Service installation and registration process.
- Enhanced logging for easier troubleshooting and auditing.
- The Windows service reports health to the Kasm deployment, failed check-ins will result in the server changing to a missing status. Servers in a missing status will not get assigned user sessions.
- Installer includes Windows Firewall rules for both domain, private, and public profiles.
- Guac web-native RemoteApp wrapper, allows for better web-native RemoteApp support.
- Support for multiple concurrent RemoteApp sessions per user, per server, when users connect via RDP through the Kasm RDP Gateway.
Bugfixes
- Fixed bug where kasm autogenerated docker networks were not being cleaned up properly
- Fixed issue that caused S3 persistent profiles to not store files if there are a large number of very small files.
- Fixed bug that caused Agents that stopped checking in, to not get marked as missing in accordance with the Host Missing Expiration global setting.
- Fixed issue that prevented the 'allow_totp_2fa' setting from being enabled by default on new installs.
- Fixed issue with windows sessions not being redirected after time limit finishes if the countdown is hidden.
- Fixed an issue with storage providers where the name of a provider wasn't updateable after it was created.
- Fixed issue that caused the wget command to not work on Ubuntu, Oracle and AlamaLinux images when Web Filtering is enabled.
- Fixed issue where windows workspaces with the agent installed would sometimes generate error logs about calls to an unknown
/style/
url - Fixed
kasm_guac
not purging old log files. - Fixed sessions Agent field showing the wrong value for the hostname.
- Fixed issue with public API not returning new JWT formatted session tokens.
- Fixed configuration of KasmVNC to block container user from making changes with vncconfig cli tool or other methods.
- Fixed issue where requesting a Kasm on behalf of a default user that has never logged in fails.
- Cloning workspaces and autoscale configs is done server side to prevent hidden fields saving incorrect data which is then hard to debug to find the cause of issues.
- Fixed vulnerability KASM-2024-0001.
- Fixed issue where SAML and OIDC configurations could not be disabled.
- Fixed issue where connection errors for Workspace Registries and Update Checks could be generated in offline deployments.
- Fixed issue where Windows Single Sign-On stops working after the period of time defined by the "Session Lifetime" Server Setting.