From 332f32dcff2574d161df784b5577fcbd7a052fb1 Mon Sep 17 00:00:00 2001 From: Neha Ojha Date: Wed, 16 Dec 2020 18:16:41 +0000 Subject: [PATCH] doc/releases/octopus.rst: add release notes for 15.2.8 Signed-off-by: Neha Ojha --- doc/releases/octopus.rst | 231 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 231 insertions(+) diff --git a/doc/releases/octopus.rst b/doc/releases/octopus.rst index b470fabdc7a..a8b24865ea1 100644 --- a/doc/releases/octopus.rst +++ b/doc/releases/octopus.rst @@ -1,3 +1,234 @@ +v15.2.8 Octopus +=============== + +This is the 8th backport release in the Octopus series. This release fixes +a security flaw in CephFS and includes a number of bug fixes. We recommend +users to update to this release. + +Notable Changes +--------------- + +* CVE-2020-27781 : OpenStack Manila use of ceph_volume_client.py library allowed + tenant access to any Ceph credential's secret. (Kotresh Hiremath Ravishankar, + Ramana Raja) + +* ceph-volume: The ``lvm batch`` subcommand received a major rewrite. This closed + a number of bugs and improves usability in terms of size specification and + calculation, as well as idempotency behaviour and disk replacement process. + Please refer to https://docs.ceph.com/en/latest/ceph-volume/lvm/batch/ for + more detailed information. + +* MON: The cluster log now logs health detail every ``mon_health_to_clog_interval``, + which has been changed from 1hr to 10min. Logging of health detail will be + skipped if there is no change in health summary since last known. + +* The ``ceph df`` command now lists the number of pgs in each pool. + +* The ``bluefs_preextend_wal_files`` option has been removed. + +* It is now possible to specify the initial monitor to contact for Ceph tools + and daemons using the ``mon_host_override`` config option or + ``--mon-host-override `` command-line switch. This generally should only + be used for debugging and only affects initial communication with Ceph's + monitor cluster. + + +Changelog +--------- + +* pybind/ceph_volume_client: disallow authorize on existing auth ids (Kotresh + Hiremath Ravishankar, Ramana Raja) +* Enable per-RBD image monitoring (`pr#37697 `_, Patrick Seidensal) +* [ceph-volume]: remove unneeded call to get_devices() (`pr#37412 `_, Marc Gariepy) +* bluestore: fix collection_list ordering (`pr#37048 `_, Mykola Golub) +* bluestore: mempool's finer granularity + adding missed structs (`pr#37264 `_, Deepika Upadhyay, Igor Fedotov, Adam Kupczyk) +* bluestore: remove preextended WAL support (`pr#37373 `_, Igor Fedotov) +* ceph-volume batch: reject partitions in argparser (`pr#38280 `_, Jan Fajerski) +* ceph-volume inventory: make libstoragemgmt data retrieval optional (`pr#38299 `_, Jan Fajerski) +* ceph-volume: add libstoragemgmt support (`pr#36852 `_, Paul Cuzner, Satoru Takeuchi) +* ceph-volume: add no-systemd argument to zap (`pr#37722 `_, wanghongxu) +* ceph-volume: avoid format strings for now (`pr#37345 `_, Jan Fajerski) +* ceph-volume: consume mount opt in simple activate (`pr#38014 `_, Dimitri Savineau) +* ceph-volume: fix filestore/dmcrypt activate (`pr#38199 `_, Guillaume Abrioux) +* ceph-volume: fix journal size argument not work (`pr#37344 `_, wanghongxu) +* ceph-volume: fix lvm batch auto with full SSDs (`pr#38045 `_, Dimitri Savineau, Guillaume Abrioux) +* ceph-volume: