Xena Series Release Notes

13.0.3-16

Security Issues

  • The SSH utility module no longer logs usernames and passwords as debug information.

Bug Fixes

  • The GET /shares/{share_id} API now responds with HTTP 404 (Not Found) for inaccessible resources. See bug 1901210 for further information.

  • NetApp OnTap driver Bug #1915237: Fixed encryption compatibility check on manila share migrate.

  • Adds a check when associating a security service to a share network, so that both resources must have the same project_id. If not, HTTP Bad Request is raised.

  • Fixed an issue that caused Manila to return all projects’ share replicas even when the user was not an administrator. Now, when the user is not an administrator, only the replicas in the project perspective are going to be displayed. For more details, please refer to Launchpad Bug #1922243

  • The CephFS driver no longer fails to delete access rules that were never applied or were missing from the back end storage. See LP #1971530 for more details.

  • During share network create API, if either share network or share network subnet db creation fails, manila raises an exception. However quota is not rolled back and its usable only after quota reservations timed out (waiting conf.reservation_expire seconds). Fixed by introducing immediate quota rollback in case any db create api fails.

  • Goodness_function expects integer or float else raise parseException. This causes example such as “(share.share_proto == ‘CIFS’) ? 100 : 50” to fail during evaluation. Fix it by adding support of string evalution.

  • Deployers now can specify [glance]endpoint_type configuration option (defaults to publicURL for backward compatibility) so that Manila uses Glance endpoint other than the public one (see bug 1991396).

13.0.3

Bug Fixes

  • Fixed an issue with ONTAP AFF platforms while creating shares that forced volumes to have efficient data saving even when the contrary was specified. For more details, please refer to launchpad bug #1929421

13.0.2

Known Issues

  • User specified scheduler hints such as “same_host” and “different_host” are stored as share metadata with keys such as “__affinity_same_host” and “__affinity_different_host” respectively. These can be manipulated or deleted by end users like all metadata unless prevented by RBAC policy. In a future release, the service will restrict the deletion or manipulation of these specific metadata items.

Bug Fixes

  • Fixed an issue during snapshot creation where a database error was being mishandled with dead code. See Launchpad bug 1475351 for more details.

13.0.1

Bug Fixes

  • NetApp cDOT driver Custom port configuration using netapp_server_port was accidentally ignored after a refactor. This option should now be properly read. See Launchpad bug 1945365 for more details.

  • When cephfs_ganesha_server_ip is not set, the current hostname is used as a default for such config option. The driver was treating this value as an IP address and trying to perform validations on it. The CEPH NFS driver will no longer treat hostnames as ip addresses and try to validate them as such.

13.0.0

New Features

  • Added Pure Storage FlashBlade driver. Driver supports NFS protocol. Share operations include create, delete, resize, snapshot and revert-to-snapshot.

  • ‘reserved_share_from_snapshot_percentage’ backend config option allows Manila to consider different reservation percentage for shares that are being created from the snapshot. In case this config option is not set, the shares created from snapshot will use reservation percentage value set in ‘reserved_share_percentage’. This will be useful for users who want to keep same reservation percentage for both non-snapshot/regular and snapshot shares.

  • Added share server migration enhancements. Share back ends that support non-disruptive migration are able to do so, in case no network changes were identified and if the back end driver supports reusing ip addresses.

  • Add AffinityFilter and AntiAffinityFilter to manila’s scheduler. These hard affinity and anti-affinity filter needs user to specify affinity/anti-affinity share ids to the field “share.scheduler_hints.same_host” or “share.scheduler_hints.different_host” in the request payload when creating a manila share. The hints are stored as share metadata. The filter properties are populated from this metadata during share migration and so filters will be applied when migrating a manila share.

  • The NetApp ONTAP driver now supports nondisruptive share server migration for clusters with version >= 9.10.

  • The NetApp driver has been working with FlexVol ONTAP volumes. The driver does not support scaling FlexVol volumes higher than 100 TiB, which was a theoretical limit for the large namespace that these containers were meant to handle. ONTAP’s Flexgroup volumes eliminate such limitations. So, added the support for provisioning share as FlexGroup in the NetApp driver.

    The FlexGroup provision is enabled by new option netapp_enable_flexgroup, which will make the driver report a single pool represeting all aggregates. The selection on which aggregates the FlexGroup share will reside is up to ONTAP. If the administrator desires to control that selection through Manila scheduler, the configuration option netapp_flexgroup_pools can be used to tune the storage pool layout.

    When enabling FlexGroup, the FlexVol pools continue enabled by default. For having only FlexGroup, the new option netapp_flexgroup_pool_only must be set to True.

