SwiftStack Controller Release Notes

Note

Release 5.4.0 is a checkpoint release. If you have a controller running an older version, you must upgrade to 5.4.0, then to 6.30.0.1, then to 7.14.0, then the latest controller version.

Note

Release 6.30.0.1 is a checkpoint release. If you have a controller running an older version, you must upgrade to 6.30.0.1, then to 7.14.0, then to the latest controller version.

Note

Release 7.14.0 is a checkpoint release. If you have a controller running an older version, you must upgrade to 7.14.0, then to the latest controller version.

Note

Release 7.19.0 is a checkpoint release. If you have a controller running an older version, you must upgrade to 7.19.0, then to the latest controller version.

7.19.0.2 (January 5, 2024)

Verify Build Process

7.19.0.1 (August 19, 2021)

Bug Fixes:

• Fixed a regression in the keepalived local healthcheck that could cause problems during swift upgrades.

7.19.0 (April 22, 2021)

Features:

• This is the last release to support Ubuntu 16.04 Xenial. To upgrade to future SwiftStack Controller releases, you must upgrade any Ubuntu Xenial nodes.
• Ubuntu Bionic nodes will only be supported until October 31, 2021. Customers are advised to re-OS Xenial nodes to RHEL/CentOS 7.x at their earliest convenience.

Bug Fixes:

• Resolved an issue handling non-UTF-8 byte sequences via the metadata sync. As the encoding is unknown, these sequences are replaced by the unicode character FFFD. The names of the objects and affected keys are logged by the metadata indexer as a warning.
• Fixed error preventing newer Swift versions to perform pipeline validation of custom middleware placed at the end of the pipeline.

7.18.0.1-4nsv (April 12, 2021)

Features:

• New s3api middleware option ratelimit_as_client_error will default to True and help s3api return better ratelimit responses.
• Swift version 2.27.0.2 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Swift Features:

• New workers option for relinker can do multiple devices in parallel.

Bug Fixes:

• During part power increase background ring push jobs won't deliver unchanged rings that are rebalance prohibited.
• During part power increase relinker will not log errors about old tombstones from previous failures.
• Avoid traceback when listing buckets with recently compacted shard ranges.
• Fix traceback from container-sharder when reporting progress on container databases with recently sharded sub-shards.

7.18.0.1-3nsv (March 30, 2021)

Features:

• Config Deploy can now handle nodes that are temporarily unreachable

  • Prior to this release, any unreachable enabled node would cause Config Deploy to fail. The only two options were to disable the node (which can be disruptive) or to wait until such time that all enabled nodes were reachable again.
  • There is now a third option. If down_node_threshold_pct is set for the cluster in the database, and the percentage of unreachable nodes is less than that value, the Config Deploy will push the config around those nodes.
  • When any of those nodes become reachable again, a system generated Catch-up Config Deploy will bring them back up to date. The Catch-up Config Deploy will start within five minutes of a node becoming reachable again.
  • The same is true for both ring pushes and account pushes

• New object-relinker tunable files_per_second controls options rendered to object-server/2.conf
• Swift version 2.27.0.1 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Swift Features:

• swift-object-relinker accepts --partition and --policy options
• new swift-manage-shard-range command repair can fix root databases with overlapping shard ranges
• new swift-manage-shard-range command analyze can evaluate root databases with overlapping shard ranges
• swift-manage-shard-range info accepts --includes option to lookup shard database by object-name

Bug Fixes:

• During part power increase object-relinker will not create "extra" handoff partition dirs as part of incremental rehash.

7.18.0.1-2nsv (March 15, 2021)

Features:

• Carbon aggregator processes can now scale out. The number of carbon-aggregator processes is set on the Admin > Controller Tuning page, labeled "How many carbon-aggregators to run".
• Swift version 2.26.0.16 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Swift's manage shard range tool now supports --config option.
• More detailed relinker progress logs.

Bug Fixes:

• Improve robustness of relinker during client updates.
• Fix exit status of relinker when it encounters errors.

7.18.0.1-1nsv (March 1, 2021)

Features:

• Swift version 2.26.0.15 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Report root databases with shard ranges that may be shrunk with swift-manage-shard-ranges compact command.

Features:

• Preliminary release of CORS support for S3 API clients (N.B. Clients must still set CORS options on containers using Swift API).
• Report recently finished sharding databases in recon up to a new configurable timeout recon_sharded_timeout so controller schema can be kept in sync.
• Report shrinking_candidates in sharder recon drops.

Bug Fixes:

• Avoid infinite loop looking for compactible shard ranges

7.18.0.1 (February 25, 2021)

Features:

• The sync of metrics and local backup files from primary to standby controllers is now parallelized. The default concurrency is 5, but this may be tuned with "sscontrol config set METRICS_SYNC_CONCURRENCY <new-value>".

Bug Fixes:

• Controller backup uploads into a Swift cluster are now more robust.

7.17.0-3nsv (February 22, 2021)

Features:

• Swift version 2.26.0.13 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Features:

• Enable part-power-increase tool to do progressive rehash IO

Bug Fixes:

• Fix skipped shard ranges when searching for shrinking candidates in databases with mutliple shrinkable ranges

7.17.0-2nsv (February 8, 2021)

Features:

• Swift version 2.26.0.12 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Features:

• New swift-manage-shard-ranges subcommand compact
• Allow part-power-increase tool to use a config file
• Allow part-power-increase tool to be ratelimited

Bug Fixes:

• Shrinking shard ranges can properly collapse back to root containers
• Deleted shard dbs will keep their root metadata preventing issues with revivification and reclaim

7.17.0-1nsv (February 1, 2021)

Features:

• Swift version 2.26.0.11 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Features:

• Allow part-power-increase tool to be run as root and drop privileges
• Support manual part-power-increase by allowing controller admin to mark specific storage policy rings as "rebalance prohibited" which will prevent any automatic ring capacity changes.

Bug Fixes:

• Fix part-power-increase state tracking for multiple relinker runs
• Fix EC GET 503 with non-durable data after POST
• Do not reclaim sharded root databases until all shards have shrunk

7.17.0 (January 28, 2021)

Features:

• Initial release of NVIDIA-internal Auth system available to pilot deployments

Bug Fixes:

• Fixed (another) race condition when automatically sharding containers that could leave to overlapping shard ranges.
• Fix broken claim for some nodes with unconventional network configurations
• Fixed 1space daemons being erroneously shut down immediately after a disabled->enabled config push.
• Fixed cluster version check race when re-enabling nodes with stale configuration

7.16.0-5nsv (January 20, 2021)

Features:

• Swift version 2.26.0.10 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Bug Fixes:

• New reconciler pipeline prevents corruption when migrating encrypted EC data
• Cleanup handoff parts with non-durable frags
• Allow larger local clock skew for s3api signed requests

7.16.0-4nsv (January 12, 2021)

Features:

• Swift version 2.26.0.8 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Bug Fixes:

• Fix traceback on 422 during BadDigest on s3api MPU upload
• Avoid proxy hang/loop when listing shrinking shards
• Avoid regression with s3api UNSIGNED-PAYLOAD requests

7.16.0 (January 4, 2021)

Bug Fixes:

• Once a disabled node's configuration becomes stale, the node agent will stop its 1space daemons.

Known Issues:

• After enabling a disabled node, you may need to push config to the cluster twice to enable the 1space daemons on the node.

7.15.0-8nsv (January 4, 2021)

Features:

• Swift version 2.26.0.6 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Bug Fixes:

• Fix SLO GET disconnect backend socket leak

7.15.0-7nsv (December 14, 2020)

Features:

• New Controller API to enable nodes

7.15.0-6nsv (December 14, 2020)

Features:

• Docs for Controller API to enable nodes

Bug Fixes:

• Increase cluster version check timeout during config push to prevent swift service restart on large clusters

7.15.0-2nsv (December 7, 2020)

Features:

• Swift version 2.26.0.5 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • Improve container listing response latency by keeping sharded container ranges in memcache
  • S3API will now create +segments containers with matching container ACLs
• New proxy-server tunable recheck_listing_shard_ranges to control listing shard range caching

Bug Fixes:

• Fixed tracebacks logged when SSYNC sender disconnects
• xLO download will now correctly propagate 5XX when it encounters a server error downloading the first segment defined by the manifest

7.15.0 (December 3, 2020)

Features:

• Red Hat Enterprise Linux/CentOS 6 versions are no longer supported.
• RHEL/CentOS 7.9 is now supported.
• Swift version 2.26.0.4 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • Improved replicated and EC object rebalance efficiency
  • Improved logging when resuming with retry on EC GET short read failures.

Bug Fixes:

• Fixed issue where server error processing SLO could return client error.

7.14.0 (November 9, 2020)

Features:

• This is a "checkpoint" release. If you have a controller running an older version, you must upgrade to 7.14.0, then to the latest controller version.
• This is the last release to support RHEL/CentOS 6.x. To upgrade to future SwiftStack Controller releases, you must upgrade the OS of any RHEL/CentOS 6.x nodes to RHEL/CentOS 7.
• Added support for ScaleFlux NVMe flash devices
• Added some SMART equivalient monitoring for NVMe flash devices
• Removed general access to 1space Migrations, File Connector, and Cloud Connector. Existing configurations for these features are removed on upgrade and the associated processes are halted.

Bug Fixes:

• Fixed issue where SMART failure could "fail" NVMe flash devices
• Fixed block device Serial Number collection for NVMe flash devices
• Heavy load no longer causes RRDNS VIPs to spuriously move back and forth between the ranked nodes. Keepavlied no longer health-checks the local service.
• Fixed issue where delayed message processing on the controller could cause Node agent to incorrectly process responses.
• 1space correctly applies the HTTP(S) proxy settings to the merging namespaces middleware when configured for S3 as the endpoint. Proxy settings are not applied for other protocols (Swift and Azure) -- this will be addressed in a subsequent release.

7.13.0.4 (October 28, 2020)

Bug Fixes:

• Fixed bug with config deployments for clusters with RHEL/CentOS 6 nodes

7.13.0.3 (October 27, 2020)

Features:

• Swift version 2.26.0.2 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • MPU async delete
  • object-expirer rate limiting
  • better object-expirer stats

Bug Fixes:

• Experimental memcache configurations now support all necessary commands.

7.13.0.2 (October 14, 2020)

Features:

• Swift version 2.26.0.1 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • Improved visibility and accounting for disconnects during transfer
  • Access logging for s3api requests will include the Storage Policy Index
  • Fix all ChunkReadTimeout error message to include the transaction id
  • New log_msg_template option to log the HTTP wire_status in addition to the effective HTTP server status (which will be different during disconnects)
  • Support for configuration of keystone region_name in s3token middleware
  • More detailed message body for s3api 400 responses when user is over their configured Swift container quota

7.13.0.1 (October 13, 2020)

Bug Fixes:

• Fixed issue where ssdiag would complain about a service not running prior to the first cluster config push after upgrading the controller.

7.13.0 (October 8, 2020)

Features:

• Fixed potential issue when reinstalling Swift Storage node operating system with CentOS 7.x. Now, even if the network interface names reorder, the controller can still recognize the node correctly.
• New tunables for scaling on-premises controller beanstalk message processing. See Controller Tuning for more information.
• Seamless connection handling when TLS terminator (hitch) reloads a newly deployed SSL certificates

Bug Fixes:

• Disabling nodes will set ring weight to zero immediately so that their capacity can be returned to the cluster gradually after they are re-enabled.

7.12.0.2 (September 22, 2020)

Bug Fixes:

• Fixed race condition when automatically sharding containers that could leave to overlapping shard ranges.
• Fixed race condition in a Swift dependency (eventlet) that could cause Proxy workers to hang.

7.12.0.1 (September 11, 2020)

Features:

• 1space sync and archive mappings can now be paused and resumed. While paused, the background transfers are halted, but the namespace unification remains.

Bug Fixes:

• Fixed regression in 7.12.0 that affected TLS termination on cluster nodes.
• Fixed bug in 7.12.0 where reducing the number or carbon-relay processes on the controller could leave harmless extra carbon-relay processes running.
• 1space properly uploads large objects to Google Cloud Storage.

7.12.0 (September 10, 2020)

Features:

• Region/Zone manage page now lists node counts in the table.
• Controller admin interface now allows tuning more than one Carbon Relay process.
• Improved tuning of TLS termination service on nodes and it now gracefully reloads config changes into the current process during config push.

Bug Fixes:

• Nodes no longer send unnecessary messages to controller when ProxyFS is not enabled.
• Increased listen queue depth ("backlog") for node communication agent on the controller.

7.11.0.1 (September 8, 2020)

Features:

• Swift version 2.25.0.7 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • Improved balance of accepted socket connections of WSGI server workers
  • Majority errors or timeouts during a rebalance will ignore 404s and return 503
  • Fixed transaction id traction across greenthreads for EC fragment request logging
  • New crypto metadata version 3 and improved handling for py3 rolling upgrades
  • See the Swift Changelog for more information.

Bug Fixes:

• Fixed an issue that caused 1space to inspect unrelated container shards if the root container started with the same prefix.
• 1space will now re-upload GLACIER/DEEP ARCHIVE objets if the metadata has changed, as the objects are immutable and their metadata cannot be updated.

7.11.0 (August 20, 2020)

Features:

• Swift version 2.25.0.6 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • container-sharding: reclaim deleted shard databases
  • container-sharding: new manual shrink command
  • container-sharding: pull all ranges for shrinking shards from root
  • replication: all requests from all consistency engine daemons use replication network if configured
  • erasure-coding: new per-policy concurrent get options for EC
  • telemetry: separate internal requests from client metrics
  • See the Swift Changelog for more information.
• 1space allows setting the minimum part size when uploading objects to a remote cloud.

Bug Fixes:

• Resolved an issue with 1space where a container with multiple shards may cause 1space to stop making progress during sync or lifecycle of objects.

Known Issues:

• A config push is required after upgrading to 7.11.0 before upgrading to Swift 2.25.0.6 to ensure there are no background errors during the upgrade.
• Because some Swift Proxy graphs were incorrectly aggregating both internal and client metrics, some users may see a reduction in the reported values on the Storage Stats page.

7.10.0 (July 30, 2020)

Features:

• Swift proxy access log lines now include container, account, and object information.
• Added NodeInterface (node_interfaces) to controller API.
• 1space now correctly re-uploads static large objects if an object with the same name was uploaded previously.
• 1space no longer propagates empty dynamic large object segments to the destination Swift cluster if the object is converted to a static large object.

7.9.0.2 (July 20, 2020)

Bug Fixes:

• Require 2 failed local healh-checks in RRDNS LB before transitioning to FAULT state and moving the VIP to another node.
• Fixed an issue with 1space metadata updates to S3 incorrectly propagating metadata.

7.9.0.1 (July 15, 2020)

Bug Fixes:

• Fixed issue where keepalived couldn't start on nodes with no RRDNS VIPs assigned; the only impact was excess controller alerts.

7.9.0 (July 9, 2020)

Features:

• Swift version 2.25.0.4 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • swift-container-info: Don't show all shard ranges when there are many
  • s3api: Use swift.backend_path to proxy-log s3api requests
  • s3api: Don't do naive HEAD request for auth
  • s3api: Add basic support for ?tagging requests
  • replication: Allow databases_per_second to be a float
  • See the Swift Changelog for more information.

