Ussuri Series Release Notes



  • If your cluster has encryption enabled and is still running Swift under Python 2, we recommend upgrading Swift before transitioning to Python 3. Otherwise, new writes to objects with non-ASCII characters in their paths may result in corrupted downloads when read from a proxy-server still running old swift on Python 2. See bug 1888037 for more information.

  • The above bug was caused by a difference in string types that resulted in ambiguity when decrypting. To prevent the ambiguity for new data, set meta_version_to_write = 3 in your keymaster configuration after upgrading all proxy servers.

    If upgrading from Swift 2.20.0 or Swift 2.19.1 or earlier, set meta_version_to_write = 1 in your keymaster configuration prior to upgrading.

    See the provided keymaster.conf-sample for more information about this setting.


  • Python 3 bug fixes:

    • Fixed an error when reading encrypted data that was written while running Python 2 for a path that includes non-ASCII characters.

    • Object expiration respects the expiring_objects_container_divisor config option.

    • fallocate_reserve may be specified as a percentage in more places.

    • The ETag-quoting middleware no longer raises TypeErrors.

  • Improved how containers reclaim deleted rows to reduce locking and object update throughput.

  • Fix a proxy-server error when retrieving erasure coded data when there are durable fragments but not enough to reconstruct.

  • Fixed some SignatureDoesNotMatch errors when using the AWS .NET SDK.

  • Region name config option is now respected when configuring S3 credential caching.



  • WSGI server processes can now notify systemd when they are ready.

  • Added a new middleware that allows users and operators to configure accounts and containers to use RFC-compliant (i.e., double-quoted) ETags. This may be useful when using Swift as an origin for some content delivery networks. For more information, see the middleware documentation.

  • Added ttfb (Time to First Byte) and pid (Process ID) to the set of available proxy-server log fields. For more information, see the documentation.


  • Improved proxy-server performance by reducing unnecessary locking, memory copies, and eventlet scheduling.

  • Reduced object-replicator and object-reconstructor CPU usage by only checking that the device list is current when rings change.

  • Improved performance of sharded container listings when performing prefix listings.

  • Improved container-sync performance when data has already been deleted or overwritten.

  • Account quotas are now enforced even on empty accounts.

  • Getting an SLO manifest with ?format=raw now responds with an ETag that matches the MD5 of the generated body rather than the MD5 of the manifest stored on disk.

  • Provide useful status codes in logs for some versioning and symlink subrequests that were previously logged as 499.

  • Fixed 500 from cname_lookup middleware. Previously, if the looked-up domain was used by domain_remap to update the request path, the server would respond Internal Error.

  • On Python 3, fixed an issue when reading or writing objects with a content type like message/*. Previously, Swift would fail to respond.

  • On Python 3, fixed a RecursionError in swift-dispersion-report when using TLS.

  • Fixed a bug in the new object versioning API that would cause more than limit results to be returned when listing.

  • 様々な他のマイナーなバグ修正と改善。



  • Added a new object versioning mode, with APIs for querying and accessing old versions. For more information, see the documentation.

  • Added support for S3 versioning using the above new mode.

  • Added a new middleware to allow accounts and containers to opt-in to RFC-compliant ETags. For more information, see the documentation. Clients should be aware of the fact that ETags may be quoted for RFC compliance; this may become the default behavior in some future release.

  • Proxy, account, container, and object servers now support "seamless reloads" via SIGUSR1. This is similar to the existing graceful restarts but keeps the server socket open the whole time, reducing service downtime.

  • New buckets created via the S3 API will now store multi-part upload data in the same storage policy as other data rather than the cluster's default storage policy.

  • Device region and zone can now be changed via swift-ring-builder. Note that this may cause a lot of data movement on the next rebalance as the builder tries to reach full dispersion.

  • Added support for Python 3.8.


  • Per-service auto_create_account_prefix settings are now deprecated and may be ignored in a future release; if you need to use this, please set it in the [swift-constraints] section of /etc/swift/swift.conf.


  • The container sharder can now handle containers with special characters in their names.

  • Internal client no longer logs object DELETEs as status 499.

  • Objects with an X-Delete-At value in the far future no longer cause backend server errors.

  • The bulk extract middleware once again allows clients to specify metadata (including expiration timestamps) for all objects in the archive.

  • Container sync now synchronizes static symlinks in a way similar to static large objects.

  • swift_source is set for more sub-requests in the proxy-server. See the documentation.

  • Errors encountered while validating static symlink targets no longer cause BadResponseLength errors in the proxy-server.

  • On Python 3, the KMS keymaster now works with secrets stored in Barbican with a text/plain payload-content-type.

  • On Python 3, the formpost middleware now works with unicode file names.

  • On Python 3, certain S3 API headers are now lower case as they would be coming from AWS.

  • Several utility scripts now work better on Python 3:

    • swift-account-audit

    • swift-dispersion-populate

    • swift-drive-recon

    • swift-recon