[GitHub] [pulsar-helm-chart] freewaterfreewater removed a comment on issue #124: pulsar waiting to start: PodInitializing
freewaterfreewater removed a comment on issue #124: URL: https://github.com/apache/pulsar-helm-chart/issues/124#issuecomment-853616212 commit #bin/pulsar zookeeper-shell -server pulsar-zookeeper get /admin/clusters/pulsar -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [pulsar-helm-chart] eolivelli commented on pull request #119: Update to Pulsar 2.7.2
eolivelli commented on pull request #119: URL: https://github.com/apache/pulsar-helm-chart/pull/119#issuecomment-853676432 @lhotari PTAL again please -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [pulsar-helm-chart] freewaterfreewater commented on issue #124: pulsar waiting to start: PodInitializing
freewaterfreewater commented on issue #124: URL: https://github.com/apache/pulsar-helm-chart/issues/124#issuecomment-853615690 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [pulsar-helm-chart] eolivelli commented on a change in pull request #119: Update to Pulsar 2.7.2
eolivelli commented on a change in pull request #119: URL: https://github.com/apache/pulsar-helm-chart/pull/119#discussion_r644581568 ## File path: dev-func-k8s-values.yaml ## @@ -0,0 +1,109 @@ +# +# Copyright 2021 DataStax, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# + +enableAntiAffinity: no +enableTls: no +enableTokenAuth: no +restartOnConfigMapChange: + enabled: yes +extra: + function: yes + burnell: yes + burnellLogCollector: yes Review comment: I committed unintentionally other files on my work directory. Removed ## File path: examples/test-kube-functions-minikube.yaml ## @@ -0,0 +1,78 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +extra: + functionsAsPods: yes + +## deployed withh emptyDir +volumes: + persistence: false + +# disabled AntiAffinity +affinity: + anti_affinity: false + +# disable auto recovery +components: + autorecovery: false + functions: yes + +zookeeper: + replicaCount: 1 + +bookkeeper: + replicaCount: 1 + +broker: + replicaCount: 1 + configData: +## Enable `autoSkipNonRecoverableData` since bookkeeper is running +## without persistence +autoSkipNonRecoverableData: "true" +# storage settings +managedLedgerDefaultEnsembleSize: "1" +managedLedgerDefaultWriteQuorum: "1" +managedLedgerDefaultAckQuorum: "1" + +proxy: + replicaCount: 1 + +functions: + replicaCount: 1 + runtime: kubernetes + +image: + zookeeper: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT + bookie: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT + autorecovery: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT + broker: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT + functions: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT + proxy: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT Review comment: I committed unintentionally other files on my work directory. Removed ## File path: dev-func-k8s-values.yaml ## @@ -0,0 +1,109 @@ +# +# Copyright 2021 DataStax, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# + +enableAntiAffinity: no +enableTls: no +enableTokenAuth: no +restartOnConfigMapChange: + enabled: yes +extra: + function: yes + burnell: yes + burnellLogCollector: yes + pulsarHeartbeat: yes + pulsarAdminConsole: yes + +zookeeper: + replicaCount: 1 + resources: +requests: + memory: 300Mi + cpu: 0.3 + configData: +PULSAR_MEM: "\"-Xms300m -Xmx300m -Djute.maxbuffer=10485760 -XX:+ExitOnOutOfMemoryError\"" + +bookkeeper: + replicaCount: 1 + resources: +requests: + memory: 512Mi + cpu: 0.3 + configData: +BOOKIE_MEM: "\"-Xms312m -Xmx312m -XX:MaxDirectMemorySize=200m -XX:+ExitOnOutOfMemoryError\"" + +broker: + component: broker + replicaCount: 1 + ledger: +defaultEnsembleSize: 1 +defaultAckQuorum: 1 +defaultWriteQuorum: 1 + resources: +requests: + memory: 600Mi + cpu: 0.3 + configData: +PULSAR_MEM: "\"-Xms400m -Xmx400m -XX:MaxDirectMemorySize=200m -XX:+ExitOnOutOfMemoryError\"" + +auto
[GitHub] [pulsar-helm-chart] lhotari merged pull request #119: Update to Pulsar 2.7.2
lhotari merged pull request #119: URL: https://github.com/apache/pulsar-helm-chart/pull/119 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [DISCUSS] Propose More Formal Policy for Security Patches and EOL of Versions
