Version 2.6.0.0

New Features

Rhino 2.6.0 introduces the following major new features:

  • New logging subsystem based on Log4j 2. See the logging documentation.

    • Built-in Log4j 2 appenders and filters can be used.

    • Log pattern is now configurable.

    • The timestamp in log messages now includes the timezone.

    • Log messages now include diagnostic context in curly braces. This is accessible to components via the Logging Context Facility.

    • The Log4j 2 default rollover strategy is now being used — this results in rolled over log files having constant numbering (1-10) rather than incrementing forever.

    • Tracer levels are stored in the logging configuration rather than the management database, so the init-management-db.sh script does not clear these. Follow the instructions displayed when re-initialising the database if needed.

    • The async logging facility has been deprecated because Log4j 2 async appenders can be used instead.

    • Full Rhino startup information is logged to new log files after rollover, but they may not at the very beginning of the log when under load.

    • Log files do NOT roll over on startup for production Rhino, to prevent a restart loop from expiring useful logs.

  • SLEE Tracing now uses the logging subsystem directly.

    • There is an extended tracer interface with methods that correspond to most Log4j 2 Logger methods.

    • When using the extended tracer, arguments are not evaluated unless the message is written to an appender, so tracing method invocations with simple parameters do not need to be guarded.

    • Every tracer has a corresponding logger, you can configure those loggers as you would any other logger.

    • Logger names for tracers are fully-qualified and unique internally, but are abbreviated by the log pattern to eliminate redundant components.

  • Metaswitch Service Assurance Server (SAS) support. See the SAS tracing documentation.

Bug fixes

  • Profile MBeans now isolate transactional state between different management clients. Changes being made by one client no longer leak into the view of other clients. (RHI-4317)

  • The configurestagingqueues Ant task no longer transposes maximumAge and maximumSize values. (RHI-4380)

  • Object pool stats are now grouped by namespace, and their parameter set names have been improved. (RHI-4429)

  • The various ProfileProvisioningMBean getProfiles* methods now respect the state of any user transaction currently in progress by the client. (RHI-4458)

  • Added ResourceExecutor stats parameter set type to TransactionManager. These statistics were previously being combined with SynchronizationExecutor. (RHI-4533)

  • Reworked the export of custom security policies assigned to components so that these are now set during import as part of the corresponding deployable unit install rather than as a post-deployment target. This means that the polices are now set during import long before the components are put to any real use, which is required if, for example, a resource adaptor entity needs the custom policy in order to initialise correctly. (RHI-4537)

  • The object pool configuration for a profile table named "default" is now separate from the default profile table object pool configuration. (RHI-4584)

  • Fixed some erroneous transactional behaviour during namespace creation and removal that occurred if the bounding transaction happened to fail during commit. (RHI-4712)

  • Non-replicating activity handlers will now correctly inform their associated resource adaptor if an activity under their control is forcefully ended by a platform administrator. (Replicating activity handlers were already behaving correctly here.) (RHI-4743)

  • Locks held by Profile MBeans in the writeable state on nodes that leave the cluster will now be cleaned up by remaining nodes in the cluster, rather than leaking and leaving those profiles uneditable until cluster restart. (RHI-4815)

  • The cascade uninstaller tool will now correctly manage deactivation of services and resource adaptor entities with different activation states on different nodes, as well as correctly dealing with the symmetric activation state mode. (RHI-4836)

  • CMP reset methods now manage transactional state correctly. (RHI-4857)

  • Fixed a potential MemDB state object sizing issue if toString() was invoked on a persistent state object mid-transaction. (RHI-4858)

  • Tracer management commands operating on services that are undeployed will now fail with a more helpful error message. (RHI-4958)

  • Profile table access is no longer corrupted if multiple profile tables are created from the same profile specification. (RHI-4959)

  • Fixed behaviour of SBB CMP fields storing SBB local objects when using transactional pass-by-reference in the case where an SBB entity is removed after being stored in a CMP field. (RHI-5142)

