Preview only show first 10 pages with watermark. For full document please download

Red Hat Enterprise Mrg 1 Technical Notes

Rating
Date

November 2018
Size

211.6KB
Views

5,611
Categories

Computers & electronics Software

Transcript

Red Hat Enterprise MRG 1 Technical Notes Technical Notes for Red Hat Enterprise MRG Edition 4 Lana Brindley Martin Prpič Jaromír Hradílek Douglas Silas Florian Nadge Red Hat Enterprise MRG 1 Technical Notes Technical Notes for Red Hat Enterprise MRG Edition 4 Lana Brindley Red Hat, Inc. Engineering Co ntent Services [email protected] m Jaro mír Hradílek Red Hat, Inc. Engineering Co ntent Services [email protected] m Flo rian Nadge Red Hat, Inc. Engineering Co ntent Services [email protected] m Martin Prpič Red Hat, Inc. Engineering Co ntent Services [email protected] m Do uglas Silas Red Hat, Inc. Engineering Co ntent Services [email protected] m Legal Notice Copyright © 2010 Red Hat, Inc. T his document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus T orvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries. Node.js ® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project. T he OpenStack ® Word Mark and OpenStack Logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community. All other trademarks are the property of their respective owners. Abstract T hese technical notes contain important information available at the time of release of MRG. Known problems, resources, and other issues are discussed here. Read this document before beginning to use the MRG distributed computing platform. Table of Contents Table of Contents .Chapter . . . . . . . . 1. . . .MRG . . . . . 1.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3. . . . . . . . . . 1.1. Enhancements for Red Hat Enterprise MRG Messaging and Grid Version 1.3 3 1.2. Bug Fixes for Red Hat Enterprise MRG Messaging and Grid Version 1.3 5 1.3. Bug Fixes for Red Hat Enterprise MRG Messaging and Grid Version 1.3.0.1 20 1.4. Bug Fixes for Red Hat Enterprise MRG Messaging and Grid Version 1.3.0.1 22 .Chapter . . . . . . . . 2. . . .MRG . . . . . 1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 ............ 2.1. RHSA-2010:0631 — Bug fixes for Important: kernel-rt security and bug fix update 25 . . . . . . . . . .History Revision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 ............ 1 Red Hat Enterprise MRG 1 Technical Notes 2 Chapter 1. MRG 1.3 Chapter 1. MRG 1.3 1.1. Enhancements for Red Hat Enterprise MRG Messaging and Grid Version 1.3 BZ #4 9774 7 T his update introduces a protocol-independent C++ API. T he extra layer of indirection will make it easy to support new versions of the AMQP (Advanced Message Queuing Protocol) protocol, as well as multiple versions simultaneously. BZ #501015 T he management component is now capable of working in a cluster. BZ #560005 Previously, when a broker was started with the "--require-encryption" option enabled, any attempt to connect to it using SSL failed, because the connection was erroneously considered to be unencrypted. With this update, the Simple Authentication and Security Layer (SASL) has been altered to check for the presence of SSL encryption, and such connections are now accepted as expected. BZ #53304 5 Previously, the only way for a user to connect over Secure Sockets Layer (SSL) was to authenticate using a different username, otherwise the access control list (ACL) denied access. T his update introduces a support for the EXT ERNAL mechanism for Simple Authentication and Security Layer (SASL), so that users can now connect using SSL client certificates for authentication. BZ #514 054 Because a write operation is required when processing a message queue, reaching the maximum storage capacity rendered any recovery impossible. T o target this issue, this update introduces a "resize" utility that allows storage to be resized so that the messages can be recovered and delivered as expected. Note that the broker must be stopped in order to run this tool. BZ #4 9774 8 T he Messaging Client Python API is now protocol-independent. BZ #4 83753 A failover exchange support has been added, allowing a JMS client to subscribe to the failover exchange, retrieve cluster membership information, and receive updates. BZ #515513 With this update, the qpidd service can be run without additional authentication options. BZ #537232 T his update introduces ompiscript, an OpenMPI wrapper script that works with Condor. 3 Red Hat Enterprise MRG 1 Technical Notes BZ #4 95718 T he Messaging Client Python API now provides a failover mechanism for clustered brokers. BZ #54 84 93 T he Python Messaging API now includes support for Simple Authentication and Security Layer (SASL), which allows authentication support to be added to connection-based protocols. BZ #504 325 T he qpid-tool is now able to determine which session a queue consumer belongs to. BZ #506698 T his update handles backward/forward compatibility for QMF and its components. BZ #4 71632 Both Secure Sockets Layer (SSL) and Remote Direct Memory Access (RDMA) entries can now appear in the list of known URLs. BZ #54 8090 T his update allows for the scheduler daemon to run without swap. BZ #534 008 T his update introduces a mechanism that specifies the queue size of a queue that is setup via the Java API. BZ #54 3021 Previously, a collector could not be remotely restarted. With this update, the restart is possible and works as expected. BZ #5064 20 T he usage information for the qpid-config utility (that is, the output of the "qpid-config -h" command) have been updated to include a brief explanation of the exchange type. BZ #528800 T his update introduces support for hierarchical fairshare in Condor's evaluation of user quotas and priority factors, and allows to specify fairshare hierarchies of arbitrary depth. BZ #4 96235 It is now possible to view multiple pools, or so-called grids, from the Admin interface of the Console. T he external grid is displayed on the grid overview tab, and when an external grid is configured, it will appear on the right side of the page. Additionally, the user interface displays a statistics table listing the "NumJobs", "SubmitsInProgress", "submitsQueued", "SubmitsAllowed", "SubmitsWanted", "RunningJobs", and "IdleJobs", as well as jobs and submissions charts. 