Friday, 24 January 2020

Infinispan Operator 1.1.0 is out!

We’re pleased to announce version 1.1.0 of the Infinispan Operator for Kubernetes and OpenShift.

This release includes a bunch of very exciting features! Let’s dig into them:

Full Lifecycle

Infinispan Operator 1.1.0 is rated at the Full Lifecycle capacity level, which means the Operator now provides advanced cluster management capabilities and functionality to handle demanding workloads.

One of the key new features in this release is graceful shutdown, which lets you bring clusters down safely to avoid data loss.

During cluster shutdown, caches can passivate in-memory entries to persistent storage along with the internal Infinispan state that maps which nodes own which entries. When you bring Infinispan clusters back, all your data is restored to memory.

Check out the Graceful Shutdown docs for more information.

Graceful shutdown also enables the Infinispan Operator to perform reliable upgrades.

When a new version of the Infinispan Operator starts, it checks for running Infinispan clusters that were created by an older Operator version.

If the Operator detects a cluster that requires upgrade, it invokes a graceful shutdown on the cluster and then brings it back with the new Infinispan version.

You can perform upgrade manually or automatically with the Operator Lifecycle Manager on OpenShift.

Note that Operators installed via the OperatorHub on OpenShift Container Platform are managed by the Operator Lifecyle Manager.

Cache vs DataGrid

This version of the Infinispan Operator delivers Cache and DataGrid services.

By default the Operator starts Infinispan clusters as Cache services, which provides a quick way to set up in-memory caching that stores data off-heap and keeps single copies of data in the cluster.

DataGrid services, on the other hand, are suited to more advanced use cases where you control and define the configuration that you need.

Cross-Site Replication

The Infinispan Operator simplifies cross-site replication set up with DataGrid services so you can back data up between separate Kubernetes or OpenShift clusters.

All you need to do is specify which type of external Kubernetes service to expose, the list of all backup locations, access secrets, and the local site name.

Find out more at: Cross-Site Replication

Automatic TLS configuration

If you’re running on Openshift and have a service that serves certificates, the Operator automatically asks for certificates sets up TLS for your endpoint connections. Encrypted by default with zero effort!

Get it, Use it, Ask us!

Try the simple tutorial for the Operator, which has been updated for this version. The tutorial shows how to install the Operator manually, but it can also be installed via the Operator Hub on OpenShift.

You can report bugs, chat with us, ask questions on StackOverflow.

Finally, a detailed list of issues and features for this version can be found here.

Posted by Galder Zamarreño on 2020-01-24
Tags: release operator

Monday, 23 December 2019

Infinispan 10.1.0.Final

Hi there,

we finish 2019 in style with the Final release of Infinispan 10.1, codenamed "Turia".

Server console

The highlight of this release is the new server console which is now based on Patterfly 4 and React.js. We will soon have a blog post detailing the work that has been done and our future plans. In the meantime, here are a few screenshots:

Welcome Page
Console Caches
Console Cache Stats

Security

Many changes related to security have happened since 10.0:

  • Native SSL/TLS provided by WildFly OpenSSL. The server only ships with native libraries for Linux x86_64, but you can download natives for other platforms and architectures

  • Improved usability of the Hot Rod client configuration with better defaults

  • Full support for authorization for admin operations via the RESTful endpoint

  • Console authentication support

  • Kerberos authentication for both Hot Rod (GSSAPI, GS2) and HTTP/Rest (SPNEGO)

  • Improved LDAP realm configuration with connection tuning and attribute references

  • Rewritten client/server security documentation including examples on how to create certificate chains, connecting to various LDAP directories and KeyCloak, etc.

Server

  • A command-line switch to specify an alternate logging configuration file

  • Query and indexing operations/stats are now exposed over the RESTful API

  • Tasks and Scripting support

  • Support for binding the endpoints to 0.0.0.0 / ::0 (aka INADDR_ANY)

Non-blocking

More work has landed on the quest to completely remove blocking calls from our internals. The following have been made non-blocking:

  • State transfer

  • The size operation

  • Cache stream ops with primitive types

Additionally caches now have a reactive Publisher which is intended as a fully non-blocking approach to distributed operations.

