Rocky Series Release Notes



  • Sharding improvements

    • The container-replicator now only attempts to fetch shard ranges if the remote indicates that it has shard ranges. Further, it does so with a timeout to prevent the process from hanging in certain cases.

    • The container-replicator now correctly enqueues container-reconciler work for sharded containers.

  • S3 API improvements

    • Fixed an issue where v4 signatures would not be validated against the body of the request, allowing a replay attack if request headers were captured by a malicious third party. Note that unsigned payloads still function normally.

    • CompleteMultipartUpload requests with a Content-MD5 now work.

    • Fixed v1 listings that end with a non-ASCII object name.

    • Multipart object segments are now actually deleted when the multipart object is deleted via the S3 API.

    • Fixed an issue that caused Delete Multiple Objects requests with large bodies to 400. This was previously fixed in 2.20.0.

    • Fixed an issue where non-ASCII Keystone EC2 credentials would not get mapped to the correct account. This was previously fixed in 2.20.0.

  • Background corruption-detection improvements

    • Detect and remove invalid entries from hashes.pkl

    • When object path is not a directory, just quarantine it, rather than the whole suffix.

  • Fixed a bug where encryption would store the incorrect key metadata if the object name starts with a slash.

  • Fixed an issue where an object server failure during a client download could leave an open socket between the proxy and client.

  • Static Large Object sizes in listings for versioned containers are now more accurate.

  • When refetching Static Large Object manifests, non-manifest responses are now handled better.

  • Cross-account symlinks now store correct account information in container listings. This was previously fixed in 2.22.0.

  • Requesting multiple ranges from a Dynamic Large Object now returns the entire object instead of incorrect data. This was previously fixed in 2.23.0.

  • When making backend requests, the proxy-server now ensures query parameters are always properly quoted. Previously, the proxy would encounter an error on Python 2.7.17 if the client included non-ASCII query parameters in object requests. This was previously fixed in 2.23.0.



  • Prevent PyKMIP's kmip_protocol logger from logging at DEBUG. Previously, some versions of PyKMIP would include all wire data when the root logger was configured to log at DEBUG; this could expose key material in logs. Only the kmip_keymaster was affected.

  • Fixed an issue where a failed drive could prevent the container sharder from making progress.

  • Fixed a bug in how Swift uses eventlet that was exposed under high concurrency.



  • Add support for multiple root encryption secrets for the trivial and KMIP keymasters. This allows operators to rotate encryption keys over time without needing to re-encrypt all existing data in the cluster. Please see the included sample config files for instructions on how to multiple encryption keys.

  • The object updater now supports two configuration settings: "concurrency" and "updater_workers". The latter controls how many worker processes are spawned, while the former controls how many concurrent container updates are performed by each worker process. This should speed the processing of async_pendings.

    On upgrade, a node configured with concurrency=N will still handle async updates N-at-a-time, but will do so using only one process instead of N.

    If you have a config file like this:

    concurrency = <N>

    and you want to take advantage of faster updates, then do this:

    concurrency = 8  # the default; you can omit this line
    updater_workers = <N>

    If you want updates to be processed exactly as before, do this:

    concurrency = 1
    updater_workers = <N>
  • When listing objects in a container in json format, static large objects (SLOs) will now include an additional new "slo_etag" key that matches the etag returned when requesting the SLO. The existing "hash" key remains unchanged as the MD5 of the SLO manifest. Text and XML listings are unaffected by this change.

  • Log deprecation warnings for run_pause. This setting was deprecated in Swift 2.4.0 and is replaced by interval. It may be removed in a future release.

  • Object reconstructor logs are now prefixed with information about the specific worker process logging the message. This makes reading the logs and understanding the messages much simpler.

  • Lower bounds of dependencies have been updated to reflect what is actually tested.

  • SSYNC replication mode now removes as much of the directory structure as possible as soon at it observes that the directory is empty. This reduces the work needed for subsequent replication passes.

  • The container-updater now reports zero objects and bytes used for child DBs in sharded containers. This prevents double-counting in utilization reports.

  • Add fallocate_reserve to account and container servers. This allows disks shared between account/container and object rings to avoid getting 100% full. The default value of 1% matches the existing default on object servers.

  • Added an experimental swift-ring-composer CLI tool to build composite rings.

  • Added an optional read_only middleware to make an entire cluster or individual accounts read only.

  • Fixed a bug where zero-byte PUTs would not work properly with "If-None-Match: *" conditional requests.

  • ACLs now work with unicode in user/account names.

  • COPY now works with unicode account names.

  • Improved S3 API compatibility.

  • Lock timeouts in the container updater are now logged at INFO level, not ERROR.

  • 様々な他のマイナーなバグ修正と改善。



  • Added container sharding, an operator controlled feature that may be used to shard very large container databases into a number of smaller shard containers. This mitigates the issues with one large DB by distributing the data across multiple smaller databases throughout the cluster. Please read the full overview at

  • Provide an S3 API compatibility layer. The external "swift3" project has been imported into Swift's codebase as the "s3api" middleware.

  • Added "emergency mode" hooks in the account and container replicators. These options may be used to prioritize moving handoff partitions to primary locations more quickly. This helps when adding capacity to a ring.

    • Added -d <devs> and -p <partitions> command line options.

    • Added a handoffs-only mode.

  • Add a multiprocess mode to the object replicator. Setting the replicator_workers setting to a positive value N will result in the replicator using up to N worker processes to perform replication tasks. At most one worker per disk will be spawned.

    Worker process logs will have a bit of information prepended so operators can tell which messages came from which worker. The prefix is "[worker M/N pid=P] ", where M is the worker's index, N is the total number of workers, and P is the process ID. Every message from the replicator's logger will have the prefix

  • The object reconstructor will now fork all available worker processes when operating on a subset of local devices.

  • Add support for PROXY protocol v1 to the proxy server. This allows the Swift proxy server to log accurate client IP addresses when there is a proxy or SSL-terminator between the client and the Swift proxy server. Example servers supporting this PROXY protocol include stunnel, haproxy, hitch, and varnish. See the sample proxy server config file for the appropriate config setting to enable or disable this functionality.

  • In the ratelimit middleware, account whitelist and blacklist settings have been deprecated and may be removed in a future release. When found, a deprecation message will be logged. Instead of these config file values, set X-Account-Sysmeta- Global-Write-Ratelimit:WHITELIST and X-Account-Sysmeta-Global- Write-Ratelimit:BLACKLIST on the particular accounts that need to be whitelisted or blacklisted. System metadata cannot be added or modified by standard clients. Use the internal client to set sysmeta.

  • Add a --drop-prefixes flag to swift-account-info, swift-container-info, and swift-object-info. This makes the output between the three more consistent.

  • statsd error messages correspond to 5xx responses only. This makes monitoring more useful because actual errors (5xx) will not be hidden by common user requests (4xx). Previously, some 4xx responses would be included in timing information in the statsd error messages.

  • Truncate error logs to prevent log handler from running out of buffer.

  • Updated requirements.txt to match global exclusions and formatting.

  • tempauth user names now support unicode characters.

  • 様々な他のマイナーなバグ修正と改善。