What's New in v22.1

Docker image

To download the Docker image (Intel-only):

docker pull cockroachdb/cockroach-unstable:v22.1.0-alpha.2

Changelog

View a detailed changelog on GitHub: v22.1.0-alpha.1...v22.1.0-alpha.2

Backward-incompatible changes

• Non-standard cron expressions that specify seconds or year fields are no longer supported. #74881
• Changefeeds will now filter out virtual computed columns from events by default. #74916
• The environment variable that controls the max amount of CPU that can be taken by password hash computations during authentication was renamed from COCKROACH_MAX_BCRYPT_CONCURRENCY to COCKROACH_MAX_PW_HASH_COMPUTE_CONCURRENCY. Its semantics remain unchanged. #74301

Security updates

• CockroachDB is now able to authenticate users via the DB Console and through SQL sessions when the client provides a cleartext password and the stored credentials are encoded using the SCRAM-SHA-256 algorithm. Support for a SCRAM authentication flow is a separate feature and is not the target of this release note. In particular, for SQL client sessions it makes it possible to use the authentication methods password (cleartext passwords), and cert-password (TLS client cert or cleartext password) with either CRDB-BCRYPT or SCRAM-SHA-256 stored credentials. Previously, only CRDB-BCRYPT stored credentials were supported for cleartext password authentication. #74301
• The hash method used to encode cleartext passwords before storing them is now configurable, via the new cluster setting server.user_login.password_encryption. Its supported values are crdb-bcrypt and scram-sha-256. The cluster setting only is enabled after all cluster nodes have been upgraded, at which point its default value is scram-sha-256. Prior to completion of the upgrade, the cluster behaves as if the cluster setting is set to crdb-bcrypt for backward compatibility. Note that the preferred way to populate password credentials for SQL user accounts is to pre-compute the hash client-side, and pass the precomputed hash via CREATE USER WITH PASSWORD, CREATE ROLE WITH PASSWORD, ALTER USER WITH PASSWORD, or ALTER ROLE WITH PASSWORD. This ensures that the server never sees the cleartext password. #74301
• The cost of the hashing function for scram-sha-256 is now configurable via the new cluster setting server.user_login.password_hashes.default_cost.scram_sha_256. Its default value is 119680, which corresponds to an approximate password check latency of 50-100ms on modern hardware. This value should be increased over time to reflect improvements to CPU performance: the latency should not become so small that it becomes feasible to brute force passwords via repeated login attempts. Future versions of CockroachDB will likely update this default value. #74301
• When using the default HBA authentication method cert-password for SQL client connections, and the SQL client does not present a TLS client certificate to the server, CockroachDB now automatically upgrades the password handshake protocol to use SCRAM-SHA-256 if the user's stored password uses the SCRAM encoding. The previous behavior of requesting a cleartext password is still used if the stored password is encoded using the CRDB-BCRYPT format. An operator can force clients to always request SCRAM-SHA-256 when a TLS client cert is not provided in order to guarantee the security benefits of SCRAM using the authentication methods cert-scram-sha-256 (either TLS client cert or SCRAM-SHA-256) and scram-sha-256 (only SCRAM-SHA-256). As in previous releases, mandatory cleartext password authentication can be requested (e.g., for debugging purposes) by using the HBA method password. This automatic protocol upgrade can be manually disabled using the new cluster setting server.user_login.cert_password_method.auto_scram_promotion.enable and setting it to false. Disable automatic protocol upgrades if, for example, certain client drivers are found to not support SCRAM-SHA-256 authentication properly. #74301
• In order to promote a transition to SCRAM-SHA-256 for password authentication, CockroachDB now automatically attempts to convert stored password hashes to SCRAM-SHA-256 after a cleartext password authentication succeeds if the target hash method configured via server.user_login.password_encryption is scram-sha-256. This auto-conversion can happen either during SQL logins or HTTP logins that use passwords, whichever occurs first. When an auto-conversion occurs, a structured event of type password_hash_converted is logged to the SESSIONS channel. The PKBDF2 iteration count on the hash is chosen in order to preserve the latency of client logins, to remain similar to the latency incurred from the starting bcrypt cost. (For example, the default configuration of bcrypt cost 10 is converted to a SCRAM iteration count of 119680.) This choice, however, lowers the cost of brute forcing passwords for an attacker with access to the encoded password hashes, if they have access to ASICs or GPUs, by a factor of ~10. For example, if it would previously cost them $1,000,000 to brute force a crdb-bcrypt hash, it would now cost them "just" $100,000 to brute force the SCRAM-SHA-256 hash that results from this conversion. If an operator wishes to compensate for this, three options are available:
  1. Set up their infrastructure such that only passwords with high entropy can be used. For example, this can be achieved by disabling the ability of end-users to select their own passwords and auto-generating passwords for the user, or enforcing some entropy checks during password selection. This way, the entropy of the password itself compensates for the lower hash complexity.
  2. Manually select a higher SCRAM iteration count. This can be done either by pre-computing SCRAM hashes client-side and providing the pre-computed hash using ALTER USER WITH PASSWORD, or adjusting the cluster setting server.user_login.password_hashes.default_cost.scram_sha_256 and asking CockroachDB to recompute the hash.
  3. Disable the auto-conversion of crdb-bcrypt hashes to scram-sha-256 altogether, using the new cluster setting server.user_login.upgrade_bcrypt_stored_passwords_to_scram.enabled. This approach is discouraged as it removes the other security protections offered by SCRAM authentication. The conversion also only happens if the target configured method via server.user_login.password_encryption is scram-sha-256, because the goal of the conversion is to move clusters towards using SCRAM. #74301
• Added support for query cancellation via the pgwire protocol. Since this protocol is unauthenticated, there are a few precautions included.
  1. The protocol requires that a 64-bit key is used to uniquely identify a session. Some of these bits are used to identify the CockroachDB node that owns the session. The rest of the bits are all random. If the node ID is small enough, then only 12 bits are used for the ID, and the remaining 52 bits are random. Otherwise, 32 bits are used for both the ID and the random secret.
  2. A fixed per-node rate limit is used. There can only be at most 256 failed cancellation attempts per second. Any other cancel requests that exceed this rate are ignored. This makes it harder for an attacker to guess random cancellation keys. Specifically, if we assume a 32-bit secret and 256 concurrent sessions on a node, it would take 2^16 seconds (about 18 hours) for an attacker to be certain they have cancelled a query.
  3. No response is returned for a cancel request. This makes it impossible for an attacker to know if their guesses are working. Unsuccessful attempts are logged internally with warnings. Large numbers of these messages could indicate malicious activity. #67501
• The cluster setting server.user_login.session_revival_token.enabled has been added. It is false by default. If set to true, then a new token-based authentication mechanism is enabled. A token can be generated using the crdb_internal.create_session_revival_token built in function. The token has a lifetime of 10 minutes and is cryptographically signed to prevent spoofing and brute forcing attempts. When initializing a session later, the token can be presented in a pgwire StartupMessage with a parameter name of crdb:session_revival_token_base64, with the value encoded in base64. If this parameter is present, all other authentication checks are disabled, and if the token is valid and has a valid signature, the user who originally generated the token authenticates into a new SQL session. If the token is not valid, then authentication fails. The token does not have use-once semantics, so the same token can be used any number of times to create multiple new SQL sessions within the 10 minute lifetime of the token. As such, the token should be treated as highly sensitive cryptographic information. This feature is meant to be used by multi-tenant deployments to move a SQL session from one node to another. It requires the presence of a valid Ed25519 keypair in tenant-signing.<tenant_id>.crt and tenant-signing.<tenant_id>.key. #75660
• When the sql.telemetry.query_sampling.enabled cluster setting is enabled, SQL names and client IPs are no longer redacted in telemetry logs. #76676

