v14.2.3 Nautilus released
TheAnalyst
This is the third bug fix release of Ceph Nautilus release series. We recommend all Nautilus users upgrade to this release. This release fixes a security issue. For upgrading from older releases of ceph, general guidelines for upgrade to nautilus must be followed
Notable Changes ¶
- CVE-2019-10222- Fixed a denial of service vulnerability where an unauthenticated client of Ceph Object Gateway could trigger a crash from an uncaught exception
- Nautilus-based librbd clients can now open images on Jewel clusters.
- The RGW num_rados_handles has been removed. If you were using a value of num_rados_handles greater than 1, multiply your current objecter_inflight_ops and objecter_inflight_op_bytes parameters by the old num_rados_handles to get the same throttle behavior.
- The secure mode of Messenger v2 protocol is no longer experimental with this release. This mode is now the preferred mode of connection for monitors.
- “osd_deep_scrub_large_omap_object_key_threshold” has been lowered to detect an object with large number of omap keys more easily.
- The ceph dashboard now supports silencing Prometheus notifications
Changelog ¶
- bluestore: 50-100% iops lost due to bluefs_preextend_wal_files = false (issue#38559, pr#28573, Vitaliy Filippov)
- bluestore: add slow op detection for collection_listing (pr#29227, Igor Fedotov)
- bluestore: avoid length overflow in extents returned by Stupid Allocator (issue#40703, pr#29023, Igor Fedotov)
- bluestore/bluefs_types: consolidate contiguous extents (pr#28862, Sage Weil)
- bluestore/bluestore-tool: minor fixes around migrate (pr#28893, Igor Fedotov)
- bluestore: create the tail when first set FLAG_OMAP (issue#36482, pr#28963, Tao Ning)
- bluestore: do not set osd_memory_target default from cgroup limit (pr#29745, Sage Weil)
- bluestore: fix >2GB bluefs writes (pr#28966, kungf, Sage Weil)
- bluestore: load OSD all compression settings unconditionally (issue#40480, pr#28892, Igor Fedotov)
- bluestore: more smart allocator dump when lacking space for bluefs (issue#40623, pr#28891, Igor Fedotov)
- bluestore: Set concurrent max_background_compactions in rocksdb to 2 (issue#40769, pr#29162, Mark Nelson)
- bluestore: support RocksDB prefetch in buffered read mode (pr#28962, Igor Fedotov)
- build/ops: Module ‘dashboard’ has failed: No module named routes (issue#24420, pr#28992, Paul Emmerich)
- build/ops: rpm: drop SuSEfirewall2 (issue#40738, pr#29007, Matthias Gerstner)
- build/ops: rpm: Require ceph-grafana-dashboards (pr#29682, Boris Ranto)
- cephfs: ceph-fuse: mount does not support the fallocate() (issue#40615, pr#29157, huanwen ren)
- cephfs: ceph_volume_client: d_name needs to be converted to string before using (issue#39406, pr#28609, Rishabh Dave)
- cephfs: client: bump ll_ref from int32 to uint64_t (pr#29186, Xiaoxi CHEN)
- cephfs: client: set snapdir’s link count to 1 (issue#40101, pr#29343, “Yan, Zheng”)
- cephfs: client: unlink dentry for inode with llref=0 (issue#40960, pr#29478, Xiaoxi CHEN)
- cephfs: getattr on snap inode stuck (issue#40361, pr#29231, “Yan, Zheng”)
- cephfs: mds: cannot switch mds state from standby-replay to active (issue#40213, pr#29233, simon gao)
- cephfs: mds: cleanup unneeded client_snap_caps when splitting snap inode (issue#39987, pr#29344, “Yan, Zheng”)
- cephfs-shell: name ‘files’ is not defined error in do_rm() (issue#40489, pr#29158, Varsha Rao)
- cephfs-shell: TypeError in poutput (issue#40679, pr#29156, Varsha Rao)
- ceph.spec.in: Drop systemd BuildRequires in case of building for SUSE (pr#28937, Dominique Leuenberger)
- ceph-volume: batch functional idempotency test fails since message is now on stderr (pr#29689, Jan Fajerski)
- ceph-volume: batch gets confused when the same device is passed in two device lists (pr#29690, Jan Fajerski)
- ceph-volume: does not recognize wal/db partitions created by ceph-disk (pr#29464, Jan Fajerski)
- ceph-volume: [filestore,bluestore] single type strategies fail after tracking devices as sets (pr#29702, Jan Fajerski)