4 Chapter 1. MRG 1.3 BZ #4 9624 0 It is now possible to view and adjust the user and group dynamic quotas using the Cumin Console interface. T he current groups and users and their respective quotas are displayed as a hierarchy on the Quotas tab. 1.2. Bug Fixes for Red Hat Enterprise MRG Messaging and Grid Version 1.3 BZ #54 7769 Prior to this update, nodes occasionally reported different cluster widths in a qpidd cluster. However, consequent to an independent change to the underlying cluster code, this error no longer occurs, and all nodes now report correct values. BZ #5074 13 Due to missing "break" statement in the "catch" clause, a broker with a single I/O thread stopped responding to the SIGINT (interrupt) signal when it ran out of file handles. With this update, the relevant "catch" clause has been corrected, and brokers now respond to the interrupt signal as expected. BZ #4 8894 2 Previously, the C++ qpid client did not call the session.close() and connection.close() methods. On rare occasions, this caused the client to trigger an assertion and abort. With this update, changes were made to the 'shared_ptr' and 'weak_ptr' cycles in the "SessionImpl' and 'ConnectionImpl' methods such that the assertion is no longer triggered. BZ #4 98056 When the GSSAPI security context expired on a running connection (i.e. when a Kerberos ticket expired), the client stopped communicating over the connection but the connection was not closed. With this update, the client closes the socket when a Kerberos ticket expires and the connection no longer appears to hang. BZ #4 91305 When a new broker joined a cluster, messages to the cluster which had been acquired—but not yet either accepted or released—were not communicated to the new broker. As a result, the graphical management tools could have shown state inaccuracies. T his update ensures that non-completed messages and queue properties are replicated to newly-joined cluster members, with the result that new broker state no longer occasionally diverges. BZ #54 4 306 Very infrequently, adding a new broker to a cluster failed with the following error message: critical Unexpected error: Cannot join CPG group When this occurred, attempting to add the new broker again usually resulted in success. T his failure was caused by a missing checks in the CPG clustering-substrate code that have now been added, with the result that new brokers can be successfully added to a cluster on the first 5 Red Hat Enterprise MRG 1 Technical Notes try. BZ #4 8954 0 Opening client connections with authentication mechanisms involving passwords caused a very small amount of memory to be leaked for each connection setup. With this update, management of the memory used in the authentication mechanism is handled properly and memory leaks no longer occur. BZ #4 89537 When a broker joins a cluster, it no longer writes unnecessary messages to the log file. BZ #526299 Previously, the Python client reported a connection aborted error when a socket was closed prior to receiving a 'ConnectionCloseOk' control. T his happened intermittently when run against a clustered broker. With this update, the 'ConnectionCloseOk' control is always sent before the socket is closed. BZ #520600 Memory allocated in the pthread_create() function suffered a difficult-to-reproduce leak due to a problem with the 'ConnectionImpl' method's thread. T his update plugs this memory leak. BZ #505314 T he qpid-tool utility crashed after executing the "list" query command due to a typing error and missing exception-handling. With this update, exceptions are handled and the type error fixed so that the "list" command is no longer able to crash qpid-tool. BZ #5094 4 9 Previously, a JMS client released messages in an unpredictable order when trying to recover. T his resulted in messages being re-queued in an unpredictable order even if there was only one consumer. T his unpredictability was due to undispatched messages ending up being released in the dispatch thread. T his may have happened before or after the messages arrived in the consumers fetch queue. With this update, the messages are now released in the order they arrived in the queue. If a client calls for a recover, messages are not released in the order they arrived in the queue, hence, the next time they are sent to the client, the original ordering is preserved. Please note that this is only valid if there is only one consumer present on the queue. If there are multiple consumers the ordering cannot be guaranteed. BZ #508137 An agent that worked continuously would not show up in a broker when run under 'valgrind' due to a race condition. With this update, this behavior no longer occurs and an agent is visible in a broker when run under 'valgrind' as expected. BZ #4 79031 Having an open management session no longer prevents a broker from being added to a cluster. BZ #4 94 393 6 Chapter 1. MRG 1.3 Previously, it was possible for two brokers to join a cluster simultaneously. Consequent to this, none of the brokers was recognized as the first node, and both the qpidd service and clients stopped responding. With this update, one of the brokers always assumes the role of the first node, and both the qpidd service and clients now work as expected. BZ #508675 Previously, when a clustered broker stopped responding, it may have caused the entire cluster to stop responding as well. T o prevent this, a watchdog mechanism to detect and eventually kill an unresponsive qpidd process has been introduced. BZ #5094 37 Message queue listeners are now being updated to new members in the correct order. BZ #509892 Previously, transferring messages in a queue to a new cluster member resulted in inconsistent credit calculations between nodes, which may have caused the brokers in the cluster to exit with errors. With this update, the "delivery-properties.exchange" is set during the update process, so that the credit calculations are consistent. BZ #54 54 36 When running the 'test_failover' test case in the 'qpid-python-testkit' framework where cluster nodes are shutdown and new members are added, a newly joined node encountered an error of the form "confirmed N but only sent N-1" which was only raised on the said member causing it to shut down as inconsistent. With this update, inconsistent errors no longer occur. BZ #54 9956 Previously, when running two brokers in a cluster, one of them would fail with an inconsistency error. With this update, inconsistency errors no longer occur when running two brokers in a cluster. BZ #4 79326 An error in the 'DispatchHandle' class implementation may have caused a race condition to occur, causing a broker in a cluster to terminate unexpectedly with a core dump. With this update, the underlying code has been modified to prevent such event, and a clustered broker no longer crashes. BZ #51024 1 T he clustered qpidd service no longer terminates unexpectedly in qpid::sys::Poller::run(). BZ #5104 75 Under certain circumstances, an unhandled exception may have prevented a clustered qpidd service from starting. With this update, all exception are now handled properly, and the qpidd service always starts as expected. BZ #509800 When the "--cluster-durable" mode was enabled, exceeding the journal capacity caused the last 7 Red Hat Enterprise MRG 1 Technical Notes node to exit with the following error: Error delivering frames: Enqueue capacity threshold exceeded on queue "queue-name". (JournalImpl.cpp:576) With this update, the last node no longer shuts down when the journal capacity is exceeded. BZ #508959 Previously, attempting to propagate binding information over a dynamic link that was concurrently