Stein Series Release Notes

8.0.1-2

Bug Fixes

  • The NetApp ONTAP driver is now fixed to unmount the original active share volume after one of its replica gets promoted.

  • The NetApp ONTAP driver is now fixed to set revert_to_snapshot_support to True or False depending upon SnapRestore License.

8.0.1

Bug Fixes

  • When manila API is run behind a proxy webserver, the API service was parsing the major API version requested incorrectly, leading to incorrect responses. This behavior has now been fixed. See launchpad bug 1818081 for more details.

  • Fixed an issue with the NetApp driver failing during a rollback operation in the share server creation.

8.0.0

Prelude

Added new tool manila-status upgrade check.

New Features

  • The manila-manage utility now has a new command to update the host attribute of shares. This is useful when the share manager process has been migrated to a different host, or if changes are made to the host config option or the backend section name in manila.conf. Execute manila-manage share update_host -h to see usage instructions.

  • New experimental APIs were introduced version 2.47 to retrieve export locations of share replicas. With API versions 2.46 and prior, export locations of non-active or secondary share replicas are included in the share export locations APIs, albeit these APIs do not provide all the necessary distinguishing information (availability zone, replica state and replica ID). See the API reference for more information regarding these API changes.

  • A new common user-visible share types extra-spec called “availability_zones” has been introduced. When using API version 2.48, user requests to create new shares in a specific availability zone will be validated against the configured availability zones of the share type. Similarly, users requests to create share groups and share replicas are validated against the share type availability_zones extra-spec when present. Users can also filter share types by one or more AZs that are supported by them.

  • New API policies (share:create_public_share and share:set_public_share) have been introduced for the “create” (POST /shares) and “update” (PUT /shares) APIs to validate requests to create publicly visible shares.

  • For NetApp CIFS share provisioning users can now specify the optional “server” API parameter to provide an active directory domain controller IP address for when creating a security service. Multiple IP addresses can be given separated by comma. This represents the “Preferred DC” at the vserver cifs domain.

  • The Neutron Port IDs and IP addresses of the network allocation when using the NetApp cDOT driver with DHSS=true are made accessible for administrators at share server backend_details of newly created share servers. Those are corresponding to the NetApp lifs of a vserver.

  • Added managing and unmanaging of share servers functionality to the Container Driver, allowing for shares to be managed and unmanaged.

  • Added APIs with default policy set to ‘rule:admin_api’ that allow managing and unmanaging share servers. Managing Share servers is useful for importing pre-existing shares and snapshots into Manila’s management when the driver is configured in driver_handles_share_servers enabled mode. Unmanaging removes manila share servers from the database without removing them from the back end. Managed share servers, or share servers that have had one or more shares unmanaged will not be deleted automatically when they do not have any shares managed by Manila, even if the config options [DEFAULT]/delete_share_server_with_last_share or [DEFAULT]/automatic_share_server_cleanup have been set to True.

  • Updated Manage Share API to be able to manage shares in driver_handles_share_servers enabled driver mode by supplying the Share Server ID.

  • Updated Unmanage Share and Unmanage Snapshot APIs to allow unmanaging shares and snapshots in driver_handles_share_servers enabled driver mode.

  • New framework for manila-status upgrade check command is added. This framework allows adding various checks which can be run before a Manila upgrade to ensure if the upgrade can be performed safely.

  • The NetApp ONTAP driver security service dns_ip parameter also takes a list of comma separated DNS IPs for vserver dns configuration. Allows HA setup, where DNS can be down for maintenance.

  • Added managing and unmanaging of share servers functionality to the NetApp driver, allowing for shares and snapshots to be managed and unmanaged in driver mode driver_handles_share_servers set to True.

  • Availability zones may now be configured per backend in a multi-backend configuration. Individual back end sections can now have the configuration option backend_availability_zone set. If set, this value will override the storage_availability_zone option from the [DEFAULT] section.

  • QNAP Manila driver supports QES FW on TDS series NAS.

  • Revert to snapshot support for Dell EMC Unity Manila driver.

  • Shrink share support has been added for Dell EMC Unity Manila driver.

Upgrade Notes

  • The Quobyte driver now provides an option to adapt the export path to the Quobyte NFS services PSEUDO path setting.

  • Operator can now use new CLI tool manila-status upgrade check to check if Manila deployment can be safely upgraded from N-1 to N release.

  • The storage_availability_zone option can now be overridden per backend by using the backend_availability_zone option within the backend stanza. This allows enabling multiple storage backends that may be deployed in different AZs in the same manila.conf file if desired, simplifying service architecture around the Share Replication feature.

  • For Dell EMC VMAX Manila driver, replaced emc_nas_pool_names with vmax_share_data_pools, emc_interface_ports with vmax_ethernet_ports, emc_nas_server_container with vmax_server_container.

Deprecation Notes

  • In API version 2.47, export locations APIs: GET /v2/{tenant_id}/shares/{share_id}/export_locations and GET /v2/{tenant_id}/shares/{share_id}/export_locations/​{export_location_id } no longer provide export locations of non-active or secondary share replicas where available. Use the newly introduced share replica export locations APIs to gather this information: GET /v2/{tenant_id}/share-replicas/{share_replica_id}/export-locations and GET /v2/{tenant_id}/share-replicas/{share_replica_id}/export -locations/{export_location_id}.

