SwiftStack Controller Release Notes

Note

Release 5.4.0 is a checkpoint release. If you have a controller running an older version, you must upgrade to 5.4.0, then to the latest controller version.

6.15.0.2 (December 4, 2018)

Bug Fix:

  • Resolved an issue that prevents swift-metadata-sync from starting on Ubuntu nodes. A config push is required to apply the fix. The bug affects SwiftStack controller releases 6.15.0 and 6.15.0.1.

6.15.0.1 (December 3, 2018)

Bug Fix:

  • Fix issue where too many "disk free" time-series data files could get deleted during cleanup.

6.15.0 (November 29, 2018)

Features:

  • Swift version 2.19.0.2 is available. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • The SwiftStack Controller API now provides details about devices. See Controller API for detailed examples.
  • Swift3 now handles Delete Multiple Objects request items in parallel. This reduces the likelihood of a client timing out while waiting for a response. Pushing config is required to enable this feature.
  • Swift3 now allows some types of server-side encryption if the Encryption middleware is enabled. Pushing config is required to enable this feature.
  • Introduce rate-limiting for database processing daemons to limit CPU consumption on non-IO-bound workloads.
  • Introduce a new tunable option to set socket TCP_KEEPIDLE parameter.

Bug Fixes:

  • No longer report irrelevant node IP change warnings.
  • Fixed issue where corrupted cache file could prevent Utilization data processing from making progress.
  • Collect disk serial numbers in more edge cases and include them in sdt probe output.
  • Hitch TLS terminator on nodes can now be accessed via IPv4 or IPv6 addresses simultaneously. A config push is required for this to take effect.
  • Fixed intermittent connection issues with Swift nodes behind a NAT load-balancer. A config push is required for this to take effect.
  • The S3 API Keystone integration middleware now supports the auth_version config option. This allows deployments with v3-only Keystone. The fix requires a configuration push to be applied.

6.14.0.2 (November 20, 2018)

Features: * Version 1.8.0.4 of File Access is now available.

6.14.0 (November 8, 2018)

Features:

  • The SwiftStack Controller API now provides more details about networks and regions for nodes. See Controller API for detailed examples.
  • For ProxyFS deployments, the minimum protocol the server will support can now be configured, and individual Volumes can require encryption.

Bug Fixes:

  • 1space no longer uses X-Newest header when checking the internal Swift objects. When using sync/lifecycle with an EC policy, the change reduces the number of HEAD requests per object from the sum of the number of parts and parity objects to 1. In replicated policies, the change reduces the number of GET requests per object to 1 from the number of replicas.

6.13.0.1 (October 22, 2018)

Features:

  • The SwiftStack Controller supports SELinux in enforcing mode for RHEL/CentOS starting with version 7.5. For RHEL/CentOS versions older than 7.5, the installer will refuse to run if SELinux is in enforcing mode.
  • RHEL/CentOS 7.x nodes may be installed when SELinux is in enforcing mode by using the /install_selinux endpoint in the curl command instead of /install. Nodes in Enforcing mode must have the policycoreutils-python RPM installed prior to installing the SwiftStack agent software.
  • File Access volumes now support snapshot policies.
  • KMIP Middleware can now be configured. More info here.
  • 1space settings now include a verification slack parameter, which allows deferring verification of uploaded objects to prevent numerous simultaneous requests in the case of large objects.

Bug Fixes:

  • Resolved an error with non-ASCII characters in container or account names that prevent 1space from uploading objects. The fix requires a configuration push to be applied.
  • Network errors during 1space transfers no longer result in leaking connections to the Swift cluster. The fix requires a configuration push to be applied.
  • 1space sync and lifecycle policies no longer make simultaneous requests for the same object from multiple nodes. The fix requires a configuration push to be applied.

6.12.0.2 (October 8, 2018)

Bug Fix:

  • Fixed issue in 6.12.0.x causing clusters running older versions of ProxyFS to fail to ingest new CentOS/RHEL 7.x nodes.

6.12.0.1 (September 28, 2018)

Bug Fix:

  • Fixed new issue in 6.12.0 affecting upgrading packages on RHEL/CentOS 7.x Swift nodes not running ProxyFS.

6.12.0 (September 27, 2018)

Features:

  • SwiftStackAuth now supports the Keystone V3 API.
  • Clusters may now run ProxyFS regardless of the operating systems of other nodes in the cluster. Nodes running ProxyFS must still be RHEL/CentOS 7.x.
  • Added support for specifying the interval option for the Swift container-sharder through the Swift cluster tuning page.
  • Migrated all Swift daemons to use the interval option, and removed the deprecated run_pause option.

Bug Fixes:

  • Docker virtual network interfaces on nodes are no longer tracked in time-series data, preventing arbitrary disk consumption on the controller over time. Also, stale time-series data files are removed during each controller upgrade instead of lingering forever.
  • Removed a limit on request body size that would cause some Multi-Object Delete S3 API calls to fail. A configuration push is required for the fix to take effect.
  • Fixed an issue introduced in the 6.11.0.x release that prevented 1space and metadata sync daemons from starting on Ubuntu Trusty (14.04) and RHEL/CentOS 6.x nodes. A configuration push is required for the fix to take effect.
  • For Swift to Swift sync or lifecycle policies, 1space will no longer change the destination container name. This resolves an issue where static large objects could have resulted in duplicating the amount of data stored on the target Swift cluster. A configuration push is required for the fix to take effect.
  • 1space will no longer hang when retrieving a multi-part object from S3 when namespaces are merged and a multi-part upload object is uploaded outside of 1space. A configuration push is required for the fix to take effect.

