Red Hat SummitChapter 4. Camel K release notes
Camel K is a lightweight integration framework built from Apache Camel K that runs natively in the cloud on OpenShift. Camel K is specifically designed for serverless and microservice architectures. You can use Camel K to instantly run integration code written in Camel Domain Specific Language (DSL) directly on OpenShift.
Using Camel K with OpenShift Serverless and Knative, containers are automatically created only as needed and are autoscaled under load up and down to zero. This removes the overhead of server provisioning and maintenance and enables you to focus instead on application development.
Using Camel K with OpenShift Serverless and Knative Eventing, you can manage how components in your system communicate in an event-driven architecture for serverless applications. This provides flexibility and creates efficiencies using a publish/subscribe or event-streaming model with decoupled relationships between event producers and consumers.
4.1. Camel K features
The Camel K provides cloud-native integration with the following main features:
- Knative Serving for autoscaling and scale-to-zero
- Knative Eventing for event-driven architectures
- Performance optimizations using Quarkus runtime by default
- Camel integrations written in Java or YAML DSL
- Monitoring of integrations using Prometheus in OpenShift
- Quickstart tutorials
- Kamelet Catalog for connectors to external systems such as AWS, Jira, and Salesforce
- Support for Timer and Log Kamelets
- Metering for Camel K Operator and pods
- Support for IBM MQ connector
- Support for Oracle 19 database
4.2. Supported Configurations
For information about Camel K supported configurations, standards, and components, see the following Customer Portal articles:
4.2.1. Camel K Operator metadata
The Camel K includes updated Operator metadata used to install Camel K from the OpenShift OperatorHub. This Operator metadata includes the Operator bundle format for release packaging, which is designed for use with OpenShift Container Platform 4.6 or later.
Additional resources
4.3. Important notes
Important notes for the Red Hat Integration - Camel K release:
- Support to run Camel K on ROSA
- Camel K is now supported to run on Red Hat OpenShift Service on AWS (ROSA).
- Support for IBM MQ source connector in Camel K
- IBM MQ source connector kamelet is added to latest Camel K.
- Support for Oracle 19
- Oracle 19 is now supported in Camel K. Refer Supported configurations page for more information.
- Using Camel K CLI commands on Windows machine
-
When using kamel cli commands on Windows machine, the path in the
resourceoption in the command must use linux format. For example,
//Windows path kamel run file.groovy --dev --resource file:C:\user\folder\tempfile@/tmp/file.txt //Must be converted to kamel run file.groovy --dev --resource file:C:/user/folder/tempfile@/tmp/file.txt
- Red Hat Integration - Camel K Operator image size is increased
- Since Red Hat Integration - Camel K 1.10.0.redhat-00033, the size of the Camel K Operator image is doubled.
- Accepted Camel case notations in YAML DSL
-
Since Red Hat Integration - Camel K 1.10.0.redhat-00033, the YAML DSL will accept camel case notation (i.e,
setBody) as well as snake case (i.eset-body). Please note that there are some differences in the syntax as schema is subject to changes within Camel versions.
4.4. Supported Camel Quarkus extensions
This section lists the Camel Quarkus extensions that are supported for this release of Camel K (only when used inside a Camel K application).
These Camel Quarkus extensions are supported only when used inside a Camel K application. These Camel Quarkus extensions are not supported for use in standalone mode (without Camel K).
4.4.1. Supported Camel Quarkus connector extensions
The following table shows the Camel Quarkus connector extensions that are supported for this release of Camel K (only when used inside a Camel K application).
| Name | Package |
|---|---|
| AWS 2 Kinesis |
|
| AWS 2 Lambda |
|
| AWS 2 S3 Storage Service |
|
| AWS 2 Simple Notification System (SNS) |
|
| AWS 2 Simple Queue Service (SQS) |
|
| Azure Storage Blob (Technology Preview) |
|
| Azure Storage Queue (Technology Preview) |
|
| Cassandra CQL |
|
| File |
|
| FTP |
|
| FTPS |
|
| SFTP |
|
| HTTP |
|
| JMS |
|
| Kafka |
|
| Kamelets |
|
| Metrics |
|
| MongoDB |
|
| Salesforce |
|
| SQL |
|
| Timer |
|
4.4.2. Supported Camel Quarkus dataformat extensions
The following table shows the Camel Quarkus dataformat extensions that are supported for this release of Camel K (only when used inside a Camel K application).
| Name | Package |
|---|---|
| Avro |
|
| Bindy (for CSV) |
|
| Gson |
|
| JSON Jackson |
|
| Jackson Avro |
|
4.4.3. Supported Camel Quarkus language extensions
In this release, Camel K supports the following Camel Quarkus language extensions (for use in Camel expressions and predicates):
- Constant
- ExchangeProperty
- File
- Header
- Ref
- Simple
- Tokenize
- JsonPath
4.4.4. Supported Camel K traits
In this release, Camel K supports the following Camel K traits.