Thank you for your suggestion, Lari. I opened a PR to add a SECURITY.md file: https://github.com/apache/pulsar/pull/10829. Note that I decided to use 12 months instead of 18 for our support window. I describe why in the PR. I am hoping this concrete step will push us toward a concrete solution. Please take a look at the PR and provide feedback. Thanks, Michael On Mon, May 31, 2021 at 3:17 AM Lari Hotari wrote: > +1 , Thanks for the suggestion, Michael. > > I hope we can get the security policy documented for Apache Pulsar asap. > > GitHub suggests adding a SECURITY.md file to the repository. > When committers go to https://github.com/apache/pulsar/security , the UI > suggests "Setup a security policy": > [image: image.png] > > Clicking on the button takes to editing a SECURITY.md file > > [image: image.png] > This is also documented in > https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository > . > > Perhaps this could be the way how to document the security policy in > Apache Pulsar? > > The GitHub provided template has these sections: > - Supported Versions > - Reporting a Vulnerability > > There are a lot more extensive templates available such as > https://github.com/Trewaters/security-README/blob/master/security.md . It > seems that some projects also document it in SECURITY.md how to securely > use the product. One example is SECURITY.md in TensorFlow, > https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md . > > Michael, could you create a PR for the SECURITY.md file? It might be > easier to revisit the details of the security policy in a PR review. > > BR, Lari > > > On Fri, May 28, 2021 at 12:49 AM Michael Marshall > wrote: > >> Hi Pulsar Community, >> >> >> I would like to discuss defining and documenting a process for an official >> Pulsar version EOL policy. This process will help users know when the >> version they are running will no longer be supported with security >> patches. >> >> After the recent announcement of CVE-2021-22160, I looked on the official >> pulsar website for a documented process describing which branches will >> receive security patches when vulnerabilities are discovered. I could not >> find a process on the website. I did find a policy for handling version >> EOL >> described in PIP-47, though ( >> >> https://github.com/apache/pulsar/wiki/PIP-47%3A-Time-Based-Release-Plan#what-is-our-eol-policy >> ). >> Based on the policy, I would have expected a release of 2.6.4 with the >> security patch for CVE-2021-22160, but that patch was not cherry-picked to >> branch-2.6 until this week after the publication of the CVE, and we’re >> only >> just now starting the process to release 2.6.4. >> >> I think it’s also relevant to consult the ASF guide for vulnerability >> handling. The process is outlined here: >> https://www.apache.org/security/committers.html. Regarding releasing >> fixes, >> it only mentions the following: >> >> > 15. The project team creates a release that includes the fix. >> >> > 16. The project team announces the vulnerability. The vulnerability >> announcement should be sent after, or at the same time as, the release >> announcement to the following destinations. >> >> Given the above information, I think it would be appropriate to have a >> policy that ensures all active/supported branches receive security patches >> before a CVE is announced. >> >> I propose we adopt a policy similar to Apache Spark’s policy, which is to >> provide security fixes for feature branches for at least 18 months after >> the initial minor version release: >> https://spark.apache.org/versioning-policy.html. If we apply this policy >> to >> Pulsar, 2.6.x will receive security patches until December 2021 (2.6.0 was >> released in June 2020). >> >> When I brought this up at the community meeting today, Matteo mentioned >> supporting releases for a year. I am open to that time frame as well. My >> main objective is to have a policy that is documented and easily >> discovered >> by our users. >> >> I look forward to your thoughts and suggestions. >> >> Thanks, >> >> Michael Marshall >> >
Re: Connectors package registry