Known Issue:

  • Auto-provisioning nodes using machine profiles with the roles Proxy/Object or Object-only results in a state where config cannot be pushed to the cluster. This will be fixed in a future release.

6.11.0.2 (September 19, 2018)

Bug Fixes:

  • When uploading static large objects (SLO) via 1space to S3, 1space will no longer fail to upload parts of the multi-part upload when the number of parts exceeds the number of workers.
  • Fixed an issue that prevented 1space from transferring objects if the number of objects per pass is more than double the number of workers.

6.11.0.1 (September 14, 2018)

Bug Fixes:

  • Fixed bug preventing deletion of proxyfs users

6.11.0 (September 13, 2018)

Features:

  • Swift version 2.19.0.1 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • You can now configure 1space cloud-connector; see 1space Cloud Connector for more information.
  • You can now configure Swift object-updater workers.
  • You can now configure a 1space archive profile to delete objects in a Swift destination after a specified number of days.
  • You can now specify an account override for 1space mappings to Swift destinations.
  • Added an enumerating threads option for 1space sync and lifecycle policies. This option allows 1space to process multiple containers in parallel. The default is 10 threads and can be increased if there are many containers. Pushing config is required to enable this feature.

Bug Fixes:

  • Made SMART data parsing robust to systems without threshold data.
  • Swift & SwiftStack File Access Upgrade job history now correctly show the user who kicked off the job, rather than the same user for each job.
  • Increased maximum open files for Hitch TLS termination on nodes.
  • Fixed incorrect unit labels in some node device lists. Also clarified that 1 GB equals 109 bytes.
  • When uploading static large objects (SLO) from SwiftStack to another Swift cluster, 1space now properly avoids re-uploading objects if the name of the segments containers are different between the source and destination.

6.10.0.2 (August 28, 2018)

Bug Fixes:

  • Fixed issue preventing Keystone V2 and V3 support in 1space credentials from working. A cluster config push is required to use Keystone V2/V3 1space credentials.

6.10.0.1 (August 21, 2018)

Bug Fixes:

  • 6.10.0 introduced a bug where existing 1space Swift Credentials could not be updated, now they can.

6.10.0 (August 16, 2018)

Features:

  • Keystone V2 and V3 are supported for 1space credentials with the caveat that specifying an alternate account for storage access does not work yet.

Bug Fixes:

  • Ubuntu 16.04 (Xenial) nodes now correctly report transfer Utilization data.
  • Controller on-premises installer now works when firewalld.service is "masked".

6.9.0.1 (August 2, 2018)

Bug Fixes:

  • Fixed issue with management user creation on Ubuntu.

6.9.0 (July 26, 2018)

Features:

  • A management user can now be configured under Advanced Cluster Configuration and enabled or disabled on all nodes via config push. Contact support for more information about ad-hoc management of your fleet using SSH/Ansible.
  • When creating a user or updating a user's password in the User Api, the response now includes the user's S3 token.
  • Version 1.6.4 of File Access is now available.

Bug Fixes:

  • When a config push fails, pending configuration changes are no longer cleared.
  • A couple of 1space UI fixes including a bug that cleared the "days before archiving" value on edit.
  • Fixed a security bug where object store credential were logged in the proxy server log when 1space is enabled and an object is retrieved from the remote blob store.
  • 1space no longer fails with a Unicode error if a non-ASCII character is present in the custom prefix.
  • Fixed service checks (tcp_ping) when a hostname resolves to both IPv4 and IPv6 addresses and the IPv6 address works, but the IPv4 does not.
  • Incorporated upstream patch to fix CVE-2018-10903 in ss-python-cryptography package. NOTE: Swift's encryption does not use the affected mode so there was no exposure.

6.8.0.3 (July 20, 2018)

Bug Fixes:

  • Fixed issue with Swift LDAP authentication and Swift version 2.18.0.2 or higher that could lead to hanging authentication requests for LDAP users. Proxy servers must be restarted for the fix to take effect.

6.8.0.2 (July 9, 2018)

Bug Fixes:

  • Fixed bug with the version of ss-chrony

6.8.0.1 (July 5, 2018)

Bug Fixes:

  • Fixed issue with RHEL/CentOS 6.x proxy nodes when using SwiftStack LDAP Swift authentication middleware.

6.8.0 (July 2, 2018)

Features:

  • Object server replicator worker count can now be configured. Upgrading Swift to 2.18.0.2 or later and pushing a config are required to use the feature.
  • Account replicator and container replicator now support emergency mode. Upgrading Swift to 2.18.0.2 or later and pushing a config are required to use the feature.
  • LDAP-authenticated controller user records may now be purged on the Edit Organization > Users page.
  • Cluster push config logs now include node hostnames, as does the Node management list. Alerts will now also include node UUIDs.
  • A new setting on the controller Network Admin page allows disabling of the less secure TLSv1 protocol for controller HTTPS communications. NOTE: older clients may no longer be able to talk to the controller, including existing nodes running CentOS/RHEL 6.7 or earlier, as well as some older browsers.
  • Cluster nodes can be configured to send raw StatsD metrics to another server. This is configured under "Advanced Options" on the cluster configure page. A config push is required for the setting to take effect. Also, the node's existing StatsD server used to gather metrics for the controller no longer listens on the default StatsD port. That will take effect after the next cluster config push.
  • When terminating secure connections at the Swift nodes, proxy-server logs now log the correct client IP address. Upgrading Swift to 2.18.0.2 or later and pushing a config are required to use the feature.
  • It is now possible to use metadata key/values to select objects for 1space synchronization/archive.

