[geode] branch develop updated: GEODE-10387: bump dependencies (#7805)
This is an automated email from the ASF dual-hosted git repository. onichols pushed a commit to branch develop in repository https://gitbox.apache.org/repos/asf/geode.git The following commit(s) were added to refs/heads/develop by this push: new 06d3b2ac31 GEODE-10387: bump dependencies (#7805) 06d3b2ac31 is described below commit 06d3b2ac3113e3a3c2db4c404f70f3791e80b8dc Author: Owen Nichols <34043438+onichols-pivo...@users.noreply.github.com> AuthorDate: Fri Jun 17 15:50:09 2022 -0700 GEODE-10387: bump dependencies (#7805) * GEODE-10387: Bump 3rd-party dependency versions Geode endeavors to update to the latest version of 3rd-party dependencies on develop wherever possible. Doing so increases the shelf life of releases and increases security and reliability. Doing so regularly makes the occasional hiccups this can cause easier to pinpoint and address. Dependency bumps in this batch: * Bump cargo-core-uberjar from 1.9.10 to 1.9.12 * Bump classgraph from 4.8.146 to 4.8.147 * Bump jackson from 2.13.2 to 2.13.3 * Bump junit-pioneer from 1.6.2 to 1.7.1 * Bump micrometer-core from 1.9.0 to 1.9.1 * Bump mockito-core from 4.4.0 to 4.6.1 * Bump spring from 5.3.20 to 5.3.21 * Bump spring-hateoas from 1.4.2 to 1.5.0 * Bump spring-ldap-core from 2.3.7.RELEASE to 2.4.0 * Bump swagger-annotations from 2.2.0 to 2.2.1 --- .../src/test/resources/expected-pom.xml| 48 +++--- .../gradle/plugins/DependencyConstraints.groovy| 22 +- dev-tools/dependencies/bump.sh | 4 +- .../integrationTest/resources/assembly_content.txt | 26 ++-- .../resources/gfsh_dependency_classpath.txt| 26 ++-- geode-assembly/src/main/dist/LICENSE | 2 +- .../resources/dependency_classpath.txt | 26 ++-- 7 files changed, 77 insertions(+), 77 deletions(-) diff --git a/boms/geode-all-bom/src/test/resources/expected-pom.xml b/boms/geode-all-bom/src/test/resources/expected-pom.xml index f16020b7b6..039b867760 100644 --- a/boms/geode-all-bom/src/test/resources/expected-pom.xml +++ b/boms/geode-all-bom/src/test/resources/expected-pom.xml @@ -180,7 +180,7 @@ io.github.classgraph classgraph -4.8.146 +4.8.147 io.github.resilience4j @@ -195,12 +195,12 @@ io.micrometer micrometer-core -1.9.0 +1.9.1 io.swagger.core.v3 swagger-annotations -2.2.0 +2.2.1 it.unimi.dsi @@ -350,7 +350,7 @@ org.codehaus.cargo cargo-core-uberjar -1.9.10 +1.9.12 org.eclipse.jetty @@ -420,12 +420,12 @@ org.springframework.hateoas spring-hateoas -1.4.2 +1.5.0 org.springframework.ldap spring-ldap-core -2.3.7.RELEASE +2.4.0 org.springframework.shell @@ -455,42 +455,42 @@ org.junit-pioneer junit-pioneer -1.6.2 +1.7.1 org.mockito mockito-core -4.4.0 +4.6.1 org.mockito mockito-junit-jupiter -4.4.0 +4.6.1 com.fasterxml.jackson.core jackson-annotations -2.13.2 +2.13.3 com.fasterxml.jackson.core jackson-core -2.13.2 +2.13.3 com.fasterxml.jackson.core jackson-databind -2.13.2.2 +2.13.3 com.fasterxml.jackson.datatype jackson-datatype-joda -2.13.2 +2.13.3 com.fasterxml.jackson.datatype jackson-datatype-jsr310 -2.13.2 +2.13.3 com.jayway.jsonpath @@ -665,52 +665,52 @@ org.springframework spring-aspects -5.3.20 +5.3.21 org.springframework spring-beans -5.3.20 +5.3.21 org.springframework spring-context -5.3.20 +5.3.21 org.springframework spring-core -5.3.20 +5.3.21 org.springframework spring-expression -5.3.20 +5.3.21 org.springframework spring-oxm -5.3.20 +5.3.21 org.springframework spring-test -5.3.20 +5.3.21 org.springframework spring-tx -5.3.20 +5.3.21 org.springframework spring-web -5.3.20 +5.3.21 org.springframework spring-webmvc -5.3.20 +
[geode] branch support/1.15 updated: GEODE-10386:Document JDK 17 for 1.15 release (#7813)
