Apache Kudu Prior Version Release Notes

Flume 1.8+ requires Java 8 at runtime even though the Kudu Flume integration is Java 7 compatible. Flume 1.9 is the default dependency version as of Kudu 1.9.0.

Hadoop 3.0+ requires Java 8 at runtime even though the Kudu Hadoop integration is Java 7 compatible. Hadoop 3.2 is the default dependency version as of Kudu 1.9.0.

Support for Java 7 has been deprecated since Kudu 1.5.0 and may be removed in the next major release.

Kudu now supports location awareness. When configured, Kudu will make a best effort to avoid placing a majority of replicas for a given tablet at the same location. The kudu cluster rebalance tool has been updated to act in accordance with the placement policy of a location-aware Kudu. The administrative documentation has been updated to detail the usage of this feature.

Docker scripts have been introduced to build and run Kudu on various operating systems. See the /docker subdirectory of the source repository for more details. An official repository has been created for Apache Kudu Docker artifacts.

Developers integrating with Kudu can now write Java tests that start a Kudu mini cluster without having to first locally build and install Kudu. This is made possible by the Kudu team providing platform-specific binaries available to Gradle or Maven for download and install at test time. More information on this feature can be found here. This binary test artifact is currently considered to be experimental.

When creating a table, the master now enforces a restriction on the total number of replicas rather than the total number of partitions. If manually overriding --max_create_tablets_per_ts, the maximum size of a new table has effectively been cut by a factor of its replication factor. Note that partitions can still be added after table creation.

The compaction policy has been updated to favor reducing the number of rowsets. This can lead to faster scans and lower bootup times, particularly in the face of a “trickling inserts” workload, where rows are inserted slowly in primary key order (see KUDU-1400).

A tablet-level metric average_diskrowset_height has been added to indicate how much a replica needs to be compacted, as indicated by the average number of rowsets per unit of keyspace.

Scans which read multiple columns of tables undergoing a heavy UPDATE workload are now more CPU efficient. In some cases, scan performance of such tables may be several times faster upon upgrading to this release.

Kudu-Spark users can now provide the short “kudu” format alias to Spark. This enables using .format(“kudu”) in places where you would have needed to provide the fully qualified name like .format(“org.apache.kudu.spark.kudu") or imported org.apache.kudu.spark.kudu._ and used the implicit .kudu functions. The Spark integration documentation has been updated to reflect this improvement.

The KuduSink class has been added to the Spark integration as a StreamSinkProvider, allowing structured streaming writes into Kudu (see KUDU-2640).

The amount of server-side logging has been greatly reduced for Kudu’s consensus implementation and background processes. This logging was determined to be not useful and unnecessarily verbose.

The web UI now more obviously depicts which columns are a part of the primary key (see KUDU-2477).

The kudu table describe tool has been added to support describing table attributes, including schema, partitioning, replication factor, column encodings, compressions, and default values.

The kudu table scan tool has been added to scan rows from a table, supporting comparison, in-list, and is-null predicates.

The kudu locate_row tool has been added to allow users to determine what tablet a given primary key belongs to, and whether a row exists for that primary key.

The kudu diagnose dump_mem_trackers tool is added to allow users to output the contents of the /mem-trackers web UI page in a CSV format.

To avoid glitches and undefined behavior, the Kudu Python client now detects and reports on conflicting/incorrect initialization of the OpenSSL library.

Fixed a crash caused by a race between altering tablet schemas and deleting tablet replicas (see KUDU-1678).

Fixed an issue that would prevent the kudu fs update_dirs tool from removing directories in the presence of tablet tombstones (see KUDU-2680).

The --cmeta_force_fsync flag may be used to fsync Kudu’s consensus metadata more aggressively. Setting this to true may decrease Kudu’s performance, but improve its durability in the face of power failures and forced shutdowns (see KUDU-2195).

Fixed an issue that would cause an excessive amount of RPC traffic from Kudu masters if the tablet servers were configured with duplicated master addresses (see KUDU-2684).

Fixed an issue that would cause the kudu cluster rebalance tool to run indefinitely in the case of tables with a replication factor of 2 (see KUDU-2688).

Fixed an issue that could lead to a failure to bootstrap tablet replicas that were a part of workloads with many alter table operations (see KUDU-2690).

Fixed an issue with the Java scanner’s keepAlive that could lead to a permanent hang in the scanner (see KUDU-2710).

Fixed an issue that would cause undefined behavior upon connecting to a secure cluster concurrently from multiple C++ clients (see KUDU-2706).

Kudu 1.9 clients may connect to servers running Kudu 1.0 or later. If the client uses features that are not available on the target server, an error will be returned.

Rolling upgrade between Kudu 1.8 and Kudu 1.9 servers is believed to be possible though has not been sufficiently tested. Users are encouraged to shut down all nodes in the cluster, upgrade the software, and then restart the daemons on the new version.

Kudu 1.0 clients may connect to servers running Kudu 1.9 with the exception of the below-mentioned restrictions regarding secure clusters.

If a Kudu 1.9 cluster is configured with authentication or encryption set to "required", clients older than Kudu 1.3 will be unable to connect.

If a Kudu 1.9 cluster is configured with authentication and encryption set to "optional" or "disabled", older clients will still be able to connect.

Bankim Bhavsar

Mike Parker

Mitch Barnett

Tim Armstrong

Yingchun Lai

Upgrading directly from Kudu 1.7.0 is supported and no special upgrade steps are required. A rolling upgrade may work, however it has not been tested. When upgrading Kudu, it is recommended to first shut down all Kudu processes across the cluster, then upgrade the software on all servers, then restart the Kudu processes on all servers in the cluster.

Kudu Flume Sink released with Kudu 1.8.0 is compiled against Apache Flume 1.8 and might not function with earlier versions of Flume. Note that Flume 1.8 requires Java 1.8 or higher.

Hadoop 3.0+ requires Java 8 at runtime even though the Kudu Hadoop integration is Java 7 compatible. Hadoop 3.1 is the default dependency version as of Kudu 1.8.0, used by certain features in the Java client.

The -table_num_buckets configuration option of the kudu perf loadgen tool is now removed in favor of -table_num_hash_partitions and -table_num_range_partitions (see KUDU-1861).

Support for Java 7 has been deprecated since Kudu 1.5.0 and may be removed in the next major release.

The producer.skipMissingColumn, producer.skipBadColumnValue, and producer.warnUnmatchedRows Kudu Flume sink configuration parameters have been deprecated in favor of producer.missingColumnPolicy, producer.badColumnValuePolicy, and producer.unmatchedRowPolicy respectively (see KUDU-1882).

Examples showcasing functionality in C++, Java, and Python, previously hosted in a separate repository have been added. They can be found in the examples/ top-level subdirectory.