General changes

• The following metrics were added for observability of cancellation requests made using the PostgreSQL wire protocol:

  • sql.pgwire_cancel.total
  • sql.pgwire_cancel.ignored
  • sql.pgwire_cancel.successful

  The metrics are all counters. The ignored counter is incremented if a cancel request was ignored due to exceeding the per-node rate limit of cancel requests. #76457

• Documentation was added describing how jobs and scheduled jobs functions and are used in CockroachDB #73995

Enterprise edition changes

• Client certificates may now be provided for the webhook changefeed sink. #74645
• CockroachDB now redacts more potentially sensitive URI elements from changefeed job descriptions. This is a breaking change for workflows that copy URIs. As an alternative, the unredacted URI may be accessed from the jobs table directly. #75174
• Changefeeds now outputs the topic names created by the Kafka sink. Furthermore, these topic names will be displayed in the SHOW CHANGEFEED JOBS query. #75223
• Backup and restore jobs now allow encryption/decryption with GCS KMS #75750
• Kafka sinks support larger messages, up to 2GB in size. #76265

• Added support for a new SQL statement called ALTER CHANGEFEED, which allows users to add/drop targets for an existing changefeed. The syntax of the statement is: ALTER CHANGEFEED <job_id> {{ADD|DROP} <targets>}...

  There can be an arbitrary number of ADD or DROP commands in any order. For example:

  ALTER CHANGEFEED 123 ADD foo,bar DROP baz;
  

  With this statement, users can avoid going through the process of altering a changefeed on their own, and rely on CockroachDB to carry out this task. #75737

• Changefeeds running on tables with a low gc.ttlseconds value now function more reliably due to protected timestamps being maintained for the changefeed targets at the resolved timestamp of the changefeed. The frequency at which the protected timestamp is updated to the resolved timestamp can be configured through the changefeed.protect_timestamp_interval cluster setting. If the changefeed lags too far behind such that storage of old data becomes an issue, cancelling the changefeed will release the protected timestamps and allow garbage collection to resume. If protect_data_from_gc_on_pause is unset, pausing the changefeed will release the existing protected timestamp record. #76605

• Added support to the ALTER CHANGEFEED statement so that users can edit and unset the options of an existing changefeed. The syntax of this addition is the following:

  ALTER CHANGEFEED <job_id> SET <options> UNSET <opt_list>
  

  #76583

• Users may now alter the sink URI of an existing changefeed. This can be achieved by executing ALTER CHANGEFEED <job_id> SET sink = '<sink_uri>' where the sink type of the new sink must match the sink type of the old sink that was chosen at the creation of the changefeed. #77043

