diff --git a/.mailmap b/.mailmap index c4137526a9..b4e5d5019a 100644 --- a/.mailmap +++ b/.mailmap @@ -135,3 +135,4 @@ Gilles Biannic gillesbiannic melissaml Ashwin Nair indianwhocodes Romain de Joux +Takashi Natsume diff --git a/AUTHORS b/AUTHORS index f28613ad8f..89996d5a40 100644 --- a/AUTHORS +++ b/AUTHORS @@ -40,6 +40,7 @@ Aaron Rosen (arosen@nicira.com) Ade Lee (alee@redhat.com) Adrian Smith (adrian_f_smith@dell.com) Adrien Pensart (adrien.pensart@corp.ovh.com) +afariasa (afariasa@redhat.com) Akihiro Motoki (amotoki@gmail.com) Akihito Takai (takaiak@nttdata.co.jp) Alex Gaynor (alex.gaynor@gmail.com) @@ -143,6 +144,7 @@ Dmitriy Ukhlov (dukhlov@mirantis.com) Dmitry Ukov (dukov@mirantis.com) Dolph Mathews (dolph.mathews@gmail.com) Donagh McCabe (donagh.mccabe@gmail.com) +dongu (gmj03003@gmail.com) Doron Chen (cdoron@il.ibm.com) Doug Hellmann (doug@doughellmann.com) Doug Weimer (dweimer@gmail.com) @@ -256,7 +258,7 @@ Keshava Bharadwaj (kb.sankethi@gmail.com) Kiyoung Jung (kiyoung.jung@kt.com) Koert van der Veer (koert@cloudvps.com) Konrad Kügler (swamblumat-eclipsebugs@yahoo.de) -Kota Tsuyuzaki (kota.tsuyuzaki.pc@hco.ntt.co.jp) +Kota Tsuyuzaki (bloodeagle40234@gmail.com) Ksenia Demina (kdemina@mirantis.com) Kuan-Lin Chen (kuanlinchen@synology.com) Kun Huang (gareth@unitedstack.com) @@ -399,7 +401,7 @@ Steve Martinelli (stevemar@ca.ibm.com) Steven Lang (Steven.Lang@hgst.com) Sushil Kumar (sushil.kumar2@globallogic.com) Takashi Kajinami (tkajinam@redhat.com) -Takashi Natsume (natsume.takashi@lab.ntt.co.jp) +Takashi Natsume (takanattie@gmail.com) TheSriram (sriram@klusterkloud.com) Thiago da Silva (thiagodasilva@gmail.com) Thibault Person (thibault.person@ovhcloud.com) diff --git a/CHANGELOG b/CHANGELOG index 08bed3d357..39c8ac7f16 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,98 @@ +swift (2.31.0) + + * S3 API improvements + + * Fixed a security issue in how `s3api` handles XML parsing that allowed + authenticated S3 clients to read arbitrary files from proxy servers. + Refer to CVE-2022-47950 for more information. + + * Fixed a server error when handling malformed CompleteMultipartUpload + requests. + + * Improved error reporting when attempting to set invalid `X-Delete-At` + or `X-Delete-After` values via the S3 API. + + * Sharding improvements + + * Sync more shard ranges from the root database to the shards. This + helps ensure shard range repairs effected at the root make their way + to shards that would otherwise be stuck trying to further divide + into sub-shards. + + * Added a `merge` subcommand to `swift-manage-shard-ranges` to merge + arbitrary shard ranges into a container DB. Minimal safety checks + are performed; it should only be used for emergency shard range + manipulation by expert users. + + * Improved performance of `delimiter` listings for sharded containers. + + * Added more safety checks to the `repair` subcommand of + `swift-manage-shard-ranges`. + + * Better handle `EOFError` and `KeyboardInterrupt` when prompting for + input in `swift-manage-shard-ranges`. + + * Warnings are now emitted when sharding appears to have become stuck. + Use the new `container_sharding_timeout` option to configure the + "stuck" threshold; the default is 48 hours. + + * Stop warning about transient overlaps when auditing shard ranges. + + * Metrics improvements + + * Added timing stats for memcached operations. + + * Renamed and improved the granularity of shard range cache and + backend stats. Metrics dashboards may need to be updated. + + * Emit stats when backend nodes are error-limited. + + * Added support for Python 3.10. + + * Added an optional `backend_ratelimit` middleware for backend servers. + See the backend server sample configuration files for more information. + + * Added the ability to configure a chance to skip checking memcache when + querying account and container information. This allows some fraction + of traffic to go to disk and refresh memcache before the key ages out. + Recommended values for the new `account_existence_skip_cache_pct` and + `container_existence_skip_cache_pct` options are in the range of + 0.0 to 0.01. + + * Static large object segments may now be deleted asynchronously by + default. Operators may return to the old behavior by disabling the + `allow_async_delete` option in the `[filter:slo]` section + in their proxy-server.conf. + + * Absolute-form request targets are now accepted. This enables access for + certain clients and SDKs (including some older versions of rclone that + were using an old version of aws-sdk-go). + + * Fixed a path-rewriting bug introduced in Python 3.7.14, 3.8.14, 3.9.14, + and 3.10.6 that could cause some `domain_remap` requests to be routed to + the wrong object. + + * Fixed