← Back to Index

8.10 Release Notes

For Administrators

Environment Information Dumping with nuxeoctl connect-report

8.3 8.10 A new command has been added to nuxeoctl, nuxeoctl connect-report. This new command gathers information that can be useful to understand the environment in which a bug or a problem can be reproduced. This command was added in an effort to keep improving the quality of the service delivered by the Nuxeo Support Team. Information includes: configuration, templates used, environment information via JVM MBeans and more.

The addon Nuxeo Connect Tools Report Web is available to provide a basic user interface to get the report.

Startup Wizard Improvements on Module Selection

8.10 The Module selection step of the startup wizard has been reviewed to provide a more user-friendly interface, take into consideration the distribution changes and make dependencies between addons and UIs more straightforward.

MarkLogic as a New Storage Backend

8.3A new implementation of the DBS interface (NoSQL) has been done for the MarkLogic database. It is available as a Nuxeo Package on the Nuxeo Marketplace.

MongoDB 3.2

8.2 MongoDB 3.2 is now supported as a storage backend.

PostgreSQL 9.5

8.3 PostgreSQL 9.5 is now supported as a storage backend. Nuxeo 8.10 also works with PostgreSQL 9.6 although not yet added to CI.

Elasticsearch 2.X

8.10 From version 8.10, Nuxeo uses Elasticsearch 2.x version. Please carefully read our upgrade documentation.

S3 Configuration via Extension Point

8.1 Customers needing to connect to more than one S3 binary managers with different configurations are now able to do so using the new configuration extension point of org.nuxeo.ecm.core.blob.BlobManager . Previously only one bucket could be configured in nuxeo.conf .

<extension point="configuration" target="org.nuxeo.ecm.core.blob.BlobManager">
    <blobprovider name="default">
        <class>org.nuxeo.ecm.core.storage.sql.S3BinaryManager</class>
        <property name="awsid">your_AWS_ACCESS_KEY_ID</property>
        <property name="awssecret">your_AWS_SECRET_ACCESS_KEY</property>
        <property name="region">us-west-1</property>
        <property name="bucket">your_s3_bucket_name</property>
        <property name="bucket.prefix">myprefix/</property>
        <property name="directdownload">true</property>
        <property name="directdownload.expire">3600</property>
        <property name="cachesize">100MB</property>
        <property name="crypt.keystore.file">/my/keystore.jks</property>
        <property name="crypt.keystore.password">password</property>
        <property name="crypt.key.alias">mykey</property>
        <property name="crypt.key.password">password</property>
        <property name="connection.max">50</property>
        <property name="connection.retry">3</property>
        <property name="connection.timeout">50000</property>
        <property name="socket.timeout">50000</property>
    </blobprovider>
</extension>

Server-Side Encryption with S3

8.1 Support for Server-Side Encryption (SSE-S3) has been added as an alternative to Client-Side Encryption (CSE) as documented in the S3 Java SDK. This is enabled through the property nuxeo.s3storage.crypt.serverside=true.

GridFS as Part of the Default Distribution

8.1 GridFS is now part of the base distribution, in nuxeo-core. It will have to be activated explicitly using the gridfsbinaries template. There is no need to install an additional Nuxeo Package anymore. Read our MongoDB documentation for more information.

JCloud Binary Manager

8.10 The JClouds binary manager that allows to store files on the main cloud blobstores has been upgraded to use the version 1.9.2 of the underlying Apache library. Some bugs have been fixed to handle large files and a new property jclouds.blobstore.endpoint allows to configure the endpoint to use.

Quartz MongoDB Backend

8.10 Quartz is now automatically enabled in cluster mode when using the MongoDB template and does not require an SQL backend anymore.

Quartz MySQL Backend

8.10 Quartz is now automatically enabled in cluster mode when using the MySQL template.

SAML Addon Compatible with ADFS

8.2 After adjusting a few blind parts of the specification, the SAML plugin has been successfully used with Active Directory Federation Services.

SAML - Sample for Use Mapper

8.10 A generic user mapper sample has been added.

Elasticsearch Indexing Operations

8.1 Elasticsearch indexing operations are now available from Nuxeo Automation in addition to the Admin Center. Using a REST call you can now:

Indexing Optimization Using Scroll API

8.10 Instead of loading all document IDs to reindex, the new repository scroll API is used to remove memory pressure.

Full-Text Indexing Optimization

8.3We optimized the indexing flow by using ES bulk indexing features, when full-text indexing is disabled at the repository level. Number of works queued is now divided by two.