destroyed may have caused the broker to terminate unexpectedly. T his update ensures that dynamic bridges are not propagated over destroyed links, and the broker no longer crashes. BZ #592861 Sending a durable message of 65524 bytes or more to a durable queue, restarting the broker, and trying to receive the message from the queue failed with a framing error: "framing-error: Frame size too small 0". With this update, this behavior no longer occurs and messages are received without any errors. BZ #603839 Previously, federation routes that annotated a message with a trace ID could have caused a segmentation fault if that message was concurrently delivered from another queue. T his situation has been fixed so that it no longer causes a segmentation fault if it arises. BZ #583131 T he Java Client is now shipped with the 'slf4j' API in the qpid-deps.jar Java Archive (JAR) file, and the 'log4j' binding in slf4j-log4j.jar. BZ #50814 4 After a broker restart, when a durable message was recovered and sent again, it was not marked as "redelivered" if it had been previously sent but not acknowledged. As a result, the client was not notified of this fact, and the message may have been duplicated. With this update, all recovered messages are now marked as "redelivered", thus making message delivery more reliable. BZ #556351 Previously, performing a full restart on clusters containing durable exchange lost both the durable exchange and its bindings. T his resulted in incomplete exchanges on restart. Consequent to multiple, independent changes to the underlying cluster code, this problem no longer presents: durable exchanges and their bindings are now recovered as expected after restarting a cluster. BZ #557896 When a message was delivered, the original time to live (T T L) value was preserved regardless of how long it was actually held by a broker. Because of this, it may have lived longer than originally intended. With this update, the T T L value is decreased by the amount of time the message spends on a broker, which allows a receiver to handle it correctly. 8 Chapter 1. MRG 1.3 BZ #522267 Compiling Qpid on Windows failed because Qpid defined the pid_t and ssize_t type declarations in public headers, which some third-party headers also define. T his update moves these declarations to private headers or implementation code, with the result that compilation succeeds on Windows systems. BZ #5194 76 Previously, the Java client sent invalid accept data after a failover. T his was caused by a race condition where data from an old disconnected connection was incorrectly sent to a new failedover connection. With this update, the Java client no longer sends invalid data after a failover. BZ #568718 T he 'acl reload' function exposed through QMF is now safe to use on an active broker. BZ #582366 When reloading a large 'acl' file, the broker core was dumped. With this update, the broker continues to work after reloading the 'acl' file as expected. BZ #584 089 Load the 'acl module' while disabling management (using the "-m no" parameter), the broker core was dumped. T his was due to the 'mgtObject' not being initialized, hence the subsequent 'if' statements passed and resulted in accessing a null management Object. With this update, the broker core is no longer dumped and loading of the 'acl module' while disabling management works as expected BZ #4 90855 T he qpidd service no longer terminates with a segmentation fault due to aisexec assertion. BZ #51074 7 Previously, a QMF method would exit with a segmentation fault when the result was larger than 64kB. With this update, this method works as expected, even for larger results. BZ #514 751 Previously, a number of log messages produced by the QMF C++ Agent were output to the standard output only. With this update, these messages can also be logged into a file. BZ #501305 Rejoining a cluster after a broker restart no longer causes the cluster to stop responding. BZ #506580 When a client sends invalid data, the cluster no longer shuts down, and the client is disconnected from the cluster instead. BZ #511292 When using the "-c" command line option, the qpid-stat utility no longer reports extra 9 Red Hat Enterprise MRG 1 Technical Notes connections. BZ #54 1927 Newly added members now update their membership properly. As a result, new clients no longer miss failover update messages, and no longer cause the cluster to shut down because of the inconsistencies between the nodes. BZ #54 3524 Previously, when multiple brokers were run with the "-d --cluster-size=N" parameters specified, they would hang until N members have joined the cluster. With this update, brokers do not wait for N members to join the cluster. Instead, brokers block any client until all daemons are started. BZ #558526 Clustered qpidd no longer shuts down during a start-up due to an Authentication failure. BZ #506556 T he C++ client may not have timed out accurately when multiple connections existed in the process. T his could cause earlier events to be blocked behind later events. With this update, any timeouts are handled properly and work as expected. BZ #575177 MRG LVQ become unstable when msg T T Ls were used and a message expired. For example, once a message with a key 'X' had expired, any subsequent messages sent to the LVQ with key 'X' were expired immediately, and were never made available to the client applications. Once the LVQ began exhibiting this behavior, it continued to act this way until the broker was restarted. With this update, LVQ no longer experiences problems when a message expires when using msg T T Ls. BZ #4 71315 Previously, a parse error could occur when the user entered a reason for holding a job in the form, because the character "'" was not supported. With this update, the character "'" is supported and the form is parsed without problems. BZ #4 5834 4 Messages that were delivered to a transactional session were not automatically released on a rollback. T his caused the messages to be lost instead of being received again after the rollback. With this update, a new high-level API addresses this issue; when a transaction is rolled back, its messages are released and received again. BZ #4 91313 Clients did not have a way of finding out when a message queue was deleted, with the result that a SessionException occurred whenever a client tried to use a deleted queue. T his update ensures that, when a message queue to which a client is subscribed is deleted, an appropriate exception is returned to the client to notify it of the deletion event. Due to this, clients are now able to react appropriately to queue deletion. BZ #500779 10 Chapter 1. MRG 1.3 When using the 'FailoverManager', the "FailoverManager::Command::execute()" method only gets a session passed to it, thus, the connection for that session cannot easily be reached. With this update, a new method "SessionBase_0_10::getConnection" is provided and makes it easily possible to get the