authors/changelog for 2.20.0 release

Change-Id: I149cb14cbfef456b6368564dae8529faf430333d
This commit is contained in:
John Dickinson 2018-12-12 10:21:07 -08:00 committed by Tim Burke
parent b9d2c08e8d
commit fbad538d21
4 changed files with 234 additions and 2 deletions

View File

@ -125,3 +125,4 @@ Bryan Keller <kellerbr@us.ibm.com>
Doug Hellmann <doug@doughellmann.com> <doug.hellmann@dreamhost.com> Doug Hellmann <doug@doughellmann.com> <doug.hellmann@dreamhost.com>
zhangdebo1987 <zhangdebo@inspur.com> zhangdebo zhangdebo1987 <zhangdebo@inspur.com> zhangdebo
Thomas Goirand <thomas@goirand.fr> <zigo@debian.org> Thomas Goirand <thomas@goirand.fr> <zigo@debian.org>
Thiago da Silva <thiagodasilva@gmail.com> <thiago@redhat.com>

13
AUTHORS
View File

@ -88,6 +88,7 @@ chenaidong1 (chen.aidong@zte.com.cn)
cheng (li.chenga@h3c.com) cheng (li.chenga@h3c.com)
Cheng Li (shcli@cn.ibm.com) Cheng Li (shcli@cn.ibm.com)
chengebj5238 (chengebj@inspur.com) chengebj5238 (chengebj@inspur.com)
chenxiangui (chenxiangui@inspur.com)
Chmouel Boudjnah (chmouel@enovance.com) Chmouel Boudjnah (chmouel@enovance.com)
Chris Wedgwood (cw@f00f.org) Chris Wedgwood (cw@f00f.org)
Christian Berendt (berendt@b1-systems.de) Christian Berendt (berendt@b1-systems.de)
@ -106,6 +107,7 @@ Constantine Peresypkin (constantine.peresypk@rackspace.com)
Corey Bryant (corey.bryant@canonical.com) Corey Bryant (corey.bryant@canonical.com)
Cory Wright (cory.wright@rackspace.com) Cory Wright (cory.wright@rackspace.com)
Cristian A Sanchez (cristian.a.sanchez@intel.com) Cristian A Sanchez (cristian.a.sanchez@intel.com)
Cyril Roelandt (cyril@redhat.com)
Dae S. Kim (dae@velatum.com) Dae S. Kim (dae@velatum.com)
Daisuke Morita (morita.daisuke@ntti3.com) Daisuke Morita (morita.daisuke@ntti3.com)
Dan Dillinger (dan.dillinger@sonian.net) Dan Dillinger (dan.dillinger@sonian.net)
@ -152,6 +154,7 @@ Eugene Kirpichov (ekirpichov@gmail.com)
Ewan Mellor (ewan.mellor@citrix.com) Ewan Mellor (ewan.mellor@citrix.com)
Fabien Boucher (fabien.boucher@enovance.com) Fabien Boucher (fabien.boucher@enovance.com)
Falk Reimann (falk.reimann@sap.com) Falk Reimann (falk.reimann@sap.com)
FatemaKhalid (fatemakhalid96@gmail.com)
Felipe Reyes (freyes@tty.cl) Felipe Reyes (freyes@tty.cl)
Ferenc Horváth (hferenc@inf.u-szeged.hu) Ferenc Horváth (hferenc@inf.u-szeged.hu)
Filippo Giunchedi (fgiunchedi@wikimedia.org) Filippo Giunchedi (fgiunchedi@wikimedia.org)
@ -329,10 +332,12 @@ Ricardo Ferreira (ricardo.sff@gmail.com)
Richard Hawkins (richard.hawkins@rackspace.com) Richard Hawkins (richard.hawkins@rackspace.com)
Robert Francis (robefran@ca.ibm.com) Robert Francis (robefran@ca.ibm.com)
Robin Naundorf (r.naundorf@fh-muenster.de) Robin Naundorf (r.naundorf@fh-muenster.de)
Romain de Joux (romain.de-joux@corp.ovh.com)
Romain Le Disez (romain.ledisez@ovh.net) Romain Le Disez (romain.ledisez@ovh.net)
Russ Nelson (russ@crynwr.com) Russ Nelson (russ@crynwr.com)
Russell Bryant (rbryant@redhat.com) Russell Bryant (rbryant@redhat.com)
