authors/changelog for 2.20.0 release
Change-Id: I149cb14cbfef456b6368564dae8529faf430333d
This commit is contained in:
parent
b9d2c08e8d
commit
fbad538d21
1
.mailmap
1
.mailmap
@ -125,3 +125,4 @@ Bryan Keller <kellerbr@us.ibm.com>
|
|||||||
Doug Hellmann <doug@doughellmann.com> <doug.hellmann@dreamhost.com>
|
Doug Hellmann <doug@doughellmann.com> <doug.hellmann@dreamhost.com>
|
||||||
zhangdebo1987 <zhangdebo@inspur.com> zhangdebo
|
zhangdebo1987 <zhangdebo@inspur.com> zhangdebo
|
||||||
Thomas Goirand <thomas@goirand.fr> <zigo@debian.org>
|
Thomas Goirand <thomas@goirand.fr> <zigo@debian.org>
|
||||||
|
Thiago da Silva <thiagodasilva@gmail.com> <thiago@redhat.com>
|
||||||
|
13
AUTHORS
13
AUTHORS
@ -88,6 +88,7 @@ chenaidong1 (chen.aidong@zte.com.cn)
|
|||||||
cheng (li.chenga@h3c.com)
|
cheng (li.chenga@h3c.com)
|
||||||
Cheng Li (shcli@cn.ibm.com)
|
Cheng Li (shcli@cn.ibm.com)
|
||||||
chengebj5238 (chengebj@inspur.com)
|
chengebj5238 (chengebj@inspur.com)
|
||||||
|
chenxiangui (chenxiangui@inspur.com)
|
||||||
Chmouel Boudjnah (chmouel@enovance.com)
|
Chmouel Boudjnah (chmouel@enovance.com)
|
||||||
Chris Wedgwood (cw@f00f.org)
|
Chris Wedgwood (cw@f00f.org)
|
||||||
Christian Berendt (berendt@b1-systems.de)
|
Christian Berendt (berendt@b1-systems.de)
|
||||||
@ -106,6 +107,7 @@ Constantine Peresypkin (constantine.peresypk@rackspace.com)
|
|||||||
Corey Bryant (corey.bryant@canonical.com)
|
Corey Bryant (corey.bryant@canonical.com)
|
||||||
Cory Wright (cory.wright@rackspace.com)
|
Cory Wright (cory.wright@rackspace.com)
|
||||||
Cristian A Sanchez (cristian.a.sanchez@intel.com)
|
Cristian A Sanchez (cristian.a.sanchez@intel.com)
|
||||||
|
Cyril Roelandt (cyril@redhat.com)
|
||||||
Dae S. Kim (dae@velatum.com)
|
Dae S. Kim (dae@velatum.com)
|
||||||
Daisuke Morita (morita.daisuke@ntti3.com)
|
Daisuke Morita (morita.daisuke@ntti3.com)
|
||||||
Dan Dillinger (dan.dillinger@sonian.net)
|
Dan Dillinger (dan.dillinger@sonian.net)
|
||||||
@ -152,6 +154,7 @@ Eugene Kirpichov (ekirpichov@gmail.com)
|
|||||||
Ewan Mellor (ewan.mellor@citrix.com)
|
Ewan Mellor (ewan.mellor@citrix.com)
|
||||||
Fabien Boucher (fabien.boucher@enovance.com)
|
Fabien Boucher (fabien.boucher@enovance.com)
|
||||||
Falk Reimann (falk.reimann@sap.com)
|
Falk Reimann (falk.reimann@sap.com)
|
||||||
|
FatemaKhalid (fatemakhalid96@gmail.com)
|
||||||
Felipe Reyes (freyes@tty.cl)
|
Felipe Reyes (freyes@tty.cl)
|
||||||
Ferenc Horváth (hferenc@inf.u-szeged.hu)
|
Ferenc Horváth (hferenc@inf.u-szeged.hu)
|
||||||