connection from a session. BZ #505287 When a message queue reaches a specified limit, its content is released from the memory. Previously, triggering this operation with an empty message caused the broker to send an empty content frame after a header frame that marks the frameset as ended, causing the connection to be terminated. With this update, this error has been fixed, and the connection is no longer accidentally terminated. BZ #511066 Previously, due to inability of Disaster Recovery / Replication exchanges to record the statistics information, qpid-stat did not produce the expected output for the replication exchange. With this update, all dropped bytes, received bytes, bytes received on each route, and other important information are recorded. As a result, the qpid-stat utility now displays the expected statistics. BZ #558968 Previously, the 'qpidd' component init script experienced LSB compliance issues. With this update, the aforementioned init script no longer experiences LSB compliance issues. BZ #559625 If a 'FailoverManager' instance was closed before it was opened, it caused a segmentation fault. With this update, the segmentation no longer occurs in the aforementioned case. BZ #591292 Previously, on a 2 node MRG cluster, one of the clients running on it could core after shutting down a single network interface on one of the broker nodes. With this update, clients no longer core. BZ #606824 Acquiring a message from an exclusive, auto-delete queue with an alternate exchange and canceling/killing the subscription resulted in the acquired messages not being sent to the alternate exchange, even though the non-acquired messages were successfully sent to the alternate exchange. With this update, all messages, acquired and non-acquired, are sent to the alternate exchange. BZ #517751 When an already existing exchange was declared again to add a new or different alternate exchange, an attempt to access a null pointer was made, which caused the broker to terminate unexpectedly. With this update, the broker checks whether the exchange is already declared, and any attempt to re-declare it now fails with an appropriate exception. BZ #519505 Due to incorrect stripping of a domain from the "userId" string, connecting to a broker using Kerberos authentication may have caused the messages sent to the broker to be rejected as 11 Red Hat Enterprise MRG 1 Technical Notes unauthorized. With this update, the broker was adjusted to store the entire "userID", so that the value can be correctly compared with the string that is sent by a client. BZ #568838 When dynamic federation of a topic exchange was in use, sending a message with a routing key that matched more than one binding may have caused such message to be delivered to a matching queue multiple times. T o prevent this behavior, the broker now tracks all queues to which the message is routed, and no longer sends it to the same queue more than once. BZ #568863 When a dynamic federation of exchanges was in use and multiple brokers shared the same binding key, deleting a bound queue on one of them caused the routes to other queues with the same binding to be removed as well. T o avoid this, the broker now tracks the origin of each remote binding, so that deleting a single queue no longer affects other queues. BZ #579681 In a queue with multiple bindings to the same topic exchange, attempting to deliver a message with a routing key that matched more than one of these bindings caused such message to be delivered multiple times. T o prevent this behavior, the broker now tracks all queues to which the message is routed, and no longer sends it to the same queue more than once. BZ #4 84 04 8 Previously, a race condition may have occurred, allowing one thread to delete a message queue while another one was flushing it. When this happened, the following error message was logged: JERR__PTHREAD: pthread failure. With this update, this error has been fixed, and the race condition no longer occurs. BZ #4 91203 When running a broker as daemon (that is, using the "--daemon" command line option), the default timeout for its startup was set to 10 seconds. Because of this, having to recover a large storage may have prevented it from starting at all. With this update, the default timeout was increased to 10 minutes, so that the broker has enough time to recover even a large amount of data. BZ #50174 9 Due to incorrect order of recovery procedures, once restarted, a broker with both the store and XML modules loaded and with persistent XML messages enabled was unable to start again. With this update, the order of recovery procedures for the store and XML exchange was altered, and the broker now starts as expected. BZ #504 691 Previously, an alternate exchange property was lost during a broker recovery, which may have caused some messages to be misdirected or even dropped. T o prevent this, the alternate exchange property was added to the broker properties database, allowing it to be recovered. 12 Chapter 1. MRG 1.3 BZ #54 4 092 When a broker first started up, it checked to see if it was the first node in the cluster. If it was, it used the backup store. If it was not the first node, it saved the store directory, created a new, clean store, and then proceeded to fill it through cluster synchronization. However, if that same node was the first node to start in a cluster twice in a row, then the original backup store was overwritten by the newer store being synced, thus destroying the original. T his was due to only one copy of the backup store being kept for all nodes in the cluster. With this update, backup store directories are sequentially numbered and can be multiple in number, with the result that it is no longer possible to delete an original backup store. Note that with this update, the cluster administrator must manually remove old and unneeded backup stores. BZ #559014 When a node was added to a cluster after a durable exchange had been defined, the new node lost its durable status for those exchanges. As a result, if the affected node was the first node to be recovered in the cluster, then the durable exchanges would have been lost. With this update, exchange durability is passed on to new nodes joining the cluster, with the result that durable exchanges can no longer potentially be lost. BZ #527233 Previously, shadow processes maintained a large amount of private (non-shared) memory. Submit nodes need to be high memory machines and could still end up in swap when running 20K+ jobs. Shadow code analysis revealed a number of linked libraries holding private memory that were not necessary. With this update, the linkages were removed, thus, shadow memory usage was significantly reduced. BZ #565618 Previously, condor_submit "fsync()"ed the UserLog for each submitted job. With this update, the UserLog is only "fsync()"ed once. BZ #4 70080 Previously, it was possible for a broker in a cluster to receive an encrypted frame before