- Builder trait
- Camel trait
- Container trait
- Dependencies trait
- Deployer trait
- Deployment trait
- Environment trait
- Jvm trait
- Kamelets trait
- Owner trait
- Platform trait
- Pull Secret trait
- Prometheus trait
- Quarkus trait
- Route trait
- Service trait
- Error Handler trait
4.5. Supported Kamelets
The following table lists the kamelets that are provided as OpenShift resources when you install the Camel K operator.
For details about these kamelets, go to: https://github.com/openshift-integration/kamelet-catalog/tree/kamelet-catalog-1.8
For information about how to use kamelets to connect applications and services, see https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q3/html-single/integrating_applications_with_kamelets.
Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production.
These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information about the support scope of Red Hat Technology Preview features, see https://access.redhat.com/support/offerings/techpreview.
| Kamelet | File name | Type (Sink, Source, Action) |
|---|---|---|
| Ceph sink |
| Sink |
| Ceph Source |
| Source |
| Jira Add Comment sink |
| Sink |
| Jira Add Issue sink |
| Sink |
| Jira Transition Issue sink |
| Sink |
| Jira Update Issue sink |
| Sink |
| Avro Deserialize action |
| Action (data conversion) |
| Avro Serialize action |
| Action (data conversion) |
| AWS DynamoDB sink |
| Sink |
| AWS Redshift sink |
| Sink |
| AWS 2 Kinesis sink |
| Sink |
| AWS 2 Kinesis source |
| Source |
| AWS 2 Lambda sink |
| Sink |
| AWS 2 Simple Notification System sink |
| Sink |
| AWS 2 Simple Queue Service sink |
| Sink |
| AWS 2 Simple Queue Service source |
| Source |
| AWS 2 Simple Queue Service FIFO sink |
| Sink |
| AWS 2 S3 sink |
| Sink |
| AWS 2 S3 source |
| Source |
| AWS 2 S3 Streaming Upload sink |
| Sink |
| Azure Storage Blob Source (Technology Preview) |
| Source |
| Azure Storage Blob Sink (Technology Preview) |
| Sink |
| Azure Storage Queue Source (Technology Preview) |
| Source |
| Azure Storage Queue Sink (Technology Preview) |
| Sink |
| Cassandra sink |
| Sink |
| Cassandra source |
| Source |
| Extract Field action |
| Action |
| FTP sink |
| Sink |
| FTP source |
| Source |
| Has Header Key Filter action |
| Action (data transformation) |
| Hoist Field action |
| Action |
| HTTP sink |
| Sink |
| Insert Field action |
| Action (data transformation) |
| Insert Header action |
| Action (data transformation) |
| Is Tombstone Filter action |
| Action (data transformation) |
| Jira source |
| Source |
| JMS sink |
| Sink |
| JMS source |
| Source |
| JMS IBM MQ sink |
| Sink |
| JMS IBM MQ source |
| Source |
| JSON Deserialize action |
| Action (data conversion) |
| JSON Serialize action |
| Action (data conversion) |
| Kafka sink |
| Sink |
| Kafka source |
| Source |
| Kafka Topic Name Filter action |
| Action (data transformation) |
| Log sink (for development and testing purposes) |
| Sink |
| MariaDB sink |
| Sink |
| Mask Fields action |
| Action (data transformation) |
| Message TimeStamp Router action |
| Action (router) |
| MongoDB sink |
| Sink |
| MongoDB source |
| Source |
| MySQL sink |
| Sink |
| PostgreSQL sink |
| Sink |
| Predicate filter action |
| Action (router/filter) |
| Protobuf Deserialize action |
| Action (data conversion) |
| Protobuf Serialize action |
| Action (data conversion) |
| Regex Router action |
| Action (router) |
| Replace Field action |
| Action |
| Salesforce Create |
| Sink |
| Salesforce Delete |
| Sink |
| Salesforce Update |
| Sink |
| SFTP sink |
| Sink |
| SFTP source |
| Source |
| Slack source |
| Source |
| SQL Server Database sink |
| Sink |
| Telegram source |
| Source |
| Throttle action |
| Action |
| Timer source (for development and testing purposes) |
| Source |
| TimeStamp Router action |
| Action (router) |
| Value to Key action |
| Action (data transformation) |
4.6. Camel K known issues
The following known issues apply to the Camel K:
ENTESB-15306 - CRD conflicts between Camel K and Fuse Online
If an older version of Camel K has ever been installed in the same OpenShift cluster, installing Camel K from the OperatorHub fails due to conflicts with custom resource definitions. For example, this includes older versions of Camel K previously available in Fuse Online.