Added kudu diagnose parse_stacks, a tool to parse sampled stack traces out of a diagnostics log (see KUDU-2353).

Added support for IS NULL and IS NOT NULL predicates to the Kudu Python client (see KUDU-2399).

Introduced manual data rebalancer into the kudu CLI tool. The rebalancer can be used to redistribute table replicas among tablet servers. The rebalancer can be run via kudu cluster rebalance sub-command. Using the new tool, it’s possible to rebalance Kudu clusters of version 1.4.0 and newer.

Added kudu tserver get_flags and kudu master get_flags, two tools that allow superusers to retrieve all the values of command line flags from remote Kudu processes. The get_flags tools support filtering the returned flags by tag, and by default will return only flags that were explicitly set.

Added kudu tablet unsafe_replace_tablet, a tool to replace a tablet with a new one. This tool is meant to be used to recover a table when one of its tablets has permanently lost all replicas. The data in the tablet that is replaced is lost, so this tool should only be used as a last resort (see KUDU-2290).

There is a new metric for each tablet replica tracking the number of election failures since the last successful election attempt and the time since the last heartbeat from the leader (see KUDU-2287).

Kudu now supports building and running on Ubuntu 18.04 (“Bionic Beaver”) (see KUDU-2427).

Kudu now supports building and running against OpenSSL 1.1 (see KUDU-1889).

Added Kerberos support to the Kudu Flume sink (see KUDU-2012).

The Kudu Spark connector now supports Spark Streaming DataFrames (see KUDU-2539).

Added -tables filtering argument to kudu table list (see KUDU-2529).

Clients now support setting a limit on the number of returned rows in scans (see KUDU-16).

Added Pandas support to the Python client (see KUDU-1276).

Enabled configuration of mutation buffer in the Python client (see KUDU-2441).

Added a keepAlive API call to the KuduScanner and AsyncKuduScanner in the Java client. This API can be used to keep the scanners alive on the server when processing of messages will take longer than the scanner TTL (see KUDU-2095).

The Kudu Spark integration now uses the keepAlive API when reading data. By default it will call keepAlive on a scanner with a period of 15 seconds. This will ensure that Spark jobs with large batch sizes or slow processing times do not fail with scanner not found errors (see KUDU-2563).

Number of reactor threads in the C++ client is now configurable (see KUDU-2368).

Added an optimization to reduce CPU consumption when performing hot metadata lookups in the C++ client (see KUDU-1977).

Added an optimization to avoid bottlenecks on getpwuid_r() in libnss during a Raft leader election storm (see KUDU-2395).

Improved rowset tree pruning making scans with open-ended intervals on primary key (see KUDU-2566).

The kudu perf loadgen tool now supports generating range-partitioned tables. The -table_num_buckets configuration is now removed in favor of -table_num_hash_partitions and -table_num_range_partitions (see KUDU-1861).

CFile checksum failures will now cause the affected tablet replicas to be failed and re-replicated elsewhere (see KUDU-2469).

Servers are now able to start up with data directories missing on disk (see KUDU-2359).

The kudu perf loadgen tool now creates tables with a period-separated database name, for example default.loadgen_auto_abc123. This new behavior does not take effect if the --table flag is provided. The database of the table can be changed using a new --auto_database flag. This change is made in anticipation of an eventual Kudu/HMS integration (see KUDU-2191).

Introduced FAILED_UNRECOVERABLE replica health status. This is to mark replicas which are not able to catch up with the leader due to GC-collected segments of WAL and other unrecoverable cases like disk failure. With that, the replica management scheme becomes hybrid: the system evicts replicas with FAILED_UNRECOVERABLE health status before adding a replacement if it anticipates that it can commit the transaction, while in other cases it first adds a non-voter replica and removes the failed one only after promoting a newly added replica to voter role.

Two additional configuration parameters, socketReadTimeoutMs and scanRequestTimeout have been added to the Spark connector to allow better tuning to avoid scan timeouts under high load.

The kudu table tool now supports two new options to rename tables and columns, rename_table and rename_column respectively.

Kudu will now wait for the clock to become synchronized at startup, controlled by a new flag -ntp_initial_sync_wait_secs (see KUDU-2242).

Tablet deletions are now throttled, which will help Kudu clusters remain stable even when many tablets are deleted at once. The number of tablets that a tablet server will delete at once is controlled by the new flag -num_tablets_to_delete_simultaneously (see KUDU-2289).

The kudu cluster ksck tool has been significantly enhanced. It now checks master health and consensus status, displays any unsafe or hidden flags set in the cluster, and produces a summary of the Kudu versions running on the master and tablet servers. In addition, it now supports JSON output, both in pretty-printed and compact form. The output format is controlled by the -ksck_format flag.

When a tablet server was wiped and recreated with the same RPC address, ksck listed it twice, both as healthy, even though only one of them was there. This bug is now fixed by verifying the UUID of the server (see KUDU-2364).

Fixed an issue preventing Kudu from starting when using Vormetric’s encrypted filesystem (secfs2) on ext4 (see KUDU-2406).

Fixed an issue where Kudu’s block cache memory tracking (as seen on the /mem-trackers web UI page) wasn’t accounting for all of the overhead of the cache itself (see KUDU-972).

Fixed an issue where the C++ client would fail to reopen an expired scanner; instead, the client would retry in a tight loop and eventually timeout (see KUDU-2414).

When a tablet is deleted, its write-ahead log recovery directory is also deleted, if it exists (see KUDU-1038).

Fixed a tablet server crash when a tablet is scanned with two predicates on its primary key and the predicates do not overlap (see KUDU-2447).

Fixed an issue where the Kudu MapReduce connector’s KuduTableInputFormat may exhaust its scan too early (see KUDU-2525).

Fixed an issue with failed tablet copies that would cause subsequent tablet copies to crash the tablet server (see KUDU-2293).

Fixed a bug in which incorrect results would be returned in scans following a server restart (see KUDU-2463).

Fixed a bug causing a tablet server crash when a write batch request from a client failed coarse-grained authorization (see KUDU-2540).

Fixed use-after-free in case of WAL replay error (see KUDU-2509).

Fixed authentication token reacquisition in the C++ client (see KUDU-2580).

Fixed a bug where leader logged excessively when the followers fell behind (see KUDU-2322).

Fixed reporting of leader health during lifecycle transitions (see KUDU-2335).

Fixed moving single-replica tablets (see KUDU-2443).

Fixed an error that would cause the kudu CLI tool to unexpectedly exit when the connection to the master or tserver was abruptly closed.

Fixed a rare issue where system failure could leave unexpected null bytes at the end of metadata files, causing Kudu to be unable to restart (see KUDU-2260).

