Xena Series Release Notes¶
13.2.0-15¶
Bug Fixes¶
Changed the error and status code that was raised when share types are not handled in shares api
Make snapshot names in CephFS drivers shorter to avoid limitation in Ceph clusters which truncates the subvolume name and makes the snapshots inaccesible.
NetApp driver bug #1982808: Fixed issue preventing the storage system from proper clean up unused SnapMirror snapshots after a replica promote, significantly increasing the amount of space consumed in ONTAP volumes by snapshots.
Share replicas in state error_deleting are now skipped during periodic updates. For more details, please refer to launchpad bug #2024556
Share server backend details set function adds db records without checking existing entries. This results in duplicate records for the combination of given share server id and key. Fixed it by updating records if already exist else creating new. See the launchpad bug 2024658 for more details.
The „manage“ API for snapshots now validates the format of „provider_location“ and „share_id“ fields and handles errors appropriately. These fields are expected to contain string values.
The
updated_at
field is correctly set on share and snapshot access rules when an update has been made on the database.
The CephFS driver uses a RemoveExport DBUS API call to the NFS/Ganesha service when a user deletes an access rule, or when deleting the share. If this call fails, the driver now provides a log of the failure, and continues cleaning up. Prior to this change, share deletion could fail if the service failed the DBUS command to drop the export. This would leave the share with an „error_deleting“ status, needing administrator intervention. See bug #2035572 for more information.
NetApp driver bug #2069125: Fixed the issue for the NetApp ONTAP driver in the ZAPI workflow, where certain vserver accounts failed to add access rules for a share when the vserver network interface was not configured with kerberos.
bug #2025649: Fixed share server API error message.
13.2.0¶
New Features¶
The special .snapshot directories for shares created by the Infinidat driver can now be controlled through configuration options: infinidat_snapdir_accessible and infinidat_snapdir_visible. By default, each share allows access to its own .snapshot directory, which contains files and directories of each snapshot taken. To restrict access to the .snapshot directory, the infinidat_snapdir_accessible should be set to False. The infinidat_snapdir_visible option controls visibility of the .snapshot directory. By default, the .snapshot directory is hidden. To make the .snapshot directory visible on the client side, this option should be set to True.
Bug Fixes¶
Launchpad bug 1968891 has been fixed. scheduler will use size increase rather than share size to calculate provisioned_ratio when extending share.
Add the filesystem info in the exports created by the CephFS NFS driver. This fixes inconsistencies when deploying Manila with CephFS NFS with multiple filesystems.
Infinidat Driver bug #1992443: Fixed an issue in Infinidat driver to support host assisted migration. The snapdir_visible filesystem property must be disabled to hide .snapshot directory on the client side. However, this behavior can be changed using the infinidat_snapdir_visible configuration option.
Fixed an issue that made the CephFS driver to override the permissions in a share. After a bugfix, Ceph’s idempotent creation of shares had a change on its behavior. If a share mode was modified outside of Manila, or the configuration value for cephfs_volume_mode was changed in Manila when shares had already been created, these shares would have their mode changed while Manila attempted to ensure that such share exists using the idempotent creation, potentially breaking clients. The CephFS driver will no longer send create calls to the backend when ensuring a share exists. For more details, please refer to Bug #2002394
13.1.0¶
Bug Fixes¶
Infinidat Driver bug #1986653: Fixed Infinidat driver to use TLS/SSL communication between the Manila share service and the storage backend. Admin can set True or False for the infinidat_use_ssl and infinidat_suppress_ssl_warnings options in the driver section of manila.conf to enable or disable these features.
Infinidat Driver bug #1989283: Incremented driver version to 1.1, where SSL support was added. For more details on enabling SSL, please check the Infinidat driver documentation.
13.0.4¶
Security Issues¶
The SSH utility module no longer logs usernames and passwords as debug information.
Bug Fixes¶
The GET /shares/{share_id} API now responds with HTTP 404 (Not Found) for inaccessible resources. See bug 1901210 for further information.
NetApp OnTap driver Bug #1915237: Fixed encryption compatibility check on manila share migrate.
Adds a check when associating a security service to a share network, so that both resources must have the same project_id. If not, HTTP Bad Request is raised.
Fixed an issue that caused Manila to return all projects‘ share replicas even when the user was not an administrator. Now, when the user is not an administrator, only the replicas in the project perspective are going to be displayed. For more details, please refer to Launchpad Bug #1922243
The CephFS driver no longer fails to delete access rules that were never applied or were missing from the back end storage. See LP #1971530 for more details.
