AUTHORS/CHANGELOG for 2.29.0
Change-Id: If218fe19eb75c42f56d25bf9c61adceeec025b6e
This commit is contained in:
parent
a846225c39
commit
975d3dbcfe
7
AUTHORS
7
AUTHORS
@ -63,6 +63,7 @@ aolivo (aolivo@blizzard.com)
|
||||
Arnaud JOST (arnaud.jost@ovh.net)
|
||||
arzhna (arzhna@gmail.com)
|
||||
Atsushi Sakai (sakaia@jp.fujitsu.com)
|
||||
Aymeric Ducroquetz (aymeric.ducroquetz@ovhcloud.com)
|
||||
Azhagu Selvan SP (tamizhgeek@gmail.com)
|
||||
baiwenteng (baiwenteng@inspur.com)
|
||||
Ben Keller (bjkeller@us.ibm.com)
|
||||
@ -144,6 +145,7 @@ Donagh McCabe (donagh.mccabe@gmail.com)
|
||||
Doron Chen (cdoron@il.ibm.com)
|
||||
Doug Hellmann (doug@doughellmann.com)
|
||||
Doug Weimer (dweimer@gmail.com)
|
||||
Dr. Jens Harbott (harbott@osism.tech)
|
||||
Dragos Manolescu (dragosm@hp.com)
|
||||
Drew Balfour (andrew.balfour@oracle.com)
|
||||
Eamonn O'Toole (eamonn.otoole@hpe.com)
|
||||
@ -166,6 +168,7 @@ Ferenc Horváth (hferenc@inf.u-szeged.hu)
|
||||
Filippo Giunchedi (fgiunchedi@wikimedia.org)
|
||||
Flavio Percoco (flaper87@gmail.com)
|
||||
Florent Flament (florent.flament-ext@cloudwatt.com)
|
||||
Florent Vennetier (florent.vennetier@ovhcloud.com)
|
||||
Florian Hines (syn@ronin.io)
|
||||
François Charlier (francois.charlier@enovance.com)
|
||||
Fujita Tomonori (fujita.tomonori@lab.ntt.co.jp)
|
||||
@ -224,6 +227,7 @@ Ji-Wei (ji.wei3@zte.com.cn)
|
||||
Jian Zhang (jian.zhang@intel.com)
|
||||
Jiangmiao Gao (tolbkni@gmail.com)
|
||||
Jing Liuqing (jing.liuqing@99cloud.net)
|
||||
jinyuanliu (liujinyuan@inspur.com)
|
||||
Joanna H. Huang (joanna.huitzu.huang@gmail.com)
|
||||
Joe Arnold (joe@swiftstack.com)
|
||||
Joe Gordon (jogo@cloudscaling.com)
|
||||
@ -267,6 +271,7 @@ liujiong (liujiong@gohighsec.com)
|
||||
liuyamin (liuyamin@fiberhome.com)
|
||||
Lokesh S (lokesh.s@hp.com)
|
||||
Lorcan Browne (lorcan.browne@hpe.com)
|
||||
Luciano Lo Giudice (luciano.logiudice@canonical.com)
|
||||
Luis de Bethencourt (luis@debethencourt.com)
|
||||
Luong Anh Tuan (tuanla@vn.fujitsu.com)
|
||||
lvxianguo (lvxianguo@inspur.com)
|
||||
@ -288,6 +293,7 @@ Mathias Bjoerkqvist (mbj@zurich.ibm.com)
|
||||
Matt Kassawara (mkassawara@gmail.com)
|
||||
Matt Riedemann (mriedem@us.ibm.com)
|
||||
Matthew Oliver (matt@oliver.net.au)
|
||||
Matthew Vernon (mvernon@wikimedia.org)
|
||||
Matthieu Huin (mhu@enovance.com)
|
||||
Mauro Stettler (mauro.stettler@gmail.com)
|
||||
Mehdi Abaakouk (sileht@redhat.com)
|
||||
@ -320,6 +326,7 @@ Nguyen Hai (nguyentrihai93@gmail.com)
|
||||
Nguyen Hung Phuong (phuongnh@vn.fujitsu.com)
|
||||
Nguyen Phuong An (AnNP@vn.fujitsu.com)
|
||||
Nguyen Quoc Viet (nguyenqviet98@gmail.com)
|
||||
Nicholas Njihia (nicholas.njihia@canonical.com)
|
||||
Nicolas Helgeson (nh202b@att.com)
|
||||
Nicolas Trangez (ikke@nicolast.be)
|
||||
Ning Zhang (ning@zmanda.com)
|
||||
|
143
CHANGELOG
143
CHANGELOG
@ -1,4 +1,145 @@
|
||||
swift (2.28.0)
|
||||
swift (2.29.0)
|
||||
|
||||
* S3 API improvements
|
||||
|
||||
* CORS preflights are now allowed for pre-signed URLs.