Bug Fixes:

  • Previously, the configured node TLS ciphers list was ignored; the Qualys SSL Labs recommended default was what actually got used. Now the configured cipher list will be in effect. A cluster config push is required to effect the change.
  • Under some conditions, Swift services could fail to start on Ubuntu Xenial and CentOS/RHEL 7.x operating systems. This is now fixed. Also, Swift services will now get properly restarted when there are other system services that aren't running.
  • Fixed a rare issue where a node's interface configuration could prevent config pushes.
  • Fixed an issue with Swift3 that allowed users to create buckets in arbitrary Swift accounts under certain configurations. A cluster config push is required.

6.7.0.3 (June 19, 2018)

Bug Fixes:

  • 1space Lifecycle policies created on the 6.7.0.1 or 6.7.0.2 releases do not automatically merge namespaces. After applying the fix in the current release, you will need to recreate the policy. 1space Lifecycle policies created prior to the 6.7.0.1 release are not affected.

Known Issue:

  • After the upgrade to any of the 6.7.0.x releases, 1space sync profiles will be set to merge namespaces. The feature can be disabled in the 1space configuration page by editing the affected profiles.

6.7.0.2 (June 18, 2018)

Bug Fixes:

  • Fixed a bug that would cause RHEL/Centos 7.1 nodes to sometimes fail because of package dependency issues.

6.7.0.1 (June 13, 2018)

Features:

  • Swift version 2.18.0.2 is now available. This release includes support for container sharding to enable containers with large numbers of objects. Please contact SwiftStack support if you need container sharding. See the Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • Controller and nodes both support RHEL/CentOS 7.5.
  • The total number of connections a node's memcached server will accept is now configurable on the Cluster Tune page.
  • 1space sync profiles can now optionally merge namespaces. Lifecycle profiles continue to provide a merged view of the two object stores. After upgrading to 6.7, you must push config to enable this feature.
  • Audit logging can now be configured for SMB access to ProxyFS.
  • Metadata Sync allows for specifying an optional Elasticsearch pipeline when indexing new documents.
  • When indexing Swift objects whose metadata values contain JSON, Metadata Sync can optionally parse the JSON value and submit it as part of the index operation (as opposed to submitting a string).

6.6.0 (May 17, 2018)

Features:

  • HTTPS (TLS) is now terminated on nodes using hitch (the replacement for stud). You will need to push a config to any cluster terminating HTTPS on the nodes to start using hitch.
  • The cluster configure page now allows you to select the allowed cipher suite string and allowed TLS versions when the nodes terminate HTTPS.

Bug Fixes:

  • The node installer no longer allows installation onto unsupported RHEL/CentOS 7.x point releases (e.g. 7.5 as of this release).

6.5.0.3 (May 16, 2018)

Bug fixes:

  • Resolved an issue with not propagating configuration parameters into an internal process.

6.5.0.2 (May 11, 2018)

Bug fixes:

  • Resolved a performance issue in internal infrastructure.

6.5.0.1 (May 08, 2018)

Bug Fixes:

  • Various bug fixes.

6.5.0 (April 26, 2018)

Features:

  • You may now use a custom Key Master middleware, configurable on the Key Master middleware page. Note that it is still the case that Encryption and Key Master settings cannot be changed after a config has been pushed.

Bug Fixes:

  • Fixed bug preventing container ACLs from working in accounts not starting with AUTH_, LDAP_, etc., when access is granted via Swift Account ACLs. A config push is required to each Cluster to make the fix take effect.
  • Fixed encryption selection problem that could prevent File Access nodes from joining an Active Directory Domain.
  • Cloud Sync policies can now be configured to sync all containers from one Swift cluster to another.

6.4.0.1 (April 12, 2018)

Bug Fixes:

  • Version 1.5.3 of File Access is now available. This improves signal handling of proxyfsd and includes improvements to fsck.
  • Fixed bug in Metadata Sync background process. A config push to any cluster using Metadata Sync is required to make the fix take effect.

6.4.0 (April 10, 2018)

Features:

  • CloudSync now allows a custom prefix to be used when interacting with S3, instead of a hash of the local account and container followed by the account and container. Features and bugfixes for CloudSync require a config push to each cluster using CloudSync for the new features to be available or the bugfix to take effect.

Bug Fixes:

  • Improved Unicode support in various CloudSync features.
  • S3 API access now returns a 204 when a nonexistent object is deleted in order to be consistent with S3.
  • When accessed via the S3 API, large objects now report S3-style Etags.

6.3.0 (Mar 14, 2018)

Features:

  • Added support for specifying expiring_objects_container_divisor through the Swift cluster tuning page.
  • Metadata mappings can be specified on all containers on an account.

Bug Fixes:

  • Enabling many File Access nodes at once no longer leads to situations in which enabling further nodes is impossible.
  • Fixed a bug which caused On-Premises Controllers' audit logging to fail in some circumstances.
  • Ubuntu Xenial (16.04) nodes which were missing some packages such as dmsetup no longer fail to be claimed.

6.2.0.1 (February 26, 2018)

Bug Fixes:

  • Fixed a minor bug in Cloud Sync monitoring.