Query

  • The query components have been reorganized so that they are more modular.

Monitoring

  • The introduction of histogram and timer metrics.

  • The /metrics endpoint now includes base and vendor microprofile metrics

Stores

  • The REST cache store has been updated to use the v2 RESTful API.

Removals and deprecations

  • The old RESTful API (v1) has been partially reinstated until 11.0. Bulk ops are disabled.

  • The Infinispan Lucene Directory has been deprecated.

  • The memcached protocol server has been deprecated. If you were relying on this, come and talk to us about working on a binary protocol implementation.

Bug fixes, clean-ups and documentation

Over 160 issues fixed including a lot of documentation updates. See the full list of changes and fixes

Get it, Use it, Ask us!

Please download, report bugs, chat with us, ask questions on StackOverflow.

Posted by Tristan Tarrant on 2019-12-23
Tags: release

Monday, 09 December 2019

Infinispan 10.1.0.CR1

Dear Infinispan community,

as we are closing in on 10.1, we have been working on a lot of polishing and bugfixing.

Server

  • The new console has received a lot of improvements,

  • A new welcome page

  • A command-line switch to specify an alternate logging configuration file

Query

The query components have been reorganized so that they are more modular.

Monitoring

  • The introduction of histogram and timer metrics.

Stores

  • The REST cache store has been updated to use the v2 RESTful API.

Removals and deprecations

  • The old RESTful API (v1) has been removed

  • The Infinispan Lucene Directory has been deprecated.

  • The memcached protocol server has been deprecated. If you were relying on this, come and talk to us about working on a binary protocol implementation.

Bug fixes, clean-ups and documentation

Over 40 issues fixed including a lot of documentation updates. See the full list of changes and fixes

Get it, Use it, Ask us!

Please download, report bugs, chat with us, ask questions on StackOverflow.

Infinispan 10.1.0.Final is scheduled for December the 20th.

Posted by Tristan Tarrant on 2019-12-09
Tags: release candidate release

Monday, 02 December 2019

Infinispan's new image

Infinispan 10 introduced a new server, which does not utilise the same launch commands and configuration as the legacy 9.4 wildfly based server. Therefore, we decided that this was an excellent opportunity to rewrite our container image from scratch to better suite the capabilities of the new server and to provide all the functionality required by the Infinispan Operator.

This post focuses on the server image’s architecture. Future blog posts will focus on more advanced configurations, as well as example usage and deployment scenarios such as deploying a cluster using Kubernetes StatefulSets.

Show me the code!

The source code for the Infinispan image has a new home. The image can be found at https://github.com/infinispan/infinispan-images. Currently this repository only contains the server image, however our intention is for this to also be the home for all future Infinispan related images.

Where’s the Dockerfile?

The most noticable change when looking at the repository is that there is no Dockerfile in the source tree. This is because we decided to utilise the open-source tool CEKit to build our images. CEKit is an image creation tool that allows container images to be created using multiple build engines (e.g. docker, Buildah, Podman) with a single configuration. Installation instructions can be found here, but the basic command to create a Docker based image is as follows.

cekit build docker

CEKit leverages .yaml files for all configuration, opposed to a Dockerfile, as this allows for build time overriding of image properties. For example, with CEKit it’s possible to override the server artifact version without modifying any files, instead the following is passed as a build parameter.

cekit build --overrides '{"artifacts": [{"name": "server.zip", "path": "infinispan-server-10.0.0-SNAPSHOT.zip"}]}' docker

More detailed instructions about how to build the server image from source can be found in the image’s documentation.

Ok so where can I get a pre-built image?

Previously the Infinispan images were deployed exclusively under the jboss namespace at jboss/infinispan-server, however this repository has now been deprecated and will be removed eventually.