SQL language changes

• CHECK constraints on the shard column used by hash-sharded indexes are no longer printed in the corresponding SHOW CREATE TABLE. The constraint had been shown because CockroachDB lacked logic to ensure that shard columns which are part of hash-sharded indexes always have the check constraint which the optimizer relies on to achieve properly optimized plans on hash-sharded indexes. The constraint is now implied by the USING HASH clause on the relevant index. #74179
• The experimental command SCRUB PHYSICAL is no longer implemented. #74761
• The CREATE MATERIALIZED VIEW statement now supports WITH DATA. #74821
• CockroachDB now has a crdb_internal.replication_stream_spec function for stream replication. #73886
• CockroachDB has a new role VIEWACTIVITYREDACTED introduced in v21.2.5 that is similar to VIEWACTIVITY but restricts the use of statement diagnostics bundles. It is possible for a user to have both roles (VIEWACTIVITY and VIEWACTIVITYREDACTED), but VIEWACTIVITYREDACTED takes precedence. #74715
• In v21.2.5 CockroachDB added support for the ON CONFLICT ON CONSTRAINT form of INSERT ON CONFLICT. This form is added for compatibility with PostgreSQL. It permits explicitly selecting an arbiter index for INSERT ON CONFLICT, rather than inferring one using a column list, which is the default behavior. #73460
• Imports now check readability earlier for multiple files to fail more quickly if, for example, permissions are invalid. #74863
• In v21.2.5 CockroachDB added new roles, NOSQLLOGIN and its inverse SQLLOGIN, which controls the SQL login ability for a user while retaining their ability to login to the DB Console (as opposed to NOLOGIN which restricts both SQL and DB Console access). Without any role options all login behavior is permitted. OIDC logins to the DB Console continue to be permitted with NOSQLLOGIN set. #74706
• Added the default_table_access_method session variable, which only takes in heap, to match the behavior of PostgreSQL. #74774
• The distributed plan diagram now lists scanned column names for TableReaders. #75114
• Users can now specify the owner when creating a database, similar to PostgreSQL: CREATE DATABASE name [ [ WITH ] [ OWNER [=] user_name ] #74867
• The CREATE ROLE and ALTER ROLE statements now accept password hashes computed using the scram-sha-256 method. For example: CREATE USER foo WITH PASSWORD 'SCRAM-SHA-256$4096:B5VaT...'. As for other types of pre-hashed passwords, this auto-detection can be disabled by changing the cluster setting server.user_login.store_client_pre_hashed_passwords.enabled to false. To ascertain whether a scram-sha-256 password hash will be recognized, orchestration code can use the built-in function crdb_internal.check_password_hash_format(). Follow these steps to encode the SCRAM-SHA-256 password:
  1. Get the cleartext password string.
  2. Generate a salt, iteration count, stored key and server key according to RFC 5802.
  3. Encode the hash into a format recognized by CockroachDB: the string SCRAM-SHA-256$, followed by the iteration count, followed by :, followed by the base64-encoded salt, followed by $, followed by the base-64 stored key, followed by :, followed by the base-64 server key. #74301
• The session variable password_encryption is now exposed to SQL clients. Note that SQL clients cannot modify its value directly, it is only configurable via a cluster setting. #74301
• When possible, CockroachDB will now automatically require the PostgreSQL-compatible SCRAM-SHA-256 protocol when performing password validation when SQL client login. This mechanism is not used when SQL clients use TLS client certs, which is the recommended approach. This assumes support for SCRAM-SHA-256 in client drivers. As of 2020, SCRAM-SHA-256 is prevalent in the PostgreSQL driver ecosystem. However, users should be mindful of the following possible behavior changes:
  • An application that tries to detect whether password verification has failed by checking server error messages, might observe different error messages with SCRAM-SHA-256. Those checks, if present, need to be updated.
  • If a client driver simply does not support SCRAM-SHA-256 at all, the operator retains the option to set the cluster setting server.user_login.cert_password_method.auto_scram_promotion.enable to false to force the previous password verification method instead. #74301
• After a cluster upgrade, the first time a SQL client logs in using password authentication, the password will be converted to a new format (scram-sha-256) if it was encoded with crdb-bcrypt previously. This conversion will increase the latency of that initial login by a factor of ~2x, but it will be reduced again after the conversion completes. If login latency is a concern, operators should perform the password conversion ahead of time, by computing new SCRAM hashes for the clients via ALTER USER WITH PASSWORD or ALTER ROLE WITH PASSWORD. This conversion can also be disabled via the new cluster setting server.user_login.upgrade_bcrypt_stored_passwords_to_scram.enabled. #74301
• Statements are no longer formatted prior to being sent to the UI, but the new built-in function remains. #75443
• The default SQL statistics flush interval is now 10 minutes. A new cluster setting sql.stats.aggregatinon.interval controls the aggregation interval of SQL stats, with a default value of 1 hour. #74831
• SELECT, INSERT, DELETE, and UPDATE can no longer be granted or revoked on databases. Previously SELECT, INSERT, DELETE, and UPDATE would be converted to ALTER DEFAULT PRIVILEGES on GRANTs and were revocable. #72665
• Added pgcodes to errors when an invalid storage parameter is passed. #75262
• Implemented the ALTER TABLE ... SET (...) syntax. We do not support any storage parameters yet, so this statement does not change the schema. #75262
• SHOW GRANTS ON TABLE now includes the is_grantable column #75226
• Implemented the ALTER TABLE ... RESET (...) syntax. This statement currently does not change the schema. #75429
• S3 URIs used for BACKUP, EXPORT, or CHANGEFEED can now include the query parameter S3_STORAGE_CLASS to configure the storage class used when that job creates objects in the designated S3 bucket. #75588
• The cost based optimizer now modifies the query cost based on the avg_size table statistic, which may change query plans. This is controlled by the session variable cost_scans_with_default_col_size, and can be disabled by setting it to true: SET cost_scans_with_default_col_size=true. #74551
• The crdb_internal.jobs table now has a new column execution_events which is a structured JSON form of execution_errors. #75556
• The privileges reported in information_schema.schema_privileges for non-user-defined schemas no longer are inferred from the privileges on the parent database. Instead, virtual schemas (like pg_catalog and information_schema) always report the USAGE privilege for the public role. The pg_temp schema always reports USAGE and CREATE privileges for the public role. #75628
• Transaction ID to transaction fingerprint ID mapping is now stored in the new transaction ID cache, a FIFO unordered in-memory buffer. The size of the buffer is 64 MB by default and configurable via sql.contention.txn_id_cache.max_size cluster setting. Consequentially, two additional metrics are introduced:
  • sql.contention.txn_id_cache.size: the current memory usage of transaction ID cache.
  • sql.contention.txn_id_cache.discarded_count: the number of resolved transaction IDs that are dropped due to memory constraints. #74115
• Added new built-in functions called crdb_internal.revalidate_unique_constraint, crdb_internal.revalidate_unique_constraints_in_table, and crdb_internal.revalidate_unique_constraints_in_all_tables, which can be used to revalidate existing unique constraints. The different variations support validation of a single constraint, validation of all unique constraints in a table, and validation of all unique constraints in all tables in the current database, respectively. If any constraint fails validation, the functions will return an error with a hint about which data caused the constraint violation. These violations can then be resolved manually by updating or deleting the rows in violation. This will be useful to users who think they may have been affected by issue #73024. #75548
• The SHOW GRANTS ON SCHEMA statement now includes the is_grantable column #75722
• CockroachDB now disallows type casts from ENUM to BYTES. #75816

• EXPORT PARQUET has a new compression option whose value can be gzip or snappy. An example query:

  EXPORT INTO PARQUET 'nodelocal://0/compress_snappy' WITH compression = snappy FROM SELECT * FROM foo
  

  By default, the Parquet file will be uncompressed. With compression, the file name will be <filename>.parquet.gz or <filename>.parquet.snappy. #74661

• Setting a UTC timezone offset of greater than 167 or less than -167 now returns an error. For example:

  SET TIME ZONE '168'
  

  Gives error:

  invalid value for parameter "timezone": "'168'": cannot find time zone "168": UTC timezone offset is out of range.
  

  SET TIME ZONE '-168'
  

  Gives error:

  invalid value for parameter "timezone": "'-168'": cannot find time zone "-168": UTC timezone offset is out of range.
  

