Changelog History
-
v2020.12-additions
November 25, 2020 -
v3.8.10-beta.1 Changes
November 09, 2020RabbitMQ 3.8.10-beta.1
๐ RabbitMQ
3.8.10-beta.1
is a preview of a maintenance release.
๐ Besides containing several bug fixes, it introduces a couple new features for quorum queues.๐ This release no longer supports Erlang 21.3.
Erlang/OTP Compatibility Notes
๐ This release requires Erlang 22 or
Erlang 23.๐ Erlang 21.3 is no longer supported.
๐22.3
or23.1
releases are recommended.๐ Provisioning Latest Erlang Releases explains
๐ฆ what package repositories and tools can be used to provision latest patch versions of Erlang22.3.x
.โฌ๏ธ Upgrade and Compatibility Notes
โฌ๏ธ Upgrade Doc Guides and Change Log
๐ See 3.8.0 release notes upgrade and
๐ compatibility notes first if upgrading from an earlier release series (e.g.3.7.x
).๐ See the Upgrading guide for general documentation on upgrades and
๐ RabbitMQ change log for release notes of other releases.โฌ๏ธ Upgrading to Erlang 22.x or Later Versions
๐ When upgrading to this release from
3.7.15
or an older version, extra care has to be taken.๐ Because older RabbitMQ CLI tools can be incompatible with Erlang 22+ releases,
โฌ๏ธ RabbitMQ must be upgraded at the same time as Erlang.โฌ๏ธ Alternatively the node can be upgraded to
3.7.18
on Erlang 21.3 first,
๐ then Erlang 22.x or 23.x, then RabbitMQ to the most recent 3.8.x release.Getting Help
๐ Any questions about this release, upgrades or RabbitMQ in general are welcome on the RabbitMQ mailing list
and RabbitMQ community Slack.๐ Changes Worth Mentioning
Core Server
๐ Bug Fixes
Starting with
3.8.0
, an unintentionally introduced assertion could prevent classic mirrored queue
mirrors from starting successfully in case the primary replica changed concurrently with their startup.GitHub issue: rabbitmq/rabbitmq-server#2449
๐ฒ Syslog dependency was not started correctly. This meant no log messages were sent to Syslog.
GitHub issue: rabbitmq/rabbitmq-server#2456
rabbitmq-diagnostics check_if_node_is_quorum_critical
returned a false positive for a node marked for maintenance.
โฌ๏ธ Given the refinement to therabbitmq-upgrade drain
command in rabbitmq/rabbitmq-server#2474,
rabbitmq-diagnostics check_if_node_is_quorum_critical
now will unconditionally return a success
if target node is under maintanence.GitHub issue: rabbitmq/rabbitmq-server#2469
๐ Queues could update their internal bookkeeping state incorrectly in some cases, leading to a
file_handle_cache
๐ป operation exception.GitHub issue: rabbitmq/rabbitmq-server#2488
โจ Enhancements
Quorum queues now can use the
reject-publish
max length overflow strategy.GitHub issue: rabbitmq/rabbitmq-server#2407
๐ Quorum queues now support consumer priority.
GitHub issue: rabbitmq/rabbitmq-server#2451
Per-user connection and queue limits. This is similar to per-vhost limits but,
as the name suggests, these limits are associated for a given user.The limits are controlled using CLI tools or the HTTP API:
# limits user "user-e8d3f85c" to up to five connections, ten channels and a fifty queuesrabbitmqctl set\_user\_limits "user-e8d3f85c" '{"max-connections": 5, "max-channels": 10, "max-queues": 50}'# clears the maximum number of queues limit for the userrabbitmqctl clear\_user\_limits "user-e8d3f85c" "max-queues"# clears all limits for the userrabbitmqctl clear\_user\_limits "user-e8d3f85c" "all"
Contributed by Erlang Solutions, sponsored by CloudAMQP.
GitHub issue: rabbitmq/rabbitmq-server#607, rabbitmq/rabbitmq-server#2380
๐ง TLSv1.3 is no longer considered experimental (on Erlang 23) and excluded from TLS listener configuration.
GitHub issue: rabbitmq/rabbitmq-common#415
๐ง When a node is put under maintenance, it will now stop all local quorum queue replicas after completing
leadership transfer. This means that no quorum queue replicas on the node will be considered for
leader elections.GitHub issue: rabbitmq/rabbitmq-server#2474
Nodes now keep track of failed client authentication attempts and expose it as a metric via both the Prometheus endpoint
and the HTTP API atGET /api/auth/attempts/{node}
.๐ The tracking is done for every cluster node individually. The protocols that support authentication attempt tracking
right now are AMQP 0-9-1, AMQP 1.0 and MQTT.GitHub issue: rabbitmq/rabbitmq-server#2436
rabbitmq.conf
schema now allows for peer certificate chain verification depth to be set to zero.
When this value is used, peer certificate must be signed by a trusted CA certificate directly in order
for the verification to pass.GitHub issue: rabbitmq/rabbitmq-server#2493
RABBITMQ_IO_THREAD_POOL_SIZE
will no longer be respected by RabbitMQ nodes. It is no longer relevant
with supported Erlang versions and will simplifyrabbitmq-diagnostics runtime_thread_stats
output.GitHub issue: rabbitmq/rabbitmq-server#2473
The
+K
runtime parameter is no longer used by RabbitMQ nodes as it has no effect
๐ with supported Erlang versions.Contributed by Ayanda Dube (Erlang Solutions).