For a workaround, you can install Camel K in a different OpenShift cluster, or enter the following command before installing Camel K:
$ oc get crds -l app=camel-k -o json | oc delete -f -
ENTESB-15858 - Added ability to package and run Camel integrations locally or as container images
Packaging and running Camel integrations locally or as container images is not currently included in the Camel K and has community-only support.
For more details, see the Apache Camel K community.
ENTESB-16477 - Unable to download jira client dependency with productized build
When using Camel K operator, the integration is unable to find dependencies for jira client. The work around is to add the atlassian repo manually.
apiVersion: camel.apache.org/v1
kind: IntegrationPlatform
metadata:
labels:
app: camel-k
name: camel-k
spec:
configuration:
- type: repository
value: <atlassian repo here>ENTESB-17033 - Camel-K ElasticsearchComponent options ignored
When configuring the Elasticsearch component, the Camel K ElasticsearchComponent options are ignored. The work around is to add getContext().setAutowiredEnabled(false) when using the Elasticsearch component.
ENTESB-17061 - Can’t run mongo-db-source kamelet route with non-admin user - Failed to start route mongodb-source-1 because of null
It is not possible to run mongo-db-source kamelet route with non-admin user credentials. Some part of the component require admin credentials hence it is not possible run the route as a non-admin user.
4.7. Camel K Fixed Issues
The following sections list the issues that have been fixed in Red Hat Integration - Camel K 1.10.0.redhat-00033.
4.7.1. Feature requests in Camel K 1.10.0.redhat-00033
The following table lists the feature requests in Camel K 1.10.0.redhat-00033.
| Issue | Description |
|---|---|
| Add repeatCount property to timer-source kamelet | |
| Performance testing Camel K for inclusion with Developer Sandbox | |
| Camel-K: Support for Camel master component | |
| Sync with upstream | |
| consumerGroup property support by kafka-source Kamelet |
4.7.2. Enhancements in Camel K 1.10.0.redhat-00033
The following table lists the enhancements in Camel K 1.10.0.redhat-00033.
| Issue | Description |
|---|---|
| Provide full Custom Resource Definition Structural schema for Camel K Traits | |
| Expose parameter for mongo-db camel component to specify user auth DB | |
| Support scale sub-resource in Dev Sandbox idler | |
| Add support for jslt-action kamelet | |
| Onboard the cpaas productization of camel-k to OSBS 2.0 | |
| Azure Storage Blob Sink and Source Kamelet: Adding credentialsType parameter to both |
4.7.3. Bugs resolved in Camel K 1.10.0.redhat-00033
The following table lists the resolved bugs in Camel K 1.10.0.redhat-00033.
