Queens Series Release Notes


Bug Fixes

  • Fix SLO delete for accounts with non-ASCII names.

  • Fixed an issue in COPY where concurrent requests may have copied the wrong data.

  • Fixed a bug in how Swift uses eventlet that was exposed under high concurrency.


New Features

  • Added symlink objects support.

    Symlink objects reference one other object. They are created by creating an empty object with an X-Symlink-Target header. The value of the header is of the format <container>/<object>, and the target does not need to exist at the time of symlink creation. Cross-account symlinks can be created by including the X-Symlink-Target-Account header.

    GET and HEAD requests to a symlink will operate on the referenced object and require appropriate permission in the target container. DELETE and PUT requests will operate on the symlink object itself. POST requests are not forwarded to the referenced object. POST requests sent to a symlink will result in a 307 Temporary Redirect response.

  • Added support for inline data segments in SLO manifests.

    Upgrade impact – during a rolling upgrade, an updated proxy server may write a manifest that an out-of-date proxy server will not be able to read. This will resolve itself once the upgrade completes on all nodes.

  • The tempurl digest algorithm is now configurable, and Swift added support for both SHA-256 and SHA-512. Supported tempurl digests are exposed to clients in /info. Additionally, tempurl signatures can now be base64 encoded.

  • Object expiry improvements

    • Disallow X-Delete-At header values equal to the X-Timestamp header.

    • X-Delete-At computation now uses X-Timestamp instead of system time. This prevents clock skew causing inconsistent expiry data.

    • Deleting an expiring object will now cause less work in the system. The number of async pending files written has been reduced for all objects and greatly reduced for erasure-coded objects. This dramatically reduces the burden on container servers.

    • Stopped logging tracebacks when receiving an unexpected response.

    • Allow the expirer to gracefully move past updating stale work items.

  • When the object auditor examines an object, it will now add any missing metadata checksums.

  • swift-ring-builder improvements

    • Save the ring when dispersion improves, even if balance doesn’t improve.

    • Improved the granularity of the ring dispersion metric so that small improvements after a rebalance can show changes in the dispersion number. Dispersion in existing and new rings can be recalculated using the new --recalculate option to swift-ring-builder.

    • Display more info on empty rings.

  • Fixed rare socket leak on range requests to erasure-coded objects.

  • The number of container updates on object PUTs (ie to update listings) has been recomputed to be far more efficient while maintaining durability guarantees. Specifically, object PUTs to erasure-coded policies will now normally result in far fewer container updates.

  • Moved Zuul v3 tox jobs into the Swift code repo.

  • Changed where liberasurecode-devel for CentOS 7 is referenced and installed as a dependency.

  • Added container/object listing with prefix to InternalClient.

  • Added --swift-versions to swift-recon CLI to compare installed versions in the cluster.

  • Stop logging tracebacks in the object-replicator when it runs out of handoff locations.

  • Send ETag header in 206 Partial Content responses to SLO reads.

  • Now swift-recon-cron works with conf.d configs.

  • Improved object-updater stats logging. It now tells you all of its stats (successes, failures, quarantines due to bad pickles, unlinks, and errors), and it tells you incremental progress every five minutes. The logging at the end of a pass remains and has been expanded to also include all stats.

  • If a proxy server is configured to autocreate accounts and the account create fails, it will now return a server error (500) instead of Not Found (404).

  • Fractional replicas are no longer allowed for erasure code policies.

  • Various other minor bug fixes and improvements.


New Features

  • Add checksum to object extended attributes.

  • Let clients request heartbeats during SLO PUTs by including the query parameter heartbeat=on.

    With heartbeating turned on, the proxy will start its response immediately with 202 Accepted then send a single whitespace character periodically until the request completes. At that point, a final summary chunk will be sent which includes a “Response Status” key indicating success or failure and (if successful) an “Etag” key indicating the Etag of the resulting SLO.

  • Added support for retrieving the encryption root secret from an external key management system. In practice, this is currently limited to Barbican.

  • Move listing formatting out to a new proxy middleware named listing_formats. listing_formats should be just right of the first proxy-logging middleware, and left of most other middlewares. If it is not already present, it will be automatically inserted for you.

    Note: if you have a custom middleware that makes account or container listings, it will only receive listings in JSON format.

  • Log deprecation warning for allow_versions in the container server config. Configure the versioned_writes middleware in the proxy server instead. This option will be ignored in a future release.

  • Replaced replication_one_per_device by custom count defined by replication_concurrency_per_device. The original config value is deprecated, but continues to function for now. If both values are defined, the old replication_one_per_device is ignored.

  • Fixed a rare issue where multiple backend timeouts could result in bad data being returned to the client.

  • Cleaned up logged tracebacks when talking to memcached servers.

  • Account and container replication stats logs now include remote_merges, the number of times a whole database was sent to another node.

  • Respond 400 Bad Request when Accept headers fail to parse instead of returning 406 Not Acceptable.

  • The domain_remap middleware now supports the mangle_client_paths option. Its default “false” value changes domain_remap parsing to stop stripping the path_root value from URL paths. If users depend on this path mangling, operators should set mangle_client_paths to “True” before upgrading.

  • Remove swift-temp-url script. The functionality has been in swiftclient for a long time and this script has been deprecated since 2.10.0.

  • Removed all post_as_copy related code and configs. The option has been deprecated since 2.13.0.

  • Fixed XML responses (eg on bulk extractions and SLO upload failures) to be more correct. The enclosing “delete” tag was removed where it doesn’t make sense and replaced with “extract” or “upload” depending on the context.

  • Static Large Object (SLO) manifest may now (again) have zero-byte last segments.

  • Fixed an issue where background consistency daemon child processes would deadlock waiting on the same file descriptor.

  • Removed a race condition where a POST to an SLO could modify the X-Static-Large-Object metadata.

  • Accept a trade off of dispersion for balance in the ring builder that will result in getting to balanced rings much more quickly in some cases.

  • Fixed using swift-ring-builder set_weight with more than one device.

  • When requesting objects, return 404 if a tombstone is found and is newer than any data found. Previous behavior was to return stale data.

Other Notes

  • Various other minor bug fixes and improvements.