Bug Fixes:

• Firewall rules are now managed more accurately on nodes with Systemd-based operating systems. Previously, the node agent could fail to correct damaged firewall rules and in some circumstances, accounting rules could get added in such a way that one direction of proxy traffic could get missed.
• Fixed situation where a RRNDS VIP could stop working for multiple minutes while the firewalld OS package upgraded. Now the VIP will correctly migrate to a backup node and continue working.
• Fixed bug in node diagnostic connectivity checker with memcached server IPv6 addresses.
• Fixed bug where ssdiag could fail to show network interface speed and MTU if a RRDNS VIP appeared first in the interface's IP list.
• Fixed issue where /install_centos_selinux and /install_selinux endpoints on the controller could fail to install the node SELinux policy.
• Fixed a double-quoting bug with Regin/Zone name inline-editing.
• Fixed inline-editing of RRDNS Group names.

7.8.0 (June 18, 2020)

Features:

• Swift version 2.25.0.3 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • s3api: Allow CompleteMultipartUpload requests to be retried
  • proxy: Stop killing memcache entries on 5xx responses
  • swift-get-nodes: Allow users to specify either quoted or unquoted paths
  • See the Swift Changelog for more information.
• Swift log messages in /var/log/swift/all.log now have high-resolution timestamps in RFC3339 format. This change will take effect after the next config push to a cluster.
• Some of the log rotation parameters for Swift's /var/log/swift/all.log file are now configurable via the Controller's UI. You can change them under Configure > Tune > Log Settings. The new default is for the first rotation of all.log (all.log.1.gz) to be compressed; it used to be uncompressed (all.log.1), which consumed unnecessary disk space. The new default will take effect after the next config push to a cluster.
• For static large objects (SLO) "delete_concurrency" and "concurrency" can now be configured separately.

Bug Fixes:

• Fixed an issue with 1space profile filtering objects by x-timestamp, which prevented a valid filter configuration. In addition, 1space now allows filtering the objects by last-modified date.

7.7.0 (May 28, 2020)

Features:

• ProxyFS version 1.16.1 is now available. You can learn more from the release notes. Customers are encouraged to upgrade their ProxyFS version at their earliest convenience.
• 1space profiles allow filtering objects based on their Last-Modified date or X-Timestamp.

Bug Fixes:

• Fixed a regression in 7.6.0.1 that prevented new nodes from being ingested in certain circumstances.

7.6.0.1 (May 12, 2020)

Bug Fixes:

• Fixed a packaging issue that was causing out-of-band 'yum update' to fail under certain circumstances

7.6.0 (May 7, 2020)

Features:

• RHEL/CentOS 7.8 is now supported.
• Added rrdns_vips, region.number and zone.number to the node API

Bug Fixes:

• 1space no longer requires POST permissions for Swift containers if container metadata should not be propagated.
• Resolved an issue that limited 1space to 10 connections per container, regardless of the number of workers.
• 1space and Static web middleware now work as expected, as opposed to displaying an error.

7.5.0.1 (April 27, 2020)

Bug Fixes:

• 1space graphs now load correctly for non-admin users.

7.5.0 (April 16, 2020)

Features:

• ProxyFS version 1.15.5 is now available. You can learn more from the release notes. Customers are encouraged to upgrade their ProxyFS version at their earliest convenience.
• Proxy access logs have a new Time to First Byte field appended to the end after the Storage Policy Index.
• Large cluster operators now have the option of disabling NTP peer mode when their NTP servers are available with-in the same data center as their nodes.
• Disable reverse DNS lookup for rsync connections to optimize rebalance of replicated storage policies.

Bug Fixes:

• Graphs with In/Out values (like Total Cluster Proxy Throughput) now display correctly.
• Clusters with different minor OS version releases now group correctly by major OS version when displaying Swift package versions.
• 1space sync/lifecycle graphs where the remote bucket is specified now display correctly.

7.4.0.1 (March 31, 2020)

Bug Fixes:

• Resolved an issue of container listings returning 500 for 1space-enabled containers.

7.4.0 (March 12, 2020)

Features:

• Swift version 2.24.0.3 is available. See the Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Additional Swift configuration options (see Cluster Tuning for more information):
  • Object Server Keep Cache Size
  • Object Server Keep Cache Private
  • Proxy Server Recoverable Node Timeout
• 1space Sync/Lifecycle Monitor now includes graph of objects copied, objects deleted, and bytes transferred.
• Controller graphs now have a vertical cursor you can click and drag left and right. It shows discrete data point values and may be toggled on and off via a new link on the top right of each graph. Automatic graph refreshing is disabled whenever the cursor is displayed.
• Each controller graph data series may be toggled on and off by clicking on the series' legend label. This is most useful for toggling off a series that is "blowing out the scale" of the Y-axis, allowing you to see other data series better.
• Node connectivity checker now also checks memcached services.
• Swift health checker on nodes will now attempt to repair broken services after a Controller config push in case the config push resolves a condition preventing service start-up.
• Syslog messages forwarded from nodes now include high-resolution RFC3339 timestamps.

Bug Fixes:

• Controller alert "badge" in the header now only counts ongoing alerts.
• Fixed issue where disk busy/full heatmaps could timeout getting data for large clusters with many thousands of disks.
• Fix race condition on controller web server startup which could occasionally prevent controller install or upgrade from succeeding.
• Fixed a regression in 7.0.0 where controller log files were getting rotated less aggressively than we intended.
• Fixed an issue with cname_lookup and domain_remap that would cause requests to the CNAME to 500. Upgrade Swift to resolve the issue.

7.3.0.1 (February 24, 2020)

Bug Fixes:

• Memcache-related graphs now load correctly on the Storage Stats page.

7.3.0 (February 20, 2020)

Features:

• Swift version 2.24.0.2 is available. See Swift Changelog for more documentation for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• ProxyFS version 1.15.4 is now available. You can learn more from the release notes. Customers are encouraged to upgrade their ProxyFS version at their earliest convenience.
• Operators may now create Multi-Region Distributed Erasure Coded Storage Policies. See Erasure Coded Policies documentation for more information.
• Clusters can now be configured to have large containers automatically sharded. Newly created clusters will have this set automatically. You can manage this setting on the Sharding tab of the Monitor page.
• You can now set the disk health check timeout value in the cluster Advanced settings.
• You can now configure nice and ionice priorities for each Swift service.
• 1space supports migrating to a ProxyFS account from Swift and S3 sources. Large objects are converted to ProxyFS single objects (as opposed to SLO/DLO representation).
• 1space migrations are now available by default.

Bug Fixes:

• Fixed a few cosmetic bugs in controller graphs.
• Made Swift object server health checks more robust.
• With Swift version 2.23.1.3, under some conditions, old Swift services could continue to run when they shouldn't. This is fixed with Swift version 2.24.0.2 in this release, and users are encuraged to upgrade their Swift clusters at their earliest convenience.
• Resolved an issue that prevented 1space from making progress due to too many open connections. Config push is required to update 1space with the fix.
• While following the lifecycle policy, 1space now retries removing large object manifests if removing any of the segments fails and the object has already been copied.

7.2.0.1 (January 30, 2020)

Features:

• ProxyFS version 1.15.0 is now available. You can learn more from the release notes.
• You can now disallow TLS v1.1 access to the controller in the controller admin Network configuration page.
• Devices in the Node device heatmaps may now be clicked to go to the node's device management page with the clicked device selected. In addition, the heatmaps are now sorted by block device name.
• Added two additional per-node Swift Proxy request graphs.
• 1space migrations can optionally not propagate deletion of source objects to the target container. The default is to not propagate deletion.
• Merging of namespaces can be disabled when creating migrations. The namespaces are merged by default.
• Sync and Lifecycle 1space mappings now copy the latest object version to the destination container when using Azure Blob.

Bug Fixes:

• Deleting devices will now remove the flag which prevents "settled" Swift rings from rebalancing.
• Rings will rebalance better in a couple cases where devices are added and removed from Swift rings (not counting the standard zero-weight "membership" for devices not added to a storage policy).
• Broken Swift static links are ignored and logged by 1space.
• When using 1space selection criteria, only the Swift link object's metadata is considered and not the target object's.
• Some 1space users saw ChunkWriteTimeout errors due to a race condition. The race condition has been removed.

7.1.0 (January 9, 2020)

Features:

• Swift version 2.23.1.3 is now available. This release includes support for a new Swift object versioning mode and the S3 versioning API. See the Object Versioning middleware documentation for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Cluster monitor nodes page now includes "disk busyness" and "disk fullness" heatmaps. They can be filtered by storage policy membership.
• In some rare circumstances, forced ring rebalances, at the direction of SwiftStack Support can be required. The controller UI now facilitates this.
• The rate of capacity adjustment can be modified, but only at the direction of SwiftStack Support.
• 1space credential verification has improved security, and will require a config push before you can successfully verify new credentials.
• 1space supports Swift dynamic and static links for sync and lifecycle policies to another Swift cluster that also has the links middleware enabled.
• Added 1space for the new link-style Swift versioning when performing sync or lifecycle. Only the most recent version of the object is copied. This is not supported when the target is Azure.

Bug Fixes:

• Fixed issue where some alert types could fail to close properly.
• Removed case where proxy servers would be down during config push while rings get served to nodes when adding new storage policies.
• Fixed self-healing daemon restarting for some daemons on Ubuntu Bionic (18.04) nodes.

7.0.0.1 (December 19, 2019)

Bug Fixes:

• Python scripts now run using the correct version of Python on CentOS/RHEL nodes.

7.0.0 (December 18, 2019)

Features:

• Swift upgrades may now proceed when nodes are disabled.
• Swift upgrades will now upgrade swift on disabled nodes as well, if the nodes are actually successfully communicating with the controller.
• Each config push is tailored for the lowest version of Swift present in the cluster. If an enabled node has an older version of Swift than the highest version of Swift for which a config has been pushed, then config pushing will be disallowed until the old-Swift node(s) are disabled or upgraded to a newer version of Swift. In practice, this shouldn't occur unless Swift is upgraded while nodes are disabled and actually down, and those disabled nodes come back and are enabled.
• 1space support Microsoft Azure Blob for sync/lifecycle mappings. Please see documentation for details.

Bug Fixes:

• Fixed issue where a failed log rotation could leave files in a state where subsequent log rotations would fail.
• SwiftStack Auth properly supports LDAP groups with special characters, such as + or &.
• Fixed documentation search results snippets.

6.30.0.1 (December 6, 2019)

Features:

• This is a "checkpoint" release. If you have a controller running an older version, you must upgrade to 6.30.0.1, then to the latest controller version.
• This is the last release to support Ubuntu 14.04 Trusty, which was end-of-life'ed by Canonical six months ago (April 30th 2019). To upgrade to future SwiftStack Controller releases, you must upgrade any Ubuntu Trusty nodes.
• This is the last release to support Swift versions LESS THAN 2.18.0.2. To upgrade to future SwiftStack Controller releases, you must upgrade the version of Swift in all of your clusters.

Bug Fixes:

• Fixed issue where some config pushes could appear to succeed when they actually failed.

6.30.0 (October 31, 2019)

Features:

• Swift version 2.23.0.1 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• The guest account on Samba mounts has been disabled to improve security. You will need to create a password protected Samba account if your workflow currently uses the guest account. This will take effect upon pushing a new config.

Bug Fixes:

• Fixed a bug where s3api would automatically create a segments bucket for multi-part upload (MPU) objects using the cluster's default storage policy. Now, the same storage policy as the primary bucket is used. You must upgrade your Swift clusters to version 2.23.0.1 to activate this bug fix.
• Fixed a bug introduced in 6.29.0 that would cause ProxyFS upgrades to fail before pushing configuration.
• Fixed issue on nodes that do not run proxy servers where some Swift log messages were going to the system log instead of /var/log/swift/all.log. A config push is required to make the bug fix active.

Note

Some customers have had trouble with CentOS or RHEL 7.x operating systems accidentally upgrading to a new point-release (e.g. 7.6.1810 upgrading to 7.7.1908) before a new version of the SwiftStack Controller supports it. We suggest you pin your Yum configs to prevent accidental upgrades. You should also keep node and controller operating systems up to date after you have upgraded to a SwiftStack Controller that supports the new version.

6.29.0 (October 10, 2019)

Features:

• RHEL/CentOS 7.7 is now supported.
• Failed config pushes now have a summary of failures at the beginning of their logs on the Job Detail page.

Bug Fixes:

• Resolved a regression from the 6.25.0 release where metadata search fails to start on Ubuntu nodes (14.04, 16.04, and 18.04).

6.28.0 (September 25, 2019)

Features:

• Alerts related to nodes now contain cluster names in their descriptions. A cluster config push is required for this to take effect.
• OpenVPN now restarts automatically on nodes with Systemd-based OSes.
• Centos/Red Hat Enterprise Linux nodes can now configure the SwiftStack yum repo to not use proxy settings. See Creating Your SwiftStack Node for more.
• ProxyFS logs are now archived to Swift.
• Improved Metadata Search error reporting for newer versions of Elasticsearch

Bug Fixes:

• Node upgrade issues with Ubuntu 18.04 LTS (Bionic) are resolved and that is now a supported node OS.

6.27.0 (August 22, 2019)

Features:

• Swift version 2.22.0.2 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Symlink middleware can now be enabled through the controller for swift versions greater than or equal to 2.16.0.2.

Bug Fixes:

• Controller users with Administrator permissions can no longer see or interact with API tokens generated by Controller users with superuser permissions. This was not a problem in the past because there was no functional difference between these permission levels. In the future, there may be a difference, so it is recommended that you replace any controller superuser API keys (commonly, you will have one superuser named "localadmin").

Known Issues:

• Support for Ubuntu 18.04 LTS (Bionic) nodes has been temporarily removed. Support will return in a future release.

6.26.0.2 (August 20, 2019)

Bug Fixes:

• Fixed an upgrade issue with Ubuntu 14.04 Trusty nodes running very old Swift versions.
• Resolved an issue where Ubuntu Trusty (14.04) and Xenial (16.04) nodes result in held packages following the upgrade to 6.26.0. The held packages can be manually upgraded, but in the meantime the prior versions will continue to work as expected.

6.26.0 (August 8, 2019)

Features:

• Added support for Ubuntu 18.04 LTS (Bionic) nodes. NOTE: before adding new Ubuntu 18.04 nodes to an existing Cluster or upgrading existing Ubuntu 12.04 or 14.04 to 18.04, you must first upgrade the cluster's Swift version to at least `2.21.0.4-3`.

Bug Fixes:

• Fixed a problem where ssnoded could have a port conflict when restarting.
• Fixed a bug where moving ProxyFS Volumes or Volume Groups between nodes had a chance of causing data loss.

6.25.0 (July 11, 2019)

Bug Fixes:

• 1space now properly handles dynamic large objects (DLOs) that contain characters that would be URL encoded (spaces, slashes, non-ASCII characters, and others) in sync, lifecycle, and migration mappings.

6.24.0 (June 20, 2019)

Features:

• Swift Web Console has been removed.
• Creating a ProxyFS Volume now requires verification that the Swift account being used is empty.
• Support for quick multi-deletes in s3api with the use_async_delete option.
• Allow configuration of the rpc_server Local Security Authority. Setting this to 'disabled' will prevent listing of SMB users.
• 1space sync/lifecycle mappings to S3 can now send DLO's (except if destination is Google or the DLO does not comply with multipart upload requirements).
• Multiple 1space sync mappings are now allowed to different destinations. Merging namespaces across the multiple mappings is not currently supported. Having multiple lifecycle (or mixing lifecycle and sync) mappings is also prohibited.
• ProxyFS version 1.11.0 is now available. This version has been adapted to the latest (2.21.0.4) version of Swift.
• 1space sync/lifecycle profiles can now specify content-type for metadata based selection criteria. Also, metadata selection can use not-equal as well as equal string comparisons.

