Today, we’re happy to announce the availability of Drill 1.12.0. You can download it here.

The release provides the following bug fixes and improvements:

Kafka and OpenTSDB Storage Plugins (DRILL-4779, DRILL-5337)

You can configure Kafka and OpenTSDB as Drill data sources.

  • For Kafka storage plugin information, see the README file.
  • For OpenTSDB storage plugin information, see the README file. Configure the OpenTSDB storage plugin in the Storage tab of the Drill Web Console, as shown:

       "storage": {
         openTSDB: {
           type: "openTSDB",
           connection: "http://localhost:10000",
           enabled: false

Queue-Based Memory Assignment for Buffering Operators (Throttling) (DRILL-5716)

Throttling limits the number of concurrent queries that run to prevent queries from failing with out-of-memory errors. When you enable throttling, you configure the number of concurrent queries that can run and the resource requirements for each query. Drill calculates the amount of memory to assign per query per node. See Throttling for more information.

Networking Functions

Drill supports the following networking functions to facilitate network analysis using Drill:

  • inet_aton(<ip>): Converts an IPv4 address into an integer
  • inet_ntoa( <int>): Converts an integer IP into dotted decimal notation
  • in_network( <ip>,<cidr> ): Returns true if the IP address is in the given CIDR block
  • address_count( <cidr> ): Returns the number of IPs in a given CIDR block
  • broadcast_address( <cidr> ): Returns the broadcast address for a given CIDR block
  • netmask(<cidr> ): Returns the netmask for a given CIDR block
  • low_address(<cidr>): Returns the first address in a given CIDR block
  • high_address(<cidr>): Returns the last address in a given CIDR block
  • url_encode( <url> ): Returns a URL encoded string
  • url_decode( <url> ): Decodes ``a URL encoded string
  • is_valid_IP(<ip>): Returns true if the IP is a valid IP address
  • is_private_ip(<ip>): Returns true if the IP is a private IPv4 address
  • is_valid_IPv4(<ip>): Returns true if the IP is a valid IPv4 address
  • is_valid_IPv6(<ip>): Returns true if the IP is a valid IPv6 address

SSL Support

Drill supports SSL to encrypt data passed between the Drill client and Drillbit. SSL also provides one-way authentication through which the Drill client verifies the identity of the Drillbit. The SASL feature in Drill provides authentication and an option to encrypt data, however the encryption feature is not available when using Plain authentication. If you need to use Plain authentication (certain BI tools only use Plain authentication), you can enable SSL to encrypt data. You can have both SASL and SSL enabled when using Plain authentication only. For any other scenario, using SSL and SASL encryption together is strongly discouraged. The Drill server requires an SSL certificate. The certificate can be self-signed or signed by a CA (Certificate Authority). SSL is not supported for communication between Drillbits.

Network Encryption Support

Drill 1.10 provided authentication support through Plain and Kerberos authentication mechanisms to authenticate the Drill client to Drillbit and Drillbit to Drillbit communication channels. Drill 1.11 extends that support to include encryption. Drill uses the Kerberos mechanism over the SASL framework to encrypt the communication channels.

Access to Paths Outside the Current Workspace (DRILL-5964)

A new parameter, allowAccessOutsideWorkspace, in the dfs storage plugin configuration prevents users from accessing paths outside the root of a workspace. The default value for the parameter is false. Set the parameter to true to allow users access outside of a workspace. If existing storage plugin configurations do not specify the parameter, users cannot access paths outside the configured workspaces.

You can find a complete list of JIRAs resolved in the 1.12.0 release here.