David Galloway [Fri, 10 Jul 2026 20:12:01 +0000 (16:12 -0400)]
script/buildcontainer-setup: fix package install on debian trixie
Debian removed software-properties-common from the archive in trixie,
so the flat apt-get install list fails there. The package was only
needed to provide add-apt-repository for llvm.sh, which installs
clang-19 from apt.llvm.org. Trixie ships clang-19 natively, so install
it from the distro instead; run-make.sh's prepare() then finds clang-19
and skips llvm.sh entirely. Ubuntu and older Debian releases still have
software-properties-common and keep the previous behavior.
Fixes: https://tracker.ceph.com/issues/78111 Signed-off-by: David Galloway <david.galloway@ibm.com>
Nizamudeen A [Thu, 9 Jul 2026 07:52:58 +0000 (13:22 +0530)]
mgr/dashboard: fix html lint errors according to new rules
mostly accessibility issues like
- A label component must be associated with a form element
Fixed by adding `for` to labels and sometimes replacing label with
legend
- Elements with interaction handlers must be focusable
- click must be accompanied by either keyup, keydown or keypress event for accessibility
- <button> should have content
Fixes: https://tracker.ceph.com/issues/77112 Signed-off-by: Nizamudeen A <nia@redhat.com>
Translate sqlite3.DatabaseError into a generic StoreUnavailable in
sqlite_store.py and handle it in cli.py and module.py instead of
letting it surface as an unhandled exception
mgr/cephadm: suppress CEPHADM_FAILED_DAEMON for services being removed
When a service is deleted, a daemon belonging to it may transiently
enter a failed state before orphan cleanup removes it. This happens
when there is a race between dependency-changed REDEPLOY and a
service removal going on paralelly.
Skip daemons in update_failed_daemon_health_check whose service is
already in spec_deleted.
Nizamudeen A [Fri, 10 Jul 2026 05:42:58 +0000 (11:12 +0530)]
.github: fix check-license permission issue
RCA done by copilot inside the github actions
Root cause: the workflow is passing the default token to a third‑party action that calls PR/diff APIs, and in this run that token doesn’t have the required permission scope for that request.
From the failing job log:
There seems to be an error in an API request
This is usually due to using a GitHub token without the adequate scope
From the job definition (.github/workflows/check-license.yml):
It uses JJ/github-pr-contains-action
Token passed is ${{ github.token }}
Fix
Grant explicit read permissions needed for pull request metadata/content in this workflow (or job), so the token has consistent scope when the action fetches diff data.
Why this solves it
The action needs to read PR diff data. Explicitly setting pull-requests: read (and contents: read) prevents under-scoped default token behavior that triggers the API failure.
John Mulligan [Thu, 9 Jul 2026 20:12:11 +0000 (16:12 -0400)]
pybind/mgr: disable type checking in diskprediction_local
Disable type checking in the __preprocess function of
diskprediction_local. This function is already collecting a lot of
`type: ignore` comments and adding more is getting difficult due to
the structure of this function. This time we were hitting errors
like:
diskprediction_local/predictor.py:160: error: Value of type "NDArray?[Any]" is not indexable [index]
diskprediction_local/predictor.py:161: error: "NDArray?[Any]" has no attribute "shape" [attr-defined]
on python 3.12.
Fixes: https://tracker.ceph.com/issues/78117 Signed-off-by: John Mulligan <jmulligan@redhat.com>
mgr/cephadm/smb: Add feature-based REDEPLOY logic for SMB services
Implement intelligent action selection for SMB daemon updates by tracking
feature changes as dependencies. When SMB service features change (e.g.,
adding cephfs-proxy, remote-control, keybridge), the system now triggers
a REDEPLOY instead of RECONFIG, as these changes require container
structure modifications.
John Mulligan [Thu, 9 Jul 2026 14:28:13 +0000 (10:28 -0400)]
qa/workunits/smb: work around test failures by pinning smbprotocol version
Work around new tests failures (in the TestHostsAccessToggle1 tests)
where the error/exception handling has apparently changed by just
pinning the version (by excluding the new v1.17.0 and newer versions).
Signed-off-by: John Mulligan <jmulligan@redhat.com>
qa/crimson: ignore PG_NOT_DEEP_SCRUBBED in all crimson tests
As we do not yet scrub scheduling in Crimson, the
OSDs do not perform deep scrubs. last_deep_scrub_stamp thus
stays at epoch 0 for all PGs. The monitor flags these as overdue
immediately, causing spurious test failures — particularly in tests
that restart OSDs (e.g. crimson_fio_restart), where PGs reaching
active+clean state trigger the health check.
