Xena Series Release Notes

13.2.0-15

Bug Fixes

  • Changed the error and status code that was raisedwhen share types are not handled in shares api

  • Make snapshot names in CephFS drivers shorter toavoid limitation in Ceph clusters which truncatesthe subvolume name and makes the snapshots inaccesible.

  • NetApp driverbug #1982808: Fixed issuepreventing the storage system from proper clean up unused SnapMirrorsnapshots after a replica promote, significantly increasing the amountof space consumed in ONTAP volumes by snapshots.

  • Share replicas in stateerror_deleting are now skipped during periodicupdates. For more details, please refer tolaunchpad bug #2024556

  • Share server backend details set function adds db records withoutchecking existing entries. This results in duplicate records for thecombination of given share server id and key. Fixed it by updating recordsif already exist else creating new. See thelaunchpad bug 2024658 for more details.

  • The “manage” API for snapshots now validates the format of“provider_location” and “share_id” fields and handles errorsappropriately. These fields are expected to contain string values.

  • Theupdated_at field is correctly set on share and snapshot accessrules when an update has been made on the database.

  • The CephFS driver uses aRemoveExport DBUS API call to the NFS/Ganeshaservice when a user deletes an access rule, or when deleting the share.If this call fails, the driver now provides a log of the failure, andcontinues cleaning up. Prior to this change, share deletion could fail ifthe service failed the DBUS command to drop the export. This would leavethe share with an “error_deleting” status, needing administratorintervention. Seebug #2035572for more information.

  • NetApp driverbug #2069125:Fixed the issue for the NetApp ONTAP driver in the ZAPI workflow,where certain vserver accounts failed to add access rules for a sharewhen the vserver network interface was not configured with kerberos.

13.2.0

New Features

  • The special.snapshot directories for shares created by theInfinidat driver can now be controlled through configuration options:infinidat_snapdir_accessible andinfinidat_snapdir_visible.By default, each share allows access to its own.snapshot directory,which contains files and directories of each snapshot taken. To restrictaccess to the.snapshot directory, theinfinidat_snapdir_accessibleshould be set toFalse. Theinfinidat_snapdir_visible optioncontrols visibility of the.snapshot directory. By default, the.snapshot directory is hidden. To make the.snapshot directoryvisible on the client side, this option should be set toTrue.

Bug Fixes

  • Launchpad bug 1968891has been fixed. scheduler will use size increase rather than share sizeto calculate provisioned_ratio when extending share.

  • Add the filesystem info in the exports created by the CephFS NFS driver.This fixes inconsistencies when deploying Manila with CephFS NFS withmultiple filesystems.

  • Infinidat Driverbug #1992443:Fixed an issue in Infinidat driver to support host assisted migration.Thesnapdir_visible filesystem property must be disabled to hide.snapshot directory on the client side. However, this behavior canbe changed using theinfinidat_snapdir_visible configuration option.

  • Fixed an issue that made the CephFS driver to override the permissions ina share. Aftera bugfix, Ceph’sidempotent creation of shares had a change on its behavior. If a sharemode was modified outside of Manila, or the configuration value forcephfs_volume_mode was changed in Manila when shares had already beencreated, these shares would have their mode changed while Manila attemptedto ensure that such share exists using the idempotent creation, potentiallybreaking clients. The CephFS driver will no longer send create calls to thebackend when ensuring a share exists. For more details, please refer toBug #2002394

13.1.0

Bug Fixes

  • Infinidat Driverbug #1986653:Fixed Infinidat driver to use TLS/SSL communication between the Manilashare service and the storage backend. Admin can setTrue orFalsefor theinfinidat_use_ssl andinfinidat_suppress_ssl_warnings optionsin the driver section of manila.conf to enable or disable these features.

13.0.4

Security Issues

  • The SSH utility module no longer logs usernames and passwords asdebug information.

Bug Fixes

  • The GET /shares/{share_id} API now responds with HTTP 404 (Not Found)for inaccessible resources. Seebug 1901210 for further information.

  • NetApp OnTap driverBug #1915237:Fixed encryption compatibility check on manila share migrate.

  • Adds a check when associating a security service to a share network, so that both resources must have the same project_id. If not, HTTP Bad Request is raised.

  • Fixed an issue that caused Manila to return all projects’ share replicaseven when the user was not an administrator. Now, when the user is not anadministrator, only the replicas in the project perspective are going tobe displayed. For more details, please refer toLaunchpad Bug #1922243

  • The CephFS driver no longer fails to delete access rules that were neverapplied or were missing from the back end storage. SeeLP #1971530 for more details.

