Apache HTTP Server

Farewell, June --we're wrapping up the month with another great week. Here's what happened: ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Statement by The Apache ... [More] Software Foundation Board of Directors https://s.apache.org/y2w0 - Next Board Meeting: 17 July. Board calendar and minutes http://apache.org/foundation/board/calendar.html ApacheCon™ –the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998 - Registration is OPEN for ApacheCon North America/Las Vegas (9-12 September) and Europe/Berlin (22-24 October) https://www.apachecon.com/ - TRAVEL ASSISTANCE applications for ApacheCon Europe now open. Apply today! http://www.apache.org/travel/ ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at a smashing 100%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/ Apache Code Snapshot –this week, 442 Apache contributors changed 1,110,628 lines of code over 2,911 commits. Top 5 contributors, in order, are: Brahma Reddy Battula, Jean-Baptiste Onofré, Mark Thomas,Claus Ibsen, and Ash Berlin-Taylor. Apache Project Announcements –the latest updates by category. Big Data -- - Apache Atlas 0.8.4 released http://atlas.apache.org/ - Apache Calcite 1.20.0 released https://calcite.apache.org/ - Apache Druid (incubating) 0.15.0 released https://druid.apache.org/ - Apache Kafka 2.3.0 released https://kafka.apache.org/ Did You Know?  - Did you know that Apache Kibble has begun to share a series of factoids on the ASF --called "Apache Social Facts"-- that contain great insight on the evolution of the Foundation and Apache community at large? Visit http://kibble.apache.org/ and follow @ApacheKibble on Twitter! - Did you know the ASF has more than 7,000 committers, and more than 10 times as many have contributed to Apache projects since the ASF's incorporation 20 years ago? https://projects.apache.org/timelines.html - Did you know that you can support the ASF at any time with a tax-deductible donation? The cost of a premium cup of coffee is what it takes to support a single Apache project for one day. Raise a cup! https://donate.apache.org Apache Community Notices:  - Celebrating 20 Years Community-led Development "The Apache Way" https://s.apache.org/ASF20thAnniversary  - ASF Founders look back on 20 Years of the ASF https://blogs.apache.org/foundation/entry/our-founders-look-back-on  - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI  - Foundation Reports and Statements http://www.apache.org/foundation/reports.html  - ApacheCon: Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon  - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits  - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq  - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport  - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3  - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA  - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache  - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation  - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity  - The list of Apache project-related MeetUps can be found at http://events.apache.org/event/meetups.html  - Registration is open for ApacheCon North America 9-12 September 2019 http://apachecon.com/  - Spark + AI Summit 2019 will be held 15-17 October in Amsterdam https://databricks.com/sparkaisummit/  - CFP and Registration open for ApacheCon Europe 22-24 October 2019 http://apachecon.com/  - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache Camel, Apache HTTP Server, and more! https://helpwanted.apache.org/  - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby = = = For real-time updates, sign up for Apache-related news by sending mail to [email protected] and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers. [Less]

It is with a mix of sadness and appreciation that the ASF Board accepted the resignations of Board Member Jim Jagielski, Chairman Phil Steitz, and Executive Vice President Ross Gardler last month. As an ASF co-founder, Jim has held every ... [More] officer position since the Foundation’s incorporation, with the exception of a one-year break in 2018. He has played a substantial role in the development and success of the organization and is a recognized advocate of Open Source at the developer and corporate levels. An ASF Member since 2005, Phil was instrumental in the adoption, growth, and ubiquity of Apache Java projects across many industries, most visibly financial services. He served as Vice President Apache Commons for four years, and as ASF Chairman August 2017 - May 2019. Ross has been championing The Apache Way to governments, corporations, and educational institutions for nearly two decades. Since becoming an ASF Member in 2005, he served as Vice President of Community Development (2009-2012), ASF Director and President (2015-2016), and ASF Executive Vice President October 2016 - May 2019. We laud their contributions to many of the ASF's achievements over the past two decades [1]. Their motivation, vision, and passion is truly inspiring. Whilst we will greatly miss their day-to-day leadership at the executive level, we are heartened that the Foundation will continue to benefit through their participation as ASF Members. We look forward to the next chapter of the ASF as we continue to support the Foundation and hundreds of Apache projects and their communities who advance our mission of providing software for the public good at 100% no cost. We are committed to ensuring the Foundation remains effective and stable. It's a unique opportunity in the ASF's history to build upon the accomplishments of past Boards, apply new methodologies, and work through diverse perspectives with the aim of helping the ASF continue its successful trajectory. We appreciate your trust and are happy to discuss our progress at our upcoming ApacheCons in Las Vegas and Berlin [2]. [1] https://s.apache.org/ASF20thAnniversary [2] https://www.apachecon.com/ # # # [Less]

