Current Series Release Notes¶

22.0.0.0rc1-36¶

The Hitachi HSP share driver previously hardcoded verify=False on all HTTPS requests to the HSP backend, disabling TLS certificate validation with no option to enable it. This could allow man-in-the-middle attacks on the management network. Two new configuration options have been added to address this: hitachi_hsp_ssl_cert_verify (default True) and hitachi_hsp_ssl_cert_path (optional CA bundle path). The global urllib3 warning suppression has also been removed.

Improved the purge_deleted_records database cleanup logic to process each table in an independent transaction instead of a single long-running transaction. This reduces the duration of table locks during purge.

Improved share replica replication efficiency by avoiding redundant database lookups for replica metadata. For more details, please refer to Launchpad bug #2144676.

Fixed a regression where filtering the services list by an invalid or unrecognized status value returned an error instead of an empty list. This was inadvertently introduced by the change that added support for filtering services by the ensuring status. The previous behavior of returning an empty list for non-matching status filters has been restored. For more details, please refer to launchpad bug #2146491.

Fixed the services list API to return an empty list and log a warning when an invalid value is provided for the ensuring filter parameter, consistent with how the status filter parameter is handled. Bug #2146840

Fixed a race condition in manila.context.RequestContext where an AttributeError occurred during object initialization. Attributes such as read_deleted, remote_address, timestamp, quota_class and service_catalog are now initialized before calling the parent class constructor to ensure they are available for any early calls to to_dict() made by the oslo_context.

Fixed the Hitachi HSP share driver to support configurable TLS certificate verification instead of hardcoding verify=False. LP#2146476