e5.1.0
版本发布时间: 2023-06-21 21:58:34
emqx/emqx最新发布版本:v5.8.3(2024-12-05 23:56:16)
e5.1.0
Compare base: e5.0.4
Enhancements
- #11035 Upgraded Cassandra driver to avoid username and password leakage in data bridge logs.
- #10584 Added log level configuration to SSL communication
- #10678 Optimized counter increment calls to avoid work if increment is zero.
- #10690 Added a retry mechanism to webhook bridge that attempts to improve throughput. This optimization retries request failures without blocking the buffering layer, which can improve throughput in situations of high messaging rate.
-
#10702 Introduced a more straightforward configuration option
keepalive_multiplier
and deprecate the oldkeepalive_backoff
configuration. After this enhancement, EMQX checks the client's keepalive timeout status period by multiplying the "Client Requested Keepalive Interval" withkeepalive_multiplier
. - #10698 Optimized memory usage when accessing the configuration during runtime.
- #10778 Refactored Pulsar Producer bridge to avoid leaking resources in case bridge crashed during initialization phase.
- #10813 Refactored Kafka Producer and Consumer bridges to avoid leaking resources in case bridge crashed during initialization phase.
- #10858 A new utility function timezone_to_offset_seconds/1 has been added to the rule engine SQL language. This function converts a timezone string (for example, "+02:00", "Z" and "local") to the corresponding offset in seconds.
- #10841 Added a schema validation to ensure message key is not empty when "key_dispatch" strategy is selected in Kafka and Pulsar Producer bridges.
-
#10754 The MQTT bridge has been enhanced to utilize connection pooling and leverage available parallelism, substantially improving throughput.
As a consequence, single MQTT bridge now uses a pool of
clientid
s to connect to the remote broker. -
#10782 Added a new
deliver_rate
option to the retainer configuration, which can limit the maximum delivery rate per session in the retainer. - #10877 Upgraded RocketMQ driver to enhance security for sensitive data.
- #10598 Provided a callback method of Unary type in ExProto to avoid possible message disorder issues.
- #10895 Refactored most of the bridges to avoid resource leaks in case bridge crashed during initialization phase.
- #10790 Optimized access to configuration in runtime by reducing overhead of reading configuration per zone.
- #10892 Added the requirement for setting SID or Service Name in Oracle Database bridge creation.
-
#10910 The data bridge resource option
auto_restart_interval
was deprecated in favor ofhealth_check_interval
, andrequest_timeout
was renamed torequest_ttl
. Also, the defaultrequest_ttl
value went from 15 seconds to 45 seconds. The previous existence of bothauto_restart_interval
andhealth_check_interval
was a source of confusion, as both parameters influenced the recovery of data bridges under failures. An inconsistent configuration of those two parameters could lead to messages being expired without a chance to retry. Now,health_check_interval
is used both to control the interval of health checks that may transition the data bridge intodisconnected
orconnecting
states, as well as recovering fromdisconnected
. - #10929 Upgraded Erlang/OTP to 25.3.2-1.
- #10909 Removed the deprecated HTTP APIs for gateways.
- #10908 Refactored the RocketMQ bridge to avoid resources leaks in case bridge crashed during initialization phase.
- #10924 Refactored Influxdb bridge connector to avoid resource leaks in case bridge crashed during initialization phase.
- #10944 Improved the GCP PubSub bridge to avoid a potential issue that the bridge could fail to send messsages after node restart.
- #10933 Added support for configuring TCP keep-alive in MQTT/TCP and MQTT/SSL listeners.
-
#10948 Added
live_connections
field for some HTTP APIs, i.e:-
/monitor_current
,/monitor_current/nodes/{node}
-
/monitor/nodes/{node}
,/monitor
-
/node/{node}
,/nodes
-
-
#10941 Improved the collection speed of Prometheus metrics when setting
prometheus.vm_dist_collector=disabled
and metricerlang_vm_statistics_run_queues_length_total
is renamed toerlang_vm_statistics_run_queues_length
-
#10985 Renamed
emqx ctl
commandcluster_call
toconf cluster_sync
. The old commandcluster_call
is still a valid command, but not included in usage info. - #10988 Improved log security when data bridge creation fails to ensure sensitive data is always obfuscated.