It’s official: Apache Kafka® 2.3 has been released! Here is a selection of some of the most interesting and important features we added in the new release. Core Kafka KIP-351 and KIP-427: Improved monitoring for partitions which have lost replicas ... [More] In order to keep your data safe, Kafka creates several replicas of it on different brokers. Kafka will not allow writes to proceed unless the partition has a minimum number of in-sync replicas. This is called the “minimum ISR.” Kafka already had metrics showing the partitions that had fewer than the minimum number of in-sync replicas. In this release, KIP-427 adds additional metrics showing partitions that have exactly the minimum number of in-sync replicas. By monitoring these metrics, users can see partitions that are on the verge of becoming under-replicated. Additionally, KIP-351 adds the --under-min-isr command line flag to the kafka-topics command. This allows users to easily see which topics have fewer than the minimum number of in-sync replicas. KIP-354: Add a Maximum Log Compaction Lag To a first-order approximation, previous values of a key in a compacted topic get compacted some time after the latest key is written. Only the most recent value is available, and previous values are not. However, it has always been possible to set the minimum amount of time a key would stick around before being compacted, so we don’t lose the old value too quickly. Now, with KIP-354, it’s possible to set the maximum amount of time an old value will stick around. The new parameter max.log.compation.time.ms specifies how long an old value may possibly live in a compacted topic. This can be used in complying with data retention regulations such as the GDPR. KIP-402: Improve fairness in SocketServer processors Previously, Kafka would prioritize opening new TCP connections over handling existing connections. This could cause problems if clients attempted to create many new connections within a short time period.KIP-402 prioritizes existing connections over new ones, which improves the broker’s resilience to connection storms. The KIP also adds a max.connections per broker setting. KIP-461: Improve failure handling in the Replica Fetcher In order to keep replicas up to date, each broker maintains a pool of replica fetcher threads. Each thread in the pool is responsible for fetching replicas for some number of follower partitions. Previously, if one of those partitions failed, the whole thread would fail with it, causing under-replication on potentially hundreds of partitions. With this KIP, if a single partition managed by a given replica fetcher thread fails, the thread continues handling the remainder of its partitions. KAFKA-7283: Reduce the amount of time the broker spends scanning log files when starting up When the broker starts up after an unclean shutdown, it checks the logs to make sure they have not been corrupted. This JIRA optimizes that process so that Kafka only checks log segments that haven't been explicitly flushed to disk. Now, the time required for log recovery is no longer proportional to the number of logs. Instead, it is proportional to the number of unflushed log segments. Some of the benchmarks which Zhanxiang Huang discusses on the JIRA show up to a 50% reduction in broker startup time. Kafka Connect KIP-415: Incremental Cooperative Rebalancing in Kafka Connect In Kafka Connect, worker tasks are distributed among the available worker nodes. When a connector is reconfigured or a new connector is deployed-- as well as when a worker is added or removed-- the tasks must be rebalanced across the Connect cluster. This helps ensure that all of the worker nodes are doing a fair share of the Connect work. In 2.2 and earlier, a Connect rebalance caused all worker threads to pause while the rebalance proceeded. As of KIP-415, rebalancing is no longer a stop-the-world affair, making configuration changes a more pleasant thing. KIP-449: Add connector contexts to Connect worker logs A running Connect cluster contains several different thread pools. Each of these threads emits its own logging, as one might expect. However, this makes it difficult to untangle the sequence of events involved in a single logical operation, since the parts of that operation are running asynchronously in their various threads across the cluster. This KIP adds some context to each Connect log message, making it much easier to make sense of the state of a single connector over time. Kafka Streams KIP-258: Allow Users to Store Record Timestamps in RocksDB Prior to this KIP, message timestamps were not stored in the Streams