Apache Release Notes

Ambari 3.0.0.0-1

Security Improvements

• Dependency Upgrades to Address CVEs:

  • Upgraded commons-collections to resolve CVEs (AMBARI-26185)
  • Upgraded logback to 1.5.16 (AMBARI-26306, AMBARI-26074)
  • Upgraded PostgreSQL from 42.2.2 to 42.3.8 (AMBARI-25953)
  • Upgraded spring-security-core from 5.7.2 to 5.7.8 (AMBARI-25952)
  • Upgraded net.sf.ehcache to 3.10.0 (AMBARI-26076)
  • Resolved snakeyaml 1.12 CVE (AMBARI-26184)
  • Updated org.codehaus.jackson:jackson-mapper-asl dependency (AMBARI-25848)
  • Upgraded Hadoop dependency version (AMBARI-25986)

• Security Enhancements:

  • Fixed Kerberos encryption issues (AMBARI-26277)
  • Fixed Kerberos Jinja2 Template Error (AMBARI-26093)
  • Fixed security vulnerability CVE-2016-2183 (AMBARI-26122)
  • Fixed default SSL Ciphers of port 8440/8441 that were too weak (AMBARI-26118)
  • Added password validation criteria for Ambari local users (AMBARI-26061)
  • Improved database password character type requirements (AMBARI-26236)
  • Fixed Knox SSO login to Ambari (AMBARI-26307)
  • Added documentation on how to report security issues (AMBARI-26012)

User Interface Improvements

• UI Framework Upgrades:

  • Upgraded jQuery and Bootstrap to latest versions (AMBARI-25289)
  • Fixed outdated ember-collection dependency (AMBARI-25988)
  • Fixed test failures caused by jQuery upgrade (AMBARI-26146)

• UI Fixes and Enhancements:

  • Fixed tooltip display issues (AMBARI-26251)
  • Fixed Configuration Group creation (AMBARI-26257)
  • Fixed stack and versions page display issues (AMBARI-26200)
  • Fixed style rendering errors (AMBARI-26199)
  • Fixed dropdown menu flex layout overflow (AMBARI-26205)
  • Fixed Ambari host page action button (AMBARI-26194)
  • Fixed redirection issue of cluster creation flow (AMBARI-26183)
  • Improved time range selector (AMBARI-26198)
  • Reduced websocket connections in web UI to improve performance (AMBARI-25928)
  • Added validation for Download CSV on Admin/Kerberos tab (AMBARI-26102)
  • Fixed issue with selecting all hosts in install wizard (AMBARI-26120)

• Service UI Enhancements:

  • Added quicklink for HiveServer2 web UI (AMBARI-26270)
  • Added server link for ZK Admin server (AMBARI-26201)
  • Fixed capacity-scheduler views (AMBARI-26255)
  • Removed Google Analytics as per ASF Privacy Policy (AMBARI-26103)

Core Improvements

• Java 17 Support

  • Full compatibility with JDK 17 (AMBARI-26142)
  • Added Ambari Java Home configuration for JDK 17 (AMBARI-26238)
  • Fixed ambari-env.sh after JDK upgrade (AMBARI-26233)
  • Fixed NoClassesFoundToAnalyzeException when compiling with JDK 17 (AMBARI-26275)
  • Fixed annotation processing issue in ConfigurationTest (AMBARI-26203)

• Python 3 Support

  • Made Ambari support Python 3 environment (AMBARI-26000)
  • Fixed Python 3 compilation errors (AMBARI-26121)
  • Fixed Python 3 type encoding errors (AMBARI-26062, AMBARI-26068)
  • Fixed SyntaxWarnings after moving to Python 3 (AMBARI-26070)
  • Fixed all Python script files for Python 3 (AMBARI-26100)
  • Fixed Ranger script file for Python 3 (AMBARI-26096)
  • Added dependency python3-distro for ambari-server (AMBARI-26119)
  • Fixed PortAlert test failures due to Python 2 to 3 upgrade (AMBARI-26105)
  • Fixed TestConfigs Python test case failures (AMBARI-26081)