fix simple activate when legacy osd (`pr#37194 `_, Guillaume Abrioux) +* ceph-volume: implement the --log-level flag (`pr#38426 `_, Andrew Schoen) +* ceph-volume: major batch refactor (`pr#37520 `_, Jan Fajerski, Joshua Schmid) +* ceph-volume: prepare: use \*-slots arguments for implicit sizing (`pr#38205 `_, Jan Fajerski) +* ceph-volume: remove mention of dmcache from docs and help text (`pr#38047 `_, Dimitri Savineau, Andrew Schoen) +* ceph-volume: retry when acquiring lock fails (`pr#36925 `_, Sébastien Han) +* ceph-volume: simple scan should ignore tmpfs (`pr#36953 `_, Andrew Schoen) +* ceph-volume: support for mpath devices (`pr#36928 `_, Jan Fajerski) +* ceph.in: ignore failures to flush stdout (`pr#37225 `_, Dan van der Ster) +* ceph.spec, debian: add smartmontools, nvme-cli dependencies (`pr#37257 `_, Yaarit Hatuka) +* cephadm batch backport November (`pr#38155 `_, Ricardo Marques, Sebastian Wagner, Kyr Shatskyy, Dan Williams, Volker Theile, Varsha Rao, Tim Serong, Adam King, Dimitri Savineau, Patrick Seidensal, Dan Mick, Michael Fritch, Joshua Schmid) +* cephadm batch backport September (1) (`pr#36975 `_, Stephan Müller, Matthew Oliver, Sebastian Wagner, Paul Cuzner, Adam King, Patrick Seidensal, Shraddha Agrawal, Michael Fritch, Dan Mick) +* cephadm batch backport September (2) (`pr#37436 `_, Varsha Rao, Kiefer Chang, Patrick Donnelly, Sebastian Wagner, Kefu Chai, Guillaume Abrioux, Juan Miguel Olmo Martínez, Paul Cuzner, Volker Theile, Tim Serong, Zac Dover, Adam King, Michael Fritch, Joshua Schmid) +* cephfs-journal-tool: fix incorrect read_offset when finding missing objects (`pr#37854 `_, Xue Yantao) +* cephfs: client: fix directory inode can not call release callback (`pr#37017 `_, sepia-liu) +* cephfs: client: fix extra open ref decrease (`pr#37249 `_, Xiubo Li) +* cephfs: client: fix inode ll_ref reference count leak (`pr#37839 `_, sepia-liu) +* cephfs: client: handle readdir reply without Fs cap (`pr#37370 `_, "Yan, Zheng") +* cephfs: client: make Client::open() pass proper cap mask to path_walk (`pr#37369 `_, "Yan, Zheng") +* cephfs: client: use non-static dirent for thread-safety (`pr#37351 `_, Patrick Donnelly) +* cephfs: libcephfs: ignore restoring the open files limit (`pr#37358 `_, Xiubo Li) +* cephfs: osdc/Journaler: do not call onsafe->complete() if onsafe is 0 (`pr#37368 `_, Xiubo Li) +* common/admin_socket: always validate the parameters (`pr#37341 `_, Kefu Chai) +* compressor: Add a config option to specify Zstd compression level (`pr#37253 `_, Bryan Stillwell) +* core: include/encoding: Fix encode/decode of float types on big-endian systems (`pr#37032 `_, Ulrich Weigand) +* debian: Add missing Python dependency for ceph-mgr (`pr#37422 `_, Johannes M. Scheuermann) +* doc/PendingReleaseNotes: mention bluefs_preextend_wal_files (`pr#37549 `_, Nathan Cutler) +* doc/mgr/orchestrator: Add hints related to custom containers to the docs (`pr#37962 `_, Volker Theile) +* doc: cephfs: improve documentation of "ceph nfs cluster create" and "ceph fs volume create" commands (`pr#37691 `_, Nathan Cutler) +* doc: enable Read the Docs (`pr#37201 `_, Kefu Chai) +* erasure-code: enable isa-l EC for aarch64 platform (`pr#37504 `_, luo rixin, Hang Li) +* krbd: optionally skip waiting for udev events (`pr#37285 `_, Ilya Dryomov) +* librbd: ensure that thread