an appropriate codec was installed. Consequent to this, being unable to interpret such frame, the broker terminated itself in response. T his error has been fixed, and an additional locking mechanism has been introduced to the cluster, ensuring the security handshake is completed before processing encrypted frames. BZ #506553 Occasionally, running sesame for longer periods of time lead to a major growth in memory usage by sesame. With this update, this behavior no longer occurs. BZ #5374 81 Previously, 'qpid-stat' did not contain options for a subscription object (links a queue to a session) in QMF. With this update, the following options are introduced: — for a specific session, displays the list of subscriptions and the queue names connected to the subscription. — for a specific queue, displays the subscriptions, and for each subscription the session and connection including the process and its pid. 13 Red Hat Enterprise MRG 1 Technical Notes BZ #531833 If a total cluster failure occurred or if the initial node connected but failed before it could update the brokers list, the 'FailoverExchangeMethod' method looped infinitely. With this update, the JMS client throws a connection exception once it tries all known brokers. BZ #53184 2 When using kerberos authentication, the Java client used the user ID specified in the connection. However, the user ID did not contain any information about the domain. With this update, the user ID contains domain information. Note that when kerberos is not used, the Java client will set the user ID only. BZ #558864 Previously, the 'JMS_QPID_DEST T YPE' variable was not set making the 'getJMSDestination' method unusable. BZ #568661 Previously, the JMS client succeeded in connecting to a broker whose certificate had a random string as its common name. With this update, an option (ssl_verify_hostname=['true'/'false']) is introduced that verifies that the CN matches the hostname it believes it has connected to, if it does not, an error is raised. BZ #4 4 574 9 T he Messaging Client Python API for Red Hat Enterprise Linux 5 now supports SASL Kerberos authentication. BZ #500712 Previously, when a QMF get-query was sent to the broker, the broker replied with indications for all matching objects plus objects that have been deleted since the last mgmt-publish-interval. T his could result in inconsistent management traffic in clusters because the publish-intervals were not synchronized across all cluster nodes even though the states of the nodes were completely consistent. Note that this was not an issue for API users because the console API filters result for deleted objects. With this update, clusters no longer suffer from inconsistent management traffic. BZ #557159 When a queue with an alternate exchange was deleted, its messages were sent to the alternate exchange. When such a queue was purged via the management command, the messages were not sent to the alternate exchange. With this update, the alternate exchange contains an equal number of messages as those purged from the queue. BZ #583526 Previously, a design issue in the broker caused certain management operations (queue.purge, session.detach, session.close, connection.close) to be unstable when operating in a cluster. T hese operations were disabled during any cluster operation. With this update, the aforementioned operations are now available during any cluster operation. 14 Chapter 1. MRG 1.3 BZ #533173 Running qpidd with the "--max-connections" command line option now works as expected. BZ #576693 T he "qpid-cluster -d" command was not closing the client connection. With this update, executing "qpid-cluster -d" works as expected and closes the client connection. BZ #4 90170 Previously, the qpidd service startup script did not support the "condrestart" command, even though certain scripts incorrectly attempted to use it and failed. With this update, the "condrestart" command has been implemented, and such scripts now work as expected. BZ #504 000 Attempting to set an alternate exchange when creating an exchange using the "--altern-ex [NAME]" syntax as was detailed in the usage information, resulted in the usage information being displayed again. Using "-s-altern_ex [NAME]" resulted in the specified [NAME] argument not being used. BZ #5094 54 T he current Advanced Message Queuing Protocol (AMQP) specification allows a cluster URL in the following form: [host [":" port]] However, this also allows URLs such as "amqp:/amqp:tcp:", which can be confusing. With this update, a hostname is required, so that the valid cluster URL now looks as follows: [[amqp:]tcp:]hostname[:port] T his change ensures that all URLs now take the reasonable form. BZ #538188 After starting the qpidd daemon with a limit to the maximum number of connections, such as by specifying "--max Connections 2", running more than that number of the commands provided by the qpid-tools package, simultaneously, resulted in the last command becoming unresponsive. T his has been fixed, and such command now exits as expected. BZ #54 7295 Invoking any command provided by the qpid-tools package caused that tool to crash upon exiting because it incorrectly disconnected from the broker. With this update, commands provided by qpid-tools disconnect cleanly from the broker, and thus do not crash. BZ #4 92334 Rarely, starting the broker with a store while resource starved could cause a start failure. T his no longer occurs with this update. BZ #526680 15 Red Hat Enterprise MRG 1 Technical Notes T he AMQP specification reserves the "amq" prefix. However, it was possible to create a queue which started with "amq", which could have resulted in confusion or, at worst, session errors. T his update ensures that queue names cannot begin with any reserved prefixes, thus resolving any potential confusion and/or session problems, and enforcing adherence to the AMQP specification. BZ #54 054 5 T he default 'WANT _SUSPEND' policy included the JobStart attribute, which in some cases was 'UNDEFINED'. A 'WANT _SUSPEND' with the value 'UNDEFINED' was considered an error and startd would exit. With this update, the JobStart attribute was removed from 'WANT _SUSPEND'. Startd now treats a 'WANT _SUSPEND' that evaluates to 'UNDEFINED' as if it evaluated to 'FALSE'. BZ #603201 Previously, T he condor init script didn't implement a "condrestart" action, which was used in the rpm postuninstall script. BZ #614 993 Previously, condor_submit keyed automatic inclusion of Memory and RequestMemory requirements off the same value. Specifying Memory or RequestMemory in job Requirements would mean the default expression for the other was not automatically included. With this update, automatic inclusion for Memory is keyed off absence of Memory in Requirements and RequestMemory is keyed off RequestMemory. It is now possible to add Memory or RequestMemory to Requirements and get the default expression for the other. BZ #4 624 61 When a cluster was used as a single