Chapter 1. Hortonworks DataFlow 3.1.1 Release Notes
This document provides you with the latest information about the HDF 3.1.1 release and its product documentation.
Component Support
HDF 3.1.1 includes the following components:
Apache Ambari 2.6.1
Apache Kafka 1.0.0
Apache NiFi 1.5.0
NiFi Registry 0.1.0
Apache Ranger 0.7.0
Apache Storm 1.1.1
Apache ZooKeeper 3.4.6
Apache MiNiFi Java Agent 0.4.0
Apache MiNiFi C++ 0.4.0
Hortonworks Schema Registry 0.5.0
Hortonworks Streaming Analytics Manager 0.6.0
Component Availability in HDF
Previous HDF releases shipped with the following components versions.
NiFi | Storm | Kafka | ZooKeeper | Ambari | Ranger | MiNiFi Java Agent | MiNiFi C++ | Streaming Analytics Manager | Schema Registry | NiFi Registry | |
---|---|---|---|---|---|---|---|---|---|---|---|
HDF 3.1.1 | 1.5.0 | 1.1.1 | 1.0.0 | 3.4.6 | 2.6.1 | 0.7.0 | 0.4.0 | 0.4.0 | 0.6.0 | .5.0 | 0.1.0 |
HDF 3.1.0 | 1.5.0 | 1.1.1 | 1.0.0 | 3.4.6 | 2.6.1 | 0.7.0 | 0.4.0 | 0.4.0 | 0.6.0 | 0.5.0 | 0.1.0 |
HDF 3.0.3 (IBM Power System only) | 1.2.0 | 1.1.0 | 0.10.2.1 | 3.4.6 | 2.6.0 | 0.7.0 | 0.2.0 | TP | 0.5.0 | 0.3.0 | N/A |
HDF 3.0.2 | 1.2.0 | 1.1.0` | 0.10.2.1 | 3.4.6 | 2.6.0 | 0.7.0 | 0.2.0 | TP | 0.5.0 | 0.3.0 | N/A |
HDF 3.0.1 | 1.2.0 | 1.1.0 | 0.10.2.1 | 3.4.6 | 2.5.1 | 0.7.0 | 0.2.0 | TP | 0.5.0 | 0.3.0 | N/A |
HDF 3.0.0 | 1.2.0 | 1.1.0 | 0.10.2.1 | 3.4.6 | 2.5.1 | 0.7.0 | 0.2.0 | TP | 0.5.0 | 0.3.0 | N/A |
HDF 2.1.4 | 1.1.0 | 1.0.2 | 1.10.1 | 3.4.6 | 2.4.2.0 | 0.6.2 | 0.1.0 | TP | N/A | N/A | N/A |
HDF 2.1.2 | 1.1.0 | 1.0.2 | 0.10.1 | 3.4.6 | 2.4.2.0 | 0.6.2 | 0.1.0 | TP | N/A | N/A | N/A |
HDF 2.1.1 | 1.1.0 | 1.0.2 | 0.10.1 | 3.4.6 | 2.4.2.0 | 0.6.2 | 0.1.0 | TP | N/A | N/A | N/A |
HDF 2.1.0 | 1.1.0 | 1.0.2 | 0.10.1 | 3.4.6 | 2.4.2.0 | 0.6.2 | 0.1.0 | TP | N/A | N/A | N/A |
HDF 2.0.2 | 1.0.0 | 1.0.1 | 0.10.0.1 | 3.4.6 | 2.4.1.0 | 0.6.0 | 0.0.1 | TP | N/A | N/A | N/A |
HDF 2.0.1 | 1.0.0 | 1.0.1 | 0.10.0.1 | 3.4.6 | 2.4.1.0 | 0.6.0 | 0.0.1 | TP | N/A | N/A | N/A |
HDF 2.0.0 | 1.0.0 | 1.0.1 | 0.10.0.1 | 3.4.6 | 2.4.0.1 | 0.6.0 | 0.0.1 | TP | N/A | N/A | N/A |
HDF 1.2.1 | 0.6.1 | 0.10.0 | 0.9.0.1 | 3.4.6 | N/A | N/A | N/A | N/A | N/A | N/A | N/A |
HDF 1.2.0.1 | 0.6.1 | 0.10.0 | 0.9.0.1 | 3.4.6 | N/A | N/A | N/A | N/A | N/A | N/A | N/A |
HDF 1.2.0 | 0.6.0 | 0.10.0 | 0.9.0.1 | 3.4.6 | N/A | N/A | N/A | N/A | N/A | N/A | N/A |
HDF 1.1.0 | 0.4.0 | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A |
HDF 1.0 | 0.3.0 | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A |
What's New in HDF 3.1.1
HDF 3.1.1 is a maintenance release that includes bug fixes and certifies HDF for use on IBM Power Systems.
