Version End of Life. Not Yet Set
Release 7.0.0 is a major release introducing many new features including a fully documented API. There are a large number of bug fixes and improvements in all areas of the product, and a number of key behavior changes, most significantly being Security is now enabled by default.
The following changes have been made to Tungsten Cluster and may affect existing scripts and integration tools. Any scripts or environment which make use of these tools should check and update for the new configuration:
tungsten_set_position has been deprecated and no longer available in this release. dsctl should be used instead.
tungsten_provision_slave has now been renamed to tprovision
The tungsten_find_orphaned script now creates a log file every time it runs which is stored in the configured temporary directory (
/tmp/by default, tpm query values temp_directory). This is to allow for easier troubleshooting and visibility during automatic execution.
tpm now accepts chrony as a valid time synchronization software
The tpm diag command now uses the ss (socket status) command in place of netstat on SUSE and other operating systems that have deprecated netstat.
The tpm diag command now gathers the
/etc/os-releasefile when located. Also now using the ip command on systems where ifconfig and/or route is deprecated.
Changed output of thl purge command when no lower and upper bounds are given from 'Deleting events where' to 'Deleting all events'.
manager-rest-api-authentication=true(the default if not explicitly disabled) then these two new options must be supplied otherwise the scripts will fail with the following error: "
ERROR >> Manager REST API authentication needed. Please specify the user name and password."
The internal ruby
api.rbmodule can now also handle the
manager-rest-api-ssl=true(the default if not explicitly disabled) and will use https instead of http to access the REST API
In this release, the backups will now create the backup and then manually compress it
This change will increase the required disk space for backups to allow the post-backup compression to complete.
tungsten_provision_slave has now been renamed to tprovision.
Additional messaging has been added to the output displayed when running tprovision.
A new logfile,
console.logis now generated in the
$CONTINUENT_ROOT/tungsten/tungsten-manager/logsdirectory which contains all output displayed via cctrl. This file will provide Continuent Support with more valuable information when assisting to diagnose support cases.
The following issues are known within this release but not considered critical, nor impact the operation of Tungsten Cluster. They will be addressed in a subsequent patch release.
Whilst this does not cause any issues, it could generate unnecessary alerts for customers monitoring.
The cause has been identified and affects version 7.0.0 and 7.0.1. This will be fixed in the next 7.0.2 release.
The check_tungsten_online command returns a Replicator offline error on active witness hosts.
The tpm policy command may return the incorrect policy value for composite clusters.
Two new tpm options have been included as part of the new API in this release.
The options are used for setting the API admin user credentials and are as follows:
Issues: CT-1276, CT-1433
Issues: CT-210, CT-327, CT-1275
A new command line tool tmonitor is now available for the management and testing of external Prometheus exporters (node and mysqld), and for the testing of internal exporters (Manager, Connector and Replicator).
This allow you to purge THL files based on the following rules:
Gather the last applied seqno from all Replica nodes and take the lowest one
Find the current THL file which contains that seqno, then locate the previous one
Construct a thl purge command to remove thl thru the last seqno in the prev file
The default behavior is to display the needed commands for the admin to execute manually.
tpm diag now collects routing table information via
route -n , and has two new
--include specifies a comma-separated list of subroutines to include. Any gather subroutine not
listed will be skipped.
--groups specifies a comma-separated list of subroutine groups to include. Any group not listed will be skipped.
A new sub-command has been added, tpm generate-haproxy-for-api. This read-only action will read all
available INI files and dump out corresponding
haproxy.cfg entries with properly incrementing
ports; the composite parent will come first, followed by the composite children in alphabetical order.
The tungsten_generate_haproxy_for_api script functionality has been merged into the tpm generate-haproxy-for-api command. The tungsten_generate_haproxy_for_api script remains as a shell wrapper for tpm generate-haproxy-for-api.
tungsten_send_diag now supports a new command-line argument,
will cause the removal of the diagnostic archive file generated using the
The tungsten_reset_manager command is now able to restart the
Manager process when the
-s argument is passed in.