Fixed an issue where kudu cluster ksck running a snapshot checksum scan would use a single snapshot timestamp for all tablets. This caused the checksum process to fail if the checksum process took a long time and the number of tablets was sufficiently large. The tool should now be able to checksum tables even if the process takes many hours. (see KUDU-2179).

Kudu 1.8 clients may connect to servers running Kudu 1.0 or later. If the client uses features that are not available on the target server, an error will be returned.

Kudu 1.0 clients may connect to servers running Kudu 1.8 with the exception of the below-mentioned restrictions regarding secure clusters.

If a Kudu 1.8 cluster is configured with authentication or encryption set to "required", clients older than Kudu 1.3 will be unable to connect.

If a Kudu 1.8 cluster is configured with authentication and encryption set to "optional" or "disabled", older clients will still be able to connect.

Anupama Gupta

Attila Piros

Brian McDevitt

Fengling Wang

Ferenc Szabó

Greg Solovyev

Kiyoshi Mizumaru

Shriya Gupta

Thomas Tauber-Marshall

Tigerquoll

Yao Xu

ZhangYao

helifu

jinxing64

qqchang2nd

Fixed and issue where a leader replica could report a follower’s health status as FAILED instead of FAILED_UNRECOVERABLE. In configurations where the tablet replication factor equals to the total number of tablet servers in the cluster, that lead to situations where the tablet could not be automatically recovered until a new leader was elected or corresponding tablet servers were restarted. (see KUDU-2367).

Fixed an issue where Kudu would fail to start if RLIMIT_NPROC was set to -1. (see KUDU-2377).

Fixed an issue where kudu-spark was unable to connect to secure clusters. (see KUDU-2379).

Fixed an issue where the kudu-python client would not compile in environments where __int128 is not supported. This was most commonly el6 environments. (see KUDU-2412).

Fixed an issue where unaligned loads of __int128 integers could result in a crash. (see KUDU-2378).

Fixed a bug in PartialRow.setMin that could lead to incorrect partition pruning when a decimal column is part of the tables range partition but not a part of the query predicate. (see KUDU-2416).

Fixed an equality check on decimal column predicates that could result in pruning that is too conservative.

Upgrading directly from Kudu 1.6.0 is supported and no special upgrade steps are required. A rolling upgrade of the server side will not work because the default replica management scheme changed, and running masters and tablet servers with different replica management schemes is not supported, see Incompatible Changes in Kudu 1.7.0 for details. However, mixing client and server sides of different versions is not a problem. You can still update your clients before your servers or vice versa. When upgrading to Kudu 1.7, it is required to first shut down all Kudu processes across the cluster, then upgrade the software on all servers, then restart the Kudu processes on all servers in the cluster.

The tcmalloc_contention_time metric, which previously tracked the amount of time spent in memory allocator lock contention, has been removed.

Support for Java 7 has been deprecated since Kudu 1.5.0 and may be removed in the next major release.

Kudu now supports the decimal column type. The decimal type is a numeric data type with fixed scale and precision suitable for financial and other arithmetic calculations where the imprecise representation and rounding behavior of float and double make those types impractical. The decimal type is also useful for integers larger than int64 and cases with fractional values in a primary key. See Decimal Type for more details.

The strategy Kudu uses for automatically healing tablets which have lost a replica due to server or disk failures has been improved. The new re-replication strategy, or replica management scheme, first adds a replacement tablet replica before evicting the failed one. With the previous replica management scheme, the system first evicts the failed replica and then adds a replacement. The new replica management scheme allows for much faster recovery of tablets in scenarios where one tablet server goes down and then returns back shortly after 5 minutes or so. The new scheme also provides substantially better overall stability on clusters with frequent server failures. (see KUDU-1097).

The kudu fs update_dirs tool now supports removing directories. Unless the --force flag is specified, Kudu will not allow the removal of a directory across which tablets are configured to spread data. If specified, all tablet replicas configured to use that directory will fail upon starting up and be replicated elsewhere, provided a majority exists elsewhere.

Users can use the new --fs_metadata_dir to specify the directory in which to place tablet-specific metadata. It is recommended, although not necessary, that this be placed on a high-performance drive with high bandwidth and low latency, e.g. a solid-state drive. If not specified, metadata will be placed in the directory specified by --fs_wal_dir, or in the directory specified by the first entry of --fs_data_dirs if metadata already exists there from a pre-Kudu 1.7 deployment. Kudu will not automatically move existing metadata based on this configuration.

Kudu 1.7 introduces a new scan read mode READ_YOUR_WRITES. Users can specify READ_YOUR_WRITES when creating a new scanner in C++, Java and Python clients. If this mode is used, the client will perform a read such that it follows all previously known writes and reads from this client. Reads in this mode ensure read-your-writes and read-your-reads session guarantees, while minimizing latency caused by waiting for outstanding write transactions to complete. Note that this is still an experimental feature which may be stabilized in future releases.

The tablet server web UI scans dashboard (/scans) has been improved with several new features, including: showing the most recently completed scans, a pseudo-SQL scan descriptor that concisely shows the selected columns and applied predicates, and more complete and better documented scan statistics.

Kudu daemons now expose a web page /stacks which dumps the current stack trace of every thread running in the server. This information can be helpful when diagnosing performance issues.

By default, each tablet replica will now stripe data blocks across 3 data directories instead of all data directories. This decreases the likelihood that any given tablet will be affected in the event of a single disk failure. No substantial performance impact is expected due to this feature based on performance testing. This change only affects new replicas created after upgrading to Kudu 1.7.

Kudu servers previously offered the ability to enable a separate metrics log which stores periodic snapshots of all metrics available on a server. This functionality is now available as part of a more general “diagnostics log” which is enabled by default. The diagnostics log includes periodic dumps of server metrics as well as collections of thread stack traces. The default configuration ensures that no more than 640MB of diagnostics logs are retained, and typically the space consumption is significantly less due to compression. The format and contents of this log file are documented in the Administration guide.

The handling of errors in the synchronous Java client has been improved so that, when an exception is thrown, the stack trace indicates the correct location where the client function was invoked rather than a call stack of an internal worker thread. The original call stack from the worker thread is available as a “suppressed exception”.

The logging of errors in the Java client has been improved to exclude exception stack traces for expected scenarios such as failure to connect to a server in a cluster. Instead, only a single line informational message will be logged in such cases to aid in debugging.

The Java client now uses a predefined prioritized list of TLS ciphers when establishing an encrypted connection to Kudu servers. This cipher list matches the list of ciphers preferred for server-to-server communication and ensures that the most efficient and secure ciphers are preferred. When the Kudu client is running on Java 8 or newer, this provides a substantial speed-up to read and write performance.

Reporting for the kudu cluster ksck tool has been updated so tablets and tables with on-going tablet copies are shown as "recovering". Additional reporting changes have been made to make various common scenarios, particularly tablet copies, less alarming.

