Release 332-e LTS (14 Apr 2020)

Starburst Enterprise Presto 332-e is the follow up release to the 323-e version.

The 332-e release includes all improvements from the Presto project releases since Presto 323:

• Presto 324

• Presto 325

• Presto 326

• Presto 327

• Presto 328

• Presto 329

• Presto 330

• Presto 331

• Presto 332

This release is a long term support (LTS) release.

In addition, numerous improvements and additions for enterprise features are added:

Highlights

Security

• Global access controlwith Apache Ranger

• AWS IAM credentials passthrough

• AWS S3 per bucket security

• Okta authentication

• Powerful query logger as alternative to query audit

• Apache Ranger as a service in both CFT and K8s

Connectors

• Delta Lake connector

• Caching for distributed storage

• IBM Cloud Object Storage support in IBM Cloud Object Storage support for the Hive connector

• Added support for parallel operations to the Oracle connector

Others

• :Usage metrics log

• Increased release cadence with long term support LTS and short term support STS releases

Notable breaking changes

• The internal cluster communication in earlier Starburst Enterprise Presto supports using Kerberos for authentication. This functionality has been removed in favor of automatically securing internal cluster communication. Find more details in Secure internal communication.

• The Starburst BigQuery connector is replaced by the open source BigQuery connector contributed by the community. The new connector is more feature-rich and performant. Users of the old connector need to change their catalog files to adapt to the usage of the new connector and its configuration properties, documented in BigQuery connector.

• The usage of users and groups in resource groups as selector rule properties and used for catalog rules as part of the built-in system access controls is deprecated. Replace any usage with lists and regular expressions in the user and group fields. For example, change users: ["abc", "def", "xyz"] to user:  "abc|def|xyz".

• The DECODE function has been removed from the Oracle functions plugin. Users can change their SQL statements to achieve the same behavior with the use of a CASE statement.

• The Starburst Secrets support using a Java keystore file containing any secrets is deprecated and replaced with the secrets support from Presto. More information can be found in Secrets.

• The query audit feature changed to use a different configuration file and properties.

• Configuration of the path to the license for Starburst Enterprise Presto changed to use a default path. As a result, the license.path property has been removed entirely.

• Ranger-based audit as available in prior releases is included from 332-e.2 onwards only

• Regular Kerberos support as as Kerberos and password authentication pass passthrough for the Teradata and Teradata Parallel Direct connectors it as available in prior releases is not included, but planned for a future patch version

• Various configuration and property changes related to Kerberos configuration in general and specifically Kerberos credential pass-through

General changes

• The preferred runtime for Presto servers changes from Java 8 to Java 11. While using Java 11 is not a hard requirement at this stage, we strongly suggest to update to gain performance improvements and other benefits. Java 11 is planned as a hard requirement for the next release. More information can be found in in the Java requirements section.

Security changes

• Simplified TLS/SSL usage for cluster internal communication.

332-e.1 changes (17 April 2020)

• Support Delta Lake connector on Azure

• Fix PostgreSQL driver access in query logger

• Fix initialization of Presto Ranger plugin

• Add standalone usage-client to presto-server docker image

• Add cumulative wall time to usage metrics

• Add cluster statistics resource REST endpoint for Mission Control

332-e.2 changes (7 May 2020)

• Add support for Hive Ranger Audit

• No longer start the JmxAgent by default

• Add predicate pushdown for the Oracle DATE and TIMESTAMP data types in the Oracle connector.

• Fix a bug in the Oracle connector, which in rare cases, could cause INSERT queries to fail write data to destination table.

• Correct closing and configuring of connections for Oracle connection pools

• Fix Teradata connector initialization

• Remove requirement to Snowflake role when user impersonation is disabled

• Add data integrity verification for Presto internal communication

332-e.3 changes (28 May 2020)

• Add Kerberos credentials and password passthrough for the Oracle connector

• Suppress Hive views in the Delta Lake connector

• Map Delta Lake timestamp to Presto timestamp with time zone

332-e.4 changes (15 June 2020)

• Backport cluster-internal communication

  • Support only shared secret usage

  • Remove support for Kerberos for internal communication

  • Cluster accessed via HTTPS must have internal-communication. shared-secret configured

332-e.5 changes (17 Aug 2020)

• Deny user impersonation usage in catalogs when global access control with Apache Ranger is used

• Fail query, instead of silently skipping, if there are bucket files outside of the bucket range

• Fix tracking of queued queries in JMX stats

• Use Hive column indices for Parquet tuple domain creation when specified

332-e.6 changes (16 Sep 2020)

• Accept URIs with an equals sign = in path in Sentry privilege configuration

• Fix to prevent JVM crashes when LongArrayList is too large

332-e.7 changes (16 Oct 2020)

• Allow specifying behavior if data is inserted into existing Hive partition with the hive.insert-existing-partitions-behavior property.

• Fix query failure when reading an ORC ACID table with a filter after the table underwent a minor table compaction.

• Fix incorrect query results when reading an ORC ACID table that has deleted rows and underwent a minor compaction.

• Fix rare failure when recording server stats in T-Digests.

• Match the existing user and group of the table or partition when creating new files on HDFS.

332-e.8 changes (16 Nov 2020)

• Improve failover to a new URI of the Hive Metastore Service

• Enforce permissions for columns in USING clause

• Avoid java.lang.Math.floorMod(JI) error when using Java 8

332-e.9 changes (10 Dec 2020)

• Add validation for bucketed query results in Hive connector

332-e.10 changes (8 Apr 2021)

• Fix handling of strings when translating Hive views.

• Fix privilege checks in Ranger global access control for queries that do not read any columns, such as SELECT count(*) FROM <table>.

332-e.11 changes (upcoming)

• Mask value of teradata-parallel-direct.https.keystore.password in log file writing.