LATEST VERSION: 9.7.0 - RELEASE NOTES
Pivotal GemFire® v9.7

Pivotal GemFire Release Notes

Pivotal GemFire 9.7 is based on Apache Geode version 1.8. Pivotal GemFire 9.7 and Apache Geode share a common set of documentation. Therefore, references to both GemFire and Apache Geode appear throughout this documentation; consider them equivalents.

What’s New in Pivotal GemFire 9.7

Pivotal GemFire 9.7 includes the following improvements:

  • GemFire clients support trust and keystore rotation
  • Endpoint validation during SSL handshake is enabled
  • Improved latency characteristics of Serial Gateway Sender Queues
  • Function security is dynamically determined by function arguments
  • Added support for Tomcat 9
  • gfsh command hints are now case-independent

Pivotal GemFire 9.7 Breaking Change

GEODE 5861: The configuration options for JNDI bindings have changed, whether configured through XML or gfsh create jndi-binding:

  • The --jdbc-driver-class option is now optional.
  • --url is an alias for the --connnection-url option.
  • The --type option now defaults to SIMPLE.
  • The --type=POOLED option defaults to creating a Hikari pool. Or, implement org.apache.geode.datasource.PooledDataSourceFactory to customize the class that implements the pool.

The breaking change represents a rare use case. The change is that a custom class that implements the pool must now implement the org.apache.geode.datasource.PooledDataSourceFactory interface.

Installing Pivotal GemFire 9.7

You can download Pivotal GemFire 9.7 from the Pivotal GemFire product download page.

For details on how to install Pivotal GemFire 9.7, see Installing Pivotal GemFire.

Upgrading to Pivotal GemFire 9.7

To upgrade from an earlier version of GemFire to the current version, see Upgrading Pivotal GemFire.

When servers are upgraded to this GemFire version from a version prior to version 9.1.1, their authentication of client messages is disabled in order to facilitate rolling upgrades. If your clients are set up to send authenticated messages, the servers will honor those messages, but will not enforce authentication until you reinstate authentication on each of the upgraded servers.

To reinstate secure client/server messaging, restart each server with the geode.disallow-internal-messages-without-credentials system property set to true. For example:

gfsh>start server --name=server_name --dir=server_config_dir \
--J=-Dgeode.disallow-internal-messages-without-credentials=true

Resolved Issues

The GemFire 9.7 release is based on the Apache Geode 1.8 release. This section describes issue resolutions that significantly affect GemFire applications. For a list of all issues resolved in Geode 1.8, see the Geode 1.8 Release Notes. Ticket numbers of the form GEODE‑NNNN can be inspected at the Apache Software Foundation site for Geode issues.

Issues Resolved in Pivotal GemFire 9.7

GEODE-5857, GEM-2233: Resolved some race conditions in JMX registration during startup and shutdown.

GEODE-5861: JDBC Connector now uses gfsh jndi-binding instead of jdbc-connection.

GEODE-5925, GEM-2262: Fixed an issue where AcceptorImpl was sending out unnecessary profile update messages during cache closure operations.

GEODE-6078, GEM-2265: Use of Pool APIs for doing operations when multiuser-secure-mode-enabled is set to true no longer causes a java.lang.UnsupportedOperationException.

Known Issues

The HTTP session module creates its region that holds metadata on only one server within a cluster. The region needs to be hosted on all the servers.

To correct the issue on a running cluster, connect to the cluster and run a single gfsh command to create the metadata region on all servers. The command has the form:

create region --name=REGION-NAME --type=REGION-SHORTCUT \
 --enable-statistics \
 --entry-idle-time-custom-expiry=org.apache.geode.modules.util.SessionCustomExpiry

If a context.xml file sets the metadata region’s name, substitute the name for REGION-NAME. If the regionAttributesId in a context.xml file defines a REGION-SHORTCUT, substitute its value for REGION-SHORTCUT in the create region command. See Changing the Default GemFire Configuration in the Tomcat Module for details on the context.xml file.

If the metadata region’s name or type is not set within a context.xml file, then use a REGION-NAME of gemfire_modules_sessions, and use a REGION-SHORTCUT of PARTITION_REDUNDANT. Using these defaults results in the gfsh command:

gfsh>create region --name=gemfire_modules_sessions --type=PARTITION_REDUNDANT \
 --enable-statistics \
 --entry-idle-time-custom-expiry=org.apache.geode.modules.util.SessionCustomExpiry

You can verify that the region is hosted on all servers with the gfsh command:

gfsh>describe region --name=gemfire_modules_sessions

Support

General support includes security vulnerability resolutions and critical bug fixes in all supported minor versions, while other maintenance is applied only to the latest supported minor release.

Obtaining and Installing Security Updates

New versions of Pivotal GemFire often include important security fixes, so Pivotal recommends you keep up to date with the latest releases.

For details about any security fixes in a particular release, see the Pivotal security page.