|
Issue Setting up ConfiguredGraphFactory
Paul Heinzlreiter
Hi all,
I am trying to set up the Janusgraph ConfiguredGraphFactory for using multiple graphs. I am using janusgraph-full-0.6.2
I am trying to configure it for the inmemory graph to exclude other possible issues.
I am using a janusgraph-inmemory-configurationgraph.properties: … gremlin.graph=org.janusgraph.core.ConfiguredGraphFactory graph.graphname=ConfigurationManagementGraph storage.backend=inmemory …
And in gremlin-server.yaml:
graphs: { ConfigurationManagementGraph: conf/janusgraph-inmemory-configurationgraph.properties }
Restarting gremlin server, then wanting to set up a template configuration:
gremlin> :remote connect tinkerpop.server conf/remote.yaml ==>Configured localhost/127.0.0.1:8182 gremlin> :remote console ==>All scripts will now be sent to Gremlin Server - [localhost/127.0.0.1:8182] - type ':remote console' to return to local mode gremlin> map = new HashMap();
[gremlin-server-exec-3] WARN org.apache.tinkerpop.gremlin.server.op.AbstractEvalOpProcessor - Exception processing a script on request [RequestMessage{, requestId=2022abcc-d5fb-491e-bcc6-6952e7200339, op='eval', processor='', args={gremlin=map.put("storage.hostname", "inmemory");, bindings={}, batchSize=64}}]. groovy.lang.MissingPropertyException: No such property: map for class: Script4
So the map type cannot be (de)serialized?
Any help appreciated.
Regards, Paul Heinzlreiter
-- DI Paul Heinzlreiter
RISC Software GmbH A company of Johannes Kepler University Linz
|
|
|
|
What Unit of Measurement Do the Time-Related JMX Metrics Use?
sammy.jia@...
Hello. I have a basic question about JanusGraph's metrics.
Currently, I have a JMX exporter that is sending JanusGraph's metrics to Prometheus. Some of these metrics, such as "metrics_org_janusgraph_query_graph_execute_time_Mean" or "metrics_org_janusgraph_query_graph_isDeleted_time_Count", are time-related but don't explicitly say what unit of measurement is being used. I'm not sure if they are using milliseconds, nanoseconds, or some other unit. Does anyone happen to know what unit of measurement is being used in JanusGraph?
|
|
|
|
Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"
Yingjie Li
Hello Marc, Yes, after applying the changes you suggested, it works now. I can load data and use gremlin successfully! Thanks to all of you, Marc, Jan and Boxuan, for your help in fixing the security issue! Best, Yingjie Thanks, Yingjie
On Fri, Sep 30, 2022 at 3:46 AM <hadoopmarc@...> wrote: Hi Yingjie,
|
|
|
|
Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"
hadoopmarc@...
Hi Yingjie,
OK, I tried for myself. From the initial log lines in the Gremlin Console: SLF4J: Class path contains multiple SLF4J bindings. SLF4J: Found binding in [jar:file:/tera/lib/janusgraph-full-1.0.0-SNAPSHOT/lib/log4j-slf4j-impl-2.18.0.jar!/org/slf4j/impl/StaticLoggerBinder.class] SLF4J: Found binding in [jar:file:/tera/lib/janusgraph-full-1.0.0-SNAPSHOT/lib/logback-classic-1.2.11.jar!/org/slf4j/impl/StaticLoggerBinder.class] SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation. SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFactory] you can see that you alsso have to remove lib/log4j-slf4j-impl-2.18.0.jar After having done that, you will notice that the hadoop and spark plugins also depend on log4j. You can disable these by removing the corresponding lines from the ext/plugins.txt file. It seems the distribution now meets your requirements! Best wishes, Marc
|
|
|
|
Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"
Yingjie Li
Hello Marc, For this build, in directory janusgraph-full-1.0.0-SNAPSHOT/lib, there are log4j-1.2.17.jar , log4j-api-2.18.0.jar, log4j-core-2.18.0.jar, log4j-slf4j-impl-2.18.0.jar, but no slf4j-log4j12-1.7.30.jar . In directory janusgraph-full-1.0.0-SNAPSHOT/elasticsearch/lib, there are elasticsearch-log4j-7.17.5.jar, log4j-api-2.17.1.jar Yingjie
On Fri, Sep 30, 2022 at 1:51 AM <hadoopmarc@...> wrote: Hi Yingjie,
|
|
|
|
Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"
hadoopmarc@...
