Merge branch 'cassandra-2.1' into trunk
Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/87d56d12 Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/87d56d12 Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/87d56d12 Branch: refs/heads/trunk Commit: 87d56d12569681ea1304d08d42790c7ec76a1e34 Parents: f843b42 4831ba1 Author: Tyler Hobbs <ty...@datastax.com> Authored: Wed Mar 11 15:09:58 2015 -0500 Committer: Tyler Hobbs <ty...@datastax.com> Committed: Wed Mar 11 15:09:58 2015 -0500 ---------------------------------------------------------------------- NEWS.txt | 4 ++++ 1 file changed, 4 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cassandra/blob/87d56d12/NEWS.txt ---------------------------------------------------------------------- diff --cc NEWS.txt index d68460b,4ead1ea..c742f08 --- a/NEWS.txt +++ b/NEWS.txt @@@ -13,70 -13,8 +13,74 @@@ restore snapshots created with the prev 'sstableloader' tool. You can upgrade the file format of your snapshots using the provided 'sstableupgrade' tool. +3.0 +=== + +New features +------------ + - Authentication & Authorization APIs have been updated to introduce + roles. Roles and Permissions granted to them are inherited, supporting + role based access control. The role concept supercedes that of users + and CQL constructs such as CREATE USER are deprecated but retained for + compatibility. The requirement to explicitly create Roles in Cassandra + even when auth is handled by an external system has been removed, so + authentication & authorization can be delegated to such systems in their + entirety. + - In addition to the above, Roles are also first class resources and can be the + subject of permissions. Users (roles) can now be granted permissions on other + roles, including CREATE, ALTER, DROP & AUTHORIZE, which removesthe need for + superuser privileges in order to perform user/role management operations. + - Creators of database resources (Keyspaces, Tables, Roles) are now automatically + granted all permissions on them (if the IAuthorizer implementation supports + this). + - SSTable file name is changed. Now you don't have Keyspace/CF name + in file name. Also, secondary index has its own directory under parent's + directory. + - Support for user-defined functions and user-defined aggregates have + been added to CQL. + - Row-cache is now fully off-heap. + - jemalloc is now automatically preloaded and used on Linux and OS-X if + installed. + - Please ensure on Unix platforms that there is no libjnadispath.so + installed which is accessible by Cassandra. Old versions of + libjna packages (< 4.0.0) will cause problems - e.g. Debian Wheezy + contains libjna versin 3.2.x. + + +Upgrading +--------- + - Pig's CqlStorage has been removed, use CqlNativeStorage instead + - IAuthenticator been updated to remove responsibility for user/role + maintenance and is now solely responsible for validating credentials, + This is primarily done via SASL, though an optional method exists for + systems which need support for the Thrift login() method. + - IRoleManager interface has been added which takes over the maintenance + functions from IAuthenticator. IAuthorizer is mainly unchanged. Auth data + in systems using the stock internal implementations PasswordAuthenticator + & CassandraAuthorizer will be automatically converted during upgrade, + with minimal operator intervention required. Custom implementations will + require modification, though these can be used in conjunction with the + stock CassandraRoleManager so providing an IRoleManager implementation + should not usually be necessary. + - Fat client support has been removed since we have push notifications to clients + - cassandra-cli has been removed. Please use cqlsh instead. + - YamlFileNetworkTopologySnitch has been removed; switch to + GossipingPropertyFileSnitch instead. + - CQL2 has been removed entirely in this release (previously deprecated + in 2.0.0). Please switch to CQL3 if you haven't already done so. + - Very large batches will now be rejected (defaults to 50kb). This + can be customized by modifying batch_size_fail_threshold_in_kb. + - The results of CQL3 queries containing an IN restriction will be ordered + in the normal order and not anymore in the order in which the column values were + specified in the IN restriction. ++ - Some secondary index queries with restrictions on non-indexed clustering ++ columns were not requiring ALLOW FILTERING as they should. This has been ++ fixed, and those queries now require ALLOW FILTERING (see CASSANDRA-8418 ++ for details). + 2.1.4 ===== + Upgrading --------- - The option to omit cold sstables with size tiered compaction has been