During share network create API, if either share network or share network subnet db creation fails, manila raises an exception. However quota is not rolled back and its usable only after quota reservations timed out (waiting conf.reservation_expire seconds). Fixed by introducing immediate quota rollback in case any db create api fails.
Goodness_function expects integer or float else raise parseException. This causes example such as „(share.share_proto == ‚CIFS‘) ? 100 : 50“ to fail during evaluation. Fix it by adding support of string evalution.
Deployers now can specify
[glance]endpoint_type
configuration option (defaults topublicURL
for backward compatibility) so that Manila uses Glance endpoint other than the public one (see bug 1991396).
13.0.3¶
Bug Fixes¶
Fixed an issue with ONTAP AFF platforms while creating shares that forced volumes to have efficient data saving even when the contrary was specified. For more details, please refer to launchpad bug #1929421
13.0.2¶
Known Issues¶
User specified scheduler hints such as „same_host“ and „different_host“ are stored as share metadata with keys such as „__affinity_same_host“ and „__affinity_different_host“ respectively. These can be manipulated or deleted by end users like all metadata unless prevented by RBAC policy. In a future release, the service will restrict the deletion or manipulation of these specific metadata items.
Bug Fixes¶
Fixed an issue during snapshot creation where a database error was being mishandled with dead code. See Launchpad bug 1475351 for more details.
13.0.1¶
Bug Fixes¶
NetApp cDOT driver Custom port configuration using
netapp_server_port
was accidentally ignored after a refactor. This option should now be properly read. See Launchpad bug 1945365 for more details.
When
cephfs_ganesha_server_ip
is not set, the current hostname is used as a default for such config option. The driver was treating this value as an IP address and trying to perform validations on it. The CEPH NFS driver will no longer treat hostnames as ip addresses and try to validate them as such.
13.0.0¶
New Features¶
Added Pure Storage FlashBlade driver. Driver supports NFS protocol. Share operations include create, delete, resize, snapshot and revert-to-snapshot.
‚reserved_share_from_snapshot_percentage‘ backend config option allows Manila to consider different reservation percentage for shares that are being created from the snapshot. In case this config option is not set, the shares created from snapshot will use reservation percentage value set in ‚reserved_share_percentage‘. This will be useful for users who want to keep same reservation percentage for both non-snapshot/regular and snapshot shares.
Added share server migration enhancements. Share back ends that support non-disruptive migration are able to do so, in case no network changes were identified and if the back end driver supports reusing ip addresses.
Add AffinityFilter and AntiAffinityFilter to manila’s scheduler. These hard affinity and anti-affinity filter needs user to specify affinity/anti-affinity share ids to the field „share.scheduler_hints.same_host“ or „share.scheduler_hints.different_host“ in the request payload when creating a manila share. The hints are stored as share metadata. The filter properties are populated from this metadata during share migration and so filters will be applied when migrating a manila share.
The NetApp ONTAP driver now supports nondisruptive share server migration for clusters with version >= 9.10.
The NetApp driver has been working with FlexVol ONTAP volumes. The driver does not support scaling FlexVol volumes higher than 100 TiB, which was a theoretical limit for the large namespace that these containers were meant to handle. ONTAP’s Flexgroup volumes eliminate such limitations. So, added the support for provisioning share as FlexGroup in the NetApp driver.
The FlexGroup provision is enabled by new option
netapp_enable_flexgroup
, which will make the driver report a single pool represeting all aggregates. The selection on which aggregates the FlexGroup share will reside is up to ONTAP. If the administrator desires to control that selection through Manila scheduler, the configuration optionnetapp_flexgroup_pools
can be used to tune the storage pool layout.When enabling FlexGroup, the FlexVol pools continue enabled by default. For having only FlexGroup, the new option
netapp_flexgroup_pool_only
must be set to True.Now, each NetApp pool will report the capability: netapp_flexgroup informing which type of share resides there (FlexGroup or FlexVol).
The following operations are allowed with FlexGroup shares (DHSS True/False and NFS/CIFS):
Create/Delete share;
Shrink/Extend share;
Create/Delete snapshot;
Revert to snapshot;
Manage/Unmanage snapshots;
Create from snapshot;
Replication;
Manage/Unmanage shares;
FlexGroup feature requires ONTAP version 9.8 or newer. Replication with more than one non-active replica per share requires ONTAP 9.9.1 or newer.