- ceph-volume: lvm.activate: Return an error if WAL/DB devices absent (pr#29040, David Casier)
- ceph-volume: missing string substitution when reporting mounts (issue#25030, pr#29260, Shyukri Shyukriev)
- ceph-volume: prints errors to stdout with –format json (issue#38548, pr#29506, Jan Fajerski)
- ceph-volume: prints log messages to stdout (pr#29600, Jan Fajerski, Kefu Chai, Alfredo Deza)
- ceph-volume: run functional tests without dashboard (pr#29694, Andrew Schoen)
- ceph-volume: simple functional tests drop test for lvm zap (pr#29660, Jan Fajerski)
- ceph-volume: tests set the noninteractive flag for Debian (pr#29899, Alfredo Deza)
- ceph-volume: when ‘type’ file is not present activate fails (pr#29416, Alfredo Deza)
- cmake: update FindBoost.cmake (pr#29436, Willem Jan Withagen)
- common/config: respect POD_MEMORY_REQUEST *and* POD_MEMORY_LIMIT env vars (pr#29562, Patrick Donnelly, Sage Weil)
- common: Keyrings created by ceph auth get are not suitable for ceph auth import (issue#22227, pr#28740, Kefu Chai)
- common: OutputDataSocket retakes mutex on error path (issue#40188, pr#29147, Casey Bodley)
- core: Better default value for osd_snap_trim_sleep (pr#29678, Neha Ojha)
- core: Change default for bluestore_fsck_on_mount_deep as false (pr#29697, Neha Ojha)
- core: lazy omap stat collection (pr#29188, Brad Hubbard)
- core: librados: move buffer free functions to inline namespace (issue#39972, pr#29244, Jason Dillaman)
- core: maybe_remove_pg_upmap can be super inefficient for large clusters (issue#40104, pr#28756, xie xingguo)
- core: MDSMonitor: use stringstream instead of dout for mds repaired (issue#40472, pr#29159, Zhi Zhang)
- core: osd beacon sometimes has empty pg list (issue#40377, pr#29254, Sage Weil)
- core: s3tests-test-readwrite failed in rados run (Connection refused) (issue#17882, pr#29325, Casey Bodley)
- doc: Document more cache modes (issue#14153, pr#28958, Nathan Cutler)
- doc: fix rgw ldap username token (pr#29455, Thomas Kriechbaumer)
- doc: Improved dashboard feature overview (pr#28919, Lenz Grimmer)
- doc: Object Gateway multisite document read-only argument error (issue#40458, pr#29306, Chenjiong Deng)
- doc/rados: Correcting some typos in the clay code documentation (pr#29191, Myna)
- doc/rbd: initial live-migration documentation (issue#40486, pr#29724, Jason Dillaman)
- doc/rgw: document use of ‘realm pull’ instead of ‘period pull’ (issue#39655, pr#29484, Casey Bodley)
- doc: steps to disable metadata_heap on existing rgw zones (issue#18174, pr#28738, Dan van der Ster)
- doc: Update ‘ceph-iscsi’ min version (pr#29444, Ricardo Marques)
- journal: properly advance read offset after skipping invalid range (pr#28816, Mykola Golub)
- librbd: improve journal performance to match expected degredation (issue#40072, pr#29723, Mykola Golub, Jason Dillaman)
- librbd: properly track in-flight flush requests (issue#40555, pr#28769, Jason Dillaman)
- librbd: snapshot object maps can go inconsistent during copyup (issue#39435, pr#29722, Ilya Dryomov)
- mds: change how mds revoke stale caps (issue#17854, pr#28583, Rishabh Dave, “Yan, Zheng”)
- mgr: Add mgr metdata to prometheus exporter module (pr#29168, Paul Cuzner)
- mgr/dashboard: Add, update and remove translations (issue#39701, pr#28938, Sebastian Krah)
- mgr/dashboard: cephfs multimds graphs stack together (issue#37579, pr#28889, Kiefer Chang)
- mgr/dashboard: Changing rgw-api-host does not get effective without disable/enable dashboard mgr module (issue#40252, pr#29044, Ricardo Marques)
- mgr/dashboard: controllers/grafana is not Python3 compatible (issue#40428, pr#29524, Patrick Nawracay)
- mgr/dashboard: Dentries value of MDS daemon in Filesystems page is inconsistent with ceph fs status output (issue#40097, pr#28912, Kiefer Chang)
- mgr/dashboard: Display logged in information for each iSCSI client (issue#40046, pr#29045, Ricardo Marques)
- mgr/dashboard: Fix e2e failures caused by webdriver version (pr#29491, Tiago Melo)
- mgr/dashboard: Fix npm vulnerabilities (issue#40677, pr#29102, Tiago Melo)