pool lock is held when processing throttled IOs (`pr#37116 `_, Jason Dillaman) +* librbd: handle DNE from immutable-object-cache (`pr#36860 `_, Feng Hualong, Mykola Golub, Yin Congmin, Jason Dillaman) +* librbd: using migration abort can result in the loss of data (`pr#37164 `_, Jason Dillaman) +* mds/CInode: Optimize only pinned by subtrees check (`pr#37248 `_, Mark Nelson) +* mds: account for closing sessions in hit_session (`pr#37856 `_, Dan van der Ster) +* mds: add request to batch_op before taking auth pins and locks (`pr#37022 `_, "Yan, Zheng") +* mds: do not raise "client failing to respond to cap release" when client working set is reasonable (`pr#37353 `_, Patrick Donnelly) +* mds: do not submit omap_rm_keys if the dir is the basedir of merge (`pr#37034 `_, "Yan, Zheng", Chencan) +* mds: don't recover files after normal session close (`pr#37334 `_, "Yan, Zheng") +* mds: fix 'forward loop' when forward_all_requests_to_auth is set (`pr#37360 `_, "Yan, Zheng") +* mds: fix hang issue when accessing a file under a lost parent directory (`pr#37020 `_, Zhi Zhang) +* mds: fix kcephfs parse dirfrag's ndist is always 0 (`pr#37357 `_, Yanhu Cao) +* mds: fix mds forwarding request 'no_available_op_found' (`pr#37240 `_, Yanhu Cao) +* mds: fix nullptr dereference in MDCache::finish_rollback (`pr#37243 `_, "Yan, Zheng") +* mds: fix purge_queue's _calculate_ops is inaccurate (`pr#37372 `_, Yanhu Cao) +* mds: make threshold for MDS_TRIM configurable (`pr#36970 `_, Paul Emmerich) +* mds: optimize random threshold lookup for dentry load (`pr#37247 `_, Patrick Donnelly) +* mds: place MDSGatherBuilder on the stack (`pr#37354 `_, Patrick Donnelly) +* mds: reduce memory usage of open file table prefetch #37382 (`pr#37383 `_, "Yan, Zheng") +* mds: resolve SIGSEGV in waiting for uncommitted fragments (`pr#37355 `_, Patrick Donnelly) +* mds: revert the decode version (`pr#37356 `_, Jos Collin) +* mds: send scrub status to ceph-mgr only when scrub is running (`issue#45349 `_, `pr#36047 `_, Kefu Chai, Venky Shankar) +* mds: standy-replay mds remained in the "resolve" state after resta… (`pr#37363 `_, Wei Qiaomiao) +* messages,mds: Fix decoding of enum types on big-endian systems (`pr#36813 `_, Ulrich Weigand) +* mgr/dashboard/api: move/create OSD histogram in separate endpoint (`pr#37973 `_, Aashish Sharma) +* mgr/dashboard: Add short descriptions to the telemetry report preview (`pr#37597 `_, Nizamudeen A) +* mgr/dashboard: Allow editing iSCSI targets with initiators logged-in (`pr#37277 `_, Tiago Melo) +* mgr/dashboard: Auto close table column dropdown on click outside (`pr#36862 `_, Tiago Melo) +* mgr/dashboard: Copy to clipboard does not work in Firefox (`pr#37493 `_, Volker Theile) +* mgr/dashboard: Datatable catches select events from other datatables (`pr#36899 `_, Volker Theile, Tiago Melo) +* mgr/dashboard: Disable TLS 1.0 and 1.1 (`pr#38331 `_, Volker Theile) +* mgr/dashboard: Disable autocomplete on user form (`pr#36901 `_, Volker Theile) +* mgr/dashboard: Disable sso without python3-saml (`pr#38405 `_, Kevin Meijer) +* mgr/dashboard: Disabling the form inputs for the read_only modals (`pr#37239 `_, Nizamudeen) +* mgr/dashboard: Fix bugs in a unit test and i18n translation (`pr#36991 `_, Volker Theile) +* mgr/dashboard: Fix for CrushMap viewer items getting compressed