|
||||
|
||||
* The `storage_domain` option now accepts a comma-separated list of
|
||||
storage domains. This allows multiple storage domains to configured
|
||||
for use with virtual-host style addressing.
|
||||
|
||||
* Fixed the types of configured values in /info response.
|
||||
|
||||
* Fixed a server error when trying to copy objects with non-ASCII names.
|
||||
|
||||
* Fixed a server error when uploading objects with very long names.
|
||||
A KeyTooLongError is now returned.
|
||||
|
||||
* Fixed an error when multi-deleting MPUs when SLO async-deletes
|
||||
are enabled.
|
||||
|
||||
* Fixed an error that allowed list-uploads and list-parts requests to
|
||||
return incomplete or out-of-order results.
|
||||
|
||||
* Fixed several bugs when dealing with non-ASCII object names and
|
||||
multipart uploads.
|
||||
|
||||
* Reduced the overhead of retrieving bucket and object ACLs.
|
||||
|
||||
* Replication, reconstruction, and diskfile improvements
|
||||
|
||||
* The reconstructor now uses the replication network to fetch fragments
|
||||
for reconstruction.
|
||||
|
||||
* Added the ability to limit how many objects per handoff partition
|
||||
will be reverted in a reconstructor cycle using the new
|
||||
`max_objects_per_revert` option. This may be useful to reduce
|
||||
ssync timeouts and lock contention, ensuring that progress is made
|
||||
during rebalances.
|
||||
|
||||
* Ensure that non-durable data and .meta files are purged from handoffs
|
||||
after syncing.
|
||||
|
||||
* Fixed tracebacks when there's a race to mark a file durable or delete it.
|
||||
|
||||
* Improved cooperative multitasking during ssync.
|
||||
|
||||
* Upon detecting a ring change, the reconstructor now only aborts the
|
||||
jobs for that ring and continues processing jobs for other rings.
|
||||
|
||||
* Fixed a traceback when logging about a lock timeout in the replicator.
|
||||
|
||||
* Object updater improvements
|
||||
|
||||
* Added the ability to ratelimit updates (approximately) per-container
|
||||
using the new `max_objects_per_container_per_second` option. This may
|
||||
be used to limit requests to already-overloaded containers while still
|
||||
making progress on updates to other containers.
|
||||
|
||||
* Added timing stats by response code.
|
||||
|
||||
* Updates are now sent over the replication network.
|
||||
|
||||
* Fixed a race condition where swift would attempt to quarantine
|
||||
recently-deleted updates.
|
||||
|
||||
* Memcache improvements
|
||||
|
||||
* Added the ability to configure a chance to skip checking memcache when
|
||||
querying shard ranges. This allows some fraction of traffic to go to
|
||||
disk and refresh memcache before the key ages out. Recommended values
|
||||
for the new `container_updating_shard_ranges_skip_cache_pct` and
|
||||
`container_listing_shard_ranges_skip_cache_pct` options are in the
|
||||
range of 0.0 to 0.1.
|
||||
|
||||
* Added stats for shard range cache hits, misses, and skips.
|
||||
|
||||
* Improved handling of timeouts and other errors when obtaining a
|
||||
connection to memcached.
|
||||
|
||||
* Recon improvements
|
||||
|
||||
* Added object-reconstructor stats to recon.
|
||||
|
||||
* Each object-server IP is now queried only once when reporting disk
|
||||
usage. Previously, each port in the ring would be queried; when using
|
||||
servers-per-port, this could dramatically overstate the disk capacity
|
||||
in the cluster.
|
||||
|
||||
* Fixed a security issue where tempurl and s3api signatures were logged in
|
||||
full. This allowed an attacker with access to log data to perform replay
|
||||
attacks, potentially accessing or overwriting cluster data. Now, such
|
||||
signatures are redacted in a manner similar to auth tokens; see the
|
||||
`reveal_sensitive_prefix` option in `proxy-server.conf`.
|
||||
|
||||
See CVE-2017-8761 for more information.
|
||||
|
||||
* Added a new `swift.common.registry` module. This includes helper
|
||||
functions `register_sensitive_header` and `register_sensitive_param`
|
||||
which third party middleware authors may use to flag headers and query
|
||||
parameters for redaction when logging. For more information, see
|
||||
https://docs.openstack.org/swift/latest/misc.html#module-swift.common.registry
|
||||
|
||||
* Added the ability to configure project-scope read-only roles for
|
||||
keystoneauth using the new `project_reader_roles` option.