| Issue | Description |
|---|---|
| Camel-K 1.4.0: camel-jackson Unrecognized Type: [null] | |
| CVE-2021-30129 sshd-sftp: mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server [rhint-camel-k-1] | |
| CVE-2021-37136 netty-codec: Bzip2Decoder doesn’t allow setting size restrictions for decompressed data [rhint-camel-k-1] | |
| CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn’t restrict chunk length and may buffer skippable chunks in an unnecessary way [rhint-camel-k-1] | |
| dataformat dependency not resolved | |
| Knative broker to AWS SQS Sink Number of message attributes exceeds the allowed maximum | |
| Kameletbinding from broker source ignores broker name | |
| CK MRRC zip - missing manifests for jars | |
| Missing source jars in CK MRRC | |
| CVE-2021-42550 logback-classic: logback: remote code execution through JNDI call from within its configuration file [rhint-camel-k-1] | |
| Source zip files and m2 zip files present in CK MRRC | |
| target directory present in the CK source zip | |
| CVE-2021-22569 protobuf-java: potential DoS in the parsing procedure for binary data [rhint-camel-k-1] | |
| CVE-2021-41571 pulsar-client-admin: pulsar: Pulsar Admin API allows access to data from other tenants using getMessageById API [rhint-camel-k-1] | |
| CVE-2022-23596 junrar: A carefully crafted RAR archive can trigger an infinite loop while extracting [rhint-camel-k-1] | |
| CVE-2021-43859 xstream: Injecting highly recursive collections or maps can cause a Denial of Service [rhint-camel-k-1] | |
| CVE-2022-21724 quarkus-jdbc-postgresql-deployment: jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes [rhint-camel-k-1] | |
| CVE-2022-23913 artemis-commons: Apache ActiveMQ Artemis Denial of Service [rhint-camel-k-1] | |
| CVE-2022-0981 quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus [rhint-camel-k-1] | |
| Camel K operator putting memory pressure on Kube ApiServer | |
| CVE-2022-2053 undertow: Large AJP request may cause Denial of Service [rhint-camel-k-1] | |
| Camel-K 1.8: Integration not marked as failed when it cannot be built. | |
| Windows CLI: option --resource do not work with windows path system (\ as separator) | |
| CVE-2022-33980 commons-configuration2: apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults [rhint-camel-k-1] | |
| The supported trait jolokia doesn’t use productized artifacts | |
| CVE-2022-25857 snakeyaml: Denial of Service due to missing nested depth limitation for collections [rhint-camel-k-1] | |
| 1.8.1 is using an older openjdk image than 1.6.10 | |
| CVE-2022-40154 xstream: Xstream to serialize XML data was vulnerable to Denial of Service attacks [rhint-camel-k-1] | |
| CVE-2022-40156 xstream: Xstream to serialize XML data was vulnerable to a Denial of Service attacks [rhint-camel-k-1] | |
| CVE-2022-40155 xstream: Xstream to serialize XML data was vulnerable to a Denial of Service attacks [rhint-camel-k-1] | |
| CVE-2022-40153 xstream: Xstream to serialize XML data was vulnerable to a Denial of Service attacks [rhint-camel-k-1] | |
| CVE-2022-40152 woodstox-core: woodstox to serialize XML data was vulnerable to Denial of Service attacks [rhint-camel-k-1] | |
| CVE-2022-40151 xstream: Xstream to serialize XML data was vulnerable to Denial of Service attacks [rhint-camel-k-1] | |
| CVE-2022-38751 snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match [rhint-camel-k-1] | |
| CVE-2022-38750 snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject [rhint-camel-k-1] | |
| CVE-2022-38749 snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode [rhint-camel-k-1] | |
| CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE [rhint-camel-k-1] | |
| CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS [rhint-camel-k-1] | |
| CVE-2022-42004 jackson-databind: use of deeply nested arrays [rhint-camel-k-1] | |
| Camel-cloudevents missing from build | |
| Ready condition message not always taken from Camel Health Check | |
| Camel K: gc trait fails for: cannot list resource \"endpoints\" in API group \"submariner.io\" | |
| CVE-2022-40149 jettison: parser crash by stackoverflow [rhint-camel-k-1] | |
| KameletBinding with native annotation fails to build a quarkus app with "Out of date version of GraalVM detected" | |
| Wrong default OLM channel with kamel install | |
| no matches for kind \"PodDisruptionBudget\" in version \"policy/v1beta1\"" | |
| [serialize/deserialize-action kamelet] Failed to start application: Unsupported field: property-name | |
| CVE-2022-37866 apache-ivy: Apache Ivy: Ivy Path traversal [rhint-camel-k-1] | |
| CVE-2022-38648 batik: Server-Side Request Forgery [rhint-camel-k-1] | |
| CVE-2022-38398 batik: Server-Side Request Forgery [rhint-camel-k-1] | |
| CVE-2022-40146 batik: Server-Side Request Forgery (SSRF) vulnerability [rhint-camel-k-1] | |
| CVE-2022-45693 jettison: If the value in map is the map itself, the new JSONObject(map) can cause StackOverflowError, which may lead to a Denial of Service. [rhint-camel-k-1] | |
| Regression from 1.8 - Kameletbinding with dataformat action kamelets produces warning CDI: programmatic lookup problem detected | |
| Regression from 1.8 - body type changed to StreamCache from byte[] for field action kamelets | |
| Kamelet native build: Fatal error: com.oracle.graal.pointsto.util.AnalysisError$ParsingError | |
| [jackson-databind] Vulnerable artifact present in MRRC |
