--- features: - | TempURLs now support IP range restrictions. Please see https://docs.openstack.org/swift/latest/middleware.html#client-usage for more information on how to use this additional restriction. - | Add support for multiple root encryption secrets for the trivial and KMIP keymasters. This allows operators to rotate encryption keys over time without needing to re-encrypt all existing data in the cluster. Please see the included sample config files for instructions on how to multiple encryption keys. - | The object updater now supports two configuration settings: "concurrency" and "updater_workers". The latter controls how many worker processes are spawned, while the former controls how many concurrent container updates are performed by each worker process. This should speed the processing of async_pendings. On upgrade, a node configured with concurrency=N will still handle async updates N-at-a-time, but will do so using only one process instead of N. If you have a config file like this:: [object-updater] concurrency = and you want to take advantage of faster updates, then do this:: [object-updater] concurrency = 8 # the default; you can omit this line updater_workers = If you want updates to be processed exactly as before, do this:: [object-updater] concurrency = 1 updater_workers = - | When listing objects in a container in json format, static large objects (SLOs) will now include an additional new "slo_etag" key that matches the etag returned when requesting the SLO. The existing "hash" key remains unchanged as the MD5 of the SLO manifest. Text and XML listings are unaffected by this change. - | Log deprecation warnings for ``run_pause``. This setting was deprecated in Swift 2.4.0 and is replaced by ``interval``. It may be removed in a future release. - | Object reconstructor logs are now prefixed with information about the specific worker process logging the message. This makes reading the logs and understanding the messages much simpler. - | Lower bounds of dependencies have been updated to reflect what is actually tested. - | SSYNC replication mode now removes as much of the directory structure as possible as soon at it observes that the directory is empty. This reduces the work needed for subsequent replication passes. - | The container-updater now reports zero objects and bytes used for child DBs in sharded containers. This prevents double-counting in utilization reports. - | Add fallocate_reserve to account and container servers. This allows disks shared between account/container and object rings to avoid getting 100% full. The default value of 1% matches the existing default on object servers. - | Added an experimental ``swift-ring-composer`` CLI tool to build composite rings. - | Added an optional ``read_only`` middleware to make an entire cluster or individual accounts read only. - | Fixed a bug where zero-byte PUTs would not work properly with "If-None-Match: \*" conditional requests. - ACLs now work with unicode in user/account names. - COPY now works with unicode account names. - Improved S3 API compatibility. - | Lock timeouts in the container updater are now logged at INFO level, not ERROR. - Various other minor bug fixes and improvements.