2023.1 Series Release Notes¶
2023.1-eom¶
Aktualisierungsnotizen¶
Shares created using the CEPHFS Native protocol will now have a new __mount_options metadata containing the cephfs_filesystem_name to enhance usability while mounting shares. Existing shares will be updated through the ensure shares workflow. To preserve backwards compatibility, this metadata is mutable by end users. It is strongly recommended that administrators include „__mount_options“ in the [DEFAULT]/admin_only_metadata_keys configuration option.
Bug Fixes¶
Fixed share export location update when subnet is added to a network containing shares. Please refer to the Launchpad bug #2017501 for more details.
Fixed cleanup of share network security service associations at network delete. See Launchpad bug 2029366 <https://bugs.launchpad.net/manila/+bug/2029366> for more details.
The CephFS driver used to set the „preferred“ export path incorrectly. It is now fixed to set it as part of export location metadata. See Launchpad bug 2053100 for more details.
Share manager drivers can now update export location metadata (such as the preferred attribute) during the ensure_shares routine. (Launchpad bug: 2053100)
NetApp ONTAP driver will now retry the sis operation (e.g. dedupe) if sis operation is currently active. This is needed because NetApp turns on efficiency (by default) on latest hardware which causes conflicting sis operation when Manila tries to turn it off. For more details, please check Launchpad bug #2071359
When using Neutron networks tagged as external (unmanaged provider networks) as share networks, Manila now creates ports with admin_state_up=False (disabled). This change addresses ARP failures that can occur when using OVN as the Neutron ML2 plugin. For more information, refer to bug 2074504.
16.2.1¶
Bug Fixes¶
The „replica_state“ attribute of „active“ replicas cannot be modified. Please see Launchpad bug 2015328 for more details.
Manila will retry neutron API calls e.g. create_port(), show_port() in case of keystoneauth1 connection error. For more details, please refer to launchpad bug #2049507
Share server deletion happens asynchronously and failure during this delete results in leakage of neutron ports. This is fixed in two steps, first by trying to delete ports before share server deletion. Second, after ports from Manila db entries are deleted, query is made to neutron to get ports which are allocated for share server and missing in db. And then try to delete those ports. For more details please check Launchpad bug 2067266
NetApp driver bug #2069125: Fixed the issue for the NetApp ONTAP driver in the ZAPI workflow, where certain vserver accounts failed to add access rules for a share when the vserver network interface was not configured with kerberos.
16.2.0¶
New Features¶
Add new config option ‚service_network_host‘ for service instance with ‚dhss‘=True. This helps us to define network host for ports and able to seperate from manila host.
Bug Fixes¶
Changed the error and status code that was raised when share types are not handled in shares api
Make snapshot names in CephFS drivers shorter to avoid limitation in Ceph clusters which truncates the subvolume name and makes the snapshots inaccesible.
NetApp driver bug #1982808: Fixed issue to add the retry logic to delete and release the snapmirror relationship. Delete the vserver pairing when there is no snapmirror relationship exist on source and destination cluster.
Metadata APIs have been fixed to respond with HTTP 404 / Not Found when the requester does not have access to a resource that the metadata pertains to.
The CephFS driver uses a RemoveExport DBUS API call to the NFS/Ganesha service when a user deletes an access rule, or when deleting the share. If this call fails, the driver now provides a log of the failure, and continues cleaning up. Prior to this change, share deletion could fail if the service failed the DBUS command to drop the export. This would leave the share with an „error_deleting“ status, needing administrator intervention. See bug #2035572 for more information.
16.1.0¶
New Features¶
It is now possible to configure cephfs_ganesha_export_ips (or alternatively, cephfs_ganesha_server_ip) alongside cephfs_nfs_cluster_id. Setting these options will allow the CephFS driver to report additional export paths. These additional export paths will have the „preferred“ metadata key set to False. The export paths pertaining to the NFS service host discovered by the driver will have the „preferred“ metadata key set to True. It is expected that administrators will configure additional IP addresses when preparing to migrate from a standalone NFS-Ganesha service to a NFS service cluster setup facilitated by the Ceph orchestration service. Eventually, when the migration has completed, these configuration options can be removed and the corresponding share export path records will be dropped from Manila. Note that the CephFS driver will not create or manipulate access rules within the NFS service configured via cephfs_ganesha_export_ips or cephfs_ganesha_server_ip.
Aktualisierungsnotizen¶
A new configuration option called
cephfs_ensure_all_shares_salt
has been introduced to assist cloud administrators that would like the CephFS driver to reconcile export paths of existing shares during service startup.
Bug Fixes¶
Fixed non-disruptive share migration of CIFS shares in the NetApp ONTAP driver using ZAPI API. During the CIFS share migration the creation of a new export path is skipped and the actual export path is taken from the backend. For more details, please refer to launchpad bug #1920937.