The performance of inserting rows containing many string or binary columns has been improved, especially in the case of highly concurrent write workloads.

By default, Spark tasks that scan Kudu will now be able to scan non-leader replicas. This allows Spark to more easily schedule kudu-spark tasks local to the data. Users can disable this behavior by passing 'leader_only' to the 'kudu.scanLocality' option."

The number of OS threads used in the steady state and during bursts of activity (such as in Raft leader elections triggered by a node failure) has been drastically reduced and should no longer exceed the value of ulimit -u. As such, it should no longer be necessary to increase the value of ulimit -u (or of /proc/sys/kernel/threads-max) in order to run a Kudu tablet server in most cases. (see KUDU-1913).

An issue where sparse column predicates could cause excessive data-block reads has been fixed. Previously in certain scans with sparsely matching predicates on multiple columns, Kudu would read and decode the same data blocks many times. The improvement typically results in a 5-10x performance increase for the affected scans. (see KUDU-2231).

The efficiency and on-disk size of large updated values has been improved. This will improve update-heavy workloads which overwrite large (1KiB+) values. (see KUDU-2253).

Fixed a scenario where the on-disk data of a tablet server was completely erased and and a new tablet server was started on the same host. This issue could prevent tablet replicas previously hosted on the server from being evicted and re-replicated. Tablets now immediately evict replicas that respond with a different server UUID than expected. (see KUDU-1613).

Fixed a rare race condition when connecting to masters during their startup which might cause a client to get a response without a CA certificate and/or authentication token. This would cause the client to fail to authenticate with other servers in the cluster. The leader master now always sends a CA certificate and an authentication token (when applicable) to a Kudu client with a successful ConnectToMaster response. (see KUDU-1927).

The Kudu Java client now will retry a connection if no master is discovered as a leader, and the user has a valid authentication token. This avoids failure in recoverable cases when masters are in the process of the very first leader election after starting up. (see KUDU-2262).

The Java client will now automatically attempt to re-acquire Kerberos credentials from the ticket cache when the prior credentials are about to expire. This allows client instances to persist longer than the expiration time of a single Kerberos ticket so long as some other process renews the credentials in the ticket cache. Documentation on interacting with Kerberos authentication has been added to the Javadoc for the AsyncKuduClient class. (see KUDU-2264).

Follower masters are now able to verify authentication tokens even if they have never been a leader. Prior to this fix, if a follower master had never been a leader, clients would be unable to authenticate to that master, resulting in spurious error messages being logged. (see KUDU-2265).

Fixed a tablet server crash when a tablet replica is deleted during a scan. (see KUDU-2295).

The evaluation order of predicates in scans with multiple predicates has been made deterministic. Due to a bug, this was not necessarily the case previously. Predicates are applied in most to least selective order, with ties broken by column index. The evaluation order may change in the future, particularly when better column statistics are made available internally. (see KUDU-2312).

Previously, the kudu tablet change_config move_replica tool required all tablet servers in the cluster to be available when performing a move. This restriction has been relaxed: only the tablet server that will receive a replica of the tablet being moved and the hosts of the tablet’s existing replicas need to be available for the move to occur. (see KUDU-2331).

Fixed a bug in the Java client which prevented the client from locating the new leader master after a leader failover in the case that the previous leader either remained online or restarted quickly. This bug resulted in the client timing out operations with errors indicating that there was no leader master. (see KUDU-2343).

The Unix process username of the client is now included inside the exported security credentials, so that the effective username of clients who import credentials and subsequently use unauthenticated (SASL PLAIN) connections matches the client who exported the security credentials. For example, this is useful to let the Spark executors know which username to use if the Spark driver has no authentication token. This change only affects clusters with encryption disabled using --rpc-encryption=disabled. (see KUDU-2259).

Kudu 1.7 clients may connect to servers running Kudu 1.0 or later. If the client uses features that are not available on the target server, an error will be returned.

Rolling upgrade between Kudu 1.6 and Kudu 1.7 servers is believed to be possible though has not been sufficiently tested. Users are encouraged to shut down all nodes in the cluster, upgrade the software, and then restart the daemons on the new version.

Kudu 1.0 clients may connect to servers running Kudu 1.7 with the exception of the below-mentioned restrictions regarding secure clusters.

If a Kudu 1.7 cluster is configured with authentication or encryption set to "required", clients older than Kudu 1.3 will be unable to connect.

If a Kudu 1.7 cluster is configured with authentication and encryption set to "optional" or "disabled", older clients will still be able to connect.

The newly introduced replica management scheme is not compatible with the old scheme, so it’s not possible to run pre-1.7 Kudu masters with 1.7 Kudu tablet servers or vice versa. This is a server-side incompatibility only and it does not affect client compatibility. In other words, Kudu clients of prior versions are compatible with upgraded Kudu clusters.

The format of the previously-optional metrics log has changed to include a human-readable timestamp on each line. The path of the log file has also changed with the word “diagnostics” replacing the word “metrics” in the file name. The metrics log has been optimized to only include those metrics which have changed in between successive samples, and to not include entity attributes such as tablet partition information in the log. (see KUDU-2297).

Upgrading directly from Kudu 1.5.0 is supported and no special upgrade steps are required. A rolling upgrade may work, however it has not been tested. When upgrading Kudu, it is recommended to first shut down all Kudu processes across the cluster, then upgrade the software on all servers, then restart the Kudu processes on all servers in the cluster.

Support for Spark 1 (kudu-spark_2.10) has been removed in Kudu 1.6.0 and now only Spark 2 is supported. Spark 1 support was deprecated in Kudu 1.5.0.

Support for Java 7 has been deprecated since Kudu 1.5.0 and may be removed in the next major release.

Tablet servers' tolerance of disk failures is now enabled by default and has been extended to handle data directory failures at runtime. In the event of a disk failure at runtime, any tablets with data on a failed disk will be shut down and restarted on another tablet server. There is a configurable tradeoff between a newly added tablet’s tolerance to disk failures and its ability to parallelize reads via the experimental --fs_target_data_dirs_per_tablet flag. Tablets that are spread across fewer disks are less likely to be affected by a disk failure, at the cost of reduced parallelism. By default, tablets are striped across all available disks. Note that the first configured data directory and the WAL directory cannot currently tolerate disk failures. This will be further improved in future Kudu releases.

Kudu servers can now adopt new data directories via the new kudu fs update_dirs tool. The new directory will be used by new tablet replicas only. Note that removing directories is not yet supported (see KUDU-2202).

Kudu servers have two new flags to control webui TLS/HTTPS settings: --webserver_tls_ciphers and --webserver_tls_min_protocol. These flags allow the advertised TLS ciphers and TLS protocol versions to be configured. Additionally, the webserver now excludes insecure legacy ciphers by default (see KUDU-2190).