For information about the HDF 3.1.0 release, see the HDF 3.1.0 Release Notes.
Unsupported Features
Some features exist within HDF 3.1.1, but Hortonworks does not currently support these capabilities.
Technical Preview Features
The following features are available within HDF 3.1.1 but are not ready for production deployment. Hortonworks encourages you to explore these technical preview features in non-production environments and provide feedback on your experiences through the Hortonworks Community Forums.
Table 1.1. Technical Previews
Component | Feature |
---|---|
MiNiFi |
Android/iOS MiNiFi libraries for mobile integration |
Community Driven Features
The following features are developed and tested by the Hortonworks community but are not officially supported by Hortonworks. These features are excluded for a variety of reasons, including insufficient reliability or incomplete test case coverage, declaration of non-production readiness by the community at large, and feature deviation from Hortonworks best practices. Do not use these features in your production environments.
Community Driven Kafka features
Kafka Connect
Kafka Streams
Community Driven NiFi Tools and Services
Embedded ZooKeeper
Sensitive key migration toolkit
Community Driven NiFi Processors
AttributeRollingWindow
AWSCredentialsProviderControllerService
CompareFuzzyHash
ConsumeAzureEventHub
ConsumeEWS
ConsumeIMAP
ConsumeKafka_0_11
ConsumeKafkaRecord_0_11
ConsumePOP3
ConvertExcelToCSVProcessor
CountText
DebugFlow
DeleteDynamoDB
DeleteGCSObject
DeleteHDFS
DeleteMongo
DeleteRethinkDB
ExecuteFlumeSink
ExecuteFlumeSource
ExecuteSparkInteractive
ExtractCCDAAttributes
ExtractEmailAttachments
ExtractEmailHeaders
ExtractMediaMetadata
ExtractTNEFAttachments
FetchAzureBlobStorage
FetchGCSObject
FuzzyHashContent
GetDynamoDB
GetHDFSEvents
GetRethinkDB
GetSNMP
InvokeGRPC
ISPEnrichIP
InferAvroSchema
ListenBeats
ListenGRPC
ListenLumberjack
ListenSMTP
ListAzureBlobStorage
ListGCSBucket
ListS3
LogMessage
ModifyBytes
MoveHDFS
PublishKafka_0_11
PublishKafkaRecord_0_11
PutKudu
PutMongoRecord
PutRethinkDB
OrcFormatConversion
PutAzureBlobStorage
PutDynamoDB
PutGCSObject
PutIgniteCache
PutKinesisFirehose
PutKinesisStream
PutLambda
PutSlack
PutTCP
PutUDP
QueryDNS
SetSNMP
SpringContextProcessor
StoreInKiteDataset
Note | |
---|---|
HDF 3.1.x does not support Hive 2. As a result, NiFi Processors working with Hive (PutHiveQL, PutHiveStreaming, SelectHiveQL) and the NiFi Controller Service HiveConnectionPool may not support Hive 2. |
Community Driven NiFi Controller Services
AWSCredentialsProviderControllerService
ConfluentSchemaRegistry
GCPCredentialsControllerService
GraphiteMetricReporterService
IPLookupService
JettyWebSocketClient
JettyWebSocketServer
LivySessionController
MongoDBControllerService
MongoDBLookupService
PropertiesFileLookupService
RedisConnectionPoolService
RedisDistributedMapCacheClientService
SimpleCsvFileLookupService
SimpleKeyValueLookupService
XMLFileLookupService
Community Driven NiFi Reporting Tasks
DataDogReportingTask
MetricsReportingTask
SiteToSiteBulletinReportingTask
SiteToSiteStatusReportingTask
StandardGangliaReporter
Unsupported Customizations
Hortonworks cannot guarantee that default NiFi processors are compatible with proprietary protocol implementations or proprietary interface extensions. For example, we support interfaces like JMS and JDBC that are built around standards, specifications, or open protocols. But we do not support customizations of those interfaces, or proprietary extensions built on top of those interfaces.
Deprecated Technologies
This section points out any technology from previous releases that has been deprecated or removed from this release (operating systems, Java versions, databases, product features). Use this section as a guide for your implementation plans.