Filippo Giunchedi (fgiunchedi@wikimedia.org)
|
Filippo Giunchedi (fgiunchedi@wikimedia.org)
|
||||||
@ -329,10 +332,12 @@ Ricardo Ferreira (ricardo.sff@gmail.com)
|
|||||||
Richard Hawkins (richard.hawkins@rackspace.com)
|
Richard Hawkins (richard.hawkins@rackspace.com)
|
||||||
Robert Francis (robefran@ca.ibm.com)
|
Robert Francis (robefran@ca.ibm.com)
|
||||||
Robin Naundorf (r.naundorf@fh-muenster.de)
|
Robin Naundorf (r.naundorf@fh-muenster.de)
|
||||||
|
Romain de Joux (romain.de-joux@corp.ovh.com)
|
||||||
Romain Le Disez (romain.ledisez@ovh.net)
|
Romain Le Disez (romain.ledisez@ovh.net)
|
||||||
Russ Nelson (russ@crynwr.com)
|
Russ Nelson (russ@crynwr.com)
|
||||||
Russell Bryant (rbryant@redhat.com)
|
Russell Bryant (rbryant@redhat.com)
|
||||||
Sachin Patil (psachin@redhat.com)
|
Sachin Patil (psachin@redhat.com)
|
||||||
|
Sam Morrison (sorrison@gmail.com)
|
||||||
Samuel Merritt (sam@swiftstack.com)
|
Samuel Merritt (sam@swiftstack.com)
|
||||||
Sarafraj Singh (Sarafraj.Singh@intel.com)
|
Sarafraj Singh (Sarafraj.Singh@intel.com)
|
||||||
Sarvesh Ranjan (saranjan@cisco.com)
|
Sarvesh Ranjan (saranjan@cisco.com)
|
||||||
@ -359,7 +364,7 @@ Sushil Kumar (sushil.kumar2@globallogic.com)
|
|||||||
Takashi Kajinami (kajinamit@nttdata.co.jp)
|
Takashi Kajinami (kajinamit@nttdata.co.jp)
|
||||||
Takashi Natsume (natsume.takashi@lab.ntt.co.jp)
|
Takashi Natsume (natsume.takashi@lab.ntt.co.jp)
|
||||||
TheSriram (sriram@klusterkloud.com)
|
TheSriram (sriram@klusterkloud.com)
|
||||||
Thiago da Silva (thiago@redhat.com)
|
Thiago da Silva (thiagodasilva@gmail.com)
|
||||||
Thierry Carrez (thierry@openstack.org)
|
Thierry Carrez (thierry@openstack.org)
|
||||||
Thomas Goirand (thomas@goirand.fr)
|
Thomas Goirand (thomas@goirand.fr)
|
||||||
Thomas Herve (therve@redhat.com)
|
Thomas Herve (therve@redhat.com)
|
||||||
@ -392,11 +397,13 @@ wangdequn (wangdequn@inspur.com)
|
|||||||
wanghongtaozz (wanghongtaozz@inspur.com)
|
wanghongtaozz (wanghongtaozz@inspur.com)
|
||||||
wanghui (wang_hui@inspur.com)
|
wanghui (wang_hui@inspur.com)
|
||||||
wangqi (wang.qi@99cloud.net)
|
wangqi (wang.qi@99cloud.net)
|
||||||
|
whoami-rajat (rajatdhasmana@gmail.com)
|
||||||
Wu Wenxiang (wu.wenxiang@99cloud.net)
|
Wu Wenxiang (wu.wenxiang@99cloud.net)
|
||||||
Wyllys Ingersoll (wyllys.ingersoll@evault.com)
|
Wyllys Ingersoll (wyllys.ingersoll@evault.com)
|
||||||
xhancar (pavel.hancar@gmail.com)
|
xhancar (pavel.hancar@gmail.com)
|
||||||
XieYingYun (smokony@sina.com)
|
XieYingYun (smokony@sina.com)
|
||||||