6.2.0 (February 22, 2018)

Features:

  • ProxyFS nodes can now join Active Directory Domains with the AD Domain Join section of the Manage File Access > Settings page.
  • Cloud Sync credentials are now verified on SwiftStack nodes. The credentials are not verified on submission, but can be verified on-demand by clicking the "Verify" button" on the Cloud Sync Credentials page.
  • A Cloud Sync archive policy can be configured for accounts with File Access to enable capacity offloading.
  • Swift can be configured to forward syslog messages to an administrator-defined Syslog endpoint. The configuration option is under the Advanced Settings on the Cluster page.

Bug Fixes:

  • Cloud Sync archive policies no longer display duplicated listings for restored objects.
  • Config pushes that take an unusually long time to complete no longer trigger unnecessary restarts of Swift services.

6.1.0.1 (February 12, 2018)

Bug Fixes:

  • Version 1.2.1 of File Access is now available. This fixes a regression in version 1.2.0 that caused PUTs sent via the Swift or S3 API to fail on bimodal accounts when running Swift 2.16.0.2.

6.1.0 (February 1, 2018)

Features:

  • Added support for Ubuntu Xenial (16.04) nodes.
  • Swift version 2.16.0.2 is now available. This release includes numerous bug fixes for container updates and object expiration, greatly reducing load on container servers particularly in erasure-coded policies. See the Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Bug Fixes:

  • Gateways on CentOS 7.4 no longer incorrectly report rpc.statd as not running.
  • Controller hostnames are now allowed to be up to 64 characters (previously 50). This limit is imposed by the SSL certificate requirements.
  • Disabled ratelimiting in rsyslog for Operating Systems using Systemd which will prevent losing log messages.

6.0.0.5 (December 13, 2017)

Bug Fixes:

  • Nodes that do not support SwiftStack File Access may now be used as gateways in File Access clusters.

6.0.0.4 (December 5, 2017)

Bug Fixes:

  • Fixed cosmetic issue with existing ProxyFS nodes prior to their first config push after the 6.0.0 deploy.
  • Fixed case where proxyfsd could consume more memory than configured.
  • Fixed issue in s3_sync that could prevent proxy-server start.

6.0.0 (December 5, 2017)

Features:

  • SwiftStack File Access is now available. SwiftStack File Access allows bimodal access to your data stored in SwiftStack Swift clusters via the S3 API, Swift API as well as SMB and NFS filesystem protocols. Contact SwiftStack for more information.

Bug Fixes:

  • Fixed issues with SwiftStack Load Balancer with more than 5 VIPs in a group and with newer versions of keepalived.
  • Fixed issue with the Specialized Auto-Sharding middleware and the newest versions of Swift. Customers using the Specialized Auto-Sharding middleware should push a config to their clusters.

5.9.0.3 (October 18, 2017)

Features:

  • Added support for version 2 Object listings through the S3 API.

Bug Fixes:

  • Fixed error messages in S3 API responses.
  • Fixed initiate multipart upload handling through the S3 API.

5.9.0.2 (October 12, 2017)

Bug Fixes:

  • Fix an issue that results in blocked container-updater and object-updater services (as well as some other Swift daemons).

5.9.0.1 (October 10, 2017)

Bug Fixes:

  • Fix inconsistent order of copy and undelete middleware.
  • Fix for the Cloud Sync Content-Type propagation.
  • When using the Google Cloud Storage service, SLO manifest is properly uploaded.

5.9.0 (October 5, 2017)

Features:

  • Added support for CentOS 7.4/RHEL 7.4 SwiftStack controllers and nodes.
  • If "Restore on GET" is enabled, Cloud Sync will now fetch Static Large Objects (SLO) from the remote store (or the equivalent objects that were created through Multipart Uploads). As part of this change, Cloud Sync preserves the Swift SLO manifest in the remote clouds under the ".manifests" namespace. Deploying configuration is required to enable this feature.
  • Swift version 2.15.1.4-1 is available. See the Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.

Bug Fixes:

  • If an object has already been removed from the remote store when Cloud Sync attempts to delete it, the resulting "Object Not Found" error is ignored.
  • Cloud Sync propagates the Content-Type when uploading objects to the remote store.

5.8.0 (September 19, 2017)

Features:

  • Removed all support for Ubuntu 12.04 Precise.
  • Multi-Region Replication policies with deterministic per-region replica placement are now supported. Policies may be created with up to six replicas distributed across up to six regions. Multi-Region Replication policies will have proxy server read affinity enabled by default.
  • When creating new Erasure Coding policies, a different set of recommended (data, parity) fragment schemas is now offered for Multi-Region policies as opposed to single region policies. The recommended schemas for Multi-Region Erasure Coding policies are (4, 2), (8, 3), and (15, 3). Existing policies are unaffected. If you require other policies, please contact the SwiftStack support team.
  • Cloud Sync Archive Profile has a new option -- Restore on GET. When enabled, accessing archived objects (a GET request) will restore them in the SwiftStack cluster. The object will then be expired according to the archive policy schedule. Static Large Objects, which are converted to multipart uploads in AWS S3, are not restored.

Bug Fixes:

  • Resolved an issue that prevented indexing objects that contained certain unicode characters into Elasticsearch.
  • On Cloud Sync policy changes the Cloud Sync status is now reset, such that it will apply the policy retroactively (although, archived objects would not be un-archived).
  • Old controller backups are now pruned correctly on recovery controllers.

Known Issues:

  • RHEL/CentOS/OL 7.4 operating systems are not supported. Support will be added in a future release.

5.7.0 (August 24, 2017)

Features:

  • Swift version 2.15.1.2-1 is available. See the Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • Upgrading to Swift version 2.15.1.2-1 will not be possible until Erasure Coding storage policies with known bad configuration have been deprecated.
  • Newly created Multi-Region Erasure Coding policies will have proxy server read affinity enabled by default. Users may still override the setting on the Policy create and edit pages.