With the release of APIv2, a new cli tool has been introduced to allow easier access called tapi.
In addition, the vast majority of Tungsten cli tools have been updated to optionally use the APIv2 interface when desired.
The Nagios and Zabbix checks are also available via APIv2 using the tapi tool.
The tmonitor command now has better help text and more options to ease usage,
--filter to allow easy viewing of the tmonitor test output.
A new option to print the merged logs to
STDOUT has been added to tungsten_merge_logs (
The tpm command suite now properly supports the
--profile argument to specify a Tungsten json configuration
file in place of the installed
The tapi command now supports the
--affinity argument which will display all Connector-specific affinity settings, along with
--connectorstatus to show all.
A new command (error) has been added to trepctl to output a full stack trace of the last error, if any.
trepctl -serviceEvent application failed: seqno=10 fragno=0 message=Table hr.regions not found in database. Unable to generate a valid statement. com.continuent.tungsten.replicator.applier.ApplierException: Table hr.regions not found in database. Unable to generate a valid statement. at com.continuent.tungsten.replicator.applier.JdbcApplier.getTableMetadata(JdbcApplier.java:582) at com.continuent.tungsten.replicator.applier.JdbcApplier.fillColumnNames(JdbcApplier.java:494) at com.continuent.tungsten.replicator.applier.JdbcApplier.getColumnInformation(JdbcApplier.java:1236) at com.continuent.tungsten.replicator.applier.MySQLApplier.applyOneRowChangePrepared(MySQLApplier.java:418) at com.continuent.tungsten.replicator.applier.JdbcApplier.applyRowChangeData(JdbcApplier.java:1460) at com.continuent.tungsten.replicator.applier.JdbcApplier.apply(JdbcApplier.java:1576) at com.continuent.tungsten.replicator.applier.ApplierWrapper.apply(ApplierWrapper.java:100) at com.continuent.tungsten.replicator.pipeline.SingleThreadStageTask.apply(SingleThreadStageTask.java:871) at com.continuent.tungsten.replicator.pipeline.SingleThreadStageTask.runTask(SingleThreadStageTask.java:601) at com.continuent.tungsten.replicator.pipeline.SingleThreadStageTask.run(SingleThreadStageTask.java:185) at java.base/java.lang.Thread.run(Thread.java:834)
backup-method=mariabackup or backup-method=mariabackup-incremental
Fixes an issue where tprovision could remove the SSL certs for MySQL on reprovision
It is now possible to compress and/or encrypt THL on disk. For more information on using these features see https://docs.continuent.com/tungsten-clustering-7.0/thl-compress-encrypt.html
For full details on enabling this feature, refer to this page
For more details and steps to enable, see https://docs.continuent.com/tungsten-clustering-7.0/connector-advanced-audit-logging.html
Note that TLS 1.3 was introduced in jdk 8u272. So tpm will only set it by default for java 8u272 and later
versions. It is still possible to force the protocol to be used via tpm flag
This new Proxy mode is for Composite Active/Active clusters only, and allows you to specifically configure writes to
be directed to a single cluster by the use of the tpm
For full details on this feature, and configuring it, see [link to be added]
opt-timeout parameter (seconds) can be specified to limit the wait before stopping the connector. Not passing this parameter implies infinite wait.
Default systemd configuration files for Tungsten components no longer specifies the tungsten group to execute the command. This will prevent file access issues when tungsten user belongs to several groups.
When services are deployed with systemd and MySQL could not start due to an error, tpm would not be able to later start MySQL
In certain cases, tprovision would not be able to find the binary log position of the backup when taken from a primary. This has been fixed.
Fixes a bug in tprovision when using xtrabackup version 8, due to changes in xtrabackup binaries.
The tpm connector command now handles special characters in the password string.
The tpm update command will now exit with an error if any files not owned by the configured Tungsten OS user are found in the Tungsten installation directory.
