Current Series Release Notes

22.0.0.0rc1-60

Prelude

  • Share migration APIs have graduated from their experimental feature state from API version 2.96. The share migration actions (migration_start, migration_complete, migration_cancel, migration_get_progress and reset_task_state) no longer require the inclusion of the X-OpenStack-Manila-API-Experimental header in API requests starting at version 2.96. Older microversions continue to require the experimental header for backward compatibility.

New Features

  • NetApp ONTAP driver: Added netapp_dns_domains, netapp_dns_nameservers, and netapp_dns_hosts configuration options. In DHSS=True mode, these provide infrastructure DNS to newly created SVMs so they can resolve hostnames (e.g. Barbican KMS endpoints) without requiring a security service. These options use the ONTAP REST API and therefore require the cluster to be running ONTAP 9.12.1 or newer, regardless of netapp_use_legacy_client.

Security Issues

  • The Hitachi HSP share driver previously hardcoded verify=False on all HTTPS requests to the HSP backend, disabling TLS certificate validation with no option to enable it. This could allow man-in-the-middle attacks on the management network. Two new configuration options have been added to address this: hitachi_hsp_ssl_cert_verify (default True) and hitachi_hsp_ssl_cert_path (optional CA bundle path). The global urllib3 warning suppression has also been removed.

Bug Fixes

  • Improved share snapshot and access list speed using lazy=’selectin’. The sqlalchemy models of share snapshot and access rule relationships previously had lazy=’immediate’. This resulted in extra queries when querying for all share snapshot and access rule details.

  • A bug previously caused failures during simultaneous service startup due to an incorrect database rollback. This has now been addressed.

  • Improved the purge_deleted_records database cleanup logic to process each table in an independent transaction instead of a single long-running transaction. This reduces the duration of table locks during purge.

  • Fixed an issue that made the Manila integration with Barbican fail due to an internal endpoint misconfiguration. Manila will now query Keystone for the correct endpoint and use it while making requests. For more details, see Launchpad bug #2142102.

  • Improved share replica replication efficiency by avoiding redundant database lookups for replica metadata. For more details, please refer to Launchpad bug #2144676.

  • Manila scheduler capacity weigher is fixed in case provisioned_capacity_gb is None. For more details, please refer to launchpad bug #2145805.

  • Fixed CIFS share creation failure in the NetApp ONTAP REST driver when operating in DHSS true mode. The issue caused CIFS shares to fail during creation due to an incorrect handling in the REST client. Launchpad bug 2147108.

  • NetApp ONTAP driver: Fixed bug #2147659 where SVMs created in DHSS=True mode had no DNS name-service, causing share creation to fail when the SVM needed to resolve infrastructure hostnames such as a Barbican KMS endpoint.

  • Fixed a regression where filtering the services list by an invalid or unrecognized status value returned an error instead of an empty list. This was inadvertently introduced by the change that added support for filtering services by the ensuring status. The previous behavior of returning an empty list for non-matching status filters has been restored. For more details, please refer to launchpad bug #2146491.

  • Fixed the services list API to return an empty list and log a warning when an invalid value is provided for the ensuring filter parameter, consistent with how the status filter parameter is handled. Bug #2146840

  • Fixed a race condition in manila.context.RequestContext where an AttributeError occurred during object initialization. Attributes such as read_deleted, remote_address, timestamp, quota_class and service_catalog are now initialized before calling the parent class constructor to ensure they are available for any early calls to to_dict() made by the oslo_context.

  • Fixed the Hitachi HSP share driver to support configurable TLS certificate verification instead of hardcoding verify=False. LP#2146476

  • NetApp Driver bug #2114885 <https://bugs.launchpad.net/manila/+bug/2114885>_: Added volume tags during volume creation and modification on ONTAP 9.14.1 and later via REST API. Tags include share_id, project_id, share_name, share_type_name and share_protocol as key:value pairs using the ONTAP _tags REST field.

  • Fixed an issue on the NetApp ONTAP driver during updating access rules for shares having replicas in combination with all_squash=true metadata.

  • NetApp Driver bug #2114885 <https://bugs.launchpad.net/manila/+bug/2114885>`: The NetApp ONTAP driver restart and ensure operation was updated to handle more real-world scenarios like fixing share export location in case create share failed to update it in Manila. The ensure operation also perform other actions like apply efficiency setting, qos and handles mounting of readable replicas. Those actions are meant to apply config changes to existing volumes when share-type extra-specs gets modified.

  • Fixed share server migration to properly update port device_id during cutover. When migrating a share server, network ports are now correctly associated with the new share server by updating their device_id. This ensures ports won’t be mistakenly deleted and maintains proper network resource tracking.