    Now, each NetApp pool will report the capability: netapp_flexgroup informing which type of share resides there (FlexGroup or FlexVol).

    The following operations are allowed with FlexGroup shares (DHSS True/False and NFS/CIFS):

    • Create/Delete share;

    • Shrink/Extend share;

    • Create/Delete snapshot;

    • Revert to snapshot;

    • Manage/Unmanage snapshots;

    • Create from snapshot;

    • Replication;

    • Manage/Unmanage shares;

    FlexGroup feature requires ONTAP version 9.8 or newer. Replication with more than one non-active replica per share requires ONTAP 9.9.1 or newer.

  • NetApp ONTAP driver: added support for readable replication. The driver will continue having support for the dr type as well.

Upgrade Notes

  • To add AffinityFilter and AntiAffinityFilter to an active deployment, their references must be added to the manila.scheduler.filters section in setup.cfg and must be enabled in manila.conf.

  • MON write caps are not longer needed to interact with the backend on the Ceph drivers. The capabilities of the driver user (configured with cephfs_auth_id) can hence be reduced. See the administrator docs for the capabilities required.

  • Deprecations made prior to the Ussuri release have been enforced, with the following impact to manila.conf:

    • The deprecated memcached_servers option in the [DEFAULT] section had no effect and has been removed.

    • The deprecated share_usage_audit_period option in the [DEFAULT] section had no effect and has been removed.

    • The deprecated nova_api_microversion option in the [DEFAULT] has been removed. Use ‘api_microversion’ in the [nova] section instead.

    • The deprecated ca_certificates_file option in the [DEFAULT], [nova], [cinder], and [neutron] sections had no effect and has been removed.

    • The deprecated nova_ca_certificates_file option in the [DEFAULT] section had no effect and has been removed.

    • The deprecated cinder_ca_certificates_file option in the [DEFAULT] section had no effect and has been removed.

    • The deprecated api_insecure option in the [DEFAULT], [nova], [cinder], and [neutron[ sections had no effect and has been removed.

    • The deprecated nova_api_insecure option in the [DEFAULT] section had no effect and has been removed.

    • The deprecated cinder_api_insecure option in the [DEFAULT] section had no effect and has been removed.

    • The deprecated migration_tmp_location option is no longer recognized. Use mount_tmp_location instead.

    • The network_api_class option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The neutron_url option can no longer be set in the [DEFAULT] section. Use the url option in the [neutron] section instead.

    • The neutron_url_timeout option can no longer be set in the [DEFAULT] section. Use the url_timeout option in the [neutron] section instead.

    • The auth_strategy option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton instead.

    • The neutron_physical_net_name option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton instead.

    • The neutron_net_id option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton instead.

    • The neutron_subnet_id option for neutron can no longer be set in the [DEFAULT] section. Set it in the [neutron] secton insteaad.

    • The standalone_network_plugin_gateway option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The standalone_network_plugin_mask option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The standalone_network_plugin_type option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The standalone_network_plugin_segmentation_id option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The standalone_network_plugin_allowed_ip_ranges option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The standalone_network_plugin_mtu option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The deprecated migration_readonly_rules_support is longer recognized. All manila back ends are now required to support read only access rules.

    • The deprecated Dell-EMC PowerMax vmax_server_container option is no longer recognized. Use powermax_server_container instead.

    • The deprecated Dell-EMC PowerMax vmax_share_data_pools option is no longer recognized. Use powermax_share_data_pools instead.

    • The deprecated Dell-EMC PowerMax vmax_ethernet_ports option is no longer recognized. Use powermax_ethernet_ports instead.

    • The deprecated Dell-EMC Unity emc_nas_server_pool option is no longer recognized. Use unity_server_meta_pool instead.

    • The deprecated Dell-EMC Unity emc_nas_pool_names option is no longer recognized. Use unity_share_data_pools instead.

    • The deprecated Dell-EMC Unity emc_interface_ports option is no longer recognized. Use unity_ethernet_ports instead.

    • The deprecated Dell-EMC Unity emc_nas_server_container option has no effect and has been removed.

    • The deprecated Dell-EMC VNX emc_nas_server_container option has been removed. Use vnx_server_container instead.

    • The deprecated Dell-EMC VNX emc_nas_pool_names option has been removed. Use vnx_share_data_pools instead.

    • The deprecated Dell-EMC VNX emc_interface_ports option has been removed. Use vnx_ethernet_ports instead.

    • The deprecated GlusterFS glusterfs_native_server_password option has been removed. Use glusterfs_server_password instead.

    • The deprecated GlusterFS glusterfs_native_path_to_private_key option has been removed. Use glusterfs_path_to_private_key instead.