For example, if the OS user is tungsten and the installation directory is
/opt/continuent, containing the
/opt/continuent/thl/archived_thl.zip owned by
root would cause something like the
following error to be produced, and tpm update would exit:
Foreign-owned files found! Located files in the Tungsten installed directory /opt/continuent that are not owned by the Tungsten OS user (tungsten): /opt/continuent/thl/archived_thl.zip Please change the ownership of these files to OS user "tungsten" using the chown command as root via sudo, then rerun the `tpm update` command. For example: shell> sudo chown -R tungsten:tungsten /opt/continuent
The tpm diag command now behaves correctly on Connector-only nodes, where previously it would try to gather Manager and Replicator-specific items.
Fixes a security issue within the tpm diag command.
tungsten_send_diag no longer prints an error about
Use of uninitialized value $diagArgs in concatenation.
The tpm command no longer prints an error when run with no other command-line arguments.
The tpm command no longer aborts with a
Use of uninitialized value error
when a stray
tungsten.cfg file exists under
tprovision (formerly tungsten_provision_slave) may fail to provision if the MySQL data directory was not accessible to the tungsten user.
The tpm generate-haproxy-for-api command no longer fails on CentOS 8.
The tmonitor command no longer fails on Debian 9 and Ubuntu.
All tpm sub-commands now handle command-line arguments more intelligently.
The tpm purge-thl command now handles command-line arguments more intelligently.
The tpm diag command now properly collects the system information file on Debian systems.
The tpm update command will now properly remove composite services.
The tungsten_find_orphaned command no longer fails with an
'Can't exec "/bin/sh": Argument list too long' error when there are too many THL files to parse.
The tpm ask command no longer calls
Data::Dumper when it is not available.
tpm now parses the MYSQL SSL related setting correctly.
When MySql services where badly installed, some distribution could show a
“not-found” status within systemctl, confusing tpm
The tpm command now communicates properly when there is no INI configuration file or staging-method
deploy.cfg configuration defined.
The tpm diag command now handles Multi-Site/Active-Active topologies better.
The tpm diag command now handles zero-length
mysqld.log files gracefully.
When running the cluster_backup in a Active/Active environment, when setting
to false, the script would still attempt to backup the Primary as it would scan the wrong sub-service and incorrectly identify the
Relay node as a candidate.
When using parallel apply, the replicator would error with a Foreign Key constraint error if statements were issued against two or more objects that shared the same name, but with different case sensitivity, for example:
mysql> create table testtable; mysql> drop table testtable; mysql> create table TestTable;
ROWbased replication. An alternative workaround to ensure correct rollback on failure, would be to run the statement with
STATEMENTbased replication for the session. This will also provide better performance for larger tables.
When connecting to a THL server, a client will now connect to the next available host in its THL uri, if the first does not have the sequence number that the client requires. The client will then fail only if none of the hosts from the uri can provide the needed sequence number.
Fixed an issue when using Parallel apply that would show a
NullPointerException in case an event could either not be found or
be corrupted in THL. This will now display a correct message
Missing or corrupted event from storage
Fixed an issue where trepctl was leaving JMX connections opened.
BidiRemoteSlaveFilter could fail to correctly flag fragmented events in unprivileged environments (Aurora, for example)
In such an environment (multi-active, unprivileged database access), a new setting was introduced to force extraction process to read ahead
to the last fragment to detect the service name (false by default). Enabled with
This will prevent the following case: in Composite Active/Active topologies, a given connection starts to write data to a site. The site fails, connection gets reconnected the other site and resumes writing. However the data written to the 1st site has not reached the 2nd site, thus data will not be consistent.
Default is to reject reconnections that follow a write operation (
RW_STRICT connection or SmartScale after a write) and to allow
reconnection after a read operation (
RO_RELAXED or SmartScale after a read) which translates to
It is still possible to get the previous behavior (reconnecting transparently connections cross-site) by specifying both
--connector-allow-cross-site-reconnects-for-reads=true, at your own risk
This setting can be over-ridden by using the following tpm property
VALUE set to autodetect, this value will mirror the MySQL
connect_timeout system variable. Set to 0 for infinite timeout.
Connector no longer requests cross-site services information from manager. In addition to removing extra network traffic, this cures a problem of connections counted twice in data source connection statistics