Bug Fixes:

• Internal accounts used for sharding (.shards_*) have been removed from the storage utilization page.

6.23.0.1 (May 31, 2019)

Bug Fixes:

• Fix package dependency on RHEL/Centos that could cause swift processes to fail to start after reboot.

6.23.0 (May 30, 2019)

Features:

• ProxyFS now allows use of encryption.
• 1space sync/lifecycle policies pointed at AWS may now specify the S3 storage class for new objects.

Bug Fixes:

• Improve robustness of node package management to workaround pathological misconfigurations of system package managers.
• Enabled S3 requests to appear in utilization transfer data when force_swift_request_proxy_log is set to True.
• Correctly initialize the selection of SMB users on the volume configuration page.
• Improve settings for proxyfs that should reduce SMB file transfer interruptions during config pushes.

6.22.0 (May 9, 2019)

Features:

• Swift Web Console has been disabled. It will reach end of life soon. Users are encouraged to use the SwiftStack Client instead.
• ssdiag output now includes network interface MTU and PHY speed information.
• Controller audit log now includes SwiftStack user creation and deletion.
• Two new Swift tunables: "Account replicator rsync max connections per disk", and "Container replicator rsync max connections per disk" will limit the number of simultaneous account/container replication rsync operations per disk. Previously, the value of "Object replicator rsync max connections per disk" was used for this purpose.
• Various security enhancements:
  • Certain clickjacking vectors are now prevented
  • m shell now provides a warning about the dangers it presents
  • The nginx webserver is now at the latest version with new security fixes
  • The jQuery and related frameworks are now at the latest versions with new security fixes
  • SwiftStack auth users must now have passwords at least 20 characters long

Bug Fixes:

• Cluster config pushes are now robust to a package update failure that could, in some circumstances, leave services not running.
• Large numbers of stale controller UI sessions can no longer prevent controller upgrade.
• Object prefix for migration using swift credentials will no longer be stored
• Autoprovisioned nodes will no longer provision themselves again when SwiftStack node agent restarts (or server reboots).

6.21.0 (April 22, 2019)

Features:

• Swift version 2.21.0.2 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• sdt probe now displays disk fullness.
• Initial cluster configuration now immediately directs you to network configuration if the network has not yet been configured.
• Client IP address is now included in the audit log.
• 1space metrics collection is enabled by default through statsd.

Bug Fixes:

• Improved 1space to handle title-cased headers returned from S3 endpoints.
• Fixed 1space exception logging to include exception type and changed syslog messages to be LF separated.

6.20.0 (March 28, 2019)

Features:

• Multiple failed Controller logins within a short period will now lock your account out for thirty minutes.
• Controller sessions can now be set in one-minute intervals to as low as one minute.
• ProxyFS configuration now supports SMB3_00 and SMB3_02 for the Server Minimum Protocol option.
• 1space can now configure the storage policy to use when creating containers on a Swift target cluster.
• ProxyFS version 1.10.1 is now available. This version fixes the regression introduced in 1.9.5, which disabled snapshots.

Bug Fixes:

• Controller AD/LDAP users are no longer prompted to "reset" their passwords.
• Fixed an issue when uploading large files to ProxyFS using the S3 Multipart Upload API or Swift Static Large Object API and the file consists of more than 1,000 parts.
• Fixed an issue that led to 1space occasionally waiting until the deferred verification time to pass before propagating changes to the target of a sync/lifecycle policy.

6.19.0.1 (March 8, 2019)

Bug Fixes:

• Resolved an issue where failed migrations of multipart-uploaded objects would leak segments.

6.19.0 (March 7, 2019)

Features:

• SwiftStack Controller user passwords now must be at least twenty characters. Users with passwords not meeting this requirement will be prompted to change their password on their next login.
• sscontrol users change_password has been removed.

Bug Fixes:

• Backup files now sync correctly to standby controllers with SELinux in Enforcing mode.
• Standby controllers using iptables instead of firewalld now correctly sync metrics and backup files.
• Fixed RRDNS Load Balancer regression on operating systems with a newer version of keepalived where keepalived wasn't using the service check on the local proxy-server. A cluster config push is required for the fix to take effect.
• Resolved an issue that caused 30 second delays on 1space shunt responses if no DNS servers are configured on the node (i.e. /etc/resolv.conf is empty).
• Object updater worker setting is now set on nodes. A cluster config push is required for the value to get set.

6.18.0 (February 19, 2019)

Features:

• Swift version 2.20.0.2 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• ProxyFS version 1.9.5 is now available. This version now manages volumes via volume groups. Your existing shares have been automatically converted to the new system. See Controller API for more information, or read the full ProxyFS release notes. Customers are encouraged to upgrade their ProxyFS version at earliest convenience.
• There is now tooling for inspecting the state of the job queues, via sscontrol beanstalk list. Please contact support if you have problems with your beanstalk queues.
• Two headers have been added to improve the security of the site: X-Content-Type: nosniff and X-XSS-Protection: 1; mode=block. In addition, the Server header no longer specifies the server version.
• Large numbers of nodes that claim simultaneously (i.e. via automated provisioning) no longer risk failing to claim because of VPN errors.
• 1space profiles support minimum segment size when copying large objects. The option results in destination large objects being composed of segments that are at least as large as the specified size.
• 1space profiles allow excluding objects from consideration. This is especially useful if large object manifests are co-located with their segments.
• Upon copying large objects, if done as part of a lifecycle profile, 1space now optionally removes origin large object segments (previously, only the manifest was removed).
• Dynamic Large Objects are now supported by 1space sync/lifecycle profiles when targeting another Swift cluster. The objects can be optionally converted to Static Large Objects in the destination cluster.
• Object expiration (X-Delete-At header) can now be optionally synced when copying objects to a remote Swift cluster via 1space. The object expiration on the remote cluster can also be offset by a specified amount.
• Container ACLs can be optionally propagated with 1space to the remote Swift cluster.

Bug Fixes:

• When a request to an S3 target (AWS, Google Cloud Storage, or another S3 clone) returns an error, 1space now correctly translates the error to the client (previously, all errors would be returned as 500).

6.17.0.2 (January 29, 2019)

Features:

• ProxyFS version 1.8.0.7 is now available. This version will now report total space as 100TiB, and fixes a bug whereby multi-part uploads could indefinitely lock a filesystem. Customers are encouraged to upgrade their ProxyFS version at earliest convenience.

6.17.0.1 (January 28, 2019)

Features:

• ProxyFS configurations with AD no longer expose user details under certain circumstances.
• Node interfaces now display information about their speed and MTU settings, if available. Note that this information may take up to a day to appear.
• 1space Lifecycle and Sync profiles can now target Swift containers that have been sharded.
• 1space Lifecycle profile with a set object expiration time can now be used with AWS S3 (the bucket lifecycle policy is used to expire objects).
• Metadata sync correctly indexes sharded Swift containers.
• When using Sync or Lifecycle profiles with a Swift cluster, 1space now allows optionally copying the source user container metadata (x-container-meta-*) as well.

Bug Fixes:

• Nodes that are configured to terminate TLS now use multiple cores for that purpose.

6.16.0.1 (January 11, 2019)

Bug Fixes:

• Resolved an issue that might allow an AD Domain user to discover other users in the same domain.
• Allowed edits of the Elasticsearch server SSL configuration (both verification and the associated Certificate Authority bundle).

6.16.0 (January 3, 2019)

Features:

• Added support for specifying a path to a certificate authority (CA) bundle (or a directory containing the CA bundles) to be used to validate Elasticsearch server's SSL certificate by the Metadata Search indexer. A config push is required to enable this feature.
• Allows overriding Elasticsearch server's SSL certificate validation by the Metadata Search indexer. A config push is required to enable this feature.
• RHEL/CentOS 6.10 and 7.6 are now supported.
• Swift version 2.20.0.1 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Migrated from swift3 to s3api. This includes several fixes for non-ASCII object names and better identification of unsupported features. You will need to upgrade Swift then push config to use the new middleware.

Bug Fixes:

• Metadata Search properly indexes static large objects. A config push is required to apply the fix.

6.15.0.2 (December 4, 2018)

Bug Fix:

• Resolved an issue that prevents swift-metadata-sync from starting on Ubuntu nodes. A config push is required to apply the fix. The bug affects SwiftStack controller releases 6.15.0 and 6.15.0.1.

6.15.0.1 (December 3, 2018)

Bug Fix:

• Fix issue where too many "disk free" time-series data files could get deleted during cleanup.

6.15.0 (November 29, 2018)

Features:

• Swift version 2.19.0.2 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• The SwiftStack Controller API now provides details about devices. See Controller API for detailed examples.
• Swift3 now handles Delete Multiple Objects request items in parallel. This reduces the likelihood of a client timing out while waiting for a response. Pushing config is required to enable this feature.
• Swift3 now allows some types of server-side encryption if the Encryption middleware is enabled. Pushing config is required to enable this feature.
• Introduce rate-limiting for database processing daemons to limit CPU consumption on non-IO-bound workloads.
• Introduce a new tunable option to set socket TCP_KEEPIDLE parameter.

Bug Fixes:

• No longer report irrelevant node IP change warnings.
• Fixed issue where corrupted cache file could prevent Utilization data processing from making progress.
• Collect disk serial numbers in more edge cases and include them in sdt probe output.
• Hitch TLS terminator on nodes can now be accessed via IPv4 or IPv6 addresses simultaneously. A config push is required for this to take effect.
• Fixed intermittent connection issues with Swift nodes behind a NAT load-balancer. A config push is required for this to take effect.
• The S3 API Keystone integration middleware now supports the auth_version config option. This allows deployments with v3-only Keystone. The fix requires a configuration push to be applied.

6.14.0.2 (November 20, 2018)

Features: * Version 1.8.0.4 of File Access is now available.

6.14.0 (November 8, 2018)

Features:

• The SwiftStack Controller API now provides more details about networks and regions for nodes. See Controller API for detailed examples.
• For ProxyFS deployments, the minimum protocol the server will support can now be configured, and individual Volumes can require encryption.

Bug Fixes:

• 1space no longer uses X-Newest header when checking the internal Swift objects. When using sync/lifecycle with an EC policy, the change reduces the number of HEAD requests per object from the sum of the number of parts and parity objects to 1. In replicated policies, the change reduces the number of GET requests per object to 1 from the number of replicas.

6.13.0.1 (October 22, 2018)

Features:

• The SwiftStack Controller supports SELinux in enforcing mode for RHEL/CentOS starting with version 7.5. For RHEL/CentOS versions older than 7.5, the installer will refuse to run if SELinux is in enforcing mode.
• RHEL/CentOS 7.x nodes may be installed when SELinux is in enforcing mode by using the /install_selinux endpoint in the curl command instead of /install. Nodes in Enforcing mode must have the policycoreutils-python RPM installed prior to installing the SwiftStack agent software.
• File Access volumes now support snapshot policies.
• KMIP Middleware can now be configured. More info here.
• 1space settings now include a verification slack parameter, which allows deferring verification of uploaded objects to prevent numerous simultaneous requests in the case of large objects.

Bug Fixes:

• Resolved an error with non-ASCII characters in container or account names that prevent 1space from uploading objects. The fix requires a configuration push to be applied.
• Network errors during 1space transfers no longer result in leaking connections to the Swift cluster. The fix requires a configuration push to be applied.
• 1space sync and lifecycle policies no longer make simultaneous requests for the same object from multiple nodes. The fix requires a configuration push to be applied.

6.12.0.2 (October 8, 2018)

Bug Fix:

• Fixed issue in 6.12.0.x causing clusters running older versions of ProxyFS to fail to ingest new CentOS/RHEL 7.x nodes.

6.12.0.1 (September 28, 2018)

Bug Fix:

• Fixed new issue in 6.12.0 affecting upgrading packages on RHEL/CentOS 7.x Swift nodes not running ProxyFS.

6.12.0 (September 27, 2018)

Features:

• SwiftStackAuth now supports the Keystone V3 API.
• Clusters may now run ProxyFS regardless of the operating systems of other nodes in the cluster. Nodes running ProxyFS must still be RHEL/CentOS 7.x.
• Added support for specifying the interval option for the Swift container-sharder through the Swift cluster tuning page.
• Migrated all Swift daemons to use the interval option, and removed the deprecated run_pause option.

Bug Fixes:

• Docker virtual network interfaces on nodes are no longer tracked in time-series data, preventing arbitrary disk consumption on the controller over time. Also, stale time-series data files are removed during each controller upgrade instead of lingering forever.
• Removed a limit on request body size that would cause some Multi-Object Delete S3 API calls to fail. A configuration push is required for the fix to take effect.
• Fixed an issue introduced in the 6.11.0.x release that prevented 1space and metadata sync daemons from starting on Ubuntu Trusty (14.04) and RHEL/CentOS 6.x nodes. A configuration push is required for the fix to take effect.
• For Swift to Swift sync or lifecycle policies, 1space will no longer change the destination container name. This resolves an issue where static large objects could have resulted in duplicating the amount of data stored on the target Swift cluster. A configuration push is required for the fix to take effect.
• 1space will no longer hang when retrieving a multi-part object from S3 when namespaces are merged and a multi-part upload object is uploaded outside of 1space. A configuration push is required for the fix to take effect.

Known Issue:

• Auto-provisioning nodes using machine profiles with the roles Proxy/Object or Object-only results in a state where config cannot be pushed to the cluster. This will be fixed in a future release.

6.11.0.2 (September 19, 2018)

Bug Fixes:

• When uploading static large objects (SLO) via 1space to S3, 1space will no longer fail to upload parts of the multi-part upload when the number of parts exceeds the number of workers.
• Fixed an issue that prevented 1space from transferring objects if the number of objects per pass is more than double the number of workers.

6.11.0.1 (September 14, 2018)

Bug Fixes:

• Fixed bug preventing deletion of proxyfs users

6.11.0 (September 13, 2018)

Features:

• Swift version 2.19.0.1 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• You can now configure 1space cloud-connector; see 1space-configuring-cloud-connector for more information.
• You can now configure Swift object-updater workers.
• You can now configure a 1space archive profile to delete objects in a Swift destination after a specified number of days.
• You can now specify an account override for 1space mappings to Swift destinations.
• Added an enumerating threads option for 1space sync and lifecycle policies. This option allows 1space to process multiple containers in parallel. The default is 10 threads and can be increased if there are many containers. Pushing config is required to enable this feature.

Bug Fixes:

• Made SMART data parsing robust to systems without threshold data.
• Swift & SwiftStack File Access Upgrade job history now correctly show the user who kicked off the job, rather than the same user for each job.
• Increased maximum open files for Hitch TLS termination on nodes.
• Fixed incorrect unit labels in some node device lists. Also clarified that 1 GB equals 10⁹ bytes.
• When uploading static large objects (SLO) from SwiftStack to another Swift cluster, 1space now properly avoids re-uploading objects if the name of the segments containers are different between the source and destination.

6.10.0.2 (August 28, 2018)

Bug Fixes:

• Fixed issue preventing Keystone V2 and V3 support in 1space credentials from working. A cluster config push is required to use Keystone V2/V3 1space credentials.

6.10.0.1 (August 21, 2018)

Bug Fixes:

• 6.10.0 introduced a bug where existing 1space Swift Credentials could not be updated, now they can.

6.10.0 (August 16, 2018)

Features:

• Keystone V2 and V3 are supported for 1space credentials with the caveat that specifying an alternate account for storage access does not work yet.