  • During share network create API, if either share network or share networksubnet db creation fails, manila raises an exception. However quota is notrolled back and its usable only after quota reservations timed out (waitingconf.reservation_expire seconds). Fixed by introducing immediate quotarollback in case any db create api fails.

  • Goodness_function expects integer or float else raise parseException. Thiscauses example such as “(share.share_proto == ‘CIFS’) ? 100 : 50” to failduring evaluation. Fix it by adding support of string evalution.

  • Deployers now can specify[glance]endpoint_type configuration option(defaults topublicURL for backward compatibility)so that Manila uses Glance endpoint other than the public one(seebug 1991396).

13.0.3

Bug Fixes

  • Fixed an issue with ONTAP AFF platforms while creating shares that forcedvolumes to have efficient data saving even when the contrary wasspecified. For more details, please refer tolaunchpad bug #1929421

13.0.2

Known Issues

  • User specified scheduler hints such as “same_host” and “different_host”are stored as share metadata with keys such as “__affinity_same_host” and“__affinity_different_host” respectively. These can be manipulated ordeleted by end users like all metadata unless prevented by RBAC policy.In a future release, the service will restrict the deletion ormanipulation of these specific metadata items.

Bug Fixes

  • Fixed an issue during snapshot creation where a database error was beingmishandled with dead code. SeeLaunchpad bug 1475351 for more details.

13.0.1

Bug Fixes

  • NetApp cDOT driver Custom port configuration usingnetapp_server_portwas accidentally ignored after a refactor. This option should now beproperly read. SeeLaunchpad bug 1945365for more details.

  • Whencephfs_ganesha_server_ip is not set, the current hostname is usedas a default for such config option. The driver was treating this valueas an IP address and trying to perform validations on it. The CEPH NFSdriver will no longer treat hostnames as ip addresses and try to validatethem as such.

13.0.0

New Features

  • Added Pure Storage FlashBlade driver.Driver supports NFS protocol.Share operations include create, delete, resize, snapshot and revert-to-snapshot.

  • ‘reserved_share_from_snapshot_percentage’ backend config option allowsManila to consider different reservation percentage for shares that arebeing created from the snapshot.In case this config option is not set, the shares created from snapshotwill use reservation percentage value set in ‘reserved_share_percentage’.This will be useful for users who want to keep same reservation percentagefor both non-snapshot/regular and snapshot shares.

  • Added share server migration enhancements. Share back ends that supportnon-disruptive migration are able to do so, in case no network changeswere identified and if the back end driver supports reusing ip addresses.

  • Add AffinityFilter and AntiAffinityFilter to manila’s scheduler. These hard affinity and anti-affinity filter needs user to specify affinity/anti-affinity share ids to the field “share.scheduler_hints.same_host” or “share.scheduler_hints.different_host” in the request payload when creating a manila share. The hints are stored as share metadata. The filter properties are populated from this metadata during share migration and so filters will be applied when migrating a manila share.

  • The NetApp ONTAP driver now supports nondisruptive share server migrationfor clusters with version >= 9.10.

  • The NetApp driver has been working with FlexVol ONTAP volumes.The driver does not support scaling FlexVol volumes higher than100 TiB, which was a theoretical limit for the large namespace thatthese containers were meant to handle. ONTAP’s Flexgroup volumeseliminate such limitations. So, added the support for provisioningshare as FlexGroup in the NetApp driver.

    The FlexGroup provision is enabled by new optionnetapp_enable_flexgroup, which will make the driver report a singlepool represeting all aggregates. The selection on which aggregates theFlexGroup share will reside is up to ONTAP. If the administrator desiresto control that selection through Manila scheduler, the configurationoptionnetapp_flexgroup_pools can be used to tune the storage poollayout.

    When enabling FlexGroup, the FlexVol pools continue enabled by default.For having only FlexGroup, the new optionnetapp_flexgroup_pool_onlymust be set toTrue.

    Now, each NetApp pool will report the capability:netapp_flexgroup informingwhich type of share resides there (FlexGroup or FlexVol).

    The following operations are allowed with FlexGroup shares (DHSSTrue/False and NFS/CIFS):

    • Create/Delete share;

    • Shrink/Extend share;

    • Create/Delete snapshot;

    • Revert to snapshot;

    • Manage/Unmanage snapshots;

    • Create from snapshot;

    • Replication;

    • Manage/Unmanage shares;

    FlexGroup feature requires ONTAP version 9.8 or newer.Replication with more than one non-active replica per share requiresONTAP 9.9.1 or newer.