• Code Modernization

  • Added Ruff integration for Python code linting (AMBARI-26147)
  • Converted string formatting to f-strings (AMBARI-26243, AMBARI-26244, AMBARI-26245, AMBARI-26286)
  • Implemented Git Version Control for Ambari Jenkinsfile (AMBARI-26097)
  • Switched PhantomJS used by Karma tests to chromium-browser (AMBARI-26113)
  • Configured Chromium Browser in Jenkins file (AMBARI-26114)

• Build and Packaging Improvements

  • Fixed Ambari Server parallel compilation and packaging issues (AMBARI-26191)
  • Fixed RPM build failures (AMBARI-26319)
  • Fixed RPM packaging errors for ambari-web and ambari-views (AMBARI-26125)
  • Fixed server build failure due to ambari-serviceadvisor version (AMBARI-25920)
  • Fixed ambari-admin compilation issues (AMBARI-25968)
  • Fixed issue with ambari-admin build entering testing phase (AMBARI-26132)
  • Added distro dependency to Ambari Agent (AMBARI-26197)
  • Fixed jersey conflict error when starting Ambari server (AMBARI-26320)

• Service Improvements

  • Enabled Spark to use Hadoop native libraries for better performance (AMBARI-25987)
  • Fixed Hive installation failures due to missing dependencies (AMBARI-26326)
  • Set up Hive's xms config (AMBARI-26305)
  • Fixed HDFS web service check (AMBARI-26276)
  • Fixed incorrect Ambari infra-solr service config (AMBARI-25970)
  • Fixed wrong config file name in Spark service advisor (AMBARI-25932)
  • Increased default value of phoenix.mutate.maxSizeBytes (AMBARI-25977)
  • Fixed HBase config issue (AMBARI-25827)
  • Fixed default value in hive-site.xml (AMBARI-25897)
  • Added host and user to the tagsync log's file name (AMBARI-26139)
  • Fixed issue with Zeppelin not downloading interpreter dependencies (AMBARI-25981)
  • Removed hive.load.data.owner from Hive configuration (AMBARI-26129)
  • Removed Phoenix configuration from HBase (AMBARI-25921)
  • Fixed missing theme.json in HDFS/YARN/MR (AMBARI-25917)
  • Fixed missing service_advisor.py in some services (AMBARI-25894)
  • Fixed issue with 'supported-refresh-commands' element (AMBARI-25863)
  • Reduced excess Zookeeper and Hadoop logging (AMBARI-24140)

• Bug Fixes

  • Fixed regex pattern flag position in ambari_jinja2 filters (AMBARI-26269)
  • Fixed invalid parameter issue in HostInfo.py (AMBARI-26271)
  • Fixed initialization issue in InitializerModule (AMBARI-26111, AMBARI-25883)
  • Fixed PYTHONPATH resolution (AMBARI-26115)
  • Fixed issue with checking firewalld status (AMBARI-26235)
  • Fixed ClusterNotFoundException during host confirmation (AMBARI-26234)
  • Fixed NumberFormatException handling (AMBARI-26144)
  • Fixed OozieUtils (AMBARI-26239)
  • Fixed shell.py execution and import order (AMBARI-26232)
  • Fixed Ambari cluster deployment blockage (AMBARI-26187)
  • Enhanced error logging for run function in shell script (AMBARI-26094)
  • Fixed various test failures after JDK upgrade (AMBARI-26222, AMBARI-26215, AMBARI-26211)
  • Fixed checkstyle errors (AMBARI-26212)
  • Fixed Ambari Component Installation Failure (AMBARI-26323)
  • Fixed alter dispatcher (AMBARI-26240)
  • Corrected spelling mistakes in documentation (AMBARI-26104)

Pinot 1.4.0

Apache Pinot 1.4.0 introduces major improvements over 1.3.0 across the query engine, ingestion, table management, security, and operational tooling.[1]

