2023.2 Series Release Notes

17.3.1

Bug Fixes

  • NetApp driver bug #2073766: Kerberos can only be configured for the SVM data network interface. Therefore, this fix excludes the vserver management network interface for certain SVM accounts when checking the SVM Kerberos configuration for network interfaces.

17.3.0

Upgrade Notes

  • Shares created using the CEPHFS Native protocol will now have a new __mount_options metadata containing the cephfs_filesystem_name to enhance usability while mounting shares. Existing shares will be updated through the ensure shares workflow. To preserve backwards compatibility, this metadata is mutable by end users. It is strongly recommended that administrators include “__mount_options” in the [DEFAULT]/admin_only_metadata_keys configuration option.

Bug Fixes

  • The “replica_state” attribute of “active” replicas cannot be modified. Please see Launchpad bug 2015328 for more details.

  • Fixed share export location update when subnet is added to a network containing shares. Please refer to the Launchpad bug #2017501 for more details.

  • Manila will retry neutron API calls e.g. create_port(), show_port() in case of keystoneauth1 connection error. For more details, please refer to launchpad bug #2049507

  • bug 2051691: Fixed the default values of the following options.

    • [cors] allowed_headers

    • [cors] expose_headers

    • [cors] allow_methods

  • The CephFS driver used to set the “preferred” export path incorrectly. It is now fixed to set it as part of export location metadata. See Launchpad bug 2053100 for more details.

  • Share manager drivers can now update export location metadata (such as the preferred attribute) during the ensure_shares routine. (Launchpad bug: 2053100)

  • PowerFlex Driver bug #2066840: The default port value of 443 has been added for the PowerFlex NAS backend.

  • Share server deletion happens asynchronously and failure during this delete results in leakage of neutron ports. This is fixed in two steps, first by trying to delete ports before share server deletion. Second, after ports from Manila db entries are deleted, query is made to neutron to get ports which are allocated for share server and missing in db. And then try to delete those ports. For more details please check Launchpad bug 2067266

  • NetApp driver bug #2069125: Fixed the issue for the NetApp ONTAP driver in the ZAPI workflow, where certain vserver accounts failed to add access rules for a share when the vserver network interface was not configured with kerberos.

  • NetApp ONTAP driver will now retry the sis operation (e.g. dedupe) if sis operation is currently active. This is needed because NetApp turns on efficiency (by default) on latest hardware which causes conflicting sis operation when Manila tries to turn it off. For more details, please check Launchpad bug #2071359

  • When using Neutron networks tagged as external (unmanaged provider networks) as share networks, Manila now creates ports with admin_state_up=False (disabled). This change addresses ARP failures that can occur when using OVN as the Neutron ML2 plugin. For more information, refer to bug 2074504.

17.2.0

New Features

  • Add new config option ‘service_network_host’ for service instance with ‘dhss’=True. This helps us to define network host for ports and able to seperate from manila host.

Bug Fixes

  • Changed the error and status code that was raised when share types are not handled in shares api

  • NetApp driver bug #1982808: Fixed issue to add the retry logic to delete and release the snapmirror relationship. Delete the vserver pairing when there is no snapmirror relationship exist on source and destination cluster.

  • The CephFS driver uses a RemoveExport DBUS API call to the NFS/Ganesha service when a user deletes an access rule, or when deleting the share. If this call fails, the driver now provides a log of the failure, and continues cleaning up. Prior to this change, share deletion could fail if the service failed the DBUS command to drop the export. This would leave the share with an “error_deleting” status, needing administrator intervention. See bug #2035572 for more information.

  • bug 2038607: Fixed parse of the protocol_access_mapping option and the backup_protocol_access_mapping option. This change requires that the values used for these options should be formatted like key0=[value00, value01],key1=[value10].

17.1.0

Bug Fixes

  • Role based access control is enforced on the POST /shares/{share_id}/action API to reset status, task state, replica state and similar fields. This prevents the situation where deployments allow some users access to these APIs, but they don’t belong to projects where the resources exist. See bug 1955627 for more context.

  • Make snapshot names in CephFS drivers shorter to avoid limitation in Ceph clusters which truncates the subvolume name and makes the snapshots inaccesible.

  • Metadata APIs have been fixed to respond with HTTP 404 / Not Found when the requester does not have access to a resource that the metadata pertains to.

  • Fixed cleanup of share network security service associations at network delete. See Launchpad bug 2029366 <https://bugs.launchpad.net/manila/+bug/2029366> for more details.

  • The ‘count’ returned by shares and snapshots list API is fixed to provide correct value i.e. count of shares/snapshots instead of shareInstances/shareSnapshotInstances respectively. Please refer to the Launchpad bug #2033604 for more details.

17.0.0

New Features

  • Added the possibility to lock the deletion of access rules, as well as the visibility of the sensitive fields access_to and access_type while creating share access rules. When the visibility is restricted, only the owner or more privileged users will be able to visualize the context of the sensitive fields. Both locks can also be imposed by the recently introduced resource locks APIs.

  • It is now possible to filter access rules based on the access_to, access_type, access_key and access_level keys.

  • Added total count info in Manila’s /snapshots and /snapshots/detail APIs.

  • Added share type information to Ceilometer notifications. It is useful for billing to be able to charge customers differently for shares of different types.

  • Added new API endpoints and methods to create, retrieve, update and delete resource locks. Resource locks can be used to restrict certain actions from occurring on the resource. Currently users can prevent deletion of a share (including soft-deletion, transfer and unmanage operations) by creating a resource lock against the share. In future releases, more resource actions may be supported by this feature.