Sachin Patil (psachin@redhat.com) Sachin Patil (psachin@redhat.com)
Sam Morrison (sorrison@gmail.com)
Samuel Merritt (sam@swiftstack.com) Samuel Merritt (sam@swiftstack.com)
Sarafraj Singh (Sarafraj.Singh@intel.com) Sarafraj Singh (Sarafraj.Singh@intel.com)
Sarvesh Ranjan (saranjan@cisco.com) Sarvesh Ranjan (saranjan@cisco.com)
@ -359,7 +364,7 @@ Sushil Kumar (sushil.kumar2@globallogic.com)
Takashi Kajinami (kajinamit@nttdata.co.jp) Takashi Kajinami (kajinamit@nttdata.co.jp)
Takashi Natsume (natsume.takashi@lab.ntt.co.jp) Takashi Natsume (natsume.takashi@lab.ntt.co.jp)
TheSriram (sriram@klusterkloud.com) TheSriram (sriram@klusterkloud.com)
Thiago da Silva (thiago@redhat.com) Thiago da Silva (thiagodasilva@gmail.com)
Thierry Carrez (thierry@openstack.org) Thierry Carrez (thierry@openstack.org)
Thomas Goirand (thomas@goirand.fr) Thomas Goirand (thomas@goirand.fr)
Thomas Herve (therve@redhat.com) Thomas Herve (therve@redhat.com)
@ -392,11 +397,13 @@ wangdequn (wangdequn@inspur.com)
wanghongtaozz (wanghongtaozz@inspur.com) wanghongtaozz (wanghongtaozz@inspur.com)
wanghui (wang_hui@inspur.com) wanghui (wang_hui@inspur.com)
wangqi (wang.qi@99cloud.net) wangqi (wang.qi@99cloud.net)
whoami-rajat (rajatdhasmana@gmail.com)
Wu Wenxiang (wu.wenxiang@99cloud.net) Wu Wenxiang (wu.wenxiang@99cloud.net)
Wyllys Ingersoll (wyllys.ingersoll@evault.com) Wyllys Ingersoll (wyllys.ingersoll@evault.com)
xhancar (pavel.hancar@gmail.com) xhancar (pavel.hancar@gmail.com)
XieYingYun (smokony@sina.com) XieYingYun (smokony@sina.com)
Yaguang Wang (yaguang.wang@intel.com) Yaguang Wang (yaguang.wang@intel.com)
yanghuichan (yanghc@fiberhome.com)
Yatin Kumbhare (yatinkumbhare@gmail.com) Yatin Kumbhare (yatinkumbhare@gmail.com)
Ye Jia Xu (xyj.asmy@gmail.com) Ye Jia Xu (xyj.asmy@gmail.com)
Yee (mail.zhang.yee@gmail.com) Yee (mail.zhang.yee@gmail.com)
@ -406,6 +413,7 @@ yuhui_inspur (yuhui@inspur.com)
Yummy Bian (yummy.bian@gmail.com) Yummy Bian (yummy.bian@gmail.com)
Yuriy Taraday (yorik.sar@gmail.com) Yuriy Taraday (yorik.sar@gmail.com)
Yushiro FURUKAWA (y.furukawa_2@jp.fujitsu.com) Yushiro FURUKAWA (y.furukawa_2@jp.fujitsu.com)
Yuxin Wang (wang.yuxin@ostorage.com.cn)
Zack M. Davis (zdavis@swiftstack.com) Zack M. Davis (zdavis@swiftstack.com)
Zap Chang (zapchang@gmail.com) Zap Chang (zapchang@gmail.com)
Zhang Guoqing (zhang.guoqing@99cloud.net) Zhang Guoqing (zhang.guoqing@99cloud.net)
@ -418,7 +426,8 @@ Zheng Yao (zheng.yao1@zte.com.cn)
zheng yin (yin.zheng@easystack.cn) zheng yin (yin.zheng@easystack.cn)
Zhenguo Niu (zhenguo@unitedstack.com) Zhenguo Niu (zhenguo@unitedstack.com)
zhengwei6082 (zhengwei6082@fiberhome.com) zhengwei6082 (zhengwei6082@fiberhome.com)
ZhijunWei (wzj334965317@outlook.com)
ZhiQiang Fan (aji.zqfan@gmail.com) ZhiQiang Fan (aji.zqfan@gmail.com)
Zhongyue Luo (zhongyue.nah@intel.com) Zhongyue Luo (zhongyue.nah@intel.com)
zhufl (zhu.fanglei@zte.com.cn) zhufl (zhu.fanglei@zte.com.cn)
Виль Суркин (vills@vills-pro.local) zhulingjie (easyzlj@gmail.com)