state store. Only the key and value were there. With this KIP, timestamps are now included in the state store. This KIP lays the groundwork to enable future features like handling out-of-order messages in KTables and implementing TTLs for KTables. KIP-428: Add in-memory window store / KIP-445: Add in-memory Session Store These KIPs add in-memory implementations for the Kafka Streams window store and session store. Previously, the only component with an in-memory implementation was the state store. The in-memory implementations provide higher performance, in exchange for lack of persistence to disk. In many cases, this can be a very good tradeoff. KIP-313: Add KStream.flatTransform and KStream.flatTransformValues The first half of this KIP, the flatTransform() method, was delivered in Kafka 2.2. The flatTransform() method is very similar to flatMap(), in that it takes a single input record and produces one or more output records. flatMap() does this in a type-safe way but without access to the ProcessorContext and the state store. We’ve been able to use the Processor API to perform this same kind of operation with access to the ProcessorContext and the state store, but without the type safety of flatMap(). flatTransform() gave us the best of both worlds: processor API access, plus compile-time type checking. flatTransformValues(), just introduced in the completed KIP-313 in Kafka 2.3, is to flatTransform() as flatMapValues() is to flatMap(). It lets us do processor-API-aware computations that return multiple records for each input record without changing the message key and causing a repartition. Conclusion Thanks for reading! Check out the release notes for more details about all the great stuff in Kafka 2.3. Also, check out this YouTube video on the highlights of the release! [Less]

Some ApacheCon sponsors and members of the greater Apache community have reported that they have been contacted by a company called Global Expo Travel that is alleging to be affiliated with ApacheCon. They are claiming to be "handling the ... [More] travel" for ApacheCon North America. This statement is 100% false. We do not know anyone at Global Expo Travel and have not contracted this company to conduct any business on behalf of ApacheCon or The Apache Software Foundation in any capacity. We will not tolerate spoofing or related fraudulent activity in any form. In the event that you have received any telephone calls or emails from any organization other than the ASF (from @apache.org) or the ApacheCon conference producers Virtual Inc. for ApacheCon North America New Thinking/Plain Schwartz for ApacheCon Europe ... please notify us at planners(at)apachecon(dot)com. If available, please include the originating telephone number and/or full email headers and any message(s) if possible. Any ApacheCon sponsor needing assistance is welcome to contact their respective Event Sponsor Ambassador, namely, Daniel Ruggeri for ApacheCon North America, and Sharan Foga for ApacheCon Europe. We appreciate your vigilance and cooperation in helping keep our community protected from deceitful practices and malicious entities. We look forward to seeing you in Las Vegas and Berlin. —ApacheCon Planners [Less]

With ApacheCon North America 2019 taking place 9-12 September and now less than three months out, we want to draw your attention to a few highlights: Schedule Now Available The full program is now available online ... [More] at https://www.apachecon.com/ and features talks representing dozens of our projects. Through hands-on sessions, keynotes, real-world case studies, workshops, hackathons, BarCamps, and more, participants will learn about Open Source development "The Apache Way", in a deliberately intimate, collaborative, vendor-neutral environment. Program categories and project tracks will include Big Data, Content Delivery, Geospatial, IoT, Machine Learning, Streaming, and more. Meet Our Keynote Speakers We are excited to announce that ApacheCon keynotes will include award-winning author and futurist David Brin, "father of Java" James Gosling, and 10-year-old CoderBunnyz/One Billion Kids Can Code founder Samaira Mehta. These professionals will share their expertise on a wide range of topics and deliver innovative insights that you can bring back to your organization. As part of this year's conference, ApacheCon will include dynamic discourse with select ASF founders as well as special 20th-anniversary events and activities. Early Bird Registration, Hotel and More Early bird registration is available until 27 June and the Las Vegas Flamingo hotel block is open until 19 August, so don't delay and register today at ApacheCon.com. Members of all underrepresented communities are encouraged to apply for Travel Assistance, with special funds earmarked for female Latin Americans. Hurry --the 21 June deadline has been extended by a few more days! Apply today http://apache.org/travel/ Interested in Sponsoring ApacheCon 2019? We would like to thank this year's ApacheCon Sponsors, which include Aiven, Amazon Web Services, CrowdStrike, DataStax, Google Cloud, HotWax Commerce, IBM, Instaclustr, Jahia, Linode, RedHat, ShapeBlue, SK Telecom, and WhiteSource, among others. We encourage those who want to become an ApacheCon Sponsor to visit