Update 3.13.0 release notes

Author: michaelklishin

release-notes/3.13.0.md

@@ -1,6 +1,6 @@
-## RabbitMQ 3.13.0-rc.4
+## RabbitMQ 3.13.0-rc.5
 
-RabbitMQ `3.13.0-rc.4` is a candidate of a new feature release.
+RabbitMQ `3.13.0-rc.5` is a candidate of a new feature release.
 
 ## Highlights
 
@@ -261,21 +261,28 @@ Release notes are kept under [rabbitmq-server/release-notes](https://github.com/
 
  * Classic queue storage v2 (CQv2) has matured and is now recommended for all users.
 
-   We recommend switching classic queues to CQv2 after **all cluster nodes** have been upgrades,
+   We recommend switching classic queues to CQv2 after **all cluster nodes** have been upgraded to 3.13.0,
    at first using policies, and then eventually using a setting in `rabbitmq.conf`. Upgrading
    classic queues to CQv2 at boot time using the configuration file setting can be
    potentially unsafe in environments where deprecated classic mirrored queues still exist.
 
    For new clusters, adopt CQv2 from the start by setting `classic_queue.default_version` in `rabbitmq.conf`:
 
    ``` ini
+   # only set this value for new clusters or after all nodes have been upgraded to 3.13
    classic_queue.default_version = 2
    ```
 
  * Non-mirrored classic queues: optimizations of storage for larger (greater than 4 kiB) messages.
 
    GitHub issue: [#6090](https://github.com/rabbitmq/rabbitmq-server/pull/6090), [#8507](https://github.com/rabbitmq/rabbitmq-server/pull/8507)
 
+ * When a non-mirrored classic queue is declared, its placement node
+   is now selected with less interaction with cluster peers, speeding up the process
+   when some nodes have recently gone down.
+
+   GitHub issue: [#10102](https://github.com/rabbitmq/rabbitmq-server/pull/10102)
+
  * A subsystem for marking features as deprecated.
 
    GitHub issue: [#7390](https://github.com/rabbitmq/rabbitmq-server/pull/7390)
@@ -287,6 +294,45 @@ Release notes are kept under [rabbitmq-server/release-notes](https://github.com/
 
    GitHub issues: [#8834](https://github.com/rabbitmq/rabbitmq-server/pull/8834), [#8927](https://github.com/rabbitmq/rabbitmq-server/pull/8927)
 
+ * Classic queue storage version now can be set via [operator policies](https://rabbitmq.com/parameters.html#operator-policies).
+
+   Contributed by @SimonUnge (AWS).
+
+   GitHub issue: [#9541](https://github.com/rabbitmq/rabbitmq-server/pull/9541)
+
+ * `channel_max_per_node` allows limiting how many channels a node would allow clients to open, in total.
+
+   This limit is easier to reason about than the per-node connection limit multiplied by `channel_max` (a per-connection limit for channels).
+
+   Contributed by @SimonUnge (AWS).
+
+   GitHub issue: [#10351](https://github.com/rabbitmq/rabbitmq-server/pull/10351)
+
+ * `disk_free_limit.absolute` and vm_memory_high_watermark.absolute` now support more information units: `Mi`, `Gi`, `TB`, `Ti`, `PB`, `Pi`.
+
+   In addition, there were some renaming of the existing keys:
+
+    * `K` now means "kilobyte" and not "kibibyte"
+    * `M` now means "megabyte" and not "mebibyte"
+    * `G` now means "gigabyte" and not "gibibyte"
+
+   There is no consensus on how these single letter suffixes should be interpreted (as their power of 2 or power of 10 variants),
+   so RabbitMQ has adopted a widely used [convention adopted by Kubernetes](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-memory).
+
+   GitHub issues: [#10310](https://github.com/rabbitmq/rabbitmq-server/issues/10310), [#10348](https://github.com/rabbitmq/rabbitmq-server/pull/10348)
+
+ * Improved efficiency of definition imports in environments with a lot of virtual hosts.
+
+   Contributed by @AyandaD.
+
+   GitHub issue: [#10320](https://github.com/rabbitmq/rabbitmq-server/pull/10320)
+
+ * When a [consumer delivery timeout](https://rabbitmq.com/consumers.html#acknowledgement-timeout) hits, a more informative message is now logged.
+
+   Contributed by @rluvaton.
+
+   GitHub issue: [#10446](https://github.com/rabbitmq/rabbitmq-server/pull/10446)
+
 #### Bug Fixes
 
 This release includes all bug fixes shipped in the `3.12.x` series.
@@ -299,12 +345,43 @@ This release includes all bug fixes shipped in the `3.12.x` series.
 
    GitHub issue: [#8491](https://github.com/rabbitmq/rabbitmq-server/pull/8491)
 
+ * Feature flag state is now persisted in a safer way during node shutdown.
+
+   GitHub issue: [#10279](https://github.com/rabbitmq/rabbitmq-server/pull/10279)
+
+ * Feature flag synchronization between nodes now avoids a potential race condition.
+
+   GitHub issue: [#10027](https://github.com/rabbitmq/rabbitmq-server/pull/10027)
+
  * The state of node maintenance status across the cluster is now replicated. It previously was accessible
    to all nodes but not replicated.
 
