Aerospike Server Community Edition 5.1.0.3

Description

• ATTENTION: Debian/Ubuntu users - if python2 is not installed, see the Python Package Dependency for .deb Installers article.
• Thanks to Matt S. for discovering the issue CVE-2020-13151.
  • To address the UDF security vulnerabilities, we are making a few changes on the server:
    • Lua’s io library has been removed, and the os library only retains time-related functions.
    • We will no longer construct/use a sandbox for each invoked record or stream UDF.
• Aerospike Server version 5.1 or later requires the operating system distribution's libcurl shared object library.
• For the info command latency support has been deprecated and will be removed in the next major release.
  • Please use the new replacement info command latencies to track all latency histograms.
• Before upgrading to 5.0.0.4 or later, customers already running 5.0.0.3 in a cluster which is an active XDR destination (i.e. an XDR destination also acting as a source XDR or that may in the future act as a source XDR), may want to consider stopping all XDR traffic to the cluster. (Enterprise Only)
  • In the unlikely case of an upgraded 5.0.0.4 or newer node going down while 5.0.0.3 nodes are still running, those nodes would mistakenly ship XDR writes even if forward has not been explicitly enabled. 
  • Enterprise Licensees may contact Aerospike Support for any questions before upgrading.
• Cross-Datacenter Replication (XDR) running in Aerospike Server version 5.0 or newer can only connect to XDR destination clusters running versions 4.1 or newer.
• All nodes must be upgraded to Aerospike Server version 4.9.0.7 or newer. Please upgrade to the latest 4.9.0.x release prior to upgrading to Aerospike Server version 5.0 or newer.
  • Aerospike Server version 5.0 or newer will not form a cluster with version 4.8 nodes or earlier.
  • When upgrading the Aerospike Server refer to the Special Upgrades documentation.
• The Aerospike Server will not start if obsolete configuration parameters are set in the Aerospike configuration file (aerospike.conf).
  • Refer to: Configuration parameters that must be removed for Aerospike Server version 5.0 or newer
• ATTENTION: As of Aerospike Server version 4.9, expirations and evictions are disabled by default.
  • For expirations, nsup-period must be configured (new default is 0).
  • For evictions, the relevant high-water-disk-pct/high-water-memory-pct/mounts-high-water-pct must be configured (new defaults are 0).
  • For details refer to the Namespace Retention Configuration documentation.

New Features

• Enterprise & Community
  • [AER-6262] - (PACKAGING) Added support for Ubuntu 20, and removed support for Ubuntu 14.
• Enterprise Only
  • [AER-6247] - (SECRETS) Added support for storing various configuration items in Vault.

Improvements

• Enterprise & Community
  • [AER-6229] - (KVS) When retransmitting replica writes, recalculate the destination nodes in case they changed due to a rebalance.
  • [AER-6244] - (KVS) Changed default value of proto-fd-idle-ms to 0 (i.e. never reap idle connections).
  • [AER-6249] - (KVS) Improved handling of record bins.
  • [AER-6264] - (FABRIC) Added fabric context configuration item channel-rw-recv-pools to specify multiple rw channel receive thread pools.
  • [AER-6234] - (STORAGE) Added throttling to prevent defrag from overwhelming the write queue.
  • [AER-6243] - (SECURITY) Addressed Lua security vulnerabilities by denying access to unsafe Lua library functions.
  • [AER-6257] - (UDF) UDFs unwind correctly on failure.
  • [AER-6265] - (GEO) Use stricter bounds checking for latitude and longitude.
  • [AER-4100] - (STATS) Added service context configuration item microsecond-histograms to generate high resolution latency histograms.
  • [AER-6242] - (STATS) Replaced info command latency with new command latencies to track all latency histograms.
• Enterprise Only
  • [AER-6064] - (LDAP) Escape problematic characters in the user Distinguished Name (DN) before giving it to the LDAP server.
  • [AER-6252] - (LDAP) LDAP context configuration item query-user-password-file is now dynamic and is re-read whenever the password is used.
  • [AER-6253] - (ACL) The write privilege now includes permission to run truncate commands.
  • [AER-6255] - (STORAGE) For storage-engine pmem namespaces, set default service-threads to number of CPUs.
  • [AER-6263] - (STORAGE) Keep storage-engine pmem data blocks read-only except when they are being filled.
  • [AER-6233] - (XDR) Added DC namespace context configuration item write-policy.
  • [AER-6240] - (XDR) If the SMD-persisted last ship time is missing at startup, ship from the current time.
  • [AER-6241] - (XDR) Added retry_no_node stat.
  • [AER-6245] - (XDR) Added DC context configuration item period-ms.
  • [AER-6246] - (XDR) Added DC namespace context configuration item sc-replication-wait-ms.
  • [AER-6266] - (XDR) Added DC namespace context configuration item compression-level.

Bug Fixes

Known Issues

• Known Issues: Server

Updates

• aerospike-tools 3.29.0