node in a federation, shutting down one of its brokers may have caused the transmission on a federated link to fail. T his error has been fixed, federated links are now properly replicated to other members of the cluster, and the shutdown of one of the brokers in a cluster no longer affects the transmissions. BZ #4 9824 7 T he qpid CLI utilities occasionally displayed Python stack traces when an error occurred which provided very little information to the used. With this update, all error cases result in a userunderstandable error message. BZ #51364 1 When attempting to create a persistent queue, the qpid-config utility occasionally failed when journal creation took too long. T his error does not occur anymore, and the utility no longer fails due to timeout. BZ #529670 T he qpid-config exits with an incorrect and a non-explanatory message if trying to authenticate a user not present in auth.db (for example: Failed: "T ypeError - int argument required"). With this update, a proper explanatory error message is returned (for example: "Connect Failed 320 -connection-forced: Authentication failed"). 16 Chapter 1. MRG 1.3 BZ #4 55318 A transaction commit failed without a proper error message when a queue ran out of capacity. T he correct error message was not displayed on the client side, hence it was difficult to determine the exact cause without looking at the broker log. With this update, the client now goes into the CLOSED state instead of the DET ACHED state when there is an execution exception and prints/notifies the correct exception when a transaction commit fails due the queue capacity being exceeded. BZ #517836 Previously, an exclusive parameter was ignored in JMS URL binding, if a durable attribute was present. T his caused the created queue to not be marked exclusive, even though the property was specified in the binding URL. With this update, the exclusive parameter is set to T RUE when the queue declare is issued and the queue created is now exclusive. BZ #531837 Previously, the Java client did not set the process ID in the client properties sent via the Connection Open. T his information is vital for mapping connections to clients via the management consoles and identifying consumers on a given queue. With this update, the process ID is set. BZ #4 71286 Previously, the box graphics did not always update correctly when the jobs were complete. Instead of removing boxes when jobs were completed other boxes turned green representing new running jobs. With this update, the user interface is changed and the graphics behave as expected. BZ #4 71326 Previously, jobs that did not run were displayed as 'held' when a job cluster with various jobs was submitted. With this update, all jobs are displayed with the proper status. BZ #4 8294 4 In order to prevent management messages from being accidentally staged, the "--stagingthreshold" command line option is no longer supported by the qpidd daemon. BZ #4 86779 Previously, sesame was publishing data at a very high rate (of 0.2Hz). With this update, the rate is adjusted to a proper level. BZ #4 94 399 Bindings from a durable queue to the default exchange (named "") was not visible through management after a broker restart and restore. T his did not affect the proper message forwarding of the broker. With this update, bindings from durable queues to the default exchange are visible as expected. BZ #518872 QMF did not show the auto-delete flag per exchange, though the feature is planned to be implemented later. In the exchange creating process, the flag is already one of parameters. With 17 Red Hat Enterprise MRG 1 Technical Notes this update, the visibility of this not yet implemented flag is introduced. BZ #54 94 4 3 Previously, qpid-config did not provide any access to the "arguments" field of an exchange-bind operation for header and xml exchanges because no binding key was set before the "any" or "all" keyword. With this update, users can specify needed parameters for queue to header and/or xml exchange binding. BZ #4 69919 T he startup script for the qpidd service no longer overrides environment variables. BZ #4 89315 A shutdown performed by "src/tests/perftest.cpp" closed a connection without checking whether it was still open. T his produced the following error: "Error in shutdown: Connection closed". With this update, 'perftest' checks whether a connection is still open. If so, 'perftest' closes the connection and the session. BZ #57574 8 Previously, the C++ broker 'qpidd' did not inform the user of an invalid value when using the "-worker-threads" parameter. T his meant the broker failed to start, and provided the wrong error message. With this update, the broker fails with the correct and appropriate message. BZ #518394 When creating queues using the Python tools, certain combinations of file size and number caused the broker to close the connection with an error code, resulting in unpredictable behavior when using the tools to make stores that were larger than default. Because it interfered with parameter-handling for queue sizes larger than the default, this update disables the incomplete auto-expand feature, with the result that queues with non-default sizes can successfully be created without error. BZ #507586 Running the "qpid-config add" command incorrectly failed. With this update, running "qpid-config add" correctly prints a help message. BZ #510583 On a standalone broker, 'qpid-cluster' throws the following exception: Traceback (most recent call last): File "/usr/bin/qpid-cluster", line 322, in ? if e.__repr__().find("connection aborted") > 0: AttributeError: SystemExit instance has no attribute '__repr__' With this update, the exception is handled properly and 'qpid-cluster' returns the expect output. BZ #518291 Previously, the 'SystemExit' exception was thrown by calls to 'sys.exit(n)' in some versions of Python in the Python management tools. With this update, system exits are handled properly on 18 Chapter 1. MRG 1.3 all versions of the Python interpreter. BZ #4 5254 6 T he Messaging Client Python API now provides the connection.opened, connection.closed, and session.closed API calls, for programmatically determining when connections or sessions are open or closed. BZ #5134 26 Previously, a string to double conversion returned imprecise results. With this update, string values are correctly converted directly to double values instead of converting them to a float value and then to a double value. BZ #566825 When a grid had no slots defined, the MRG Management console threw the following exception when the "Grid" option was selected from the menu: File "/usr/lib/python2.4/site-packages/cumin/pool.py", line 528, in render_status return record and "[div][span]%i[/span] of [span]%i[/span] slots idle[/div]" % \ TypeError: int argument required With this update, the exception is handled correctly and the MRG Management console shows a screen with no grid slots. BZ #601828 Previously, the error