|
||||
|
||||
* The cname_lookup middleware now works with dnspython 2.0 and later.
|
||||
|
||||
* The internal clients used by the container-reconciler, container-sharder,
|
||||
container-sync, and object-expirer daemons now use a more-descriptive
|
||||
`<daemon>-ic` log name, rather than `swift`. If you previously
|
||||
configured the `log_name` option in `internal-client.conf`, you must
|
||||
now use the `set log_name = <value>` syntax to configure it, even if
|
||||
no value is set in the `[DEFAULT]` section. This may be done prior to
|
||||
upgrading.
|
||||
|
||||
* Fixed a bug that allowed some statsd metrics to be annotated with the
|
||||
wrong backend layer.
|
||||
|
||||
* The `StatsdClient.set_prefix` method is now deprecated and
|
||||
may be removed in a future release; by extension, so is the
|
||||
`LogAdapter.set_statsd_prefix` method. Middleware developers should
|
||||
use the `statsd_tail_prefix` argument to `get_logger` instead.
|
||||
|
||||
* Fixed a traceback in the account-server when there's no account
|
||||
database on disk to receive a container update. The account-server
|
||||
now correctly 404s.
|
||||
|
||||
* The container-updater will quarantine container databases if all
|
||||
replicas for the account respond 404.
|
||||
|
||||
* Fixed a proxy-server error when the read-only middleware tried to
|
||||
handle non-Swift paths (such as may be used by third-party middleware).
|
||||
|
||||
* Some client behaviors that the proxy previously logged at warning have
|
||||
been lowered to info.
|
||||
|
||||
* Removed translations from most logging.
|
||||
|
||||
* Various other minor bug fixes and improvements.
|
||||
|
||||
|
||||
swift (2.28.0, OpenStack Victoria)
|
||||
|
||||
* Sharding improvements:
|
||||
|
||||
|
167
releasenotes/notes/2_29_0_release-af71f7efd73109b0.yaml
Normal file
167
releasenotes/notes/2_29_0_release-af71f7efd73109b0.yaml
Normal file
@ -0,0 +1,167 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
S3 API improvements
|
||||
|
||||
* CORS preflights are now allowed for pre-signed URLs.
|
||||
|
||||
* The ``storage_domain`` option now accepts a comma-separated list of
|
||||
storage domains. This allows multiple storage domains to configured
|
||||
for use with virtual-host style addressing.
|
||||
|
||||
* Reduced the overhead of retrieving bucket and object ACLs.
|
||||
|
||||
- |
|
||||
Replication, reconstruction, and diskfile improvements
|
||||
|
||||
* The reconstructor now uses the replication network to fetch fragments
|
||||
for reconstruction.
|
||||
|
||||
* Added the ability to limit how many objects per handoff partition
|
||||
will be reverted in a reconstructor cycle using the new
|
||||
``max_objects_per_revert`` option. This may be useful to reduce
|
||||
ssync timeouts and lock contention, ensuring that progress is made
|
||||
during rebalances.
|
||||
|
||||
- |
|
||||
Object updater improvements
|
||||
|
||||
* Added the ability to ratelimit updates (approximately) per-container
|
||||
using the new ``max_objects_per_container_per_second`` option. This may
|
||||
be used to limit requests to already-overloaded containers while still
|
||||
making progress on updates to other containers.
|
||||
|
||||
* Added timing stats by response code.
|
||||
|
||||
* Updates are now sent over the replication network.
|
||||
|
||||
- |
|
||||
Memcache improvements
|
||||
|
||||
* Added the ability to configure a chance to skip checking memcache when
|
||||
querying shard ranges. This allows some fraction of traffic to go to
|
||||
disk and refresh memcache before the key ages out. Recommended values
|
||||
for the new ``container_updating_shard_ranges_skip_cache_pct`` and
|
||||
``container_listing_shard_ranges_skip_cache_pct`` options are in the
|
||||
range of 0.0 to 0.1.
|
||||
|
||||
* Added stats for shard range cache hits, misses, and skips.
|
||||
|
||||
- |
|
||||
Added object-reconstructor stats to recon.
|
||||
|
||||
- |
|
||||
Added a new ``swift.common.registry`` module. This includes helper
|
||||
functions ``register_sensitive_header`` and ``register_sensitive_param``
|
||||
which third party middleware authors may use to flag headers and query
|
||||
parameters for redaction when logging. For more information, see `the
|
||||
documentation <https://docs.openstack.org/swift/latest/misc.html#
|
||||
module-swift.common.registry>`__.