Bug Fixes:

• Ubuntu 16.04 (Xenial) nodes now correctly report transfer Utilization data.
• Controller on-premises installer now works when firewalld.service is "masked".

6.9.0.1 (August 2, 2018)

Bug Fixes:

• Fixed issue with management user creation on Ubuntu.

6.9.0 (July 26, 2018)

Features:

• A management user can now be configured under Advanced Cluster Configuration and enabled or disabled on all nodes via config push. Contact support for more information about ad-hoc management of your fleet using SSH/Ansible.
• When creating a user or updating a user's password in the User Api, the response now includes the user's S3 token.
• Version 1.6.4 of File Access is now available.

Bug Fixes:

• When a config push fails, pending configuration changes are no longer cleared.
• A couple of 1space UI fixes including a bug that cleared the "days before archiving" value on edit.
• Fixed a security bug where object store credential were logged in the proxy server log when 1space is enabled and an object is retrieved from the remote blob store.
• 1space no longer fails with a Unicode error if a non-ASCII character is present in the custom prefix.
• Fixed service checks (tcp_ping) when a hostname resolves to both IPv4 and IPv6 addresses and the IPv6 address works, but the IPv4 does not.
• Incorporated upstream patch to fix CVE-2018-10903 in ss-python-cryptography package. NOTE: Swift's encryption does not use the affected mode so there was no exposure.

6.8.0.3 (July 20, 2018)

Bug Fixes:

• Fixed issue with Swift LDAP authentication and Swift version 2.18.0.2 or higher that could lead to hanging authentication requests for LDAP users. Proxy servers must be restarted for the fix to take effect.

6.8.0.2 (July 9, 2018)

Bug Fixes:

• Fixed bug with the version of ss-chrony

6.8.0.1 (July 5, 2018)

Bug Fixes:

• Fixed issue with RHEL/CentOS 6.x proxy nodes when using SwiftStack LDAP Swift authentication middleware.

6.8.0 (July 2, 2018)

Features:

• Object server replicator worker count can now be configured. Upgrading Swift to 2.18.0.2 or later and pushing a config are required to use the feature.
• Account replicator and container replicator now support emergency mode. Upgrading Swift to 2.18.0.2 or later and pushing a config are required to use the feature.
• LDAP-authenticated controller user records may now be purged on the Edit Organization > Users page.
• Cluster push config logs now include node hostnames, as does the Node management list. Alerts will now also include node UUIDs.
• A new setting on the controller Network Admin page allows disabling of the less secure TLSv1 protocol for controller HTTPS communications. NOTE: older clients may no longer be able to talk to the controller, including existing nodes running CentOS/RHEL 6.7 or earlier, as well as some older browsers.
• Cluster nodes can be configured to send raw StatsD metrics to another server. This is configured under "Advanced Options" on the cluster configure page. A config push is required for the setting to take effect. Also, the node's existing StatsD server used to gather metrics for the controller no longer listens on the default StatsD port. That will take effect after the next cluster config push.
• When terminating secure connections at the Swift nodes, proxy-server logs now log the correct client IP address. Upgrading Swift to 2.18.0.2 or later and pushing a config are required to use the feature.
• It is now possible to use metadata key/values to select objects for 1space synchronization/archive.

Bug Fixes:

• Previously, the configured node TLS ciphers list was ignored; the Qualys SSL Labs recommended default was what actually got used. Now the configured cipher list will be in effect. A cluster config push is required to effect the change.
• Under some conditions, Swift services could fail to start on Ubuntu Xenial and CentOS/RHEL 7.x operating systems. This is now fixed. Also, Swift services will now get properly restarted when there are other system services that aren't running.
• Fixed a rare issue where a node's interface configuration could prevent config pushes.
• Fixed an issue with Swift3 that allowed users to create buckets in arbitrary Swift accounts under certain configurations. A cluster config push is required.

6.7.0.3 (June 19, 2018)

Bug Fixes:

• 1space Lifecycle policies created on the 6.7.0.1 or 6.7.0.2 releases do not automatically merge namespaces. After applying the fix in the current release, you will need to recreate the policy. 1space Lifecycle policies created prior to the 6.7.0.1 release are not affected.

Known Issue:

• After the upgrade to any of the 6.7.0.x releases, 1space sync profiles will be set to merge namespaces. The feature can be disabled in the 1space configuration page by editing the affected profiles.

6.7.0.2 (June 18, 2018)

Bug Fixes:

• Fixed a bug that would cause RHEL/Centos 7.1 nodes to sometimes fail because of package dependency issues.

6.7.0.1 (June 13, 2018)

Features:

• Swift version 2.18.0.2 is now available. This release includes support for container sharding to enable containers with large numbers of objects. Please contact SwiftStack support if you need container sharding. See the Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Controller and nodes both support RHEL/CentOS 7.5.
• The total number of connections a node's memcached server will accept is now configurable on the Cluster Tune page.
• 1space sync profiles can now optionally merge namespaces. Lifecycle profiles continue to provide a merged view of the two object stores. After upgrading to 6.7, you must push config to enable this feature.
• Audit logging can now be configured for SMB access to ProxyFS.
• Metadata Sync allows for specifying an optional Elasticsearch pipeline when indexing new documents.
• When indexing Swift objects whose metadata values contain JSON, Metadata Sync can optionally parse the JSON value and submit it as part of the index operation (as opposed to submitting a string).

6.6.0 (May 17, 2018)

Features:

• HTTPS (TLS) is now terminated on nodes using hitch (the replacement for stud). You will need to push a config to any cluster terminating HTTPS on the nodes to start using hitch.
• The cluster configure page now allows you to select the allowed cipher suite string and allowed TLS versions when the nodes terminate HTTPS.

Bug Fixes:

• The node installer no longer allows installation onto unsupported RHEL/CentOS 7.x point releases (e.g. 7.5 as of this release).

6.5.0.3 (May 16, 2018)

Bug fixes:

• Resolved an issue with not propagating configuration parameters into an internal process.

6.5.0.2 (May 11, 2018)

Bug fixes:

• Resolved a performance issue in internal infrastructure.

6.5.0.1 (May 08, 2018)

Bug Fixes:

• Various bug fixes.

6.5.0 (April 26, 2018)

Features:

• You may now use a custom Key Master middleware, configurable on the Key Master middleware page. Note that it is still the case that Encryption and Key Master settings cannot be changed after a config has been pushed.

Bug Fixes:

• Fixed bug preventing container ACLs from working in accounts not starting with AUTH_, LDAP_, etc., when access is granted via Swift Account ACLs. A config push is required to each Cluster to make the fix take effect.
• Fixed encryption selection problem that could prevent File Access nodes from joining an Active Directory Domain.
• Cloud Sync policies can now be configured to sync all containers from one Swift cluster to another.

6.4.0.1 (April 12, 2018)

Bug Fixes:

• Version 1.5.3 of File Access is now available. This improves signal handling of proxyfsd and includes improvements to fsck.
• Fixed bug in Metadata Sync background process. A config push to any cluster using Metadata Sync is required to make the fix take effect.

6.4.0 (April 10, 2018)

Features:

• CloudSync now allows a custom prefix to be used when interacting with S3, instead of a hash of the local account and container followed by the account and container. Features and bugfixes for CloudSync require a config push to each cluster using CloudSync for the new features to be available or the bugfix to take effect.

Bug Fixes:

• Improved Unicode support in various CloudSync features.
• S3 API access now returns a 204 when a nonexistent object is deleted in order to be consistent with S3.
• When accessed via the S3 API, large objects now report S3-style Etags.

6.3.0 (Mar 14, 2018)

Features:

• Added support for specifying expiring_objects_container_divisor through the Swift cluster tuning page.
• Metadata mappings can be specified on all containers on an account.

Bug Fixes:

• Enabling many File Access nodes at once no longer leads to situations in which enabling further nodes is impossible.
• Fixed a bug which caused On-Premises Controllers' audit logging to fail in some circumstances.
• Ubuntu Xenial (16.04) nodes which were missing some packages such as dmsetup no longer fail to be claimed.

6.2.0.1 (February 26, 2018)

Bug Fixes:

• Fixed a minor bug in Cloud Sync monitoring.

6.2.0 (February 22, 2018)

Features:

• ProxyFS nodes can now join Active Directory Domains with the AD Domain Join section of the Manage File Access > Settings page.
• Cloud Sync credentials are now verified on SwiftStack nodes. The credentials are not verified on submission, but can be verified on-demand by clicking the "Verify" button" on the Cloud Sync Credentials page.
• A Cloud Sync archive policy can be configured for accounts with File Access to enable capacity offloading.
• Swift can be configured to forward syslog messages to an administrator-defined Syslog endpoint. The configuration option is under the Advanced Settings on the Cluster page.

Bug Fixes:

• Cloud Sync archive policies no longer display duplicated listings for restored objects.
• Config pushes that take an unusually long time to complete no longer trigger unnecessary restarts of Swift services.

6.1.0.1 (February 12, 2018)

Bug Fixes:

• Version 1.2.1 of File Access is now available. This fixes a regression in version 1.2.0 that caused PUTs sent via the Swift or S3 API to fail on bimodal accounts when running Swift 2.16.0.2.

6.1.0 (February 1, 2018)

Features:

• Added support for Ubuntu Xenial (16.04) nodes.
• Swift version 2.16.0.2 is now available. This release includes numerous bug fixes for container updates and object expiration, greatly reducing load on container servers particularly in erasure-coded policies. See the Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Bug Fixes:

• Gateways on CentOS 7.4 no longer incorrectly report rpc.statd as not running.
• Controller hostnames are now allowed to be up to 64 characters (previously 50). This limit is imposed by the SSL certificate requirements.
• Disabled ratelimiting in rsyslog for Operating Systems using Systemd which will prevent losing log messages.

6.0.0.5 (December 13, 2017)

Bug Fixes:

• Nodes that do not support SwiftStack File Access may now be used as gateways in File Access clusters.

6.0.0.4 (December 5, 2017)

Bug Fixes:

• Fixed cosmetic issue with existing ProxyFS nodes prior to their first config push after the 6.0.0 deploy.
• Fixed case where proxyfsd could consume more memory than configured.
• Fixed issue in s3_sync that could prevent proxy-server start.

6.0.0 (December 5, 2017)

Features:

• SwiftStack File Access is now available. SwiftStack File Access allows bimodal access to your data stored in SwiftStack Swift clusters via the S3 API, Swift API as well as SMB and NFS filesystem protocols. Contact SwiftStack for more information.

Bug Fixes:

• Fixed issues with SwiftStack Load Balancer with more than 5 VIPs in a group and with newer versions of keepalived.
• Fixed issue with the Specialized Auto-Sharding middleware and the newest versions of Swift. Customers using the Specialized Auto-Sharding middleware should push a config to their clusters.

5.9.0.3 (October 18, 2017)

Features:

• Added support for version 2 Object listings through the S3 API.

Bug Fixes:

• Fixed error messages in S3 API responses.
• Fixed initiate multipart upload handling through the S3 API.

5.9.0.2 (October 12, 2017)

Bug Fixes:

• Fix an issue that results in blocked container-updater and object-updater services (as well as some other Swift daemons).

5.9.0.1 (October 10, 2017)

Bug Fixes:

• Fix inconsistent order of copy and undelete middleware.
• Fix for the Cloud Sync Content-Type propagation.
• When using the Google Cloud Storage service, SLO manifest is properly uploaded.

5.9.0 (October 5, 2017)

Features:

• Added support for CentOS 7.4/RHEL 7.4 SwiftStack controllers and nodes.
• If "Restore on GET" is enabled, Cloud Sync will now fetch Static Large Objects (SLO) from the remote store (or the equivalent objects that were created through Multipart Uploads). As part of this change, Cloud Sync preserves the Swift SLO manifest in the remote clouds under the ".manifests" namespace. Deploying configuration is required to enable this feature.
• Swift version 2.15.1.4-1 is available. See the Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Bug Fixes:

• If an object has already been removed from the remote store when Cloud Sync attempts to delete it, the resulting "Object Not Found" error is ignored.
• Cloud Sync propagates the Content-Type when uploading objects to the remote store.

5.8.0 (September 19, 2017)

Features:

• Removed all support for Ubuntu 12.04 Precise.
• Multi-Region Replication policies with deterministic per-region replica placement are now supported. Policies may be created with up to six replicas distributed across up to six regions. Multi-Region Replication policies will have proxy server read affinity enabled by default.
• When creating new Erasure Coding policies, a different set of recommended (data, parity) fragment schemas is now offered for Multi-Region policies as opposed to single region policies. The recommended schemas for Multi-Region Erasure Coding policies are (4, 2), (8, 3), and (15, 3). Existing policies are unaffected. If you require other policies, please contact the SwiftStack support team.
• Cloud Sync Archive Profile has a new option -- Restore on GET. When enabled, accessing archived objects (a GET request) will restore them in the SwiftStack cluster. The object will then be expired according to the archive policy schedule. Static Large Objects, which are converted to multipart uploads in AWS S3, are not restored.

Bug Fixes:

• Resolved an issue that prevented indexing objects that contained certain unicode characters into Elasticsearch.
• On Cloud Sync policy changes the Cloud Sync status is now reset, such that it will apply the policy retroactively (although, archived objects would not be un-archived).
• Old controller backups are now pruned correctly on recovery controllers.

Known Issues:

• RHEL/CentOS/OL 7.4 operating systems are not supported. Support will be added in a future release.

5.7.0 (August 24, 2017)

Features:

• Swift version 2.15.1.2-1 is available. See the Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Upgrading to Swift version 2.15.1.2-1 will not be possible until Erasure Coding storage policies with known bad configuration have been deprecated.
• Newly created Multi-Region Erasure Coding policies will have proxy server read affinity enabled by default. Users may still override the setting on the Policy create and edit pages.

Bug Fixes:

• Additional packages are now provided to allow CentOS/RHEL 7.3 nodes with minimal installations to ingest properly.
• Changing Cloud Sync policies and settings now properly displays a change notification explaining the new state.
• Cloud Sync correctly propagates metadata changes of an SLO that has already been uploaded to the remote store.
• Metadata Search daemons no longer fail to start (due to a regression introduced in the 5.6.0 release).

Known Issues:

• RHEL/CentOS/OL 7.4 operating systems are not supported. Support will be added in a future release.

5.6.0 (August 3, 2017)

Features:

• Added warning message about clusters with not enough nodes for their EC policy.
• Cloud Sync logs now include ongoing progress and are collected when generating the SwiftStack diagnostic tarball.
• The script generate_storage_csv.py now writes a CSV file with per-policy schema and summary utilization data, in addition to CSV files with per-account utilization data for each policy. It also has new features to list cluster id's and generate data for either a single cluster or all clusters.
• When creating new Erasure Coding policies the options to use isa_l_rs_vand and Other (data, parity) fragment schemas have been removed from the Controller UI. The options available are now isa_l_rs_cauchy and (data, parity) fragment schemas of (4, 3), (8, 4), and (15, 4). Existing policies are unaffected. If you require other policies, please contact the SwiftStack support team.