Do we have consensus on metadata repo + generated docs page to start with? On Sat, May 29, 2021 at 8:44 AM Jonathan Ellis wrote: > On Fri, May 28, 2021 at 2:55 PM Sijie Guo wrote: > >> An alternative is to just add a table to the connectors documentation page >> like how we add third-party clients. >> http://pulsar.apache.org/docs/en/client-libraries/#third-party-clients >> >> It only refers to the Github repos for those connectors but doesn't point >> to any downloadable binaries. >> It provides the ability for people to discover the connectors. People can >> then go to those repos to find the connectors to use. But the PMC doesn't >> need to be pulled into the risk for managing versions and releases for >> external connectors. >> > > I'm really confused as to how I've implied that the PMC should manage > versions and releases, because that was the opposite of my intention! > > But yes, that kind of table is exactly what I have in mind. I'm just > saying that as an implementation detail, I like the idea to have a separate > repo that contains connector metadata of the sort that Andrey proposes, > that we then generate the docs table from. It's a pretty high barrier to > entry if we have people editing the docs by hand (and building it to make > sure it works) to submit a PR for a new connector. > > > -- Jonathan Ellis co-founder, http://www.datastax.com @spyced
Re: [DISCUSS] Apache Pulsar 2.8.0 Release
Hi all, I have moved some PRs which are not merged yet but marked as milestone 2.8 to milestone 2.9, and add tags `release/2.7.3`, `release/2.8.1`. All the moved PRs are not the blocker for the 2.8.0 release but all of them are powerful features, great fixes, and enhancements. Here are the blockers of 2.8.0 release, https://github.com/apache/pulsar/pulls?q=is%3Aopen+is%3Apr+milestone%3A2.8.0 I will start to cut the 2.8.0 after all the blockers been resolved. Of course, if PRs get merged before cutting the 2.8.0, I will also contain them in 2.8.0 release. Please let me know if you have any questions about the 2.8.0 release. Regards, Penghui Sijie Guo 于2021年5月18日周二 上午2:50写道: > 👍 > > On Sun, May 16, 2021 at 11:11 PM Addison Higham > wrote: > > > Hi all, > > > > Really looking forward to this release and all the new improvements. I > > would be happy to volunteer as the release manager for this release. > > > > Addison > > > > On Thu, May 13, 2021 at 8:37 PM Jia Zhai wrote: > > > > > +1 > > > > > > > > > On Wed, May 12, 2021 at 8:17 PM Anonymitaet _ < > anonymita...@hotmail.com> > > > wrote: > > > > > > > Hi all, > > > > > > > > Thanks for your great work on developing these wonderful features. > > > > > > > > Since documentation is one of the maturity indicators for measuring > an > > > > open-source project, for each release, technical writers try their > best > > > to > > > > sync docs with code. > > > > > > > > To allow engineers and writers to work efficiently, may I suggest: > > > > > > > > - If your PR needs adding docs, feel free to add them accordingly. > Then > > > > you can ping technical writers (for example, me) to review. > > > > > > > > - If you find any PR or issue needs docs, do not hesitate to add them > > or > > > > label them with `doc-required`. This is an effective way to help > > > technical > > > > writers know the gap and then fill it. > > > > > > > > Many thanks! > > > > > > > > > > > > > > On Tue, May 11, 2021 at 1:38 AM PengHui Li > > > > > wrote: > > > > > > > > > > > Hi, everyone > > > > > > > > > > > > I hope you’ve all been doing well. In June, there are 5 > months > > > we > > > > > haven’t > > > > > > released a major version. So I would like to start an email > > > thread > > > > to > > > > > > discuss features that we planned for 2.8.0. > > > > > > > > > > > > There are some powerful features and enhancements in 2.8.0 > such > > > as > > > > > > > > > > > > - Transactions > > > > > > - Exclusive Producer > > > > > > - Package management service > > > > > > - Client memory limit > > > > > > - Pluggable metadata interface- Broker entry metadata > > > > > > - Streaming dispatcher > > > > > > - Get applied topic policy > > > > > > - Message Index of topic > > > > > > > > > > > > I just list some of them. And you can find all the change > lists > > > > from > > > > > > https://github.com/apache/pulsar/pulls?q=milestone%3A2.8.0 > > > > > > +-label%3Arelease%2F2.7.2+-label%3Arelease%2F2.7.1+ > > > > > > < > > > > > > > > > > > > > > > > > > > > > https://github.com/apache/pulsar/pulls?q=milestone%3A2.7.0+-label%3Arelease%2F2.6.2+-label%3Arelease%2F2.6.1+ > > > > > > > > > > > > > There > > > > > > are more than 800 commits. > > > > > > > > > > > > If you have any suggestions please let me know. > > > > > > > > > > > > I will organize a list for all major features in 2.8.0 and > will > > > > update it > > > > > > in the email thread later. > > > > > > > > > > > > Regards, > > > > > > Penghui > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
Re: [DISCUSS] Apache Pulsar 2.8.0 Release
