"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "CHANGELOG" between
swift-2.19.1.tar.gz and swift-2.21.0.tar.gz

About: OpenStack swift is software for creating redundant, scalable object storage using clusters of commodity servers to store terabytes or even petabytes of accessible data (now supporting storage policies).
The "Stein" series (latest release).

CHANGELOG  (swift-2.19.1):CHANGELOG  (swift-2.21.0)
swift (2.21.0, OpenStack Stein release)
* Change the behavior of the EC reconstructor to perform a
fragment rebuild to a handoff node when a primary peer responds
with 507 to the REPLICATE request. This changes EC to match the
existing behavior of replication when drives fail. After a
rebalance of EC rings (potentially removing unmounted/failed
devices), it's most IO efficient to run in handoffs_only mode to
avoid unnecessary rebuilds.
* O_TMPFILE support is now detected by attempting to use it
instead of looking at the kernel version. This allows older
kernels with backported patches to take advantage of the
O_TMPFILE functionality.
* Add slo_manifest_hook callback to allow other middlewares to
impose additional constraints on or make edits to SLO manifests
before being written. For example, a middleware could enforce
minimum segment size or insert data segments.
* Fixed an issue with multi-region EC policies that caused the EC
reconstructor to constantly attempt cross-region rebuild
traffic.
* Fixed an issue where S3 API v4 signatures would not be validated
against the body of the request, allowing a replay attack if
request headers were captured by a malicious third party.
* Display crypto data/metadata details in swift-object-info.
* formpost can now accept a content-encoding parameter.
* Fixed an issue where multipart uploads with the S3 API would
sometimes report an error despite all segments being upload
successfully.
* Multipart object segments are now actually deleted when the
multipart object is deleted via the S3 API.
* Swift now returns a 503 (instead of a 500) when an account
auto-create fails.
* Fixed a bug where encryption would store the incorrect key
metadata if the object name starts with a slash.
* Fixed an issue where an object server failure during a client
download could leave an open socket between the proxy and
client.
* Fixed an issue where deleted EC objects didn't have their
on-disk directories cleaned up. This would cause extra resource
usage on the object servers.
* Fixed issue where bulk requests using xml and expect
100-continue would return a malformed HTTP response.
* Various other minor bug fixes and improvements.
swift (2.20.0)
* S3 API compatibility updates
* Swift can now cache the S3 secret from Keystone to use for
subsequent requests. This functionality is disabled by default but
can be enabled by setting the `secret_cache_duration` in the s3token
section of the proxy server config to a number greater than 0.
* s3api now mimics the AWS S3 behavior of periodically sending
whitespace characters on a Complete Multipart Upload request to keep
the connection from timing out. Note that since a request could fail
after the initial 200 OK response has been sent, it is important to
check the response body to determine if the request succeeded.
* s3api now properly handles x-amz-metadata-directive headers on
COPY operations.
* s3api now uses concurrency (default 2) to handle multi-delete
requests. This allows multi-delete requests to be processed much
more quickly.
* s3api now mimics some forms of AWS server-side encryption
based on whether Swift's at-rest encryption functionality is enabled.
Note that S3 API users are now able to know more about how the
cluster is configured than they were previously, ie knowledge of
encryption at-rest functionality being enabled or not.
* s3api responses now include a '-' in multipart ETags.
For new multipart-uploads via the S3 API, the ETag that is
stored will be calculated in the same way that AWS uses. This
ETag will be used in GET/HEAD responses, bucket listings, and
conditional requests via the S3 API. Accessing the same object
via the Swift API will use the SLO Etag; however, in JSON
container listings the multipart upload etag will be exposed
in a new "s3_etag" key. Previously, some S3 clients would complain
about download corruption when the ETag did not have a '-'.
* S3 ETag for SLOs now include a '-'.
Ordinary objects in S3 use the MD5 of the object as the ETag,
just like Swift. Multipart Uploads follow a different format, notably
including a dash followed by the number of segments. To that end
(and for S3 API requests *only*), SLO responses via the S3 API have a
literal '-N' added on the end of the ETag.
* The default location is now set to "us-east-1". This is more likely
to be the default region that a client will try when using v4
signatures.
Deployers with clusters that relied on the old implicit default
location of "US" should explicitly set `location = US` in the
`[filter:s3api]` section of proxy-server.conf before upgrading.
* Add basic support for ?versions bucket listings. We still do not
have support for toggling S3 bucket versioning, but we can at least
support getting the latest versions of all objects.
* Fixed an issue with SSYNC requests to ensure that only one request
can be running on a partition at a time.
* Data encryption updates
* The kmip_keymaster middleware can now be configured directly in the
proxy-server config file. The existing behavior of using an external
config file is still supported.
* Multiple keymaster middlewares are now supported. This allows
migration from one key provider to another.
Note that secret_id values must remain unique across all keymasters
in a given pipeline. If they are not unique, the right-most keymaster
will take precedence.