our prospectus (https://s.apache.org/2019-LASApacheConProspectus) for more information or reach out to us at [email protected]  Our media partners include Manning Publications and SD Times. For media sponsorship opportunities and registration by credentialed members of the media and analyst community, email [email protected]  Get Involved  Finally, if you want to get involved, or have any more questions, there are several ways to get in touch with us. -- Join our mailing lists: http://events.apache.org/involved/mailing-lists.html -- Email the ApacheCon planners directly: [email protected]  -- Follow us on Twitter: http://twitter.com/apachecon -- Visit the ApacheCon website: https://apachecon.com/acna19/ Important Dates and Deadlines -- Early Registration ends on 27 June: Sign up now for a savings of $200. Early bird incentives and rates are available for individual participants as well as groups. Sign up at https://apachecon.com/acna19/ -- Travel Assistance application deadline ends soon: everyone, included members of all underrepresented communities is encouraged to apply for Travel Assistance. Additional funds are earmarked for female Latin American participants. Apply at http://www.apache.org/travel/ -- Discounted Hotel Rooms: Book your room before 19 August! We are offering special room rates at the Flamingo Hotel and Casino. Your options will be based on availability, or when the block is sold out. Book at https://www.apachecon.com/acna19/location.html  We look forward to seeing you in Las Vegas! [Less]

Happy Friday, everyone. Let's take a look at how the past week has progressed: ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 17 July. Board calendar ... [More] and minutes http://apache.org/foundation/board/calendar.html ApacheCon™ –the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998 - Early Registration is OPEN for ApacheCon North America/Las Vegas (9-12 September) and Europe/Berlin (22-24 October) https://www.apachecon.com/ - TRAVEL ASSISTANCE applications for ApacheCon North America accepted through 21 JUNE (NOTE: special funds earmarked for female Latin Americans). Applications for ApacheCon Europe now open. Apply today! http://www.apache.org/travel/ ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 99.99%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/ Apache Code Snapshot –this week, 527 Apache contributors changed 1,453,810 lines of code over 3,408 commits. Top 5 contributors, in order, are: Zhang Duo, Mark Robert Miller, Jonathan Hung, Claus Ibsen, and Hendrik Krohns. Apache Project Announcements –the latest updates by category. Big Data -- - Apache Bigtop 1.4.0 released https://bigtop.apache.org/ - [CVE-2017-15694] Apache Geode metadata modification vulnerability https://lists.apache.org/thread.html/86d3b80a6dd45b7a06d3afcf1d5093f020f648ed167825b3e722f27d@%3Cannounce.apache.org%3E Content Management -- - Apache Allura 1.11.0 released https://allura.apache.org/ - CVE-2019-10085 Apache Allura XSS vulnerability https://lists.apache.org/thread.html/9a20914c4251a2ae3caebd8d0dd0056f3ac89209d6c216bb89efabd9@%3Cannounce.apache.org%3E Search -- - Apache Lucene Solr Reference Guide for 8.1 released http://lucene.apache.org/ Servers -- - [SECURITY] CVE-2019-10072 Apache Tomcat HTTP/2 DoS https://lists.apache.org/thread.html/ac0185ce240a711b542a55bccf9349ab0c2f343d70cf7835e08fabc9@%3Cannounce.apache.org%3E Did You Know?  - Did you know that the program for ApacheCon North America is up? Join us! https://www.apachecon.com/acna19/  - Did you know that the ASF's email list activity over the past 14 days has comprised 89,139 on 62,103 topics sent by 5,345 people across 729 active lists? https://lists.apache.org/  - Did you know that Baidu, Cisco, Didi Chuxing, eBay, JP Morgan, Samsung, and Yahoo Japan use Apache Kylin to support extremely large datasets? http://kylin.apache.org/ Apache Community Notices:  - Celebrating 20 Years Community-led Development "The Apache Way" https://s.apache.org/ASF20thAnniversary  - ASF Founders look back on 20 Years of the ASF https://blogs.apache.org/foundation/entry/our-founders-look-back-on  - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI  - Foundation Reports and Statements http://www.apache.org/foundation/reports.html  - ApacheCon: Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon  - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits  - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq  - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport  - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3  - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA  - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache  - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation  - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity  - The list of Apache project-related MeetUps can be found at http://events.apache.org/event/meetups.html  - Registration is open for ApacheCon North America 9-12 September 2019 http://apachecon.com/  - Spark + AI Summit 2019 will be held 15-17 October in Amsterdam https://databricks.com/sparkaisummit/  - CFP and Registration open for ApacheCon Europe 22-24 October 2019 http://apachecon.com/  - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache Camel, Apache HTTP Server, and more! https://helpwanted.apache.org/  - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby = = = For real-time updates, sign up for Apache-related news by sending mail to [email protected] and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers. [Less]