Bug Fixes:

  • Additional packages are now provided to allow CentOS/RHEL 7.3 nodes with minimal installations to ingest properly.
  • Changing Cloud Sync policies and settings now properly displays a change notification explaining the new state.
  • Cloud Sync correctly propagates metadata changes of an SLO that has already been uploaded to the remote store.
  • Metadata Search daemons no longer fail to start (due to a regression introduced in the 5.6.0 release).

Known Issues:

  • RHEL/CentOS/OL 7.4 operating systems are not supported. Support will be added in a future release.

5.6.0 (August 3, 2017)

Features:

  • Added warning message about clusters with not enough nodes for their EC policy.
  • Cloud Sync logs now include ongoing progress and are collected when generating the SwiftStack diagnostic tarball.
  • The script generate_storage_csv.py now writes a CSV file with per-policy schema and summary utilization data, in addition to CSV files with per-account utilization data for each policy. It also has new features to list cluster id's and generate data for either a single cluster or all clusters.
  • When creating new Erasure Coding policies the options to use isa_l_rs_vand and Other (data, parity) fragment schemas have been removed from the Controller UI. The options available are now isa_l_rs_cauchy and (data, parity) fragment schemas of (4, 3), (8, 4), and (15, 4). Existing policies are unaffected. If you require other policies, please contact the SwiftStack support team.

Bug Fixes:

  • Fixed two issues in the node agent Swift health check.
  • "Show all jobs" page no longer results in Internal Error.
  • Fixed catalog format when using v2 auth.
  • Fixed rolling Swift upgrade when custom middleware was enabled.
  • When provisioning an Ubuntu Trusty node (14.04.5) for SwiftStack, a conflict with the ssh-import-id package would prevent installation. This package is now removed during the install process and marked as conflicting with the SwiftStack packages.
  • Cloud Sync no longer occasionally stalls while uploading objects over 64KB to AWS S3.
  • Connections to a remote endpoint are now re-used by Cloud Sync (if possible).
  • Up to 10 objects are now uploaded in parallel by each Cloud Sync worker.
  • Cloud Sync mappings that involve an AWS S3 bucket that allows only encrypted write operations no longer fail validation.
  • Listing objects through a Cloud Sync archived container now properly interprets the Accept header.
  • Reassignment of network interfaces is now properly done when one of the interfaces is not used.

5.5.0 (July 13, 2017)

Features:

  • As mentioned in the notes from last release, several features have been removed in 5.5.0. This includes swift versions prior to 2.9.0.2-4, Non-User Swift Accounts and object server threads-per-disk settings. In addition, Ubuntu 12.04 Precise nodes can no longer be claimed.
  • The SwiftStack Client download link on the Cluster Monitor page has been replaced with a link to the SwiftStack downloads page.
  • The policy Tune page for configuring per policy read and write affinity has been removed and the checkboxes have been added to the policy Edit page.
  • The set of EC storage policies with known bad configuration has been extended to include policies that have both >= 22 data fragments and >=4 parity fragments. Alerts will be displayed recommending that these policies be deprecated.
  • Cloud Sync includes content_location when listing a container with an archival policy to indicate whether the object has been archived.
  • Cloud Sync has a new "Settings" tab, which allows for tuning the internal parameters for each daemon. It also allows setting an HTTP/HTTPS proxy.

Bug Fixes:

  • The "Restart Proxy Services" button on the Deploy page no longer shows up in certain situations where it will fail.
  • Running the node installation command on a node that is already running the SwiftStack node agent is now a no-op.
  • Increased robustness in checking for bad drives, reducing the number of erroneous alerts.
  • Unicode characters in objects, containers, and account names are now properly handled by Cloud Sync and Metadata Sync.
  • Cloud Sync no longer allows setting multiple policies on the same account/container. Previously, while allowed, this could cause incomplete propagation of data into one or both of the locations.
  • Cloud Sync against Google Cloud now properly detects an already-uploaded SLO.
  • Cloud Sync from the SwiftStack cluster to another Swift cluster now properly supports the "sync all containers in the account" option.

5.4.0 (June 22, 2017)

Checkpoint Release:

  • Controllers running versions less than 5.4.0 must upgrade to 5.4.0 before upgrading to subsequent versions.
  • This is the last release to support Swift versions older than 2.9.0.2-4. Any clusters running older Swift must be upgraded before upgrading to a version of controller newer than 5.4.0.
  • This is the last release to support Non-User Swift Accounts; that feature has been deprecated in favor of Swift Account ACLs since April 2014.
  • This is the last release to support object server threads-per-disk; that feature was replaced by servers-per-port, and has been removed from Swift itself for some time.
  • This is the last release which will accept new Ubuntu 12.04 Precise nodes. That operating system reached its End of Life in April 2017. Existing Ubuntu 12.04 Precise nodes will continue to work, but should be upgraded to Ubuntu 14.04 Trusty ASAP.