GitHub issue: rabbitmq/rabbitmq-server#2470
CLI
โจ Enhancements
rabbitmq-queues peek
is a new command that allows for peeking at a queue position. It is only
๐ supported by quorum queues (and not classic queues):# peeks at the head of queue "qq.1" in virtual host "staging"rabbitmq-queues peek --vhost "staging" "qq.1 1"
GitHub issue: rabbitmq/rabbitmq-cli#452
rabbitmq-queues reclaim_quorum_memory
is a new command that forces Raft WAL compaction which in most cases should reduce memory footprint of a quorum queue:rabbitmq-queues reclaim\_quorum\_memory --vhost "staging" "qq.1"
GitHub issue: rabbitmq/rabbitmq-cli#453
๐ Bug Fixes
rabbitmqctl rename_cluster_node
failed with an error about a missing directory.GitHub issue: rabbitmq/rabbitmq-cli#457
๐ Force removal of a node did not remove it from quorum queue member lists.
GitHub issue: rabbitmq/rabbitmq-server#2414
CLI tools now pick a unique identifier from a pool. Previously the pool of possible values was theoretically
unbounded, which could result in an atom table exhaustion condition on long running nodes that
had a lot of CLI tool invocations (e.g. CLI tools were used to collect monitoring data frequently).Such use of CLI tools for monitoring is not recommended:
๐ there are better options such as Prometheus and Grafana.GitHub issue: rabbitmq/rabbitmq-cli#461
๐ Federation Plugin
๐ Bug Fixes
โฑ Federation links that failed to connect due to a TCP connection timeout leaked resources.
Other connection failure scenarios did not result in a leak.GitHub issue: rabbitmq/rabbitmq-federation#119
๐ Management Plugin
โจ Enhancements
Individual health checks are now available through the HTTP API.
GitHub issue: rabbitmq/rabbitmq-management#844
๐ Bug Fixes
โก๏ธ Quorum queue consumer counter on on the queue list page was not updated when consumers were cancelled or failed.
GitHub issue: rabbitmq/rabbitmq-server#2421
The aliveness check endpoint now responds with a
503 Service Unavailable
instead of a 500 when
โ it cannot publish a test message, e.g. because a policy with zero message TTL was applied to all queues.GitHub issue: rabbitmq/rabbitmq-management#855
๐ AWS Peer Discovery Plugin
AWS API request errors are now propagated. This means that should an AWS API request fail,
the peer discovery subsystem will retry it a limited number of times.Contributed by Stefan @stefanmoser Moser.
GitHub issue: rabbitmq/rabbitmq-peer-discovery-aws#40
โฌ๏ธ Dependency Upgrades
- โฌ๏ธ
cowboy
was upgraded from 2.6.1 to 2.8.0
Source code archives
โ Warning : The source code archive provided by GitHub only contains the source of the broker, not the plugins or the client libraries.
Please download the archive namedrabbitmq-server-3.8.10.tar.xz
. - โฌ๏ธ
-
v3.8.9 Changes
September 24, 2020RabbitMQ 3.8.9
๐ RabbitMQ
3.8.9
is a maintenance release.
๐ It focuses on bug fixes and usability improvements.๐ This release no longer supports Erlang 21.3.
Erlang 23 Compatibility
๐ This release is compatible with Erlang 23.
Erlang/OTP Compatibility Notes
This release requires Erlang/OTP 22.0 or later.
๐22.3
or23.0
releases are recommended.๐ Provisioning Latest Erlang Releases explains
๐ฆ what package repositories and tools can be used to provision latest patch versions of Erlang22.3.x
.โฌ๏ธ Upgrade and Compatibility Notes
โฌ๏ธ Upgrade Doc Guides and Change Log
๐ See 3.8.0 release notes upgrade and
๐ compatibility notes first if upgrading from an earlier release series (e.g.3.7.x
).๐ See the Upgrading guide for general documentation on upgrades and
๐ RabbitMQ change log for release notes of other releases.โฌ๏ธ Upgrading to Erlang 22.x or Later Versions
๐ When upgrading to this release from
3.7.15
or an older version, extra care has to be taken.๐ Because older RabbitMQ CLI tools can be incompatible with Erlang 22+ releases,
โฌ๏ธ RabbitMQ must be upgraded at the same time as Erlang.โฌ๏ธ Alternatively the node can be upgraded to
3.7.18
on Erlang 21.3 first,
๐ then Erlang 22.x or 23.x, then RabbitMQ to most recent 3.8.x release.Getting Help
๐ Any questions about this release, upgrades or RabbitMQ in general are welcome on the RabbitMQ mailing list.
๐ Changes Worth Mentioning
Core Server
๐ Bug Fixes
Starting with
3.8.0
, an unintentionally introduced assertion could prevent classic mirrored queue
mirrors from starting successfully in case the primary replica changed concurrently with their startup.GitHub issue: rabbitmq/rabbitmq-server#2449
โจ Enhancements
0๏ธโฃ Raft implementation's failure detector default polling interval has been increased from 1s to 5s.