On behalf of the Apache Bigtop team, I'd love to announce the general availability of the Bigtop 1.4.0 release. The release is available here:     https://bigtop.apache.org/download.html#releases A few highlights of this release ... [More] include: - Integration Test Framework 2.0: one-stop integrated build and test   framework at a single entry: ./gradlew [1] - Newly developed Smoke Test CI Matrix to guard the quality of releases [2] - Hadoop 2.8.5, Spark 2.2.3, Flink 1.6.4, Alluxio 1.8.1 and more [3] - 100+ JIRAs are resolved in this release With Bigtop 1.4.0 the community continues to deliver the most advanced big data stack to date. More details about 1.4.0 release are here:     https://bigtop.apache.org/release-notes.html Deploying Bigtop is easy: grab the repo/list file for your favorite Linux distribution:   https://www.apache.org/dyn/closer.lua/bigtop/bigtop-1.4.0/repos/ and you'll be running your very own big data cluster in no time! We welcome your help and feedback. For more information on how to report problems, and to get involved, visit the project website at:   https://bigtop.apache.org Lastly, I want to emphasize that this is a collaborative work done by project contributors and other communities, who continue to devote time to make Bigtop a better software. Thank you all for making this release possible! Thanks, Evans Ye, Release Manager [1] Quickstart Guide: Bigtop Integration Test Framework 2.0 [2] https://ci.bigtop.apache.org/view/Test/job/Bigtop-trunk-smoke-tests-1.4.0/ [3] https://issues.apache.org/jira/browse/BIGTOP-3162 [Less]

The week has flown by and it's been brilliant. Let's review what we've been up to: ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 19 June. Board ... [More] calendar and minutes http://apache.org/foundation/board/calendar.html ApacheCon™ –the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998 - Early Registration is OPEN for ApacheCon North America/Las Vegas (9-12 September) and Europe/Berlin (22-24 October) https://www.apachecon.com/ - TRAVEL ASSISTANCE applications for ApacheCon North America accepted through 21 June. Special funds earmarked for female Latin Americans. Apply today! http://www.apache.org/travel/ ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at a sellar 100%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/ Apache Code Snapshot –this week, 465 Apache contributors changed 1,246,642 lines of code over 2,671 commits. Top 5 contributors, in order, are: Zhang Duo, Jonathan Hung, Claus Ibsen, Hendrik Krohns, and Andrea Cosentino. Apache Project Announcements –the latest updates by category. Big Data -- - Apache Atlas 1.2.0 released http://atlas.apache.org/ - Apache Bahir 2.2.3 and 2.3.3. released https://bahir.apache.org Databases -- - Apache Jackrabbit 2.14.7 and Jackrabbit Oak 1.14.0 released http://jackrabbit.apache.org/ Libraries -- - HttpComponents Client 4.5.9 GA released http://hc.apache.org/ Network Client/Server -- - Apache Directory LDAP API 2.0.0.AM4 released http://directory.apache.org/ - Apache Qpid JMS 0.43.0 and Qpid Dispatch 1.8.0 released http://qpid.apache.org Search -- - Apache Lucene Solr Reference Guide for 8.0 released http://lucene.apache.org/ Servers -- - Apache Tomcat 8.5.42 and 9.0.21 available http://tomcat.apache.org/ Did You Know?  - Did you know that the following Apache projects are celebrating anniversaries this month? SpamAssassin (15 years); Santuario (13 years); Commons and Wicket (12 years); Sling (10 years); Karaf (9 years); Flume and VCL (7 years); Mesos (6 years); Twill (3 years); Atlas and Mynewt (2 years) --many happy returns!  - Did you know that the ASF has, on average, 76 builds running at any given time across three CI platforms?  - Did you know that more than 40% of Apache projects are in Java? https://projects.apache.org/projects.html?language Apache Community Notices:  - Celebrating 20 Years Community-led Development "The Apache Way" https://s.apache.org/ASF20thAnniversary  - ASF Founders look back on 20 Years of the ASF https://blogs.apache.org/foundation/entry/our-founders-look-back-on  - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI  - Foundation Reports and Statements http://www.apache.org/foundation/reports.html  - ApacheCon: Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon  - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits  - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq  - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport  - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3  - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA  - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache  - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation  - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity  - The list of Apache project-related MeetUps can be found at http://events.apache.org/event/meetups.html  - Registration is open for ApacheCon North America 9-12 September 2019 http://apachecon.com/  - Spark + AI Summit 2019 will be held 15-17 October in Amsterdam https://databricks.com/sparkaisummit/  - CFP and Registration open for ApacheCon Europe 22-24 October 2019 http://apachecon.com/  - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache Camel, Apache HTTP Server, and more! https://helpwanted.apache.org/  - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby = = = For real-time updates, sign up for Apache-related news by sending mail to [email protected] and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers. [Less]