When looking for the active root secret, only the right-most
keymaster is used.
* Prevent PyKMIP's kmip_protocol logger from logging at DEBUG.
Previously, some versions of PyKMIP would include all wire
data when the root logger was configured to log at DEBUG; this
could expose key material in logs. Only the kmip_keymaster was
affected.
* Fixed an issue where a failed drive could prevent the container sharder
from making progress.
* Storage policy definitions in swift.conf can now define the diskfile
to use to access objects. See the included swift.conf-sample file for
a description of usage.
* The EC reconstructor will now attempt to remove empty directories
immediately, while the inodes are still cached, rather than waiting
until the next run.
* Added a keep_idle config option to configure KEEPIDLE time for TCP
sockets. The default value is the old constant of 600.
* Add databases_per_second to the account-replicator,
container-replicator, and container-sharder. This prevents them from
using a full CPU core when they are not IO limited.
* Allow direct_client users to overwrite the X-Timestamp header.
* Various other minor bug fixes and improvements.
2.19.1 (rocky stable backports) 2.19.1 (rocky stable backports)
* Prevent PyKMIP's kmip_protocol logger from logging at DEBUG. * Prevent PyKMIP's kmip_protocol logger from logging at DEBUG.
Previously, some versions of PyKMIP would include all wire Previously, some versions of PyKMIP would include all wire
data when the root logger was configured to log at DEBUG; this data when the root logger was configured to log at DEBUG; this
could expose key material in logs. Only the kmip_keymaster was could expose key material in logs. Only the kmip_keymaster was
affected. affected.
* Fixed an issue where a failed drive could prevent the container sharder * Fixed an issue where a failed drive could prevent the container sharder
from making progress. from making progress.
skipping to change at line 178 skipping to change at line 342
error messages. error messages.
* Truncate error logs to prevent log handler from running out of buffer. * Truncate error logs to prevent log handler from running out of buffer.
* Updated requirements.txt to match global exclusions and formatting. * Updated requirements.txt to match global exclusions and formatting.
* tempauth user names now support unicode characters. * tempauth user names now support unicode characters.
* Various other minor bug fixes and improvements. * Various other minor bug fixes and improvements.
2.17.1 (queens stable backports)
* Fix SLO delete for accounts with non-ASCII names.
* Fixed an issue in COPY where concurrent requests may have copied the
wrong data.
* Fixed a bug in how Swift uses eventlet that was exposed under high
concurrency.
swift (2.17.0, OpenStack Queens) swift (2.17.0, OpenStack Queens)
* Added symlink objects support. * Added symlink objects support.
Symlink objects reference one other object. They are created by Symlink objects reference one other object. They are created by
creating an empty object with an X-Symlink-Target header. The value of creating an empty object with an X-Symlink-Target header. The value of
the header is of the format <container>/<object>, and the target does the header is of the format <container>/<object>, and the target does
not need to exist at the time of symlink creation. Cross-account not need to exist at the time of symlink creation. Cross-account
symlinks can be created by including the symlinks can be created by including the
X-Symlink-Target-Account header. X-Symlink-Target-Account header.
skipping to change at line 369 skipping to change at line 543
* Fixed using `swift-ring-builder set_weight` with more than one * Fixed using `swift-ring-builder set_weight` with more than one
device. device.
* When requesting objects, return 404 if a tombstone is found and * When requesting objects, return 404 if a tombstone is found and
is newer than any data found. Previous behavior was to return is newer than any data found. Previous behavior was to return
stale data. stale data.
* Various other minor bug fixes and improvements. * Various other minor bug fixes and improvements.
2.15.2 (pike stable backports)
* Fixed a cache invalidation issue related to GET and PUT requests to
containers that would occasionally cause object PUTs to a container to
404 after the container had been successfully created.
* Removed a race condition where a POST to an SLO could modify the
X-Static-Large-Object metadata.
* Fixed rare socket leak on range requests to erasure-coded objects.
* Fix SLO delete for accounts with non-ASCII names.
* Fixed an issue in COPY where concurrent requests may have copied the
wrong data.
* Fixed time skew when using X-Delete-After.
* Send ETag header in 206 Partial Content responses to SLO reads.
swift (2.15.1, OpenStack Pike) swift (2.15.1, OpenStack Pike)
* Fixed a bug introduced in 2.15.0 where the object reconstructor * Fixed a bug introduced in 2.15.0 where the object reconstructor
would exit with a traceback if no EC policy was configured. would exit with a traceback if no EC policy was configured.
* Fixed deadlock when logging from a tpool thread. * Fixed deadlock when logging from a tpool thread.
The object server runs certain IO-intensive methods outside the The object server runs certain IO-intensive methods outside the
main pthread for performance. Previously, if one of those methods main pthread for performance. Previously, if one of those methods
tried to log, this can cause a crash that eventually leads to an tried to log, this can cause a crash that eventually leads to an
 End of changes. 3 change blocks. 
0 lines changed or deleted 194 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)