Pike Series Release Notes

5.1.0-4

Security Issues

  • CVE-2020-9543: An issue with share network retrieval has been addressed in the API by scoping unprivileged access to project only. Please see launchpad bug #1861485 for more details.

5.1.0

Upgrade Notes

  • For Dell EMC VMAX Manila driver, replaced emc_nas_pool_names with vmax_share_data_pools, emc_interface_ports with vmax_ethernet_ports, emc_nas_server_container with vmax_server_container.

Deprecation Notes

  • For Dell EMC VMAX Manila driver, options emc_nas_pool_names, emc_interface_ports, emc_nas_server_container are deprecated.

Bug Fixes

  • Share type quotas, usages and reservations will now be correctly cleaned up if a share type has been deleted. See launchpad bug #1811680 for details regarding the bug that prevented this cleanup prior.

  • APIs that were not returning a request ID (‘x-compute-request-id’) in the response headers have been fixed.

  • Fixed the driver filter to not check for hard equality between the share_backend_name and the name reported by the host as it defeats the purpose of the capabilities filter giving the ability to use “<in>” selection operator in the extra-spec. Refer to Launchpad bug 1815700 for more details.

5.0.3

Bug Fixes

  • Fixed a bug in the Quobyte driver that allowed share resizing to incorrectly address the share to be resized in the backend.

5.0.2

Bug Fixes

  • For the latest Python 2.7 release, urllib uses the SSL certification while launching URL connection by default, which causes Huawei driver failed to connect backend storage because it doesn’t support SSL certification. Utilize the requests lib for Huawei driver instead, and set no SSL certification for backend storage connection.

  • Changed sync mount permanently logic in the Generic driver to select the newly mounted share from /etc/mtab and insert it into /etc/fstab. Added corresponding remove mount permanently functionality.

  • Error message changed for manage API.

  • Fixed issue where locales other than POSIX and en_US.UTF-8 might cause the translate_string_size_to_float method to fail on a comma decimal separator instead of a period decimal separator.

  • Fixed creation of security group and security group rule - neutronclient mapping

  • The NetApp ONTAP driver has been fixed to honor the share size as requested when creating shares from an existing snapshot.

  • The Launchpad bug 1717392 has been fixed and database downgrades do not fail if the database contains deleted access rules. Database downgrades are not recommended in production environments.

  • Fixed the database update query for the drivers’ private data store that was failing to update any rows marked as deleted.

  • Non admin users may invoke GET /share-networks and GET /security-services APIs with the ‘all-tenants’ flag in the query, however, the flag is ignored, and only resources belonging to the project will be served. This API change was made to fix bug 1721787 in the manila client project.

  • The database migration has been adjusted to work with mariadb >= 10.2.8 by ensuring that a primary key constraint is first dropped and re-added when a column is removed that is part of it

  • rabbitmq password is no longer exposed in the logs when debugging is enabled.

  • The ZFSOnLinux driver now retries unmounting zfs shares to perform the manage operation. See Launchpad bug 1785180 for details.

  • New shares created on a Quobyte backend are now initialized with the correct quota.

  • fixes a bug causing incorrect quotas being set in the backend when resizing Quobyte shares.

  • Change the CIFS mounting parameter of Huawei driver from form “user=” to “username=”, which is compatible in various OS.

  • The Quobyte driver now handles updated error codes from Quobyte API versions 1.4+ .

  • Removed confusing manila.db.sqlalchemy model messages indicating deprecated properties for share_type, host, share_server_id, share_network_id, available_zone. These are exposed in the API as properties of shares and are not in fact actually deprecated as such.

  • When use driver_handles_share_servers driver, reset the tap device after manila-share service start.

  • Use Oslo’s logging features to securely output the configuration options for Manila.

5.0.1

Bug Fixes

  • Fixed the NetApp ONTAP driver to handle reverting to replicated and migrated snapshots.

5.0.0

New Features

  • It is now possible to filter shares and share instances with export location ID or path.

  • Added periodic task to gather share usage size.

  • Validation of IPv6 based addresses has been added for allow access API when access type is IP.

  • Added like filter support in shares, snapshots, share-networks, share-groups list APIs.

  • Added perodic task to clean up expired reservation at manila scheduler service.

  • Added quotas for amount of share groups and share group snapshots.