Role based access control is enforced on the POST /shares/{share_id}/action API to reset status, task state, replica state and similar fields. This prevents the situation where deployments allow some users access to these APIs, but they don’t belong to projects where the resources exist. See bug 1955627 for more context.
NetApp driver: Fixed the issue with replica promotion where the autosize attributes were not being updated on ONTAP. Now, the autosize attributes are updated after promoting the replica. For more details, please refer to launchpad bug #1957075
NetApp driver bug #1982808: Fixed issue preventing the storage system from proper clean up unused SnapMirror snapshots after a replica promote, significantly increasing the amount of space consumed in ONTAP volumes by snapshots.
Share Network Subnet Metadata now can be add by any user, as the project_id used to verify the policy in the case of a non-admin user now is present in the Share Network Subnet db model.
Share replicas in state error_deleting are now skipped during periodic updates. For more details, please refer to launchpad bug #2024556
Share server backend details set function adds db records without checking existing entries. This results in duplicate records for the combination of given share server id and key. Fixed it by updating records if already exist else creating new. See the launchpad bug 2024658 for more details.
The „manage“ API for snapshots now validates the format of „provider_location“ and „share_id“ fields and handles errors appropriately. These fields are expected to contain string values.
The
updated_at
field is correctly set on share and snapshot access rules when an update has been made on the database.
The CephFS backend driver now supports a bulk share recovery mechanism (
ensure_shares
). At startup time, a combination of driver configuration options will determine if the driver must re-evaluate export paths of previously created shares. If these configuration options do not change, service startup will skip through this recovery stage.
The CephFS backend driver will also reapply access rules when performing a recovery of pre-existing shares.
bug #2025649: Fixed share server API error message.
When share creation fails due to missing ports quota, error message propogated to user is not useful. So reported PortLimitExceeded error to user instead of generic error. For more details, please refer (launchpad bug 2019846).
16.0.0¶
New Features¶
From API version 2.76, added ‚default_ad_site‘ field to ‚security_service‘ object. This field can not be used along-with ‚server‘ field of the ‚security_service‘.
Starting with microversion 2.75, user can specify quiesce wait time seconds in share replica promote API. Be aware that not all drivers support this parameter, when not supported, the value would be silently ignored.
Adds share network subnet metadata capabilities including create, update all, update single, show and delete metadata.
Share can be transferred between project with API version
2.77
and beyond.
The special .snapshot directories for shares created by the Infinidat driver can now be controlled through configuration options: infinidat_snapdir_accessible and infinidat_snapdir_visible. By default, each share allows access to its own .snapshot directory, which contains files and directories of each snapshot taken. To restrict access to the .snapshot directory, the infinidat_snapdir_accessible should be set to False. The infinidat_snapdir_visible option controls visibility of the .snapshot directory. By default, the .snapshot directory is hidden. To make the .snapshot directory visible on the client side, this option should be set to True.
Added new config option netapp_snapmirror_schedule which allows admin to configure netapp asynchronous snapmirror schedule. Admin must make sure schedule is already created on the backend filer.
NetApp driver: introduced the option to request ONTAP operations through REST API when using ONTAP 9.12.1 or greater. The new option netapp_use_legacy_client allows switching between the old ZAPI client approach and new REST client. It is default to True, meaning that the drivers will keep working as before using ZAPI operations. If desired, this option can be set to False connecting with new REST client that performs REST API operations if it is available, otherwise falls back to ZAPI.
Also, an option called netapp_rest_operation_timeout was added to allow the user to set the maximum amount of time expected to get an output from a synchronous operation when using REST API. By default, the timeout value is 60 seconds.
For Netapp ONTAP driver, the ‚default_ad_site‘ will restrict the Domain controller’s discovery mode to ‚site‘ i.e. only Domain Controller’s in local site will be discovered.
NetApp driver with DHSS True mode now supports setup the share server network VLAN segmentation through share network subnet metadata. To do so, the field set_vlan must be informed with VLAN number. It can set the network MTU passing the metadata field set_mtu. If the subnet metadata contains the set_vlan without the set_mtu field the MTU is configured according to network plugin.
Aktualisierungsnotizen¶
Added a new configuration option
macrosan_ssl_cert_verfiy
to configure whether the driver should only allow verified ssl certificates. This option defaults toFalse
to allow backwards compatibility.