codes supplied by a QMF agent were being sent back as only one type of an exception. T his rendered the error codes unusable for debugging the QMF agent's behavior. With this update, the QMF implementation logic was changed to accommodate error return codes for every error produced. Error codes can now be sent by a QMF agent and be distinguished by the QMF console. BZ #531561 Previously, the alternate exchange attribute of a queue was not accessible via QMF. T he alternate exchange was not visible in either qpid-config or in qpid-tool. T he queue did have an alternate exchange and behaved correctly, however it was simply invisible through QMF. With this update, the queue is accessible via QMF as expected. BZ #610816 Before proper configuration, the default Condor configuration sent unroutable emails. With this update, the default settings have been adjusted to route the messages to the local root inbox. BZ #4 67890 T his update adds the Condor Management methods for the condor_master daemon to Windows execution hosts. BZ #4 55076 Previously, sending a transacted transient message initiated the creation of the T ransaction 19 Red Hat Enterprise MRG 1 Technical Notes Prepared List (T PL) store, even though it was not required. T o avoid unnecessary disk activity, the store logic has been corrected, and sending transacted transient messages no longer creates the T PL store. BZ #514 008 T he latencytest utility no longer displays the "nan" string during execution. BZ #568107 When the SASL authentication failed, the message that was logged did not contain a user ID and a domain for which the authentication failed. With this update, logged messages contain this information. BZ #60184 1 T his update adds the ability to clear a queue via the purge() method in the qpid-tool command line client in a clustered environment. BZ #4 74 4 38 Previously, sesame only checked the 'uname' values once and never updated them. With this update, sesame periodically looks for changes and updates specific values when needed. BZ #529771 When a broker was running as a member of a cluster and it had authentication enabled, running 'qpid-stat' with a valid broker address of the "username/password@host:port" form lead to the following error: Failed: TypeError - int argument required With this update, the error is no longer returned and you are able to get the status of the broker. 1.3. Bug Fixes for Red Hat Enterprise MRG Messaging and Grid Version 1.3.0.1 Important T his update was released as the security errata RHSA-2010:0921 - Important: Red Hat Enterprise MRG Messaging and Grid security and bug fix update for Red Hat Enterprise Linux 5 BZ #6524 63 On the C++ Messaging API, messages that were received and acknowledged through the Session::acknowledge() function were never confirmed. As a result, the set of unconfirmed sequences (in client/am qp0_10/AcceptT racker::State) grew unbounded consuming approximately 140 bytes of memory per call of the Session::acknowledge() function. With this update, memory usage of the receiving process is stable. 20 Chapter 1. MRG 1.3 BZ #636850 A flaw in the Python QMF console library caused events generated by QMFv2 agents to not be propagated to the application. As a result, events generated by agents could not be seen if they were using the QMFv2 format (i.e. any agent built using the C++ agent API). T his update fixes the defect so that events generated by QMFv2 agents are visible from the console API. BZ #620687 T he example programs for messaging did not provide any way to alter or access the connection options (e.g. to test reconnect, to set a username for authentication, etc.). In order to demonstrate these features, the user needed to alter the code and rebuild the examples. With this update, an additional optional CLI argument was added to the example programs so that a user is able to (in the command line) use connection options and demonstrate/test connection options without needing to modify and rebuild the example programs. BZ #6214 68 A flaw in the message broker caused rejected messages to remain on the queue. If a durable message was rejected and the broker was restarted, the message would stay in the queue since it was not removed from the durable store. As a result, the rejected message was erroneously redelivered. With this update, the aforementioned defect has been fixed and rejected messages are now properly dequeued. BZ #64 7861 When receiving arguments for queue creation, the broker did not interpret strings as numbers for numeric quantities even if the string represented a number. As a result, sending numbers as string values in queue-create arguments caused the values to not take affect in the broker. With this update, the broker now properly interprets numeric values even if they are encoded as strings. BZ #64 3384 Under certain conditions, restarting the cum in service (service cum in restart) threw the following exception: Cumin: NameError: global name 'UpdateException' is not defined. T his was caused by the fact that the UpdateException was not defined. With this update, the aforementioned exception has been removed from the code and is no longer thrown. BZ #64 9915 T he cum in user (i.e. the cum in-data client and the cum in-web QMF client) needs to be authenticated to the broker. Previously, if the password for the authentication was stored in plain text in a file (e.g. cum in.conf), that file did not have appropriate permissions so that the password could be readable by the cum in user only. With this update, the ownership of files in /etc/cum in changed to cumin.cumin with 0600 permissions, thus, ensuring the safety of the stored password. BZ #64 9822 Prior to this update, no mechanism to limit access to QMFv2 Agent methods was available. With 21 Red Hat Enterprise MRG 1 Technical Notes this update, an API hook was provided so that agent applications can perform their own access control based on an authentic identity. BZ #631567 An empty list in the content of an address (i.e. []) caused the address parser to throw an exception. T his could cause various operations (e.g. creating a messaging receiver) to fail. With this update, the address parser was fixed so that it can properly parse empty lists, thus, the aforementioned exceptions are no longer thrown. BZ #64 7860 A flaw in the address parser for the C++ messaging client caused numeric arguments for address attributes to be interpreted and encoded as strings. T his resulted in problems when passing numeric arguments for queue-creation operations (e.g. setting the size limit, the durable journal file count, etc.). With this update, the parser has been fixed so that numeric text is interpreted as numbers and not strings. BZ #64 5855 A flaw in the address parser for JMS (Java Message Service) could cause a faulty creation of an exclusive queue. Since the queue was created as exclusive, other consumers could not subscribe to the queue. T his update, fixes the aforementioned defect and the JMS address syntax can be used to create non-exclusive queues. BZ #650182 T his update provides documentation on enabling authentication and authorization in qpidd and configuration and security of user/password information for the cum in user (e.g. permissions and content of the cum in.conf configuration file) in the Management Console Installation Guide. 