  #75822

• The RESET ALL statement was added, which resets the values of all session variables to their default values. #75804

• The SHOW GRANTS ON DATABASE statement now includes the is_grantable column #75854

• Reordered unimplemented tables in pg_catalog and information_schema to match PostgreSQL. #75461

• CockroachDB will now remove incompatible database privileges to be consistent with PostgreSQL. Existing SELECT, INSERT, UPDATE, and DELETE privileges on databases will be converted to the equivalent default privileges. #75562

• CockroachDB now allows users who do not have ADMIN privileges to use SHOW RANGES if the ZONECONFIG privilege is granted to the user. #75551

• The WITH (param=value) syntax is now allowed for primary key definitions, to align with PostgreSQL and to support WITH (bucket_count=...) syntax for hash-sharded indexes. #75971

• CockroachDB now aliases the idle_session_timeout session variable with the idle_in_session_timeout variable to align with PostgreSQL. #76002

• The SHOW GRANTS ON TYPE now includes the is_grantable column #75957

• The bucket_count storage parameter was added. To create hash-sharded indexes, you can use the new syntax: USING HASH WITH (bucket_count=xxx). The bucket_count storage parameter can only be used with USING HASH. The old WITH BUCKET_COUNT=xxx syntax is still supported for backward compatibility. However, you can only use the old or new syntax, but not both. An error is returned for mixed clauses: USING HASH WITH BUCKET_COUNT=5 WITH (bucket_count=5). #76068

• The bulkio.backup.merge_file_buffer_size cluster setting default value has been changed from 16MiB to 128MiB. This value determines the maximum byte size of SSTs that we buffer before forcing a flush during a backup. #75988

• CockroachDB now supports for the bucket_count storage parameter syntax, and should be used over the old WITH BUCKET_COUNT=xxx syntax. With this change, CockroachDB outputs the new syntax in SHOW CREATE statements. #76112

• CockroachDB now saves statement plan hashes or gists to the Statements persisted stats inside the Statistics column. #75762

• PostgreSQL error codes were added to the majority of spatial functions. #76129

• Performing a BACKUP on ranges containing extremely large numbers of revisions to a single row no longer fails with errors related to exceeding the size limit. #76254

• The default bucket count for hash-sharded index is 16. #76115

• CockroachDB now filters out internal statements and transactions from UI timeseries metrics. #75815

• EXPORT PARQUET now supports all data types that Avro changefeeds support. Below are the data type conversions from CockroachDB to Parquet. To maintain backward compatibility with older Parquet readers, Parquet converted types were also annotated. To learn about more about Parquet data representation, see the Parquet docs.

  CockroachDB Type Family -> Parquet Type	Parquet Logical Type	Parquet Converted Type
  Bool -> boolean	nil	nil
  String -> byte array	string	string
  Collated String -> byte array	string	string
  INet -> byte array	string	string
  JSON -> byte array	json	json
  Int (oid.T_int8) -> int64	int64	int64
  Int (oid.T_int4 or oid.T_int2) -> int32	int32	int32
  Float -> float64	nil	nil
  Decimal -> byte array	decimal (Note: scale and precision data are preserved in the parquet file)	decimal
  Uuid -> fixed length byte array (16 bytes)	uuid	no converted type
  Bytes -> byte array	nil	nil
  Bit -> byte array	nil	nil
  Enum -> byte array	Enum	Enum
  Box2d -> byte array	string	string
  Geography -> byte array	nil	nil
  Geometry -> byte array	nil	nil
  Date -> byte array	string	string
  Time -> int64	time (note: microseconds since midnight)	time
  TimeTz -> byte array	string	string
  Interval -> byte array	string (specifically represented as ISO8601)	string
  Timestamp -> byte array	string	string
  TimestampTz -> byte array	string	string
  Array -> encoded as a repeated field and each array value gets encoded by pattern described above.	List	List

  #75890

• SHOW CREATE TABLE no longer shows the FAMILY clause if there is only the PRIMARY family clause. #76285

• CockroachDB now records the approximate time when an index was created it. This information is exposed via a new NULL-able TIMESTAMP column, created_at, on crdb_internal.table_indexes. #75753

• Added support for query cancellation via the pgwire protocol. CockroachDB will now respond to a pgwire cancellation by forwarding the request to the node that is running a particular query. That node will then cancel the query that is currently running in the session identified by the cancel request. The cancel request is made through the pgwire protocol when initializing a new connection. The client must first send 32 bits containing the integer 80877102, followed immediately by the 64-bit BackendKeyData message that the server sent to the client when the session was started. Most PostgreSQL drivers handle this protocol already, so there's nothing for the end-user to do apart from calling the cancel function that their driver offers. See the PostgreSQL docs for more information. #67501

• Refactored the BACKUP, SHOW BACKUP, and RESTORE incremental_storage option to incremental_location. #76416

• Restored data now appears to have been written at the time it was restored, rather than the time at which it was backed up, when reading the lower-level write timestamps from the rows themselves. This affects various internal operations and the result of crdb_internal_mvcc_timestamp. #76271

• The built-in functions crdb_internal.force_panic, crdb_internal.force_log_fatal, crdb_internal.set_vmodule, crdb_internal.get_vmodule are now available to all admin users, not just root. #76518

• BACKUP of a table marked with exclude_data_from_backup via ALTER TABLE ... SET (exclude_data_from_backup = true) will no longer backup that table's row data. The backup will continue to backup the table's descriptor and related metadata, and so on restore we will end up with an empty version of the backed up table. #75451

• Failed DROP INDEX schema changes are no longer rolled back. Rolling back a failed DROP INDEX requires the index to be rebuilt, a potentially long-running, expensive operation. Further, in previous versions, such rollbacks were already incomplete as they failed to roll back cascaded drops for dependent views and foreign key constraints. #75727

• Fixed a bug where when sql.contention.txn_id_cache.max_size was set to 0, it would effectively turn off the transaction ID cache. #76523

• CockroachDB now allows users to add NEW_KMS encryption keys to existing backups using: ALTER BACKUP <backup_location> ADD NEW_KMS = <kms_uris> WITH OLD_KMS = <kms_uris>; ALTER BACKUP <subdir> IN <backup_collection> ADD NEW_KMS = <kms_uris> WITH OLD_KMS = <kms_uris> The OLD_KMS value must refer to at least one KMS URI that was previously used to encrypt the backup. Following successful completion of the ALTER BACKUP, subsequent backups, restore and show commands can use any of old or new KMS URIs to decrypt the backup. #75900

• Primary key columns which are not part of a unique secondary index (but are "implicitly" included because all indexes include all primary key columns) are now marked as storing in the information_schema.statistics table and in SHOW INDEX. This is technically more correct; the column is in the value in KV and not in the indexed key. #72670