Bug Fixes:

• Fixed two issues in the node agent Swift health check.
• "Show all jobs" page no longer results in Internal Error.
• Fixed catalog format when using v2 auth.
• Fixed rolling Swift upgrade when custom middleware was enabled.
• When provisioning an Ubuntu Trusty node (14.04.5) for SwiftStack, a conflict with the ssh-import-id package would prevent installation. This package is now removed during the install process and marked as conflicting with the SwiftStack packages.
• Cloud Sync no longer occasionally stalls while uploading objects over 64KB to AWS S3.
• Connections to a remote endpoint are now re-used by Cloud Sync (if possible).
• Up to 10 objects are now uploaded in parallel by each Cloud Sync worker.
• Cloud Sync mappings that involve an AWS S3 bucket that allows only encrypted write operations no longer fail validation.
• Listing objects through a Cloud Sync archived container now properly interprets the Accept header.
• Reassignment of network interfaces is now properly done when one of the interfaces is not used.

5.5.0 (July 13, 2017)

Features:

• As mentioned in the notes from last release, several features have been removed in 5.5.0. This includes swift versions prior to 2.9.0.2-4, Non-User Swift Accounts and object server threads-per-disk settings. In addition, Ubuntu 12.04 Precise nodes can no longer be claimed.
• The SwiftStack Client download link on the Cluster Monitor page has been replaced with a link to the SwiftStack downloads page.
• The policy Tune page for configuring per policy read and write affinity has been removed and the checkboxes have been added to the policy Edit page.
• The set of EC storage policies with known bad configuration has been extended to include policies that have both >= 22 data fragments and >=4 parity fragments. Alerts will be displayed recommending that these policies be deprecated.
• Cloud Sync includes content_location when listing a container with an archival policy to indicate whether the object has been archived.
• Cloud Sync has a new "Settings" tab, which allows for tuning the internal parameters for each daemon. It also allows setting an HTTP/HTTPS proxy.

Bug Fixes:

• The "Restart Proxy Services" button on the Deploy page no longer shows up in certain situations where it will fail.
• Running the node installation command on a node that is already running the SwiftStack node agent is now a no-op.
• Increased robustness in checking for bad drives, reducing the number of erroneous alerts.
• Unicode characters in objects, containers, and account names are now properly handled by Cloud Sync and Metadata Sync.
• Cloud Sync no longer allows setting multiple policies on the same account/container. Previously, while allowed, this could cause incomplete propagation of data into one or both of the locations.
• Cloud Sync against Google Cloud now properly detects an already-uploaded SLO.
• Cloud Sync from the SwiftStack cluster to another Swift cluster now properly supports the "sync all containers in the account" option.

5.4.0 (June 22, 2017)

Checkpoint Release:

• Controllers running versions less than 5.4.0 must upgrade to 5.4.0 before upgrading to subsequent versions.
• This is the last release to support Swift versions older than 2.9.0.2-4. Any clusters running older Swift must be upgraded before upgrading to a version of controller newer than 5.4.0.
• This is the last release to support Non-User Swift Accounts; that feature has been deprecated in favor of Swift Account ACLs since April 2014.
• This is the last release to support object server threads-per-disk; that feature was replaced by servers-per-port, and has been removed from Swift itself for some time.
• This is the last release which will accept new Ubuntu 12.04 Precise nodes. That operating system reached its End of Life in April 2017. Existing Ubuntu 12.04 Precise nodes will continue to work, but should be upgraded to Ubuntu 14.04 Trusty ASAP.

Features:

• The left-side navigation of cluster management has been reorganized. The Configure, Networks, Load Balancer, Regions, Policies and Tune tabs are now grouped under the Configure tab.
• Different ring types (Account & Container, replicated object policies, and EC object policies) now have independent rebalance timing.
• The controller now displays alerts about EC storage policies that have a known bad configuration. The alerts recommend that those policies should be deprecated and have data moved to containers in another policy.
• Once an EC policy with a known bad configuration has been deprecated it will not be possible to un-deprecate the policy.
• Cloud sync now uses AES256 server-side encryption with Amazon S3 for all objects it places in S3. This change will not affect the data already stored in AWS S3. For S3-clones, the encryption option is not set.
• If Cloud Sync archives objects from the SwiftStack cluster to another storage provider, subsequent GET requests for the objects will fetch them from that storage target. Upon returning the object, it will not be placed into the Swift cluster. Listing a Swift container that has been archived will also return objects in the remote storage location, alongside what is in the container itself. After upload to S3, SLO objects will have an ETag that is the multipart upload ETag (and will not match the hash of the entire content).
• The string type has been deprecated in Elasticsearch 5.x and will be removed in a future Elasticsearch release. SwiftStack Metadata Search will now use text or keyword (or both) types to store fields that previously were string. The index must be recreated to apply this change.

Bug Fixes:

• Fixed some issues with restarting Swift services on operating systems using Systemd (RHEL/CentOS/OL 7.x).
• Fixed bug in node filesystem discovery when certain types of RAID-member devices were present.
• SwiftStack Metadata Search now supports object names longer than 512 characters. Upon upgrade, the Elasticsearch index must be recreated, as the document IDs have changed.
• Cloud Sync now deletes the object in a remote Swift cluster if it has been removed from the SwiftStack cluster (if the Sync profile is applied).
• 0-sized objects are now propagated correctly with Cloud Sync to the remote Swift clusters.

Known Issues:

• Cloud Sync per-account mapping from the SwiftStack cluster account to a remote Swift cluster currently places objects from all containers into a single container in the remote Swift cluster. Do not use this functionality until a fix is released that creates a one-to-one mapping between containers.
• Cloud Sync does not work with Swift < 2.7.0. If you would like to use Cloud Sync and are using an older version of Swift, please upgrade Swift.

5.3.0.3 (June 8, 2017)

Bug Fixes:

• Improved ignoring of devices with mounted partitions on nodes.

5.3.0.2 (June 6, 2017)

Bug Fixes:

• Cloud Sync no longer stalls on Static Large Objects with numerous segments.
• Static Large Object segments are now uploaded in parallel when using Cloud Sync.
• Fixed issue where node utilization collection could fail after a initial cluster deployment until node agent was restarted.

5.3.0.1 (June 2, 2017)

Bug Fixes:

• Improved logging of node device data that doesn't match expectations.

5.3.0 (June 1, 2017)

Features:

• Swift version 2.14.0.1 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Storage Policies can now have policy specific read affinity and write affinity settings. The policy specific settings can be tuned on the Policies page. This is only available after upgrading to Swift 2.14.0.1. See Storage Policies Configuration Options for more.
• New EC Storage Policies can support multiple regions with Composite Rings. This is only available after upgrading to Swift 2.14.0.1.
• The ssdiagtarball command on nodes now contains more information, which should help us diagnose and solve problems faster.
• Metadata Search will now decrypt user-supplied metadata when used in conjunction with Swift encryption at rest.
• Cloud Sync will now decrypt object content and metadata before propagating to a remote store when used in conjunction with Swift encryption at rest.
• Cloud Sync has a notion of Profiles. Please see the Cloud Sync documentation for more information on how to configure Profiles and their types. On upgrade, a default profile will be created for every existing mapping.

Bug Fixes:

• Fixed a packaging issue for Metadata Search that caused necessary dependencies not to be installed on Ubuntu 12.04 (Precise) and 14.04 (Trusty) nodes.
• Fixed various issues related to the handling of multipath devices.
• Addressed a vulnerability in Samba that could affect customers using the Gateway. A config push is required to effect this change. See Samba's report for more information.

5.2.0.2 (May 13, 2017)

Bug fixes:

• Fixed issue affecting proxy-server process on Ubuntu nodes. A cluster config push is required if you previously pushed a cluster config while running controller version 5.2.0.1 or 5.2.0.
• Fixed error with Swift cluster no-auth and autosharder middleware. A cluster config push is required for any cluster running no-auth and the Specialized Auto-Sharding middleware.

5.2.0.1 (May 12, 2017)

Bug fixes:

• Fixed regression in 5.2.0 where some rings would not rebalance.

5.2.0 (May 11, 2017)

Features:

• Added support for RHEL/CentOS/OL version 6.9 nodes.
• The proxy server "allow account management" setting is now exposed on the cluster swift tuning page. The default value has also changed to False (disabled), which is safer. A cluster config push is required to change the value to the new default for existing clusters.
• Cloud Sync allows per-account mappings. This allows all of the containers in a given account to be synced. Please see the Cloud Sync documentation for more information on how to set it up.
• Swift ring rebalancing and pushing is no longer unnecessarily held back by "min_part_hours" when it is known to be safe, which can speed up adding and removing capacity. New rings and rings using the default "min_part_hours" will get this benefit automatically; if you have rings with a "min_part_hours" other than 1, you will need to be set them to zero to take advantage of this new feature.

Bug Fixes:

• Fixed a regression which caused SwiftStack Auth authentication requests to not run in a thread-pool. This could cause poor proxy-server performance when under heavy authentication request load. A cluster config push is required to activate this fix.
• The copying of time-series metrics from a primary to a standby controller will no longer evict everything else from the primary controller's buffer-cache.
• SwiftStack node agent workers now have identifying names in the process table.
• Fixed an issue on storage nodes where drive identification could fail.
• Nodes changed from having account/container or object node roles to only having the Proxy role no longer cause inaccurate cluster-wide replication count-up timers in the UI.
• As recommended everywhere, the rsyslog $RepeatedMsgReduction setting is now disabled on nodes.
• The node Edit Network Interfaces page no longer shows interface types which are not relevant to the node's role.
• The background job on object nodes that counts async-pending files no longer gets stuck when a lock isn't removed.

Known Issues:

• If per-account sync is enabled and a container is removed, Cloud Sync may not reset its internal state if the container is immediately recreated. This will result in new objects not being synced. The issue will be addressed in a subsequent release.

5.1.0 (April 25, 2017)

Features:

• S3 API requests for SwiftStack Auth users may now be signed with either the long-lived "S3 API Key" as before or the currently-issued X-Auth-Token. LDAP users may now use the S3 API by signing requests with the currently-issued X-Auth-Token. A config push is required to activate the new version of SwiftStack Auth.
• Delegated Authorization middleware supports two optional headers, which allow specifying the HTTP verb to use and any headers that may need to be passed. Please see Delegated Authorization documentation for more information.
• Cloud Sync allows for one-way sync to another Swift cluster. Please see the Cloud Sync documentation for more information on how to set it up.

Bug Fixes:

• Controller backups larger than 5 GB (after compression) may now be stored in Swift.
• Improved robustness when nodes fetch new Swift rings from the controller.
• Several fixes to stop leaking resources and reduce wasted work on standby controllers.
• Controller installs are not supported inside a container, so the installer now tries to detect and prevent it.
• Closed a security hole when using Keystone for S3 API authentication (see Launchpad Bug 1561199 for more information). A config push is required to activate the new version of the Swift3 Keystone Integration middleware.
• Made it harder to deploy a broken Swift3 or Keystone config.
• Improved the authentication-related error messages for the S3 API. A config push is required to activate the new version of Swift3.
• Less time-series data (graphs) will be lost when restarting controller daemons (including controller upgrade). The restart also completes much faster.
• SwiftStack health check notifications on the nodes are no longer blocked due to leaked resources. This issue previously impacted replication progress.
• Cloud Sync daemons no longer fail to start (affected only the 5.0.x SwiftStack controller release).

5.0.0.4 (April 6, 2017)

Bug Fixes:

• Fixed bug that prevented users of a controller without internet connection from accessing the Monitor Cluster page.

5.0.0.3 (April 5, 2017)

Bug Fixes:

• Fixed bug installing on-premises onto machines with a single CPU.

5.0.0.2 (April 4, 2017)

Bug Fixes:

• Fixed missing symlink required for older RHEL/CentOS 6.x nodes to find packages on the controller.
• Improved recoverability if initial on-premises install fails.

5.0.0.1 (March 30, 2017)

Features:

• Cloud Sync properly parses and uploads static large objects (SLO) in Amazon S3 and Google Cloud Storage. Please see Cloud Sync SLO documentation for more details.
• The SwiftStack Client desktop app is now available for beta testing. You can download it from the Monitor Cluster page.
• On-premises controllers now expose more configuration and tunables in the admin section of the UI.
• On-premises controllers are now better isolated, reducing installation/upgrade issues and simplifying provisioning.

4.12.0 (March 2, 2017)

Bug Fixes:

• Some Centos 7 nodes installed incompatible systemd packages from the Controller. This has been fixed for all fresh Centos 7 nodes; if you have a node that encountered this problem, you need to downgrade affected packages. Contact support if you need help.
• Requests to /info no longer fail on clusters with autosharding middleware enabled.
• Metadata Search: Objects with size greater than 2GB are now correctly indexed in Elasticsearch. If you have previously created an index, you will need to destroy it and create a new one.
• The Rate Limit middleware and Swift S3 API middleware cause spurious errors when clients use the S3 API. The SwiftStack controller now prevents using both features together on a given cluster. During the upgrade, the Rate Limit middleware will be disabled on all clusters that have the Swift S3 API also enabled. Deploying configuration is required to propagate these changes to the Swift nodes.

4.11.0 (February 9, 2017)

Features:

• Swift version 2.12.0 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Added emergency replication mode support for EC policies.
• Added support for CentOS/RHEL/Oracle 7.3.
• New partial index on utilization aggregation to improve processing time for late reporting nodes.

Bug Fixes:

• Fixed XSS issue which affected some in-line edit forms.
• Fixed edge case with delete cluster operation affecting clusters previously configured with SwiftStack load balancer and cloud sync.
• Specialized Auto-Sharding middleware supports server-side COPY.
• Fixed an error where device enumeration and the sdt probe command could fail on certain hardware configurations.
• Object's last-modified date is parsed correctly when indexed in ElasticSearch. Fixed in new swift-metadata-search package. A config push is required to upgrade to the new version.
• Fixed bug where CentOS/RHEL/Oracle 6/7 memory graphs rendered incorrectly.
• CentOS/RHEL/Oracle controllers bind memcached to localhost interface only.

4.10.0 (January 19, 2017)

Features:

• Specialized Auto-Sharding users are now active immediately after a user push. A side effect of this broke server-side COPY for accounts that have auto-sharding enabled. This will be fixed in a future release.
• Some graphs of data that change slowly now default to longer time ranges than 2 hours.
• New graph for monitoring pending container updates cluster-wide and per storage node.

Bug Fixes:

• Node firewall rules will now be correct for servers-per-port during the period between adding a new drive and the next full config push.
• Fixed a case where cached SwiftStack Auth tokens could get corrupted, resulting in intermittent 403 responses.
• Load balancer configuration setting is now properly saved when "External Load Balancer" or "No Load Balancer" is selected.
• Fixed bug where CentOS 6.x controllers could fail to upgrade.

Known Issues:

• Specialized Auto-Sharding middleware does not support server-side COPY. This will be fixed in a future release.

4.9.0.1 (December 28, 2016)

Bug Fixes:

• A disaster recovery restore now works correctly when using automatic controller reporting.

4.9.0 (December 19, 2016)

Features:

• Swift version 2.11.0 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• S3 API Support version 1.11 is available. See Swift3 Changelog for more information. A config push is required to activate the new version.
• Swift3 Keystone Integration users can configure the new option http_connect_timeout.
• Swift Nodes now report the rebalance cycle time of the object-reconstructor daemon which handles Erasure Coded Policies.
• Improved automatic ring rebalance for Erasure Coded Policies based on back-pressure from the object-reconstructor.
• New erasure coding type isa-l-rs-cauchy allows configuration of a larger number of parity fragments for new Erasure Coded Policies.
• The SwiftStack Node ingestion process when adding new Nodes to a new or existing cluster has been moved to a background operation with better visibility, tracking, error handling and reporting.