-
#10926 Allowed
enable
as well asenabled
as the state flag for listeners. Prior to this change, listener can be enable/disabled by setting thetrue
orfalse
on theenabled
config. This is slightly different naming comparing to other state flags in the system. Now theenable
flag is added as an alias in listener config. - #10970 A query_mode parameter has been added to the Kafka producer bridge. This parameter allows you to specify if the bridge should use the asynchronous or synchronous mode when sending data to Kafka. The default is asynchronous mode.
-
#10676 Added CLI commands
emqx ctl export
andemqx ctl import
for importing/exporting configuration and user data. This allows exporting configurations and built-in database data from a running EMQX cluster and importing them into the same or another running EMQX cluster. - #11003 Added an option to configure TCP keepalive in Kafka bridge.
-
#10961 Added support for unlimited max connections for gateway listeners by allowing infinity as a valid value for the
max_connections
field in the configuration and HTTP API. - #11019 Improved log security for JWT, now it will be obfuscated before print.
-
#11024 Added a small improvement to reduce the chance of seeing the
connecting
state when creating/updating a Pulsar Producer bridge. -
#11034 Hid the broker config and changed the
broker.shared_subscription_strategy
tomqtt.shared_subscription_strategy
as it belongs tomqtt
. -
#11045 The listener's authentication and zone related apis have been officially removed in version
5.1.0
. -
#11062 Renamed config
log.file.to
tolog.file.path
.
Bug Fixes
-
#11018 Fixed multiple issues with the Stomp gateway, including:
- Fixed an issue where
is_superuser
was not working correctly. - Fixed an issue where the mountpoint was not being removed in message delivery.
- After a message or subscription request fails, the Stomp client should be disconnected immediately after replying with an ERROR message.
- Fixed an issue where
-
#11051 Added validation to ensure that certificate
depth
(listener SSL option) is a non negative integer. -
#10563 Corrected an issue where the no_local flag was not functioning correctly in subscription.
-
#10653 Stored gateway authentication TLS certificates and keys in the data directory to fix the problem of memory leakage.
-
#10682 Fixed the timestamp for the will message is incorrectly assigned at the session creation time, now this timestamp is the disconnected time of the session.
-
#10701 RPM package for Amazon Linux 2 did not support TLS v1.3 as it was assembled with Erlang/OTP built with openssl 1.0.
-
#10677 Fixed an issue in the Rule API where attempting to delete a non-existent rule resulted in a 404 HTTP error code response.
-
#10715 Support for getting the client certificate in the client.connected hook. Previously, this data was removed after the connection was established to reduce memory usage.
-
#10737 Fixed the issue where the HTTP API interface of Gateway cannot handle ClientIDs with special characters, such as:
!@#$%^&*()_+{}:"<>?/
. -
#10809 Addressed
** ERROR ** Mnesia post_commit hook failed: error:badarg
error messages happening during node shutdown or restart. Mria pull request: https://github.com/emqx/mria/pull/142 -
#10807 The debug-level logs related to license checks will no longer be printed. These logs were generated too frequently and could interfere with log recording.
-
#10818 Fixed
emqx_ctl traces
command error where thetraces start
command in theemqx_mgmt_cli
module was not working properly with some filters. -
#10600 Deleted emqx_statsd application.
-
#10820 Fixed the issue where newly added nodes in the cluster would not apply the new license after a cluster license update and would continue to use the old license. Sometimes the new node must start with a outdated license. e.g. use emqx-operator deployed and needed to scale up after license expired. At the time the cluster's license key already updated by API/CLI, but the new node won't use it.
-
#10851 Obfuscated sensitive data in the bad API logging.
-
#10884 Fixed an issue where trying to get rule info or metrics could result in a crash when a node is joining a cluster.
-
#10887 Fixed a potential issue where requests to bridges might take a long time to be retried. This only affected low throughput scenarios, where the buffering layer could take a long time to detect connectivity and driver problems.
-
#10878 Fixed a vulnerability in the RabbitMQ bridge, which could potentially expose passwords to log files.
-
#10871 Fixed an issue where the Dashboard shows that the connection still exists after a CoAP connection is disconnected, but deletion and message posting requests do not take effect.
-
#10880 Added a new REST API
POST /clients/kickout/bulk
for kicking out multiple clients in bulk. -
#10913 Fixed an issue where the plugin status REST API of a node would still include the cluster node status after the node left the cluster.