  • The API policies to create publicly visible shares (share:create_public_share) or modify existing shares to become publicly visible (share:set_public_share) have their default value changed to rule:admin_api. This means that these APIs (POST /shares and PUT /shares) will allow the ‘is_public’ parameter to be set to True in the request body if the requester’s role is set to an Administrator role. These policies will allow their previous default behavior in the Stein release (8.0.0) (i.e., any user can create publicly visible shares and even non-privileged users within a project can update their shares to become publicly visible). If the previous default behavior is always desired, deployers must explicitly set “share:create_public_share” and “share:set_public_share” to “rule:default” in their policy.json file.

  • The configuration option share_usage_audit_period from the [DEFAULT] section has been deprecated. Specifying this option never had any effect on manila and so it will be removed in an upcoming release. This option should not be confused with share_usage_size_update_interval from the back end section, which can be used to gather usage size for some back ends that support that feature.

  • The configuration option “memcached_servers” from the [DEFAULT] section is deprecated. This option has currently no effect and will be removed in future releases. To specify memcached servers for the authentication middleware when using keystone, please use the option “memcached_servers” from the [keystone_authtoken] configuration group.

  • The options ca_certificates_file, nova_ca_certificates_file, cinder_ca_certificates_file, api_insecure, nova_api_insecure and cinder_api_insecure have been deprecated from the DEFAULT group as well as nova, neutron and cinder configuration groups. Use cafile to specify the CA certificates and insecure to turn off SSL validation in these respective groups (nova, neutron and cinder).

  • For Dell EMC VMAX Manila driver, options emc_nas_pool_names, emc_interface_ports, emc_nas_server_container are deprecated.

Bug Fixes

  • Fixed multi segment neutron data save in NeutronBindNetworkPlugin to provide IP version for neutron port creation.

  • The NetApp ONTAP DHSS=True driver has been fixed to allow multiple shares to use the same ipspace and VLAN port across all subnets belonging to the same neutron network.

  • The all_tenants query parameter in the share networks API (GET /v2/{project_id}/share-networks) has been fixed to accept ‘f’, ‘false’, ‘off’, ‘n’, ‘no’, or ‘0’. Setting the flag to any of these values will retrieve security services only from the requester’s project namespace.

  • The all_tenants query parameter in the security services API (GET /v2/{project_id}/security-services) has been fixed to accept ‘f’, ‘false’, ‘off’, ‘n’, ‘no’, or ‘0’. Setting the flag to any of these values will retrieve security services only from the requester’s project namespace.

  • The ZFSOnLinux driver now retries unmounting zfs shares to perform the manage operation. See Launchpad bug 1785180 for details.

  • Pool stats collection has been fixed in the container driver to reflect the differences in formatting of information for the underlying volume groups across different operating systems.

  • The generic and LVM drivers have been fixed to always perform a filesystem check on newly created snapshots and derivative shares before attempting to assign a UUID to them. See Launchpad bug 1798219 for more details.

  • Added caching of host state map to speed up calls for scheduler-stats/pools/detail.

  • Share type quotas, usages and reservations will now be correctly cleaned up if a share type has been deleted. See launchpad bug #1811680 for details regarding the bug that prevented this cleanup prior.

  • Launchpad bug 1815038 has been fixed and now we correctly parse the base URL from manila’s endpoint url, accounting for proxy URLs.

  • APIs that were not returning a request ID (‘x-compute-request-id’) in the response headers have been fixed.

  • Access rule type for shares served via nfs-ganesha is now validated, fixing launchpad bug #1816420 where cephx access type was allowed though only ip access type is effective. This fix also validates access_level to ensure that it is set to RW or RO.

  • Shares backed by CephFS no longer have hard-coded mode 755. Use the cephfs_volume_mode configuration option to set another mode, such as 775 when using manila dynamic external storage provider with OpenShift. The default value remains 755 for backwards compatibility.

  • Launchpad bug 1809318 has been fixed. The deprecated options api_insecure and ca_certificates_file from nova, cinder, neutron or DEFAULT configuration groups no longer override the newer insecure option if provided. Always use insecure and cafile to control SSL and validation since the deprecated options will be removed in a future release.

  • Drivers using ganesha can now handle ‘manila access-allow <share-id> ip 0.0.0.0/0’ as a way to allow access to the share from all IPs.

  • Fixed the size value not being present in share snapshot instances, which caused the NetApp driver to crash when creating a share from a snapshot using python3.

  • Fixed an issue with the NetApp driver leaving leftover resources when it was handling too many share server creation and deletion requests in parallel.

  • Fixed an issue while getting efficiency status from the NetApp backend while creating or updating volumes.

  • Fixed the driver filter to not check for hard equality between the share_backend_name and the name reported by the host as it defeats the purpose of the capabilities filter giving the ability to use “<in>” selection operator in the extra-spec. Refer to Launchpad bug 1815700 for more details.

  • Fixed CIFS permission issue with Inspur AS13000 driver so that files and folders can be created and deleted correctly.

  • NetApp driver volume efficiency settings now behave consistently: like on volume creation now also modification, which is currently consumed by manage and migration, will make sure that deduplication and compression settings are applied correctly.

  • Fixed the QNAP driver so that the snapshot which does not exist in NAS will not be managed.

  • Fixed the QNAP driver so that the managed snapshot and the share which created from snapshot will not be inconsistent in some cases.

Other Notes

  • The “root_helper” configuration option from the [DEFAULT] section got removed. This option was not used anywhere in the codebase. Manila uses “sudo” together with “rootwrap” to allow unprivileged users running actions as root.