|
||||
|
||||
- |
|
||||
Added the ability to configure project-scope read-only roles for
|
||||
keystoneauth using the new ``project_reader_roles`` option.
|
||||
|
||||
- |
|
||||
The ``cname_lookup`` middleware now works with dnspython 2.0 and later.
|
||||
|
||||
- |
|
||||
The internal clients used by the container-reconciler, container-sharder,
|
||||
container-sync, and object-expirer daemons now use a more-descriptive
|
||||
``<daemon>-ic`` log name, rather than ``swift``. If you previously
|
||||
configured the ``log_name`` option in ``internal-client.conf``, you must
|
||||
now use the ``set log_name = <value>`` syntax to configure it, even if
|
||||
no value is set in the ``[DEFAULT]`` section. This may be done prior to
|
||||
upgrading.
|
||||
|
||||
- |
|
||||
Removed translations from most logging.
|
||||
|
||||
deprecations:
|
||||
- |
|
||||
The ``StatsdClient.set_prefix`` method is now deprecated and
|
||||
may be removed in a future release; by extension, so is the
|
||||
``LogAdapter.set_statsd_prefix`` method. Middleware developers should
|
||||
use the ``statsd_tail_prefix`` argument to ``get_logger`` instead.
|
||||
|
||||
fixes:
|
||||
- |
|
||||
S3 API fixes
|
||||
|
||||
* Fixed the types of configured values in ``/info`` response.
|
||||
|
||||
* Fixed a server error when trying to copy objects with non-ASCII names.
|
||||
|
||||
* Fixed a server error when uploading objects with very long names.
|
||||
A ``KeyTooLongError`` is now returned.
|
||||
|
||||
* Fixed an error when multi-deleting MPUs when SLO async-deletes
|
||||
are enabled.
|
||||
|
||||
* Fixed an error that allowed list-uploads and list-parts requests to
|
||||
return incomplete or out-of-order results.
|
||||
|
||||
* Fixed several bugs when dealing with non-ASCII object names and
|
||||
multipart uploads.
|
||||
|
||||
- |
|
||||
Replication, reconstruction, and diskfile fixes
|
||||
|
||||
* Ensure that non-durable data and .meta files are purged from handoffs
|
||||
after syncing.
|
||||
|
||||
* Fixed tracebacks when there's a race to mark a file durable or delete it.
|
||||
|
||||
* Improved cooperative multitasking during ssync.
|
||||
|
||||
* Upon detecting a ring change, the reconstructor now only aborts the
|
||||
jobs for that ring and continues processing jobs for other rings.
|
||||
|
||||
* Fixed a traceback when logging about a lock timeout in the replicator.
|
||||
|
||||
- |
|
||||
Fixed a security issue where tempurl and s3api signatures were logged in
|
||||
full. This allowed an attacker with access to log data to perform replay
|
||||
attacks, potentially accessing or overwriting cluster data. Now, such
|
||||
signatures are redacted in a manner similar to auth tokens; see the
|
||||
``reveal_sensitive_prefix`` option in ``proxy-server.conf``.
|
||||
|
||||
See CVE-2017-8761 for more information.
|
||||
|
||||
- |
|
||||
Fixed a race condition where swift would attempt to quarantine
|
||||
recently-deleted object updates.
|
||||
|
||||
- |
|
||||
Improved handling of timeouts and other errors when obtaining a
|
||||
connection to memcached.
|
||||
|
||||
- |
|
||||
The ``swift-recon`` tool now queries each object-server IP only once
|
||||
when reporting disk usage. Previously, each port in the ring would be
|
||||
queried; when using servers-per-port, this could dramatically overstate
|
||||
the disk capacity in the cluster.
|
||||
|
||||
- |
|
||||
Fixed a bug that allowed some statsd metrics to be annotated with the
|
||||
wrong backend layer.
|
||||
|
||||
- |
|
||||
Fixed a traceback in the account-server when there's no account
|
||||
database on disk to receive a container update. The account-server
|
||||
now correctly 404s.
|
||||
|
||||
- |
|
||||
The container-updater will quarantine container databases if all
|
||||
replicas for the account respond 404.
|
||||
|
||||
- |
|
||||
Fixed a proxy-server error when the read-only middleware tried to
|
||||
handle non-Swift paths (such as may be used by third-party middleware).
|
||||
|
||||
- |
|
||||
Some client behaviors that the proxy previously logged at warning have
|
||||
been lowered to info.
|
||||
|
||||
- |
|
||||
Various other minor bug fixes and improvements.
|
Loading…
Reference in New Issue
Block a user