Release Notes
DA-3.7-13.0.1
Integration with Trino via S3 interface
Trino can be configured to access data through Alluxio via its S3 API. This is the recommended integration over the previous HDFS interface, as the deployment is drastically simplified and can support the latest versions of Trino. Note that the HDFS interface can no longer be used from Trino 476 and onwards due to Trino's adoption of Java 24 as the runtime environment.
High-Availability Data Access Across Cloud Availability Zones
Deployment in multiple Availability Zones (Multi-AZ) within the same region is a High Availability strategy provided by cloud vendors to utilize redundant architecture to mitigate risks from single AZ failures.
In this release, Alluxio naturally integrates with Cloud Multi-AZ strategy to offer high availability and high performance of data access and ensure stronger data access resilience at all times. To make this happen, per user definitions, Alluxio can distribute the data replications across multiple AZ. When an application is accessing data, Alluxio client can intelligently detect and direct the access to proper data replications by following the priority of same AZ’s replications and then other AZ’s replications. As long as there is one data replication alive across all AZs, Alluxio can offer resilient and high performance data access. Furthermore, Alluxio’s passive caching feature can automatically recover the lost replications so that Alluxio can always keep a good number of data replications for the high availability data access.
Please refer to Multiple Availability Zones (AZ) for more details
5x Faster Cache Preloading with Partitioned and Parallel Processing for Large Files
Alluxio supports the ability to preload data from the underlying storage (UFS) to its cache. An enhancement to this functionality introduces a partitioned and parallel data loading mechanism, providing 5x faster performance when dealing with large files (typically >1GB). The new mechanism ensures faster, more efficient data transfers to Alluxio's cache.
Key Enhancements:
Partitioned Data Loading:
Large files are split into smaller, manageable chunks (partitions) for faster loading.
Partitioning ensures that each chunk can be handled independently, leading to better scalability and resource utilization.
Parallel Data Loading:
Each partition is loaded in parallel, drastically reducing the time required to load the entire file.
This parallelism maximizes available bandwidth and computational resources, leading to a performance boost.
Resource Efficiency:
The partitioned approach distributes the load evenly across available compute resources, ensuring balanced utilization of system resources.
This results in reduced bottlenecks and increased throughput.
Alluxio Management Console
A new web-based console that takes you from the first cluster to day-2 ops in minutes.
Deploy Alluxio Clusters
After the operator is installed, the cluster deployment webUI guides you through setup steps.
Guided setup after Operator install—no YAML editing from scratch
Visual cluster sizing, resources allocation
Validations & launch workflows to reduce deployment risk
View list of live clusters and their status
Manage Alluxio Clusters
The cluster level management console uses a modular navigation aligned to how you run Alluxio day to day
Mounts: connect/manage object & file backends
Cache lifecycle: preload hot data, precise eviction, hit-rate visibility
Config: TTL, quotas, eviction priority at cluster/mount/path
Jobs: submit, track, troubleshoot jobs (such as load) with status and logs
Please refer to management Console for more details.
Multi-Tenancy Support
Alluxio now supports flexible multi-tenancy through a new Gateway component integrated with Open Policy Agent (OPA). This enables fine-grained, team-based access control over the management console and Alluxio REST APIs, tailored to your organization’s structure.
Key Capabilities:
Integrates with OPA to enforce custom role-based access control (RBAC) policies.
Supports arbitrary role definitions, with full control over path-based authorization rules.
Works seamlessly across Alluxio’s Management Console and Alluxio APIs.
Example Roles Template:
Super Admin: Full visibility and control over all resources.
Team Admin: Can view the entire namespace; access rights enforced per path.
User: Access restricted; Management Console visibility completely disabled.
This model provides maximum flexibility for enterprise-scale deployments with diverse user groups and security boundaries. A default policy template is included to help you get started.
Please refer to User Roles & Access Control for Management Console for more details.
Role-based Access Control (RBAC) S3 Access
Alluxio's new Role-based Access Control (RBAC) S3 access feature enhances data security and control. This functionality allows administrators to define granular access permissions (read/write) or integrate the existing authentication and authorization services for S3 data through Alluxio's unified namespace.
Authentication: Supports OIDC/OAuth 2.0-based authentication, such as Okta, Cognito, and Microsoft AD
Authorization: Supports Ranger
The feature bridges compliance gaps by extending enterprise-grade authentication and authorization to S3 data while maintaining Alluxio’s caching and acceleration benefits.
Refer to Authentication and Authorization on how to enable and configure these capabilities.
Audit Log
Alluxio has introduced a new audit logging feature to enhance security and compliance monitoring. This functionality systematically records detailed access events, including user identities, operations performed (e.g., read/write), and timestamps. The logs enable administrators to analyze data access patterns, detect anomalies, and meet regulatory requirements.
Refer to Audit Logging for enabling audit logging.
Java Version Upgrade
In prior versions, the Alluxio java source code was compiled to bytecode compatible with Java 8 or higher. This is updated to be compatible with Java 11 or higher. For bare metal deployments that provide their own Java environments, Alluxio will no longer be able to run with a Java 8 JVM and must run with Java 11 JVM or newer. Containerized deployments, such as those deployed on Kubernetes, are not affected.
Addressing CVE Vulnerabilities
Major third party libraries are upgraded to their latest versions to mitigate potential security vulnerabilities surfaced by CVE scans. Some major upgrades include:
Grpc is upgraded from 1.60.1 to 1.68.1
Hadoop is upgraded from 3.3.6 to 3.4.1
Jackson is upgraded from 2.13.5 to 2.15.0
Jetcd is upgraded from 0.7.5 to 0.8.5
Netty is upgraded from 4.1.108.Final to 4.1.110.Final
Protobuf is upgraded from 3.19.6 to 3.25.5
As a result, all CVEs of high or critical severity levels are resolved.
Last updated