Author: buildbot
Date: Mon Feb 16 22:31:36 2015
New Revision: 940408
Log:
Staging update by buildbot for accumulo
Modified:
websites/staging/accumulo/trunk/content/ (props changed)
websites/staging/accumulo/trunk/content/release_notes/1.6.2.html
Propchange: websites/staging/accumulo/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Mon Feb 16 22:31:36 2015
@@ -1 +1 @@
-1660226
+1660234
Modified: websites/staging/accumulo/trunk/content/release_notes/1.6.2.html
==============================================================================
--- websites/staging/accumulo/trunk/content/release_notes/1.6.2.html (original)
+++ websites/staging/accumulo/trunk/content/release_notes/1.6.2.html Mon Feb 16
22:31:36 2015
@@ -275,11 +275,21 @@ the classpath to communicate with the Ti
configuration files to include the necessary dependencies for the
TimelineServer to ensure that YARN job
submission operates as previously.</p>
<h2 id="performance-improvements">Performance Improvements</h2>
-<p>Apache Accumulo 1.6.2 includes a number of performance-related fixes over
previous versions.</p>
-<h3 id="improvement-1">Improvement 1</h3>
-<h3 id="improvement-2">Improvement 2</h3>
+<h3 id="user-scans-can-block-root-and-metadata-table-scans">User scans can
block root and metadata table scans</h3>
+<p>The TabletServer provides a feature to limit the number of open files as a
resource management configuration.
+To perform a scan against a normal table, the metadata and root table, when
not cached, need to be consulted
+first. With a sufficient number of concurrent scans against normal tables,
adding to the open file count,
+scans against the metadata and root tables could be blocked from running
because no files can be opened.
+This prevents other system operations from happening as expected. <a
href="https://issues.apache.org/jira/browse/ACCUMULO-3297";>ACCUMULO-3297</a>
fixes the internal semaphore
+used to implement this resource management to ensure that root and metadata
table scans can proceed.</p>
<h2 id="other-improvements">Other improvements</h2>
-<h3 id="improvement-1_1">Improvement 1</h3>
+<h3 id="limit-available-ciphers-for-ssltls">Limit available ciphers for
SSL/TLS</h3>
+<p>Since Apache Accumulo 1.5.2 and 1.6.1, the <a
href="http://en.wikipedia.org/wiki/POODLE";>POODLE</a> man-in-the-middle attack
was found which exploits a client's
+ability to fallback to the SSLv3.0 protocol. The main mitigation strategy was
to prevent the use of old ciphers/protocols
+when using SSL connectors. In Accumulo, both the Apache Thrift RPC servers and
Jetty server for the Accumulo
+monitor have the ability to enable SSL. <a
href="https://issues.apache.org/jira/browse/ACCUMULO-3316";>ACCUMULO-3316</a> is
the parent issue which provides new configuration
+properties in accumulo-site.xml which can limit the accepted
ciphers/protocols. By default, insecure or out-dated
+protocols have been removed from the default set in order to protect users by
default.</p>
<h2 id="documentation">Documentation</h2>
<p>The following documentation updates were made: </p>
<h2 id="testing">Testing</h2>
@@ -305,11 +315,11 @@ and, in HDFS High-Availability instances
</tr>
<tr>
<td>CentOS 6</td>
- <td>Keith TBD</td>
+ <td><strong>Keith TBD<strong></td>
<td>20</td>
- <td>Keith TBD</td>
+ <td><strong>Keith TBD<strong></td>
<td>No</td>
- <td>(Keith Verify this) ContinuousIngest w/ verification w/ and w/o
agitation (31B and 21B entries, respectively)</td>
+ <td><strong>Keith Verify this<strong> ContinuousIngest w/ verification w/
and w/o agitation (31B and 21B entries, respectively)</td>
</tr>
</table></p>
</div>