Hi Yingjie,
See my earlier comment, with respect to janusgraph-0.6.2: >>My suggestion was incomplete. In addition to removing the log4j-1.2.17.jar file from the lib folder, you have to remove the slf4j-log4j12-1.7.30.jar file as well. Otherwise, JanusGraph server starts looking for the log4j jar and crashes, as you found out. Can you confirm that log4j-2x in the elasticsearch/lib folder now has the required version? Best wishes, Marc
|
|
|
|
Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"
Yingjie Li
Hello Jan, Thanks for the pointers. I downloaded the last build based on the link you provided. I unzipped janusgraph-full-1.0.0-SNAPSHOT.zip and tried starting Janusgraph and gremlin.sh, both worked. I removed log4j-1.2.17.jar, restarted janusgraph, and ran gremlin.sh, but failed. Does it mean log4j-1.2.17 is still used somehow and if so, how to disable it? Thanks. Yingjie
On Fri, Sep 16, 2022 at 10:08 AM Jansen, Jan via lists.lfaidata.foundation <Jan.jansen=gdata.de@...> wrote:
|
|
|
|
Re: Operate with JMX metrics and measurements units. What metrics to observe for read queries?
Ronnie
Hi,
Please can someone clarify the default unit for the time relates metrics? Couldnt find this from any of the docs or on the internet. Thanks! Ronnie
|
|
|
|
Re: Composite Indexing not working as expected for property on vertex in janusgraph 0.6.1
hadoopmarc@...
Hi Nikita,
Can you please provide me with the complete steps to reproduce your issue? Preferably code lines that work in the Gremlin Console for the JanusGraph inmemory graph, including the schema and indices and the vertex add steps? From your description up till now it is just not possible to make sense of what is happening. Best wishes, Marc
|
|
|
|
Re: Composite Indexing not working as expected for property on vertex in janusgraph 0.6.1
Nikita Pande
Hi, There is one observation that, 1. I faced above issue when the data was loaded with graph.addVertex() method 2. I added sample data using graph traverser g.addV().property().property() and it worked fine. I want to understand why is step 1 not giving any response for query g.V().has("newid","xyz") whereas it works with step 2.
|
|
|
|
Re: Composite Indexing not working as expected for property on vertex in janusgraph 0.6.1
hadoopmarc@...
> Can the indexing work with property of single cardinality?
Yes.
|
|
|
|
Re: Composite Indexing not working as expected for property on vertex in janusgraph 0.6.1
Nikita Pande
Hi hadoopmarc,
Thanks for elaborate explanation. The cardinality is SINGLE for the property "newid". newid | SINGLE | class java.lang.String Can the indexing work with property of single cardinality? Thanks and Regards, Nikita
|
|
|
|
Re: Required Capacity Error - JanusGraph on Cassandra
hadoopmarc@...
Hi Joe,
With "an index on type and range" you really mean: Indeed, supernodes have little value in traversing graphs. Maybe you can remove the worst ones (they probably have little meaning) or make them into a property on the attached vertices. If the supernodes are not the ones you want to traverse in your query, maybe a label constraint in the index can help. Best wishes, Marc
|
|
|
|
Re: Composite Indexing not working as expected for property on vertex in janusgraph 0.6.1
hadoopmarc@...