Kudu servers can now tolerate short interruptions in NTP clock synchronization. NTP synchronization is still required when any Kudu daemon starts up. If NTP synchronization is not available, diagnostic information is now logged to help pinpoint the issue (see KUDU-1578).

Tablet server startup time has been improved significantly on servers containing large numbers of blocks.

The log block manager now performs disk data deletion in batches. This optimization can significantly reduce the time taken to delete data on a tablet.

The usage of sensitive data redaction flag has been slightly changed. By setting --redact=log flag, redaction will be disabled in the web UI but retained for server logs. Alternatively, --redact=none can be used to disable redaction completely.

The Spark DataSource integration now can take advantage of scan locality for better scan performance, the scan will take place at the closest replica instead of going to the leader.

Various optimizations were made to reduce the 99th percentile latency of writes on the tablet server. This can also improve throughput on certain write workloads, particularly on larger clusters.

Kudu may now be configured to ignore system-wide auth_to_local mappings configured in /etc/krb5.conf by setting the configuration flag --use_system_auth_to_local=false (see KUDU-2198).

The performance of the compaction scheduler has been improved. In previous versions, certain types of time series workloads were found to cause compaction scheduling to take tens of seconds. These workloads now schedule compactions an order of magnitude more efficiently.

The compaction scheduler has been improved to avoid running a compaction when the benefit of that compaction is extremely small.

Tablet servers now consider the health of all replicas of a tablet before deciding to evict one. This can improve stability of the Kudu cluster after experiencing multiple simultaneous daemon failures (see KUDU-2048).

Several performance improvements have been made to the Kudu master, particularly in concurrency of clients opening tables. This should improve performance in highly concurrent workloads.

The on-disk size metric for a tablet now includes all data and metadata. Previously, it excluded WAL segments and consensus metadata (see KUDU-1755).

Added verbose mode for the 'kudu cluster ksck' command to enable output of detailed information on the cluster’s metadata, even when no errors are detected.

HybridTime timestamp propagation now works in the Java client when using scan tokens (see KUDU-1411).

Fixed an error message commonly found in tablet server logs indicating that operations were being read "from the future" (see KUDU-1078).

Tombstoned tablets no longer report metrics (see KUDU-2044).

Fixed a bug in the C++ client which could cause tablets to be erroneously pruned, or skipped, during certain scans, resulting in fewer results than expected being returned from queries. The bug only affected tables whose range partition columns are a proper prefix of the primary key (see KUDU-2173).

Published Kudu Java artifacts are now fully compatible with JRE 7 and JRE 8. There was previously a bug in the release process which made them compatible only with JRE 8 (see KUDU-2188).

Fixed a typo in the list of default TLS ciphers used by Kudu servers. As a result, two additional cipher suites are now available:

Kudu 1.6 clients may connect to servers running Kudu 1.0 or later. If the client uses features that are not available on the target server, an error will be returned.

Rolling upgrade between Kudu 1.5 and Kudu 1.6 servers is believed to be possible though has not been sufficiently tested. Users are encouraged to shut down all nodes in the cluster, upgrade the software, and then restart the daemons on the new version.

Kudu 1.0 clients may connect to servers running Kudu 1.6 with the exception of the below-mentioned restrictions regarding secure clusters.

If a Kudu 1.6 cluster is configured with authentication or encryption set to "required", clients older than Kudu 1.3 will be unable to connect.

If a Kudu 1.6 cluster is configured with authentication and encryption set to "optional" or "disabled", older clients will still be able to connect.

Kudu 1.5 now enables the optional ability to compute, store, and verify checksums on all pieces of data stored on a server by default. Due to storage format changes, downgrading to versions 1.3 or earlier is not supported and will result in an error.

Spark 2.2+ requires Java 8 at runtime even though Kudu Spark 2.x integration is Java 7 compatible. Spark 2.2 is the default dependency version as of Kudu 1.5.0.

The kudu-spark-tools module has been renamed to kudu-spark2-tools_2.11 in order to include the Spark and Scala base versions. This matches the pattern used in the kudu-spark module and artifacts.

To improve security, world-readable Kerberos keytab files are no longer accepted by default. Set --allow_world_readable_credentials=true to override this behavior. See KUDU-1955 for additional details.

Support for Java 7 is deprecated as of Kudu 1.5.0 and may be removed in the next major release.

Support for Spark 1 (kudu-spark_2.10) is deprecated as of Kudu 1.5.0 and may be removed in the next minor release.

Tablet servers are now optionally able to tolerate disk failures at startup. This feature is experimental; by default, Kudu will crash if it experiences a disk failure. When enabled, tablets with any data on the failed disk will not be opened and will be replicated as needed. To enable this, set the --crash_on_eio flag to false. Additionally, there is a configurable tradeoff between a newly added tablet’s tolerance to disk failures and its parallelization of I/O via the --fs_target_data_dirs_per_tablet flag. Tablets that are spread across fewer disks are less likely to be affected by a disk failure, at the cost of reduced parallelism. Note that the first configured data directory and the WAL directory cannot currently tolerate disk failures, and disk failures during run-time are still fatal.

Kudu server web UIs have a new configuration dashboard (/config) which provides a high level summary of important security configuration values, such as whether RPC authentication is required, or web server HTTPS encryption is enabled. Other types of configuration will be added in future releases.

The kudu command line tool has two new features: kudu tablet change_config move_replica and kudu local_replica data_size. The 'tablet change_config move_replica' tool moves a tablet replica from one tablet server to another, under the condition that the tablet is healthy. An operator can use this tool to rebalance tablet replicas between tablet servers. The 'local_replica data size' tool summarizes the space usage of a tablet, breaking it down by type of file, column, and rowset.

kudu-client-tools now supports exporting CSV files and importing Apache Parquet files. This feature is unstable and may change APIs and functionality in future releases.

kudu-spark-tools now supports importing and exporting CSV, Apache Avro and Apache Parquet files. This feature is unstable and may change APIs and functionality in future releases.

The log block manager now performs disk synchronization in batches. This optimization can significantly reduce the time taken to copy tablet data from one server to another; in one case tablet copy time is reduced by 35%. It also improves the general performance of flushes and compactions.

A new feature referred to as "tombstoned voting" is added to the Raft consensus subsystem to allow tablet replicas in the TABLET_DATA_TOMBSTONED state to vote in tablet leader elections. This feature increases Kudu’s stability and availability by improving the likelihood that Kudu will be able to self-heal in more edge-case scenarios, such as when tablet copy operations fail. See KUDU-871 for details.