-
#10923 Fixed a race-condition in channel info registration. Prior to this fix, when system is under heavy load, it might happen that a client is disconnected (or has its session expired) but still can be found in the clients page in dashboard. One of the possible reasons is a race condition fixed in this PR: the connection is killed in the middle of channel data registration.
-
#10930 Added a schema validation for duration data type to avoid invalid values. Before this fix, it was possible to use absurd values in the schema that would exceed the system limit, causing a crash.
-
#10952 Disallow enabling
fail_if_no_peer_cert
in listener SSL options ifverify = verify_none
is set. Settingfail_if_no_peer_cert = true
andverify = verify_none
caused connection errors due to incompatible options. This fix validates the options when creating or updating a listener to avoid these errors.Note: any old listener configuration with
fail_if_no_peer_cert = true
andverify = verify_none
that was previously allowed will fail to load after applying this fix and must be manually fixed. -
#10951 Fixed the issue in MQTT-SN gateway when the
mountpoint
did not take effect on message publishing. -
#10943 Deprecated UDP mcast mechanism for cluster discovery. This feature has been planed for deprecation since 5.0 mainly due to the lack of actual production use. This feature code is not yet removed in 5.1, but the document interface is demoted.
-
#10902 Avoid syncing cluser.hocon file from the nodes running a newer version than the self-node. During cluster rolling upgrade, if an older version node has to restart due to whatever reason, if it copies the
cluster.hocon
file from a newer version node, it may fail to start. After this fix, the older version node will not copy thecluster.hocon
file from a newer, so it will use its owncluster.hocon
file to start. -
#10967 Fixed error message formatting in rebalance API: previously they could be displayed as unclear dumps of internal Erlang structures. Added
wait_health_check
option to node evacuation CLI and API. This is a time interval when the node reports "unhealthy status" without beginning actual evacuation. We need this to allow a Load Balancer (if any) to remove the evacuated node from balancing and not forward (re)connecting clients to the evacuated node. -
#10911 The error message and log entry that appear when one tries to create a bridge with a name the exceeds 255 bytes is now easier to understand.
-
#10983 Fixed the issue when mqtt clients could not connect over TLS if the listener was configured to use TLS v1.3 only. The problem was that TLS connection was trying to use options incompatible with TLS v1.3.
-
#10977 Fixed the delay in updating subscription count metric and corrected configuration issues in Stomp gateway.
-
#10950 Fixed the issue where the
enable_qos
option does not take effect in the MQTT-SN gateway. -
#10999 Changed schema validation for Kafka fields 'Partition Count Refresh Interval' and 'Offset Commit Interval' to avoid accepting values larger then maximum allowed.
-
#10997 The ClickHouse bridge had a problem that could cause messages to be dropped when the ClickHouse server is closed while sending messages even when the request_ttl is set to infinity. This has been fixed by treating errors due to a closed connection as recoverable errors.
-
#10994 Redacted
proxy-authorization
headers as used by HTTP connector to avoid leaking secrets into log files. -
#10996 For any unknown HTTP/API request, the default response is a 404 error rather than the dashboard's index.html.
-
#11005 Fixed the issue where the
method
field cannot be correctly printed in the trace logs of AuthN HTTP. -
#11006 Fixed QUIC listeners's default cert file paths. Prior to this change, the default cert file paths are prefixed with environment variable
${EMQX_ETC_DIR}
which were not interpolated before used in QUIC listeners. -
#10998 Do not allow
batch_size
option for MongoDB bridge resource. MongoDB connector currently does not support batching, thebatch_size
config value is forced to be 1 if provided. -
#10955 Fixed the issue in MQTT-SN gateway where deleting Predefined Topics configuration does not work.
-
#11025 Fixed a
case_clause
error that could arise in race conditions in Pulsar Producer bridge. -
#11030 Improved error messages when a validation error occurs while using the Listeners HTTP API.
-
#11033 Deprecated the
mountpoint
field inAuthenticateRequest
in ExProto gateway. This field was introduced in e4.x, but in fact, in e5.0 we have providedgateway.exproto.mountpoint
for configuration, so there is no need to override it through the Authenticate request.Additionally, updates the default value of
subscriptions_max
,inflight_max
,mqueue_max
toinfinity
. -
#11040 Fixed a health check issue for Kafka Producer that could lead to loss of messages when the connection to Kafka's brokers were down.