NetApp ONTAP driver: added support for readable replication. The driver will continue having support for the dr type as well.
Aktualisierungsnotizen¶
To add AffinityFilter and AntiAffinityFilter to an active deployment, their references must be added to the manila.scheduler.filters section in setup.cfg and must be enabled in manila.conf.
MON write caps are not longer needed to interact with the backend on the Ceph drivers. The capabilities of the driver user (configured with
cephfs_auth_id
) can hence be reduced. See the administrator docs for the capabilities required.
Deprecations made prior to the Ussuri release have been enforced, with the following impact to
manila.conf
:The deprecated
memcached_servers
option in the [DEFAULT] section had no effect and has been removed.The deprecated
share_usage_audit_period
option in the [DEFAULT] section had no effect and has been removed.The deprecated
nova_api_microversion
option in the [DEFAULT] has been removed. Use ‚api_microversion‘ in the [nova] section instead.The deprecated
ca_certificates_file
option in the [DEFAULT], [nova], [cinder], and [neutron] sections had no effect and has been removed.The deprecated
nova_ca_certificates_file
option in the [DEFAULT] section had no effect and has been removed.The deprecated
cinder_ca_certificates_file
option in the [DEFAULT] section had no effect and has been removed.The deprecated
api_insecure
option in the [DEFAULT], [nova], [cinder], and [neutron[ sections had no effect and has been removed.The deprecated
nova_api_insecure
option in the [DEFAULT] section had no effect and has been removed.The deprecated
cinder_api_insecure
option in the [DEFAULT] section had no effect and has been removed.The deprecated
migration_tmp_location
option is no longer recognized. Usemount_tmp_location
instead.The
network_api_class
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
neutron_url
option can no longer be set in the [DEFAULT] section. Use theurl
option in the [neutron] section instead.The
neutron_url_timeout
option can no longer be set in the [DEFAULT] section. Use theurl_timeout
option in the [neutron] section instead.The
auth_strategy
option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton instead.The
neutron_physical_net_name
option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton instead.The
neutron_net_id
option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton instead.The
neutron_subnet_id
option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton insteaad.The
standalone_network_plugin_gateway
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
standalone_network_plugin_mask
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
standalone_network_plugin_type
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
standalone_network_plugin_segmentation_id
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
standalone_network_plugin_allowed_ip_ranges
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
standalone_network_plugin_mtu
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The deprecated
migration_readonly_rules_support
is longer recognized. All manila back ends are now required to support read only access rules.The deprecated Dell-EMC PowerMax
vmax_server_container
option is no longer recognized. Usepowermax_server_container
instead.The deprecated Dell-EMC PowerMax
vmax_share_data_pools
option is no longer recognized. Usepowermax_share_data_pools
instead.The deprecated Dell-EMC PowerMax
vmax_ethernet_ports
option is no longer recognized. Usepowermax_ethernet_ports
instead.The deprecated Dell-EMC Unity
emc_nas_server_pool
option is no longer recognized. Useunity_server_meta_pool
instead.The deprecated Dell-EMC Unity
emc_nas_pool_names
option is no longer recognized. Useunity_share_data_pools
instead.The deprecated Dell-EMC Unity
emc_interface_ports
option is no longer recognized. Useunity_ethernet_ports
instead.The deprecated Dell-EMC Unity
emc_nas_server_container
option has no effect and has been removed.The deprecated Dell-EMC VNX
emc_nas_server_container
option has been removed. Usevnx_server_container
instead.The deprecated Dell-EMC VNX
emc_nas_pool_names
option has been removed. Usevnx_share_data_pools
instead.The deprecated Dell-EMC VNX
emc_interface_ports
option has been removed. Usevnx_ethernet_ports
instead.The deprecated GlusterFS
glusterfs_native_server_password
option has been removed. Useglusterfs_server_password
instead.The deprecated GlusterFS
glusterfs_native_path_to_private_key