  • NetApp ONTAP driver: added support forreadable replication. The driverwill continue having support for thedr type as well.

Upgrade Notes

  • To add AffinityFilter and AntiAffinityFilter to an active deployment, their references must be added to the manila.scheduler.filters section in setup.cfg and must be enabled in manila.conf.

  • MON write caps are not longer needed to interact with the backendon the Ceph drivers. The capabilities of the driver user (configured withcephfs_auth_id)can hence be reduced. See theadministrator docsfor the capabilities required.

  • Deprecations made prior to the Ussuri release have been enforced, with the following impact tomanila.conf:

    • The deprecatedmemcached_servers option in the [DEFAULT] section had no effect and has been removed.

    • The deprecatedshare_usage_audit_period option in the [DEFAULT] section had no effect and has been removed.

    • The deprecatednova_api_microversion option in the [DEFAULT] has been removed. Use ‘api_microversion’ in the [nova] section instead.

    • The deprecatedca_certificates_file option in the [DEFAULT], [nova], [cinder], and [neutron] sections had no effect and has been removed.

    • The deprecatednova_ca_certificates_file option in the [DEFAULT] section had no effect and has been removed.

    • The deprecatedcinder_ca_certificates_file option in the [DEFAULT] section had no effect and has been removed.

    • The deprecatedapi_insecure option in the [DEFAULT], [nova], [cinder], and [neutron[ sections had no effect and has been removed.

    • The deprecatednova_api_insecure option in the [DEFAULT] section had no effect and has been removed.

    • The deprecatedcinder_api_insecure option in the [DEFAULT] section had no effect and has been removed.

    • The deprecatedmigration_tmp_location option is no longer recognized. Usemount_tmp_location instead.

    • Thenetwork_api_class option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Theneutron_url option can no longer be set in the [DEFAULT] section. Use theurl option in the [neutron] section instead.

    • Theneutron_url_timeout option can no longer be set in the [DEFAULT] section. Use theurl_timeout option in the [neutron] section instead.

    • Theauth_strategy option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton instead.

    • Theneutron_physical_net_name option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton instead.

    • Theneutron_net_id option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton instead.

    • Theneutron_subnet_id option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton insteaad.

    • Thestandalone_network_plugin_gateway option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Thestandalone_network_plugin_mask option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Thestandalone_network_plugin_type option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Thestandalone_network_plugin_segmentation_id option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Thestandalone_network_plugin_allowed_ip_ranges option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Thestandalone_network_plugin_mtu option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The deprecatedmigration_readonly_rules_support is longer recognized. All manila back ends are now required to support read only access rules.

    • The deprecated Dell-EMC PowerMaxvmax_server_container option is no longer recognized. Usepowermax_server_container instead.

    • The deprecated Dell-EMC PowerMaxvmax_share_data_pools option is no longer recognized. Usepowermax_share_data_pools instead.

    • The deprecated Dell-EMC PowerMaxvmax_ethernet_ports option is no longer recognized. Usepowermax_ethernet_ports instead.

    • The deprecated Dell-EMC Unityemc_nas_server_pool option is no longer recognized. Useunity_server_meta_pool instead.

    • The deprecated Dell-EMC Unityemc_nas_pool_names option is no longer recognized. Useunity_share_data_pools instead.

    • The deprecated Dell-EMC Unityemc_interface_ports option is no longer recognized. Useunity_ethernet_ports instead.

    • The deprecated Dell-EMC Unityemc_nas_server_container option has no effect and has been removed.

    • The deprecated Dell-EMC VNXemc_nas_server_container option has been removed. Usevnx_server_container instead.

    • The deprecated Dell-EMC VNXemc_nas_pool_names option has been removed. Usevnx_share_data_pools instead.

    • The deprecated Dell-EMC VNXemc_interface_ports option has been removed. Usevnx_ethernet_ports instead.

    • The deprecated GlusterFSglusterfs_native_server_password option has been removed. Useglusterfs_server_password instead.

    • The deprecated GlusterFSglusterfs_native_path_to_private_key option has been removed. Useglusterfs_path_to_private_key instead.

    • The deprecated GlusterFSglusterfs_targets option has been removed. Useglusterfs_servers instead.

    • The deprecated Hitachi HNAShds_hnas_driver_helper option has been removed. Usehitachi_hnas_driver_helper instead.

    • The deprecated Hitachi HNAShds_hnas_ip option has been removed. Usehitachi_hnas_ip instead.