    GitHub issue: [#9005](https://github.com/rabbitmq/rabbitmq-server/pull/9005)
 
 
+### CLI Tools
+
+#### Deprecations
+
+ * `rabbitmqctl rename_cluster_node` and `rabbitmqctl update_cluster_nodes` are now no-ops.
+
+    They were not safe to use with quorum queues and streams, and are completely incompatible with Khepri.
+
+   GitHub issue: [#10369](https://github.com/rabbitmq/rabbitmq-server/pull/10369)
+
+#### Enhancements
+
+ * `rabbitmq-diagnostics cluster_status` now responds significantly faster when some cluster
+   nodes are not reachable.
+
+   GitHub issue: [#10101](https://github.com/rabbitmq/rabbitmq-server/pull/10101)
+
+ * `rabbitmqctl list_deprecated_features` is a new command that lists deprecated features
+   that are deprecated used on the target node.
+
+   GitHub issues: [#9901](https://github.com/rabbitmq/rabbitmq-server/pull/9901), [#7390](https://github.com/rabbitmq/rabbitmq-server/pull/7390)
+
+
 ### Management Plugin
 
 #### Enhancements
@@ -328,6 +405,12 @@ This release includes all bug fixes shipped in the `3.12.x` series.
 
    GitHub issues: [#9437](https://github.com/rabbitmq/rabbitmq-server/issues/9437), [#9578](https://github.com/rabbitmq/rabbitmq-server/pull/9578), [#9633](https://github.com/rabbitmq/rabbitmq-server/pull/9633)
 
+#### Bug Fixes
+
+ * `GET /api/nodes/{name}` failed with a 500 when called with a non-existed node name.
+
+   GitHub issue: [#10330](https://github.com/rabbitmq/rabbitmq-server/issues/10330)
+
 
 ### Stream Plugin
 
@@ -341,6 +424,25 @@ This release includes all bug fixes shipped in the `3.12.x` series.
 
    GitHub issue: [#8207](https://github.com/rabbitmq/rabbitmq-server/pull/8207)
 
+ * Stream connections now support JWT (OAuth 2) token renewal. The renewal is client-initiated
+   shortly before token expiry. Therefore, this feature requires stream protocol clients to be updated.
+
+   GitHub issue: [#9187](https://github.com/rabbitmq/rabbitmq-server/pull/9187)
+
+ * Stream connections are now aware of JWT (OAuth 2) token expiry.
+
+   GitHub issue: [#10292](https://github.com/rabbitmq/rabbitmq-server/issues/10292)
+
+#### Bug Fixes
+
+ * Stream (replica) membership changes safety improvements.
+
+   GitHub issue: [#10331](https://github.com/rabbitmq/rabbitmq-server/pull/10331)
+
+ * Stream protocol connections now complies with the connection limit in target virtual host.
+
+   GitHub issue: [#9946](https://github.com/rabbitmq/rabbitmq-server/pull/9946)
+
 
 ### MQTT Plugin
 
@@ -350,6 +452,10 @@ This release includes all bug fixes shipped in the `3.12.x` series.
 
    GitHub issues: [#7263](https://github.com/rabbitmq/rabbitmq-server/pull/7263), [#8681](https://github.com/rabbitmq/rabbitmq-server/pull/8681)
 
+ * MQTT clients that use QoS 0 now can reconnect more reliably when the node they were connected to fails.
+
+   GitHub issue: [#10203](https://github.com/rabbitmq/rabbitmq-server/pull/10203)
+
  * Negative message acknowledgements are now propagated to MQTTv5 clients.
 
    GitHub issue: [#9034](https://github.com/rabbitmq/rabbitmq-server/pull/9034)
@@ -370,10 +476,47 @@ This release includes all bug fixes shipped in the `3.12.x` series.
 
    GitHub issue: [#8680](https://github.com/rabbitmq/rabbitmq-server/pull/8680)
 
+ * AMQP 1.0 connections are now throttled when the node hits a [resource alarm](https://rabbitmq.com/alarms.html).
+
+   GitHub issue: [#9953](https://github.com/rabbitmq/rabbitmq-server/pull/9953)
+
+
+### OAuth 2 AuthN and AuthZ Backend Plugin
+
+#### Enhancements
+
+ * RabbitMQ nodes now allow for multiple OAuth 2 resources to be configured. Each resource can use
+   a different identity provider (for example, one can be powered by Keycloak and another by Azure Active Directory).
+
+   This allows for identity provider infrastructure changes (say, provider A is replaced with provider B over time)
+   that do not affect RabbitMQ's ability to authenticate clients and authorize the operations they attempt to perform.
+
+   GitHub issue: [#10012](https://github.com/rabbitmq/rabbitmq-server/pull/10012)
+
+ * The plugin now performs discovery of certain properties for OpenID-compliant identity providers.
+
+   GitHub issue: [#10012](https://github.com/rabbitmq/rabbitmq-server/pull/10012)
+
+
+### Peer Discovery AWS Plugin
+
+#### Enhancements
+
+ * It is now possible to override how node's hostname is extracted from AWS API responses during peer discovery.
+
+   This is done using `cluster_formation.aws.hostname_path`, a collection of keys that will be used to
+   traverse the response and extract nested values from it. The list is comma-separated.
+
+   The default value is a single value list, `privateDnsName`.
+
+   Contributed by @illotum (AWS).
+
+   GitHub issue: [#10097](https://github.com/rabbitmq/rabbitmq-server/pull/10097)
+
 
 ### Dependency Changes
 
- * `ra` was upgraded to [`2.7.1`](https://github.com/rabbitmq/ra/releases)
+ * `ra` was upgraded to [`2.9.1`](https://github.com/rabbitmq/ra/releases)
  * `osiris` was updated to [`1.7.2`](https://github.com/rabbitmq/osiris/releases)
  * `cowboy` was updated to [`2.11.0`](https://ninenines.eu/docs/en/cowboy/2.11/guide/migrating_from_2.10/)