    • The deprecated GlusterFS glusterfs_targets option has been removed. Use glusterfs_servers instead.

    • The deprecated Hitachi HNAS hds_hnas_driver_helper option has been removed. Use hitachi_hnas_driver_helper instead.

    • The deprecated Hitachi HNAS hds_hnas_ip option has been removed. Use hitachi_hnas_ip instead.

    • The deprecated Hitachi HNAS hds_hnas_user option has been removed. Use hitachi_hnas_user instead.

    • The deprecated Hitachi HNAS hds_hnas_password option has been removed. Use hitachi_hnas_password instead.

    • The deprecated Hitachi HNAS hds_hnas_evs_id option has been removed. Use hitachi_evs_id instead.

    • The deprecated Hitachi HNAS hds_hnas_file_system_name option has been removed. Use hitachi_hnas_file_system_name instead.

    • The deprecated Hitachi HNAS hds_hnas_cluster_admin_ip0 option has been removed. Use hitachi_hnas_cluster_admin_ip0 instead.

    • The deprecated Hitachi HNAS hds_hnas_stalled_job_timeout option has been removed. Use hitachi_hnas_stalled_job_timeout instead.

    • The deprecated Hitachi HNAS hds_hnas_driver_helper option has been removed. Use hitachi_hnas_driver_helper instead.

    • The deprecated Hitachi HNAS hds_hnas_allow_cifs_snapshot_while_mounted option has been removed. Use hitachi_allow_cifs_snapshot_while_mounted instead.

    • The deprecated HPE 3PAR hp3par_api_url option has been removed. Use hpe3par_api_url instead.

    • The deprecated HPE 3PAR hp3par_username option has been removed. Use hpe3par_username instead.

    • The deprecated HPE 3PAR hp3par_password option has been removed. Use hpe3par_password instead.

    • The deprecated HPE 3PAR hp3par_san_ip option has been removed. Use hpe3par_san_ip instead.

    • The deprecated HPE 3PAR hp3par_san_login option has been removed. Use hpe3par_san_login instead.

    • The deprecated HPE 3PAR hp3par_san_password option has been removed. Use hpe3par_san_password instead.

    • The deprecated HPE 3PAR hp3par_san_ssh_port option has been removed. Use hpe3par_san_ssh_port instead.

    • The deprecated HPE 3PAR hp3par_fpg option has been removed. Use hpe3par_fpg instead.

    • The deprecated HPE 3PAR hp3par_fstore_per_share option has been removed. Use hpe3par_fstore_per_share instead.

    • The deprecated HPE 3PAR hp3par_debug option has been removed. Use hpe3par_debug instead.

    • The deprecated HPE 3PAR hp3par_cifs_admin_access_username option has been removed. Use hpe3par_cifs_admin_access_username instead.

    • The deprecated HPE 3PAR hp3par_cifs_admin_access_password option has been removed. Use hpe3par_cifs_admin_access_password instead.

    • The deprecated HPE 3PAR hp3par_cifs_admin_access_domain option has been removed. Use hpe3par_cifs_admin_access_domain instead.

    • The deprecated HPE 3PAR hp3par_share_mount_path option has been removed. Use hpe3par_share_mount_path instead.

    • The deprecated IBM GPFS knfs_export_options option had no effect and has been removed.

    • The deprecated Netapp netapp_nas_server_hostname option has been removed. Use netapp_server_hostname instead.

    • The deprecated Netapp netapp_nas_transport_type option has been removed. Use netapp_transport_type instead.

    • The deprecated Netapp netapp_nas_login option has been removed. Use netapp_login instead.

    • The deprecated Netapp netapp_nas_password option has been removed. Use netapp_password instead.

    • The deprecated Netapp netapp_nas_volume_name_template option has been removed. Use netapp_volume_name_template instead.

    • The deprecated Netapp netapp_root_volume_name option has been removed. Use netapp_root_volume instead.

    • The deprecated Nexenta nexenta_host option has been removed. Use nexenta_nas_host instead.

    • The enable_pre_hooks option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The enable_post_hooks option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The enable_periodic_hooks option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The enable_pre_hooks_errors option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The enable_post_hooks_errors option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The periodic_hooks_interval option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The hook_drivers option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The automatic_share_server_cleanup option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The unused_share_server_cleanup_interval option can no longer be set in the [DEFAULT] section. Set it in backend sections instead.

    • The cinder_cross_az_attach option can no longer be set in the [DEFAULT] section. Use cross_az_attach in the [CINDER] section instead.

    • The cinder_http_retries option can no longer be set in the [DEFAULT] section. Use http_retries in the [CINDER] section instead.