Yaguang Wang (yaguang.wang@intel.com)
|
Yaguang Wang (yaguang.wang@intel.com)
|
||||||
|
yanghuichan (yanghc@fiberhome.com)
|
||||||
Yatin Kumbhare (yatinkumbhare@gmail.com)
|
Yatin Kumbhare (yatinkumbhare@gmail.com)
|
||||||
Ye Jia Xu (xyj.asmy@gmail.com)
|
Ye Jia Xu (xyj.asmy@gmail.com)
|
||||||
Yee (mail.zhang.yee@gmail.com)
|
Yee (mail.zhang.yee@gmail.com)
|
||||||
@ -406,6 +413,7 @@ yuhui_inspur (yuhui@inspur.com)
|
|||||||
Yummy Bian (yummy.bian@gmail.com)
|
Yummy Bian (yummy.bian@gmail.com)
|
||||||
Yuriy Taraday (yorik.sar@gmail.com)
|
Yuriy Taraday (yorik.sar@gmail.com)
|
||||||
Yushiro FURUKAWA (y.furukawa_2@jp.fujitsu.com)
|
Yushiro FURUKAWA (y.furukawa_2@jp.fujitsu.com)
|
||||||
|
Yuxin Wang (wang.yuxin@ostorage.com.cn)
|
||||||
Zack M. Davis (zdavis@swiftstack.com)
|
Zack M. Davis (zdavis@swiftstack.com)
|
||||||
Zap Chang (zapchang@gmail.com)
|
Zap Chang (zapchang@gmail.com)
|
||||||
Zhang Guoqing (zhang.guoqing@99cloud.net)
|
Zhang Guoqing (zhang.guoqing@99cloud.net)
|
||||||
@ -418,7 +426,8 @@ Zheng Yao (zheng.yao1@zte.com.cn)
|
|||||||
zheng yin (yin.zheng@easystack.cn)
|
zheng yin (yin.zheng@easystack.cn)
|
||||||
Zhenguo Niu (zhenguo@unitedstack.com)
|
Zhenguo Niu (zhenguo@unitedstack.com)
|
||||||
zhengwei6082 (zhengwei6082@fiberhome.com)
|
zhengwei6082 (zhengwei6082@fiberhome.com)
|
||||||
|
ZhijunWei (wzj334965317@outlook.com)
|
||||||
ZhiQiang Fan (aji.zqfan@gmail.com)
|
ZhiQiang Fan (aji.zqfan@gmail.com)
|
||||||
Zhongyue Luo (zhongyue.nah@intel.com)
|
Zhongyue Luo (zhongyue.nah@intel.com)
|
||||||
zhufl (zhu.fanglei@zte.com.cn)
|
zhufl (zhu.fanglei@zte.com.cn)
|
||||||
Виль Суркин (vills@vills-pro.local)
|
zhulingjie (easyzlj@gmail.com)
|
||||||
|
106
CHANGELOG
106
CHANGELOG
@ -1,3 +1,109 @@
|
|||||||
|
swift (2.20.0)
|
||||||
|
|
||||||
|
* S3 API compatibility updates
|
||||||
|
|
||||||
|
* Swift can now cache the S3 secret from Keystone to use for
|
||||||
|
subsequent requests. This functionality is disabled by default but
|
||||||
|
can be enabled by setting the `secret_cache_duration` in the s3token
|
||||||
|
section of the proxy server config to a number greater than 0.
|
||||||
|
|
||||||
|
* s3api now mimics the AWS S3 behavior of periodically sending
|
||||||
|
whitespace characters on a Complete Multipart Upload request to keep
|
||||||
|
the connection from timing out. Note that since a request could fail
|
||||||
|
after the initial 200 OK response has been sent, it is important to
|
||||||
|
check the response body to determine if the request succeeded.