0๏ธโฃ The previously used default results in too frequent leader elections in networks with high packet loss
(say, double digit percent).โ This has no correctness or safety ramifications, however, automated tests that assert on Raft properties
or expect a very fast leader re-election may have to set it back so that peer failures are detected quicker.GitHub issue: rabbitmq/rabbitmq-server#2450
๐ Management Plugin
๐ Bug Fixes
๐ The now deprecated intrusive health check endpoint,
GET /api/healthchecks/node
, reported failures in the response
but always set the status to200 OK
. It now uses the status of500
in case of a failure.RabbitMQ Monitoring guide explains why
this health check is no longer recommended and what the alternatives are.GitHub issue: rabbitmq/rabbitmq-management#840
โจ Enhancements
๐ When a client doubly encodes a request into JSON, the plugin tries to detect that and will produce a more
helpful 400 response instead of a 500.GitHub issue: rabbitmq/rabbitmq-management#839
๐ Federation Plugin
๐ Bug Fixes
When a classic mirrored queue with a replica on every cluster node (this is highly discouraged) was federated,
๐ multiple links could be started by the plugin, potentially making message transfers concurrent
and affecting ordering.GitHub issue: rabbitmq/rabbitmq-federation#114
โจ Enhancements
It is now possible to federate exchanges in different virtual hosts in the same cluster for more than one hop.
For example, federate messages from an exchange in virtual host B to C, while B itself is federated from
virtual host A. Previously such messages would have been filtered by the message cycle detection algorithm
which assumed that exchanges are only federated across clusters.GitHub issue: rabbitmq/rabbitmq-federation#116
๐ Kubernetes Peer Discovery Plugin
๐ Bug Fixes
๐ Kubernetes API events registered by this plugin mixed up reason and message fields.
Contributed by Gabriele Santomaggio.
GitHub issue: rabbitmq/rabbitmq-peer-discovery-k8s#70
๐ OAuth 2 AuthN/AuthZ Plugin
โจ Enhancements
๐ Improved compatibility with Azure AD. This plugin can now be configured to fetch scopes from a non-standard
field in the decoded token value (other than the standardscopes
field).Contributed by @Robert-Gustafsson.
GitHub issue: rabbitmq/rabbitmq-auth-backend-oauth2#53
Source code archives
โ Warning : The source code archive provided by GitHub only contains the source of the broker, not the plugins or the client libraries.
Please download the archive namedrabbitmq-server-3.8.9.tar.xz
. -
v3.8.8 Changes
September 03, 2020RabbitMQ 3.8.8
๐ RabbitMQ
3.8.8
is a maintenance release.
๐ It focuses on bug fixes and usability improvements.๐ง This releases introduces a new node operation mode, called the maintenance mode.
โฌ๏ธ This feature is useful when performing rolling upgrades and is covered
in more detail below.๐ This is the last RabbitMQ release to support Erlang 21.3.
Erlang 23 Compatibility
๐ This release is compatible with Erlang 23.
Erlang/OTP Compatibility Notes
This release requires Erlang/OTP 21.3 or later.
๐22.3
or23.0
releases are recommended.๐ Provisioning Latest Erlang Releases explains
๐ฆ what package repositories and tools can be used to provision latest patch versions of Erlang22.3.x
.โฌ๏ธ Upgrade and Compatibility Notes
โฌ๏ธ Upgrade Doc Guides and Change Log
๐ See 3.8.0 release notes upgrade and
๐ compatibility notes first if upgrading from an earlier release.๐ See the Upgrading guide for general documentation on upgrades and
๐ RabbitMQ change log for release notes of other releases.โฌ๏ธ Upgrading to Erlang 22.x or Later Versions
๐ When upgrading to this release from
3.7.15
or an older version, extra care has to be taken.๐ Because older RabbitMQ CLI tools can be incompatible with Erlang 22+ releases,
โฌ๏ธ RabbitMQ must be upgraded at the same time as Erlang.โฌ๏ธ Alternatively the node can be upgraded to
3.7.18
on Erlang 21.3 first,
๐ then Erlang 22.x or 23.x, then RabbitMQ to most recent 3.8.x release.Getting Help
๐ Any questions about this release, upgrades or RabbitMQ in general are welcome on the RabbitMQ mailing list.
๐ Changes Worth Mentioning
Core Server
โจ Enhancements
๐ง Maintenance mode. This is a new mode operation mode for RabbitMQ nodes. The mode is explicitly turned
๐ on and off by the operator using a bunch of new CLI commands (see below). For mixed-version cluster
compatibility, this feature must be enabled using a feature flag.๐ง When a node is being put down for maintenance and in maintenance mode, it will not be available for
serving client traffic and will try to transfer as many of its responsibilities as practically possible
and safe.Currently this involves the following steps:
- Suspend all client connection listeners (no new client connections will be accepted)
- Close all existing client connections: applications are expected to reconnect to other nodes and recover
- Transfer primary replicas of all classic mirrored queues hosted on the target node
- Transfer primary replicas of all quorum queues hosted on the target node, and prevent them from participating
in the subsequently triggered Raft elections - Mark the node as down for maintenance
- At this point, a node shutdown will be least disruptive as the node has already transferred most of its
responsibilities
๐ง A node in maintenance mode will not be considered for new primary queue replica placement,
regardless of queue type and the queue master locator policy used.โฌ๏ธ A node in maintenance mode is expected to be shut down, upgraded or reconfigured, and restarted in a short
period of time. Nodes are not expected to be running in this mode for long periods of time.๐ง A node in maintenance mode can be revived, that is, brough back into its regular operational state.