    • The deprecated Hitachi HNAShds_hnas_user option has been removed. Usehitachi_hnas_user instead.

    • The deprecated Hitachi HNAShds_hnas_password option has been removed. Usehitachi_hnas_password instead.

    • The deprecated Hitachi HNAShds_hnas_evs_id option has been removed. Usehitachi_evs_id instead.

    • The deprecated Hitachi HNAShds_hnas_file_system_name option has been removed. Usehitachi_hnas_file_system_name instead.

    • The deprecated Hitachi HNAShds_hnas_cluster_admin_ip0 option has been removed. Usehitachi_hnas_cluster_admin_ip0 instead.

    • The deprecated Hitachi HNAShds_hnas_stalled_job_timeout option has been removed. Usehitachi_hnas_stalled_job_timeout instead.

    • The deprecated Hitachi HNAShds_hnas_driver_helper option has been removed. Usehitachi_hnas_driver_helper instead.

    • The deprecated Hitachi HNAShds_hnas_allow_cifs_snapshot_while_mounted option has been removed. Usehitachi_allow_cifs_snapshot_while_mounted instead.

    • The deprecated HPE 3PARhp3par_api_url option has been removed. Usehpe3par_api_url instead.

    • The deprecated HPE 3PARhp3par_username option has been removed. Usehpe3par_username instead.

    • The deprecated HPE 3PARhp3par_password option has been removed. Usehpe3par_password instead.

    • The deprecated HPE 3PARhp3par_san_ip option has been removed. Usehpe3par_san_ip instead.

    • The deprecated HPE 3PARhp3par_san_login option has been removed. Usehpe3par_san_login instead.

    • The deprecated HPE 3PARhp3par_san_password option has been removed. Usehpe3par_san_password instead.

    • The deprecated HPE 3PARhp3par_san_ssh_port option has been removed. Usehpe3par_san_ssh_port instead.

    • The deprecated HPE 3PARhp3par_fpg option has been removed. Usehpe3par_fpg instead.

    • The deprecated HPE 3PARhp3par_fstore_per_share option has been removed. Usehpe3par_fstore_per_share instead.

    • The deprecated HPE 3PARhp3par_debug option has been removed. Usehpe3par_debug instead.

    • The deprecated HPE 3PARhp3par_cifs_admin_access_username option has been removed. Usehpe3par_cifs_admin_access_username instead.

    • The deprecated HPE 3PARhp3par_cifs_admin_access_password option has been removed. Usehpe3par_cifs_admin_access_password instead.

    • The deprecated HPE 3PARhp3par_cifs_admin_access_domain option has been removed. Usehpe3par_cifs_admin_access_domain instead.

    • The deprecated HPE 3PARhp3par_share_mount_path option has been removed. Usehpe3par_share_mount_path instead.

    • The deprecated IBM GPFSknfs_export_options option had no effect and has been removed.

    • The deprecated Netappnetapp_nas_server_hostname option has been removed. Usenetapp_server_hostname instead.

    • The deprecated Netappnetapp_nas_transport_type option has been removed. Usenetapp_transport_type instead.

    • The deprecated Netappnetapp_nas_login option has been removed. Usenetapp_login instead.

    • The deprecated Netappnetapp_nas_password option has been removed. Usenetapp_password instead.

    • The deprecated Netappnetapp_nas_volume_name_template option has been removed. Usenetapp_volume_name_template instead.

    • The deprecated Netappnetapp_root_volume_name option has been removed. Usenetapp_root_volume instead.

    • The deprecated Nexentanexenta_host option has been removed. Usenexenta_nas_host instead.

    • Theenable_pre_hooks option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Theenable_post_hooks option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Theenable_periodic_hooks option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Theenable_pre_hooks_errors option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Theenable_post_hooks_errors option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Theperiodic_hooks_interval option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Thehook_drivers option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Theautomatic_share_server_cleanup option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Theunused_share_server_cleanup_interval option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • Thecinder_cross_az_attach option can no longer be set in the [DEFAULT] section. Usecross_az_attach in the [CINDER] section instead.

    • Thecinder_http_retries option can no longer be set in the [DEFAULT] section. Usehttp_retries in the [CINDER] section instead.