vertically (`pr#36871 `_, Nizamudeen A) +* mgr/dashboard: Fix many-to-many issue in host-details Grafana dashboard (`pr#37299 `_, Patrick Seidensal) +* mgr/dashboard: Fix npm package's vulnerabilities (`pr#36921 `_, Tiago Melo) +* mgr/dashboard: Hide table action input field if limit=0 (`pr#36872 `_, Volker Theile) +* mgr/dashboard: Host delete action should be disabled if not managed by Orchestrator (`pr#36874 `_, Volker Theile) +* mgr/dashboard: Improve notification badge (`pr#37090 `_, Aashish Sharma) +* mgr/dashboard: Landing Page improvements (`pr#37390 `_, Tiago Melo, Alfonso Martínez) +* mgr/dashboard: Merge disable and disableDesc (`pr#37763 `_, Tiago Melo) +* mgr/dashboard: Proper format iSCSI target portals (`pr#36870 `_, Volker Theile) +* mgr/dashboard: REST API returns 500 when no Content-Type is specified (`pr#37308 `_, Avan Thakkar) +* mgr/dashboard: Remove useless tab in monitoring/alerts datatable details (`pr#36875 `_, Volker Theile) +* mgr/dashboard: Show warning when replicated size is 1 (`pr#37578 `_, Sebastian Krah) +* mgr/dashboard: The performance 'Client Read/Write' widget shows incorrect write values (`pr#38189 `_, Volker Theile) +* mgr/dashboard: Update datatable only when necessary (`pr#37331 `_, Volker Theile) +* mgr/dashboard: Use pipe instead of calling function within template (`pr#38094 `_, Volker Theile) +* mgr/dashboard: cluster > manager modules (`pr#37434 `_, Avan Thakkar) +* mgr/dashboard: display devices' health information within a tabset (`pr#37784 `_, Kiefer Chang) +* mgr/dashboard: fix error when typing existing paths in the Ganesha form (`pr#37688 `_, Kiefer Chang) +* mgr/dashboard: fix perf. issue when listing large amounts of buckets (`pr#37405 `_, Alfonso Martínez) +* mgr/dashboard: fix security scopes of some NFS-Ganesha endpoints (`pr#37450 `_, Kiefer Chang) +* mgr/dashboard: fix the error when exporting CephFS path "/" in NFS exports (`pr#37686 `_, Kiefer Chang) +* mgr/dashboard: get rgw daemon zonegroup name from mgr (`pr#37620 `_, Alfonso Martinez) +* mgr/dashboard: increase Grafana iframe height to avoid scroll bar (`pr#37182 `_, Ngwa Sedrick Meh) +* mgr/dashboard: log in non-admin users successfully if the telemetry notification is shown (`pr#37452 `_, Tatjana Dehler) +* mgr/dashboard: support Orchestrator and user-defined Ganesha cluster (`pr#37885 `_, Kiefer Chang) +* mgr/dashboard: table detail rows overflow (`pr#37332 `_, Aashish Sharma) +* mgr/devicehealth: device_health_metrics pool gets created even without any OSDs in the cluster (`pr#37533 `_, Sunny Kumar) +* mgr/insights: Test environment requires 'six' (`pr#38396 `_, Brad Hubbard) +* mgr/prometheus: add pool compression stats (`pr#37562 `_, Paul Cuzner) +* mgr/telemetry: fix device id splitting when anonymizing serial (`pr#37302 `_, Yaarit Hatuka) +* mgr/volumes/nfs: Check if orchestrator spec service_id is valid (`pr#37371 `_, Varsha Rao) +* mgr/volumes/nfs: Fix wrong error message for pseudo path (`pr#37855 `_, Varsha Rao) +* mgr/volumes: Make number of cloner threads configurable (`pr#37671 `_, Kotresh HR) +* mgr/zabbix: indent the output of "zabbix config-show" (`pr#37128 `_, Kefu Chai) +* mgr: PyModuleRegistry::unregister_client() can run endlessly (`issue#47329 `_, `pr#37217 `_, Venky Shankar) +* mgr: don't update pending service map epoch on receiving