Super User [Wed, 8 Jul 2026 12:05:16 +0000 (17:35 +0530)]
doc/rbd: clarify mirror resync snapshot behavior
Add documentation explaining that rbd mirror resync only copies
image state and data up to the last mirror-snapshot for
snapshot-based mirroring. Document the requirement to create
a new mirror-snapshot on current primary so that new changes
(including resize operation) gets reflected on secondary after
resync.
crimson/osd: guard recovery clone overlap with try_lock_for_read
Crimson recovery could use a neighbor clone as a clone_subset source
during osd_recover_clone_overlap without checking whether that clone
was safe to read. Classic OSD takes a read lock on the neighbor clone
via try_lock_for_read() before using it.
Under snap trim + recovery stress, recovery could clone_range from a
clone that snap trim was modifying, producing wrong object content
(ceph_test_rados: incorrect buffer at pos 1462272).
calc_clone_subsets() and calc_head_subsets() now return clone overlap
candidates in preference order only. ReplicatedRecoveryBackend locks
the first usable neighbor clone from each list and holds those read
locks until push/pull recovery completes. RecoveryCloneLockManager
releases locks in its destructor so move-assign cannot leak a held
lock and block snap trim.
rgw/beast: dispatch connection close on strand during pause
AsioFrontend::pause() (and stop()) call ConnectionList::close() from
the realm reloader thread. That invokes socket.close() on every live
connection from a thread that isn't the connection's asio strand, so
the reactor deregisters each socket's descriptor_state racing against
the coroutine that handles the connection. If a keep-alive connection
is starting its next async_read_some() on its strand at the same time,
epoll_reactor::start_op() dereferences the descriptor_state that close
has already freed and radosgw segfaults in an io_context_pool thread.
This matches the race pattern fixed for timeout_timer in 86ad0b891b0:
any caller that touches socket state from outside the strand needs to
be serialized with the coroutine.
Store the coroutine's strand executor on Connection and dispatch the
close onto that strand in ConnectionList::close(). The lambda captures
an intrusive_ptr to Connection so the object lives until the close
actually runs, since connections.clear() unlinks the list entry right
after dispatch.
Tracker: https://tracker.ceph.com/issues/76094 Signed-off-by: Lumir Sliva <61183145+lumir-sliva@users.noreply.github.com>
Update `unittest_rgw_asio_frontend` to run the `io_context` and
execute in a coroutine to match the environment in RGW.
Signed-off-by: Adam C. Emerson <aemerson@redhat.com>
Adam C. Emerson [Thu, 30 Apr 2026 00:57:35 +0000 (20:57 -0400)]
common/async: `io_context_pool` no longer moves from init function
Previously if we received an rvalue function object we would call a
moved-from object on all but the first thread. In practice this didn't
cause an issue, but only because of the functions we were passing.
Fixes: https://tracker.ceph.com/issues/76094 Signed-off-by: Adam C. Emerson <aemerson@redhat.com>
Adam C. Emerson [Wed, 1 Apr 2026 18:30:18 +0000 (14:30 -0400)]
rgw: Check `going_down` in other-than-`interval_set` loop
Without this we can end up in an infinite loop where we just fill the
log with -ECANCELED from `get_next()`. Duplicates a check in the
`blocked_operations` loop.
Fixes: https://tracker.ceph.com/issues/76094 Signed-off-by: Adam C. Emerson <aemerson@redhat.com>
John Mulligan [Wed, 8 Jul 2026 14:18:19 +0000 (10:18 -0400)]
doc/mgr: update out of date paragraph in smb.rst
We still had a part of the document saying we only support the default
port. We added service colocation via custom_ports/bind_addrs a while
back so the doc has been out of date.
Signed-off-by: John Mulligan <jmulligan@redhat.com>
src/test/librados: enable FastEC tests with crimson
This commit enables fast EC tests such that they are run for crimson
OSDs. This is done towards an effort to establish reliable fast EC
support in crimson.
These tests where previously enabled as part of another PR but
ultimately were not merged due to insufficient confidence.
mgr/cephadm: don't treat unknown daemon state as error
cephadm ls may transiently report state='unknown' for daemons that are
still starting up. The state mapping in _refresh_host_daemons mapped
'unknown' to DaemonDescriptionStatus.error, which caused
update_failed_daemon_health_check to fire CEPHADM_FAILED_DAEMON for
daemons that were simply mid-startup. The warning clears on the next
refresh once the daemon reaches a real state, but it causes spurious
QA failures across many test suites.
Map 'unknown' to DaemonDescriptionStatus.unknown instead — the enum
value already exists and is handled by to_str() and the dashboard.
get_error_daemons() only checks for .error, so unknown daemons no
longer trigger the health warning.