Deprecation Notes

  • Configuration options to define default quota and behavior of the quota feature must now be configured in the new [quota] section rather than the [DEFAULT] section. The existing options in the [DEFAULT] section have been deprecated and will be removed in a future release. Options that have changed in this releases are:

    • [quota]/shares - previously [DEFAULT]/shares_quota

    • [quota]/snapshots - previously [DEFAULT]/snapshots_quota

    • [quota]/gigabytes - previously [DEFAULT]/quota_gigabytes

    • [quota]/per_share_gigabytes - previously [DEFAULT]/quota_per_share_gigabytes

    • [quota]/snapshot_gigabytes - previously [DEFAULT]/quota_snapshot_gigabytes

    • [quota]/share_networks - previously [DEFAULT]/quota_share_networks

    • [quota]/share_groups - previously [DEFAULT]/quota_share_groups

    • [quota]/share_group_snapshots - previously [DEFAULT]/quota_share_group_snapshots

    • [quota]/share_replicas - previously [DEFAULT]/quota_share_replicas

    • [quota]/replica_gigabytes - previously [DEFAULT]/quota_replica_gigabytes

    • [quota]/until_refresh - previously [DEFAULT]/until_refresh

    • [quota]/reservation_expire previously [DEFAULT]/reservation_expire

    • [quota]/driver - previously [DEFAULT]/quota_driver

    • [quota]/max_age - previously [DEFAULT]/max_age

  • Create share group snapshot feature is no longer supported in manila CephFS drivers (both Native and NFS Ganesha) since the subvolume group snapshot feature is no longer supported in mainline CephFS (existing group snapshots can still be listed and deleted).

Bug Fixes

  • An issue with RPC handling on service restart was addressed by ensuring proper initialization before creating the RPC consumer. See bug 1271568 for more details.

  • Launchpad bug 1855391 has been fixed. The action of extend share will go through scheduler, if there is no available share backend host, the share will rollback to available state and create an user message about extend.

  • Fixed bug #1881865 Added generic fuzzy matching logic to the database layer, This logic is applied to query share snapshot list, This will greatly improve the speed of paging fuzzy queries.

  • For some drivers, to create a share with specific protocol it is mandatory to add a security service to the share network beforehand. If this is forgotten the share ends up in error. From now on, Manila won’t allow shares to be created when the specified protocol requires a specific security service type that is not associated to the share network.

  • Authentication errors when loading service clients of OpenStack Compute (nova), OpenStack Image (glance), OpenStack Volume (cinder) and OpenStack Networking (neutron) services are now handled in a better manner.

  • Fixed bug #1922075 Fixed the problem that “gluster volume set nfs.rpc-auth-reject ‘*’” failed when the glusterfs driver created an instance from a snapshot.

  • Fix the query logic for share network list, put “created_since”, “created_before” search opts into database to increase query speed, integrate the database query interface.

  • mgr-commands are now directed to the mgr-daemon instead of the mon-daemon in the CephFS drivers

  • Fixed NotFound error in share replica periodic tasks. It could happen that the parent share of the replica that was being worked on had already been deleted.

  • Fixed periodic_share_replica_update() to skip active replicas similarly to periodic_share_replica_snapshot_update(). The intention is to check on non-active replicas, that can be ‘in_sync’, ‘out_of_sync’ or in ‘error’ state.

  • View-only relationships in database objects have been appropriately tagged to avoid sqlalchemy deprecation messages flooding the log files.

  • Corrected an error message for attempts to create snapshots from shares that do not support this operation. The message said that the share backend has no such support but that is not always true. The original share for the snapshot does not support snapshots because it was created with a share type without the snapshot_support extra-spec set, irrespective of whether the back end used can itself support snapshots or not.

  • Fixed an issue that made migrated shares with replication support to do not have a share instance with its replica_state set to active. Now, when the share supports replication, the destination share instance will have its replica state set as active right after the migration gets completed. For more details, please refer to bug 1927060

  • Filtering shares by share-type “extra_specs” as key=value now returns the expected output.

  • A Ceph version check has been added as part of this change to address the absense of the mon-mgr target in Ceph Nautilus. With this change, Ceph Nautilus users can leverage their storage backend with the OpenStack manila Wallaby release.

  • The Infinidat driver’s been fixed to process single IP Addresses (/32) correctly. See bug 1934345 for more details.

  • NetApp driver: fixed an issue with the ONTAP 9.8 and older, for scoped account users, where the operation of deleting a replica was not working, but returned a message of success. For more details, please refer to launchpad bug #1934889

  • Change cifs value from string to list for Dell manila drivers. Fixed bug 1940072

  • New user message now alerts users when attempting to create a new share without identifying a share type, either through request body or by setting a default share type. See bug #1870280 for more details.