• A special flavor of RESTORE, RESTORE SYSTEM USERS FROM ..., was added to support restoring system users from a backup. When executed, the statement recreates those users which are in a backup of system.users but do not currently exist (ignoring those who do) and re-grant roles for users if the backup contains system.role_members. #71542

• Added support for DECLARE, FETCH, and CLOSE commands for creating, using, and deleting SQL cursors. #74006

• SQL cursors now appear in pg_catalog.pg_cursors. #74006

• CockroachDB now turns on support for hash-sharded indexes in implicit partitioned tables. Previously, CockroachDB blocked users from creating hash-sharded indexes in all kinds of partitioned tables including implicit partitioned tables using PARTITION ALL BY or REGIONAL BY ROW. Primary keys cannot be hash-sharded if a table is explicitly partitioned with PARTITION BY or an index cannot be hash-sharded if the index is explicitly partitioned with PARTITION BY. Partitioning columns cannot be placed explicitly as key columns of a hash-sharded index, including regional-by-row table's crdb_region column. #76358

• When a hash-sharded index is partitioned, ranges are now pre-split within every single possible partition on shard boundaries. Each partition is split up to 16 ranges, otherwise split into the number bucket count ranges. Note that, only the list partition is being pre-split. CockroachDB doesn't pre-split range partitions. #76358

• New user privileges were added: VIEWCLUSTERSETTING and NOVIEWCLUSTERSETTING that controls whether users can view cluster settings only. #76012

• Several error cases in geospatial and other built-in functions now return more appropriate error codes. #76458

• Expression indexes can no longer have duplicate expressions. #76863

• The crdb_internal.serialize_session and crdb_internal.deserialize_session functions now handle prepared statements. When deserializing, any prepared statements that existed when the session was serialized are re-prepared. Re-preparing a statement if the current session already has a statement with that name throws an error. #76399

• The experimental_enable_hash_sharded_indexes session variable was removed, along with the corresponding cluster setting. The ability to create hash-sharded indexes is enabled automatically. SQL statements that refer to the setting will still work but will have no effect. #76937

• Added the session variable default_transaction_quality_of_service which controls the priority of work submitted to the different admission control queues on behalf of SQL requests submitted in a session. Admission control must be enabled for this setting to have an effect. To increase admission control priority of subsequent SQL requests:

  SET default_transaction_quality_of_service=critical;
  

  To decrease admission control priority of subsequent SQL requests:

  SET default_transaction_quality_of_service=background;
  

  To reset admission control priority to the default session setting (in between background and critical):

  SET default_transaction_quality_of_service=regular;
  

  #76512

• CockroachDB now limits the bucket count in hash-sharded indexes to an inclusive range of [2, 2048]. Previously we only required the bucket count a positive Int32 integer (greater than 1). #77004

• Added support for distributed import queries in multi-tenant environments, which allows import queries to have improved parallelism by utilizing all available SQL pods in the tenant. #76566

• The ST_Box2DFromGeoHash function now accepts NULL arguments. If the precision is NULL, it is equivalent to no precision being passed in. Upper-case characters are now parsed as lower-case characters for geohash, matching PostGIS behavior. #76990

• CockroachDB now supports the SHOW COMPLETIONS AT OFFSET <offset> FOR <stmt> syntax that returns a set of SQL keywords that can complete the keyword at <offset> in the given <stmt>. If the offset is in the middle of a word, then it returns the full word. For example SHOW COMPLETIONS AT OFFSET 1 FOR "SELECT" returns select. #72925

• A new row level TTL was added to CockroachDB, which is available as a beta feature. This allows users to use a special syntax to automatically mark rows for deletion. Rows are deleted using a SCHEDULED JOB.

  A user can create a table with TTL using:

  CREATE TABLE t (id INT PRIMARY KEY) WITH (ttl_expire_after = '10 mins')
  

  Where ttl_expire_after is a duration expression. A user can also add TTL to an existing table using:

  ALTER TABLE t SET (ttl_expire_after = '10 mins')
  

  This creates a new column, crdb_internal_expiration, which automatically is set to now() + ttl_expire_after when inserted by default or on update. The scheduled job will delete any rows which exceed this timestamp as of the beginning of the job run. The TTL job is configurable in a few ways using the WITH/SET syntax:

  • ttl_select_batch_size: how many rows to select at once (default is cluster setting sql.ttl.default_select_batch_size)
  • ttl_delete_batch_size: how many rows to delete at once (default is cluster setting sql.ttl.default_select_batch_size)
  • ttl_delete_rate_limit: maximum rows to delete per second for the given table (default is cluster setting sql.default.default_delete_rate_limit)
  • ttl_pause: pauses the TTL job (also globally pausable with sql.ttl.job.enabled).

  Using ALTER TABLE table_name RESET (<parameter>) will reset the parameter to re-use the default, or RESET(ttl) will disable the TTL job for the table and remove the crdb_internal_expiration column. #76918

• Added the cluster setting sql.contention.event_store.capacity. This cluster setting can be used to control the in-memory capacity of the contention event store. When this setting is set to zero, the contention event store is disabled. #76719

• When dropping a user that has default privileges, the error message now includes which database and schema in which the default privileges are defined. Additionally a hint is given to show exactly how to remove the default privileges. For example:

  pq: role testuser4 cannot be dropped because some objects depend on it owner of default privileges on new sequences belonging to role testuser4 in database testdb2 in schema s privileges for default privileges on new sequences belonging to role testuser3 in database testdb2 in schema s privileges for default privileges on new sequences for all roles in database testdb2 in schema public privileges for default privileges on new sequences for all roles in database testdb2 in schema s HINT: USE testdb2; ALTER DEFAULT PRIVILEGES FOR ROLE testuser4 IN SCHEMA S REVOKE ALL ON SEQUENCES FROM testuser3; USE testdb2; ALTER DEFAULT PRIVILEGES FOR ROLE testuser3 IN SCHEMA S REVOKE ALL ON SEQUENCES FROM testuser4; USE testdb2; ALTER DEFAULT PRIVILEGES FOR ALL ROLES IN SCHEMA PUBLIC REVOKE ALL ON SEQUENCES FROM testuser4; USE testdb2; ALTER DEFAULT PRIVILEGES FOR ALL ROLES IN SCHEMA S REVOKE ALL ON SEQUENCES FROM testuser4;
  

  #77016

• Added support for distributed backups in a multitenant environment that uses all available SQL pods in the tenant. #77023