option has been removed. Useglusterfs_path_to_private_key
instead.The deprecated GlusterFS
glusterfs_targets
option has been removed. Useglusterfs_servers
instead.The deprecated Hitachi HNAS
hds_hnas_driver_helper
option has been removed. Usehitachi_hnas_driver_helper
instead.The deprecated Hitachi HNAS
hds_hnas_ip
option has been removed. Usehitachi_hnas_ip
instead.The deprecated Hitachi HNAS
hds_hnas_user
option has been removed. Usehitachi_hnas_user
instead.The deprecated Hitachi HNAS
hds_hnas_password
option has been removed. Usehitachi_hnas_password
instead.The deprecated Hitachi HNAS
hds_hnas_evs_id
option has been removed. Usehitachi_evs_id
instead.The deprecated Hitachi HNAS
hds_hnas_file_system_name
option has been removed. Usehitachi_hnas_file_system_name
instead.The deprecated Hitachi HNAS
hds_hnas_cluster_admin_ip0
option has been removed. Usehitachi_hnas_cluster_admin_ip0
instead.The deprecated Hitachi HNAS
hds_hnas_stalled_job_timeout
option has been removed. Usehitachi_hnas_stalled_job_timeout
instead.The deprecated Hitachi HNAS
hds_hnas_driver_helper
option has been removed. Usehitachi_hnas_driver_helper
instead.The deprecated Hitachi HNAS
hds_hnas_allow_cifs_snapshot_while_mounted
option has been removed. Usehitachi_allow_cifs_snapshot_while_mounted
instead.The deprecated HPE 3PAR
hp3par_api_url
option has been removed. Usehpe3par_api_url
instead.The deprecated HPE 3PAR
hp3par_username
option has been removed. Usehpe3par_username
instead.The deprecated HPE 3PAR
hp3par_password
option has been removed. Usehpe3par_password
instead.The deprecated HPE 3PAR
hp3par_san_ip
option has been removed. Usehpe3par_san_ip
instead.The deprecated HPE 3PAR
hp3par_san_login
option has been removed. Usehpe3par_san_login
instead.The deprecated HPE 3PAR
hp3par_san_password
option has been removed. Usehpe3par_san_password
instead.The deprecated HPE 3PAR
hp3par_san_ssh_port
option has been removed. Usehpe3par_san_ssh_port
instead.The deprecated HPE 3PAR
hp3par_fpg
option has been removed. Usehpe3par_fpg
instead.The deprecated HPE 3PAR
hp3par_fstore_per_share
option has been removed. Usehpe3par_fstore_per_share
instead.The deprecated HPE 3PAR
hp3par_debug
option has been removed. Usehpe3par_debug
instead.The deprecated HPE 3PAR
hp3par_cifs_admin_access_username
option has been removed. Usehpe3par_cifs_admin_access_username
instead.The deprecated HPE 3PAR
hp3par_cifs_admin_access_password
option has been removed. Usehpe3par_cifs_admin_access_password
instead.The deprecated HPE 3PAR
hp3par_cifs_admin_access_domain
option has been removed. Usehpe3par_cifs_admin_access_domain
instead.The deprecated HPE 3PAR
hp3par_share_mount_path
option has been removed. Usehpe3par_share_mount_path
instead.The deprecated IBM GPFS
knfs_export_options
option had no effect and has been removed.The deprecated Netapp
netapp_nas_server_hostname
option has been removed. Usenetapp_server_hostname
instead.The deprecated Netapp
netapp_nas_transport_type
option has been removed. Usenetapp_transport_type
instead.The deprecated Netapp
netapp_nas_login
option has been removed. Usenetapp_login
instead.The deprecated Netapp
netapp_nas_password
option has been removed. Usenetapp_password
instead.The deprecated Netapp
netapp_nas_volume_name_template
option has been removed. Usenetapp_volume_name_template
instead.The deprecated Netapp
netapp_root_volume_name
option has been removed. Usenetapp_root_volume
instead.The deprecated Nexenta
nexenta_host
option has been removed. Usenexenta_nas_host
instead.The
enable_pre_hooks
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
enable_post_hooks
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
enable_periodic_hooks
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
enable_pre_hooks_errors
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
enable_post_hooks_errors
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
periodic_hooks_interval
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
hook_drivers
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
automatic_share_server_cleanup
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
unused_share_server_cleanup_interval
option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.The
cinder_cross_az_attach
option can no longer be set in the [DEFAULT] section. Usecross_az_attach
in the [CINDER] section instead.The
cinder_http_retries
option can no longer be set in the [DEFAULT] section. Usehttp_retries
in the [CINDER] section instead.