  • Added a new Manila driver to support Dell PowerFlex storage backend. It supports the minimum set of Manila features.

  • Added a new Manila driver to support Dell PowerStore storage backend. It supports NFS and CIFS shares operations, and snapshot operations.

  • Added the NetAppAIQWeigher scheduler weigher that relies on the NetApp Active IQ to weigh the hosts. It only works with NetApp backends. When other backends exist, the weigher is skipped. Added a new NetApp specific pool information called netapp_cluster_name that contains the name of the cluster where the pool is located, it can be set by a new NetApp configuration option.

  • It is now possible to configure cephfs_ganesha_export_ips (or alternatively, cephfs_ganesha_server_ip) alongside cephfs_nfs_cluster_id. Setting these options will allow the CephFS driver to report additional export paths. These additional export paths will have the “preferred” metadata key set to False. The export paths pertaining to the NFS service host discovered by the driver will have the “preferred” metadata key set to True. It is expected that administrators will configure additional IP addresses when preparing to migrate from a standalone NFS-Ganesha service to a NFS service cluster setup facilitated by the Ceph orchestration service. Eventually, when the migration has completed, these configuration options can be removed and the corresponding share export path records will be dropped from Manila. Note that the CephFS driver will not create or manipulate access rules within the NFS service configured via cephfs_ganesha_export_ips or cephfs_ganesha_server_ip.

  • Admin-only ability to add maximum share extend size restrictions which can be set on a per share-type granularity. Added new extra spec ‘provisioning:max_share_extend_size’.

  • NetApp ONTAP driver now allows cloud operator to define security certificate expire days for vserver. So instead of using vserver’s default security certificate with 365 expire days, cloud operator can ask backend to create new security certificate with given expire days using config option ‘netapp_security_cert_expire_days’.

  • NetApp driver is now able to inform the migration percentage of a share server migration.

  • Added support to share-backup feature. From this release, a backup of a share can be can be created, deleted, listed, queried for detail, updated its name/description and also restored to original share. Sample NFS backup-driver is added.

Upgrade Notes

  • A new configuration option called cephfs_ensure_all_shares_salt has been introduced to assist cloud administrators that would like the CephFS driver to reconcile export paths of existing shares during service startup.

Bug Fixes

  • Fixed non-disruptive share migration of CIFS shares in the NetApp ONTAP driver using ZAPI API. During the CIFS share migration the creation of a new export path is skipped and the actual export path is taken from the backend. For more details, please refer to launchpad bug #1920937.

  • NetApp driver: Fixed the issue with replica promotion where the autosize attributes were not being updated on ONTAP. Now, the autosize attributes are updated after promoting the replica. For more details, please refer to launchpad bug #1957075

  • NetApp driver bug #1982808: Fixed issue preventing the storage system from proper clean up unused SnapMirror snapshots after a replica promote, significantly increasing the amount of space consumed in ONTAP volumes by snapshots.

  • NetApp ONTAP driver fixed to consider timestamp delta calculated from netapp_snapmirror_schedule config option instead of fixed one hour value. Delta is calculated as twice the time of the option. Also, ensure periodically that existent snapmirrors have the schedule property according to the netapp_snapmirror_schedule configuration value. For more details, please refer Launchpad bug #1996859

  • While creating share replicas, the rules that are copied from source share would hang in ‘queued_to_apply’ forever. Fixed it by checking status of access_rule of the created replica and conditionally changed from ‘queued_to_apply’ to ‘active’. For more details check Launchpad bug 2000253

  • Share Network Subnet Metadata now can be add by any user, as the project_id used to verify the policy in the case of a non-admin user now is present in the Share Network Subnet db model.

  • Internal sqlalchemy model_query has been fixed to honor the options of the read_deleted parameter. For more details, please refer to launchpad bug #2015094

  • During share/snapshot create/update API calls, if display name or description is above max db limit i.e. 255, Manila throws error. But in this case, end user message is not meaningful. Fixed it by adding valid error message. For more details, please check Launchpad Bug #2023964

  • Share replicas in state error_deleting are now skipped during periodic updates. For more details, please refer to launchpad bug #2024556

  • Share server backend details set function adds db records without checking existing entries. This results in duplicate records for the combination of given share server id and key. Fixed it by updating records if already exist else creating new. See the launchpad bug 2024658 for more details.

  • The “manage” API for snapshots now validates the format of “provider_location” and “share_id” fields and handles errors appropriately. These fields are expected to contain string values.

  • The updated_at field is correctly set on share and snapshot access rules when an update has been made on the database.

  • The CephFS backend driver now supports a bulk share recovery mechanism (ensure_shares). At startup time, a combination of driver configuration options will determine if the driver must re-evaluate export paths of previously created shares. If these configuration options do not change, service startup will skip through this recovery stage.

  • The CephFS backend driver will also reapply access rules when performing a recovery of pre-existing shares.

  • Netapp driver: Fix Netapp share server migration with multiple subnets. For more details please refer to launchpad bug #2018300 <https://bugs.launchpad.net/manila/+bug/2018300>

  • Netapp driver: Fix Netapp driver create from snapshot accross pools using SVM scoped account. For more details please refer to launchpad bug #1922512

  • When share creation fails due to missing ports quota, error message propogated to user is not useful. So reported PortLimitExceeded error to user instead of generic error. For more details, please refer (launchpad bug 2019846).