  • Added possibility to set quotas per share type. It is useful for deployments with multiple backends that are accessible via different share types.

  • added two new fields to share groups API - ‘availability_zone_id’ and ‘consistent_snapshot_support’ to be able to get to know these attributes of a share group.

  • Manila API service now can be run using web servers that support WSGI applications.

  • Beginning in API version 2.33, share access APIs return “created_at” and “updated_at” for each access rule as part of the JSON response.

  • Added NFS protocol support for shares backed by CephFS.

  • Added a periodic task which cleans up expired user messages. Cleanup interval can be set by message_reap_interval config option.

  • Dell EMC Unity driver is changed to create shares with the available space instead of allocated space as the same as the size specified by user.

  • Dell EMC Unity driver version is changed to 3.0.0 for Pike release.

  • The new class ganesha.GaneshaNASHelper2 in the ganesha library uses dynamic update of export feature of NFS-Ganesha versions v2.4 or newer to modify access rules of a share in a clean way. It modifies exports created per share rather than per share access rule (as with ganesha.GaneshaNASHelper) that introduced limitations and unintuitive end user experience.

  • Adds support to generate Guru Meditation Reports(GMR) for manila services. GMR provides useful debugging information that can be used to obtain an accurate view on the current live state of the system. For example, what threads are running, what configuration parameters are in effect, and more.

  • Added new config option ‘lvm_share_export_ips’ which allows a list of IP addresses to use for export locations for the LVM driver. Every share created will be exported on every IP address. This new option supercedes ‘lvm_share_export_ip’.

  • The NetApp driver now supports Quality of Service extra specs. To create a share on ONTAP with qos support, set the ‘qos’ extra-spec in your share type to True and use one of ‘netapp:maxiops’ and ‘netapp:maxbps’ scoped extra-specs to set absolute limits. To set size based limits, use scoped extra-specs ‘netapp:maxiopspergib’ or ‘netapp:maxbpspergib’. QoS policies on the back end are created exclusive to each manila share.

  • Added optional extra spec ‘ipv4_support’ and ‘ipv6_support’ for share type.

  • Added new capabilities ‘ipv4_support’ and ‘ipv6_support’ for IP based drivers.

  • Added IPv6 support in network plugins. (support either IPv6 or IPv4)

  • Added IPv6 support in the lvm driver. (support both IPv6 and IPv4)

  • Switched to tooz internal heartbeat feature in the coordination system.

  • Added new user messages API - GET /messages, GET /messages/<message_id> and DELETE /messages/<message_id>.

  • Added sorting, filtering and pagination to the user messages listing.

  • Added ‘message_ttl’ configuration option which can be used for configuring message expiration time.

Upgrade Notes

  • Added enable_gathering_share_usage_size and share_usage_size_update_interval options in the manila.conf file to allow configuration of gathering share usage size support and to allow configuration of interval time of gathering share usage size.

  • Two new config options are available for setting default quotas for share groups and share group snapshots - ‘quota_share_groups’ and ‘quota_share_group_snapshots’.

  • Deprecated path ‘manila.api.openstack:FaultWrapper’ to ‘FaultWrapper’ was removed and now only current path is available, which is ‘manila.api.middleware.fault:FaultWrapper’.

  • After upgrading, rename lvm_share_export_ip to lvm_share_export_ips in the manila.conf file to avoid a deprecation warning. As long as the list remains a single element, functionality is unchanged.

  • A new configuration option ‘netapp_qos_policy_group_name_template’ has been added to allow overriding the naming of QoS policies created by the NetApp driver.

  • To use the CephFS driver, which enables CephFS access via the native Ceph protocol, set the share_driver in the driver section of the config file as manila.share.drivers.cephfs.driver.CephFSDriver. The previous share_driver setting in Mitaka/Newton/Ocata releases manila.share.drivers.cephfs.cephfs_native.CephFSNativeDriver would still work (usually until one more release, Queens, as part of standard deprecation process.), but it’s usage is no longer preferred.

  • Added emc_ssl_cert_verify and emc_ssl_cert_path options for VNX SSL verification. For more details, see OpenStack official documentation.

Deprecation Notes

  • The ‘lvm_share_export_ip’ option is deprecated and will be removed. Use ‘lvm_share_export_ips’ instead.