Ville Ojamo [Wed, 8 Jul 2026 09:59:30 +0000 (16:59 +0700)]
doc: remove unused readthedocs-sphinx-search
Remove readthedocs-sphinx-search from the RTD build environment because
it seems to be unused and unsupported.
RTD has archived the readthedocs-sphinx-search repo since Apr 2025.
The docs website does not seem to show such function, the search box
in the top-left corner requires a search to be submitted and is not
live.
Fixes: https://tracker.ceph.com/issues/72918 Signed-off-by: Ville Ojamo <git2233+ceph@ojamo.eu>
mgr/smb: add fruit:nfs_aces=no for macOS compatibility mode
When macOS client compatibility is enabled, add the global Samba
configuration option 'fruit:nfs_aces = no' to disable NFS ACE
handling in the fruit VFS module. This improves compatibility
with macOS SMB clients by preventing conflicts between NFS-style
ACLs and macOS extended attributes.
The configuration is automatically applied when:
- Creating a new cluster with --client-compat=macos
- Updating an existing cluster to macOS mode
Signed-off-by: Shwetha K Acharya <Shwetha.K.Acharya@ibm.com>
Ville Ojamo [Wed, 8 Jul 2026 05:27:06 +0000 (12:27 +0700)]
doc: fix Sphinx complaints and some rendering errors
Fix 25 criticals, errors, and warnings from Sphinx.
Some of the changes did not change rendering but most fixed unintended
rendering, broken link etc.
Change Mon to Monitor in ceph-secrets.rst.
Signed-off-by: Ville Ojamo <git2233+ceph@ojamo.eu>
Nizamudeen A [Wed, 8 Jul 2026 05:21:50 +0000 (10:51 +0530)]
mgr/dashboard: teardown http requests for feature-toggle
angular 19.2.latest is aggressively tearing down the test env which
forces the active rxjs timer to emit one execution as it collapses which
produces a ghost http in the case of request wrapped in the timer
service. so for now flushing all the requests manually to prevent it
Fixes: https://tracker.ceph.com/issues/77729 Signed-off-by: Nizamudeen A <nia@redhat.com>
qa/cephadm: fix hardcoded 'sshd' unit name in setup_ca_signed_keys
setup_ca_signed_keys() hardcoded `systemctl restart sshd`, which fails
on Debian/Ubuntu where the SSH server unit is named `ssh.service`
rather than `sshd.service`. Try `ssh` first, fall back to `sshd` if
that fails, grouped so the fallback only fires on restart failure and
doesn't mask a failed config write.
qa/suites/rbd/valgrind: pin to centos_9.stream instead of rpm_latest
This used to be the case before commit d4b977afdc59 ("qa/distros:
rename centos_latest.yaml to rpm_latest.yaml") and subsequent changes
to enable Rocky 10. When paired with valgrind, python_api_tests* jobs
fail persistently on Ubuntu and Rocky, see [1]. Switch back until that
is resolved (or for as long as centos_9.stream remains in the mix).
Matan Breizman [Mon, 8 Jun 2026 12:45:20 +0000 (15:45 +0300)]
crimson/osd: fix CyanStore boot with crimson OSD
- Remove dead cyan_store.h includes from pg.cc and shard_services.cc.
- Fix CyanStore::mkfs to write type="cyanstore" instead of "memstore"
- Handle missing device class in OSD::start: stores that return an empty
device class (e.g CyanStore) now fall back to is_rotational=false with
a warning instead of throwing
Before optimizing the onode lookup paths we should measure the existing
cost if each possible optimization.
The per-node search is already binary search(see search_result_bs_t
binary_search). Possible costs are:
- per-level node traversal
- STAGE_STRING ns/oid memcmp (rbd has long shared oid prefixes)
Adding the following stats to be exposed as seastar-metrics (not logs).
Keep the new sampling per-comparison overhead out unless needed for
measurment runs.
Candidate optimization leads from the numbers:
* cross-node string/prefix dedup (marked as TODOs in stage.h) this could
result in cheaper compares for shared (rbd) prefixes.
* shrink onode_layout_t - marked as onode.h TODO.
stop inlining oi and ss to get more objects per leaf.
mgr/cephadm: pass RGW zonegroup hostnames as custom SANs
Fix RGW certificate generation so `zonegroup_hostnames` and wildcard
SANs are passed to `get_certificates()` using the correct keyword
argument. Previously, RGW built the expected SAN list from
`zonegroup_hostnames` and `wildcard_enabled`, but passed it
positionally so it was interpreted as ips list.
Also add a unit test to cover the RGW `zonegroup_hostnames` +
`wildcard_enabled` path and ensure SANs are passed as `custom_sans`.
Fixed other calls to enforce the usage of keywords for arguments just
to avoid similar issues in the future.