- mgr/dashboard: Fix the table mouseenter event handling test (issue#40580, pr#29354, Stephan Müller)
- mgr/dashboard: Interlock fast-diff and object-map (issue#39451, pr#29442, Patrick Nawracay)
- mgr/dashboard: notify the user about unset ‘mon_allow_pool_delete’ flag beforehand (issue#39533, pr#28833, Tatjana Dehler)
- mgr/dashboard: Optimize the calculation of portal IPs (issue#39580, pr#29061, Ricardo Marques, Kefu Chai)
- mgr/dashboard: Pool graph/sparkline points do not display the correct values (issue#39650, pr#29352, Stephan Müller)
- mgr/dashboard: RGW User quota validation is not working correctly (pr#29650, Volker Theile)
- mgr/dashboard: Silence Alertmanager alerts (issue#36722, pr#28968, Stephan Müller)
- mgr/dashboard: SSL certificate upload command throws deprecation warning (issue#39123, pr#29065, Ricardo Dias)
- mgr/dashboard: switch ng2-toastr to ngx-toastr (pr#29050, Tiago Melo, Ernesto Puerta)
- mgr/dashboard: Upgrade to ceph-iscsi config v10 (issue#40566, pr#28974, Ricardo Marques)
- mgr/diskprediction_cloud: Service unavailable (issue#40478, pr#29454, Rick Chen)
- mgr/influx: module fails due to missing close() method (issue#40174, pr#29207, Kefu Chai)
- mgr/orchestrator: Cache and DeepSea iSCSI + NFS (pr#29060, Sebastian Wagner, Tim Serong)
- mgr/rbd_support: support scheduling long-running background operations (issue#40621, issue#40790, pr#29725, Venky Shankar, Jason Dillaman)
- mgr: use ipv4 default when ipv6 was disabled (issue#40023, pr#29194, kungf)
- mgr/volumes: background purge queue for subvolumes (issue#40036, pr#29079, Patrick Donnelly, Venky Shankar, Kefu Chai)
- mgr/volumes: minor enhancement and bug fix (issue#40927, issue#40617, pr#29490, Ramana Raja)
- mon: auth mon isn’t loading full KeyServerData after restart (issue#40634, pr#28993, Sage Weil)
- mon/MgrMonitor: fix null deref when invalid formatter is specified (pr#29566, Sage Weil)
- mon/OSDMonitor: allow pg_num to increase when require_osd_release < N (issue#39570, pr#29671, Neha Ojha, Sage Weil)
- mon/OSDMonitor.cc: better error message about min_size (pr#29617, Neha Ojha)
- mon: paxos: introduce new reset_pending_committing_finishers for safety (issue#39484, pr#28528, Greg Farnum)
- mon: set recovery priority etc on cephfs metadata pool (pr#29275, Sage Weil)
- mon: take the mon lock in handle_conf_change (issue#39625, pr#29373, huangjun)
- msg/async: avoid unnecessary costly wakeups for outbound messages (pr#29141, Jason Dillaman)
- msg/async: enable secure mode by default, no longer experimental (pr#29143, Sage Weil)
- msg/async: no-need set connection for Message (pr#29142, Jianpeng Ma)
- msg/async, v2: make the reset_recv_state() unconditional (issue#40115, pr#29140, Radoslaw Zarzynski, Sage Weil)
- nautilus:common/options.cc: Lower the default value of osd_deep_scrub_large_omap_object_key_threshold (pr#29173, Neha Ojha)
- osd: Don’t randomize deep scrubs when noscrub set (issue#40198, pr#28768, David Zafman)
- osd: Fix the way that auto repair triggers after regular scrub (issue#40530, issue#40073, pr#28869, sjust@redhat.com, David Zafman)
- osd/OSD: auto mark heartbeat sessions as stale and tear them down (issue#40586, pr#29391, xie xingguo)
- osd/OSD: keep synchronizing with mon if stuck at booting (pr#28639, xie xingguo)
- osd/PG: do not queue scrub if PG is not active when unblock (issue#40451, pr#29372, Sage Weil)
- osd/PG: fix cleanup of pgmeta-like objects on PG deletion (pr#29115, Sage Weil)
- rbd/action: fix error getting positional argument (issue#40095, pr#28870, songweibin)
- rbd: [cli] ‘export’ should handle concurrent IO completions (issue#40435, pr#29329, Jason Dillaman)
- rbd: librbd: do not unblock IO prior to growing object map during resize (issue#39952, pr#29246, Jason Dillaman)
- rbd-mirror: handle duplicates in image sync throttler queue (issue#40519, pr#28817, Mykola Golub)
- rbd-mirror: link against the specified alloc library (issue#40110, pr#29193, Jason Dillaman)
- rbd-nbd: sscanf return 0 mean not-match (issue#39269, pr#29315, Jianpeng Ma)