|
||||||
|
|
||||||
|
* s3api now properly handles x-amz-metadata-directive headers on
|
||||||
|
COPY operations.
|
||||||
|
|
||||||
|
* s3api now uses concurrency (default 2) to handle multi-delete
|
||||||
|
requests. This allows multi-delete requests to be processed much
|
||||||
|
more quickly.
|
||||||
|
|
||||||
|
* s3api now mimics some forms of AWS server-side encryption
|
||||||
|
based on whether Swift's at-rest encryption functionality is enabled.
|
||||||
|
Note that S3 API users are now able to know more about how the
|
||||||
|
cluster is configured than they were previously, ie knowledge of
|
||||||
|
encryption at-rest functionality being enabled or not.
|
||||||
|
|
||||||
|
* s3api responses now include a '-' in multipart ETags.
|
||||||
|
|
||||||
|
For new multipart-uploads via the S3 API, the ETag that is
|
||||||
|
stored will be calculated in the same way that AWS uses. This
|
||||||
|
ETag will be used in GET/HEAD responses, bucket listings, and
|
||||||
|
conditional requests via the S3 API. Accessing the same object
|
||||||
|
via the Swift API will use the SLO Etag; however, in JSON
|
||||||
|
container listings the multipart upload etag will be exposed
|
||||||
|
in a new "s3_etag" key. Previously, some S3 clients would complain
|
||||||
|
about download corruption when the ETag did not have a '-'.
|
||||||
|
|
||||||
|
* S3 ETag for SLOs now include a '-'.
|
||||||
|
|
||||||
|
Ordinary objects in S3 use the MD5 of the object as the ETag,
|
||||||
|
just like Swift. Multipart Uploads follow a different format, notably
|
||||||
|
including a dash followed by the number of segments. To that end
|
||||||
|
(and for S3 API requests *only*), SLO responses via the S3 API have a
|
||||||
|
literal '-N' added on the end of the ETag.
|
||||||
|
|
||||||
|
* The default location is now set to "us-east-1". This is more likely
|
||||||
|
to be the default region that a client will try when using v4
|
||||||
|
signatures.
|
||||||
|
|
||||||
|
Deployers with clusters that relied on the old implicit default
|
||||||
|
location of "US" should explicitly set `location = US` in the
|
||||||
|
`[filter:s3api]` section of proxy-server.conf before upgrading.
|
||||||
|
|
||||||
|
* Add basic support for ?versions bucket listings. We still do not
|
||||||
|
have support for toggling S3 bucket versioning, but we can at least
|
||||||
|
support getting the latest versions of all objects.
|
||||||
|
|
||||||
|
* Fixed an issue with SSYNC requests to ensure that only one request
|
||||||
|
can be running on a partition at a time.
|
||||||
|
|
||||||
|
* Data encryption updates
|
||||||
|
|
||||||
|
* The kmip_keymaster middleware can now be configured directly in the
|
||||||
|
proxy-server config file. The existing behavior of using an external
|
||||||
|
config file is still supported.
|
||||||
|
|
||||||
|
* Multiple keymaster middlewares are now supported. This allows
|
||||||
|
migration from one key provider to another.
|
||||||
|
|
||||||
|
Note that secret_id values must remain unique across all keymasters
|
||||||
|
in a given pipeline. If they are not unique, the right-most keymaster
|
||||||
|
will take precedence.
|
||||||
|
|
||||||
|
When looking for the active root secret, only the right-most
|
||||||
|
keymaster is used.
|
||||||
|
|
||||||
|
* Prevent PyKMIP's kmip_protocol logger from logging at DEBUG.
|
||||||
|
Previously, some versions of PyKMIP would include all wire
|
||||||
|
data when the root logger was configured to log at DEBUG; this
|
||||||
|
could expose key material in logs. Only the kmip_keymaster was
|
||||||
|
affected.
