VMware

vFabric tc Server 2.9 Release Notes

vFabric tc Server 2.9.2 | 21 MAY 2013
vFabric tc Server 2.9.1 | 24 APR 2013

Last Document Update: 21 MAY 2013

What's in the Release Notes

These release notes cover the following topics:

What's New in vFabric tc Server 2.9.2

This VMware® vFabric™ tc Server release includes new tc Runtime versions and Apache Tomcat fixes:

  • tc Runtime versions.
    • tc Runtime 7.0.39.B.RELEASE
    • tc Runtime 6.0.37.A.RELEASE
  • Apache Tomcat security vulnerabilities fixed in tc Runtime 7.0.39.B.RELEASE.
    Issue Number Description
    CVE-2013-2071 Information Disclosure

    Severity: Moderate

    A scenario was identified in which elements of a previous request could be exposed to a current request. The behavior was very difficult to exploit deliberately, but could occur unexpectedly under some circumstances. The vulnerability was fixed.
  • Apache Tomcat security vulnerabilities fixed in tc Runtime 6.0.37.A.RELEASE.
    Issue Number Description
    CVE-2013-2067 Session Fixation

    Severity: Important

    A vulnerability related to FORM authentication was corrected.
    CVE-2013-3544 Denial of Service

    Severity: Important

    A vulnerability that would allow a client to perform a limited denial-of-service by streaming an unlimited amount of data to the server was fixed.

What's New in vFabric tc Server 2.9.1

This VMware® vFabric™ tc Server release includes the following new features:

  • tc Runtime versions.
    • tc Runtime 7.0.37.B.RELEASE
    • tc Runtime 6.0.36.B.RELEASE
    The following security vulnerability was fixed in tc Runtime 6.0.36.B.RELEASE.
    Issue Number Description
    CVE-2013-2067 Session Fixation

    Severity: Important

    A vulnerability related to FORM authentication was corrected.
  • Elastic memory template update. The elastic-memory runtime template provided with tc Server 2.9.1 contains version 1.3 of vFabric Elastic Memory for Java (EM4J). For information about EM4J 1.3, see vFabric Elastic Memory for Java (EM4J) 1.3 Release Notes.
  • Support for running an embedded tc Server instance. As of tc Server 2.9.1, you can create an embedded tc Server instance using the embedded jars now provided in the Maven repository. The process involves creating an account on repository.cloudfoundry.com, configuring the repository and artifact dependencies in your Maven project's pom.xml file, and providing the credentials for accessing the tc Server runtime artifacts in the Maven settings.xml file. See Embed tc Server.
  • Updated Hyperic plugin for tc Server.The VMware Solution Exchange has been updated with a new version of the Hyperic Plugin for vFabric tc Server. Click the Tech Specs tab for instructions on installing this plugin into an existing vFabric Hyperic 5.0 installation.
  • Spring Insight 1.9.2.SR1. tc Server Standard Edition 2.9.1 includes Spring Insight 1.9.2.SR1, the new features of which are described below.
    • New Collection plugins. (Insight Developer and Insight Operations) The following collection plugins are new in Spring Insight 1.9.2.SR1:
      • akka
      • axon
      • cassandra
      • gemfire (both QUERY and REGION)
      • hadoop
      • jcr
      • jndi
    • New Java annotations. (Insight Developer and Insight Operations) The new annotations are:
      • @InsightEndPoint annotation formatting modifiers
      • @InsightEndPointQualifier annotation
      • @InsightCustomEndpoint annotation
    • Configurable instrumentation with custom aspect-oriented programming (AOP). (Insight Developer and Insight Operations) You can implement class/method instrumentation in an XML file rather than writing a new collection plugin. See Creating Dynamic Concrete Aspects.
    • Visual indicators in Trace view. (Insight Developer and Insight Operations) New icons adorn the trace detail pane in the Insight Dashboard user interface: the first is a light bulb indicator that identifies the operation considered most important in the trace, providing a visual explanation of how each trace is classified as belonging to a specific endpoint; the other is a yellow caution indicator that appears above the Trace Detail pane to highlight HTTP requests that resulted in an error.
    • Alternative transport for Dashboard-Agent communication. (Insight Operations) You can configure an alternative transport for agent-server communications; in addition to the default http transport, you can enable the the Insight Dashboard and Agent to communicate via RabbitMQ or ActiveMQ. For instructions, see Configure RabbitMQ Transport and Configure ActiveMQ Transport.
    • WebLogic Server support. (Insight Operations) The Insight Operations Agent now runs on WebLogic Server. For supported versions, and other supported containers, see Supported Configurations and System Requirements. For installation instructions, see Install Agent on WebLogic Server.
    • New and changed Insight properties. (Insight Developer and Insight Operations) There are many changes to the insight components' properties files. See Insight Agent Properties and Insight Dashboard Properties.
    • RESTful API for Agent Management. (Insight Operations) tc Server 2.9.1 contains a new API for viewing and managing agents, collection plugins, collection strategies, and user-defined endpoint analyzers. See Agent Management API.

Known and Resolved Issues

Issues Resolved in vFabric tc Server 2.9.2

tc Server 2.9.2 has the fixes and improvements listed in the table below.

Issue Number Description
TCS-2764 A fix to JmxSocketListener solved a problem with incorrect handling of IPv6 addresses.

Issues Resolved in vFabric tc Server 2.9.1

tc Server 2.9.1 has the fixes and improvements listed in the table below.

Issue Number Description
TCS-2535 In previous versions of tc Server, the security manager did not start cleanly with the default catalina.policy. A modification to the tc Server catalina.policy resolved this issue.
TCS-2686 The message that the Hyperic tc Server plugin displays when it cannot connect to the tc Server instance via JMX is improved to give the user a better idea of the possible causes of the problem.
TCS-2730 In previous versions of tc Server, deployment of a web application to tc Server using the Hyperic tc Server plugin failed, if the Hyperic Server ran on Windows and the Agent ran on a Unix-like operating system. Investigation revealed the deployment failed because the plugin was attempting to deploy to a Windows-style path, rather than the Unix-style path entered by the user. A code fix resolved this problem.
TCS-2719 The tc Server plugin for Hyperic is enhanced to enable EM4J monitoring.
TCS-2685 In previous versions of tc Server, the tcruntime-instance and tcruntime-ctl scripts used different options to specify the instance directory: the command flag for tcruntime-instance was -i, and -n for tcruntime-ctl. The tcruntime-ctl script is updated to accept the -i option; for backward compatibility, the script still supports -n.
TCS-2675 In previous versions of tc Server, attempts to stop an instance failed, if the contents of the instance's logs directory had been deleted while the instance was running. Investigation revealed the problem occurred because the process PID file, which is stored in the logs directory, no longer existed. The error message displayed under these circumstances has been enhanced to inform the user that the current running state is unknown because the process PID is not found.
TCS-2679 In previous versions of tc Server, the environment variables that a template could define were limited to a specific set of variables. In this version of tc Server, you can specify custom properties in the setenv.properties file for the template.
TCS-2523 In previous versions of tc Server, template property placeholders were supported only in properties files and in XML files that contain fragments of XML for modifying the standard configuration files. In tc Server 2.9.1, any XML file included in a runtime template can contain property placeholders.

Known Issues in vFabric tc Server 2.9

Known issues in tc Server 2.9 are listed in the table below.

Issue Number Description
TCS-2767 The tcsadmin command used to deploy an application does not automatically add a revision number to an existing web application.