- rbd: profile rbd OSD cap should add class rbd metadata_list cap by default (issue#39973, pr#29328, songweibin)
- rbd: Reduce log level for cls/journal and cls/rbd expected errors (issue#40865, pr#29551, Jason Dillaman)
- rbd: tests: add “rbd diff” coverage to suite (issue#39447, pr#28575, Shyukri Shyukriev, Nathan Cutler)
- rgw: add ‘GET /admin/realm?list’ api to list realms (issue#39626, pr#28751, Casey Bodley)
- rgw: allow radosgw-admin to list bucket w –allow-unordered (issue#39637, pr#28230, J. Eric Ivancich)
- rgw: conditionally allow builtin users with non-unique email addresses (issue#40089, pr#28715, Matt Benjamin)
- rgw: deleting bucket can fail when it contains unfinished multipart uploads (issue#40526, pr#29154, J. Eric Ivancich)
- rgw: Don’t crash on copy when metadata directive not supplied (issue#40416, pr#29499, Adam C. Emerson)
- rgw_file: advance_mtime() should consider namespace expiration (issue#40415, pr#29410, Matt Benjamin)
- rgw_file: advance_mtime() takes RGWFileHandle::mutex unconditionally (pr#29801, Matt Benjamin)
- rgw_file: all directories are virtual with respect to contents (issue#40204, pr#28886, Matt Benjamin)
- rgw_file: fix invalidation of top-level directories (issue#40196, pr#29309, Matt Benjamin)
- rgw_file: fix readdir eof() calc–caller stop implies !eof (issue#40375, pr#29409, Matt Benjamin)
- rgw_file: include tenant when hashing bucket names (issue#40118, pr#28854, Matt Benjamin)
- rgw: fix miss get ret in STSService::storeARN (issue#40386, pr#28713, Tianshan Qu)
- rgw: fix prefix handling in LCFilter (issue#37879, pr#28550, Matt Benjamin)
- rgw: fix rgw crash and set correct error code (pr#28729, yuliyang)
- rgw: hadoop-s3a suite failing with more ansible errors (issue#39706, pr#28735, Casey Bodley)
- rgw: hadoop-s3a suite failing with more ansible errors (issue#39706, pr#29265, Casey Bodley)
- rgw: Librgw doesn’t GC deleted object correctly (issue#37734, pr#28648, Tao Chen, Matt Benjamin)
- rgw: multisite: DELETE Bucket CORS is not forwarded to master zone (issue#39629, pr#28714, Chang Liu)
- rgw: multisite: fix –bypass-gc flag for ‘radosgw-admin bucket rm’ (issue#24991, pr#28549, Casey Bodley)
- rgw: multisite: ‘radosgw-admin bilog trim’ stops after 1000 entries (issue#40187, pr#29326, Casey Bodley)
- rgw: multisite: ‘radosgw-admin bucket sync status’ should call syncs_from(source.name) instead of id (issue#40022, pr#28739, Casey Bodley)
- rgw: multisite: radosgw-admin commands should not modify metadata on a non-master zone (issue#39548, pr#29163, Shilpa Jagannath)
- rgw: multisite: RGWListBucketIndexesCR for data full sync needs pagination (issue#39551, pr#29311, Shilpa Jagannath)
- rgw/OutputDataSocket: append_output(buffer::list&) says it will (but does not) discard output at data_max_backlog (issue#40178, pr#29310, Matt Benjamin)
- rgw, Policy should be url_decode when assume_role (pr#28728, yuliyang)
- rgw: provide admin-friendly reshard status output (issue#37615, pr#29286, Mark Kogan)
- rgw: Put LC doesn’t clear existing lifecycle (issue#39654, pr#29313, Abhishek Lekshmanan)
- rgw: remove rgw_num_rados_handles; set autoscale parameters or rgw metadata pools (pr#27684, Adam C. Emerson, Casey Bodley, Sage Weil)
- rgw: RGWGC add perfcounter retire counter (issue#38251, pr#29308, Matt Benjamin)
- rgw: Save an unnecessary copy of RGWEnv (issue#40183, pr#29205, Mark Kogan)
- rgw: set null version object issues (issue#36763, pr#29287, Tianshan Qu)
- rgw: Swift interface: server side copy fails if object name contains “?” (issue#27217, pr#28736, Casey Bodley)
- rgw: TempURL should not allow PUTs with the X-Object-Manifest (issue#20797, pr#28712, Radoslaw Zarzynski)
- rgw: the Multi-Object Delete operation of S3 API wrongly handles the Code response element (issue#18241, pr#28737, Radoslaw Zarzynski)
- rocksdb: rocksdb_rmrange related improvements (pr#29439, Zengran Zhang, Sage Weil)
- rocksdb: Updated to v6.1.2 (pr#29440, Mark Nelson)
- tools: ceph-kvstore-tool: print db stats (pr#28810, Igor Fedotov)