|
||||||
|
|
||||||
|
* Fixed an issue where a failed drive could prevent the container sharder
|
||||||
|
from making progress.
|
||||||
|
|
||||||
|
* Storage policy definitions in swift.conf can now define the diskfile
|
||||||
|
to use to access objects. See the included swift.conf-sample file for
|
||||||
|
a description of usage.
|
||||||
|
|
||||||
|
* The EC reconstructor will now attempt to remove empty directories
|
||||||
|
immediately, while the inodes are still cached, rather than waiting
|
||||||
|
until the next run.
|
||||||
|
|
||||||
|
* Added a keep_idle config option to configure KEEPIDLE time for TCP
|
||||||
|
sockets. The default value is the old constant of 600.
|
||||||
|
|
||||||
|
* Add databases_per_second to the account-replicator,
|
||||||
|
container-replicator, and container-sharder. This prevents them from
|
||||||
|
using a full CPU core when they are not IO limited.
|
||||||
|
|
||||||
|
* Allow direct_client users to overwrite the X-Timestamp header.
|
||||||
|
|
||||||
|
* Various other minor bug fixes and improvements.
|
||||||
|
|
||||||
swift (2.19.0, OpenStack Rocky)
|
swift (2.19.0, OpenStack Rocky)
|
||||||
|
|
||||||
* TempURLs now support IP range restrictions. Please see
|
* TempURLs now support IP range restrictions. Please see
|
||||||
|
116
releasenotes/notes/2_20_0_release-7b090a5f4bd916e4.yaml
Normal file
116
releasenotes/notes/2_20_0_release-7b090a5f4bd916e4.yaml
Normal file
@ -0,0 +1,116 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
S3 API compatibility updates
|
||||||
|
|
||||||
|
- Swift can now cache the S3 secret from Keystone to use for
|
||||||
|
subsequent requests. This functionality is disabled by default but
|
||||||
|
can be enabled by setting the ``secret_cache_duration`` in the
|
||||||
|
``[filter:s3token]`` section of the proxy server config to a number
|
||||||
|
greater than 0.
|
||||||
|
|
||||||
|
- s3api now mimics the AWS S3 behavior of periodically sending
|
||||||
|
whitespace characters on a Complete Multipart Upload request to keep
|
||||||
|
the connection from timing out. Note that since a request could fail
|
||||||
|
after the initial 200 OK response has been sent, it is important to
|
||||||
|
check the response body to determine if the request succeeded.
|
||||||
|
|
||||||
|
- s3api now properly handles ``x-amz-metadata-directive`` headers on
|
||||||
|
COPY operations.
|
||||||
|
|
||||||
|
- s3api now uses concurrency (default 2) to handle multi-delete
|
||||||
|
requests. This allows multi-delete requests to be processed much
|
||||||
|
more quickly.
|
||||||
|
|
||||||
|
- s3api now mimics some forms of AWS server-side encryption
|
||||||
|
based on whether Swift's at-rest encryption functionality is enabled.
|
||||||
|
Note that S3 API users are now able to know more about how the
|
||||||
|
cluster is configured than they were previously, ie knowledge of
|
||||||
|
encryption at-rest functionality being enabled or not.
|
||||||
|
|
||||||
|
- s3api responses now include a '-' in multipart ETags.
|
||||||
|
|
||||||
|
For new multipart-uploads via the S3 API, the ETag that is
|
||||||
|
stored will be calculated in the same way that AWS uses. This
|
||||||
|
ETag will be used in GET/HEAD responses, bucket listings, and
|
||||||
|
conditional requests via the S3 API. Accessing the same object
|
||||||
|
via the Swift API will use the SLO Etag; however, in JSON
|
||||||
|
container listings the multipart upload etag will be exposed
|
||||||
|
in a new "s3_etag" key. Previously, some S3 clients would complain
|
||||||
|
about download corruption when the ETag did not have a '-'.