Hi Nikita,
Indeed, the janusgraph query optimizer can not handle the has("newid",unfold().is("hash data")) construct in the right way and the index does not trigger. But then, this construct is not necessary. Even if the "newid" property has a LIST cardinality, you can still do: g.V().has("newid", "hash data").valueMap(true).tryNext().isPresent() and have the index on newid triggered. Indeed, your example gremlin> g.V().has("newid","xyz").valueMap(true).tryNext().isPresent() should result in true. I checked it on a fresh database and it does. So, please check the steps you took to get your result. gremlin> testval = m.makePropertyKey('testval').dataType(String.class).cardinality(Cardinality.LIST).make() ==>testval gremlin> m.buildIndex('byTestVal', Vertex.class).addKey(testval).buildCompositeIndex() ==>byTestVal gremlin> m.commit() gremlin> g.addV().property('testval', 'xyz1') ==>v[8192] gremlin> g.V(8192).property('testval', 'xyz2') ==>v[8192] gremlin> g.V(8192).values('testval') ==>xyz1 ==>xyz2 gremlin> g.V().has("testval","xyz1").valueMap(true).tryNext().isPresent() ==>true Best wishes, Marc
|
|
|
|
Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"
Jansen, Jan
Hi Yingjie,
You can also download our latest artifacts from github action. https://github.com/JanusGraph/janusgraph/actions/workflows/ci-release.yml?query=branch%3Amaster+is%3Acompleted
Just go to the last build and download
distribution-builds.
Greetings,
Jan
From: janusgraph-users@... <janusgraph-users@...> on behalf of hadoopmarc via lists.lfaidata.foundation
<hadoopmarc=xs4all.nl@...>
Sent: Friday, September 16, 2022 2:30 PM To: janusgraph-users@... <janusgraph-users@...> Subject: Re: [janusgraph-users] Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!" Hi Yingjie,
As edited in my previous reaction, the Cassandra jars in the JanusGraph distribution do not include the log4j jar. As to elasticsearch, your best choices are:
Best wishes, Marc
|
|
|
|
Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"
hadoopmarc@...
Hi Yingjie,
As edited in my previous reaction, the Cassandra jars in the JanusGraph distribution do not include the log4j jar. As to elasticsearch, your best choices are:
Best wishes, Marc
|
|
|
|
Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"
Yingjie Li
Marc, Yes, we use Cassandra and Elasticsearch at the backend from janusgraph-full-0.6.2 . What are the steps to disable log4j? Thanks Yingjie Th
On Fri, Sep 16, 2022 at 2:30 AM <hadoopmarc@...> wrote:
|
|
|
|
Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"
Hi Yingjie,
As to the short term workaround with removing the log4j jars, from the lib folder you can still use the gremlin console if you edit the ext/plugins.txt file and remove the lines with the hadoop and spark plugins. However, you state that you use elasticsearch, which also ships with log4j in the janusgraph-full-0.6.2.zip distribution. Best wishes, Marc Edited: cassandra does not ship with log4j
|
|
|
|
Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"
Yingjie Li
Hello Jan, Yes, the only issue is the log4j2 that comes with janusgraph-full-0.6.2.zip installation. If there are some configurations that can be changed to fix this issue, that's all what we need. Please let me know the steps. Thanks, Yingjie
On Thu, Sep 15, 2022 at 2:58 PM Jansen, Jan via lists.lfaidata.foundation <Jan.jansen=gdata.de@...> wrote:
|
|
|
|
Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"
Jansen, Jan
Hi
It won't be possible to backport without breaking change. We could work on release of janusgraph 1, after we finished upgrading to Tinkerpop 3.6. We have multiple libs with CVEs in 0.6.
If your main issues is log4j2, janusgraph 0.6 should work without log4j2.
Greetings, Jan
From: Li Boxuan <liboxuan@...>
Sent: Thursday, September 15, 2022 8:38 PM To: janusgraph-users@... <janusgraph-users@...> Cc: Jansen, Jan <Jan.Jansen@...> Subject: Re: [janusgraph-users] Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!" Sorry I am not sure about that… Maybe Jan (CCed) could answer that?
|
|
|