New Release! Tungsten Version 7.0.1 Now Available

We are pleased to announce that Tungsten Clustering and Tungsten Replicator Versions 7.0.1 are now available!

This new minor release includes 52 new features and improvements, along with two critical bug fixes!

Below are relevant links, as well as details about upgrading and highlights.

Read the Release Notes:

• Tungsten Clustering v7.0.1 Release Notes
• Tungsten Replicator v7.0.1 Release Notes

View the Documentation:

• Doc Page - Upgrading to v7.0
• Continuent Docs Home
• New RESTful API Docs
• Dashboard 1.0.10 Docs

If you are a customer, please reach out to Continuent Support to schedule your v7.0.1 upgrade planning session! With Tungsten v7.0 comes heightened security settings by default; this means there are a few decisions to make when performing the upgrade. We would like to make ourselves available to participate in your upgrade process and be there to support you!

Download Tungsten v7.0.1

Upgrading - Critical Information

• Please upgrade immediately if you are running v7.0.0 Active/Active topology and use mixed-case table or schema names in the database because a CRITICAL BUG in the Drizzle driver has been located in v7.0.0 and corrected in v7.0.1

• There has been a critical behavior change in the way the Replicator responds when it encounters an UPDATE or DELETE statement that does not impact any rows on the target.

  The new behavior is “stop”, which means that the Replicator will go into the OFFLINE:ERROR state if zero rows have been affected.

  The old behavior was to print a warning in the trepsvc.log file. The old behavior could contribute to data drift if the warnings were left unhandled.

  To restore the old behavior, set the `--repl-svc-fail-on-zero-row-update=warn` tpm option and run `tpm update`, for example:

  shell> vi /etc/tungsten/tungsten.ini
  [defaults]
  . . .
  repl-svc-fail-on-zero-row-update=warn
  . . .
  shell> tpm update

  Valid values for --repl-svc-fail-on-zero-row-update are:

  • stop (the new default),
  • warn (the old default) or
  • ignore (no logging of the warning).

  Online documentation is here: https://docs.continuent.com/tungsten-clustering-7.0/cmdline-tools-tpm-configoptions-s.html#cmdline-tools-tpm-configoptions-svc-fail-on-zero-row-update

Tungsten v7.0.1 Highlights

Behavior Changes

Command-line Tools

• The cctrl output now displays the SSL status of the group communication and the connection to the database. (CT-1785, CT-1832)

  shell> cctrl
  Tungsten Clustering 7.0.1
  nyc: session established, encryption=true, authentication=true 
  jgroups: [un]encrypted, database: [un]encrypted

• The following commands which call cctrl now support the pass-through -t seconds timeout argument which specifies how long cctrl will wait for a connection to the Manager process before aborting: check_tungsten_latency, check_tungsten_online, check_tungsten_policy, check_tungsten_services, tungsten_show_processlist, zabbix_tungsten_latency, zabbix_tungsten_online, zabbix_tungsten_progress, zabbix_tungsten_services (CT-1822)

• The tmonitor command now calls sudo internally as needed, removing the need for the tmonitor command to be run with sudo for the install and remove sub-commands. (CT-1846)

• The tpm generate-haproxy-for-api default starting port is now 8091. (CT-1865)

• The tungsten_find_orphaned command now places the log file in $CONTINUENT_ROOT/service_logs/, not /tmp/ (CT-1866)

Core Replicator

• The default value for the tpm property repl-svc-fail-on-zero-row-update has been changed from warn to stop. This is a significant change in behavior and could cause replicators, specifically cross-site replicators, in an Active/Active environment to stop and error more frequently. To maintain original behavior you will need to add this property with the value of warn to your configuration, providing you fully understand the inherent risk of ignoring such warnings. (CT-1856)

API

• The manager REST API /api/v2/manager/status call now returns information regarding security. (CT-1830)

Improvements, New Features and Functionality

Command-line Tools

• Added the ability to turn auto recovery on or off dynamically, removing the need to run tpm update. The service must be offline before changing the property. (CT-1088)

  shell> trepctl -service {serviceName} offline
  shell> trepctl -service {serviceName} setdynamic -property replicator.autoRecoveryMaxAttempts -value {number (0 for off)}
  shell> trepctl -service {serviceName} online

• A new tpm report sub-command has been added. By default, tpm report will generate a security report for all available communication channels on a per-node basis. The purpose of tpm report is to provide easy access to all of the settings that pertain to a specific topic. (CT-1793, CT-1857)

• The tapi command now supports the creation and modification of multiple APIv2 admin users. Two new cli args have been added: --create-user and --create-pass (CT-1801)

• The tapi command now auto-detects the protocol, either http or https (CT-1803)

• Added connector<->manager link encryption status in the output of cctrl> router * status command (CT-1811)

• Added JMX encryption and authentication status to trepctl -verbose and connector command outputs (CT-1813)

• The tapi command will now output service names with the new option --includeServiceName, or if there is more than one service name found. (CT-1860)

Core Replicator

• The thl list command now displays an approximative field size in bytes for row-based replication. (CT-1847)