โฌ๏ธ When a node is revived restarted (e.g. after an upgrade), it will again accept client connections
and be considered for primary queue replica placements. It will not recover previous client connections
as RabbitMQ never initiates connections to clients, but clients will be able to reconnect to it.This feature is expected to evolve based on the feedback from the community, the field and the
RabbitMQ core team at VMware. For example, it can be adjusted based on the learnings when
โ adding upgrades support to the RabbitMQ Cluster Operator for Kubernetes.GitHub issue: rabbitmq/rabbitmq-server#2321
CLI
โจ Enhancements
โฌ๏ธ
rabbitmq-upgrade drain
is a new command that puts a node in maintenance mode (see above).
โฌ๏ธrabbitmq-upgrade revive
is its counterpart that "revives" a node by putting it into the regular
operating mode.rabbitmqctl suspend_listeners
is a new command that suspends all client connection listeners
(ports) on the node. This means that existing connections won't be affected but no new connections
โฌ๏ธ will be accepted. This can be useful during upgrades, in particular using the
๐ Blue/Green deployment strategy.rabbitmqctl resume_listeners
resumes all client listeners so that they accept new client connections
again.All these commands will have an effect only if the
maintenance_mode_status
flag is enabled.GitHub issue: rabbitmq/rabbitmq-cli#419
๐ MQTT Plugin
๐ Bug Fixes
Abrupt client connection termination could result in an Erlang process leak. This resource leak
affects RabbitMQ versions between3.8.5
and3.8.7
, inclusive.GitHub issue: rabbitmq/rabbitmq-mqtt#239
๐ Management Plugin
๐ Bug Fixes
A node that had a lot of on disk data and constrainted resources could spend a very long time
๐ activating the plugin while queue primary replicas were busy recovering the data.GitHub issue: rabbitmq/rabbitmq-server#2437
๐ OAuth 2 AuthN/AuthZ Plugin
โจ Enhancements
๐ Simplified scope merging code specific to Keycloak.
Contributed by Simon @SimonAlling Alling.
GitHub issue: rabbitmq/rabbitmq-auth-backend-oauth2#52
โฌ๏ธ Dependency Upgrades
- โฌ๏ธ
cuttlefish
was upgraded from 2.3.0 to 2.4.1
Source code archives
โ Warning : The source code archive provided by GitHub only contains the source of the broker, not the plugins or the client libraries.
Please download the archive namedrabbitmq-server-3.8.8.tar.xz
. -
v3.8.7 Changes
August 17, 2020RabbitMQ 3.8.7
๐ RabbitMQ
3.8.7
is a maintenance release that patches
๐ a security vulnerability.๐ RabbitMQ Core team would like to thank Ofir Hamam and Tomer Hadad at Ernst & Young's Hacktics Advanced Security Center
๐ for researching and responsibly disclosing the vulnerability addressed in this release.Erlang/OTP Compatibility Notes
This release requires Erlang/OTP 21.3 or later.
๐22.3
or23.0
releases are recommended.๐ Provisioning Latest Erlang Releases explains
๐ฆ what package repositories and tools can be used to provision latest patch versions of Erlang22.3.x
.โฌ๏ธ Upgrade Doc Guides and Change Log
๐ See 3.8.0 release notes upgrade and
๐ compatibility notes first if upgrading from an earlier release.๐ See the Upgrading guide for general documentation on upgrades and
๐ RabbitMQ change log for release notes of other releases.โฌ๏ธ Upgrading to Erlang 21.x or Later Versions
๐ When upgrading to this release from
3.7.6
or an older version, extra care has to be taken.๐ Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
โฌ๏ธ RabbitMQ must be upgraded at the same time as Erlang.โฌ๏ธ Alternatively the node can be upgraded to
3.7.18
first, then Erlang 22.x or 23.x, then RabbitMQ to most recent
๐ 3.8.x release.Getting Help
๐ Any questions about this release, upgrades or RabbitMQ in general are welcome on the RabbitMQ mailing list.
๐ Changes Worth Mentioning
Core Server
๐ Bug Fixes
โ Addressed a Windows-specific binary planting security vulnerability CVE-2020-5419 that allowed for arbitrary code execution.
The vulnerability requires the attacker to have local access and elevated privileges,
and cannot be executed remotely.๐ป CVSS score:
6.7
(medium severity).๐ This vulnerability was researched and responsibly disclosed by
๐ Ofir Hamam and Tomer Hadad at Ernst & Young's Hacktics Advanced Security Center.โฌ๏ธ In a mixed version cluster, virtual host limits were incorrectly reported for yet-to-be-upgraded nodes.
Contributed by @mnxumalo.
GitHub issue: rabbitmq/rabbitmq-server#2430
CLI Tools
๐ Bug Fixes
Definition export using
rabbitmqctl export_definitions
exported optional queue arguments as blank.
Export performed via the HTTP API was not affected by this problem.GitHub issue: rabbitmq/rabbitmq-server#2427
Invoking
rabbitmqctl
(or other tools) without any arguments produced help output that was inconsistent
fromrabbitmqctl help
in line spacing.๐ Federation Plugin
๐ Bug Fixes
๐ Links in some environments upgraded from earlier
3.8.x
versions could run into a data coercion exception
when connection credentials were unencrypted.GitHub issue: rabbitmq/rabbitmq-federation#112
๐ Shovel Plugin
๐ Bug Fixes
Shovels where the source is AMQP 1.0 endpoint now gracefully handle link detachment
if the remote end set theclosed
attribute tofalse
.Contributed by @tstorck.