a server error when attempting to access data in a deleted + container that had an erasure-coded storage policy. + + * Improved error messages to clients that encounter errors using the + `formpost` middleware. + + * Removed some inappropriate error-suppression when locking account and + container databases. + + * Improved server start-up time when using multiple workers. + + * Removed some unnecessary locking when logging. + + * Added some basic object-metadata validation; invalid diskfiles will be + quarantined via the auditor or reconstructor. + + * Enhanced logging when error-limiting a backend node. + + * Various other minor bug fixes and improvements. + + swift (2.30.0) * Sharding improvements diff --git a/releasenotes/notes/2_31_0_release-77e6b20dfba3b32c.yaml b/releasenotes/notes/2_31_0_release-77e6b20dfba3b32c.yaml new file mode 100644 index 0000000000..ae5d96a637 --- /dev/null +++ b/releasenotes/notes/2_31_0_release-77e6b20dfba3b32c.yaml @@ -0,0 +1,118 @@ +--- +features: + - | + Added support for Python 3.10. + + - | + Added an optional ``backend_ratelimit`` middleware for backend servers. + See the backend server sample configuration files for more information. + + - | + Sharding improvements + + * Added a ``merge`` subcommand to ``swift-manage-shard-ranges`` to merge + arbitrary shard ranges into a container DB. Minimal safety checks + are performed; it should only be used for emergency shard range + manipulation by expert users. + + * Warnings are now emitted when sharding appears to have become stuck. + Use the new ``container_sharding_timeout`` option to configure the + "stuck" threshold; the default is 48 hours. + + - | + Metrics improvements + + * Added timing stats for memcached operations. + + * Renamed and improved the granularity of shard range cache and + backend stats. Metrics dashboards may need to be updated. + + * Emit stats when backend nodes are error-limited. + + - | + Added the ability to configure a chance to skip checking memcache when + querying account and container information. This allows some fraction + of traffic to go to disk and refresh memcache before the key ages out. + Recommended values for the new ``account_existence_skip_cache_pct`` and + ``container_existence_skip_cache_pct`` options are in the range of + 0.0 to 0.01. + + - | + Absolute-form request targets are now accepted. This enables access for + certain clients and SDKs (including some older versions of rclone that + were using an old version of aws-sdk-go). + +upgrade: + - | + Static large object segments may now be deleted asynchronously by + default. Operators may return to the old behavior by disabling the + ``allow_async_delete`` option in the ``[filter:slo]`` section + in their proxy-server.conf. + +security: + - | + Fixed a security issue in how ``s3api`` handles XML parsing that allowed + authenticated S3 clients to read arbitrary files from proxy servers. + Refer to `CVE-2022-47950 `__ + for more information. + +fixes: + - | + S3 API improvements + + * Fixed a server error when handling malformed CompleteMultipartUpload + requests. + + * Improved error reporting when attempting to set invalid ``X-Delete-At`` + or ``X-Delete-After`` values via the S3 API. + + - | + Sharding improvements + + * Sync more shard ranges from the root database to the shards. This + helps ensure shard range repairs effected at the root make their way + to shards that would otherwise be stuck trying to further divide + into sub-shards. + + * Improved performance of ``delimiter`` listings for sharded containers. + + * Added more safety checks to the ``repair`` subcommand of + ``swift-manage-shard-ranges``. + + * Better handle ``EOFError`` and ``KeyboardInterrupt`` when prompting for + input in ``swift-manage-shard-ranges``. + + * Stop warning about transient overlaps when auditing shard ranges. + + - | + Fixed a path-rewriting bug introduced in Python 3.7.14, 3.8.14, 3.9.14, + and 3.10.6 that could cause some ``domain_remap`` requests to be routed to + the wrong object. + + - | + Fixed a server error when attempting to access data in a deleted + container that had an erasure-coded storage policy. + + - | + Improved error messages to clients that encounter errors using the + ``formpost`` middleware. + + - | + Removed some inappropriate error-suppression when locking account and + container databases. + + - | + Improved server start-up time when using multiple workers. + + - | + Removed some unnecessary locking when logging. + + - | + Added some basic object-metadata validation; invalid diskfiles will be + quarantined via the auditor or reconstructor. + + - | + Enhanced logging when error-limiting a backend node. + + - | + Various other minor bug fixes and improvements.