Ververica Platform 2.13.4
Release Date: 2024-09-13
Changelog
Apache Flink®
Ververica Platform 2.13.4 supports the following versions:
- Apache Flink® 1.19
- Apache Flink® 1.18
- Apache Flink® 1.17
Ververica Platform 2.13.4 supports Apache Flink® 1.19, Apache Flink® 1.18, and Apache Flink® 1.17 under SLA.
For Stream Edition the following Apache Flink® Docker images are available. Please check Ververica Platform Docker Images for all available Apache Flink® images and additional tags.
- 1.17.2-stream4-scala_2.12-java8
- 1.17.2-stream4-scala_2.12-java11
- 1.18.1-stream4-scala_2.12-java8
- 1.18.1-stream4-scala_2.12-java11
- 1.18.1-stream4-scala_2.12-java17
- 1.19.0-stream2-scala_2.12-java8
- 1.19.0-stream2-scala_2.12-java11
- 1.19.0-stream2-scala_2.12-java17
For Spring Edition the following archives are available:
Improvements
Enhanced security for S3 credentials
In this version, we've enhanced credential security for Flink cluster deployment. S3 credentials, previously stored in a ConfigMap, are now securely stored in a Kubernetes/OpenShift secret, ensuring better protection and restricted access to sensitive information.
This feature can be enabled by setting the property vvp.useSecretForFlinkConfig
to true
.
It is not recommended to change this property value after creating a Session Cluster or Deployment as it may break existing jobs.
Bug fixes
Incorrect Job status displayed as 'FINISHED' after Failure
In Ververica Platform version 2.9.1, a bug caused failed jobs to be incorrectly shown as 'FINISHED' in the UI, leading to potential confusion during monitoring and debugging. The issue has been fixed in the accompanied Ververica Platform Flink versions (i.e. 1.17.2-stream/spring4, 1.18.1-stream/spring4, and 1.19.0-stream/spring2), ensuring job statuses are accurately displayed.
Out of Memory error when uploading large Artifacts
In Ververica Platform version 2.x, uploading large artifacts (e.g., 400 MB) via the Artifacts menu caused out-of-memory errors on the Gateway container due to the entire file being loaded into memory before upload. This patch optimizes the process to prevent these errors, ensuring stable handling of large artifacts.
Fixed SQL Editor Run button spinning indefinitely
We've fixed a bug in the SQL Editor where the Run button would spin indefinitely, even after a SQL query had completed or was streaming results. This issue led users to mistakenly believe the query execution had failed. Now, the Run button correctly stops spinning and re-enables as soon as the query results appear.
Fixed duplicate entry issue in Catalogs table
In Ververica Platform version 2.13.0, a bug was identified that could cause SQL deployment creation to fail due to a duplicate entry error in the catalog_databases
table.
This issue prevented job graph creation, blocking SQL job deployments.
The error stemmed from conflicting catalog names in the metadata database.
This update resolves the problem by properly managing catalog entries, preventing duplicates, and ensuring SQL deployments proceed without errors.
Fixed incorrect application status for Failed Jobs
In Ververica Platform version 2.9.1 with Flink 1.15.3, a bug caused a failed Flink job to be incorrectly marked as SUCCEEDED in the application status, even though the job had reached a globally-terminal FAILED state. This occurred because the JobManager pod, still active after the failure, attempted to resubmit the job with the same job ID. Since the job's state was retained in the HA store, Flink ignored the resubmission but incorrectly set the application status to SUCCEEDED. This update fixes the issue, ensuring the application status correctly reflects the FAILED state, allowing for accurate job monitoring in the Ververica Platform UI.
Vulnerability Fixes (outside of Apache Flink®)
- Content Security Policy violations for unsafe-eval have been addressed
- Upgraded tomcat to 10.1.25, which resolves CVE-2024-34750
- Upgraded okio to 3.6.0, which resolves CVE-2023-3635
- Upgraded commons-configuration2 to 2.11.0, which resolves CVE-2024-29131, CVE-2024-29133
Vulnerability Fixes (inside of Apache Flink®)
- Upgraded pyarrow to 17, which resolves CVE-2023-47248
- Upgraded pymongo to 4.8, which resolves CVE-2024-5629
- Upgraded numpy to 1.24.4, which resolves CVE-2021-34141
- Upgraded python3.8 to fix CVE-2023-6597, CVE-2024-4032, CVE-2024-0450, CVE-2024-0397
- Upgraded urllib3 to fix CVE-2024-37891
- Upgraded wget to fix CVE-2024-38428
- Upgraded openssl to fix CVE-2024-5535, CVE-2024-2511, CVE-2024-4741
- Upgraded glibc to fix CVE-2024-33599, CVE-2024-33602, CVE-2024-33601, CVE-2024-33600
- Upgraded certifi to fix CVE-2024-39689
Upgrade
As always, we recommend upgrading via Helm using the following commands:
$ helm repo add ververica https://charts.ververica.com
$ helm repo update
$ helm upgrade [RELEASE] ververica/ververica-platform --version 5.9.4 --values custom-values.yaml