diff --git a/AUTHORS b/AUTHORS index bc59baf2d9..3d2bc530ae 100644 --- a/AUTHORS +++ b/AUTHORS @@ -63,6 +63,7 @@ aolivo (aolivo@blizzard.com) Arnaud JOST (arnaud.jost@ovh.net) arzhna (arzhna@gmail.com) Atsushi Sakai (sakaia@jp.fujitsu.com) +Aymeric Ducroquetz (aymeric.ducroquetz@ovhcloud.com) Azhagu Selvan SP (tamizhgeek@gmail.com) baiwenteng (baiwenteng@inspur.com) Ben Keller (bjkeller@us.ibm.com) @@ -144,6 +145,7 @@ Donagh McCabe (donagh.mccabe@gmail.com) Doron Chen (cdoron@il.ibm.com) Doug Hellmann (doug@doughellmann.com) Doug Weimer (dweimer@gmail.com) +Dr. Jens Harbott (harbott@osism.tech) Dragos Manolescu (dragosm@hp.com) Drew Balfour (andrew.balfour@oracle.com) Eamonn O'Toole (eamonn.otoole@hpe.com) @@ -166,6 +168,7 @@ Ferenc Horváth (hferenc@inf.u-szeged.hu) Filippo Giunchedi (fgiunchedi@wikimedia.org) Flavio Percoco (flaper87@gmail.com) Florent Flament (florent.flament-ext@cloudwatt.com) +Florent Vennetier (florent.vennetier@ovhcloud.com) Florian Hines (syn@ronin.io) François Charlier (francois.charlier@enovance.com) Fujita Tomonori (fujita.tomonori@lab.ntt.co.jp) @@ -224,6 +227,7 @@ Ji-Wei (ji.wei3@zte.com.cn) Jian Zhang (jian.zhang@intel.com) Jiangmiao Gao (tolbkni@gmail.com) Jing Liuqing (jing.liuqing@99cloud.net) +jinyuanliu (liujinyuan@inspur.com) Joanna H. Huang (joanna.huitzu.huang@gmail.com) Joe Arnold (joe@swiftstack.com) Joe Gordon (jogo@cloudscaling.com) @@ -267,6 +271,7 @@ liujiong (liujiong@gohighsec.com) liuyamin (liuyamin@fiberhome.com) Lokesh S (lokesh.s@hp.com) Lorcan Browne (lorcan.browne@hpe.com) +Luciano Lo Giudice (luciano.logiudice@canonical.com) Luis de Bethencourt (luis@debethencourt.com) Luong Anh Tuan (tuanla@vn.fujitsu.com) lvxianguo (lvxianguo@inspur.com) @@ -288,6 +293,7 @@ Mathias Bjoerkqvist (mbj@zurich.ibm.com) Matt Kassawara (mkassawara@gmail.com) Matt Riedemann (mriedem@us.ibm.com) Matthew Oliver (matt@oliver.net.au) +Matthew Vernon (mvernon@wikimedia.org) Matthieu Huin (mhu@enovance.com) Mauro Stettler (mauro.stettler@gmail.com) Mehdi Abaakouk (sileht@redhat.com) @@ -320,6 +326,7 @@ Nguyen Hai (nguyentrihai93@gmail.com) Nguyen Hung Phuong (phuongnh@vn.fujitsu.com) Nguyen Phuong An (AnNP@vn.fujitsu.com) Nguyen Quoc Viet (nguyenqviet98@gmail.com) +Nicholas Njihia (nicholas.njihia@canonical.com) Nicolas Helgeson (nh202b@att.com) Nicolas Trangez (ikke@nicolast.be) Ning Zhang (ning@zmanda.com) diff --git a/CHANGELOG b/CHANGELOG index ab49034b5d..b0cc807d31 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,4 +1,145 @@ -swift (2.28.0) +swift (2.29.0) + + * S3 API improvements + + * CORS preflights are now allowed for pre-signed URLs. + + * The `storage_domain` option now accepts a comma-separated list of + storage domains. This allows multiple storage domains to configured + for use with virtual-host style addressing. + + * Fixed the types of configured values in /info response. + + * Fixed a server error when trying to copy objects with non-ASCII names. + + * Fixed a server error when uploading objects with very long names. + A KeyTooLongError is now returned. + + * Fixed an error when multi-deleting MPUs when SLO async-deletes + are enabled. + + * Fixed an error that allowed list-uploads and list-parts requests to + return incomplete or out-of-order results. + + * Fixed several bugs when dealing with non-ASCII object names and + multipart uploads. + + * Reduced the overhead of retrieving bucket and object ACLs. + + * Replication, reconstruction, and diskfile improvements + + * The reconstructor now uses the replication network to fetch fragments + for reconstruction. + + * Added the ability to limit how many objects per handoff partition + will be reverted in a reconstructor cycle using the new + `max_objects_per_revert` option. This may be useful to reduce + ssync timeouts and lock contention, ensuring that progress is made + during rebalances. + + * Ensure that non-durable data and .meta files are purged from handoffs + after syncing. + + * Fixed tracebacks when there's a race to mark a file durable or delete it. + + * Improved cooperative multitasking during ssync. + + * Upon detecting a ring change, the reconstructor now only aborts the + jobs for that ring and continues processing jobs for other rings. + + * Fixed a traceback when logging about a lock timeout in the replicator. + + * Object updater improvements + + * Added the ability to ratelimit updates (approximately) per-container + using the new `max_objects_per_container_per_second` option. This may + be used to limit requests to already-overloaded containers while still + making progress on updates to other containers. + + * Added timing stats by response code. + + * Updates are now sent over the replication