Deprecation Notes¶
Configuration options to define default quota and behavior of the quota feature must now be configured in the new
[quota]
section rather than the[DEFAULT]
section. The existing options in the[DEFAULT]
section have been deprecated and will be removed in a future release. Options that have changed in this releases are:[quota]/shares
- previously[DEFAULT]/shares_quota
[quota]/snapshots
- previously[DEFAULT]/snapshots_quota
[quota]/gigabytes
- previously[DEFAULT]/quota_gigabytes
[quota]/per_share_gigabytes
- previously[DEFAULT]/quota_per_share_gigabytes
[quota]/snapshot_gigabytes
- previously[DEFAULT]/quota_snapshot_gigabytes
[quota]/share_networks
- previously[DEFAULT]/quota_share_networks
[quota]/share_groups
- previously[DEFAULT]/quota_share_groups
[quota]/share_group_snapshots
- previously[DEFAULT]/quota_share_group_snapshots
[quota]/share_replicas
- previously[DEFAULT]/quota_share_replicas
[quota]/replica_gigabytes
- previously[DEFAULT]/quota_replica_gigabytes
[quota]/until_refresh
- previously[DEFAULT]/until_refresh
[quota]/reservation_expire
previously[DEFAULT]/reservation_expire
[quota]/driver
- previously[DEFAULT]/quota_driver
[quota]/max_age
- previously[DEFAULT]/max_age
Create share group snapshot feature is no longer supported in manila CephFS drivers (both Native and NFS Ganesha) since the subvolume group snapshot feature is no longer supported in mainline CephFS (existing group snapshots can still be listed and deleted).
Bug Fixes¶
An issue with RPC handling on service restart was addressed by ensuring proper initialization before creating the RPC consumer. See bug 1271568 for more details.
Launchpad bug 1855391 has been fixed. The action of extend share will go through scheduler, if there is no available share backend host, the share will rollback to available state and create an user message about extend.
Fixed bug #1881865 Added generic fuzzy matching logic to the database layer, This logic is applied to query share snapshot list, This will greatly improve the speed of paging fuzzy queries.
For some drivers, to create a share with specific protocol it is mandatory to add a security service to the share network beforehand. If this is forgotten the share ends up in error. From now on, Manila won’t allow shares to be created when the specified protocol requires a specific security service type that is not associated to the share network.
Authentication errors when loading service clients of OpenStack Compute (nova), OpenStack Image (glance), OpenStack Volume (cinder) and OpenStack Networking (neutron) services are now handled in a better manner.
Fixed bug #1922075 Fixed the problem that „gluster volume set nfs.rpc-auth-reject ‚*‘“ failed when the glusterfs driver created an instance from a snapshot.
Fix the query logic for share network list, put „created_since“, „created_before“ search opts into database to increase query speed, integrate the database query interface.
mgr-commands are now directed to the mgr-daemon instead of the mon-daemon in the CephFS drivers
Fixed NotFound error in share replica periodic tasks. It could happen that the parent share of the replica that was being worked on had already been deleted.
Fixed periodic_share_replica_update() to skip active replicas similarly to periodic_share_replica_snapshot_update(). The intention is to check on non-active replicas, that can be ‚in_sync‘, ‚out_of_sync‘ or in ‚error‘ state.
View-only relationships in database objects have been appropriately tagged to avoid sqlalchemy deprecation messages flooding the log files.
Corrected an error message for attempts to create snapshots from shares that do not support this operation. The message said that the share backend has no such support but that is not always true. The original share for the snapshot does not support snapshots because it was created with a share type without the
snapshot_support
extra-spec set, irrespective of whether the back end used can itself support snapshots or not.
Fixed an issue that made migrated shares with replication support to do not have a share instance with its replica_state set to active. Now, when the share supports replication, the destination share instance will have its replica state set as active right after the migration gets completed. For more details, please refer to bug 1927060
Filtering shares by share-type „extra_specs“ as key=value now returns the expected output.
A Ceph version check has been added as part of this change to address the absense of the mon-mgr target in Ceph Nautilus. With this change, Ceph Nautilus users can leverage their storage backend with the OpenStack manila Wallaby release.
The Infinidat driver’s been fixed to process single IP Addresses (/32) correctly. See bug 1934345 for more details.
NetApp driver: fixed an issue with the ONTAP 9.8 and older, for scoped account users, where the operation of deleting a replica was not working, but returned a message of success. For more details, please refer to launchpad bug #1934889
Change cifs value from string to list for Dell manila drivers. Fixed bug 1940072
New user message now alerts users when attempting to create a new share without identifying a share type, either through request body or by setting a default share type. See bug #1870280 for more details.