Operational changes

• Sending a CockroachDB process, including one running a client command, a SIGUSR2 signal now causes it to open an HTTP port that serve the basic Go performance inspection endpoints for use with pprof. #75678
• Operators who wish to access HTTP endpoints of the cluster through a proxy can now request specific nodeIDs through a remote_node_id query parameter or cookie with the value set to the nodeID to which they would like to proxy the connection. #72659
• Added the admission.epoch_lifo.enabled cluster setting, disabled by default, which enables the use of epoch-LIFO adaptive queueing behavior in admission control. #71882
• Added the cluster setting bulkio.backup.resolve_destination_in_job.enabled which can be used to delay resolution of backup's destination until the job starts running. #76670
• A server.max_connections cluster setting was added to limit the maximum number of connections to a server. It is disabled by default. #76401
• BACKUP now resolves incremental backup destinations during the job's execution phase rather than while it is being created to reduce contention on the system.jobs table. The bulkio.backup.resolve_destination_in_job.enabled cluster setting that enabled this functionality in some v21.2 patch releases was removed. #76853
• Added the cluster setting kv.raft_log.loosely_coupled_truncation.enabled which can be used to disable loosely coupled truncation. #76215
• RESTORE now runs at a higher parallelism by default to improve performance. #76907
• Added the admission.epoch_lifo.epoch_duration, admission.epoch_lifo.epoch_closing_delta_duration, admission.epoch_lifo.queue_delay_threshold_to_switch_to_lifo cluster settings for configuring epoch-LIFO queueing in admission control. #76951

Command-line changes

• Fixed the CLI help text for ALTER DATABASE to show correct options for ADD REGION and DROP REGION, and include some missing options such as CONFIGURE ZONE. #74929
• If graceful drain range lease transfer encounters issues, verbose logging is now automatically enabled to help with troubleshooting. #68488
• All cockroach commands now log their stack but do not exit when sent a SIGQUIT signal. This behavior is consistent with the behavior of cockroach start. #75678
• The debug zip utility now also scrapes the cluster-wide KV replication reports in the output. #75239
• The flag --self of the cockroach node decommission command is deprecated. Instead, operators should specify the node ID of the target node as an explicit argument. The node that the command is connected to should not be a target node. #74319
• Added a new optional version argument to the doctor examine command. This can be used to enable or disable validation when examining older ZIP directories. #76166
• The debug zip CLI command now supports exporting system and crdb_internal tables to a ZIP folder for tenants. #75572
• Added instructions to an error message when initializing debug tsdump. #75880
• cockroach sql (and demo) now continue to accept user input when Ctrl+C is pressed at the interactive prompt and the current input line is empty. Previously, it would terminate the shell. To terminate the shell, the client-side command \q is still supported. The user can also terminate the input altogether via EOF (Ctrl+D). The behavior for non-interactive use remains unchanged. #76427
• The interactive SQL shell (cockroach sql, cockroach demo) now supports interrupting a currently running query with Ctrl+C, without losing access to the shell. #76437
• Added a new CLI flag --max-tsdb-memory used to set the memory budget for timeseries queries when processing requests from the Metrics page in the DB Console. Most users should not need to change this setting as the default of 1% of system memory or 64 MiB, whichever is greater, is adequate for most deployments. In cases where a deployment of hundreds of nodes has low per-node memory available (for example, below 8 GiB) it may be necessary to increase this value to 2% or higher in order to render time series graphs for the cluster using the DB Console. Otherwise, use the default settings. #74662
• Node drains now ensure that SQL statistics are not lost during the process, but are now preserved in the statement statistics system table. #76397
• The CLI now auto completes on tab by using SHOW COMPLETIONS AT OFFSET. #72925

API endpoint changes

• The /_status/load endpoint, which delivers an instant measurement of CPU load, is now available for regular CockroachDB nodes and not just multitenant SQL-only servers. #75852
• The StatusClient interface has been extended with a new request called NodesListRequest. This request returns a list of KV nodes for KV servers and SQL nodes for SQL only servers with their corresponding SQL and RPC addresses. #75572
• Users with the VIEWACTIVITYREDACTED role will not have access to the full queries with constants in the ListSessions response. #76675

DB Console changes

• Removed $ internal as one of the apps options under the Statements and Transactions page filters. #75470
• Removed formatting of statements on the Statements, Transactions, and Index details pages. #75443
• Changed the order of tabs under the SQL Activity page to be Statements, Transactions, and Sessions. #75490
• The logical plan text is now included in searchable text in the Statements page. #75097
• If the user has the role VIEWACTIVITYREDACTED, we now hide the Statement Diagnostics bundle info on Statements page (diagnostics column), Statement Details page (diagnostics tab) and Advanced Debug page (diagnostics history). #75274
• Loading and error pages are now below page config on the Transactions and Statements pages. This was introduced in CockroachDB v21.2.5. #75458
• Added Circuit Breaker graphs on the Replication Dashboard in the DB Console. This was introduced in CockroachDB v21.2.5. #75613
• Added an option to cancel a running request for statement diagnostics. #75733
• DB Console requests can now be routed to arbitrary nodes in the cluster. Users can select a node from a dropdown in the Advanced Debug page of the DB Console to route their UI to that node. Manually initiated requests can either add a remote_node_id query parameter to their request or set a remote_node_id HTTP cookie in order to manage the routing of their request. #72659
• We no longer show information about aggregation timestamps on the Statements and Statement Details pages, since now all the statement fingerprints are grouped inside the same time selection. #76301
• Added the status of automatic statistics collection to the Database and Database table pages in the DB Console.
• Added the timestamp of the last statistics collection to the Database details and Database table pages in the DB Console. #76168
• Open SQL Transactions and Active SQL Transactions are now downsampled using MAX instead of AVG and will more accurately reflect narrow spikes in transaction counts when looking at downsampled data. #76348
• Display circuit breakers in problems ranges and range status. #75809
• A Now button was added to the Statements and Transactions pages. The Reset time link was replaced by the Now button. #76691
• Changed invalid lease to expired lease on the Problem Ranges section of the Advanced Debug page #76757
• Added column selector, filters, and new columns to the Sessions and Sessions Details pages. #75965
• Added long loading messages to the SQL Activity pages. #76739