network. + + * Fixed a race condition where swift would attempt to quarantine + recently-deleted updates. + + * Memcache improvements + + * Added the ability to configure a chance to skip checking memcache when + querying shard ranges. This allows some fraction of traffic to go to + disk and refresh memcache before the key ages out. Recommended values + for the new `container_updating_shard_ranges_skip_cache_pct` and + `container_listing_shard_ranges_skip_cache_pct` options are in the + range of 0.0 to 0.1. + + * Added stats for shard range cache hits, misses, and skips. + + * Improved handling of timeouts and other errors when obtaining a + connection to memcached. + + * Recon improvements + + * Added object-reconstructor stats to recon. + + * Each object-server IP is now queried only once when reporting disk + usage. Previously, each port in the ring would be queried; when using + servers-per-port, this could dramatically overstate the disk capacity + in the cluster. + + * Fixed a security issue where tempurl and s3api signatures were logged in + full. This allowed an attacker with access to log data to perform replay + attacks, potentially accessing or overwriting cluster data. Now, such + signatures are redacted in a manner similar to auth tokens; see the + `reveal_sensitive_prefix` option in `proxy-server.conf`. + + See CVE-2017-8761 for more information. + + * Added a new `swift.common.registry` module. This includes helper + functions `register_sensitive_header` and `register_sensitive_param` + which third party middleware authors may use to flag headers and query + parameters for redaction when logging. For more information, see + https://docs.openstack.org/swift/latest/misc.html#module-swift.common.registry + + * Added the ability to configure project-scope read-only roles for + keystoneauth using the new `project_reader_roles` option. + + * The cname_lookup middleware now works with dnspython 2.0 and later. + + * The internal clients used by the container-reconciler, container-sharder, + container-sync, and object-expirer daemons now use a more-descriptive + `-ic` log name, rather than `swift`. If you previously + configured the `log_name` option in `internal-client.conf`, you must + now use the `set log_name = ` syntax to configure it, even if + no value is set in the `[DEFAULT]` section. This may be done prior to + upgrading. + + * Fixed a bug that allowed some statsd metrics to be annotated with the + wrong backend layer. + + * The `StatsdClient.set_prefix` method is now deprecated and + may be removed in a future release; by extension, so is the + `LogAdapter.set_statsd_prefix` method. Middleware developers should + use the `statsd_tail_prefix` argument to `get_logger` instead. + + * Fixed a traceback in the account-server when there's no account + database on disk to receive a container update. The account-server + now correctly 404s. + + * The container-updater will quarantine container databases if all + replicas for the account respond 404. + + * Fixed a proxy-server error when the read-only middleware tried to + handle non-Swift paths (such as may be used by third-party middleware). + + * Some client behaviors that the proxy previously logged at warning have + been lowered to info. + + * Removed translations from most logging. + + * Various other minor bug fixes and improvements. + + +swift (2.28.0, OpenStack Victoria) * Sharding improvements: diff --git a/releasenotes/notes/2_29_0_release-af71f7efd73109b0.yaml b/releasenotes/notes/2_29_0_release-af71f7efd73109b0.yaml new file mode 100644 index 0000000000..0a14ffcece --- /dev/null +++ b/releasenotes/notes/2_29_0_release-af71f7efd73109b0.yaml @@ -0,0 +1,167 @@ +--- +features: + - | + S3 API improvements + + * CORS preflights are now allowed for pre-signed URLs. + + * The ``storage_domain`` option now accepts a comma-separated list of + storage domains. This allows multiple storage domains to configured + for use with virtual-host style addressing. + + * Reduced the overhead of retrieving bucket and object ACLs. + + - | + Replication, reconstruction, and diskfile improvements + + * The reconstructor now uses the replication network to fetch fragments + for reconstruction. + + * Added the ability to limit how many objects per handoff partition + will be reverted in a reconstructor cycle using the new + ``max_objects_per_revert`` option. This may be useful to reduce + ssync timeouts and lock contention, ensuring that progress is made + during rebalances. + + - | + Object updater improvements + + * Added the ability to ratelimit updates (approximately) per-container + using the new ``max_objects_per_container_per_second`` option. This may + be used to limit requests