-
#11038 Fixed a health check issue for Pulsar Producer that could lead to loss of messages when the connection to Pulsar's brokers were down.
-
#11042 Fixed crash on REST API
GET /listeners
when listener'smax_connections
is set to a string. -
#11028 Disallowed using multiple TLS versions in the listener config that include tlsv1.3 but exclude tlsv1.2. Using TLS configuration with such version gap caused connection errors. Additionally, drop and log TLS options that are incompatible with the selected TLS version(s).
Note: any old listener configuration with the version gap described above will fail to load after applying this fix and must be manually fixed.
-
#11031 Fixed credential validation when creating bridge and checking status for InfluxDB Bridges.
-
#11056 Fixed the issue where newly created listeners sometimes do not start properly. When you delete a system default listener and add a new one named 'default', it will not start correctly.
- Fixed the bug where configuration failure on certain nodes can cause Dashboard unavailability.
-
#11070 Fixed the problem that the
cluster.autoclean
configuration item does not take effect. -
#11092 and #11100 Fixed problem when replicant nodes were unable to connect to the core node due to timeout in
mria_lb:core_nodes()
call. Relevant mria pull request: https://github.com/emqx/mria/pull/143
Breaking Changes
Known Issues
1、 emqx-enterprise-5.1.0-amzn2-amd64.rpm 51.91MB
2、 emqx-enterprise-5.1.0-amzn2-amd64.rpm.sha256 64B
3、 emqx-enterprise-5.1.0-amzn2-amd64.tar.gz 73.6MB
4、 emqx-enterprise-5.1.0-amzn2-amd64.tar.gz.sha256 64B
5、 emqx-enterprise-5.1.0-amzn2-arm64.rpm 51.24MB
6、 emqx-enterprise-5.1.0-amzn2-arm64.rpm.sha256 64B
7、 emqx-enterprise-5.1.0-amzn2-arm64.tar.gz 66.3MB
8、 emqx-enterprise-5.1.0-amzn2-arm64.tar.gz.sha256 64B
9、 emqx-enterprise-5.1.0-debian10-amd64.deb 45.76MB
10、 emqx-enterprise-5.1.0-debian10-amd64.deb.sha256 64B
11、 emqx-enterprise-5.1.0-debian10-amd64.tar.gz 76.89MB
12、 emqx-enterprise-5.1.0-debian10-amd64.tar.gz.sha256 64B
13、 emqx-enterprise-5.1.0-debian10-arm64.deb 44.91MB
14、 emqx-enterprise-5.1.0-debian10-arm64.deb.sha256 64B
15、 emqx-enterprise-5.1.0-debian10-arm64.tar.gz 67.71MB
16、 emqx-enterprise-5.1.0-debian10-arm64.tar.gz.sha256 64B
17、 emqx-enterprise-5.1.0-debian11-amd64.deb 45.8MB
18、 emqx-enterprise-5.1.0-debian11-amd64.deb.sha256 64B
19、 emqx-enterprise-5.1.0-debian11-amd64.tar.gz 75.16MB
20、 emqx-enterprise-5.1.0-debian11-amd64.tar.gz.sha256 64B
21、 emqx-enterprise-5.1.0-debian11-arm64.deb 44.96MB
22、 emqx-enterprise-5.1.0-debian11-arm64.deb.sha256 64B
23、 emqx-enterprise-5.1.0-debian11-arm64.tar.gz 67.33MB
24、 emqx-enterprise-5.1.0-debian11-arm64.tar.gz.sha256 64B
25、 emqx-enterprise-5.1.0-el7-amd64.rpm 51.75MB
26、 emqx-enterprise-5.1.0-el7-amd64.rpm.sha256 64B
27、 emqx-enterprise-5.1.0-el7-amd64.tar.gz 66.35MB