Multistage engine and queries

• New Multistage Engine Lite Mode (beta) adds a scatter-gather style execution with per-leaf record limits, letting you run complex multi-stage queries (subqueries, window functions, etc.) safely at high QPS with low latency.[1]
• A new physical optimizer (beta) for the multistage engine simplifies or removes redundant exchanges, supports group-by, joins, union-all, and can evaluate constant queries in the broker; it delivers large performance gains and lower CPU usage on colocated-join workloads.[1]
• Enhancements include support for multiple window functions per plan, ASOF joins for time-aligned analytics, colocated joins with different partitioning, local replicated joins and exchanges to reduce shuffles, broadcast join hints, dynamic rule toggling in the optimizer, better type alias parsing, task throttling based on heap usage, and query cancellation with client-provided IDs.[1]

Ingestion, pauseless consumption, and logical tables

• Pauseless consumption lets real-time ingestion continue while previous segments are built and uploaded, eliminating ingestion pauses and significantly reducing freshness gaps for real-time analytics; it includes validation, disaster recovery modes, observability metrics, and compatibility with upsert/dedup tables.[1]
• Logical tables group multiple physical REALTIME and OFFLINE tables into a single logical table, behaving like a union-based view, simplifying Zookeeper scalability, ALTER TABLE workflows, topic/schema changes, table renames, and time-based layout changes while keeping them transparent to users.[1]
• Time Series Engine moves into beta with UI support to visualize time-series query plans, a Prometheus-compatible query_range endpoint, and planner enhancements for limits, group limits, raw time handling, and metadata-driven planning, plus an end-to-end quickstart.[1]

Upsert, dedup, minion and indexing

• Upsert and dedup are hardened by making segment creation time consistent via ZooKeeper metadata to avoid non-deterministic upsert decisions, introducing more flexible enablement controls, improving config handling, and deprecating old snapshot/preload flags in favor of new enums.[1]
• Additional changes include allowing consumption during build for dedup/partial-upsert, better segment-creation-time tracking, stricter type validation for keys and time columns, improved error handling, and fixes for bad-state segments and TTL-related issues.[1]
• Minion improvements focus on deterministic small-segment merges (using ZK creation times), the ability to skip dedup metadata for cold-tier segments, stronger validations, safer task selection, better observability, and more robust segment completion handling.[1]

New indexing, functions, plugins, and APIs

• A multi-column text index allows a single text index across multiple columns with shared and per-column properties, cutting index overhead and speeding multi-field text search.[1]
• Ingestion enhancements add JSON index heap caps, default Avro logical type support, real-time segment download fixes, a JSON Confluent Schema Registry decoder, and canonicalization of BigDecimal values for consistent comparison and dedup/upsert behavior.[1]
• New scalar functions include JSON_MATCH extension points, JsonKeyValueArrayToMap, H3 gridDisk and gridDistance geospatial helpers, ISO 8601 date conversion, polymorphic ARRAY_LENGTH, CityHash, and additional date/time optimizer support such as a DATE_TRUNC optimizer.[1]
• Plugin and API enhancements add an ArrowResponseEncoder for Arrow-format responses, S3 checksum support and MD5 behavior configuration, new gRPC query endpoints (including streaming), improved client timeout configurability, secret store interfaces, and additional utilities in Pinot tools.[1]Security, resource isolation, and operations

Security, resource isolation, and operations

• Row-level security (RLS) is introduced to restrict row visibility per user or group, which is crucial for multi-tenant deployments; Groovy script static analysis adds a layer of safety for user scripts.[1]
• Workload-based query resource isolation lets administrators define workload profiles with dedicated resource allocations, improving fairness and stability under mixed workloads.[1]
• Operational changes include enforcing schemas for all tables, changing the default segment load mode to MMAP, better rebalance tooling (server-level batching, dry-run summaries, pre-checks, disk utilization info, minimize-data-movement options), more throttlers (segment download, reindex, star-tree rebuild), and richer metrics across multistage tasks, Zookeeper usage, index operations, message queues, netty memory, resource utilization, and consumer locks.[1]
• Numerous UI enhancements (rebalance UI fixes, better query visualization, buttons for pause/resume ingestion and repair actions, improved table and schema forms, segment state filtering) and extensive bug fixes across ingestion, Kinesis integration, CLP, tests, and build tooling round out the 1.4.0 upgrade from 1.3.0.[1]

Sources

[1] https://docs.pinot.apache.org/basics/releases/1.4.0.md