map from mon (`pr#37180 `_, Mykola Golub) +* mon scrub testing (`pr#38361 `_, Brad Hubbard) +* mon/MDSMonitor do not ignore mds's down:dne request (`pr#37858 `_, chencan) +* mon/MDSMonitor: divide mds identifier and mds real name with dot (`pr#37857 `_, Zhi Zhang) +* mon/MonMap: fix unconditional failure for init_with_hosts (`pr#37817 `_, Nathan Cutler, Patrick Donnelly) +* mon/PGMap: add pg count for pools in the ceph df command (`pr#36945 `_, Vikhyat Umrao) +* mon: Log "ceph health detail" periodically in cluster log (`pr#38345 `_, Prashant Dhange) +* mon: deleting a CephFS and its pools causes MONs to crash (`pr#37256 `_, Patrick Donnelly) +* mon: have 'mon stat' output json as well (`pr#37705 `_, Joao Eduardo Luis) +* mon: mark pgtemp messages as no_reply more consistenly in preprocess\_… (`pr#37347 `_, Greg Farnum) +* mon: set session_timeout when adding to session_map (`pr#37553 `_, Ilya Dryomov) +* mon: store mon updates in ceph context for future MonMap instantiation (`pr#36705 `_, Patrick Donnelly, Shyamsundar Ranganathan) +* msg/async/ProtocolV2: allow rxbuf/txbuf get bigger in testing (`pr#37080 `_, Ilya Dryomov) +* os/bluestore: enable more flexible bluefs space management by default (`pr#37092 `_, Igor Fedotov) +* osd/osd-rep-recov-eio.sh: TEST_rados_repair_warning: return 1 (`pr#37853 `_, David Zafman) +* osd: Check for nosrub/nodeep-scrub in between chunks, to avoid races (`pr#38359 `_, David Zafman) +* osdc/ObjectCacher: overwrite might cause stray read request callbacks (`pr#37674 `_, Jason Dillaman) +* osdc: add timeout configs for mons/osds (`pr#37530 `_, Patrick Donnelly) +* prometheus: Properly split the port off IPv6 addresses (`pr#36985 `_, Matthew Oliver) +* pybind/cephfs: add special values for not reading conffile (`pr#37724 `_, Kefu Chai) +* pybind/cephfs: fix custom exception raised by cephfs.pyx (`pr#37350 `_, Ramana Raja) +* pybind/mgr/volumes: add global lock debug (`pr#37366 `_, Patrick Donnelly) +* qa/\*/mon/mon-last-epoch-clean.sh: mark osd out instead of down (`pr#37349 `_, Neha Ojha) +* qa/cephfs: add session_timeout option support (`pr#37841 `_, Xiubo Li) +* qa/tasks/nfs: Test mounting of export created with nfs command (`pr#37365 `_, Varsha Rao) +* qa/tasks/{ceph,ceph_manager}: drop py2 support (`pr#37863 `_, Kefu Chai) +* qa/tests: added rhel 8.2 (`pr#38287 `_, Yuri Weinstein) +* qa/tests: use bionic only for old clients in rados/thrash-old-clients (`pr#36931 `_, Yuri Weinstein) +* qa/workunits/mon: fixed excessively large pool PG count (`pr#37346 `_, Jason Dillaman) +* qa: Enable debug_client for mgr tests (`pr#37270 `_, Brad Hubbard) +* qa: Fix traceback during fs cleanup between tests (`pr#36713 `_, Kotresh HR) +* qa: add debugging for volumes plugin use of libcephfs (`pr#37352 `_, Patrick Donnelly) +* qa: drop hammer branch qa tests (`pr#37728 `_, Neha Ojha, Deepika Upadhyay) +* qa: ignore expected mds failover message (`pr#37367 `_, Patrick Donnelly) +* rbd-mirror: peer setup can still race and fail creation of peer (`pr#37342 `_, Jason Dillaman) +* rbd: include RADOS namespace in krbd symlinks (`pr#37343 `_, Ilya Dryomov) +* rbd: journal: possible race condition between flush and append callback (`pr#37850 `_, Jason Dillaman) +* rbd: librbd: ignore -ENOENT error when disabling object-map (`pr#37852 `_, Jason Dillaman) +* rbd: librbd: update AioCompletion return value before evaluating pending count (`pr#37851 `_, Jason Dillaman) +* rbd: make common options override krbd-specific options (`pr#37408 `_, Ilya Dryomov) +* rbd: rbd-nbd: don't ignore namespace when unmapping by image spec (`pr#37812 `_, Mykola Golub) +* rgw/gc: fix for incrementing the perf counter 'gc_retire_object' (`pr#37847 `_, Pritha Srivastava) +* rgw/gc: fixing the condition when marker for a queue is (`pr#37846 `_, Pritha Srivastava) +* rgw/rgw_file: Fix the incorrect lru object eviction (`pr#37672 `_, luo rixin) +* rgw: Add bucket name to bucket stats error logging (`pr#37335 `_, Seena Fallah) +* rgw: Add request timeout to beast (`pr#37809 `_, Adam C. Emerson, Or Friedmann) +* rgw: RGWObjVersionTracker tracks version over increments (`pr#37337 `_, Casey Bodley) +* rgw: Swift API anonymous access should 401 (`pr#37339 `_, Matthew Oliver) +* rgw: adds code for creating and managing oidc provider entities in rgw and for offline validation of OpenID Connect Access and ID Token (`pr#37640 `_, Pritha Srivastava, Casey Bodley) +* rgw: allow rgw-orphan-list to note when rados objects are in namespace (`pr#37800 `_, J. Eric Ivancich) +* rgw: dump transitions in RGWLifecycleConfiguration::dump() (`pr#36812 `_, Shengming Zhang) +* rgw: during GC defer, prevent new GC enqueue (`pr#38249 `_, Casey Bodley, J. Eric Ivancich) +* rgw: fix expiration header returned even if there is only one tag in the object the same as the rule (`pr#37807 `_, Or Friedmann) +* rgw: fix setting of namespace in ordered and unordered bucket listing (`pr#37673 `_, J. Eric Ivancich) +* rgw: fix user stats iterative increment (`pr#37779 `_, Mark Kogan) +* rgw: fix: S3 API KeyCount incorrect return (`pr#37849 `_, 胡玮文) +* rgw: log resharding events at level 1 (formerly 20) (`pr#36840 `_, Or Friedmann) +* rgw: radosgw-admin should paginate internally when listing bucket (`pr#37803 `_, J. Eric Ivancich) +* rgw: radosgw-admin: period pull command is not always a raw_storage_op (`pr#37336 `_, Casey Bodley) +* rgw: replace '+' with "%20" in canonical query string for s3 v4 auth (`pr#37338 `_, yuliyang_yewu) +* rgw: rgw_file: avoid long-ish delay on shutdown (`pr#37551 `_, Matt Benjamin) +* rgw: s3: mark bucket encryption as not implemented (`pr#36691 `_, Abhishek Lekshmanan) +* rgw: urlencode bucket name when forwarding request (`pr#37340 `_, caolei) +* rgw: use yum rather than dnf for teuthology testing of rgw-orphan-list (`pr#37845 `_, J. Eric Ivancich) +* rpm,deb: drop /etc/sudoers.d/cephadm (`pr#37401 `_, Nathan Cutler) +* run-make-check.sh: Don't run tests if build fails (`pr#38294 `_, Brad Hubbard) +* systemd: Support Graceful Reboot for AIO Node (`pr#37300 `_, Wong Hoi Sing Edison) +* test/librados: fix endian bugs in checksum test cases (`pr#37604 `_, Ulrich Weigand) +* test/rbd-mirror: pool watcher registration error might result in race (`pr#37208 `_, Jason Dillaman) +* test/store_test: use 'threadsafe' style for death tests (`pr#37819 `_, Igor Fedotov) +* tools/osdmaptool.cc: add ability to clean_temps (`pr#37348 `_, Neha Ojha) +* tools/rados: flush formatter periodically during json output of "rados ls" (`pr#37835 `_, J. Eric Ivancich) +* vstart.sh: fix fs set max_mds bug (`pr#37837 `_, Jinmyeong Lee) + + v15.2.7 Octopus =============== -- 2.39.5