The tablet on-disk size metric has been made more accurate. Previously, the metric included only REDO deltas; it now counts all deltas. Additionally, the metric includes the size of bloomfiles, ad hoc indexes, and the tablet superblock. WAL segments and consensus metadata are still not counted. The latter is very small compared to the size of data, but the former may be significant depending on the workload (this will be resolved in a future release).

The number of threads used by the Kudu tablet server has been further reduced. Previously, each follower tablet replica used a dedicated thread to detect leader tablet replica failures, and each leader replica used one dedicated thread per follower to send Raft heartbeats to that follower. The work performed by these dedicated threads has been reassigned to other threads. Other improvements were made to facilitate better thread sharing by tablets. For the purpose of capacity planning, expect the Kudu tablet server to create one thread for every five "cold" (i.e. those not servicing writes) tablets, and an additional three threads for every "hot" tablet. This will be further improved upon in future Kudu releases.

The Java Kudu client now automatically requests new authentication tokens after expiration. As a result, long-lived Java clients are now supported. See KUDU-2013 for more details.

Multiple Kerberos compatibility bugs have been fixed, including support for environments with disabled reverse DNS, FreeIPA compatibility, principal names including uppercase characters, and hosts without a FQDN.

A bug in the binary prefix decoder which could cause a tablet server 'check' assertion crash has been fixed. The crash could only be triggered in very specific scenarios; see KUDU-2085 for additional details.

Kudu 1.5 clients may connect to servers running Kudu 1.0 or later. If the client uses features that are not available on the target server, an error will be returned.

Rolling upgrade between Kudu 1.4 and Kudu 1.5 servers is believed to be possible though has not been sufficiently tested. Users are encouraged to shut down all nodes in the cluster, upgrade the software, and then restart the daemons on the new version.

Kudu 1.0 clients may connect to servers running Kudu 1.5 with the exception of the below-mentioned restrictions regarding secure clusters.

If a Kudu 1.5 cluster is configured with authentication or encryption set to "required", clients older than Kudu 1.3 will be unable to connect.

If a Kudu 1.5 cluster is configured with authentication and encryption set to "optional" or "disabled", older clients will still be able to connect.

The Maintenance Manager now fully uses the threads it’s given (see the improvements described further below), so it’s now able to generate a lot more IO by flushing and compacting more often. Generally, the recommended ratio of MM threads to data directories is 1:3; operators of clusters above that ratio should be mindful of this when upgrading.

The C++ and Java client libraries now support the ability to alter the storage attributes (e.g. encoding and compression) and default value of existing columns. Additionally, it is now possible to rename a column which is part of a table’s primary key.

The C++ client library now includes an experimental KuduPartitioner API which may be used to efficiently map rows to their associated partitions and hosts. This may be used to achieve better locality or distribution of writes in client applications.

The Java client library now supports enabling fault tolerance on scanners. Fault tolerant scanners are able to transparently recover from concurrent server crashes at the cost of some performance overhead. See the Java API documentation for more details on usage.

The kudu command line tool now includes a new advanced administrative command kudu remote_replica unsafe_change_config. This command may be used to force a tablet to perform an unsafe change of its Raft replication configuration. This can be used to recover from scenarios such as a loss of a majority of replicas, at the risk of losing edits.

The kudu command line tool now includes the kudu fs check command which performs various offline consistency checks on the local on-disk storage of a Kudu Tablet Server or Master. In addition to detecting various inconsistencies or corruptions, it can also detect and remove data blocks that are no longer referenced by any tablet but were not fully removed from disk due to a crash or a bug in prior versions of Kudu.

The kudu command line tool can now be used to list the addresses and identifiers of the servers in the cluster using either kudu master list or kudu tserver list.

Kudu 1.4 now includes the optional ability to compute, store, and verify checksums on all pieces of data stored on a server. Prior versions only performed checksums on certain portions of the stored data. This feature is not enabled by default since it makes a backward-incompatible change to the on-disk formats and thus prevent downgrades. Kudu 1.5 will enable the feature by default.

kudu cluster ksck now detects and reports new classes of inconsistencies and issues. In particular, it is better able to detect cases where a configuration change such as a replica eviction or addition is pending but is unable to be committed. It also now properly detects and reports cases where a tablet has no elected leader.

The default size for Write Ahead Log (WAL) segments has been reduced from 64MB to 8MB. Additionally, in the case that all replicas of a tablet are fully up to date and data has been flushed from memory, servers will now retain only a single WAL segment rather than two. These changes are expected to reduce the average consumption of disk space on the configured WAL disk by 16x, as well as improve the startup speed of tablet servers by reducing the number and size of WAL segments that need to be re-read.

The default on-disk storage system used by Kudu servers (Log Block Manager) has been improved to compact its metadata and remove dead containers. This compaction and garbage collection occurs only at startup. Thus, the first startup after upgrade is expected to be longer than usual, and subsequent restarts should be shorter.

The usability of the Kudu web interfaces has been improved, particularly for the case where a server hosts many tablets or a table has many partitions. Pages that list tablets now include a top-level summary of tablet status and show the complete list under a toggleable section.

The Maintenance Manager has been improved to improve utilization of the configured maintenance threads. Previously, maintenance work would only be scheduled a maximum of 4 times per second, but now maintenance work will be scheduled immediately whenever any configured thread is available. This can improve the throughput of write-heavy workloads.

The Maintenance Manager will now aggressively schedule flushes of in-memory data when memory consumption crosses 60% of the configured process-wide memory limit. The backpressure mechanism which begins to throttle client writes has been accordingly adjusted to not begin throttling until reaching 80% of the configured limit. These two changes together result in improved write throughput, more consistent latency, and fewer timeouts due to memory exhaustion.

Many performance improvements were made to write performance. Applications which send large batches of writes to Kudu should see substantially improved throughput in Kudu 1.4.

Several improvements were made to reduce the memory consumption of Kudu Tablet Servers which hold large volumes of data. The specific amount of memory saved varies depending on workload, but the expectation is that approximately 350MB of excess peak memory usage has been eliminated per TB of data stored.

The number of threads used by the Kudu Tablet Server has been reduced. Previously, each tablet used a dedicated thread to append to its WAL. Those threads now automatically stop running if there is no activity on a given tablet for a short period of time.

KUDU-2020 Fixed an issue where re-replication after a failure would proceed significantly slower than expected. This bug caused many tablets to be unnecessarily copied multiple times before successfully being considered re-replicated, resulting in significantly more network and IO bandwidth usage than expected. Mean time to recovery on clusters with large amounts of data is improved by up to 10x by this fix.

KUDU-1982 Fixed an issue where the Java client would call NetworkInterface.getByInetAddress very often, causing performance problems particularly on Windows where this function can be quite slow.