+1 -- Matteo Merli On Fri, Jun 4, 2021 at 9:53 PM PengHui Li wrote: > Hi all, > > I have moved some PRs which are not merged yet but marked as milestone 2.8 > to milestone 2.9, and add tags `release/2.7.3`, `release/2.8.1`. > All the moved PRs are not the blocker for the 2.8.0 release but all of them > are powerful features, great fixes, and enhancements. > > Here are the blockers of 2.8.0 release, > > https://github.com/apache/pulsar/pulls?q=is%3Aopen+is%3Apr+milestone%3A2.8.0 > > I will start to cut the 2.8.0 after all the blockers been resolved. Of > course, if PRs get merged before cutting the 2.8.0, > I will also contain them in 2.8.0 release. > > Please let me know if you have any questions about the 2.8.0 release. > > Regards, > Penghui > > > > Sijie Guo 于2021年5月18日周二 上午2:50写道: > > > 👍 > > > > On Sun, May 16, 2021 at 11:11 PM Addison Higham > > wrote: > > > > > Hi all, > > > > > > Really looking forward to this release and all the new improvements. I > > > would be happy to volunteer as the release manager for this release. > > > > > > Addison > > > > > > On Thu, May 13, 2021 at 8:37 PM Jia Zhai wrote: > > > > > > > +1 > > > > > > > > > > > > On Wed, May 12, 2021 at 8:17 PM Anonymitaet _ < > > anonymita...@hotmail.com> > > > > wrote: > > > > > > > > > Hi all, > > > > > > > > > > Thanks for your great work on developing these wonderful features. > > > > > > > > > > Since documentation is one of the maturity indicators for measuring > > an > > > > > open-source project, for each release, technical writers try their > > best > > > > to > > > > > sync docs with code. > > > > > > > > > > To allow engineers and writers to work efficiently, may I suggest: > > > > > > > > > > - If your PR needs adding docs, feel free to add them accordingly. > > Then > > > > > you can ping technical writers (for example, me) to review. > > > > > > > > > > - If you find any PR or issue needs docs, do not hesitate to add > them > > > or > > > > > label them with `doc-required`. This is an effective way to help > > > > technical > > > > > writers know the gap and then fill it. > > > > > > > > > > Many thanks! > > > > > > > > > > > > > > > > > On Tue, May 11, 2021 at 1:38 AM PengHui Li < > peng...@apache.org > > > > > > > > wrote: > > > > > > > > > > > > > Hi, everyone > > > > > > > > > > > > > > I hope you’ve all been doing well. In June, there are 5 > > months > > > > we > > > > > > haven’t > > > > > > > released a major version. So I would like to start an email > > > > thread > > > > > to > > > > > > > discuss features that we planned for 2.8.0. > > > > > > > > > > > > > > There are some powerful features and enhancements in 2.8.0 > > such > > > > as > > > > > > > > > > > > > > - Transactions > > > > > > > - Exclusive Producer > > > > > > > - Package management service > > > > > > > - Client memory limit > > > > > > > - Pluggable metadata interface- Broker entry metadata > > > > > > > - Streaming dispatcher > > > > > > > - Get applied topic policy > > > > > > > - Message Index of topic > > > > > > > > > > > > > > I just list some of them. And you can find all the change > > lists > > > > > from > > > > > > > https://github.com/apache/pulsar/pulls?q=milestone%3A2.8.0 > > > > > > > +-label%3Arelease%2F2.7.2+-label%3Arelease%2F2.7.1+ > > > > > > > < > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://github.com/apache/pulsar/pulls?q=milestone%3A2.7.0+-label%3Arelease%2F2.6.2+-label%3Arelease%2F2.6.1+ > > > > > > > > > > > > > > > There > > > > > > > are more than 800 commits. > > > > > > > > > > > > > > If you have any suggestions please let me know. > > > > > > > > > > > > > > I will organize a list for all major features in 2.8.0 and > > will > > > > > update it > > > > > > > in the email thread later. > > > > > > > > > > > > > > Regards, > > > > > > > Penghui > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
Re: Regression for Java Client on Alpine Linux
Hi enrico, I have pushed a PR to roll back the netty-tc-native version to 2.0.33.Final in https://github.com/apache/pulsar/pull/10833 this might can help run on Alpine linux, I have checked the CVE that #10266 want to fix, seems not related to netty-tc-native Regards, Penghui Enrico Olivelli 于2021年6月3日周四 下午2:59写道: > Hi all, > I am testing the upgrade of the Java client from 2.7.1 to > 2.8.0-SNAPSHOT on an application the runs on Alpine linux. > It used to run with 2.7.1 but it crashes with 2.8.0-SNAPSHOT due to > Netty TCNative. > > More details here > https://github.com/apache/pulsar/issues/10798 > > I believe this is a show stopped for 2.8.0 release > > > Enrico >