  • Fixed a code generation issue that caused deployment of an SBB to fail if the SBB didn’t define an Activity Context Interface but the SBB abstract class defined a non-abstract asSbbActivityContextInterface method. (RHI-5258)

  • Fixed an NPE that occurred trying to reassign to another node a service activity that had previously been administratively removed when the SLEE on the node that had owned the activity transitioned from RUNNING to STOPPING. (RHI-5322)

  • Changed default for rhino.skip_lifecycle_checks to false. This is discussed further in the Resource adaptor entity lifecycle states documentation. (RHI-4382)

Improvements

  • System property "rhino.tracer.defaultlevel" has been removed. Trace levels can be set via the logging subsystem. (RHI-4947)

  • Trace notifications are now rate limited to a rate of 10/second with a burst limit of 1000, using the Log4j 2 BurstFilter. (RHI-4937)

  • The tamper-detection mechanism for audit logs now uses a checksum approach. (RHI-4627)

  • FreeMemory watchdog condition now triggers when 95% of heap is used. This is configurable via the watchdog.oom_percent_used system property. The old system property, watchdog.oom_min_free is deprecated. (RHI-5255)

  • Rhino Stats default memory size has been increased to fix problems with GUI mode. (RHI-5184)

  • An originating node ID field has been added to each of the respective vendor data extension classes included by Rhino in trace, alarm, and state change JMX notifications. (RHI-1962)

  • Stats parameter sets related to object pools for profile tables are now named after the profile table they relate to for easy identification, rather than an internal application identifier. (RHI-2963)

  • Add log messages to report transaction manager synchronization and resource executors queue size configuration. (RHI-4502)

  • Stats parameter set types, and consequently SNMP parameter set type OID mappings, no longer include namespace qualifiers embedded into their name. Namespace qualification is now handled externally from the name. (RHI-4783)

  • An export can now be imported into a different namespace using the import.namespace Ant property. (RHI-4381)

  • The cluster state change facility will now only notify resource adaptor entities in the affected namespace, rather than all resource adaptor entities, when the SLEE running state in that namespace changes. (RHI-5021)

  • Rhino’s config manager now handles namespace-specific configuration items (ie. object pools configs, SNMP parameter set type configs for applications, and limiter endpoint configs) on a per-namespace basis. Configuration items scoped to namespaces are now managed using namespace-specific container configuration MBeans. (RHI-4711)

  • Names of Rhino internal classes now reflect their original source location. (RHI-4167)

  • Garbage collection defaults have changed:

    • Garbage collection debug logging is now written to a file, with rollover settings of 100MB files, 5 archived files

    • Enabled tiered compilation on Java 7 (production Rhino only)

    • Enabled parallel weak reference handling (production Rhino only)

    • Automatically perform a JVM heap dump on an OutOfMemoryError (production Rhino only)

    • Removed unused Incremental CMS options (RHI-4548)

  • The config.log log file has been removed and messages that were previously in this file are now in rhino.log. (RHI-4625)

  • The namespace names 'default' and 'global' (case insensitive) are now reserved for internal use. It is no longer possible to create user-defined namespaces with these names. (RHI-4909)

Version 2.5.0.4

Bug fixes

  • Fixed bug in activity attachment mapping that caused various failures including event delivery spinning on activity-end cleanup. (RHI-5097)

  • CMP fields of type java.math.BigInteger or java.math.BigDecimal will no longer cause a deployment failure during code generation. (RHI-4516)

  • Fixed an issue in export scripts which created resource adaptor entities before the relevant security permissions had been set. (RHI-4500)

  • Corrected header attached to CSV alarm log, and fixed timestamp field formatting when an alarm originates from a user-defined namespace. (RHI-4631)

  • Fixed the exporter when multiple namespace names are sanitised to the same value. The exporter will now generate unique filenames in the exported data when sanitised names clash, rather than simply overwriting previously written data. (RHI-4705)

  • Fixed some erroneous transactional behaviour during namespace creation and removal that occurred if the bounding transaction happened to fail during commit. (RHI-4712)

  • The internal distributed management lock is now correctly released if an attempt is made to remove a configuration item of an unknown type. (RHI-4795)