This is an automated email from the ASF dual-hosted git repository. dbarnes pushed a commit to branch support/1.15 in repository https://gitbox.apache.org/repos/asf/geode.git The following commit(s) were added to refs/heads/support/1.15 by this push: new ab5e533494 GEODE-10386:Document JDK 17 for 1.15 release (#7813) ab5e533494 is described below commit ab5e533494787922a22d278ae01d87c1d031e212 Author: Dave Barnes AuthorDate: Fri Jun 17 13:34:44 2022 -0700 GEODE-10386:Document JDK 17 for 1.15 release (#7813) Co-authored by: @animatedmax --- .../source/subnavs/geode-subnav.erb| 3 + .../system_requirements/host_machine.html.md.erb | 2 +- .../system_requirements/java_support.html.md.erb | 151 + 3 files changed, 155 insertions(+), 1 deletion(-) diff --git a/geode-book/master_middleman/source/subnavs/geode-subnav.erb b/geode-book/master_middleman/source/subnavs/geode-subnav.erb index 8f1b3566da..018b6213fb 100644 --- a/geode-book/master_middleman/source/subnavs/geode-subnav.erb +++ b/geode-book/master_middleman/source/subnavs/geode-subnav.erb @@ -38,6 +38,9 @@ limitations under the License. Host Machine Requirements + +Java Support + How to Install diff --git a/geode-docs/getting_started/system_requirements/host_machine.html.md.erb b/geode-docs/getting_started/system_requirements/host_machine.html.md.erb index e3b5b95458..51d4e86689 100644 --- a/geode-docs/getting_started/system_requirements/host_machine.html.md.erb +++ b/geode-docs/getting_started/system_requirements/host_machine.html.md.erb @@ -24,7 +24,7 @@ Host machines must meet a set of requirements for <%=vars.product_name_long%>. Each machine that will run <%=vars.product_name_long%> must meet the following requirements: -- Java SE Development Kit <%=vars.min_java_version%> with update <%=vars.min_java_update%> or a more recent version <%=vars.min_java_version%> update. The same versions are supported with OpenJDK. +- Java SE Development Kit <%=vars.min_java_version%> with update <%=vars.min_java_update%> or a more recent version <%=vars.min_java_version%> update. The same versions are supported with OpenJDK. See [Java Support](java_support.html) for details. - A system clock set to the correct time and a time synchronization service such as Network Time Protocol (NTP). Correct time stamps permit the following activities: - Logs that are useful for troubleshooting. Synchronized time stamps ensure that log messages from different hosts can be merged to reproduce an accurate chronological history of a distributed run. - Aggregate product-level and application-level time statistics. diff --git a/geode-docs/getting_started/system_requirements/java_support.html.md.erb b/geode-docs/getting_started/system_requirements/java_support.html.md.erb new file mode 100644 index 00..4bb44a4063 --- /dev/null +++ b/geode-docs/getting_started/system_requirements/java_support.html.md.erb @@ -0,0 +1,151 @@ +--- +title: Java Support +--- + + + +This version of <%=vars.product_name%> requires Java 8 release <%=vars.min_java_update %> or +a more recent version 8 update. The same versions are supported with OpenJDK (HotSpot). + +<%=vars.product_name%> is also compatible with Open JDK 11 and JDK 17. + +The <%=vars.product_name%> product download does not include Java. +Download and install a supported JRE or JDK on each system running <%=vars.product_name%>. +VMware recommends the installation of a full JDK (and not just a JRE) +to obtain better performance with `gfsh status` and `gfsh stop` commands. + +The IBM SDK, Java Technology Edition, Version 8 is supported for application clients only. Some +client region eviction configurations such as `HEAP_LRU` are known to not function properly with +this SDK. + +## Java Modules and <%=vars.product_name%> + +### How JDK 17 Encapsulation Affects <%=vars.product_name%> + +Beginning with Java 17, the JVM strongly enforces the encapsulation policies introduced in Java 9 by the Java Platform Module System. + +Several <%=vars.product_name%> features, such as serialization and eviction, use deep reflection to inspect the Java objects used as keys and values. In Java 17, this deep reflection requires that the object's type be made explicitly available for reflection. + +By default, each type declared in a named module is available for reflection only if the declaring module opens the type's package. + +As a result, <%=vars.product_name%>, by default, cannot inspect the following encapsulated types and fields: +- The private and protected types declared in named modules. +- The private and protected fields of types declared in named m
[geode] branch support/1.15 updated: GEODE-10389: Document upgrade to Geode 1.15 with SSL protocol workaround (#7812)