Allow Separate Repository DDL Generation

8.1 Nuxeo can now start with a new nuxeo.vcs.ddlmode parameter that specifies how the DDL for repository initialization should be executed at startup. Depending on the chosen mode, the DDL may not be executed at all and instead dumped to the log/ddl-vcs-default.sql log file. Possible values for nuxeo.vcs.ddlmode are:

For Nuxeo Platform 6.0 and Nuxeo Platform 7.10 the default was nuxeo.vcs.ddlmode=compat . For Nuxeo 8.2 the default is nuxeo.vcs.ddlmode=execute .

Note that all this applies to the DDL for the document repository, but not DDL used by other users of SQL in the platform (directories, quartz, JPA persistence).

New nuxeoctl Commands to Register Instances

8.3Some new commands are available:

nuxeoctl register [<username> [<project> [<type> <description>] [<pwd>]]]
nuxeoctl register-trial [<email> <company> <project> <description> [<pwd>]]

register allows to register an instance using an existing Nuxeo Online Services account while register-trial allows to create an account and get a trial against the Nuxeo Online Services portal.

Lots of Improvements for nuxeoctl mp-install

8.10Many improvements were added to nuxeoctl mp-install behavior and multiple bugs were fixed.

Redis

Cluster Invalidation with Redis in nuxeo.conf

8.1 Using Redis to process cluster invalidation instead of database can be configured in nuxeo.conf using repository.clustering.invalidation=redis (it used to be in the repository contribution).

Less Memory Footprint for Redis

8.2 Some work has been done to optimize the size of serialized works, hence lowering the requirements in terms of memory size for Redis.

Redis Pool Size Configuration

8.2The Redis connection pool size can be configured using the new nuxeo.conf options:

Retry Logic for Redis Calls

8.2Nuxeo now uses a failover executor with an exponential delay policy: 1ms, 2ms, 4ms, 8ms, 16ms, 32ms .. until the timeout has reached 5min by default.

Work Manager and Shutdown

8.2There was some clean up in the way jobs were processed, especially at server's shutdown. When server is shutdown, works being processed are finished before real shutdown. If server's process is killed, job will be restarted as the system is transactional.

User Manager Cache is Back

8.3A cache is now set up for the UserManager by default. It was not the case any more on LTS 2015 for users persisted in an SQL directory.

LibreOffice is Started In CommandLine

8.10 The PDF transformation of an office document is now done without using JODConverter but using a command line based PDF converter. This gives a more stable architecture. It assumes LibreOffice is on the path. Read our Installation documentation for all the requirements.

Nuxeo Importer

New Queue Importer

A queue based importer has been added as an additional bundle of the Nuxeo Platform Importer addon. This importer's interest is that it allows to store import job in queues, with a Kafka implementation, guaranteeing robustness and reliability of the import process at scale.

Non-Bulk Mode Available

8.3 With the following contribution you can now configure the importer to work in non-bulk mode, which is a bit slower but allows regular Work instances to be created and directed to specific queues:

<extension target="org.nuxeo.ecm.platform.importer.service.DefaultImporterComponent" point="importerConfiguration">
  <importerConfig>
  <bulkMode>false</bulkMode>
  </importerConfig>
</extension>

Nuxeo Importer without ES Indexing

8.3The nuxeo-importer can now run with Elasticsearch indexing turned off. The reindexing can be done after the mass import.

Use of Docker for 3D conversions

8.10 3D conversions run with the new 3D addon make use by default of Docker and pull images containing necessary software for conversions (Collada, Blender). Nuxeo should generalize this design in the future.

Read the Nuxeo 3D documentation.

Web App Optimizations

8.2 Since 6.0 and migration to JSF2, some regressions on the performance of the webapp were found, especially on heavy load. Some optimization work has been done. On a commodity hardware benchmarks shows after optimization that we are able to server 25% more requests.

JDK Required

8.10 The JDK (versus JRE) is now required to launch The Nuxeo Platform. Read our Installation documentation for all the requirements.

Configurable Content-Security-Policy Header

8.10

The Content-Security-Policy header is useful to protect against a variety of attacks, one of them being clickjacking (https://www.owasp.org/index.php/Clickjacking). Nuxeo now includes a permissive Content-Security-Policy. The default Nuxeo configuration is:
  <header name="Content-Security-Policy">default-src *; script-src 'unsafe-inline' 'unsafe-eval' data: *; style-src 'unsafe-inline' *; font-src data: *</header>
      

A stricter policy can be defined using a contribution like:

      <require>org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService.defaultContrib</require>

 <extension target="org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService" point="responseHeaders">
   <header name="Content-Security-Policy">default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: connect.nuxeo.com apis.google.com app.box.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self'; font-src 'self' data: fonts.gstatic.com; media-src 'self'; frame-src 'self' www.nuxeo.com accounts.google.com; frame-ancestors 'self'</header>
 </extension>