  • Fixed an activity end race condition in the activity handler that could lead to the pessimistic or replicated lock for an activity not being released when the enclosing transaction ends. (RHI-4983)

  • Profile, Usage, and Usage Notification Manager MBeans related to a profile table will now be correctly deregistered from the MBean server when a profile table is renamed. (RHI-4975)

Improvements

  • The rhino-console installlocaldu command now supports an optional -url argument to specify an alternate URL identifier for the deployable unit. (RHI-4939)

  • Rhino client tools now allow the GC_OPTIONS environment variable to be overridden. (RHI-5101)

  • The <setactivenamespace> Ant task now also updates the rhino.namespace system property so that any new connection object instances inherit the same namespace context. (RHI-4764)

  • The system property "file.encoding" is now globally readable by default. This is needed by some JDBC drivers. (RHI-4907)

Version 2.5.0.3

Bug fixes

  • Fixed a NullPointerException thrown by the createpersistenceinstance and updatepersistenceinstance Ant management tasks. (RHI-4482)

Version 2.5.0.2

New Features

  • The namespaces feature is now supported for production use.

Bug fixes

  • Fixed double-event scheduling from multiple suspend-resume cycles and interleaved transactions suspending, resuming and firing events. (RHI-3207)

  • Fixed a problem that could cause corruption of internal state when a node failed during deployment. (RHI-4327)

  • Fixed a NullPointerException that occurred when accessing service state in symmetric activation state mode. (RHI-4377)

  • Fixed a race condition that could report a profile as still being edited by some other management client if a client tried to edit a profile immediately after committing or rolling back changes to that same profile. (RHI-4442)

  • Fixed a NullPointerException that occurred when deploying linked components. (RHI-4395)

  • Fix after-transaction logic to always clean up activity event queues. Prevents stuck activities from transactions containing resources that fail between commit and cleanup. (RHI-4326)

  • Services and resource adaptor entities that are in the STOPPING state when a node is started will now correctly revert to the INACTIVE state during bootup when the symmetric activation state mode is not enabled. (RHI-4421)

  • Fixed a race condition between the creation of a profile in a user transaction and a concurrent long-running timeout and rollback of that transaction. This race condition meant that some metadata state for the failed profile creation was not cleaned up, preventing any further profile creation attempts for that profile to succeed. (RHI-4424)

  • Fixed compilation issues when deploying SBBs with a very large number of CMP fields. (RHI-4392)

  • Fix malformed ObjectName generation that prevented interaction with object pool configurations for components in user-defined namespaces. The "use-defaults" property of object pool configurations has been removed because it did not function in an obvious manner. (RHI-4391)

  • The namespace that each management operation was performed on is now included in the management.csv audit log file, present as the 7th field in the CSV. Rhino will use the old audit log file format if the "rhino.audit.log_format" system property is set to "2.4" (but this should not be set if namespaces are being used because it will not be possible to tell which namespace an operation was run in). (RHI-4352)

  • ServiceUsageMBean, ProfileTableUsageMBean and ResourceUsageMBean are now included in the management audit log. (RHI-4427)

  • The snapshot tool can now be used from a remote host. (RHI-4406)

  • Fixed Java GC options in the Windows Rhino SDK scripts. (RHI-4409)

Improvements

  • Improved the mechanism used to detect and protect against concurrent profile edits occurring over the profile management interface. This change should prevent unexpected lock timeouts if the compare-and-set locking operation takes longer than one second, eg. slow hardware. (RHI-4239)

  • Added ability to optionally exclude individual configuration types when importing a Rhino export. This is particularly useful for cases where the target Rhino instance does not have a JDBC driver for the persistence configuration being imported. (RHI-4386)

Version 2.5.0.1

Bug fixes

  • Fixed an UnrecognizedLinkNameException when listing resource adaptor link names. (RHI-4211)

  • Fixed a NullPointerException when a management client tried to get the current trace level for a tracer. (RHI-4278)

  • Fixed event router warnings when stage items were rejected for execution, typically because of overload. (RHI-4241)