Apache OFBiz News May 2019 Welcome to our regular monthly round-up of OFBiz news. This month we have more news about OFBiz mention in Top 15 Open Source ERP Solutions, OFBiz Community Days, and OFBiz at ApacheCon along with our usual list of ... [More] features, improvements and Statistics. OFBiz mentioned as Top Open Source ERP on Solution Reviews The article "Top 15 Free and Open Source ERP Solutions" on Solution Reviews mentioned OFBiz as top open source ERP.  The writer of the article Elizabeth Quirk, is a leading enterprise technology writer covering Enterprise Resource Planning (ERP), Business Process Management (BPM) and Talent Management Suites (TMS). The article draws a distinction between free and open source ERP solutions and compares top 15 among them. The link to the article can be found here. OFBiz Community Days In year 2017, we started celebrating the OFBiz community days. The contribution during these days plays a very significant role in overall progress of project. The community days are organised once per quarter so a total of four (4) events throughout the year. Here dates for this year's community day decided such that. Quarter 1 - Community Days - February 2019 - N/A (Since we already skipped the February 2019 month) Quarter 2 - Community Days - May 2019 - Friday 24th, Saturday 25th, Sunday 26th, Monday 27th and Tuesday 28th Quarter 1 - Community Days - August 2019 - Friday 23rd, Saturday 24th, Sunday 25th, Monday 26th and Tuesday 27th Quarter 1 - Community Days - November 2019 - Friday 22nd, Saturday 23rd, Sunday 24th, Monday 25th and Tuesday 26nd Contributors can select any single day based on there availability and preferences. We are pleased to inform that this month we have successfully organised the community days of this quarter.  Please refer to this mail thread for more details. Indeed it was a very impactful community day, the community worked on around 31 issues, more details can be found here (requires Jira Login). To get the more insights, we run a brief survey for the participants of community days. Responses can be found here. Our next community day is planned on 23rd to 27th August 2019, for more detail please refer to this document, stay tuned! Thanks you Swapnil M Mane for reviving it and to everyone who contributed to this effort. OFBiz at ApacheCon North America, Las Vegas We are please to share this update, the organisers of ApacheCon North America have offered to allocate a "full track" to the OFBiz project at the upcoming conference.This year's ApacheCon North America will be held in Las Vegas from 9 to 12 of September. OFBiz track is scheduled on 12th September 2019, more details on ApacheCon schedules can be found here. OFBiz Statistics Apache Kibble tracks some Apache OFBiz community statistics on its demo instance, so we have highlighted a few of our stats for the last month: JIRA Issue Tracker: 86 issues were opened and 61 issues were closed (11 different people helped to close these issues) Code Change and Commit Activity: Framework: 188 commits to the code base that changed 6,160 lines of code (8 committers were active) Plugins: 21 commits to the code base that changed 1,026 lines of code (3 committers were active) Mailing Lists: Dev: 167 emails sent and 36 topics discussed (25 different people) User: 72 emails sent and 24 topics discussed (26 different people) New features and improvementsFunctional enhancements and improvements as well as updates of third party libraries and source code refactoring: Framework Refactors 'DataServices' and 'ContainerLoader' which used 'java.util's backported classes. (OFBIZ-11003) Removes unneeded generics in 'MapContextTest'. (OFBIZ-10933) Removes unused local variables in 'OrderServices'. (OFBIZ-10518) Improves condition in which reversation block was not being executed in case of auto-reserve not found in attribute. (OFBIZ-10518) Substitutes permission-service with required-permissions in services 'createArticleContent', 'createBlogEntry' and 'updateBlogEntry'. (r1858539) Rewrites 'CustomPermissivePolicy#matchesEither's static method. (OFBIZ-10187) Removes useless 'UtilMisc#makeSetWritable' method. (OFBIZ-11015) Removes useless null check in 'UtilCodec#checkStringForHtmlStrictNone'. (OFBIZ-10054) Adds an Auditor party with associated 'AUDITOR' SecurityGroup permissions in all DEMO instances. (OFBIZ-10899) Adds generic type entity fields to ContactMechPurposeType entities. (OFBIZ-11008) Cleans up 'StringUtil'. (OFBIZ-11014) Refactors 'ServiceDispatcher' by setting 'private' instead of 'protected'. (OFBIZ-11032) Migrates integration tests to unit tests when possible. (OFBIZ-11067) Adds Unit test case for service - quickReturnOrder. (OFBIZ-8809) Adds Unit test case for service - CreateReturnAndItemOrAdjustment. (OFBIZ-8858) Adds Unit test case for