Instead, all Infinispan images will now be released under the infinispan namespace and are hosted at both Quay.io and Docker Hub, as quay.io/infinispan/server and infinispan/server.

Getting Started

To get started with infinispan server on your local machine simply execute:

docker run -p 11222:11222 infinispan/server

By default the image has authentication enabled on all exposed endpoints. When executing the above command the image automatically generates a username/password combo, prints the values to stdout and then starts the Infinispan server with the authenticated Hotrod and Rest endpoints exposed on port 11222. Therefore, it’s necessary to utilise the printed credentials when attempting to access the exposed endpoints via clients.

It’s also possible to provide a username/password combination via environment variables like so:

docker run -p 11222:11222 -e USER="Titus Bramble" -e PASS="Shambles" infinispan/server

Connecting via Hotrod

Using the credentials passed in the command above, it is now possible to connect via the HotRod client using the following hotrod-client.properties file. Note, that the following SASL properties must be configured on your client, with the username and password properties changed as required, otherwise the connection will fail:

infinispan.remote.auth-realm=default
  infinispan.remote.auth-server-name=infinispan
  infinispan.remote.auth-username=Titus Bramble
  infinispan.remote.auth-password=Shambles

Connecting via REST

The REST endpoint is configured to utilise the DIGEST protocol, therefore it’s necessary for the HTTP client to authenticate requests. For example, the name of all caches can be retrieved via the following curl command:

 curl --digest -u "Titus Bramble:Shambles" http://localhost:11222/rest/v2/cache

Further Reading

For more detailed information abou how to use the image, please consult the official documentation.

In the next blog post we will look at how the server can be configured for more advanced use-cases by supplying configuration and identity .yaml files.

Get it, Use it, Ask us!

Please download, report bugs, chat with us, ask questions on StackOverflow.

Posted by Ryan Emerson on 2019-12-02
Tags: docker

Monday, 25 November 2019

Infinispan Operator 1.0.1

Dear Infinispan community,

we know you are happy with the new shining 10.0.0 Infinispan release, but if you are among those who are missing a new operator version for safely running your Infinispan Chupachabra in the clound, this post is for you!

Versioning and channels

This is our first blog post about 1.0.x operator series (yeah, sorry 1.0.0 we forgot about you) and as you can notice there’s no Alpha, Beta or CR label at the end of the release tag. This is because OperatorHub and Openshift Catalog only allow numerical version like Maj.Min.Mic and instead of labels we now use the channel to indicate the stability of a release. We have 2 live channels at the moment for the Infinispan operator: stable and dev-preview. Current stable is 0.3.2 which is for the 9.x Infinispan cluster and current dev-preview is 1.0.1 which works with 10.x clusters.

New features

  • New Infinispan image configuration: we cleaned up the image configuration process: instead of rely on a large set of env variables, now the operator configures the Infinispan image via a single .yaml file.

  • Container configurability: CR .yaml file lets you configure memory and CPU (and also extras Java opts) assigned to the container;

  • Encryption: TLS can be setup providing TLS certificates or using platform service as the Openshift seriving certs service (TLS will be on by default in the next release);

  • We now have some good docs: https://infinispan.org/infinispan-operator/master/operator.html;

  • Project README has been also improved: https://github.com/infinispan/infinispan-operator/blob/1.0.1/README.md;

Get it

The Infinispan Operator 1.0.1 works on Kind/Kubernetes 1.16 (CI) and Openshift 3.11, 4.x (developed on). You can install it:

And remember: it’s a dev-preview release, you can have a lot of fun with it!

Contribute

As usual source code is open at: https://github.com/infinispan/infinispan-operator. You can see what’s going on, comment the code or the new pull requests, ask for new features and also develop them!

Thanks for following us, Infinispan

Posted by Vittorio Rigamonti on 2019-11-25
Tags: dev-preview release
back to top