106
CHANGELOG
View File

@ -1,3 +1,109 @@
swift (2.20.0)
* S3 API compatibility updates
* Swift can now cache the S3 secret from Keystone to use for
subsequent requests. This functionality is disabled by default but
can be enabled by setting the `secret_cache_duration` in the s3token
section of the proxy server config to a number greater than 0.
* s3api now mimics the AWS S3 behavior of periodically sending
whitespace characters on a Complete Multipart Upload request to keep
the connection from timing out. Note that since a request could fail
after the initial 200 OK response has been sent, it is important to
check the response body to determine if the request succeeded.
* s3api now properly handles x-amz-metadata-directive headers on
COPY operations.
* s3api now uses concurrency (default 2) to handle multi-delete
requests. This allows multi-delete requests to be processed much
more quickly.
* s3api now mimics some forms of AWS server-side encryption
based on whether Swift's at-rest encryption functionality is enabled.
Note that S3 API users are now able to know more about how the
cluster is configured than they were previously, ie knowledge of
encryption at-rest functionality being enabled or not.
* s3api responses now include a '-' in multipart ETags.
For new multipart-uploads via the S3 API, the ETag that is
stored will be calculated in the same way that AWS uses. This
ETag will be used in GET/HEAD responses, bucket listings, and
conditional requests via the S3 API. Accessing the same object
via the Swift API will use the SLO Etag; however, in JSON
container listings the multipart upload etag will be exposed
in a new "s3_etag" key. Previously, some S3 clients would complain
about download corruption when the ETag did not have a '-'.
* S3 ETag for SLOs now include a '-'.
Ordinary objects in S3 use the MD5 of the object as the ETag,
just like Swift. Multipart Uploads follow a different format, notably
including a dash followed by the number of segments. To that end
(and for S3 API requests *only*), SLO responses via the S3 API have a
literal '-N' added on the end of the ETag.
* The default location is now set to "us-east-1". This is more likely
to be the default region that a client will try when using v4
signatures.
Deployers with clusters that relied on the old implicit default
location of "US" should explicitly set `location = US` in the
`[filter:s3api]` section of proxy-server.conf before upgrading.
* Add basic support for ?versions bucket listings. We still do not
have support for toggling S3 bucket versioning, but we can at least
support getting the latest versions of all objects.
* Fixed an issue with SSYNC requests to ensure that only one request
can be running on a partition at a time.
* Data encryption updates
* The kmip_keymaster middleware can now be configured directly in the
proxy-server config file. The existing behavior of using an external
config file is still supported.
* Multiple keymaster middlewares are now supported. This allows
migration from one key provider to another.
Note that secret_id values must remain unique across all keymasters
in a given pipeline. If they are not unique, the right-most keymaster
will take precedence.
When looking for the active root secret, only the right-most
keymaster is used.
* Prevent PyKMIP's kmip_protocol logger from logging at DEBUG.
Previously, some versions of PyKMIP would include all wire
data when the root logger was configured to log at DEBUG; this
could expose key material in logs. Only the kmip_keymaster was
affected.
* Fixed an issue where a failed drive could prevent the container sharder
from making progress.
* Storage policy definitions in swift.conf can now define the diskfile
to use to access objects. See the included swift.conf-sample file for
a description of usage.
* The EC reconstructor will now attempt to remove empty directories
immediately, while the inodes are still cached, rather than waiting
until the next run.
* Added a keep_idle config option to configure KEEPIDLE time for TCP
sockets. The default value is the old constant of 600.
* Add databases_per_second to the account-replicator,
container-replicator, and container-sharder. This prevents them from
using a full CPU core when they are not IO limited.
* Allow direct_client users to overwrite the X-Timestamp header.
* Various other minor bug fixes and improvements.
swift (2.19.0, OpenStack Rocky) swift (2.19.0, OpenStack Rocky)
* TempURLs now support IP range restrictions. Please see * TempURLs now support IP range restrictions. Please see

