Mitaka Series Release Notes
- The minimum version of oslo.concurrency required has been changed from 3.5.0 to 3.7.1
- Fixed issue where module-apply after module-remove caused module-query to skip reporting on that module. Bug 1571799
- An invalid module driver is now logged correctly. Bug 1579900
- Fixes an issue with a failure to establish a new replica for MySQL in some cases where a replica already exists and some data has been inserted into the master. Bug 1563574
- Fixed wrong call in conductor when reporting a guest notification exception. Bug 1577848
- Do not remove MySQL root user on root-disable so that the proper status can be reported on restore. Bug 1549600
- Make guestagent reuse Cassandra connections to eliminate resource leaks. Bug 1566946.
- Support has been added for Cassandra backup and resture using the Nodetool utility.
- Implement configuration groups for Cassandra 2.1. You can now manage configuration of Cassandra datastores using the Trove configuration groups capability.
- This patch set implements the following functionality for Cassandra datastore.
create/delete/get user list users change password grant/revoke/list access update attributes
create/delete database list databases
Notes on Cassandra users
In Cassandra only SUPERUSERS can create other users and grant permissions to database resources. Trove uses the ‘os_admin’ superuser to perform its administrative tasks. It proactively removes the built-in ‘cassandra’ superuser on prepare. The users it creates are all ‘normal’ (NOSUPERUSER) accounts. The permissions it can grant are also limited to non-superuser operations. This is to prevent anybody from creating a new superuser via the Trove API. Updatable attributes include username and password.
The configuration template had to be updated to enable authentication and authorization support (original configuration allowed anonymous connections). Default implementations used are authenticator org.apache.cassandra.auth.PasswordAuthenticator authorizer org.apache.cassandra.auth.CassandraAuthorizer
The superuser password is set to a random Trove password which is then stored in a Trove-read-only file in ‘~/.cassandra/cqlshrc’ which is also the default location for client settings.
Notes on Cassandra keyspaces
Cassandra stores replicas on multiple nodes to ensure reliability and fault tolerance. All replicas are equally important; there is no primary or master. A replication strategy determines the nodes where replicas are placed. The total number of replicas across the cluster is referred to as the replication factor. The above ‘create database’ implementation uses ‘SimpleStrategy’ with just a single replica on the guest machine. This is a very simplistic configuration only good for the most basic applications and demonstration purposes. SimpleStrategy is for a single data center only. The following system keyspaces have been included in the default ‘ignore_dbs’ configuration list and therefore excluded from all database operations ‘system’, ‘system_auth’, ‘system_traces’
Notes on user rename
Cassandra does not have a native way for renaming users. The reason why Cassandra itself does not implement rename is apparently just lack of demand for that feature. We implement it by creating a new user, transferring permissions and dropping the old one (which also removes its existing permissions). I asked about the sanity of this rename approach on the Cassandra mailing list and IRC channel and there should not be anything inherently wrong with the proposed procedure. This method, however, requires the user to always provide a password.
Trove uses the official open-source Python driver for Cassandra to connect to the database and execute queries. The connection is implemented in CassandraConnection. It is now also used to obtain the current database status as opposed to the original method of parsing output of the client tool.
The ‘common/operating_system’ module was extended with two new functions for reading/writing ini-style and YAML configuration files to/from Python dicts. Unit tests were added to ‘guestagent/test_operating_system’.
The existing Manager unit tests were extended to include the added functionality.
Also includes some minor improvements to comments and log messages. Used the existing operating_system interface to update file ownership.
The system module was removed and its contents moved to the Application class. This is to reduce the number of files and help facilitate overriding.
- Support has been added for CouchDB Backup and Restore.
- Support has been added for CouchDB database and user functions.
- Support has been added for DB2 Express-C Backup and Restore.
- Additional Ceilometer notifications have been provided by Trove including create, end, error notifications for all state-changing API calls.
- OpenStack Trove now supports clustering for Cassandra datastores. You can access clustering capabilities through the Trove cluster API.
- OpenStack Trove now supports superuser access for the Cassandra datastore via the root-enable and root-disable API’s.
- OpenStack Trove now supports clustering for MariaDB datastores. You can access clustering capabilities through the Trove cluster API.
- Implements replication based on GTIDs for MariaDB. Adds GTID replication strategy for MariaDB. Implements MariaDB specific GTID handling in guestagent. Configures MariaDB config template to support bin logging. Adds MariaDB helper overrides to eliminate configuration group tests from scenario tests.
- A new feature called ‘module management’ has been added to Trove. Users can now create, update, list and delete modules. A module is a file that is provided to Trove, and when a database instance is launched, that file is deposited on the guest instance. This feature can be used for depositing files like, for example, license files onto guest database instances.
- Support has been added for Percona XtraBackup version 2.3.
- Adding the ability to root enable a pxc cluster.
- The adds support for pxc to grow a cluster. * api and taskmanager support for shrinking a cluster * validate that the networks given are the same for each instance in the cluster. * make sure to add the existing networks on an instance in the cluster. * add new Error task for grow and shrink. * nova client version configuration changed to a string option rather than an int option because the nova microversions change nova api output. This was needed for the network interfaces on existing instances. * testing for grow and shrink cluster
- Implemented configuration groups capability for Vertica datastores.
- Implemented grow and shrink for clusters of Vertica datastore. The number of nodes in the cluster must be greater than the number required to satisfy the min_ksafety configuration setting.
- Vertica comes with a User Defined Load function that takes a URL as a load source. This can be used to load files that are stored in Swift. As this is a common use case, it is valuable to enable this by default. This can be done in the post-prepare method for Vertica. A new UDL_LIBS list has been added that describes any UDLs to be loaded into the database. This change only has one entry - the curl function.
- Dropping support for python 2.6
- Fixes bug 1507841, provides a configuration setting to enable Role Based Access Control (RBAC) for MongoDB clusters. If mongodb.cluster_secure is set to False (default is True) then RBAC will be disabled.
- If given, apply the configuration overrides in prepare, just before creating initial users and/or databases. Failure to apply the given configuration should flip the instance into a failed state. Default implementation saves the overrides and restarts the database service to apply the changes. Datastores that do not require restart may potentially override the base implementation in ‘apply_overrides_on_prepare()’.
- The guest log code raises a non-serializable exception if the given Swift endpoint is invalid. This causes an ambiguous “Circular reference detected” error on the guest, and a timeout on the caller. This case is now caught and the correct exception raised.
- Fixes bug 1526024, a failure in growing a mongodb cluster because of a problem in the way in which passwords were synchronized with new query routers.
- Generate trove events for the current period, and not a future period.
- Filter ignored users in the original query before the result gets paginated (like in list_databases).
- Mongo cluster grow operations were not creating instances with the provided az and nic values. These should be used if the caller provided them.
- Fix bug 1537986 which corrects the pagination in the mysql user list command. When internal users (ignore_users) are eliminated from the list, the pagination was not correctly handled.
- Fixes bug 1558794. The 2.3 version of Percona XtraBackup performs some additional validations of the command line options passed to innobackupex. The Trove code now complies with the new validations being performed.
- Added CORS support.
- Refactor the datastore guest manager code.
- Starting with 1.0.0 osprofiler release config options needed for its workability are consolidated inside osprofiler itself.