- Deprecated
Technology that Hortonworks is removing in a future release. Deprecated items are supported until they are removed; deprecation gives you time to plan for removal.
- Removed
Technology that Hortonworks has removed from production and is no longer supported.
Table 1.2. Deprecated Operating Systems
Operating System | Release Deprecated | Release Removed |
---|---|---|
Ubuntu 12 | HDF 3.0.0 | HDF 3.0.0 |
Debian 6 | HDF 2.1.2 | HDF 3.0.0 |
Table 1.3. Deprecated NiFi Processors
Processor | Release Deprecated |
---|---|
ConvertCSVToAvro | HDF 3.0.0 |
ConvertJSONToAvro | HDF 3.0.0 |
GetKafka | HDF 2.0.0 |
PutKafka | HDF 2.0.0 |
EvaluateRegularExpression | HDF 1.0.0 |
Table 1.4. Deprecated Kafka APIs
API | Release Deprecated | Use Instead |
---|---|---|
kafka.producer.Producer | HDF 3.1.0 | org.apache.kafka.clients.producer.KafkaProducer |
kafka.consumer.SimpleConsumer | HDF 3.1.0 | org.apache.kafka.clients.consumer.KafkaConsumer |
SecurityProtocol.PLAINTEXTSASL | HDF 3.1.0 | SASL_PLAINTEXT |
HDF Repository Locations
Use the following table to identify the HDF 3.1.1 repository location for your operating system and operational objectives. HDF 3.1.1 supports the following operating systems:
Table 1.5. RHEL/Oracle Linux/CentOS 6 HDF repository & additional download locations
Table 1.6. RHEL/Oracle Linux/CentOS 7 HDF repository & additional download locations
Table 1.7. SLES 11 SP3/SP4 HDF repository & additional download locations
Table 1.8. SLES 12 HDF repository & additional download locations
Table 1.9. Ubuntu 14 HDF repository & additional download locations
Table 1.10. Ubuntu 16 HDF repository & additional download locations
Table 1.11. Debian 7 HDF repository & additional download locations
Table 1.12. NiFi and MiNiFi MSI files
HDF Repository Location for IBM Power Systems
Table 1.13. RHEL 7 HDF repository & additional download locations
OS | Format | Download location |
---|---|---|
RHEL 7 (64-bit): | HDF Build Number | 3.1.1.0-35 |
HDF Base URL | http://public-repo-1.hortonworks.com/HDF/centos7-ppc/3.x/updates/3.1.1.0 | |
HDF Repo | http://public-repo-1.hortonworks.com/HDF/centos7-ppc/3.x/updates/3.1.1.0/hdf.repo | |
RPM tarball | http://public-repo-1.hortonworks.com/HDF/centos7-ppc/3.x/updates/3.1.1.0/HDF-3.1.1.0-centos7-ppc-rpm.tar.gz | |
Tars tarball | http://public-repo-1.hortonworks.com/HDF/centos7-ppc/3.x/updates/3.1.1.0/HDF-3.1.1.0-centos7-ppc-tars-tarball.tar.gz | |
HDF Management Pack | http://public-repo-1.hortonworks.com/HDF/centos7-ppc/3.x/updates/3.1.1.0/tars/hdf_ambari_mp/hdf-ambari-mpack-3.1.1.0-35.tar.gz | |
HDP and Ambari Repositories | ||
Ambari | http://public-repo-1.hortonworks.com/ambari/centos7-ppc/2.x/updates/2.6.1.0/ambari.repo | |
HDP |
http://public-repo-1.hortonworks.com/HDP/centos7-ppc/2.x/updates/2.6.4.0/hdp.repo | |
HDP-UTILS | http://public-repo-1.hortonworks.com/HDP-UTILS-1.1.0.22/repos/centos7-ppc/hdp-util.repo |
Common Vulnerabilities and Exposures
The following CVEs have been fixed in HDF 3.1.x.