The following aliases of notification drivers are no longer available. Use the driver names in the
oslo.messaging
library instead.manila.openstack.common.notifier.log_notifier
manila.openstack.common.notifier.no_op_notifier
manila.openstack.common.notifier.rpc_notifier
manila.openstack.common.notifier.rpc_notifier2
manila.openstack.common.notifier.test_notifier
Bug Fixes¶
With replication setup at least one backend is working and serving the shares. Starting from API version 2.74, allowing and denying access to shares will only fail if any of the instances is in a transitional state. Please refer to Launchpad bug 1965561
The GET /shares/{share_id} API now responds with HTTP 404 (Not Found) for inaccessible resources. See bug 1901210 for further information.
Fixed the issue of not accounting replica quotas while triggering the migration for a given share. Please refer to the Launchpad bug #1910752 for more details.
Fixes bug #1928241. The NetApp ONTAP driver will now avoid reusing a share server during the share creation in case the share server does not span the selected pool.
Launchpad bug 1968891 has been fixed. scheduler will use size increase rather than share size to calculate provisioned_ratio when extending share.
When deploying Manila CephFS NFS with cephadm, the manila share service fails to start with the error „Backend cephfsnfs supports neither IPv4 nor IPv6“. This happens because the NFS Ganesha daemon fails to start for some reason, and therefore the driver never gets the location of the NFS Ganesha service that will be used as the backend. We rely on the operator to make sure the CephFS NFS cluster is available when initializing the driver. With this fix in place, we raise an exception to explicitly notify the operator and allow them to take further action.
In cluster deployments, where multiple instances of manila services are deployed via PODs, unique hostname is derived from node name. However if pods are deployed again and launched on new hosts/nodes, the old entries of manila service remains as it is. Fixed it by adding per service cleanup function and also introducing ‚state‘ column in ‚services‘ table. The service will be in either of ‚up‘, ‚down‘ or ‚stopped‘ state. Cleanup will delete DB entries of ‚stopeed‘ services. For more details please refer, Launchpad bug 1990839
The CephFS NFS driver, specifically the NFSProtocolHelper implementation, was passing a wrong param to the Ceph backend and this was preventing users to add and deny access to the created shares. With this fix, users of the CephFS NFS NFSProtocolHelper can normally create and remove access to their shares.
Deployers now can specify
[glance]endpoint_type
configuration option (defaults topublicURL
for backward compatibility) so that Manila uses Glance endpoint other than the public one (see bug 1991396).
Bug 1991776 was fixed within the CephFS driver. The driver no longer emits repeated warnings concerning supported IP versions when using the NFS protocol.
Add the filesystem info in the exports created by the CephFS NFS driver. This fixes inconsistencies when deploying Manila with CephFS NFS with multiple filesystems.
Infinidat Driver bug #1992443: Fixed an issue in Infinidat driver to support host assisted migration. The snapdir_visible filesystem property must be disabled to hide .snapshot directory on the client side. However, this behavior can be changed using the infinidat_snapdir_visible configuration option.
On share server creation initialize the updated_at field with the current timestamp to fix broken automatic cleanup in rare occasions where a share server that would be an automatic cleanup target would be pending in state creating forever.
NetApp driver: Added a guard on getting share server backend detail vserver name when trying to reuse share server. Please refer to Launchpad Bug #1993829.
NetApp driver has been fixed to the error in launchpad bug 1995733 preventing share server cleanup with active directory security service.
In case of NetApp ONTAP driver, user can now set the quiesce timeout during promote and this timeout has precedence over NetApp configuration netapp_snapsmirror_quiesce_timeout. For more details, please refer to launchpad bug 2000171
Fixed an issue that made the CephFS driver to override the permissions in a share. After a bugfix, Ceph’s idempotent creation of shares had a change on its behavior. If a share mode was modified outside of Manila, or the configuration value for cephfs_volume_mode was changed in Manila when shares had already been created, these shares would have their mode changed while Manila attempted to ensure that such share exists using the idempotent creation, potentially breaking clients. The CephFS driver will no longer send create calls to the backend when ensuring a share exists. For more details, please refer to Bug #2002394
Fixed several Manila API error messages with their contents. For more details, please refer to launchpad bug #2007060
NetApp driver: fix some issues caused with managed snapshot, it is no more renaming the managed snapshot. For more details, please refer to launchpad bug #1936648
Some neutron integrations might not have the network type, so the neutron network plugin is fixed by taking that scenario in consideration. Launchpad bug #1987315 for more details.
NetApp driver: driver can now delete the share server in error state that had not been created on storage side. For more details, please refer to launchpad bug #1964592
NetApp driver now checks after sending snapshot-create request that the snapshot has been properly created. If snapshot is not checked, manila assumes that working snapshot is available. But when user tries to access the snapshot, request could fail. Launchpad bug 1971710 for more details.
Other Notes¶
Pure Storage FlashBlade driver - Version number incremented for tracking purposes(Antelope release).