  • Deprecated ‘coordination.heartbeat’, ‘coordination.initial_reconnect_backoff’ and ‘coordination.max_reconnect_backoff’ configuration options which are not used anymore.

Critical Issues

  • The “host” field is no longer returned in the JSON response of the /shares and /share-replicas APIs when these APIs are invoked with non-admin privileges. Applications that depend on this field must be updated as necessary. The value of this field is privileged information and the request context must specify administrator privileges when using these APIs for the “host” field to be present. The use of “host” as a filter key in the GET /shares API is controlled with the policy “list_by_host”. This policy defaults to “rule:admin_api”.

Bug Fixes

  • Re-enabled the consistent snapshot code in the NetApp driver, now compatible with the Manila Share Groups API instead of the deprecated and removed Manila Consistency Groups API.

  • Fixed HNAS driver error when creating or deleting snapshots caused by concurrency in backend.

  • The Windows driver issues regarding share creation have been fixed.

  • Fixed share replica status update concurrency in share replica promotion feature. Before it was possible to see two active replicas, having ‘dr’ or ‘readable’ type of replication, performing ‘share replica promotion’ action. Now, replica that becomes active is always updated last, so, at some period of time we will have zero ‘active’ replicas at once instead of two of them.

  • Fixed HNAS driver version according to the new content added in the Ocata release.

  • Fixed task_state field in the share model being set to migration_success before actually completing a share migration.

  • Quobyte share extend/shrink operations now work with all Quobyte API versions

  • Fixed host-assisted share migration not deleting the source share from the storage backend upon completion.

  • Changed user access name limit from 32 to 255 characters since there are security services that allow user names longer than 32 characters.

  • When upgrading manila to a new release, if a share driver has added support for storage pools in the new release, shares belonging to such drivers would be iteratively updated by manila. This is done by querying the back end driver for the storage pool that each share is hosted within. A bug affecting the database update in this path has been fixed.

  • Retry to initialize the manila-share driver for every backend in case there was an error during initialization. That way even a temporary broken backend can be initialized later without restarting manila-share.

  • Fixed the prerequisite of GPFS path export needed for initializing driver.

  • The NetApp ONTAP driver has been fixed to ensure the “security style” on CIFS shares is always “ntfs”.

  • The NetApp cDOT DHSS=True drivers have been fixed to not assume that share servers are only provisioned on segmented (VLAN) networks.

  • A new exception will be thrown when a default share type was not configured and no other share type was specified on any sort of share creation.

  • Fixed the NetApp driver to report the correct value of the “preferred” export location metadata where it cannot determine if there are any “preferred” export locations.

  • The NetApp driver has been fixed to ensure that share type changes during driver optimized share migration will result in correction of share properties as per the requested extra-specs.

  • Fix the exact filters (name, description) in shares, snapshots, share-networks list can be filter by inexact value. We got the error because the description filter will be skipped in shares, snapshots list API, and we will directly remove the inexact filter flag(‘~’) and process the exact filters (name, description) by inexact filter logic. Now, we added description filter in shares, snapshots list, and check whether the filter keys has the ‘~’ in the end in shares, snapshots, share-networks list firstly.

  • The access-allow API accepts ipv6 rules and ignores them if the configured backend does not support ipv6 access rules. However, when the access-deny API is invoked to remove such rules, they used to be stuck in “denying” state. This bug has been fixed and ipv6 access rules can be denied successfully.

  • Changed implementation of revert-to-snapshot in LVM driver to be synchronous, preventing failure of subsequent operations.

  • Fixed application of access rules with type ip and netmask length 0 in the NFSHelper plugin, affecting LVM and Generic drivers. Previously these rules silently failed to apply.

  • Fixed share instance list with limit number API display error. Change _collection_name to _collection_links when we want to show instances_links.

  • Adapted policy.json file to correct snapshot policy values.

  • Fix the issue of deleting share server in VNX driver. The VNX driver failed to detect the NFS interface of share server, so the detach and deletion of NFS interface were skipped.

  • Fixed bug in Dell EMC Unity driver that caused shares created from snapshots to contain data from the original shares, instead of data from their snapshots.

Other Notes

  • Changing the default value of ‘gpfs_nfs_server_type’ configuration parameter from KNFS to CES as Spectrum Scale provide NFS service with Ganesha server by default.