Alex Ainscow [Mon, 24 Nov 2025 21:08:08 +0000 (21:08 +0000)]
rgw: migrate to using non-deprecated class call functions
Update the Rados Gateway driver to utilize the new trait-based class
method interface. This replaces legacy string-based exec() calls with
the typesafe template-based alternatives.
Key Changes:
Updated reset_stats in buckets.cc to use cls::user::method::reset_user_stats2.
Updated RGWRadosBILogTrimCR in rgw_cr_rados.cc to use cls::rgw::method::bi_log_trim.
This change ensures that RGW operations are correctly categorized as
reads or writes at compile-time, aligning with the broader effort to
improve RADOS class method safety and OSD routing efficiency.
Alex Ainscow [Mon, 24 Nov 2025 16:49:36 +0000 (16:49 +0000)]
test: Fix up librados/neorados tests
There much mocking of exec going on in these tests. An extensive
search and replace was required to find them all.
Note that the failure looks like memory corruption when manipulating
the ops array - but the actually issue is the mocking not intercepting
the exec_impl call (and similar) correctly.
Alex Ainscow [Mon, 24 Nov 2025 16:47:43 +0000 (16:47 +0000)]
cls: refactor class directory and tests to use trait-based API
Migrate existing internal RADOS classes and the associated test infrastructure
to utilize the new template-based exec() interface. While the previous
commit introduced the mechanism, this change applies it across the
codebase to eliminate legacy string-based calls in internal logic.
Alex Ainscow [Mon, 24 Nov 2025 16:45:44 +0000 (16:45 +0000)]
librados: enforce compile-time read/write semantics for class methods
Status Quo:
Librados currently uses string-based identifiers for RADOS class method calls
(exec) in both ObjectReadOperation and ObjectWriteOperation. The API does
not distinguish between methods that modify object state and those that
are read-only.
Problem:
This lack of semantic enforcement has become a critical safety gap with the
introduction of EC Direct Reads. Because the EC direct read path is optimized
for performance, it may process the same read-only operation multiple times
(e.g., across different shards or during retries).
Previously, while technically a violation of API semantics, a "read-that-writes"
would often function correctly because operations were processed in-order and
without retries on the read path. However, in the context of EC direct reads,
executing a non-idempotent write through the read path poses a silent and
critical risk to data integrity.
Solution:
Introduce a template-based trait system to encode method semantics into the
API. By tagging methods with traits (MethodRead or MethodWrite), the compiler
now prevents state-modifying methods from being added to ObjectReadOperation.
This ensures that only side-effect-free methods reach the EC direct read
path, eliminating the risk of accidental double-writes at the source.
Gil Bregman [Sun, 12 Apr 2026 16:18:07 +0000 (19:18 +0300)]
mgr/dashboard: Add location to gateway info command in NVMeoF CLI Fixes: https://tracker.ceph.com/issues/75968 Signed-off-by: Gil Bregman <gbregman@il.ibm.com>
Gil Bregman [Mon, 6 Apr 2026 22:08:15 +0000 (01:08 +0300)]
mgr/dashboard: Add namespace encryption support to NVMeoF CLI Fixes: https://tracker.ceph.com/issues/74965 Signed-off-by: Gil Bregman <gbregman@il.ibm.com>
qa/cephadm: fix NFS ganesha startup failure in containers
The test_cephadm.sh workunit deploys NFS using cephadm _orch deploy with
config_blobs sourced from src/cephadm/samples/nfs.json. The ganesha.conf
section in that sample has no NFS_CORE_PARAM block, so allow_set_io_flusher_fail
defaults to false.
On Rocky Linux 10 (the current base for ceph:main images), ganesha 7.0 calls
prctl(PR_SET_IO_FLUSHER) at startup. Containers lack the required capabilities
(CAP_SYS_ADMIN/CAP_SYS_RAWIO) for this syscall, so it returns EPERM. With
allow_set_io_flusher_fail unset, ganesha treats this as a fatal error and aborts
immediately, before even fetching the %url RADOS config.
The orchestrator path (ganesha.conf.j2) already has allow_set_io_flusher_fail = true
in its NFS_CORE_PARAM block. This fix brings the sample config used by the
standalone test path in line with it.
This commit fixes an issue when the image is not the base distro,
the debug suffix for it is overwritten. This is especially
required for crimson debug builds to work for rocky10.
Aashish Sharma [Tue, 31 Mar 2026 04:30:23 +0000 (10:00 +0530)]
mgr/dashboard: Add option to edit zone with keys/
argument like"sync_from" and "sync_from_all"
Currently, there is no option to configure the sync_from and sync_from_all keys directly while creating or editing a zone from the dashboard. These arguments are particularly important when setting up archive zones. In archive zones, duplicate objects appear when sync_from_all is set to true (which is the default). The fix is to:
1.Set sync_from_all to false
2.Set sync_from to point to the master zone only
This ensures that the archive zone syncs exclusively from the master zone, preventing duplicate object issues.