KUDU-1755 Improved the accuracy of the on_disk_size replica metrics to include the size consumed by bloom filters, primary key indexes, and superblock metadata, and delta files. Note that, because the size metric is now more accurate, the reported values are expected to increase after upgrading to Kudu 1.4. This does not indicate that replicas are using more space after the upgrade; rather, it is now accurately reporting the amount of space that has always been used.

KUDU-1192 Kudu servers will now periodically flush their log messages to disk even if no WARNING-level messages have been logged. This makes it easier to tail the logs to see progress output during normal startup.

KUDU-1999 Fixed the ability to run Spark jobs in "cluster" mode against Kudu clusters secured by Kerberos.

Kudu 1.4 clients may connect to servers running Kudu 1.0 or later. If the client uses features that are not available on the target server, an error will be returned.

Kudu 1.0 clients may connect to servers running Kudu 1.4 with the exception of the below-mentioned restrictions regarding secure clusters.

Rolling upgrade between Kudu 1.3 and Kudu 1.4 servers is believed to be possible though has not been sufficiently tested. Users are encouraged to shut down all nodes in the cluster, upgrade the software, and then restart the daemons on the new version.

If a Kudu 1.4 cluster is configured with authentication or encryption set to "required", clients older than Kudu 1.3 will be unable to connect.

If a Kudu 1.4 cluster is configured with authentication and encryption set to "optional" or "disabled", older clients will still be able to connect.

Kudu servers, by default, will now only allow unencrypted or unauthenticated connections from trusted subnets, which are private networks (127.0.0.0/8,10.0.0.0/8,172.16.0.0/12, 192.168.0.0/16,169.254.0.0/16) and local subnets of all local network interfaces. Unencrypted or unauthenticated connections from publicly routable IPs will be rejected, even if encryption and authentication are not configured.

Kudu 1.3 adds support for strong authentication based on Kerberos. This optional feature allows users to authenticate themselves using Kerberos tickets, and also provides mutual authentication of servers using Kerberos credentials stored in keytabs. This feature is optional, but recommended for deployments requiring security.

Kudu 1.3 adds support for encryption of data on the network using Transport Layer Security (TLS). Kudu will now use TLS to encrypt all network traffic between clients and servers as well as any internal traffic among servers, with the exception of traffic determined to be within a localhost network connection. Encryption is enabled by default whenever it can be determined that both the client and server support the feature.

Kudu 1.3 adds coarse-grained service-level authorization of access to the cluster. The operator may set up lists of permitted users who may act as administrators and as clients of the cluster. Combined with the strong authentication feature described above, this can enable a secure environment for some use cases. Note that fine-grained access control (e.g. table-level or column-level) is not yet supported.

Kudu 1.3 adds a background task to tablet servers which removes historical versions of data which have fallen behind the configured data retention time. This reduces disk space usage in all workloads, but particularly in those with a higher volume of updates or upserts.

Kudu now incorporates Google Breakpad, a library which writes crash reports in the case of a server crash. These reports can be found within the configured log directory, and can be useful during bug diagnosis.

Kudu servers will now change the file permissions of data directories and contained data files based on a new configuration flag --umask. As a result, after upgrading, permissions on disk may be more restrictive than in previous versions. The new default configuration improves data security.

Kudu’s web UI will now redact strings which may include sensitive user data. For example, the monitoring page which shows in-progress scans no longer includes the scanner predicate values. The tracing and RPC diagnostics endpoints no longer include contents of RPCs which may include table data.

By default, Kudu now reserves 1% of each configured data volume as free space. If a volume is seen to have less than 1% of disk space free, Kudu will stop writing to that volume to avoid completely filling up the disk.

The default encoding for numeric columns (int, float, and double) has been changed to BIT_SHUFFLE. The default encoding for binary and string columns has been changed to DICT_ENCODING. Dictionary encoding automatically falls back to the old default (PLAIN) when cardinality is too high to be effectively encoded.

Kudu now uses LZ4 compression when writing its Write Ahead Log (WAL). This improves write performance and stability for many use cases.

Kudu now uses LZ4 compression when writing delta files. This can improve both read and write performance as well as save substantial disk usage, especially for workloads involving a high number of updates or upserts containing compressible data.

The Kudu API now supports the ability to express IS NULL and IS NOT NULL predicates on scanners. The Spark DataSource integration will take advantage of these new predicates when possible.

Both C++ and Java clients have been optimized to prune partitions more effectively when performing scans using the IN (…​) predicate.

The exception messages produced by the Java client are now truncated to a maximum length of 32KB.

KUDU-1893 Fixed a critical bug in which wrong results would be returned when evaluating predicates applied to columns added using the ALTER TABLE operation.

KUDU-1905 Fixed a crash after inserting a row sharing a primary key with a recently-deleted row in tables where the primary key is comprised of all of the columns.

KUDU-1899 Fixed a crash after inserting a row with an empty string as the single-column primary key.

KUDU-1904 Fixed a potential crash when performing random reads against a column using RLE encoding and containing long runs of NULL values.

KUDU-1853 Fixed an issue where disk space could be leaked on servers which experienced an error during the process of copying tablet data from another server.

KUDU-1856 Fixed an issue in which disk space could be leaked by Kudu servers storing data on partitions using the XFS file system. Any leaked disk space will be automatically recovered upon upgrade.

KUDU-1888, KUDU-1906 Fixed multiple issues in the Java client where operation callbacks would never be triggered, causing the client to hang.

Kudu 1.3 clients may connect to servers running Kudu 1.0. If the client uses features that are not available on the target server, an error will be returned.

Kudu 1.0 clients may connect to servers running Kudu 1.3 with the exception of the below-mentioned restrictions regarding secure clusters.

Rolling upgrade between Kudu 1.2 and Kudu 1.3 servers is believed to be possible though has not been sufficiently tested. Users are encouraged to shut down all nodes in the cluster, upgrade the software, and then restart the daemons on the new version.

If a Kudu 1.3 cluster is configured with authentication or encryption set to "required", older clients will be unable to connect.

If a Kudu 1.3 cluster is configured with authentication and encryption set to "optional" or "disabled", older clients will still be able to connect.

Due to storage format changes in Kudu 1.3, downgrade from Kudu 1.3 to earlier versions is not supported. After upgrading to Kudu 1.3, attempting to restart with an earlier version will result in an error.

In order to support running MapReduce and Spark jobs on secure clusters, these frameworks now connect to the cluster at job submission time to retrieve authentication credentials which can later be used by the tasks to be spawned. This means that the process submitting jobs to Kudu clusters must have direct access to that cluster.

The embedded web servers in Kudu processes now specify the X-Frame-Options: DENY HTTP header which prevents embedding Kudu web pages in HTML iframe elements.

Kudu clients and servers now redact user data such as cell values from log messages, Java exception messages, and Status strings. User metadata such as table names, column names, and partition bounds are not redacted.