CVE-2017-12632
Summary: Apache NiFi host header poisoning issue |
Severity: Medium |
Versions Affected: Apache NiFi 0.1.0 - 1.4.0, HDF 1.x, 2.x, 3.0.x |
Description: A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. |
Mitigation: The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. HDF users should upgrade to HDF 3.1.0. |
CVE-2017-15697
Summary: Apache NiFi XSS issue in context path handling |
Severity: Moderate |
Versions Affected: Apache NiFi 1.0.0 - 1.4.0, HDF 2.0.0 - 3.0.x |
Description: A malicious X-ProxyContextPath or X-Forwarded-Context header containing external resources or embedded code could cause remote code execution. |
Mitigation: The fix to properly handle these headers was applied on the Apache NiFi 1.5.0 release. HDF users should upgrade to HDF 3.1.0. |
CVE-2017-12623
Summary: Apache NiFi XXE issue in template XML upload |
Severity: Important |
Versions Affected: Apache NiFi 1.0.0 - 1.3.0; HDF 2.x, 3.0.0 - 3.0.1.1 |
Impact: Any authenticated user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity (XXE) attack. |
Mitigation: The fix to properly handle XML External Entities was applied on the Apache NiFi 1.4.0 release. Users running a prior 1.x release should upgrade to the appropriate release. HDF users should upgrade to HDF 3.1.0. |
CVE-2017-15703
Summary: Apache NiFi Java deserialization issue in template XML upload |
Severity: Moderate |
Versions Affected: Apache NiFi 1.0.0 - 1.3.0; HDF 2.x, 3.0.0 - 3.0.1.1 |
Description: Any authenticated user (valid client certificate but without ACL permissions) could upload a template which contained malicious code and caused a denial of service via Java deserialization attack. |
Mitigation: The fix to properly handle Java deserialization was applied on the Apache NiFi 1.4.0 release. HDF users should upgrade to HDF 3.1.0. |
Known Issues
Hortonworks Bug ID |
Apache JIRA |
Component |
Summary |
---|---|---|---|
BUG-97319 | Ambari/NiFi |
Issue: After you have upgraded HDF services on an HDP cluster, you may experience issues starting NiFi. Problem: After upgrade, NiFi starts but Ambari reports that it is stopped. The command line NiFi service is running on the host. Workaround: To work around this issue, click the Ambari option for NiFi. NiFi starts successfully. | |
BUG-94090 | SAM |
Issue: You may be unable to import some topologies from HDF 3.0.x Problem: When you have a new HDF 3.1.0 installation, you cannot import topologies created in HDF 3.0.x. Workaround: To work around this issue, you can upgrade your existing version of HDF to HDF 3.1.0. | |
NiFi |
Issue: When you have upgraded HDF services on your HDP cluster, the NiFi version number displayed in Ambari does not change from NiFi 1.2.0 to NiFi 1.5.0. Workaround: After performing the upgrade scenario for HDF services on an HDP cluster as documented in the Ambari Managed HDF Upgrade documentation, disregard the NiFi version displayed in Ambari. NiFi has been successfully upgraded. | ||
NiFi |
Issue: Unable to load native library. Associated error message: You may encounter an error message similar to one of the following:
Problem: Native libraries can only be loaded into the Java runtime by a single ClassLoader. Once a ClassLoader loads a native library, subsequent attempts to load that same native library by a different ClassLoader will fail. If multiple components in NiFi attempt to load a native library, it will fail to do so and the components may fail to execute if it attempts to use those native libraries. Whether those components fail ultimately depend on the order they are loaded and executed which is not guaranteed by NiFi. This will occur most frequently with components that leverage the native Hadoop library. These components include but are not limited to:
Workaround: This issue is most frequently encountered using an HDFS Processor with a Compression Codec that Hadoop leverages native libraries to implement. In this scenario, the dataflow can be updated to utilize a CompressContent Processor before/after the HDFS Processor to apply the desired compression. The CompressContent does not leverage native libraries and will not be susceptible to this known issue. | ||
BUG-94989 | Storm/Ambari |
Issue: When performing an Ambari managed rolling upgrade, you may encounter an inaccurate warning message indicating that Storm topologies need to be stopped. Associated error message:
Workaround: You may safely ignore this error message. Storm topologies do not need to be stopped before performing a rolling upgrade. | |
KNOX-1108 | NiFi/Knox |
Issue: NiFi/Knox integration does not support HA. In NiFiHaDispatch, executeRequest is overridden and does not have the try/catch block in DefaultHaDispatch's executeRequest method which is used to catch exceptions and begin the fail over process. Workaround: There is no workaround for this issue. | |
BUG-90903 | N/A | NiFi/Knox |
Issue: Knox HA failover for NiFi is not supported. Workaround: There is no workaround for this issue. |
BUG-63132 | N/A | Storm |
Summary: Solr bolt does not run in a Kerberos environment. Associated error message: The following is an example:
Workaround: None at this time. |
Third-Party Licenses
HDF 3.1.1 deploys numerous third-party licenses and dependencies, all of which are compatible with the Apache software license. For complete third-party license information, see the licenses and notice files contained within the distribution.