November 10, 2020
With the release of CockroachDB v20.2, we've made a variety of productivity, management, and performance improvements. Check out a summary of the most significant user-facing changes and then upgrade to CockroachDB v20.2.
To learn more, read the v20.2 blog post.
A denial-of-service (DoS) vulnerability is present in CockroachDB v20.2.0 - v20.2.3 due to a bug in protobuf. This is resolved in CockroachDB v20.2.4 and later releases. When upgrading is not an option, users should audit their network configuration to verify that the CockroachDB HTTP port is not available to untrusted clients. We recommend blocking the HTTP port behind a firewall.
For more information, including other affected versions, see Technical Advisory 58932.
Cockroach Labs has discovered a bug relating to incremental backups, for CockroachDB v20.2.0 - v20.2.7. If a backup coincides with an in-progress index creation (backfill),
IMPORT, it is possible that a subsequent incremental backup will not include all of the indexed, restored or imported data.
Users are advised to upgrade to v20.2.8 or later, which includes resolutions.
For more information, including other affected versions, see Technical Advisory 63162.
$ docker pull cockroachdb/cockroach:v20.2.0
Recent CockroachCloud improvements:
- Create a 30-day free CockroachCloud cluster.
- Add or remove nodes through the CockroachCloud Console.
- Set up VPC peering for clusters running on GCP.
- View backups that Cockroach Labs has taken for your CockroachCloud cluster.
This section summarizes the most significant user-facing changes in v20.2.0. For a complete list of features and changes, including bug fixes and performance improvements, see the release notes for previous testing releases. You can also search for what's new in v20.2 in our docs.
"Core" features are freely available in the core version and do not require an enterprise license. "Enterprise" features require an enterprise license. CockroachCloud clusters include all enterprise features.
- Recovery and I/O
- Deployment and Operations
- Backward-incompatible changes
- Known limitations
|Core||Third-Party Tool Support||CockroachDB now fully supports several additional third-party database tools, including Spring Boot, Hibernate, and ActiveRecord.|
|Core||Spatial Support||CockroachDB now supports spatial data types, spatial indexes, and spatial functions, as well as the ability to migrate spatial data from various formats such as Shapefiles, GeoJSON, GeoPackages, and OpenStreetMap.|
|Core||User-Defined Schemas||You can now create user-defined logical schemas, as well alter user-defined schemas, drop user-defined schemas, and convert databases to user-defined schemas.|
|Core||Partial Indexes||You can now use partial indexes to specify a subset of rows and columns in a table that evaluate to true on a
||CockroachDB now supports the creation and management of user-defined
|Core||Materialized Views||CockroachDB now supports materialized views, or views that store their selection query results on-disk.|
|Core||View Replacement||CockroachDB now supports replacing an existing view with the
|Core||Foreign Key Performance and Compatibility||When adding the
||The response of the
|Core||Disallowing Full Table Scans||You can use the new
|Core||Altering Column Data Types||You can now alter the data type of table column. Note that this feature is experimental and is subject to change.|
Recovery and I/O
|Core||Backup/Restore in Core Version||The core version of CockroachDB now lets you perform full cluster backups, all restore options, as well as bulk exports. Incremental backups, locality-aware backups, and other advanced backup functionality continue to require an enterprise license.|
|Core||Backup Scheduling||You can now create schedules for CockroachDB backups, as well as view, pause, resume, and drop backup schedules. Once a scheduled backup is created, you can use
|Core||Import with User-Scoped Storage||In addition to supporting bulk imports from cloud storage, CockroachDB now lets you upload CSV files from your local machine to user-scoped file storage in your cluster. Once uploaded, a userfile can be reference by the
|Core||Import with Default Expressions||You can now use
|Enterprise||KMS Support for Encrypted Backups||You can now use AWS Key Management Service (KMS) to encrypt the files that full or incremental backups generate.|
Deployment and Operations
|Core||Kubernetes Operator||The CockroachDB Kubernetes Operator eases deployment of secure CockroachDB clusters on Kubernetes. The Operator can be used to create StatefulSets, authenticate pods, scale CockroachDB clusters, and perform rolling upgrades. The Operator is in beta and is not yet production-ready.|
|Core||Log Redaction||When gathering log files via the
|Core||Certificate Revocation with OCSP||CockroachDB now supports certificate revocation for custom CA certificate setups running an OCSP server.|
|Enterprise||SSO in the DB Console||The DB Console now supports single sign-on (SSO) via OpenID Connect (OIDC), an authentication layer built on top of OAuth 2.0. When SSO is configured and enabled, the DB Console login page displays an OAuth login button in addition to the password access option. Note that this feature is experimental and is subject to change.|
|Core||Permission-Based Object Ownership||All database objects now have owners. By default, the user who created an object is the owner of the object and has all privileges on the object. Any roles that are members of the
|Core||Fine-Grained SQL Privileges||CockroachDB now allows you to grant users administrative abilities without giving them full admin access.|
|Core||Transaction Details||The new Transactions page of the DB Console shows you details about all client-initiated transactions in the cluster that help you identify and troubleshoot frequently retried and high-latency transactions.|
|Core||Sessions Details||The new Sessions page of the DB Console shows you details about all active and idle sessions in the cluster, with session age, memory usage, SQL statement, and other details available for active sessions.|
Before upgrading to CockroachDB v20.2, be sure to review the following backward-incompatible changes and adjust your deployment as necessary.