GitHub issue: rabbitmq/rabbitmq-amqp1.0-client#56
โ Removed some debug logging that was unintentionally polluting standard output even when
๐ฒ debug logging was not enabled.Contributed by @sircinek.
GitHub issue: rabbitmq/rabbitmq-amqp1.0-client#54
โฌ๏ธ Dependency Upgrades
- โฌ๏ธ
credentials_obfuscation
was upgraded from 2.1.1 to 2.2.0
Source code archives
โ Warning : The source code archive provided by GitHub only contains the source of the broker, not the plugins or the client libraries.
Please download the archive namedrabbitmq-server-3.8.7.tar.xz
. - โฌ๏ธ
-
v3.8.6 Changes
August 04, 2020RabbitMQ 3.8.6
๐ RabbitMQ
3.8.6
is a maintenance release.
๐ It focuses on bug fixes and usability improvements.RabbitMQ Adopts the Mozilla Public License 2.0
๐ Starting with this release, core RabbitMQ server and all tier 1 plugins
are relicensed under the Mozilla Public License 2.0
(previously used license: the Mozilla Public License 1.1).The permissiveness of the MPL 2.0 is largely the same as of the MPL 1.1.
๐ See the MPL 2.0 FAQ and
๐ MPL 2.0 Revision and Changes FAQ to learn more.Erlang 23 Compatibility
๐ This release is compatible with Erlang 23.
Erlang/OTP Compatibility Notes
This release requires Erlang/OTP 21.3 or later.
๐22.3
or23.0
releases are recommended.๐ Provisioning Latest Erlang Releases explains
๐ฆ what package repositories and tools can be used to provision latest patch versions of Erlang22.3.x
.โฌ๏ธ Upgrade and Compatibility Notes
๐ Deprecations
๐ This release removed HiPE precompilation support. HiPE has been deprecated and
mostly unmaintained since Erlang 22, and will be replaced with a JIT in Erlang 24
in 2021.rabbitmqctl hipe\_compile
and
hipe\_compile = true
are both retained for backwards compatibility but they won't have any effect.
โฌ๏ธ Upgrade Doc Guides and Change Log
๐ See 3.8.0 release notes upgrade and
๐ compatibility notes first if upgrading from an earlier release.๐ See the Upgrading guide for general documentation on upgrades and
๐ RabbitMQ change log for release notes of other releases.โฌ๏ธ Upgrading to Erlang 21.x or Later Versions
๐ When upgrading to this release from
3.7.6
or an older version, extra care has to be taken.๐ Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
โฌ๏ธ RabbitMQ must be upgraded at the same time as Erlang.โฌ๏ธ Alternatively the node can be upgraded to
3.7.18
first, then Erlang 22.x or 23.x, then RabbitMQ to most recent
๐ 3.8.x release.Getting Help
๐ Any questions about this release, upgrades or RabbitMQ in general are welcome on the RabbitMQ mailing list.
๐ Changes Worth Mentioning
Core Server
License Change
RabbitMQ has been relicensed under the Mozilla Public License 2.0
(previously used license: the Mozilla Public License 1.1).The permissiveness of the MPL 2.0 is largely the same as of the MPL 1.1.
๐ See the MPL 2.0 FAQ and
๐ MPL 2.0 Revision and Changes FAQ to learn more.๐ Deprecations
โ Removed HiPE pre-compilation support.
GitHub issue: rabbitmq/rabbitmq-server#2392
๐ Bug Fixes
Definition import on node boot (via the built-in
load_definitions
configuration setting ) is now performed
๐ after plugins are enabled.This resolves a long-standing chicken-and-egg dependency problem that prevented definitions
๐ that depend on plugins being functional from being successfully imported during node boot.๐ Note that definition import via the management plugin (
management.load_definitions
) is still
performed during management plugin activation time and therefore can not offer any guarantees
๐ as some plugins may be enabled after the management one.Some affected features include
- federation upstreams
- dynamic shovels
- ๐ exchanges of types provided by plugins such as rabbitmq-consistent-hash-exchange
GitHub issue: rabbitmq/rabbitmq-server#2384
Similarly, client connection listeners (both TCP and TLS-enabled) are now started after
๐ plugin activation. This makes certain configurations that use the trust store plugin
behave as expected.GitHub issue: rabbitmq/rabbitmq-server#2405
๐ Environment variables prefixed with
RABBITMQ_
were ignored when used in therabbitmq-env.conf
file,
while their prefixless counterparts worked as expected.GitHub issue: rabbitmq/rabbitmq-common#401
โจ Enhancements
๐
rabbitmq.conf
config parser now accepts lines that only consist of whitespace.GitHub issue: rabbitmq/rabbitmq-server#2393
CLI Tools
๐ Deprecations
๐
rabbitmqctl hipe_compile
is now a no-op. HiPE support has been deprecated in Erlang 22
๐ will be removed in Erlang 24.GitHub issue: rabbitmq/rabbitmq-cli#433
๐ง The use of the `
environment variable to configure the [shared secret](https://www.rabbitmq.com/cli.html#erlang-cookie) is now deprecated. ๐ Use the [local file](https://www.rabbitmq.com/cli.html#cookie-file-locations) option instead or, if the value absolutely must be provided on the command line, the