Features:

  • The left-side navigation of cluster management has been reorganized. The Configure, Networks, Load Balancer, Regions, Policies and Tune tabs are now grouped under the Configure tab.
  • Different ring types (Account & Container, replicated object policies, and EC object policies) now have independent rebalance timing.
  • The controller now displays alerts about EC storage policies that have a known bad configuration. The alerts recommend that those policies should be deprecated and have data moved to containers in another policy.
  • Once an EC policy with a known bad configuration has been deprecated it will not be possible to un-deprecate the policy.
  • Cloud sync now uses AES256 server-side encryption with Amazon S3 for all objects it places in S3. This change will not affect the data already stored in AWS S3. For S3-clones, the encryption option is not set.
  • If Cloud Sync archives objects from the SwiftStack cluster to another storage provider, subsequent GET requests for the objects will fetch them from that storage target. Upon returning the object, it will not be placed into the Swift cluster. Listing a Swift container that has been archived will also return objects in the remote storage location, alongside what is in the container itself. After upload to S3, SLO objects will have an ETag that is the multipart upload ETag (and will not match the hash of the entire content).
  • The string type has been deprecated in Elasticsearch 5.x and will be removed in a future Elasticsearch release. SwiftStack Metadata Search will now use text or keyword (or both) types to store fields that previously were string. The index must be recreated to apply this change.

Bug Fixes:

  • Fixed some issues with restarting Swift services on operating systems using Systemd (RHEL/CentOS/OL 7.x).
  • Fixed bug in node filesystem discovery when certain types of RAID-member devices were present.
  • SwiftStack Metadata Search now supports object names longer than 512 characters. Upon upgrade, the Elasticsearch index must be recreated, as the document IDs have changed.
  • Cloud Sync now deletes the object in a remote Swift cluster if it has been removed from the SwiftStack cluster (if the Sync profile is applied).
  • 0-sized objects are now propagated correctly with Cloud Sync to the remote Swift clusters.

Known Issues:

  • Cloud Sync per-account mapping from the SwiftStack cluster account to a remote Swift cluster currently places objects from all containers into a single container in the remote Swift cluster. Do not use this functionality until a fix is released that creates a one-to-one mapping between containers.
  • Cloud Sync does not work with Swift < 2.7.0. If you would like to use Cloud Sync and are using an older version of Swift, please upgrade Swift.

5.3.0.3 (June 8, 2017)

Bug Fixes:

  • Improved ignoring of devices with mounted partitions on nodes.

5.3.0.2 (June 6, 2017)

Bug Fixes:

  • Cloud Sync no longer stalls on Static Large Objects with numerous segments.
  • Static Large Object segments are now uploaded in parallel when using Cloud Sync.
  • Fixed issue where node utilization collection could fail after a initial cluster deployment until node agent was restarted.

5.3.0.1 (June 2, 2017)

Bug Fixes:

  • Improved logging of node device data that doesn't match expectations.

5.3.0 (June 1, 2017)

Features:

  • Swift version 2.14.0.1 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • Storage Policies can now have policy specific read affinity and write affinity settings. The policy specific settings can be tuned on the Policies page. This is only available after upgrading to Swift 2.14.0.1. See Storage Policies Configuration Options for more.
  • New EC Storage Policies can support multiple regions with Composite Rings. This is only available after upgrading to Swift 2.14.0.1.
  • The ssdiagtarball command on nodes now contains more information, which should help us diagnose and solve problems faster.
  • Metadata Search will now decrypt user-supplied metadata when used in conjunction with Swift encryption at rest.
  • Cloud Sync will now decrypt object content and metadata before propagating to a remote store when used in conjunction with Swift encryption at rest.
  • Cloud Sync has a notion of Profiles. Please see the Cloud Sync documentation for more information on how to configure Profiles and their types. On upgrade, a default profile will be created for every existing mapping.

Bug Fixes:

  • Fixed a packaging issue for Metadata Search that caused necessary dependencies not to be installed on Ubuntu 12.04 (Precise) and 14.04 (Trusty) nodes.
  • Fixed various issues related to the handling of multipath devices.
  • Addressed a vulnerability in Samba that could affect customers using the Gateway. A config push is required to effect this change. See Samba's report for more information.

5.2.0.2 (May 13, 2017)

Bug fixes:

  • Fixed issue affecting proxy-server process on Ubuntu nodes. A cluster config push is required if you previously pushed a cluster config while running controller version 5.2.0.1 or 5.2.0.
  • Fixed error with Swift cluster no-auth and autosharder middleware. A cluster config push is required for any cluster running no-auth and the Specialized Auto-Sharding middleware.

5.2.0.1 (May 12, 2017)

Bug fixes:

  • Fixed regression in 5.2.0 where some rings would not rebalance.

5.2.0 (May 11, 2017)

Features:

  • Added support for RHEL/CentOS/OL version 6.9 nodes.
  • The proxy server "allow account management" setting is now exposed on the cluster swift tuning page. The default value has also changed to False (disabled), which is safer. A cluster config push is required to change the value to the new default for existing clusters.
  • Cloud Sync allows per-account mappings. This allows all of the containers in a given account to be synced. Please see the Cloud Sync documentation for more information on how to set it up.
  • Swift ring rebalancing and pushing is no longer unnecessarily held back by "min_part_hours" when it is known to be safe, which can speed up adding and removing capacity. New rings and rings using the default "min_part_hours" will get this benefit automatically; if you have rings with a "min_part_hours" other than 1, you will need to be set them to zero to take advantage of this new feature.

Bug Fixes:

  • Fixed a regression which caused SwiftStack Auth authentication requests to not run in a thread-pool. This could cause poor proxy-server performance when under heavy authentication request load. A cluster config push is required to activate this fix.
  • The copying of time-series metrics from a primary to a standby controller will no longer evict everything else from the primary controller's buffer-cache.
  • SwiftStack node agent workers now have identifying names in the process table.
  • Fixed an issue on storage nodes where drive identification could fail.
  • Nodes changed from having account/container or object node roles to only having the Proxy role no longer cause inaccurate cluster-wide replication count-up timers in the UI.
  • As recommended everywhere, the rsyslog $RepeatedMsgReduction setting is now disabled on nodes.
  • The node Edit Network Interfaces page no longer shows interface types which are not relevant to the node's role.
  • The background job on object nodes that counts async-pending files no longer gets stuck when a lock isn't removed.