to already-overloaded containers while still + making progress on updates to other containers. + + * Added timing stats by response code. + + * Updates are now sent over the replication network. + + - | + Memcache improvements + + * Added the ability to configure a chance to skip checking memcache when + querying shard ranges. This allows some fraction of traffic to go to + disk and refresh memcache before the key ages out. Recommended values + for the new ``container_updating_shard_ranges_skip_cache_pct`` and + ``container_listing_shard_ranges_skip_cache_pct`` options are in the + range of 0.0 to 0.1. + + * Added stats for shard range cache hits, misses, and skips. + + - | + Added object-reconstructor stats to recon. + + - | + Added a new ``swift.common.registry`` module. This includes helper + functions ``register_sensitive_header`` and ``register_sensitive_param`` + which third party middleware authors may use to flag headers and query + parameters for redaction when logging. For more information, see `the + documentation `__. + + - | + Added the ability to configure project-scope read-only roles for + keystoneauth using the new ``project_reader_roles`` option. + + - | + The ``cname_lookup`` middleware now works with dnspython 2.0 and later. + + - | + The internal clients used by the container-reconciler, container-sharder, + container-sync, and object-expirer daemons now use a more-descriptive + ``-ic`` log name, rather than ``swift``. If you previously + configured the ``log_name`` option in ``internal-client.conf``, you must + now use the ``set log_name = `` syntax to configure it, even if + no value is set in the ``[DEFAULT]`` section. This may be done prior to + upgrading. + + - | + Removed translations from most logging. + +deprecations: + - | + The ``StatsdClient.set_prefix`` method is now deprecated and + may be removed in a future release; by extension, so is the + ``LogAdapter.set_statsd_prefix`` method. Middleware developers should + use the ``statsd_tail_prefix`` argument to ``get_logger`` instead. + +fixes: + - | + S3 API fixes + + * Fixed the types of configured values in ``/info`` response. + + * Fixed a server error when trying to copy objects with non-ASCII names. + + * Fixed a server error when uploading objects with very long names. + A ``KeyTooLongError`` is now returned. + + * Fixed an error when multi-deleting MPUs when SLO async-deletes + are enabled. + + * Fixed an error that allowed list-uploads and list-parts requests to + return incomplete or out-of-order results. + + * Fixed several bugs when dealing with non-ASCII object names and + multipart uploads. + + - | + Replication, reconstruction, and diskfile fixes + + * Ensure that non-durable data and .meta files are purged from handoffs + after syncing. + + * Fixed tracebacks when there's a race to mark a file durable or delete it. + + * Improved cooperative multitasking during ssync. + + * Upon detecting a ring change, the reconstructor now only aborts the + jobs for that ring and continues processing jobs for other rings. + + * Fixed a traceback when logging about a lock timeout in the replicator. + + - | + Fixed a security issue where tempurl and s3api signatures were logged in + full. This allowed an attacker with access to log data to perform replay + attacks, potentially accessing or overwriting cluster data. Now, such + signatures are redacted in a manner similar to auth tokens; see the + ``reveal_sensitive_prefix`` option in ``proxy-server.conf``. + + See CVE-2017-8761 for more information. + + - | + Fixed a race condition where swift would attempt to quarantine + recently-deleted object updates. + + - | + Improved handling of timeouts and other errors when obtaining a + connection to memcached. + + - | + The ``swift-recon`` tool now queries each object-server IP only once + when reporting disk usage. Previously, each port in the ring would be + queried; when using servers-per-port, this could dramatically overstate + the disk capacity in the cluster. + + - | + Fixed a bug that allowed some statsd metrics to be annotated with the + wrong backend layer. + + - | + Fixed a traceback in the account-server when there's no account + database on disk to receive a container update. The account-server + now correctly 404s. + + - | + The container-updater will quarantine container databases if all + replicas for the account respond 404. + + - | + Fixed a proxy-server error when the read-only middleware tried to + handle non-Swift paths (such as may be used by third-party middleware). + + - | + Some client behaviors that the proxy previously logged at warning have + been lowered to info. + + - | + Various other minor bug fixes and improvements.