--erlang-cookie [value]` switch.GitHub issue: rabbitmq/rabbitmq-cli#443
๐ Bug Fixes
rabbitmqctl export_definitions
incorrectly serialised runtime parameter values.GitHub issue: rabbitmq/rabbitmq-cli#435
CTL_ERL_ARGS
environment variable was unintentionally ignored starting with version3.8.4
.GitHub issue: rabbitmq/rabbitmq-server#2394
[command] --help
andhelp [command]
output had minor unintentional inconsistencies.GitHub issue: rabbitmq/rabbitmq-cli#437
โจ Enhancements
rabbitmq-queues check_if_node_is_quorum_critical
andrabbitmq-queues check_if_node_is_mirror_sync_critical
checks
have been adjusted. They now special case single node clusters as the check does not make much sense
in those environments.rabbitmq-queues check_if_node_is_mirror_sync_critical
now also excludes exclusive queues from
consideration as they, even if matched by a policy that enables classic queue mirroring,
would not actually be mirrored.GitHub issue: rabbitmq/rabbitmq-cli#432
rabbitmq-diagnostics status
now includes the total amount of memory used by the node in its
regular output. It was previously only available when--formatter=json
switch was used.GitHub issue: rabbitmq/rabbitmq-cli#449
rabbitmq-diagnostics erlang_cookie_sources
is a new command that helps with troubleshooting
CLI tool authentication to nodes by listing relevant environment information about the
shared secret. The actual secret
is not displayed for obvious security reasons.GitHub issue: rabbitmq/rabbitmq-cli#446
rabbitmqct eval_file
is a new command that evaluates Erlang code expressions from a local file
on the target node:rabbitmqctl eval\_file /path/to/code\_snippet.escript
GitHub issue: rabbitmq/rabbitmq-cli#438
rabbitmqct eval
now accepts code snippets from standard input:rabbitmqctl eval \<\<EOF io:format("~p~n", [rabbit:product\_info()]). rabbitmqctl eval \< code\_snippet.escript
GitHub issue: rabbitmq/rabbitmq-cli#438
rabbitmq-diagnostics resolve_hostname
is a new command that resolves a hostname either locally
or on the node, and returns the resolved IPv4 or IPv6 addresses.The command can help quickly detect hostname resolution irregularities on a node, including
the effects of Erlang inetrc file settings.
Hostname resolution issues can cause CLI tools, cluster formation and peer reconnection to
not work as expected.Some examples:
rabbitmq-diagnostics resolve\_hostname "google.com" --address-family ipv4 rabbitmq-diagnostics resolve\_hostname "google.com" --address-family ipv6 --offline
GitHub issue: rabbitmq/rabbitmq-cli#431
All CLI tools now provide an
autocomplete [prefix]
command that lists command completion
options. It is intended to be used to implement autocompletion of command names in shells.GitHub issue: rabbitmq/rabbitmq-cli#439
๐ Management Plugin
๐ Bug Fixes
๐ The plugin could send the
authorization
header asnull
in some cases before a successful login.Contributed by @furkhat.
GitHub issue: rabbitmq/rabbitmq-management#833
โจ Enhancements
๐โโ The UI now uses more human-friendly information units when displaying client network traffic rate values.
Contribute by @seadog007.
GitHub issue: rabbitmq/rabbitmq-management#827
๐ Federation Plugin
๐ Bug Fixes
In environments where
rabbitmq_federation.pgroup_name_cluster_id
is not set or set toundefined
,
๐ links will treat such values as afalse
(the default) instead of failing with an exception.GitHub issue: rabbitmq/rabbitmq-federation#109
๐ MQTT Plugin
๐ Bug Fixes
๐ The plugin could fail to accept new client connections with an exception in some cases.
GitHub issue: rabbitmq/rabbitmq-mqtt#235
๐ Web STOMP Plugin
โจ Enhancements
๐ Certain Web Socket errors are now handled more gracefully.
๐ GitHub issue: rabbitmq/rabbitmq-web-stomp#123
๐ Web MQTT Plugin
โจ Enhancements
๐ Certain Web Socket errors are now handled more gracefully.
๐ GitHub issue: rabbitmq/rabbitmq-web-mqtt#64
๐ AuthN/AuthZ Backend HTTP Plugin
๐ Bug Fixes
๐ง Virtual host access checks failed in certain complex configurations.
GitHub issue: rabbitmq/rabbitmq-auth-backend-http#100
โฌ๏ธ Dependency Upgrades
- โฌ๏ธ
cuttlefish
was upgraded from 2.2.0 to 2.3.0 - โฌ๏ธ
credentials_obfuscation
was upgraded from 2.0.0 to 2.1.1
Source code archives
โ Warning : The source code archive provided by GitHub only contains the source of the broker, not the plugins or the client libraries.
Please download the archive namedrabbitmq-server-3.8.6.tar.xz
. -
v3.8.6-rc.2
July 29, 2020 -
v3.8.6-rc.1 Changes
July 28, 2020RabbitMQ 3.8.6-rc.1
๐ RabbitMQ
3.8.6-rc.1
is a preview of a maintenance release.
๐ It focuses on bug fixes and usability improvements.RabbitMQ Adopts the Mozilla Public License 2.0
๐ Starting with this release, core RabbitMQ server and all tier 1 plugins
are relicensed under the Mozilla Public License 2.0
(previously used license: the Mozilla Public License 1.1).The permissiveness of the MPL 2.0 is largely the same as of the MPL 1.1.