28、 emqx-enterprise-5.1.0-el7-amd64.tar.gz.sha256 64B
29、 emqx-enterprise-5.1.0-el7-arm64.rpm 51.19MB
30、 emqx-enterprise-5.1.0-el7-arm64.rpm.sha256 64B
31、 emqx-enterprise-5.1.0-el7-arm64.tar.gz 65.31MB
32、 emqx-enterprise-5.1.0-el7-arm64.tar.gz.sha256 64B
33、 emqx-enterprise-5.1.0-el8-amd64.rpm 50.41MB
34、 emqx-enterprise-5.1.0-el8-amd64.rpm.sha256 64B
35、 emqx-enterprise-5.1.0-el8-amd64.tar.gz 77MB
36、 emqx-enterprise-5.1.0-el8-amd64.tar.gz.sha256 64B
37、 emqx-enterprise-5.1.0-el8-arm64.rpm 49.62MB
38、 emqx-enterprise-5.1.0-el8-arm64.rpm.sha256 64B
39、 emqx-enterprise-5.1.0-el8-arm64.tar.gz 67.82MB
40、 emqx-enterprise-5.1.0-el8-arm64.tar.gz.sha256 64B
41、 emqx-enterprise-5.1.0-el9-amd64.rpm 47.9MB
42、 emqx-enterprise-5.1.0-el9-amd64.rpm.sha256 64B
43、 emqx-enterprise-5.1.0-el9-amd64.tar.gz 75.19MB
44、 emqx-enterprise-5.1.0-el9-amd64.tar.gz.sha256 64B
45、 emqx-enterprise-5.1.0-el9-arm64.rpm 47.33MB
46、 emqx-enterprise-5.1.0-el9-arm64.rpm.sha256 64B
47、 emqx-enterprise-5.1.0-el9-arm64.tar.gz 67.6MB
48、 emqx-enterprise-5.1.0-el9-arm64.tar.gz.sha256 64B
49、 emqx-enterprise-5.1.0-macos11-amd64.zip 57.12MB
50、 emqx-enterprise-5.1.0-macos11-amd64.zip.sha256 65B
51、 emqx-enterprise-5.1.0-macos12-amd64.zip 57.11MB
52、 emqx-enterprise-5.1.0-macos12-amd64.zip.sha256 65B
53、 emqx-enterprise-5.1.0-macos12-arm64.zip 56.41MB
54、 emqx-enterprise-5.1.0-macos12-arm64.zip.sha256 65B
55、 emqx-enterprise-5.1.0-ubuntu18.04-amd64.deb 45.86MB
56、 emqx-enterprise-5.1.0-ubuntu18.04-amd64.deb.sha256 64B
57、 emqx-enterprise-5.1.0-ubuntu18.04-amd64.tar.gz 73.73MB
58、 emqx-enterprise-5.1.0-ubuntu18.04-amd64.tar.gz.sha256 64B
59、 emqx-enterprise-5.1.0-ubuntu18.04-arm64.deb 44.93MB
60、 emqx-enterprise-5.1.0-ubuntu18.04-arm64.deb.sha256 64B
61、 emqx-enterprise-5.1.0-ubuntu18.04-arm64.tar.gz 66.19MB
62、 emqx-enterprise-5.1.0-ubuntu18.04-arm64.tar.gz.sha256 64B
63、 emqx-enterprise-5.1.0-ubuntu20.04-amd64.deb 45.88MB
64、 emqx-enterprise-5.1.0-ubuntu20.04-amd64.deb.sha256 64B
65、 emqx-enterprise-5.1.0-ubuntu20.04-amd64.tar.gz 77.58MB
66、 emqx-enterprise-5.1.0-ubuntu20.04-amd64.tar.gz.sha256 64B
67、 emqx-enterprise-5.1.0-ubuntu20.04-arm64.deb 45.04MB
68、 emqx-enterprise-5.1.0-ubuntu20.04-arm64.deb.sha256 64B
69、 emqx-enterprise-5.1.0-ubuntu20.04-arm64.tar.gz 68.38MB
70、 emqx-enterprise-5.1.0-ubuntu20.04-arm64.tar.gz.sha256 64B
71、 emqx-enterprise-5.1.0-ubuntu22.04-amd64.deb 47.53MB
72、 emqx-enterprise-5.1.0-ubuntu22.04-amd64.deb.sha256 64B
73、 emqx-enterprise-5.1.0-ubuntu22.04-amd64.tar.gz 75.54MB
74、 emqx-enterprise-5.1.0-ubuntu22.04-amd64.tar.gz.sha256 64B
75、 emqx-enterprise-5.1.0-ubuntu22.04-arm64.deb 46.97MB
76、 emqx-enterprise-5.1.0-ubuntu22.04-arm64.deb.sha256 64B
77、 emqx-enterprise-5.1.0-ubuntu22.04-arm64.tar.gz 67.83MB
78、 emqx-enterprise-5.1.0-ubuntu22.04-arm64.tar.gz.sha256 64B