service - CheckReturnComplete. (OFBIZ-8853) Adds Unit test case for service - CheckPaymentAmountForRefund. (OFBIZ-8852) Adds Unit test case for service - CheckCreateProductRequirementForFacility. (OFBIZ-8937) Adds Unit test case for service - CreateReturnItemShipment. (OFBIZ-8859) Uses more declarative style for the context map, that prefers map literals over imperative map. (OFBIZ-8853) Uses Groovy Truth instead of UtilValidate Class in Groovy. (OFBIZ-11064) Plugins Refactors 'CustSettings.groovy', 'EditPerson.ftl' and 'ViewProfile.ftl' to provide needed compatibility to new marital status. (OFBIZ-10921) Removes redundant type declarations. (OFBIZ-10937) Removes useless null check in UtilCodec#checkStringForHtmlStrictNone. (OFBIZ-10054) Uses the ‘@Override’ annotation in many classes. (OFBIZ-10939) Uses Groovy Truth instead of UtilValidate Class in Groovy. (OFBIZ-11064) BugfixesFunctional and technical bugfixes: Framework Adds missing uiLabel for 'Create New' on CMS Content Find Screen. (OFBIZ-11005) Adds missing 'synchronized' modifier in 'ExtendedProperties#loadFromXML'. (OFBIZ-11004) Ensures that the story field in ordermgr's EditCustRequest form is html encoded. (OFBIZ-11006) Ensures that product content management screen validates trusted users' input. (OFBIZ-10054) Fixes: OWASP sanitizer breaks proper rendering of HTML code. (OFBIZ-10187) Fixes: Update invoice item looses invoice context. (OFBIZ-11009) Replaces response type 'request-redirect-noparam' with 'request-redirect' in many request-maps. (OFBIZ-9997) Fixes: Test integration were failing if plugins directory is empty due to dependent data on projectmgr component. (r1859111) Fixes: javadoc build for OpenJDK 11. (OFBIZ-10757) Fixes: Issue in method ProductWorker#getVariantSelectionFeatures. (OFBIZ-11029) Fixes: Incorrect findByCount on DynamicView with groupBy and selected fields. (OFBIZ-11041) Fixes: Redirection of pathAlias to aliasTo does not work properly. (OFBIZ-11018) Adds 'PayHistory's missing field 'emplFromDate'. (OFBIZ-11028) Ensures that it is possible to create more than one ProductManufacturingRule. (OFBIZ-11047) Ensures that available ProductManufacturingRules will be presented. (OFBIZ-11048) Ensures that 'massPrintOrders' service works. (OFBIZ-11049) Adds missing ampersands in 'FindOrders.ftl's mass actions. (OFBIZ-11052) Fixes: Services allow arbitrary HTML for parameters with allow-html set to "safe". (OFBIZ-5254) Ensures that delegator.removeBy* operations triggers EECAs. (OFBIZ-11040) Fixes: Drop-ship process behaves incorrectly when a combination of drop-ship and non-drop-ship products are added to cart. (OFBIZ-11021) Fixes: Issue in order history promotion. (OFBIZ-10847) Enables entity timestamp fields in search result screens. (OFBIZ-10959) Fixes: Unable to delete a survey in project component. (OFBIZ-7594) Fixes: Duplicate entries in paramWithSuffix. (OFBIZ-11056) Fixes: Runtime error exceptions at Leads page. (OFBIZ-11059) Fixes CSS Styling for Party Content progress bar in multiple themes. (OFBIZ-10797) Fixes: Edit WebSite Path Alias is not working. (OFBIZ-11022) Corrects inventory transfer screens navigation of 'To Facility ID'. (OFBIZ-10992) Adds classpath exclusion of '/framework/base/config' and '/framework/base/dtd' for Gradle task 'eclipse'. (OFBIZ-11071) Fixes: Decrypt a field on embedded entity-view failed. (OFBIZ-11078) Plugins Adds missing uiLabel for 'Create New' on CMS Content Find Screen. (OFBIZ-11005) Fixes: Touch F8 in webpos does not work and generate an error. (OFBIZ-11010) Ensures that 'massPrintOrders' service works. (OFBIZ-11049) Fixes: Services allow arbitrary HTML for parameters with allow-html set to "safe". (OFBIZ-5254) Fixes: Unable to find any product in Quick Add functionality. (OFBIZ-10978) Fixes: Product image not scaling properly on ecommerce at different screen resolution. (OFBIZ-10880) [Less]

Security in Apache Hadoop Ozone - 1 Apache Hadoop Ozone is a highly scalable distributed object store for big data applications [1]. This blog post provides an overview of Ozone security and details required to set up secure Ozone cluster. The Ozone ... [More] security architecture is described in detail in [2]. Authentication, Authorization and Auditing are three basic tenets of security. Ozone security design borrows heavily from Apache Hadoop security. Having said that, there are areas where Ozone security differs from Hadoop. Let’s have a closer look at what this exactly means. Authentication Similar to hadoop, Ozone allows kerberos-based authentication. So one way to setup identities for all the daemons and clients is to create kerberos keytabs and configure it like any other service in hadoop. Below are some important configurations to configure kerberos security. hdds.scm.kerberos.principal=scm/[email protected] hdds.scm.kerberos.keytab.file=/etc/security/keytabs/scm.keytab ozone.om.kerberos.principal=om/[email protected] ozone.om.kerberos.keytab.file=/etc/security/keytabs/om.keytab hdds.scm.http.kerberos.principal=HTTP/[email protected] hdds.scm.http.kerberos.keytab=/etc/security/keytabs/HTTP.keytab ozone.om.http.kerberos.principal=HTTP/[email protected] ozone.om.http.kerberos.keytab=/etc/security/keytabs/HTTP.keytab Certificates Apart from kerberos and tokens Ozone utilizes certificate