๐ See the MPL 2.0 FAQ and
๐ MPL 2.0 Revision and Changes FAQ to learn more.Erlang 23 Compatibility
๐ This release is compatible with Erlang 23.
Erlang/OTP Compatibility Notes
This release requires Erlang/OTP 21.3 or later.
๐22.3
or23.0
releases are recommended.๐ Provisioning Latest Erlang Releases explains
๐ฆ what package repositories and tools can be used to provision latest patch versions of Erlang22.3.x
.โฌ๏ธ Upgrade and Compatibility Notes
๐ Deprecations
๐ This release removed HiPE precompilation support. HiPE has been deprecated and
mostly unmaintained since Erlang 22, and will be replaced with a JIT in Erlang 24
in 2021.rabbitmqctl hipe\_compile
and
hipe\_compile = true
are both retained for backwards compatibility but they won't have any effect.
โฌ๏ธ Upgrade Doc Guides and Change Log
๐ See 3.8.0 release notes upgrade and
๐ compatibility notes first if upgrading from an earlier release.๐ See the Upgrading guide for general documentation on upgrades and
๐ RabbitMQ change log for release notes of other releases.โฌ๏ธ Upgrading to Erlang 21.x or Later Versions
๐ When upgrading to this release from
3.7.6
or an older version, extra care has to be taken.๐ Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
โฌ๏ธ RabbitMQ must be upgraded at the same time as Erlang.โฌ๏ธ Alternatively the node can be upgraded to
3.7.18
first, then Erlang 22.x or 23.x, then RabbitMQ to most recent
๐ 3.8.x release.Getting Help
๐ Any questions about this release, upgrades or RabbitMQ in general are welcome on the RabbitMQ mailing list.
๐ Changes Worth Mentioning
Core Server
License Change
RabbitMQ has been relicensed under the Mozilla Public License 2.0
(previously used license: the Mozilla Public License 1.1).The permissiveness of the MPL 2.0 is largely the same as of the MPL 1.1.
๐ See the MPL 2.0 FAQ and
๐ MPL 2.0 Revision and Changes FAQ to learn more.๐ Deprecations
โ Removed HiPE pre-compilation support.
GitHub issue: rabbitmq/rabbitmq-server#2392
๐ Bug Fixes
๐ง Definition import on node boot (via
load_definitions
configuration setting) is now performed
๐ after plugins are enabled.This resolves a long standing chicken-and-egg dependency problem that prevented definitions
๐ that depend on plugins being functional from being successfully imported during node boot.Some affected features include
- federation upstreams
- dynamic shovels
- exchanges of types provided by plugins such as rabbitmq-consistent-hash-exchange
GitHub issue: rabbitmq/rabbitmq-server#2384
Similarly, client connection listeners (both TCP and TLS-enabled) are now started after
๐ plugin activation. This makes certain configurations that use the trust store plugin
behave as expected.GitHub issue: rabbitmq/rabbitmq-server#2405
๐ Environment variables prefixed with
RABBITMQ_
were ignored when used in therabbitmq-env.conf
file,
while their prefixless counterparts worked as expected.GitHub issue: rabbitmq/rabbitmq-common#401
โจ Enhancements
๐
rabbitmq.conf
config parser now accepts lines that only consist of whitespace.GitHub issue: rabbitmq/rabbitmq-server#2393
CLI Tools
๐ Deprecations
๐
rabbitmqctl hipe_compile
is now a no-op. HiPE support has been deprecated in Erlang 22
๐ will be removed in Erlang 24.GitHub issue: rabbitmq/rabbitmq-cli#433
๐ง The use of the `
environment variable to configure the [shared secret](https://www.rabbitmq.com/cli.html#erlang-cookie) is now deprecated. ๐ Use the [local file](https://www.rabbitmq.com/cli.html#cookie-file-locations) option instead or, if the value absolutely must be provided on the command line, the
--erlang-cookie [value]` switch.GitHub issue: rabbitmq/rabbitmq-cli#443
๐ Bug Fixes
rabbitmqctl export_definitions
incorrectly serialised runtime parameter values.GitHub issue: rabbitmq/rabbitmq-cli#435
CTL_ERL_ARGS
environment variable was unintentionally ignored starting with version3.8.4
.GitHub issue: rabbitmq/rabbitmq-server#2394
[command] --help
andhelp [command]
output had minor unintentional inconsistencies.GitHub issue: rabbitmq/rabbitmq-cli#437
โจ Enhancements
rabbitmq-queues check_if_node_is_quorum_critical
andrabbitmq-queues check_if_node_is_mirror_sync_critical
checks
have been adjusted. They now special case single node clusters as the check does not make much sense
in those environments.rabbitmq-queues check_if_node_is_mirror_sync_critical
now also excludes exclusive queues from
consideration as they, even if matched by a policy that enables classic queue mirroring,
would not actually be mirrored.GitHub issue: rabbitmq/rabbitmq-cli#432
rabbitmq-diagnostics erlang_cookie_sources
is a new command that helps with troubleshooting
CLI tool authentication to nodes by listing relevant environment information about the
shared secret. The actual secret
is not displayed for obvious security reasons.GitHub issue: rabbitmq/rabbitmq-cli#446
rabbitmqct eval_file
is a new command that evaluates Erlang code expressions from a local file
on the target node:rabbitmqctl eval\_file /path/to/code\_snippet.escript
GitHub issue: rabbitmq/rabbitmq-cli#438
rabbitmqct eval
now accepts code snippets from standard input:rabbitmqctl eval \<\<EOF io:format("~p~n", [rabbit:product\_info()]). rabbitmqctl eval \< code\_snippet.escript
GitHub issue: rabbitmq/rabbitmq-cli#438
rabbitmq-diagnostics resolve_hostname
is a new command that resolves a hostname either locally
or on the node, and returns the resolved IPv4 or IPv6 addresses.The command can help quickly detect hostname resolution irregularities on a node, including
the effects of Erlang inetrc file settings.