|
||||||
|
|
||||||
|
- S3 ETag for SLOs now include a '-'.
|
||||||
|
|
||||||
|
Ordinary objects in S3 use the MD5 of the object as the ETag,
|
||||||
|
just like Swift. Multipart Uploads follow a different format, notably
|
||||||
|
including a dash followed by the number of segments. To that end
|
||||||
|
(and for S3 API requests *only*), SLO responses via the S3 API have a
|
||||||
|
literal '-N' added on the end of the ETag.
|
||||||
|
|
||||||
|
- The default location is now set to "us-east-1". This is more likely
|
||||||
|
to be the default region that a client will try when using v4
|
||||||
|
signatures.
|
||||||
|
|
||||||
|
Deployers with clusters that relied on the old implicit default
|
||||||
|
location of "US" should explicitly set ``location = US`` in the
|
||||||
|
``[filter:s3api]`` section of proxy-server.conf before upgrading.
|
||||||
|
|
||||||
|
- Add basic support for ?versions bucket listings. We still do not
|
||||||
|
have support for toggling S3 bucket versioning, but we can at least
|
||||||
|
support getting the latest versions of all objects.
|
||||||
|
|
||||||
|
- |
|
||||||
|
Fixed an issue with SSYNC requests to ensure that only one request
|
||||||
|
can be running on a partition at a time.
|
||||||
|
|
||||||
|
- |
|
||||||
|
Data encryption updates
|
||||||
|
|
||||||
|
- The ``kmip_keymaster`` middleware can now be configured directly in the
|
||||||
|
proxy-server config file. The existing behavior of using an external
|
||||||
|
config file is still supported.
|
||||||
|
|
||||||
|
- Multiple keymaster middlewares are now supported. This allows
|
||||||
|
migration from one key provider to another.
|
||||||
|
|
||||||
|
Note that ``secret_id`` values must remain unique across all keymasters
|
||||||
|
in a given pipeline. If they are not unique, the right-most keymaster
|
||||||
|
will take precedence.
|
||||||
|
|
||||||
|
When looking for the active root secret, only the right-most
|
||||||
|
keymaster is used.
|
||||||
|
|
||||||
|
- Prevent PyKMIP's kmip_protocol logger from logging at DEBUG.
|
||||||
|
Previously, some versions of PyKMIP would include all wire
|
||||||
|
data when the root logger was configured to log at DEBUG; this
|
||||||
|
could expose key material in logs. Only the ``kmip_keymaster`` was
|
||||||
|
affected.
|
||||||
|
|
||||||
|
- |
|
||||||
|
Fixed an issue where a failed drive could prevent the container sharder
|
||||||
|
from making progress.
|
||||||
|
|
||||||
|
- |
|
||||||
|
Storage policy definitions in swift.conf can now define the diskfile
|
||||||
|
to use to access objects. See the included swift.conf-sample file for
|
||||||
|
a description of usage.
|
||||||
|
|
||||||
|
- |
|
||||||
|
The EC reconstructor will now attempt to remove empty directories
|
||||||
|
immediately, while the inodes are still cached, rather than waiting
|
||||||
|
until the next run.
|
||||||
|
|
||||||
|
- |
|
||||||
|
Added a ``keep_idle`` config option to configure KEEPIDLE time for TCP
|
||||||
|
sockets. The default value is the old constant of 600.
|
||||||
|
|
||||||
|
- |
|
||||||
|
Add ``databases_per_second`` to the account-replicator,
|
||||||
|
container-replicator, and container-sharder. This prevents them from
|
||||||
|
using a full CPU core when they are not IO limited.
|
||||||
|
|
||||||
|
- |
|
||||||
|
Allow direct_client users to overwrite the ``X-Timestamp`` header.
|
||||||
|
|
||||||
|
- |
|
||||||
|
Various other minor bug fixes and improvements.
|
Loading…
Reference in New Issue
Block a user