based authentication for Ozone service components. To enable this, SCM (StorageContainerManager) bootstraps itself as an Certificate Authority when security is enabled. This allows all daemons inside Ozone to have an SCM signed certificate. Below is brief descriptions of steps involved: Datanodes and OzoneManagers submits a CSR (certificate signing request) to SCM. SCM verifies identity of DN (Datanode) or OM via Kerberos and generates a certificate. This certificate is used by OM and DN to prove their identities. Datanodes use OzoneManager certificate to validate block tokens. This is possible because both of them trust SCM signed certificates. (i.e OzoneManager and Datanodes) Tokens Tokens are widely used in distributed systems as mean to achieve lightweight authentication without compromising on security. Main motivation for using tokens inside Ozone is to prevent the unauthorized access while keeping the protocol lightweight and without sharing secret over the wire. Ozone utilizes three types of token: Delegation token Once client establishes their identity via kerberos they can request a delegation token from OzoneManager. This token can be used by a client to prove its identity until the token expires. Like Hadoop delegation tokens, an Ozone delegation token has 3 important fields: Renewer: User responsible for renewing the token. Issue date: Time at which token was issued. Max date: Time after which token can’t be renewed. Token operations like get, renew and cancel can only be performed over an Kerberos authenticated connection. Clients can use delegation token to establish connection with OzoneManager and perform any file system/object store related operations like, listing the objects in a bucket or creating a volume etc. Block Tokens Block tokens are similar to delegation tokens in sense that they are signed by OzoneManager. But this is where similarity between two stops. Block tokens are created by OM (OzoneManager) when a client request involves interaction with DataNodes. Unlike delegation tokens there is no client API to request block tokens. Instead they are handled transparently for client. Block tokens are embedded directly into client request responses. It means that clients don’t need to fetch it explicitly from Ozone Manager. This is handled implicitly inside ozone client. Datanodes validates block tokens from clients for every client connection. Below sequence diagram shows steps involved in block token. S3Token Like block tokens S3Tokens are handled transparently for clients. It is signed by S3secret created by client. S3Gateway creates this token for every s3 client request. To create an S3Token user must have a S3 secret. Below sequence diagram shows steps involved in s3 secret and S3 token usage. Authorization Ozone provides a pluggable API to control authorization of all client related operations. Default implementation allows every request. Clearly it is not meant for production environments. To configure a more fine grained policy one may configure Ranger plugin for Ozone. Since it is a pluggable module clients can also implement their own custom authorization policy and configure it using [ozone.acl.authorizer.class]. Audit Ozone provides ability to audit all read & write operations to OM, SCM and Datanodes. Ozone audit leverages the Marker feature which enables user to selectively audit only READ or WRITE operations by a simple config change without restarting the service(s). To enable/disable audit of READ operations, set filter.read.onMatch to NEUTRAL or DENY respectively. Similarly, the audit of WRITE operations can be controlled using filter.write.onMatch. Generating audit logs is only half the job, so Ozone also provides AuditParser - a sqllite based command line utility to parse/query audit logs with predefined templates(ex. Top 5 commands) and options for custom query. Once the log file has been loaded to AuditParser, one can simply run a template as shown below: ozone auditparser template top5cmds Similarly, users can also execute custom query using: ozone auditparser query "select * from audit where level=='FATAL'" How to enable security in Ozone? To turn on Ozone security set “ozone.security.enabled” to true. Below is list of important properties for Ozone security: ozone.security.enabled True if security is enabled for Ozone. When this property is true, hadoop.security.authentication should be Kerberos. hdds.scm.kerberos.principal The SCM service principal. Ex scm/[email protected] hdds.scm.kerberos.keytab.file The keytab file used by SCM daemon to login as its service principal. ozone.om.kerberos.principal The OzoneManager service principal. Ex om/[email protected] ozone.om.kerberos.keytab.file The keytab file used by SCM daemon to login as its service principal. hdds.scm.http.kerberos.principal SCM http server service principal. hdds.scm.http.kerberos.keytab The keytab file used by SCM http server to login as its service principal. ozone.om.http.kerberos.principal OzoneManager http server principal. ozone.om.http.kerberos.keytab The keytab file used by OM http server to login as its service principal. References: Apache Hadoop Ozone website: https://hadoop.apache.org/ozone/ HDDS security design document https://issues.apache.org/jira/browse/HDDS-4 [Less]