Hostname resolution issues can cause CLI tools, cluster formation and peer reconnection to
not work as expected.Some examples:
rabbitmq-diagnostics resolve\_hostname "google.com" --address-family ipv4 rabbitmq-diagnostics resolve\_hostname "google.com" --address-family ipv6 --offline
GitHub issue: rabbitmq/rabbitmq-cli#431
All CLI tools now provide an
autocomplete [prefix]
command that lists command completion
options. It is intended to be used to implement autocompletion of command names in shells.GitHub issue: rabbitmq/rabbitmq-cli#439
๐ Management Plugin
๐ Bug Fixes
๐ The plugin could send the
authorization
header asnull
in some cases before a successful login.Contributed by @furkhat.
GitHub issue: rabbitmq/rabbitmq-management#833
โจ Enhancements
๐โโ The UI now uses more human-friendly information units when displaying client network traffic rate values.
Contribute by @seadog007.
GitHub issue: rabbitmq/rabbitmq-management#827
๐ Federation Plugin
๐ Bug Fixes
In environments where
rabbitmq_federation.pgroup_name_cluster_id
is not set or set toundefined
,
๐ links will treat such values as afalse
(the default) instead of failing with an exception.GitHub issue: rabbitmq/rabbitmq-federation#109
๐ MQTT Plugin
๐ Bug Fixes
๐ The plugin could fail to accept new client connections with an exception in some cases.
GitHub issue: rabbitmq/rabbitmq-mqtt#235
๐ Web STOMP Plugin
โจ Enhancements
๐ Certain Web Socket errors are now handled more gracefully.
๐ GitHub issue: rabbitmq/rabbitmq-web-stomp#123
๐ Web MQTT Plugin
โจ Enhancements
๐ Certain Web Socket errors are now handled more gracefully.
๐ GitHub issue: rabbitmq/rabbitmq-web-mqtt#64
๐ AuthN/AuthZ Backend HTTP Plugin
๐ Bug Fixes
๐ง Virtual host access checks failed in certain complex configurations.
GitHub issue: rabbitmq/rabbitmq-auth-backend-http#100
โฌ๏ธ Dependency Upgrades
- โฌ๏ธ
cuttlefish
was upgraded from 2.2.0 to 2.3.0
Source code archives
โ Warning : The source code archive provided by GitHub only contains the source of the broker, not the plugins or the client libraries.
Please download the archive namedrabbitmq-server-3.8.6.tar.xz
. -
v3.8.6-beta.1
July 27, 2020 -
v3.7.28 Changes
August 17, 2020RabbitMQ 3.7.28
๐ RabbitMQ
3.7.28
is a security patch release.๐ RabbitMQ
3.7.x
series are out of general support and covered by the limited extended support policy
through October 1st, 2020.
โฌ๏ธ Please consider upgrading to RabbitMQ3.8.x
.๐ RabbitMQ Core team would like to thank Ofir Hamam and Tomer Hadad at Ernst & Young's Hacktics Advanced Security Center
๐ for researching and responsibly disclosing the vulnerability addressed in this release.Erlang/OTP Compatibility Notes
๐ This release no longer supports Erlang/OTP 20.3.
Erlang21.3+
is now a hard requirement checked on node startup.โฌ๏ธ Make sure a supported Erlang version is used before upgrading.
๐ Provisioning Latest Erlang Releases explains
๐ฆ what package repositories and tools can be used to provision latest patch versions of Erlang21.3.x
and22.x
.Compatibility Notes
โฌ๏ธ Upgrading to Erlang 21.x or Later Versions
โฌ๏ธ When upgrading to this release and upgrading Erlang to 21.x or later at the same time, extra care has to be taken.
๐ Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
โฌ๏ธ RabbitMQ must be upgraded before Erlang.โฌ๏ธ Upgrade Doc Guides and Change Log
๐ See 3.7.0 release notes upgrade
๐ and compatibility notes first if upgrading from an earlier release.๐ See the Upgrading guide for general documentation on upgrades
๐ and RabbitMQ change log for release notes of other releases.Getting Help
๐ Any questions about this release, upgrades or RabbitMQ in general are welcome on the
RabbitMQ mailing list.๐ Changes
Core Server
๐ Bug Fixes
โ Addressed a Windows-specific binary planting security vulnerability CVE-2020-5419 that allowed for arbitrary code execution.
The vulnerability requires the attacker to have local access and elevated privileges,
and cannot be executed remotely.๐ป CVSS score:
6.7
(medium severity).๐ This vulnerability was researched and responsibly disclosed by
๐ Ofir Hamam and Tomer Hadad at Ernst & Young's Hacktics Advanced Security Center.Source code archives
โ Warning : The source code archive provided by GitHub only contains the source of the broker,
๐ not the plugins or the client libraries. Please download the archive namedrabbitmq-server-3.7.28.tar.xz
.