Tungsten Connector

• Added a connector mode command to print which mode the connector is running in, either "bridge" or "proxy" (CT-1799)

Security

• Replaced the official log4j library with a secured version in which all vulnerable classes have been removed. This prevents exposing the software following a (user) misconfiguration of the log4j properties. (CT-1810)

API

• Added a way to retrieve service properties through the API, for example, to check a specific service parameter, run the following API call. (CT-1802)

  shell> curl https://127.0.0.1:8097/api/v2/replicator/service/alpha/properties?filter=replicator.global.db.sslEnabled
  { 
   "payloadType": "PropertiesListPayload", 
   "payloadVersion": "1", 
   "payload": { 
   "replicator.global.db.sslEnabled": "false" 
   } 
  }
  

• Added new top level REST API call to display RMI SSL status, run the following API call: (CT-1812)

  shell> curl https://127.0.0.1:8097/api/v2/rmiSecurity

Bug Fixes

Installation and Deployment

• The tpm update command now properly handles v7 -> v7 upgrades. (CT-1815)
• The deployall script now properly displays the executable prefix for restarting services, typically mm_treplicator in Multi-Site/Active-Active replicator-only installs, as well as the full path to component binaries. (CT-1835)
• tpm would fail on keystores containing special characters in alias names. (CT-1852)

Command-line Tools

• Worked around a ruby issue where DNS name resolution was sometimes preferred to file-based resolution in TPM. The following logic now applies: first trying file-based host name resolution, upon failure try DNS, then through ping command (CT-1653)
• The tpm update command now returns clusters to the proper mode (i.e. maintenance or automatic) for staging-method upgrades (INI not affected). (CT-1784)
• The tpm policy command now returns the proper policy in a composite cluster. There is also a new cli argument, --all, to show the policy for all cluster services. (CT-1787)
• The tpm update command no longer aborts during a staging deployment when the actual hostname does not match what is configured for the node names in tpm (CT-1791)
• Improves the tpm diag command so that it waits 2 seconds for replicator thread dump to complete. (CT-1792)
• The tpm connector command now properly passes the -e arguments to the mysql command. (CT-1816)
• The tpm command now properly reports errors upon timeout executing commands. Typically, when a host is down, when upgrading or installing, tpm will now properly report that pinging this host failed. (CT-1819)
• The tpm command would fail to validate data sources when using ssl-capath [directory] rather than ssl-ca [file] in my.cnf. This fixes only the validation part, automated truststore creation by TPM will not be possible at this point, a full tungsten-truststore.ts will have to be passed through --java-truststore-path (CT-1826)
• The replicator start offline command would not properly pass the offline argument to systemd scripts when installed through deployall. (CT-1836)
• The undeployall script would not properly uninstall systemd services on some distributions including Amazon linux. (CT-1845)

Backup and Restore

• Fixed an issue with latest xtrabackup 8.0.28 (CT-1838)
• During the backup/restore process the MySQL certificates are kept intact. (CT-1841)
• Restore will now succeed even if only one incremental backup has been created. (CT-1842)
• Incremental backups can now be restored more than once. (CT-1850)

Core Replicator

• Fixed the EnumToString and pkey filters to renew their database connections (every hour by default). This can be changed with the following properties: (CT-1786)

  shell> vi /etc/tungsten/tungste.ini
  property=replicator.filter.enumtostring.reconnectTimeout=3600
  property=replicator.filter.pkey.reconnectTimeout=3600
  shell> tpm update

• tpm update would fail with message "The host is configured to be '' but it is currently operating as a 'master'" when a dynamic replicator configuration file is found (CT-1848)

• Fixes issues with PrimaryKeyFilter: (CT-1861)

  • It could fail from correctly fetching primary key columns for tables with mixed upper and lower case letters in table names
  • Alter user statements could make it fail

• Fixed a NullPointerException that could happen if a replicator was put offline during startup. This had mostly no consequence except the exception being logged. (CT-1863)

Tungsten Connector

• Fixed the output of connector cluster-status by adjusting log4 appender. (CT-1778)
• An exception could occur while forcing shutdown of router gateways. (CT-1779)

Tungsten Manager

• Fixed an issue where the command system summary issued in cctrl would hang the managers in the cluster. (CT-1849)

Wrap-Up

Release Notes:

• Tungsten Clustering v7.0.1 Release Notes
• Tungsten Replicator v7.0.1 Release Notes

Please reach out to Continuent Support via Zendesk or by emailing if you have any questions!

Tungsten Clustering is the only complete, fully-integrated, fully-tested MySQL HA, DR and geo-clustering solution running on-premises and in the cloud combined with industry-best and fastest, 24/7 support for business-critical MySQL, MariaDB, & Percona Server applications.

Tungsten allows enterprises running business-critical MySQL database applications to cost-effectively achieve continuous global operations with commercial-grade high availability (HA), geographically redundant disaster recovery (DR) and geographically distributed active/active. If you’re not a Continuent customer and you’d like to learn more about Tungsten, please reach out to us!