This is an automated email from the ASF dual-hosted git repository. dbarnes pushed a commit to branch support/1.15 in repository https://gitbox.apache.org/repos/asf/geode.git The following commit(s) were added to refs/heads/support/1.15 by this push: new ececd27a03 GEODE-10389: Document upgrade to Geode 1.15 with SSL protocol workaround (#7812) ececd27a03 is described below commit ececd27a039dc7dd1eb836d09532995782486869 Author: Dave Barnes AuthorDate: Fri Jun 17 11:59:07 2022 -0700 GEODE-10389: Document upgrade to Geode 1.15 with SSL protocol workaround (#7812) --- .../upgrade/upgrade_overview.html.md.erb | 50 ++ 1 file changed, 50 insertions(+) diff --git a/geode-docs/getting_started/upgrade/upgrade_overview.html.md.erb b/geode-docs/getting_started/upgrade/upgrade_overview.html.md.erb index cfecad3fac..899da9bc5f 100644 --- a/geode-docs/getting_started/upgrade/upgrade_overview.html.md.erb +++ b/geode-docs/getting_started/upgrade/upgrade_overview.html.md.erb @@ -54,3 +54,53 @@ you will need to accomplish the upgrade. Then select the appropriate upgrade pro - **[Upgrading Clients](upgrade_clients.html)** +When you upgrade your <%=vars.product_name%> server software, you may need to update your client +applications in order to maintain compatibility with the upgraded servers. + +## Upgrading to v1.15 + +For some users, issues regarding SSL protocols and their default values require a preparatory SSL protocol migration step when upgrading to <%=vars.product_name%> v1.15. +Please read the following section carefully to determine whether your system requires this additional SSL protocol migration step. + +### Does my System Require SSL Protocol Migration Before Upgrading to <%=vars.product_name%> v1.15? + +To determine whether your system requires the SSL protocol migration preparatory step, see if your system meets both of the following conditions: + +- If `ssl-endpoint-identification-enabled` is set to `true` AND +- If `ssl-protocols` is set to a value other than "any", that is, it specifies a list of specific protocols, but does not include "SSLv2Hello", + +THEN your system requires the SSL protocol migration step. + +**How do I determine my system's settings for the `ssl-endpoint-identification-enabled` and `ssl-protocols` properties?** + +SSL properties may be set in properties files or on the gfsh command line. To determine the settings for these parameters, + +- Check `gemfire.properties` and `gfsecurity.properties` for +`ssl-endpoint-identification-enabled=true`. Also look for `ssl-use-default-context=true`, which sets +`ssl-endpoint-identification-enabled=true`. + +- Search system logs for these properties (using `grep`, for example). + +## Preparatory SSL Protocol Migration + +The preparatory SSL protocol migration process consists of replacing one property, `ssl-protocols`, +with two new properties, `ssl-client-protocols` and `ssl-server-protocols`, then removing the old +`ssl-protocols` definition. Perform this substitution in whatever way the original `ssl-protocols` +were defined: in `.properties` files or on a command line. + +1. If your system is running JDK 8, upgrade to the latest version of JDK 8 before proceeding. This is necessary, even if you plan to +perform the optional JDK upgrade step to JDK 11 or JDK 17. +1. Shutdown a member (server or locator). +2. Install <%=vars.product_name%> 1.15. +3. Optionally install a new Java JDK. +4. Add security property `ssl-client-protocols` with the same definition as the old `ssl-protocols` property. +5. Add security property `ssl-server-protocols` with the same definition as the old `ssl-protocols` property PLUS "SSLv2Hello". +For example, if the original value of `ssl-protocols` is "TLSv1.2", then define +- `ssl-client-protocols="TLSv1.2"` +- `ssl-server-protocols="TLSv1.2,SSLv2Hello"` +6. Start the member. +7. Verify successful cluster join. +8. Repeat from step 1 for the next member. + +Optionally, after your upgrade is complete, you may restore your original `ssl-protocols` property +and restart all your members to eliminate the `SSLv2Hello` protocol support.