1.4. Bug Fixes for Red Hat Enterprise MRG Messaging and Grid Version 1.3.0.1 Important T his update was released as the security errata RHSA-2010:0922 - Important: Red Hat Enterprise MRG Messaging and Grid security and bug fix update for Red Hat Enterprise Linux 4 BZ #652092 A flaw in the message broker caused rejected messages to remain on the queue. If a durable message was rejected and the broker was restarted, the message would stay in the queue since it was not removed from the durable store. As a result, the rejected message was erroneously redelivered. With this update, the aforementioned defect has been fixed and rejected messages are now properly dequeued. BZ #652093 22 Chapter 1. MRG 1.3 T he example programs for messaging did not provide any way to alter or access the connection options (to test reconnect, to set a username for authentication, etc.). In order to demonstrate these features, the user needed to alter the code and rebuild the examples. With this update, an additional optional CLI argument was added to the example programs so that a user is able to (in the command line) use connection options and demonstrate/test connection options without needing to modify and rebuild the example programs. BZ #652091 An empty list in the content of an address (i.e. []) caused the address parser to throw an exception. T his could cause various operations (e.g. creating a messaging receiver) to fail. With this update, the address parser was fixed so that it can properly parse empty lists, thus, the aforementioned exceptions are no longer thrown. BZ #652090 A flaw in the Python QMF console library caused events generated by QMFv2 agents to not be propagated to the application. As a result, events generated by agents could not be seen if they were using the QMFv2 format (i.e. any agent built using the C++ agent API). T his update fixes the defect so that events generated by QMFv2 agents are visible from the console API. BZ #654 4 22 Prior to this update, no mechanism to limit access to QMFv2 Agent methods was available. With this update, an API hook was provided so that agent applications can perform their own access control based on an authentic identity. BZ #652089 A flaw in the address parser for JMS (Java Message Service) could cause a faulty creation of an exclusive queue. Since the queue was created as exclusive, other consumers could not subscribe to the queue. T his update, fixes the aforementioned defect and the JMS address syntax can be used to create non-exclusive queues. BZ #652087 When receiving arguments for queue creation, the broker did not interpret strings as numbers for numeric quantities even if the string represented a number. As a result, sending numbers as string values in queue-create arguments caused the values to not take affect in the broker. With this update, the broker now properly interprets numeric values even if they are encoded as strings. BZ #652088 A flaw in the address parser for the C++ messaging client caused numeric arguments for address attributes to be interpreted and encoded as strings. T his resulted in problems when passing numeric arguments for queue-creation operations (e.g. setting the size limit, the durable journal file count, etc.). With this update, the parser has been fixed so that numeric text is interpreted as numbers and not strings. BZ #6534 71 On the C++ Messaging API, messages that were received and acknowledged through the Session::acknowledge() function were never confirmed. As a result, the set of 23 Red Hat Enterprise MRG 1 Technical Notes unconfirmed sequences (in client/am qp0_10/AcceptT racker::State) grew unbounded consuming approximately 140 bytes of memory per call of the Session::acknowledge() function. With this update, memory usage of the receiving process is stable. 24 Chapter 2. MRG 1.2 Chapter 2. MRG 1.2 2.1. RHSA-2010:0631 — Bug fixes for Important: kernel-rt security and bug fix update BZ #601210 T he Fusion Message Passing T echnology (Fusion MPT ) driver output many spurious "ioc[N] not found!" debugging messages to the dmesg log. T his update reduces the verbosity of the Fusion MT P drivers so that dmesg output is more readable. BZ #599901 When using the igb network driver, multicast settings may have been lost, causing failure to receive multicast data. T his update upgrades the igb network driver to upstream version 2.1.0k2, which contains a fix such that multicast settings are retained and multicast data is properly received. BZ #555671 T his update upgrades the bnx2 driver to upstream version 2.0.8, which provides improved hardware support. BZ #586135 T his update upgrades the bnx2x driver to upstream version 1.52.1, which provides fixes and enhancements over the previous version. BZ #594 630 An error in the securityfs code incorrectly checked the value of a pointer instead of dereferencing it, which could have potentially caused a kernel oops. T his has been fixed in this update. BZ #562075 T his update adds the MNT _NOFOLLOW option to the um ount(2) system call. T his option prevents um ount(2) from following symbolic links, to help prevent symbolic link attacks on unprivileged file systems such as Sam ba, NCPFS, and file systems provided by the FUSE (Filesystem in Userspace) project. BZ #578120 Due to security concerns raised by the state of the upstream T ransparent Inter-Process Com m unication protocol (T IPC ) code, which is not maintained in the upstream Linux kernel, this update disables T IPC. BZ #576665 T he timekeeping code has been improved so as to avoid a potential deadlock when the accumulator overflowed due to a particularly lengthy delay. 25 Red Hat Enterprise MRG 1 Technical Notes Revision History Revision 4 -2.4 00 Rebuild with publican 4.0.0 2013-10-31 Rüdiger Landmann Revision 4 -2 Rebuild for Publican 3.0 2012-07-18 Anthony T owns Revision 3-4 Updates from review T hu Oct 14 2010 Lana Brindley Revision 3-3 Updates from review T hu Oct 14 2010 Jaromir Hradilek Revision 3-2 Wed Oct 13 2010 Added Florian Nadge as author Re-ordered chapters Fixed formatting issues Jaromir Hradilek Revision 3-1 Minor changes Wed Oct 13 2010 Lana Brindley Revision 3-0 Minor changes Wed Oct 13 2010 Lana Brindley Revision 0-3 Re-arranged information Wed Oct 13 2010 Lana Brindley Revision 0-2 T ue Oct 12 2010 Added info from RHEA-2010-9865 Lana Brindley Revision 0-1 T ue Sep 14 2010 Added info from RHSA-2010-0631 Lana Brindley Revision 0-0 T ue Sep 14 2010 Initial creation of book by publican Lana Brindley 26

Red Hat Enterprise Mrg 1 Technical Notes

Rating

Date

Size

Views

Categories

Share

Transcript