Stream Processing & Apache Flink - News and Best Practices

Ververica Platform 2.11.1 is Released!

Written by Ververica | 07 September 2023

We're thrilled to share the latest update to Ververica Platform! This is a patch release offering enhancements and improvements requested by the community and our customers – big and small, old and new! – as well as component and library updates that reflect our proactive approach to driving out vulnerabilities wherever we find them, whether that’s in the platform itself, the components we ship with it, or in the tools and infrastructure we build and package with.

As always, we like to throw in some extra goodies if we can, so this release includes a Flink update to v1.17.1-stream2 to keep you at the top of the curve!

And if you’ve been following along you’ll know all about Community Edition, the no-fee license that gives you access to the platform for non-commercial use including open source and personal projects. This release includes small changes to Community Edition features as well as UI improvements.

Ververica Platform release 2.11.1 is now in General Availability (GA) for all customers and interested parties. You can find platform images and archives in the usual places; check out the links below.

What’s New in Ververica Platform 2.11.1

Flink runtimeWe've upgraded the underlying Flink runtime to Apache Flink® 1.17.1-stream2 to keep you right up to date with the best and most robust foundation for your data processing needs. Ververica Platform now supports Apache Flink® 1.17 and 1.16 under SLA. Apache Flink® 1.15 is deprecated in this version and supported on a best-effort basis.

Enhancements and improvements We use your feedback to focus our effort on the changes that will most benefit your projects. In this release we have made tweaks to the UI in a few important areas, tweaked configuration properties to make your life easier, added security context to helm charts and enhancements to cluster Health Check configuration and Disaster Checkpoint validation – and a few more things besides:

  • Repeated execution of actions like starting/suspending/pausing/restarting a Deployment is now avoided if a user clicks multiple times on a button in the UI.
  • Health check endpoints and timings used by K8s livenessProbe and readinessProbe can now be configured during Helm installation/upgrade.
  • Security context can now be configured on a container level.
  • Enhanced validation of disaster checkpointing configuration and clarified the UI options.
  • Environment variable naming in Ververica Platform K8s containers now follows standard notation for Spring properties.
  • Exposed PUT endpoint of the DeploymentDefaults resource in Swagger REST API.
  • Upgraded Spring Boot up to v2.7.15.

Vulnerability Fixes In addition to fixes included inside Apache Flink® itself, we have fixed the following vulnerabilities:

  • Updated Reload4j to resolve vulnerability CWE-611.
  • Updated Jakarta Expression Language Implementation to resolve vulnerability CVE-2021-28170.
  • Updated Thymeleaf resolve critical vulnerability CVE-2023-38286.
  • Updated Postgres to resolve vulnerability CVE-2022-41946.
  • Updated SnakeYaml to resolve critical vulnerability CVE-2022-1471.
  • Updated Jackson-Core to resolve vulnerability PRISMA-2023-0067.
  • Updated Json-Smart to resolve vulnerability CVE-2023-1370.
  • Updated Netty to resolve vulnerability CVE-2023-34462.
  • Updated Jetty to resolve vulnerability CVE-2023-26048.
  • Updated infrastructure vulnerabilities CVE-2023-31437, CVE-2023-31438 and CVE-2023-31439.

Continuous vulnerability fixes are all part of our proactive approach to managing vulnerabilities – and managing them out!

Flink Kubernetes A reminder that the Ververica Platform 2.10 release marked Ververica Platform Kubernetes as deprecated, and from release 2.12 it will no longer be available. You are recommended to use Flink Kubernetes instead.

Changes to Community Edition The free Community Edition license is for not-for-profit use and omits some enterprise features:

  • The Autopilot feature and SSL security are now not available in the Community Edition; you need the Enterprise Edition for these features.
  • Community Edition users can now disable collecting of analytics data.

Downloads

For new customers, whether you are curious about the platform and want to trial the Enterprise Edition for your state-of-the-art project, or want to try out the free Community Edition for your open source or personal project, you’ll find everything you need to know at the Ververica Platform  Downloads page!

🚀🌟 Let the excitement begin! 😄💥
View full post