Bug fixes

• Fixed possible panics in some distributed queries using ENUMs in join predicates. #74659
• Fixed a bug that could previously cause redundant lease transfers. #74726
• Fixed a bug where deleting data in schema changes (for example, when dropping an index or table) could fail with a command too large error. #74674
• Fixed a bug where CockroachDB could encounter an internal error when performing UPSERT or INSERT ... ON CONFLICT queries in some cases when the new rows contained NULL values (either NULLs explicitly specified or NULLs used since some columns were omitted). #74825
• Fixed a bug where the scale of a DECIMAL column was not enforced when values specified in scientific notation (for example, 6e3) were inserted into the column. #74869
• Fixed a bug where certain malformed backup schedule expressions caused the node to crash. #74881
• Fixed a bug where a RESTORE job could hang if it encountered an error when ingesting restored data. #74905
• Fixed a bug which caused errors in rare cases when trying to divide INTERVAL values by INT4 or INT2 values. #74882
• Fixed a bug that could occur when a TIMETZ column was indexed, and a query predicate constrained that column using a < or > operator with a TIMETZ constant. If the column contained values with time zones that did not match the time zone of the TIMETZ constant, it was possible that not all matching values could be returned by the query. Specifically, the results may not have included values within one microsecond of the predicate's absolute time. This bug was introduced when the TIMETZ datatype was first added in v20.1. It exists in all versions of v20.1, v20.2, v21.1, and v21.2 prior to this patch. #74914
• Fixed an internal error, estimated row count must be non-zero, that could occur during planning for queries over a table with a TIMETZ column. This error was due to a faulty assumption in the statistics estimation code about ordering of TIMETZ values, which has now been fixed. The error could occur when TIMETZ values used in the query had a different time zone offset than the TIMETZ values stored in the table. #74914
• The --user argument is no longer ignored when using cockroach sql in --insecure mode. #75194
• Fixed a bug where CockroachDB could incorrectly report the KV bytes read statistic in EXPLAIN ANALYZE output. The bug is present only in v21.2 versions. #75175
• Fixed a bug that caused internal errors in queries with set operations, like UNION, when corresponding columns on either side of the set operation were not the same. This error only occurred with a limited set of types. This bug is present in v20.2.6+, v21.1.0+, and v21.2.0+. #75219
• Fixed a bug where CREATE INDEX statements using expressions failed in some cases if they encountered an internal retry. #75056
• Fixed a bug when creating hash-sharded indexes on existing tables, traffic would hit primarily on the single range of the index before it was split into more ranges for shards as the range size grew. This change makes schema changes able to presplit ranges on shard boundaries before the index becomes writable. Added the sql.hash_sharded_range_pre_split.max cluster setting which allows users to set the upper boundary of the amount of ranges. If the bucket count of the defined index is less than the cluster setting, the bucket count will be the amount of pre-split ranges. #74923
• Updated the String() function of roleOption to add a space on the role VALID UNTIL. #75271
• Fixed a bug where SQL Activity pages crashed when a column was sorted the 3rd time. #75473
• Fixed a bug where if multiple columns were added to a table inside a transaction, then none of the columns would be backfilled if the last column did not require a backfill. #75076
• Fixed a bug where in some cases queries that involved a scan which returned many results and which included lookups for individual keys were not returning all results from the table. #75475
• Fixed a bug where dropping and creating a primary index constraint with the same name in a transaction would incorrectly fail. #75155
• crdb_internal.deserialize_session now checks if the session_user has the privilege to SET ROLE to the current_user before changing the session settings. #75575
• Dedicated clusters can now restore tables and databases from backups made by tenants. #73647
• Fixed a bug that caused high SQL tail latencies during background rebalancing in the cluster. #73697
• Fixed a bug when tables or columns were dropped that contained sequences, where the sequence remained even when the owner table or column did not exist. A sequence is created when a column is defined as a SERIAL type and the serial_normalization session variable is set to sql_sequence. In this case, the sequence is owned by the column and the table where the column exists. The sequence should be dropped when the owner table or column is dropped, which is the PostgreSQL behavior. CockroachDB now assigns correct ownership information to the sequence descriptor and column descriptor so that CockroachDB aligns with PostgreSQL. #74840
• Fixed a bug where the options query parameter was removed when using the \c command in the SQL shell to reconnect to the cluster. #75673
• cockroach node decommission no longer causes query failure due to the decommissioning node not closing open SQL connections and still being marked as ready. The decommissioning process now includes a draining step that fixes this. In other words, a decommission now automatically drains a node. This also means that running a drain after a decommission is no longer necessary. It is optional, but recommended, that cockroach node drain is used before cockroach node decommission to avoid the possibility of a disturbance in query performance. #74319
• The CancelSession endpoint now correctly propagates gateway metadata when forwarding requests. #75814
• Fixed a bug which could cause nodes to crash when truncating abnormally large Raft logs. #75793
• Fixed a bug that caused incorrect values to be written to computed columns when their expressions were of the form j->x = y, where j is a JSON column and x and y are constants. This bug also caused corruption of partial indexes with WHERE clauses containing expressions of the same form. This bug was present since version v2.0. #75914
• Changefeeds retry instead of fail on RPC send failure. #75517
• Fixed a rare race condition that could lead to client-visible errors like found ABORTED record for implicitly committed transaction. These errors were harmless in that they did not indicate data corruption, but they could be disruptive to clients. #75601
• Fixed a bug where swapping primary keys could lead to scenarios where foreign key references could lose their uniqueness. #75820
• Fixed a bug where CASE expressions with branches that result in types that cannot be cast to a common type caused internal errors. They now result in a user-facing error. #76193
• Fixed a bug that caused internal errors when querying tables with virtual columns in the primary key. This bug was only present since version v22.1.0-alpha.1 and does not appear in any production releases. #75898
• The DB console Databases page now shows stable, consistent values for database sizes. #76315
• Fixed a bug where comments were not cleaned up when the table primary keys were swapped, which could cause SHOW TABLE to fail. #76277
• Fixed a bug where some of the cockroach node subcommands did not handle --timeout properly. #76427
• Fixed a bug which caused the optimizer to omit join filters in rare cases when reordering joins, which could result in incorrect query results. This bug was present since v20.2. #76334
• Fixed a bug where the list of recently decommissioned nodes and the historical list of decommissioned nodes incorrectly display decommissioned nodes. #76538
• Fixed a bug where CockroachDB could incorrectly not return a row from a table with multiple column families when that row contains a NULL value when a composite type (FLOAT, DECIMAL, COLLATED STRING, or an array of these types) is included in the PRIMARY KEY. #76563
• There is now a 1 hour timeout when sending Raft snapshots, to avoid stalled snapshot transfers preventing Raft log truncation and growing the Raft log very large. This is configurable via the COCKROACH_RAFT_SEND_SNAPSHOT_TIMEOUT environment variable. #76589
• Fixed an error that could sometimes occur when sorting the output of the SHOW CREATE ALL TABLES statement. #76639
• Fixed a bug where backups incorrectly backed up database, schema, and type descriptors that were in a DROP state at the time the backup was run. This bug resulted in the user being unable to backup and restore if their cluster had dropped and public descriptors with colliding names. #76635
• Fixed a race condition that in rare circumstances could cause a node to panic with unexpected Stopped processor during shutdown. #76825
• Fixed a bug where the different stages of preparing, binding, and executing a prepared statement would use different implicit transactions. Now these stages all share the same implicit transaction. #76792
• Attempting to run concurrent profiles now works up to a concurrency limit of two. This will remove the occurrence of profile id not found errors while running up to two profiles concurrently. When a profile is not found, the error message has been updated to suggest remediation steps in order to unblock the user. #76266
• The content type header for the HTTP log sink is now set to application/json if the format of the log output is JSON. #77014
• Fixed a bug that could corrupt indexes containing virtual columns or expressions. The bug only occurred when the index's table had a foreign key reference to another table with an ON DELETE CASCADE action, and a row was deleted in the referenced table. This bug was present since virtual columns were added in version v21.1.0. #77052
• Fixed a bug where CockroachDB could crash when running a SQL PREPARE using the PostgreSQL extended protocol. #77063
• Fixed a bug where running SQL-level EXECUTE using the PostgreSQL extended protocol had inconsistent behavior and could in some cases crash the server. #77063
• The crdb_internal.node_inflight_trace_spans virtual table will now present traces for all operations ongoing on the respective node. Previously, the table would reflect a small percentage of ongoing operations unless tracing was explicitly enabled. #76403
• The default value of kv.rangefeed_concurrent_catchup_iterators was lowered to 16 to help avoid overload during CHANGEFEED restarts. #75851