- A CockroachDB node started with
cockroach startwithout the
--joinflag no longer automatically initializes the cluster. The
cockroach initcommand is now mandatory. The auto-initialization behavior had been deprecated in version 19.2.
- CockroachDB v20.1 introduced a new rule for the
cockroach start, causing it to prefer SRV records, if present in DNS, to look up the peer nodes to join. This feature is experimental, and has been found to cause disruption in in certain deployments. To reduce this disruption and the resulting UX surprise, the feature is now gated behind a new command-line flag
--experimental-dns-srvwhich must now be explicitly passed to
cockroach startto enable it.
cockroach startwas deprecated in v20.1 and has been removed in v20.2. Use
- The textual error and warning messages displayed by
cockroach quitunder various circumstances have been updated. Meanwhile, the message "
ok" remains as an indicator that the operation has likely succeeded.
cockroach quitnow prints out progress details on its standard error stream, even when
--logtostderris not specified. Previously, nothing was printed on standard error. Scripts that wish to ignore this output can redirect the stderr stream.
- Previously, the phase of server shutdown responsible for range lease transfers to other nodes would give up after 10000 attempts of transferring replica leases away, regardless of the value of
server.shutdown.lease_transfer_wait. The limit of 10000 attempts has been removed, so that now only the maximum duration
- Previously, issuing a
SIGTERMsignal twice or after another signal initiated a hard shutdown for a node. Now the first
SIGTERMsignal initiates a graceful shutdown and further occurrences of
SIGTERMare ignored. To initiate a hard shutdown, issue
SIGINTtwo times (or issue a
SIGINTsignal once after a
- Clusters running alphas of 20.2 that use
ENUMtypes will not be able to upgrade to betas or major releases of 20.2 due to internal representation changes.
- Specifying the same option multiple times in the
WITHclause of the
RESTOREstatement now results in an error message. Additionally, quoted option names are no longer allowed.
- The copy of system and
crdb_internaltables extracted by
cockroach debug zipis now written using the TSV format (inside the zip file), instead of an ASCII-art table as previously.
SHOW RANGE FOR ROWstatement now takes a tuple of the row's index columns instead of the full column set of the row.
- For expression typing involving only operations on constant literals, each constant literal is now assigned a
typebefore calculation. Previously, a
typewas assigned only to the final result.
- The file names for heap profile dumps now use the naming scheme
memprof.<date-and-time>.<heapsize>. Previously, they were named
- The Docker image is now based on RedHat's UBI instead of Debian.
cockroach node decommission --wait=liveis no longer supported. It was deprecated in an earlier release.
cockroach quitcommand is now deprecated. For decommissioning, use the
cockroach node decommissioncommand. To terminate the cockroach process, use signals.
cockroach dumpcommand is now deprecated. Instead, back up your data in a full backup, export your data in plain text format, or view table schema in plaintext with
SHOW CREATE TABLE.
--log-dir-max-sizecommand-line flag is now deprecated and has been replaced with a new flag named
--log-group-max-size. The flags limit the combined size of all files generated by one logging group inside CockroachDB.
- CockroachDB built-in SQL shell (
cockroach demo) no longer prompts for more lines of input after the user enters
BEGINbefore sending the input to the server. Instead, full lines of input are always sent to the server immediately. The corresponding client-side option
smart_promptis thus ineffective and deprecated. It will be removed in a later version.
Cross-database references are deprecated in v20.2 (see tracking issue). In v20.2, creating cross-database references is disabled for foreign keys, views, and sequence ownership with the
sql.cross_db_sequence_owners.enabledcluster settings set to
falseby default. Note that any cross-database references that were created prior to a v20.2 upgrade are still allowed and are unaffected by these cluster settings.
After upgrading to v20.2, we recommend removing all cross-database references, and, if necessary, creating object references across user-defined schemas instead. For details on migrating a cluster that does not use user-defined schemas in its naming hierarchy, see Migrating namespaces from previous versions of CockroachDB.
After upgrading to v20.2, we recommend that you convert any existing interleaved tables to non-interleaved tables and replace any existing interleaved secondary indexes with non-interleaved indexes. For instructions, see
INTERLEAVE IN PARENTDeprecation.
For information about new and unresolved limitations in CockroachDB v20.2, with suggested workarounds where applicable, see Known Limitations.
|Training||Online Course for Python Developers||Launched a new self-paced course on Cockroach University, CockroachDB for Python Developers. This course walks you through building a full-stack vehicle-sharing app in Python using the popular SQLAlchemy ORM and a free CockroachCloud cluster as the back-end.|
|Docs||Interactive In-Browser Tutorials||Added tutorials that can be completed entirely in your browser, without downloads or installations, from Learning CockroachDB SQL to Building a Python App on CockroachDB to Storing and Querying JSON.|
|Docs||Transaction Retry Error Reference||Documented the various errors that developers encounter around transaction retries in CockroachDB, explaining why each error happens and what to do about it.|
|Docs||Disaster Recovery||Documented how to plan for and recover from various types of disasters, from hardware failure, to data failure, to compromised security keys.|
|Docs||Batch Deletes||Added guidance on performing large deletes across various scenarios.|
|Docs||Multi-Region Kubernetes on EKS||Added a tutorial on orchestrating a secure CockroachDB multi-region deployment on Amazon EKS.|