Deprecation Notes

  • Configuration options to define default quota and behavior of the quotafeature must now be configured in the new[quota] section rather thanthe[DEFAULT] section. The existing options in the[DEFAULT]section have been deprecated and will be removed in a future release.Options that have changed in this releases are:

    • [quota]/shares - previously[DEFAULT]/shares_quota

    • [quota]/snapshots - previously[DEFAULT]/snapshots_quota

    • [quota]/gigabytes - previously[DEFAULT]/quota_gigabytes

    • [quota]/per_share_gigabytes - previously[DEFAULT]/quota_per_share_gigabytes

    • [quota]/snapshot_gigabytes - previously[DEFAULT]/quota_snapshot_gigabytes

    • [quota]/share_networks - previously[DEFAULT]/quota_share_networks

    • [quota]/share_groups - previously[DEFAULT]/quota_share_groups

    • [quota]/share_group_snapshots - previously[DEFAULT]/quota_share_group_snapshots

    • [quota]/share_replicas - previously[DEFAULT]/quota_share_replicas

    • [quota]/replica_gigabytes - previously[DEFAULT]/quota_replica_gigabytes

    • [quota]/until_refresh - previously[DEFAULT]/until_refresh

    • [quota]/reservation_expire previously[DEFAULT]/reservation_expire

    • [quota]/driver - previously[DEFAULT]/quota_driver

    • [quota]/max_age - previously[DEFAULT]/max_age

  • Create share group snapshot feature is no longer supportedin manila CephFS drivers (both Native and NFS Ganesha) sincethe subvolume group snapshot feature is no longer supportedin mainline CephFS (existing group snapshots can stillbe listed and deleted).

Bug Fixes

  • An issue with RPC handling on service restart was addressed by ensuringproper initialization before creating the RPC consumer. Seebug 1271568 for more details.

  • Launchpad bug 1855391has been fixed. The action of extend share will go through scheduler, ifthere is no available share backend host, the share will rollback toavailable state and create an user message about extend.

  • Fixedbug #1881865Added generic fuzzy matching logic to the database layer, This logic isapplied to query share snapshot list, This will greatly improve the speedof paging fuzzy queries.

  • For some drivers, to create a share with specific protocol it is mandatoryto add a security service to the share network beforehand. If this isforgotten the share ends up in error. From now on, Manila won’t allowshares to be created when the specified protocol requires a specificsecurity service type that is not associated to the share network.

  • Authentication errors when loading service clients of OpenStack Compute(nova), OpenStack Image (glance), OpenStack Volume (cinder) and OpenStackNetworking (neutron) services are now handled in a better manner.

  • Fixedbug #1922075Fixed the problem that “gluster volume set nfs.rpc-auth-reject ‘*’”failed when the glusterfs driver created an instance from a snapshot.

  • Fix the query logic for share network list, put “created_since”,“created_before” search opts into database to increase query speed,integrate the database query interface.

  • mgr-commands are now directed to the mgr-daemon instead of the mon-daemonin the CephFS drivers

  • Fixed NotFound error in share replica periodic tasks. It could happen that the parent share of the replica that was being worked on had already been deleted.

  • Fixed periodic_share_replica_update() to skip active replicas similarly to periodic_share_replica_snapshot_update(). The intention is to check on non-active replicas, that can be ‘in_sync’, ‘out_of_sync’ or in ‘error’ state.

  • View-only relationships in database objects have been appropriatelytagged to avoid sqlalchemy deprecation messages flooding the log files.

  • Corrected an error message for attempts to create snapshots from sharesthat do not support this operation. The message said that the sharebackend has no such support but that is not always true. The originalshare for the snapshot does not support snapshots because it was createdwith a share type without thesnapshot_support extra-spec set,irrespective of whether the back end used can itself support snapshotsor not.

  • Fixed an issue that made migrated shares with replication support to donot have a share instance with itsreplica_state set to active. Now,when the share supports replication, the destination share instance willhave its replica state set as active right after the migration getscompleted. For more details, please refer tobug 1927060

  • Filtering shares by share-type “extra_specs” askey=value now returns the expected output.

  • A Ceph version check has been added as part of this change to addressthe absense of the mon-mgr target in Ceph Nautilus. With this change,Ceph Nautilus users can leverage their storage backend with theOpenStack manila Wallaby release.

  • The Infinidat driver’s been fixed to process single IP Addresses (/32)correctly. Seebug 1934345 formore details.

  • NetApp driver: fixed an issue with the ONTAP 9.8 and older, for scopedaccount users, where the operation of deleting a replica was not working,but returned a message of success. For more details, please refer tolaunchpad bug #1934889

  • Change cifs value from string to list for Dell manila drivers.Fixedbug 1940072

  • New user message now alerts users when attempting to create a newshare without identifying a share type, either through request bodyor by setting a default share type. Seebug #1870280 for more details.