Performance improvements

• The memory representation of DECIMAL datums has been optimized to save space, avoid heap allocations, and eliminate indirection. This increases the speed of DECIMAL arithmetic and aggregation by up to 20% on large data sets. #74590
• RESTORE operations in Serverless clusters now explicitly ask the host cluster to distribute data more evenly. #75105
• IMPORT, CREATE, INDEX, and other bulk ingestion jobs run on Serverless clusters now collaborate with the host cluster to spread ingested data more during ingest. #75105
• The covar_pop aggregate function is now evaluated more efficiently in a distributed setting. #73062
• Queries using NOT expr syntax can now be evaluated faster in some cases. #75058
• The regr_sxx, regr_sxy, regr_syy aggregate functions are now evaluated more efficiently in a distributed setting. #75619
• Transaction read refresh operations performed during optimistic concurrency control's validation phase now use a time-bound file filter when scanning the LSM tree. This allows these operations to avoid scanning files that contain no keys written since the transaction originally performed its reads. #74628
• A set of bugs that rendered Queries-Per-Second (QPS) based lease and replica rebalancing in v21.2 and earlier ineffective under heterogenously loaded cluster localities has been fixed. Additionally a limitation which prevent CockroachDB from effectively alleviating extreme QPS hotspots from nodes has also been fixed. #72296
• The optimizer better optimizes queries that include both foreign key joins and self-joins. #75582
• A LIMIT can now be pushed below a foreign key join or self-join in more cases, which may result in more efficient query plans. #75582
• The performance of many DECIMAL arithmetic operators has been improved by as much as 60%. These operators include division (/), sqrt, cbrt, exp, ln, log, and pow. #75770
• Stores will retry requests that are directed at the incorrect range, most commonly following a recent range split. This patch has the effect of reducing tail latency following range splits. #75446
• The optimizer can now generate lookup joins in certain cases for non-covering indexes, when performing a left outer/semi/anti join. #58261
• The optimizer now plans inner lookup joins using expression indexes in more cases, resulting in more efficient query plans. #76078
• Certain forms of automatically retried read uncertainty errors are now retried more efficiently, avoiding a network round trip. #75905
• The regr_avgx, regr_avgy, regr_intercept, regr_r2, and regr_slope aggregate functions are now evaluated more efficiently in a distributed setting. #76007
• IMPORTs and index backfills should now do a better job of spreading their load out over the nodes in the cluster. #75894
• Fixed a bug in the histogram estimation code that could cause the optimizer to think a scan of a multi-column index would produce 0 rows, when in fact it would produce many rows. This could cause the optimizer to choose a suboptimal plan. It is now less likely for the optimizer to choose a suboptimal plan when multiple multi-column indexes are available. #76486
• Added the kv.replica_stats.addsst_request_size_factor cluster setting. This setting is used to tune Queries-Per-Second (QPS) sensitivity to large imports. By default, this setting is disabled. When enabled, the size of any AddSSTableRequest will contribute to QPS in inverse relation to this settings magnitude. By default this setting is configured to a conservative 50,000; every 50 kilobytes will be accounted for as an additional 1 QPS. #76252
• Queries with a LIMIT clause applied against a single table, either explicitly written, or implicit such as in an uncorrelated EXISTS subquery, now scan that table with improved latency if the table is defined with LOCALITY REGIONAL BY ROW and the number of qualified rows residing in the local region is less than or equal to the hard limit (sum of the LIMIT clause and optional OFFSET clause values). This optimization is only applied if the hard limit is 100000 or less. #75431
• Fixed a limitation where upon adding a new node to the cluster, lease counts among existing nodes could diverge until the new node was fully up-replicated. #74077
• The optimizer now attempts to plan lookup joins on indexes that include computed columns in more cases, which may improve query plans. #76817
• The optimizer produces more efficient query plans for INSERT .. ON CONFLICT statements that do not have explicit conflict columns or constraints and are performed on partitioned tables. #76961
• The corr, covar_samp, sqrdiff, and regr_count aggregate functions are now evaluated more efficiently in a distributed setting #76754
• The jobs scheduler now runs on a single node by default in order to reduce contention on the scheduled jobs table. #73319

Build changes

• Upgrade to Go 1.17.6 #74655

v22.1.0-alpha.1

Release Date: January 24, 2022

Downloads

Full CockroachDB executable

docker pull cockroachdb/cockroach-unstable:v22.1.0-alpha.1