Kudu’s ability to provide consistency guarantees has been substantially improved:

Kudu servers now automatically limit the number of log files. The number of log files retained can be configured using the max_log_files flag. By default, 10 log files will be retained at each severity level.

The logging in the Java and C++ clients has been substantially quieted. Clients no longer log messages in normal operation unless there is some kind of error.

The C++ client now includes a KuduSession::SetErrorBufferSpace API which can limit the amount of memory used to buffer errors from asynchronous operations.

The Java client now fetches tablet locations from the Kudu Master in batches of 1000, increased from batches of 10 in prior versions. This can substantially improve the performance of Spark and Impala queries running against Kudu tables with large numbers of tablets.

Table metadata lock contention in the Kudu Master was substantially reduced. This improves the performance of tablet location lookups on large clusters with a high degree of concurrency.

Lock contention in the Kudu Tablet Server during high-concurrency write workloads was also reduced. This can reduce CPU consumption and improve performance when a large number of concurrent clients are writing to a smaller number of a servers.

Lock contention when writing log messages has been substantially reduced. This source of contention could cause high tail latencies on requests, and when under high load could contribute to cluster instability such as election storms and request timeouts.

The BITSHUFFLE column encoding has been optimized to use the AVX2 instruction set present on processors including Intel® Sandy Bridge and later. Scans on BITSHUFFLE-encoded columns are now up to 30% faster.

The kudu tool now accepts hyphens as an alternative to underscores when specifying actions. For example, kudu local-replica copy-from-remote may be used as an alternative to kudu local_replica copy_from_remote.

KUDU-1508 Fixed a long-standing issue in which running Kudu on ext4 file systems could cause file system corruption.

KUDU-1399 Implemented an LRU cache for open files, which prevents running out of file descriptors on long-lived Kudu clusters. By default, Kudu will limit its file descriptor usage to half of its configured ulimit.

Gerrit #5192 Fixed an issue which caused data corruption and crashes in the case that a table had a non-composite (single-column) primary key, and that column was specified to use DICT_ENCODING or BITSHUFFLE encodings. If a table with an affected schema was written in previous versions of Kudu, the corruption will not be automatically repaired; users are encouraged to re-insert such tables after upgrading to Kudu 1.2 or later.

Gerrit #5541 Fixed a bug in the Spark KuduRDD implementation which could cause rows in the result set to be silently skipped in some cases.

KUDU-1551 Fixed an issue in which the tablet server would crash on restart in the case that it had previously crashed during the process of allocating a new WAL segment.

KUDU-1764 Fixed an issue where Kudu servers would leak approximately 16-32MB of disk space for every 10GB of data written to disk. After upgrading to Kudu 1.2 or later, any disk space leaked in previous versions will be automatically recovered on startup.

KUDU-1750 Fixed an issue where the API to drop a range partition would drop any partition with a matching lower or upper bound, rather than any partition with matching lower and upper bound.

KUDU-1766 Fixed an issue in the Java client where equality predicates which compared an integer column to its maximum possible value (e.g. Integer.MAX_VALUE) would return incorrect results.

KUDU-1780 Fixed the kudu-client Java artifact to properly shade classes in the com.google.thirdparty namespace. The lack of proper shading in prior releases could cause conflicts with certain versions of Google Guava.

Gerrit #5327 Fixed shading issues in the kudu-flume-sink Java artifact. The sink now expects that Hadoop dependencies are provided by Flume, and properly shades the Kudu client’s dependencies.

Fixed a few issues using the Python client library from Python 3.

Kudu 1.2 clients may connect to servers running Kudu 1.0. If the client uses features that are not available on the target server, an error will be returned.

Kudu 1.0 clients may connect to servers running Kudu 1.2 without limitations.

Rolling upgrade between Kudu 1.1 and Kudu 1.2 servers is believed to be possible though has not been sufficiently tested. Users are encouraged to shut down all nodes in the cluster, upgrade the software, and then restart the daemons on the new version.

The replication factor of tables is now limited to a maximum of 7. In addition, it is no longer allowed to create a table with an even replication factor.

The GROUP_VARINT encoding is now deprecated. Kudu servers have never supported this encoding, and now the client-side constant has been deprecated to match the server’s capabilities.

The Python client has been brought up to feature parity with the Java and C++ clients and as such the package version will be brought to 1.1 with this release (from 0.3). A list of the highlights can be found below.

IN LIST predicate pushdown support was added to allow optimized execution of filters which match on a set of column values. Support for Spark, Map Reduce and Impala queries utilizing IN LIST pushdown is not yet complete.

The Java client now features client-side request tracing in order to help troubleshoot timeouts. Error messages are now augmented with traces that show which servers were contacted before the timeout occurred instead of just the last error. The traces also contain RPCs that were required to fulfill the client’s request, such as contacting the master to discover a tablet’s location. Note that the traces are not available for successful requests and are not programmatically queryable.

Kudu now publishes JAR files for Spark 2.0 compiled with Scala 2.11 along with the existing Spark 1.6 JAR compiled with Scala 2.10.

The Java client now allows configuring scanners to read from the closest replica instead of the known leader replica. The default remains the latter. Use the relevant ReplicaSelection enum with the scanner’s builder to change this behavior.

Tablet servers use a new policy for retaining write-ahead log (WAL) segments. Previously, servers used the 'log_min_segments_to_retain' flag to prioritize any flushes which were retaining log segments past the configured value (default 2). This policy caused servers to flush in-memory data more frequently than necessary, limiting write performance.

Kudu’s implementation of the Raft consensus algorithm has been improved to include a "pre-election" phase. This can improve the stability of tablet leader election in high-load scenarios, especially if each server hosts a high number of tablets.

Tablet server start-up time has been substantially improved in the case that the server contains a high number of tombstoned tablet replicas.

Kudu 1.1 clients may connect to servers running Kudu 1.0. If the client uses the new 'IN LIST' predicate type, an error will be returned.

Kudu 1.0 clients may connect to servers running Kudu 1.1 without limitations.

Rolling upgrade between Kudu 1.0 and Kudu 1.1 servers is believed to be possible though has not been sufficiently tested. Users are encouraged to shut down all nodes in the cluster, upgrade the software, and then restart the daemons on the new version.

The Java client’s CreateTableBuilder and AlterTableBuilder classes have been renamed to CreateTableOptions and AlterTableOptions. Their methods now also return this objects, allowing them to be used as builders.

The Java client’s AbstractKuduScannerBuilder#maxNumBytes() setter is now called batchSizeBytes as is the corresponding property in AsyncKuduScanner. This makes it consistent with the C++ client.

The "kudu-admin" tool can now list and delete tables via its new subcommands "list_tables" and "delete_table <table_name>".

OSX is now supported for single-host development. Please consult its specific installation instructions in OS X.