View File

@ -0,0 +1,116 @@
---
features:
- |
S3 API compatibility updates
- Swift can now cache the S3 secret from Keystone to use for
subsequent requests. This functionality is disabled by default but
can be enabled by setting the ``secret_cache_duration`` in the
``[filter:s3token]`` section of the proxy server config to a number
greater than 0.
- s3api now mimics the AWS S3 behavior of periodically sending
whitespace characters on a Complete Multipart Upload request to keep
the connection from timing out. Note that since a request could fail
after the initial 200 OK response has been sent, it is important to
check the response body to determine if the request succeeded.
- s3api now properly handles ``x-amz-metadata-directive`` headers on
COPY operations.
- s3api now uses concurrency (default 2) to handle multi-delete
requests. This allows multi-delete requests to be processed much
more quickly.
- s3api now mimics some forms of AWS server-side encryption
based on whether Swift's at-rest encryption functionality is enabled.
Note that S3 API users are now able to know more about how the
cluster is configured than they were previously, ie knowledge of
encryption at-rest functionality being enabled or not.
- s3api responses now include a '-' in multipart ETags.
For new multipart-uploads via the S3 API, the ETag that is
stored will be calculated in the same way that AWS uses. This
ETag will be used in GET/HEAD responses, bucket listings, and
conditional requests via the S3 API. Accessing the same object
via the Swift API will use the SLO Etag; however, in JSON
container listings the multipart upload etag will be exposed
in a new "s3_etag" key. Previously, some S3 clients would complain
about download corruption when the ETag did not have a '-'.
- S3 ETag for SLOs now include a '-'.
Ordinary objects in S3 use the MD5 of the object as the ETag,
just like Swift. Multipart Uploads follow a different format, notably
including a dash followed by the number of segments. To that end
(and for S3 API requests *only*), SLO responses via the S3 API have a
literal '-N' added on the end of the ETag.
- The default location is now set to "us-east-1". This is more likely
to be the default region that a client will try when using v4
signatures.
Deployers with clusters that relied on the old implicit default
location of "US" should explicitly set ``location = US`` in the
``[filter:s3api]`` section of proxy-server.conf before upgrading.
- Add basic support for ?versions bucket listings. We still do not
have support for toggling S3 bucket versioning, but we can at least
support getting the latest versions of all objects.
- |
Fixed an issue with SSYNC requests to ensure that only one request
can be running on a partition at a time.
- |
Data encryption updates
- The ``kmip_keymaster`` middleware can now be configured directly in the
proxy-server config file. The existing behavior of using an external
config file is still supported.
- Multiple keymaster middlewares are now supported. This allows
migration from one key provider to another.
Note that ``secret_id`` values must remain unique across all keymasters
in a given pipeline. If they are not unique, the right-most keymaster
will take precedence.
When looking for the active root secret, only the right-most
keymaster is used.
- Prevent PyKMIP's kmip_protocol logger from logging at DEBUG.
Previously, some versions of PyKMIP would include all wire
data when the root logger was configured to log at DEBUG; this
could expose key material in logs. Only the ``kmip_keymaster`` was
affected.
- |
Fixed an issue where a failed drive could prevent the container sharder
from making progress.
- |
Storage policy definitions in swift.conf can now define the diskfile
to use to access objects. See the included swift.conf-sample file for
a description of usage.
- |
The EC reconstructor will now attempt to remove empty directories
immediately, while the inodes are still cached, rather than waiting
until the next run.
- |
Added a ``keep_idle`` config option to configure KEEPIDLE time for TCP
sockets. The default value is the old constant of 600.
- |
Add ``databases_per_second`` to the account-replicator,
container-replicator, and container-sharder. This prevents them from
using a full CPU core when they are not IO limited.
- |
Allow direct_client users to overwrite the ``X-Timestamp`` header.
- |
Various other minor bug fixes and improvements.