Known Issues:

  • If per-account sync is enabled and a container is removed, Cloud Sync may not reset its internal state if the container is immediately recreated. This will result in new objects not being synced. The issue will be addressed in a subsequent release.

5.1.0 (April 25, 2017)

Features:

  • S3 API requests for SwiftStack Auth users may now be signed with either the long-lived "S3 API Key" as before or the currently-issued X-Auth-Token. LDAP users may now use the S3 API by signing requests with the currently-issued X-Auth-Token. A config push is required to activate the new version of SwiftStack Auth.
  • Delegated Authorization middleware supports two optional headers, which allow specifying the HTTP verb to use and any headers that may need to be passed. Please see Delegated Authorization documentation for more information.
  • Cloud Sync allows for one-way sync to another Swift cluster. Please see the Cloud Sync documentation for more information on how to set it up.

Bug Fixes:

  • Controller backups larger than 5 GB (after compression) may now be stored in Swift.
  • Improved robustness when nodes fetch new Swift rings from the controller.
  • Several fixes to stop leaking resources and reduce wasted work on standby controllers.
  • Controller installs are not supported inside a container, so the installer now tries to detect and prevent it.
  • Closed a security hole when using Keystone for S3 API authentication (see Launchpad Bug 1561199 for more information). A config push is required to activate the new version of the Swift3 Keystone Integration middleware.
  • Made it harder to deploy a broken Swift3 or Keystone config.
  • Improved the authentication-related error messages for the S3 API. A config push is required to activate the new version of Swift3.
  • Less time-series data (graphs) will be lost when restarting controller daemons (including controller upgrade). The restart also completes much faster.
  • SwiftStack health check notifications on the nodes are no longer blocked due to leaked resources. This issue previously impacted replication progress.
  • Cloud Sync daemons no longer fail to start (affected only the 5.0.x SwiftStack controller release).

5.0.0.4 (April 6, 2017)

Bug Fixes:

  • Fixed bug that prevented users of a controller without internet connection from accessing the Monitor Cluster page.

5.0.0.3 (April 5, 2017)

Bug Fixes:

  • Fixed bug installing on-premises onto machines with a single CPU.

5.0.0.2 (April 4, 2017)

Bug Fixes:

  • Fixed missing symlink required for older RHEL/CentOS 6.x nodes to find packages on the controller.
  • Improved recoverability if initial on-premises install fails.

5.0.0.1 (March 30, 2017)

Features:

  • Cloud Sync properly parses and uploads static large objects (SLO) in Amazon S3 and Google Cloud Storage. Please see Cloud Sync SLO documentation for more details.
  • The SwiftStack Client desktop app is now available for beta testing. You can download it from the Monitor Cluster page.
  • On-premises controllers now expose more configuration and tunables in the admin section of the UI.
  • On-premises controllers are now better isolated, reducing installation/upgrade issues and simplifying provisioning.

4.12.0 (March 2, 2017)

Bug Fixes:

  • Some Centos 7 nodes installed incompatible systemd packages from the Controller. This has been fixed for all fresh Centos 7 nodes; if you have a node that encountered this problem, you need to downgrade affected packages. Contact support if you need help.
  • Requests to /info no longer fail on clusters with autosharding middleware enabled.
  • Metadata Search: Objects with size greater than 2GB are now correctly indexed in Elasticsearch. If you have previously created an index, you will need to destroy it and create a new one.
  • The Rate Limit middleware and Swift S3 API middleware cause spurious errors when clients use the S3 API. The SwiftStack controller now prevents using both features together on a given cluster. During the upgrade, the Rate Limit middleware will be disabled on all clusters that have the Swift S3 API also enabled. Deploying configuration is required to propagate these changes to the Swift nodes.

4.11.0 (February 9, 2017)

Features:

  • Swift version 2.12.0 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • Added emergency replication mode support for EC policies.
  • Added support for CentOS/RHEL/Oracle 7.3.
  • New partial index on utilization aggregation to improve processing time for late reporting nodes.

Bug Fixes:

  • Fixed XSS issue which affected some in-line edit forms.
  • Fixed edge case with delete cluster operation affecting clusters previously configured with SwiftStack load balancer and cloud sync.
  • Specialized Auto-Sharding middleware supports server-side COPY.
  • Fixed an error where device enumeration and the sdt probe command could fail on certain hardware configurations.
  • Object's last-modified date is parsed correctly when indexed in ElasticSearch. Fixed in new swift-metadata-search package. A config push is required to upgrade to the new version.
  • Fixed bug where CentOS/RHEL/Oracle 6/7 memory graphs rendered incorrectly.
  • CentOS/RHEL/Oracle controllers bind memcached to localhost interface only.

4.10.0 (January 19, 2017)

Features:

  • Specialized Auto-Sharding users are now active immediately after a user push. A side effect of this broke server-side COPY for accounts that have auto-sharding enabled. This will be fixed in a future release.
  • Some graphs of data that change slowly now default to longer time ranges than 2 hours.
  • New graph for monitoring pending container updates cluster-wide and per storage node.