Leonid Chernin [Tue, 17 Mar 2026 15:40:16 +0000 (17:40 +0200)]
nvmeofgw: propagate quorum feature to the NVMeofMonClient,
reverted feature bit NVMEOF_BEACON_DIFF:
-NVMeofGwMon adds a quorum_features indication to the MonClient map.
-MonClient initially sends beacons without applying the BEACON_DIFF logic.
-MonClient begins applying the BEACON_DIFF logic only when the BEACON_DIFF bit
is set in the quorum_features field of the NVMeoF monitor map.
-added mon commands:
nvme-gw set beacon-diff disable
nvme-gw set beacon-diff enable
-performed changes in encode/decode of the BEACON_DIFF feature
-reverted NVMEOF_BEACON_DIFF bit
Signed-off-by: Leonid Chernin <leonidc@il.ibm.com>
qa/cephadm: derive container image from cephadm release
test_cephadm.sh hardcodes IMAGE_DEFAULT to ceph:main, which breaks
every stable branch whenever main is renamed to a new release. The
mismatch check in cephadm correctly rejects the container because its
release name doesn't match cephadm's own release. This has recurred on
every release transition (squid→tentacle, quincy→reef) without a fix.
Instead of always pulling ceph:main, derive IMAGE_DEFAULT from the
installed cephadm's version output. On stable builds (release type
"stable"), use ceph:<release> so the container matches cephadm. On dev
builds (main branch), fall back to ceph:main as before. The IMAGE_DEFAULT
env var can still be set externally to override.
Annmool [Sun, 15 Mar 2026 13:54:36 +0000 (19:24 +0530)]
mgr/dashboard: use border-subtle utility class in overview and tearsheet
Replace the remaining custom dashboard border classes in the overview alerts card and tearsheet with the shared border-subtle utility classes. Update the alerts-card unit test so it checks the shared utility class name used by the template. Stub Prometheus overview requests in the dashboard a11y Cypress test so the test does not fail on missing metrics in CI.
Bootstrap fails on v20.2.0 upgrade because of
cephadm binary and ceph image version mismatch.
This fixes following problem in bootstrap by using
tentacle cephadm binary:
```
Error: Container release tentacle != cephadm release umbrella; please use matching version of cephadm (pass --allow-mismatched-release to continue anyway)
```
debian: remove stale distutils override from py3dist-overrides
distutils was deprecated in Python 3.10 (PEP 632) and removed in
Python 3.12. The `python3-distutils` package no longer exists in
Debian Trixie (Python 3.13) or Ubuntu 24.04+ (Python 3.12).
The only runtime reference was in `debian/ceph-mgr.requires`, already
cleaned up by 3fb3f892aa3. This override is now dead code, hence no
installed file declares a runtime dependency on `distutils`, so
`dh_python3` never resolves it. Removing it prevents a latent
uninstallable-dependency bug if `distutils` were accidentally
reintroduced in a `.requires` file.
Fixes: https://tracker.ceph.com/issues/75901 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> Signed-off-by: Max R. Carrara <m.carrara@proxmox.com> Signed-off-by: Kefu Chai <k.chai@proxmox.com>
libcephsqlite: ensure atexit handlers are registered after openssl
When the sqlite3 executable encounters an error with .bail=on, it will
make a call to exit(). The atexit() handlers will execute in LIFO order.
We need to ensure that openssl (before OpenSSL 4.0 [1]) atexit handlers are
registered before libcephsqlite.
[1] http://github.com/openssl/openssl/commit/31659fe32673a6bd66abf3f8a7d803e81c6ffeed (OpenSSL 4.0 no longer arms `OPENSSL_cleanup()` function as an `atexit(3)`)
Fixes: https://tracker.ceph.com/issues/59335 Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>
Increase op_delay to pggrow to avoid rapid PG splits.
Excessive splitting with a low reactor count can leave many PGs in
snaptrim, causing tests to hit the (short) snap trimming timeout.
Crimson's pggrow keeps the OSDs clean thorugout the entire test,
which is against do_thrash expectations.
Increasing op_delay would reduce do_thrash "actions" back to a normal rate.
Use prompts that cannot be selected in CLI examples. Remove warnings
about selectable prompts.
Use privileged prompt for ceph commands.
Use inline formatting consistently.
Improve capitalization.
Signed-off-by: Ville Ojamo <git2233+ceph@ojamo.eu>
Reviewed-by: Patrick Donnelly <pdonnell@ibm.com> Reviewed-by: Redouane Kachach <rkachach@redhat.com> Reviewed-by: Adam C. Emerson <aemerson@redhat.com>
Kefu Chai [Sun, 29 Mar 2026 11:42:25 +0000 (19:42 +0800)]
crimson/osd: use O_CLOEXEC with pipe2() in get_early_config
Without O_CLOEXEC the pipe fds are inherited across any future exec()
calls. While the child in get_early_config does not exec, using
O_CLOEXEC is standard practice to prevent inadvertent fd leaks into
subprocesses spawned later in the OSD lifetime.
Run NVMe preformat in the LVM bluestore prepare path and
set skip_mkfs_discard so ceph-osd --mkfs gets --bdev-enable-discard false,
matching the raw OSD behavior.
projects / ceph.git / log