  • Fixed a bug that prevented the per-node SNMP agent from being deactivated. (RHI-4318)

  • Fixed a bug that prevented an SNMP OID mapping from being registered if it was cleared when Rhino started. (RHI-4308)

  • In the case where a resource adaptor entity or profile table is created from a linked or shadowed component, only the install level of the resolved target component is now relevant when deciding whether or not to allow the operation to proceed. The install level of the virtual component itself is irrelevant. (RHI-4243)

  • Fixed a potential concurrency race condition that could lead to the SLEE getting stuck in the STOPPING state if a service was deactivated on some nodes when the symmetric activation state mode was enabled. (RHI-4254)

  • Fixed a number of issues affecting the cascade uninstaller when dealing with linked, shadowed, and copied components. (RHI-4207)

  • Fixed some issues with the cascade uninstaller failing to correctly determine the necessary uninstallation order in some complex scenarios, particularly involving copied components. (RHI-4213)

  • Removed a spurious message regarding the removal of copied components when running the cascade uninstaller in assumed-yes mode. (RHI-4215)

  • The cascade uninstaller will now successfully clean up copied or linked components that have active resource adaptor entities or profile tables created from them. (RHI-4240)

  • Fixed a bug that prevented passwords being updated with the rhino-user utility. (RHI-4201)

  • Fixed a possible change to the active namespace after using the exportall command in rhino-console. (RHI-4252)

  • Some issues affecting the scoping and cleanup of statistics parameter sets used by namespaces have been fixed. (RHI-4212)

  • SLEE, service, and resource adaptor entity state change notifications now include vendor-specific data that identifies which namespace the notification originated from. (RHI-4193)

  • Trace and usage notifications now include vendor-specific data that identifies which namespace the notification originated from. (RHI-4264)

  • SLEE 1.0-style alarm notifications now include vendor-specific data that specifies the namespace that the notification originated from. (RHI-4265)

Improvements

  • Improved thread safety of RhinoConnection for use by multi-threaded clients. (RHI-4289)

  • Improved external database connection logging. (RHI-4186)

  • The Rhino SDK now has the "CMSClassUnloadingEnabled" JVM option enabled by default, to prevent out-of-memory errors under certain conditions. (It is already enabled by default for a production Rhino installation.) (RHI-3490)

  • Reduce repetitious log messages about deployable unit verification when importing. (RHI-4210)

  • Set default heap size for Rhino client tools to 64MB. (RHI-3176)

Version 2.5.0.0

New Features

Rhino 2.5.0 introduces the following major new features:

  • Scattercast cluster communications mode is now a supported configuration in production environments. Scattercast management must now be done using management commands, not by editing configuration files. See the Rhino Administration and Deployment Guide for details. (RHI-3551)

  • The database configuration for external persistence of Rhino’s in-memory database state, along with JDBC resource configuration for applications, can now be dynamically updated at runtime rather than requiring a node or cluster restart. (RHI-3785)

  • Full JVM statistics are now available under the JVM parameter set. (RHI-3890)

  • Cluster-symmetric activation state is now supported as an option for services and resource adaptor entities. When this option is enabled, an activation state change that affects a service or resource adaptor entity will be reflected on all nodes in the cluster, and if a new node enters the cluster it will inherit the cluster-wide activation state for each of these components. (RHI-3934)

The following is an early preview feature and is not supported in production environments:

  • Rhino now supports multiple deployment namespaces. Namespaces are created by an administrator, and each namespace is isolated from all others. Each namespace contains its own deployable units and components, resource adaptor entities, profile tables, SLEE and component activation states, etc. Namespace management is available in the Rhino command line console but not yet in Rhino Element Manager. (RHI-3926)

Installation Changes

  • Update minimum supported version of Java 8 to 1.8.0_60. Earlier versions contain bugs that affect Rhino operation. (RHI-3745)

  • Rhino SDK requires Java 8 to run the embedded Rhino Element Manager. (RHI-4178)

Improvements

  • Alarms have been added for the following conditions:

    • if a forward or reverse timewarp is detected, in addition to logging an error message as has always been the case (RHI-3101)

    • if the filesystem does not support sufficiently long file names. (RHI-3965)

    • if a threshold rule trigger or reset condition fails to evaluate, for example because it refers to a unknown parameter set or statistic. The alarm will be cleared if the rule is deleted or replaced, or a missing parameter set is restored. (RHI-410)

    • if watchdog.no_exit is set. This is a dangerous mode to run in and should never be used in a live environment. (RHI-3798)

  • The Rhino command-line client now reports alarms when they occur and includes the SLEE state and alarm count in the prompt. This new behaviour can be disabled by setting the system property "rhino.console.disable-listeners" to true. (RHI-2101)

  • The deactivate-and-activate-services operation is now a lot more atomic. Dropped call issues that previously could have occurred if a service took a long time to activate should no longer occur. (RHI-3783)

  • Added a component classloader auditing function that will look for potential classloader problems amongst the component’s dependencies. (RHI-4050)

  • Added command to reboot Rhino nodes to their current state. (RHI-3873)

  • SNMP index names are no longer truncated. The old behaviour can be restored by uncommenting the "snmp.name.max-length=19" line in read-config-variables. (RHI-3796)

  • Add new Threshold Rule management API call to retrieve all configured rules at once. (RHI-4049)

  • Reduced severity of log message for cleanup of leaked OCIO buffers. This does not affect the reliability of the node. (RHI-3200)

  • New sample Systemd service descriptor for RHEL 7 and related systems. (RHI-3715)

Bug fixes

  • Fixed the potential for the SLEE, a service, or a resource adaptor entity to get stuck in the STOPPING state if a lock timeout happened to occur during the deactivation operation. (RHI-3453)

  • Services and resource adaptor entities will no longer get stuck in the STOPPING state if a temporary database error occurs when trying to reset their state back to INACTIVE. (RHI-3650)

  • Fix GroupHeartBeat failure on boot into a network containing a one way partition (RHI-3663)

  • The SLEE will no longer get stuck in the STOPPING state if a start operation is attempted while STOPPING. (RHI-3792)

  • UsageMBeans no longer return partial results if a node responds with an error. The error is now passed back to the client as a ManagementException as per the API (RHI-3850)

  • Added support for SBB Parts to the getsecuritypolicy and setsecuritypolicy Rhino Console commands. (RHI-3908)

  • Cluster will more gracefully handle one way network partitions. (RHI-3924)

  • Fixed snapshot decode of exported profile tables containing CMP fields that define serialisability only by way of a DatatypeCodec. (RHI-3986)

  • Fixed stall in savanna groups when rapidly shutting down many nodes in sequence (RHI-3989)

  • SBB part security permissions are now correctly applied to generated service code. (RHI-3994)

  • Fix NPE on node start when -d option is used alone with start-rhino.sh. (RHI-4000)

  • The object pool for a profile table defined by a SLEE 1.1 profile specification will now correctly initialise on profile table creation if the initial pooled size is greater than zero. (RHI-4001)

  • Fix a NullPointerException if linked/shadowed services are deployed when setting a security policy. (RHI-4021)

  • The ResourceAdaptor.serviceActive() callback will now be made after an activating service has also been started, if the SLEE is in the RUNNING state, rather than before. This removes a race condition that previously existed if the resource adaptor fired an event intended for the activating service in the callback method - depending on timing the event may or may not have been delivered to the service. (RHI-4029)

  • Database flush now properly flushes on all nodes. Database flush now respects timeout. (RHI-4030)

  • Fixed an NPE that occurred when running rhino-export if a component with an install level of INSTALLED depended on another component that was not yet installed. (RHI-4190)

  • The Rhino SDK start-rhino scripts now support command-line options to force the SLEE into the Running or Stopped state after the Rhino SDK has completed initialisation. (RHI-3189)

  • When running the Rhino SDK on Windows, fixed the generation of *.class.$$ files that polluted the RhinoSDK directory whenever a deployable unit was installed. (RHI-4187)