Bug Fixes:

• Fixed error in Swift process detection that could cause Rolling Swift Upgrades to fail.
• Return error on invalid container names when using autosharding. A config push is required to activate the new version.
• Fix interaction with autosharding and Server Side COPY which would result in an error when attempting a Server Side COPY on some versions of Swift. A config push is required to update the proxy-server middleware configuration.
• Fix inconsistent order of resources returned from the Controller API when using the limit and offset API query paramaters with large collections.
• Fix incomplete url path returned in the next and prev fields of Utilization API responses.
• Various fixes and improvements related to 1space Multi-Cloud.
• Fixed unicode character handling in 1space Multi-Cloud and SwiftStack Metadata Search. A config push is required to activate the new version.
• Fix bug which prevents the automatic detection and graceful degradation to IPv4 protocol when IPv6 module is disabled in CentOS/RHEL configurations.

4.8.0.1 (December 8, 2016)

Bug Fixes:

• Minor fix for infrastructure issue.

4.8.0 (December 5, 2016)

Bug Fixes:

• Fixed a bug in the Keystone middleware that caused it to fail when trying to connect to Keystone servers with certain hostnames.
• OpenVPN now successfully starts on installations that have IPv6 disabled.

4.7.0.1 (November 11, 2016)

Bug Fixes:

• Fixed an error when device enumeration and the sdt probe command could fail if a device enclosure was removed from certain hardware configurations.

4.7.0 (November 10, 2016)

Features:

• Metadata Search integrates Swift object metadata with Elasticsearch. The integration operates on individual containers and runs continuously in the background. Objects can then be quickly located through Elasticsearch by any user-specified metadata associated with them. As part of this change, the SwiftStack metadata search middleware has been deprecated and will be removed upon upgrade.
• Cloud Sync replication can now be reset. This allows an operator to restart the replication process if any content has been removed from the remote bucket. The Cloud Sync daemons will ensure that all objects in the Swift containers have been replicated (even if they were previously removed).
• Cloud Sync supports Google Cloud Storage. It is available as a provider through the drop-down menu. Cloud Sync requires a Google Cloud Storage interoperability key.
• Expose configuration of segment_size for new erasure-coded storage policies. The recommended default value is still 1 MiB.
• Display Last Replication Cycle Completed per node for all nodes on the Rebalance Monitor page.

Bug Fixes:

• Cloud Sync encodes Unicode and punctuation characters with URL encoding in object metadata. Encoded metadata values no longer cause the objects to be reuploaded, as if the metadata has changed. Deploying configuration is required to update the cloud sync daemons.
• Fixed multiple reported bugs where device enumeration and the sdt probe command could fail with certain hardware configurations.
• Fixed an issue that would block rebalancing on nodes with numerous disks

Known Issue:

• We have temporarily limited the number of parity fragments for new erasure-coded storage polices to four or less. This restriction will be lifted in a future release.
• If you have an existing erasure-coded storage policy with five or more parity fragments (e.g. 7 data fragments, 6 parity fragments) - please contact SwiftStack support.

4.6.0 (October 20, 2016)

Bug Fixes:

• Corrected configuration values that could cause the replicator to lock up, preventing replication from completing on a cluster.
• Fixed a bug where nodes, when upgrading agent code, could fail to properly restart some processes. This interfered with rebalancing of clusters.
• Metadata values containing unicode, spaces, and certain other punctuation characters no longer cause cloud sync to re-upload the data.

Known Issue:

• If a cloud sync container mapping exists, removing the cluster will fail. Remove the cloud sync mappings prior to removing the cluster to work artound this limitation. The issue will be resolved in a following release.

4.5.0.2 (October 5, 2016)

Bug Fix:

• Fixed the validation of Amazon S3 credentials when creating cloud sync mappings.

4.5.0 (October 3, 2016)

Features:

• Added tracking and display of disk serial numbers and drive tray blinking; may not work for multipath chassis yet.
• Node drive management page can set or clear enclosure disk tray blinking. The cluster auto-unmount-on-disk-failure advanced setting will now also set a failed disk to blink. Formatting and mounting a device will automatically clear its blink status. Drive blinking features may not work for multipath chassis yet.
• You can now sort the device tables on the node drive management page.
• Improved handling of LDAP search results when multiple configured servers respond with results. A config push is required.
• Added a secondary provider type to CloudSync credentials -- "Other". Allows for specifying an endpoint other than Amazon S3, e.g. Google Cloud Storage.

Bug Fixes:

• Improved reliability of node connectivity checker for large clusters.
• Fixed issue on RHEL/CentOS 7.x nodes where Swift services did not get their open file descriptor limit raised. Swift daemons must be restarted to get the raised limits.
• Fixed race condition that would sometimes interfere with concurrent formatting and mounting of drives on multiple nodes.
• Object deletions in Swift will be propagated to the CloudSync buckets correctly.

Known Issue:

• Clusters with erasure-coded storage policies running Swift 2.7.0.2 or earlier suffer from a memory leak in the object-reconstructor (see Launchpad Bug 1628906 for more information). Swift version 2.9.0.1 avoids the memory leak. Affected clusters should be upgraded to the latest Swift version as soon as possible.

4.4.0.2 (September 13, 2016)

Bug Fixes:

• Fix issue preventing node agent code upgrade on RHEL/CentOS operating systems when the rpmdevtools package is installed on the node.
• Fixed a problem that could interfere with controller restore.
• Fixed issue which could cause spurious "No recent successful rsync of cluster metrics" alerts.

4.4.0.1 (September 8, 2016)

Features:

• Cloud Sync now uploads up to ten objects in parallel on each node.
• Cloud Sync validates S3 credentials at the time of addition. Initially, it only checks the ability to ListAllMyBuckets. This will require a potential change in the IAM policy to include permissions for ListAllMyBuckets. When a mapping is added, PUT, HEAD, and DELETE permissions for objects in the bucket are also validated.
• Swift3 users may now access buckets in other users' accounts if appropriate ACLs have been set. Use an access ID like <your access ID>:<target> to access buckets in the target account. Note that you will need to use this same access ID when setting the ACL, and you will need to include any auth prefixes (such as AUTH_ or KEY_ ) when specifying the account.
• On RHEL/CentOS/OL 7.x operating systems, SwiftStack no longer uses the system Python. This will decrease the chance of SwiftStack software interfering with other code.
• There is a new version of Swift, but it only changes file locations for RHEL/CentOS/OL operating systems; the Swift code itself is unchanged. You do not need to upgrade if you are already running Swift version 2.9.0.
• The SwiftStack Controller On-Premises now has a global option to disable firewall management on SwiftStack nodes. This is an advanced deployment scenario, and if you don't manage the firewall somehow, the cluster will not work. Please contact SwiftStack support if you require this.
• The SwiftStack Controller On-Premises now supports deployment behind a reverse proxy. This is an advanced deployment scenario, and should not be utilized unless absolutely required. Please contact SwiftStack support if you require this.

Bug Fixes:

• Swift3 now supports virtual-host-style access when using v4 signatures.
• If a SwiftStack controller upgrade fails after database migrations have run, the installer will now roll them back.
• Fixed issues on systems with restrictive umasks like 0077.

4.3.0.3 (August 19, 2016)

Features:

• Added documentation for Encryption Configuration

4.3.0 (August 18, 2016)

Features:

• Swift version 2.9.0 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Data can now be encrypted at rest in SwiftStack. To enable this feature, the Key Master and Encryption middlewares must be enabled and configuration pushed. A previously deployed cluster cannot have its data encrypted. Encryption must be enabled on new clusters before the pushing the configuration for the first time. Swift version 2.9 is required to use this feature.
• CloudSync now supports v4-only regions: Frankfurt, Seoul, and Sydney.
• If you need to disable the security protection which prevents the controller from being accessed with a mismatched Host: header, you can now do so by running sscontrol config set CONTROLLER_DISABLE_HOST_HEADER True, waiting for the value to appear in /opt/ss/etc/ssman.conf.sh, and then re-running the controller upgrade process.
• Some convenience files that were placed in /etc/profile.d/ by the controller installation are now placed in /opt/ss/etc/profile.d/ and are therefore no longer active by default. If you want to use them, you can create symlinks from /etc/profile.d/ into the files in /opt/ss/etc/profile.d/.

Bug Fixes:

• Unauthorized users cannot use autoprovisioning to add a node to a cluster.
• Cloud Sync ensures that all data is copied by re-checking it if a drive is replaced.
• Deleting a mapping of a container to one bucket and adding a mapping of the same container to another bucket will reupload all of the data to the new bucket.
• CloudSync now includes the DLO X-Object-Manifest header with the objects and allows for reconstruction of the data back from S3.
• The node connectivity checker no longer generates false alerts during Swift upgrades.
• The SwiftStack controller can now be properly installed by the root user, without creating any service account with no-password sudo access. The root user account does not need sudo access.
• The controller install process no longer requires the ability to SSH back into localhost without a password.
• The superuser column is correctly displayed for invited users of the controller.
• Adding a disaster recovery stand-by controller now works correctly when using IPv6.

Known Issue:

• If encryption is enabled, CloudSync data in S3 will be in the encrypted form.

4.2.0.1 (August 1, 2016)

Bug Fixes:

• The node connectivity checker no longer checks some Swift ring device ports when it shouldn't.
• Cloud Sync daemons validate ETags between S3 and Swift correctly, avoiding a copy of objects into S3 from each of the daemons. A config push is required to activate this change.

Known Issue:

• Cloud Sync does not currently support the following AWS regions: Frankfurt, Seoul, and Sydney. The restriction will be removed in a subsequent release.

4.2.0 (July 28, 2016)

Features:

• Cloud Sync allows for continuous one-way replication from a SwiftStack container to an Amazon S3 bucket. This gives you the ability to automatically provide access to data in the public cloud or to use another site for an additional level of data protection.
• Connectivity issues between Swift nodes in a cluster are now automatically detected and alerted on. Connectivity status will also be reported when running ssdiag on nodes. See the Firewall Security for guidance on which ports must be accessible for SwiftStack Nodes.
• Swift upgrades now operate on storage nodes first and proxy-only nodes last. Within each Node Role group, nodes will fully upgrade in each Zone before moving on to the next.
• If utilization processing is not successfully completing, an alert will now be generated.

Bug Fixes:

• Previously, rolling Swift upgrades on RHEL/CentOS 7.x platforms could fail if a client held a connection open forever. Now, on all operating systems, upgrades stop Swift services in two stages: existing connections get up to 45 minutes to complete before the services are forcefully terminated.

4.1.0 (July 14, 2016)

Bug Fixes:

• New CentOS/RHEL nodes can install Swift even if a previously-hard-coded user and group ID is already in use.
• Fixed a bug preventing subsequent config deploys with IPv6 and the SwiftStack Load Balancer.
• Gateway configuration now allows specifying a URL ending with a two character country code.
• If a package fails to install during auto-provisioning, the controller will attempt to correct the problem on retry.
• Fixed a bug that leads to the auto-provisioning screen to remain at the "Finished claim" stage indefinitely.
• Improved error messages on failures during auto-provisioning.
• Non-proxy Swift nodes will now correctly repair their firewall rules.
• Use the group of the installing user when installing the controller.
• Added ssh packages in cases where the target node does not contain the packages and cannot retrieve them from any repository.
• Fix issue with "firewall-cmd" on some CentOS/RHEL controllers with stale or missing upstream package repositories.

Known Issues:

• When using the SwiftStack Load Balancer, you should always submit the interface-assignment form (even if it was already correct). The requirement will be removed in the next release.
• If the SwiftStack Load Balancer is not used, remove all invalid or not fully configured groups before a config deploy. The requirement will be removed in the next release.

4.0.0.2 (June 30, 2016)

Bug Fixes:

• Fixed display of the Auth and Web Console URLs for clusters which were using the SwiftStack Load Balancer without a hostname.

4.0.0.1 (June 29, 2016)

Features:

• New SwiftStack Load Balancer. The LVS-based load balancer has been replaced with a better round-robin DNS–based system. Note that if you use the SwiftStack Load Balancer, you must take action. For more details about the new SwiftStack Load Balancer, see the full documentation.
• NTP orphan mode is now enabled. This allows nodes to maintain consistent time between themselves when no external time sources are available.
• Newly created clusters will now default to having proxy servers respond with Storage URLs with the same hostname the proxy was queried with. The new default override_storage_hosts setting can be overridden on the SwiftStack Authorization middleware page.

Bug Fixes:

• Fixed a display issue on config push page when adding and removing custom middleware before a config deploy.
• Allow removal of policies from devices if configuration has not yet been deployed.
• Fixed issue with incorrect display of role changes on config deploy page.
• Devices on disabled nodes can now be immediately removed from storage policies. If all devices are removed, the node can then be deleted.
• Fixed a bug in the autosharder middleware that prevented the proxy-server from starting on Ubuntu operating systems.
• Fixed Oracle Linux detection during installation.
• Display error message if /home/swiftstack folder is not created properly during install.
• Display error message if email address during installation VPN certificate generation is over 40 characters in length.
• Fixed issue that allowed LDAP controller users to get a password in the controller's local user database.

Known Issues:

• If you rename an RRDNS Group that has outstanding changes to other settings, the list of changes on the config push page can get duplicate entries. This issue is cosmetic and does not affect correct operation of the SwiftStack Load Balancer.

3.14.0.3 (June 20, 2016)

Bug Fix:

• Fixed Swift3 to allow requests when proxy servers are not in the UTC timezone.

3.14.0.2 (June 13, 2016)

Bug Fixes:

• Fixed one last middleware package to work with newest Swift (2.7.0.2)

3.14.0.1 (June 8, 2016)

Bug Fixes:

• Fixed regression in the swift3 that shipped with controller release 3.14.0 that broke v2 pre-signed URLs.
• Fixed some middleware packages to work with newest Swift (2.7.0.2)

3.14.0 (June 6, 2016)

Features:

• Swift version 2.7.0.2 is available. Notable improvements include: concurrent bulk deletes, fixes for SLO, EC, logging, and even number quorum size (even quorum is now >= 1/2 instead of 1/2 + 1), and the removal of the threads-per-disk feature.
• The threads-per-disk feature is now officially deprecated, and every cluster using it should be upgraded to the latest Swift version and switch to using servers-per-port.
• Added support for AWS Signature v4 in the swift3 middleware.
• Added visibility into cluster rebalancing: new tab on cluster monitor page.
• Added support for CentOS and Oracle Linux 6.8.
• SwiftStack nodes now automatically detect packaging conflicts that would prevent config pushes from succeeding. In the event this occurs, an alert will be opened with more information, and config pushes will be blocked until the problem is resolved.

Bug Fixes:

• Fixed how winbind is checked on CentOS/RHEL 7.x.
• Added CSV format for more Utilization API endpoints, making them consistent with existing documentation.
• Fixed race condition where LDAP controller users could occasionally revert to broken local user accounts, preventing login.

3.13.0 (May 19, 2016)

Features:

• Added support for RHEL 6.8
• Graphs of partition placement on nodes now available under the Admin's graphs page.

Bug Fixes:

• Fixed regression in 3.12.0 where a proxy-only node would hold up ring rebalancing.
• Various package dependency issues resolved.
• Ongoing problems that raise alerts will no longer result in multiple alerts for the same issue.
• Fixed a bug in the Gateway that would cause a restart loop when attempting to upload a file larger than the cache.
• The controller install will no longer fail on systems with IPv6 support disabled.

3.12.0.1 (May 9, 2016)

Bug Fix:

• Fixed issue where rsync could fail on non-object account or container nodes due to a missing required directory. This will be automatically fixed.

