Skip to main content
Tungsten Clustering

Tungsten Clustering 8.0.1

Build: 185
Release Date: 6 Oct 2025
Release 8.0.1 contains a number of bug fixes and improvements.
Known issue: replication service mis-configuration
There is a known issue in this release that will result in a mis-configuration of the replication services for both new installations and upgrades, under the following conditions:
  • Composite Active/Active topology, AND
  • Your hostnames contain a dash symbol (-) and/or a mix of UPPER and lower case characters.
All other topologies are unaffected. If the above applies to your installation please use v8.0.2. For any questions or concerns, or if you feel you may already be impacted by this, please contact Continuent Support.

Behavior Changes (2)

The following changes may affect existing scripts and integration tools. Any scripts or environment which make use of these tools should check and update for the new configuration:

Command-line Tools (1)

  • The tprovision command no longer requires the external tool tungsten_get_mysql_datadir.

    Additionally, the tool has been significantly re-factored for greater stability, performance and functionality.

    Issue: CT-2597

Security (1)

  • Now providing adequate error message when TLS certificates differ between connector and managers, or when manager refuses the SSL handshake.
    Issue: CT-2579

Known Issue (1)

The following issues are known within this release but not considered critical, nor impact operation. They will be addressed in a subsequent patch release.

Core Clustering (1)

  • If your hostname contains a dash symbol (-) and/or a mix of UPPER and lower case characters, AND you are running a Composite Active/Active topology, then upgrading to or installing this release may cause a mis-configuration of the replication services.
    Issue: CT-2632

Improvements, new features and functionality (5)

Command-line Tools (3)

  • New tpm flag --add-ssl now allows you to force-generate certificates when doing an upgrade. This allows configurations with security disabled to be upgraded to 8.0.1 AND switched to using SSL/TLS communications at the same time. Example:
            
    shell> tools/tpm update --replace-release --add-ssl
    Issue: CT-2619
  • The tpm ini check command now validates composite topologies.
    Issue: CT-2606
  • New Feature: tpm ini upgrade --ini [fullpath] will display all changes to the specified INI file that would be performed by the tpm update commands during a version upgrade. Adding the --write argument would apply the changes to the specified file as well.
    Issue: CT-2601

Security (1)

  • Tungsten can now hold two MySQL database SSL Certificates, allowing rotation of certificates without the need for downtime. A new command line tool, rotate_certs, is provided to aid in this process.
    Issue: CT-2511

Platform Specific Deployments (1)

  • LTS MariaDB 11.4 is now certified.
    Issue: CT-2337

Bug Fixes (21)

Installation and Deployment (1)

  • tpm now only reads /etc/tungsten/tungsten.ini (no longer looking in $HOME directory and /etc/tungsten.ini)

    For a different path, different filename or multiple files, use the --ini supplying a comma-separated list

    Issue: CT-2612

Command-line Tools (8)

  • The tpm cert gen command now works during version upgrades when a security configuration file may not have existed before (passwords.store)
    Issue: CT-2618
  • Fixed a regression where network partition would lead to connector partial site outage.
    Issue: CT-2615
  • The tpm ini check command now handles a variety of edge cases.
    Issue: CT-2613
  • The tungsten_send_diag now uses AWS Signature Version 4 to upload files.
    Issue: CT-2589
  • The tapi command no longer issues an error when the quantity of command-line arguments is larger than expected.
    Issue: CT-2580
  • The tpm purge-thl command now works properly when run against environments where there are multiple THL files, but the lowest seqno returned exists in the very first THL file.
    Issue: CT-2561
  • The tapi command now handles various payload outputs properly.
    Issue: CT-2553
  • Corrected debug outputs in the Perl tpm framework.
    Issue: CT-2497

Backup and Restore (2)

  • Fixed an edge case issue with xtrabackup running against the primary node and MySQL 8+.
    Info
    Generally we do not recommend taking backups from primary nodes, and instead backups should be taken from replicas.
    Issue: CT-2602
  • The trepctl backup command would fail using xtrabackup.
    Issue: CT-2600

Core Replicator (2)

  • With recent SELinux changes, MySQL might be unable to read from /tmp.

    This directory is used when applying a LOAD DATA INFILE command that was logged using Statement Based Replication (warning : this is considered as unsafe by MySQL).

    In order to avoid any issues, a new setting has been added to indicate a directory to use : svc-applier-ldi-temp-dir=/tmp/mysqltmp

    In this case, mysqltmp is a new subdirectory that should be set with the following permissions and SELinux context


    mkdir -p /tmp/mysqltmp 
    sudo chown -R mysql: /tmp/mysqltmp 
    sudo chmod -R g+r /tmp/mysqltmp 
    sudo semanage fcontext -a -t mysqld_db_t '/tmp/mysqltmp(/.*)?' 
    sudo restorecon -Rv /tmp/mysqltmp

    Another improvement was also added to force the use of LOCAL when applying a LOAD DATA INFILEcommand that was logged using SBR. This is useful when applying to a remote MySQL host. To enable, set the value of the svc-applier-ldi-use-local=true (default : false)

    Issue: CT-2603
  • Fixed an issue where timestamp columns would not match between source and target when using theprivileged-slave=false property to replicate from a source database using MIXED binlog mode.
    Issue: CT-2594

Connector (3)

  • Fixed an issue with witness nodes not being accepted by older connectors when running with newer managers, triggering manager/connector reconnections in loop.
    Issue: CT-2620
  • Fixes NullPointerException upon I/O errors in router gateway.
    Issue: CT-2610
  • No longer printing broken pipe errors (typically generated by haproxy or hardware loadbalancer checks) whenprintConnectionWarnings=false (the default)
    Issue: CT-2576

Manager (2)

  • Fixed an SSL configuration misconfiguration between manager and connector communication.
    Issue: CT-2608
  • Fixed a NullPointerException error that may have prevented failovers occurring in some scenarios.
    Issue: CT-2607

Security (1)

  • tungsten_mysql_ssl_setup now properly generates v3 self signed CA certificates for openssl 3 found in RHEL9 Linux flavors.
    Issue: CT-2581

Monitoring (1)

  • Additional prometheus metrics have been added to the Replicator:
    • tungsten_replicator_service_online_duration_seconds gauge shows duration in seconds since the replicator was put online.
    • tungsten_replicator_task_total counter shows statistics by service, stage and task as shown in the following example:

      tungsten_replicator_task_total{service="alpha",stage="q-to-dbms",task_id="1",stat="extract_time",} 250.015
      In this case, this is the extract time spent by the task #1 of the q-to-dbms stage of the alpha service. This is similar to the new trepctl perflog output.
    Issue: CT-2514

API (1)

  • Fixed an issue with log4j2 library embedded in tungsten-api jar which could trigger a warning in cctrl and other log files.
    Issue: CT-2604