3.12.0 (May 5, 2016)

Features:

• Swift nodes now try to restart required system daemons if they are not running.
• Improved ring rebalancing and pushing to nodes: ring rebalancing will not happen until every enabled node in the cluster has completed at least one full replication cycle since the last time rebalanced rings were pushed out. This will prevent replication "demand" from outstripping "supply". There is no longer an "add/remove immediately" option for capacity changes: they are always gradual.
• min_part_hours can now be configured per-storage policy in the administrative interface.

Bug Fixes:

• Fixed issue where ss-python-dateutil could break system packages depending on python-dateutil on CentOS/RHEL 6.x platforms.

3.11.0 (April 21, 2016)

Features:

• Swift version 2.7.0 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• Added support for Oracle Linux 7.2.
• Improved multipart and metadata support in Swift3. A config push and proxy server restart is required to activate the changes.
• Exposed the "request_node_count" as a tunable setting for proxy nodes.
• Enabled Swift to submit GET and HEAD requests concurrently to the replicas for a given object, returning the first result. For EC policies, only HEAD requests are concurrent. This feature requires Swift 2.7.0 and is enabled by default for new and upgraded clusters. After an upgrade, configuration needs to be pushed to the cluster to propagate the setting. To disable the feature, toggle the "proxy_server_concurrent_gets" field. Administrators can control the concurrency of the requests by changing the "proxy_server_concurrency_timeout", which changes the time between sending a GET or HEAD request to the next replica.
• Reduced warning about missing backups in the log files for newly provisioned controllers.

Bug Fixes:

• Swift LDAP middleware verification requests are now only sent to proxy nodes, eliminating potential false negative results.
• Unresponsive drives properly trigger notifications as failing.
• Long container names are presented correctly in Swift Web Console.
• Network bandwidth graphs properly handle periods in the names (e.g. "bond.2").
• Storage policy names can be edited after the policy has been created.

Known Issue:

• With SwiftStack controller versions 3.9 and 3.10, prior to Swift version 2.7, Swift proxy-server will fail all requests with status 500 if rsyslog is not running. Restarting rsyslog service should return the Swift proxy-server back to normal state. Swift 2.7 contains a bug fix that ensures the proxy-servers continue to process requests even if rsyslog stops running.

3.10.0.1 (April 13, 2016)

Bug Fixes:

• Updated redistributed samba packages to include fix for the "Badlock Bug". Users of the SwiftStack Gateway will need to upgrade their samba-related packages and make sure samba is restarted.
• Fixed Swift health checker regression in 3.10.0, when restarting Swift daemons on Ubuntu platforms.
• Fixed issue that could delay node vpn client reconnect during controller upgrade.
• Fixed issue with form validation that prevented changing the name of a Replicated Storage Policy once it was deployed.
• Improved robustness of restarting services on the controller.

Known Issue:

• The SwiftStack Gateway does not support IPv6 (this was omitted from the original release notes for 3.9.0.1).

3.10.0 (April 7, 2016)

Features:

• Added support for Oracle Linux 6.7.
• Swift clusters behave better when one or more storage disks fill up (you should still not let this happen). Previously, rsync replication operations could fill disks to a point which interfered with object DELETE requests. Now rsync is disabled when a disk is full; with Swift >= 2.5.0, rsync is disabled per-disk, while it is disabled server-wide for older versions of Swift. All customers are encouraged to upgrade to the latest version of Swift. A config push is required to gain this protection.
• The "Object replicator emergency replication" mode is more effective at draining full disks after additional capacity has been added to a cluster. You should always add capacity before disks fill up.
• Some numeric Swift tunables which are floating-point values in newer versions of Swift are now floating-point in the controller. When pushing config to clusters running older versions of Swift, the values will be truncated to the nearest integer.
• Controller now uses the Strict-Transport-Security header to more securely redirect HTTP requests to use HTTPS.
• A new Swift tunable, "Object replicator rsync max connections per disk", will limit the number of simultaneous replication rsync operations per disk. This feature requires Swift >= 2.5.0 and a config push to take effect. This new setting defaults to 4.

Bug Fixes:

• Fixed issue where rsyslog dying could interrupt Swift services. The Swift health checker now ensures rsyslog is running prior to restarting Swift services.
• Log messages will no longer get lost due to rate-limiting on CentOS/RHEL 7.x nodes.
• Controller logins are no longer unnecessarily slow in some circumstances.

3.9.0.1 (March 21, 2016)

Features:

• The controller and Swift nodes now support IPv6. Swift version 2.6.0.3 or later is required to use IPv6. A mixture of IPv4 and IPv6 is not supported. The SwiftStack Load Balancer is not supported with IPv6. The SwiftStack Gateway is not supported with IPv6.
• Proxy servers can now be restarted outside of a config deploy. This is done from the deploy page.
• New clusters, and clusters with the default values for Swift workers, will now use the value of auto, allowing Swift to better utilize system resources. You may see "Pending Configuration Changes" related to this automatic migration. You must push config to your clusters to take advantage of the superior default.
• A new setting under "Object Settings" in the cluster Swift tuning page called "Object replicator emergency replication" can help clusters whose disks have become full recover more quickly. It should be disabled after the full disk or disks have drained enough data.
• The default value for the Swift object replicator tunable "rsync timeout" was too low and has been raised. Existing clusters using the default value have been automatically adjusted to use the new default. You must push config to your clusters to take advantage of the new, higher, value.

Bug Fixes:

• The Swift object-replicator will no longer copy rsync temporary files when copying hashdirs. A future version of Swift will automatically clean up any existing "orphaned" rsync temporary files.
• CentOS and RHEL nodes can now infer the Content-Type of uploaded files.
• Security bug (CVE-2016-2512) allowing maliciously crafted controller URLs to redirect users to other domains has been fixed. Learn more.
• Clusters using object servers per port configurations will use significantly fewer operating system threads.
• Fixed issue preventing PUT (data into Swift) data from showing up in the proxy throughput graphs for RHEL and CentOS 7.x nodes.
• Reduced page load time for the cluster "Swift Usage" page. Note that the utilization data is designed for batch usage, so this page may still take a long time to load.
• Fixed some issues with the Gateway on RHEL/CentOS 7.x.
• Fixed issue where an existing chrony package on RHEL/CentOS 7.x nodes could interfere with ntpd.
• For Swift nodes terminating SSL, the "stud" process is now expected to be running and will show up in ssdiag and an alert if it is not running when it should be.
• Fixed a way in which the Swift health checker could say the object-server was not working when it actually was fine.
• Fixed a bug that caused proxy nodes that did not support the avx cpu instruction set running erasure coded policies to fail on GETs and PUTs of objects in erasure coded containers. If you have a cluster affected by this bug, you need to push a new config and restart proxy servers.
• New controllers will no longer issue alerts about failing to create backups.

3.8.0.3 (March 8, 2016)

Bug Fixes:

• Fixed issue sending emails from the controller.

3.8.0.2 (March 3, 2016)

Bug Fixes:

• Fixed issue preventing setting Account ACLs with Swift version 2.6.0.3. A config push and proxy server restart is required for the fix to take effect in any cluster already running 2.6.0.3.
• Fixed issue where "ss-collectd" package installation could occasionally cause Ubuntu controller installations to fail.

3.8.0 (February 25, 2016)

Features:

• Swift version 2.6.0.3 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
• On cluster tuning page, the number of workers may now be set to "auto" to set the number of workers to the number of CPU cores (only for Swift 2.0 and later). A config push is required to make the change take effect.
• Controller Recovery is now generally available. See the documentation for more information.

Bug Fixes:

• The partition power on new rings is now limited to 22. This is to prevent creation of rings that adversely affect performance.
• Services that fail to start will no longer get restarted indefinitely by Systemd on RHEL/CentOS 7.x controllers and nodes.
• Increased robustness of node ingestion.
• Some RHEL/CentOS systems have a default per-user-session process limit which could cause problems on Swift nodes in certain configurations. The SwiftStack node agent now automatically raises this limit.
• With servers-per-port active, the controller now assigns device port numbers contiguously so node firewall rules have no "holes". A config push is required to change existing nodes.
• Firewall rules for RHEL/CentOS 7.x nodes will now be correctly active after reboots.
• RHEL/CentOS 7.x nodes will automatically install and/or enable firewalld if necessary, so required firewall rules can be active.
• Outgoing email settings changes now take effect immediately.
• Extraneous files will no longer pile up in the /var/lib/ss-utilization/ tree.
• Fixed log rotation issues on some CentOS/RHEL installation.
• Fixed issue where having /home be a symlink to another filesystem could cause an install to fail.

3.7.0.1 (February 4, 2016)

Bug Fix:

• Fixed a data migration scalability issue.

3.7.0 (February 4, 2016)

Feature:

• Added replication stats to cluster Swift Stats and node monitor pages.

Bug Fixes:

• Fixed issue with parentheses in LDAP CNs for controller and Swift LDAP integration. A config push and restarting the proxy servers is required for the new code to take effect.
• Fixed issue on CentOS/RHEL 7.2 which could prevent the database from starting when the controller server boots.

3.6.0 (January 21, 2016)

Feature:

• Added alerting when configured interfaces disappearing from nodes.

Bug Fixes:

• A new Swift version is available (2.5.0.2.1) which fixes CVE-2016-0738. Customers are encouraged to upgrade their Swift clusters at their earliest convenience. Client disconnects during large-object downloads would leak file descriptors on the proxy, eventually leading to resource exhaustion.
• Improved file validation on the SwiftStack Gateway. This will require a Gateway upgrade.

3.5.0 (January 7, 2016)

Bug Fixes:

• Better unicode support for Swift3

3.4.0.1 (January 5, 2016)

Bug Fixes:

• Better handle background work jobs that consume a lot of RAM.

3.4.0 (December 17, 2015)

Bug Fixes:

• Fixed problem where a Swift Web Console URL without a trailing slash would not work for a cluster with SSL enabled.
• Fixed issue when nodes have existing Centrify packages installed.

3.3.0.1 (December 10, 2015)

Bug Fix:

• Fixed a security issue in the Swift3 middleware that allowed replay attacks. See Launchpad Bug 1497424 for more information; the vulnerability is being tracked as CVE-2015-8466. A config push and proxy-server restart is required to activate the fix.
• Fixed issues which would cause upgrades to spuriously fail.

3.3.0 (December 3, 2015)

Feature:

• Added support for RHEL 7.2.

Bug Fixes:

• Several bugs were fixed in the Swift3 middleware. A config push is required to activate the change.

3.2.0 (November 19, 2015)

Features:

• The swift db_preallocation setting will now be automatically set appropriately to maximize performance based on the kinds of devices used in Account and Container rings.

Bug Fixes:

• Changing middleware settings will no longer result in spurious notifications about unchanged values on the cluster deploy page.
• Improvements to the handling of software RAID devices, including the suppression of spurious health alerts for RAID devices.

3.1.0.2 (November 10, 2015)

Bug Fixes:

• Fixed issue where Swift LDAP middleware could not be configured to have a non-default account prefix. It now works as expected and also supports multiple account prefixes. Once any data is stored in Swift using LDAP-authenticated users, the LDAP account prefixes should NOT be modified.

3.1.0 (November 5, 2015)

Bug Fixes:

• Fixed issue affecting object deletion in the Swift Web Console. Proxy servers must be restarted and Swift Web Console windows/tabs reloaded for the change to take effect.
• Fixed issue with Swift health check where having many tombstone files could slow it down.
• Fixed issue with servers-per-port feature on nodes with exactly 2 disks.
• An unreachable LDAP server can no longer prevent successful login to the controller with a local user.

3.0.0 (October 22, 2015)

• New version of Swift (2.5.0, OpenStack Liberty) is available, including support for range requests of static large objects. See the changelog.
• Swift logs are now uploaded to a ".logs" account within the cluster for indefinite retention.

Bug Fixes:

• Fixed issue in which upgraded Ubuntu nodes could erroneously have duplicated configuration files, interfering with log rotation.

2.55.0.1 (October 12, 2015)

This hotfix release addresses issues in SwiftStack Controller On-Premises only, and was not deployed to platform.swiftstack.com.

Bug Fixes:

• Fixed issue which could prevent deletion of processed Utilization data on the controller in rare cases.

2.55.0 (October 8, 2015)

Features:

• The config-push page now includes the old and new values for changed fields. Note that currently pending changes may display improperly until the next config push.

2.54.0.3 (September 30, 2015)

Bug Fixes:

• Increase reliability during the installation process

2.54.0.2 (September 28, 2015)

Bug Fixes:

• Nodes with InfiniBand devices can now be ingested properly.
• A bug that would have caused some out-of-date backups to not get deleted on time has been fixed.

2.54.0 (September 24, 2015)

Features:

• New Swift clusters will now run one set of object-server workers per disk. To use this feature with existing clusters, you must upgrade to Swift >= 2.3.0.4, enable the feature on the Swift tuning page, and push a config to the cluster.
• You can now set DEBUG-level logging for each type of Swift service on the Swift tuning page. A config push is required to activate the change. DEBUG-level logging should only be enabled for troubleshooting and disabled again.
• Clusters in the "Testing" deployment status can now be deleted after disabling each node.

Bug Fixes:

• When using the Swift3 middleware, deleting multipart uploads now deletes the underlying segments.

2.53.0 (September 9, 2015)

Features:

• Added support for CentOS/RHEL 7.1
• Nodes will have SELinux set to "permissive" from "enforcing"
• Timeout/retries are configurable for the LDAP service ping in the "LDAP-based Authentication for SwiftStackAuth" middleware configuration page. For the new settings to take effect, you must push a config to the cluster.
• Nodes no longer upgrade all packages every hour.

Bug Fixes:

• Swift version 2.3.0.4.1 is available. It is the same as 2.3.0.4 with a backported security fix for CVE-2015-5223. You must upgrade Swift to take advantage of the bugfix.
• LDAP group searches now work correctly from the root. You must push a config to your cluster and/or restart your proxy servers for this change to take effect.
• Fixed bug preventing ingest of Nodes with Infiniband interfaces.
• On the SwiftStack Gateway if a full synchronization is performed segmented files will not be mistakenly downloaded to compare MD5 checksums.

2.52.0 (August 20, 2015)

Features:

• Multiple LDAP endpoints can now be disambiguated when authenticating with SwiftStack LDAP Authentication. See the documentation for more information.

Bug Fixes:

• Fixed a regression (regrettably introduced in 2.51.0) in some features (for example, configuration of cluster network interface rules) relying on Ajax requests.
• Users with the Cluster Operator role may once again ingest nodes without receiving an erroneous Forbidden error.
• The licensing form now accepts UTF-8-encoded input correctly.
• Fixed an issue in the SwiftStack Gateway that could prevent local accounts from being authenticated.
• Applied security fixes preventing a denial-of-service vulnerability in the Django web application framework's session store (CVE-2015-5963 and CVE-2015-5964).

2.51.0.2 (August 11, 2015)

This hotfix release addresses issues in SwiftStack Controller On-Premises only, and was not deployed to platform.swiftstack.com.

Bug Fixes:

• Fixed some potential install issues for most supported SwiftStack Controller On-Premises operating systems.

2.51.0.1 (August 10, 2015)

Features:

• Add support for CentOS 6.7

2.51.0 (August 6, 2015)

Features:

• Storage nodes can now detect and use NVME drives.
• Improved UI for the cluster Users page; it is now possible to toggle a user's superuser or enabled status without also setting their password.
• Alerts regarding failed config pushes now also link to the relevant workjob.
• The Swift Drives page now indicates whether a drive is an SSD or HDD.
• When installing or upgrading the controller, SELinux will be set to permissive if it was previously set to enforcing.

Bug Fixes:

• Swift version 2.3.0.4 is available. This version replaces 2.3.0.3 which had a bug preventing configuration changes from taking effect. Any Swift cluster running 2.3.0.3 should immediately upgrade.
• Improved Swift3 compatibility for the SwiftStack Auth middleware. This change requires a proxy server restart.
• Improved prefix filtering for the Web Console. This change requires a proxy server restart.
• Various fixes to the node agent.

Known Issues:

• If you created a new cluster or upgraded Swift on an existing cluster since the previous release, you will not be able to ingest new nodes for that cluster until you upgrade Swift. Clusters running Swift 2.3.0.3 should be immediately upgraded to Swift 2.3.0.4.
• CentOS 6.7 will be released in the near future. Registering or ingesting CentOS nodes that follow the Continuous Release repositories may be broken. This will be addressed in a future release, after CentOS 6.7 is released.

2.50.0.1 (July 28, 2015)

This hotfix release primarly addresses issues in SwiftStack Controller On-Premises only, and was not deployed to platform.swiftstack.com.

Bug Fixes:

• Provide initial support for RHEL 6.7 (CentOS 6.7 is not released yet).
• Fix issue with LDAP server connectivity check when using RRDNS for LDAP or AD server names.

2.50.0 (July 23, 2015)

Features:

• Swift version 2.3.0.3 is available. This version fixes some bugs in the initial Erasure Coding support. It also reduces unnecessary partition movement with unbalanced cluster capacity. A Swift upgrade is required to take advantage of these new fixes.
• SwiftStack Auth Swift Users can now be disabled on the Users And Accounts page (More info). After disabling or reenabling a SwiftStack Auth Swift User, you must push a config or push users to the cluster for the change to take effect.
• A superuser SwiftStack Auth token may be used to disable any account in a Swift cluster (Account Disablement). To take advantage of this feature, you must restart the proxy servers.
• Events created on nodes are now logged on those same nodes. These will be logged to /var/log/ssevents.log. See Events for more information about events.
• Swift3, the Amazon S3 compatibility layer for Swift, has been updated and offers improved coverage of the S3 API.

Bug Fixes:

• Sorting nodes by zone on the Node Management page now works properly.

2.49.0 (July 9, 2015)

Features:

• Result pages for jobs in progress now update dynamically, and a list of all jobs is available.
• When a rolling Swift upgrade fails, the stage at which it failed is exposed.
• Required middlewares are now visually indicated as such.

Bug Fixes:

• The removal of all devices from a policy is no longer allowed when doing so would prevent a config push.

2.48.0.2 (July 1, 2015)

This hotfix addresses a potential install/upgrade issue only affecting SwiftStack Controller On-Premises and was not deployed to platform.swiftstack.com.

• Fixed a dependency issue preventing installation on Ubuntu Precise and Trusty.

2.48.0 (June 26, 2015)

Features:

• Added a download link to the job-result page.
• Improved UI on the Swift tuning and middleware configuration pages.
• Improved output and diagnostics from ssdiag.
• Added the ability to manage account and container ACLs from the Web Console.
• Controller user API keys can now be rotated from the command-line.

Bug Fixes:

• Improved Unicode support in the SwiftStack Gateway. This will require a Gateway upgrade.
• Removed the SwiftStack Gateway Optimize-for-SMB/NFS setting, as it could cause data corruption. This will require a Gateway config push.

2.47.0.1 (June 17, 2015)

Bug Fixes:

• Fixed a bug in which async_pending writes could fail in some cases.

2.47.0 (June 11, 2015)

Features:

• The user's username is now also displayed on the Edit Organization API Keys page.
• ssdiag now reports SELinux status (we recommend SELinux be set to "disabled" or "permissive").
• Added a list of background work jobs to the UI, accessed via a link in the header. The information is currently "raw" and mostly suitable for providing to SwiftStack Support, but this page will be improved in future releases.
• Added a "Go Now" link for System alerts.

Bug Fixes:

• Fixed a package dependency in the ss-swift package which could cause upgrades to fail. If you have already upgraded to 2.3.0.2, then you do not need to upgrade again at this time.
• Fixed bug in Utilization processing for Swift account names containing tabs.
• Fixed bug in Swift Web Console when the container list had multiple pages.

2.46.0 (May 28, 2015)

This release consists primarily of back end improvements in preparation for upcoming feature releases.

Bug Fixes:

• Fixed a bug making it impossible to acknowledge system-wide alerts.
• Whether the controller allows signups without an invitation code is now configurable through the sscontrol CLI (as the SIGNUPS_ALLOWED config entry).

2.45.0.1 (May 13, 2015)

This hotfix addresses a potential install issue only affecting SwiftStack Controller On-Premises and was not deployed to platform.swiftstack.com.

• Fixed an issue preventing installation when the environment contains exported shell functions.

2.45.0 (May 7, 2015)

• New version of Swift (2.3.0) is available. For more details, see the changelog.
• Added configuration of new Swift 2.3.0 tunable memcached settings.
• Added configuration of proxy access log headers settings (under Proxy Settings on the Swift Cluster Tuning page).

Bug Fixes:

• Improvements to the Swift Web Console, including filtering objects by prefix and supporting container listing limits under 10,000.
• Fixed a unicode issue in the SwiftStack Gateway affecting directories with many files. You must upgrade your Gateway to version 0.0.138 to take advantage of this fix.
• Swift node processes now run with NSS_SDB_USE_CACHE=YES to work around a behavior which could cause excessive and spurious dentry cache growth. See this RedHat bug for more details. This issue seems to be rare and may only affect RHEL 6.x. You must push a config to your cluster and upgrade Swift to fully take advantage of the environment variable.
• Fixed an issue preventing SwiftStack Gateway installation on Ubuntu 14.04.
• Improved robustness when collecting Swift Account DB data for utilization.

2.44.0.2 (Apr 23, 2015)

Bug Fixes:

• Fixed issue preventing controller sign-up when pasting an invite code into the form field (versus having the invite code in the URL).

2.44.0.1 (Apr 16, 2015)

This hotfix addresses one potential install issue only affecting SwiftStack Controller On-Premises and was not deployed to platform.swiftstack.com.

2.44.0 (Apr 16, 2015)

Features:

• Upgraded Keystone-related middlewares to add support for Keystone V3. You must push a config to your cluster after the deploy to take advantage of this feature.
• Unmounted devices can be deleted again (this was possible in the past and is useful in some workflows).
• The Swift health check now also alerts if the async_pending recon cron job has not run recently.
• Significant UI improvements for the network rule configuration editor.

Bug Fixes:

• Removed the "Cluster Capacity (Fill Rate & Est. Total Usable Free)" graph on the cluster capacity monitoring page, because it has never actually been useful.
• Controller hostnames can now contain capital letters (hostnames are inherently case-insensitive).
• Fixed a controller install issue affecting some Ubuntu Precise and Trusty servers.

2.43.0.1 (Apr 7, 2015)

Bug Fixes:

• Fixed edge case in ring rebalancing which could cause ring rebalancing to take an excessive amount of time.
• Fixed issue in uninstall-swiftstack-node affecting RHEL/CentOS operating systems.

2.43.0 (Apr 2, 2015)

Features:

• A new Swift version is available (2.2.2.1) which fixes CVE-2015-1856. Customers are encouraged to upgrade their Swift clusters at their earliest convenience. An authenticated user could delete the most recent version of any versioned object whose name was known, if the user had listing access to the X-Versions-Location container.
• Added support for the Keystone Auth Token middleware configuration items token_cache_time and revocation_cache_time.
• Added support for the Static Large Object middleware configuration items min_segment_size, max_manifest_segments, max_manifest_size, rate_limit_after_segment, rate_limit_segments_per_sec, and max_get_time.
• Added the ability to tune replication maximum rsync connections setting for Accounts, Containers, and Objects on the cluster tuning page (the default is the previously-hardcoded value of 25).
• Added a raw cluster capacity API endpoint (see View Cluster Disk Capacity). It basically returns the table data from the cluster capacity planning page via the controller REST API.
• Added the ability to create rules for automatically configuring which interface a new node will use, for outward-, cluster-, and replication-facing interfaces. See Network Rules for more. As part of this, the algorithm for assigning these interfaces without the presence of rules was updated to be a little more intelligent.

Bug Fixes:

• Fixed issue in SwiftStack Gateway where the gateway could fail when receiving large (multi-gigabyte) files containing all NUL bytes. This will require a Gateway upgrade.
• Fixed an issue in Swift Web Console where a session timeout would lead to failed requests with no indication of what happened. Proxy servers must be restarted for this change to take effect (upgrading to the new version of Swift, which is recommended, will include a graceful, rolling proxy-server restart).

2.42.0 (Mar 19, 2015)

Features:

• Added a new Delegated Authorization Swift middleware. It requires an external web service and associated Swift client changes (not provided), but can support advisory/cooperative Swift object semantics for various workflows.
• Gradual capacity adjustment now adds or removes disks much faster, when possible.
• SwiftStack Node Agent, Swift or Gateway code may be fully uninstalled by running uninstall-swiftstack-node as the superuser. While this can be done at any time, it is recommended to delete the Node in the controller GUI first, then uninstall the Node's software.
• SwiftStack Authorization middleware can now be configured to return storage URLs with the same domain as the authentication request.
• Swift middleware can now be configured before enabling a Swift Node.

Bug Fixes:

• Submitting multiple gradual capacity adjustments to different disks on the same node at different times will now only push new rings to the Swift nodes at most once per hour.
• Fixed Device Health check to better detect a class of disk failure.
• Fixed issue with Keystone Auth Token middleware where it would retry failed connections forever. Also added configuration of timeout and retries values, which can help mitigate the impact for other authorization systems when the Keystone server is unavailable. You must edit the Keystone Auth Token middleware, save, and push a config to your clusters for the new settings to take effect.
• Fixed issue where the Swift health checker could spuriously think a server wasn't working.
• Improved user experience in the Swift Web Console in preparation for Internet Explorer support in a future release. A proxy-server restart is required for this change to be active.
• Package bootstrapping during install/upgrade will no longer downgrade a package that's already installed.

2.41.0 (Mar 5, 2015)

Features:

• LDAP users with commas in their names (e.g. CN=Doe, John,OU=SomeGroup,DC=somecorp,DC=com) are now fully supported for Swift and SwiftStack Controller On-Premises authentication/authorization.
• You may now add a custom login banner for the SwiftStack Controller On-Premises (See Adding a Login Banner).

Bug Fixes:

• Fixed possible Server Error page during node claim.
• SwiftStackAuth no longer allows the user "bob" to automatically access a Swift account called bob (but the user "bob" still automatically has administrative privileges for the Swift account, AUTH_bob). A proxy-server restart is required for this change to be active.
• SwiftStackAuth no longer allows usernames which start with a handled prefix (e.g. AUTH_, LDAP_, etc.). A proxy-server restart is required for this change to be active.
• If there is a SwiftStackAuth user "bob" and an LDAP user "bob", then the SwiftStackAuth user will not be able to access the Swift account, LDAP_bob and the LDAP "bob" will not be able to access the AUTH_bob Swift account. Also, the returned X-Storage-Url for the LDAP "bob" user has been fixed. Even with these fixes, shadowing usernames between the two authentication systems (SwiftStackAuth and LDAP) is NOT recommended. A proxy-server restart is required for this change to be active.
• Gateway index synchronization now works correctly with Unicode file/directory names. You must upgrade your SwiftStack Gateways for this change to take effect.
• SwiftStack Gateway Samba packages were updated to contain a fix for a recent security issue. The Samba packages on SwiftStack Gateways will automatically upgrade within 1 to 2 hours after the SwiftStack Controller On-Premises upgrade.

2.40.0.1 (Feb 18, 2015)

Bug Fixes:

• Increase AJAX request timeout on cluster's monitor nodes dispersion graph.
• Ingesting nodes as replacement fixed.

2.40.0 (Feb 12, 2015)

Features:

• New version of Swift (2.2.2) includes changes to data placement. For more details, see the changelog. To take advantage of the new features and bug fixes, you must initiate a Rolling Swift Upgrade in each cluster.
• Added a visualization for the disk usage and dispersion by node. Find this under the Monitor Cluster page, in the "Nodes" tab.
• The SwiftStack Gateway now supports Unicode characters in directory and filenames within shares. See important Known Issue below regarding a particular CentOS kernel. A user-initiated Gateway upgrade is required to take advantage of this new feature.

Bug Fixes:

• When using LDAP authentication, an unreachable LDAP server no longer prevents users with valid SwiftStack Auth credentials from accessing the cluster. Proxy servers must be restarted for this change to take effect (upgrading to the new version of Swift, which is recommended, will include a graceful, rolling proxy-server restart).
• SwiftStack Auth V2 responses now have a correct Content-Type header. Proxy servers must be restarted for this change to take effect (upgrading to the new version of Swift, which is recommended, will include a graceful, rolling proxy-server restart).
• Utilization API now behaves better when there is no data for the specified storage policy index.
• Invitation links for users invited to join your Organization can now be retrieved in the case that the email did not get sent or was lost.
• Fixed a bug that caused upgrading a controller with no nodes to fail.

Known Issues:

• On CentOS, kernel version 2.6.32-504.1.3.el6.x86_64 has exhibited kernel panics when filenames or directories include Unicode characters in a Gateway share and are accessed via NFS. Customers have also reported kernel panics with kernel version 2.6.32-504.el6.x86_64-x86_64-with-redhat-6.6-Santiago during NFS usage, even when not using Unicode file or directory names. Kernel versions from 2.6.32-504.8.1.el6.x86_64 have been verified to not have either issue.
• Gateway index synchronization does not work with Unicode file/directory names. This will be fixed in a future release.
• Unicode characters are not allowed in the Swift Account, Swift Container, or share names for the Gateway.

2.39.0 (Jan 29, 2015)

Features:

• Added ability to delete claimed-but-not-ingested nodes.
• Added a write-check device health metric.
• Added disk-capacity graphs for nodes.
• Added audit logging for administrative controller tasks.

Bug Fixes:

• Fixed an issue when remounting an already-mounted device.
• Fixed an issue when a regular file is found at an expected mount point.
• Fixed an issue with V2 auth via SwiftStack Auth over SSL.
• Fixed dependency issues with the Gateway.
• Fixed issue where invalid response from system package manager could cause a subsequent config push to fail.
• Fixed a potential issue with RPM signing during install.
• Fixed an issue with email addresses gathered during install.

2.38.0.1 (Jan 21, 2015)

Bug Fixes:

• Fixed issue on nodes where a background thread could exit early, generating log noise.
• Fixed issue rotating rsync log file on Swift nodes when SELinux is enforcing.

2.38.0 (Jan 15, 2015)

Features:

• Node monitor page now displays open alerts for that node.

Bug Fixes:

• Node disk mounting on boot now has a time-bounded retry loop.
• The setup-swiftstack.sh installer now accepts a broader range of characters for the Organization name.
• The controller installation pre-check script now allows RHEL/CentOS 6.6.

2.37.0.1 (Jan 8, 2015)

Bug Fixes:

• Fixed resource leak on Swift nodes when LDAP cluster authentication/authorization is enabled.
• Improved ATA-over-Ethernet device recognition.
• Fixed resource leak in SwiftStack Controller On-Premises application server when LDAP authentication/authorization is enabled.

Older Release Notes

See SwiftStack Controller Release Notes Archive for older release notes