Bug Fixes:

  • Node firewall rules will now be correct for servers-per-port during the period between adding a new drive and the next full config push.
  • Fixed a case where cached SwiftStack Auth tokens could get corrupted, resulting in intermittent 403 responses.
  • Load balancer configuration setting is now properly saved when "External Load Balancer" or "No Load Balancer" is selected.
  • Fixed bug where CentOS 6.x controllers could fail to upgrade.

Known Issues:

  • Specialized Auto-Sharding middleware does not support server-side COPY. This will be fixed in a future release.

4.9.0.1 (December 28, 2016)

Bug Fixes:

  • A disaster recovery restore now works correctly when using automatic controller reporting.

4.9.0 (December 19, 2016)

Features:

  • Swift version 2.11.0 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • S3 API Support version 1.11 is available. See Swift3 Changelog for more information. A config push is required to activate the new version.
  • Swift3 Keystone Integration users can configure the new option http_connect_timeout.
  • Swift Nodes now report the rebalance cycle time of the object-reconstructor daemon which handles Erasure Coded Policies.
  • Improved automatic ring rebalance for Erasure Coded Policies based on back-pressure from the object-reconstructor.
  • New erasure coding type isa-l-rs-cauchy allows configuration of a larger number of parity fragments for new Erasure Coded Policies.
  • The SwiftStack Node ingestion process when adding new Nodes to a new or existing cluster has been moved to a background operation with better visibility, tracking, error handling and reporting.

Bug Fixes:

  • Fixed error in Swift process detection that could cause Rolling Swift Upgrades to fail.
  • Return error on invalid container names when using Specialized Auto-Sharding. A config push is required to activate the new version.
  • Fix interaction with Specialized Auto-Sharding and Server Side COPY which would result in an error when attempting a Server Side COPY on some versions of Swift. A config push is required to update the proxy-server middleware configuration.
  • Fix inconsistent order of resources returned from the Controller API when using the limit and offset API query paramaters with large collections.
  • Fix incomplete url path returned in the next and prev fields of Utilization API responses.
  • Various fixes and improvements related to 1space Multi-Cloud.
  • Fixed unicode character handling in 1space Multi-Cloud and SwiftStack Metadata Search. A config push is required to activate the new version.
  • Fix bug which prevents the automatic detection and graceful degradation to IPv4 protocol when IPv6 module is disabled in CentOS/RHEL configurations.

4.8.0.1 (December 8, 2016)

Bug Fixes:

  • Minor fix for infrastructure issue.

4.8.0 (December 5, 2016)

Bug Fixes:

  • Fixed a bug in the Keystone middleware that caused it to fail when trying to connect to Keystone servers with certain hostnames.
  • OpenVPN now successfully starts on installations that have IPv6 disabled.

4.7.0.1 (November 11, 2016)

Bug Fixes:

  • Fixed an error when device enumeration and the sdt probe command could fail if a device enclosure was removed from certain hardware configurations.

4.7.0 (November 10, 2016)

Features:

  • Metadata Search integrates Swift object metadata with Elasticsearch. The integration operates on individual containers and runs continuously in the background. Objects can then be quickly located through Elasticsearch by any user-specified metadata associated with them. As part of this change, the SwiftStack metadata search middleware has been deprecated and will be removed upon upgrade.
  • Cloud Sync replication can now be reset. This allows an operator to restart the replication process if any content has been removed from the remote bucket. The Cloud Sync daemons will ensure that all objects in the Swift containers have been replicated (even if they were previously removed).
  • Cloud Sync supports Google Cloud Storage. It is available as a provider through the drop-down menu. Cloud Sync requires a Google Cloud Storage interoperability key.
  • Expose configuration of segment_size for new erasure-coded storage policies. The recommended default value is still 1 MiB.
  • Display Last Replication Cycle Completed per node for all nodes on the Rebalance Monitor page.

Bug Fixes:

  • Cloud Sync encodes Unicode and punctuation characters with URL encoding in object metadata. Encoded metadata values no longer cause the objects to be reuploaded, as if the metadata has changed. Deploying configuration is required to update the cloud sync daemons.
  • Fixed multiple reported bugs where device enumeration and the sdt probe command could fail with certain hardware configurations.
  • Fixed an issue that would block rebalancing on nodes with numerous disks

Known Issue:

  • We have temporarily limited the number of parity fragments for new erasure-coded storage polices to four or less. This restriction will be lifted in a future release.
  • If you have an existing erasure-coded storage policy with five or more parity fragments (e.g. 7 data fragments, 6 parity fragments) - please contact SwiftStack support.

4.6.0 (October 20, 2016)

Bug Fixes:

  • Corrected configuration values that could cause the replicator to lock up, preventing replication from completing on a cluster.
  • Fixed a bug where nodes, when upgrading agent code, could fail to properly restart some processes. This interfered with rebalancing of clusters.
  • Metadata values containing unicode, spaces, and certain other punctuation characters no longer cause cloud sync to re-upload the data.

Known Issue:

  • If a cloud sync container mapping exists, removing the cluster will fail. Remove the cloud sync mappings prior to removing the cluster to work artound this limitation. The issue will be resolved in a following release.

4.5.0.2 (October 5, 2016)

Bug Fix:

  • Fixed the validation of Amazon S3 credentials when creating cloud sync mappings.

4.5.0 (October 3, 2016)

Features:

  • Added tracking and display of disk serial numbers and drive tray blinking; may not work for multipath chassis yet.
  • Node drive management page can set or clear enclosure disk tray blinking. The cluster auto-unmount-on-disk-failure advanced setting will now also set a failed disk to blink. Formatting and mounting a device will automatically clear its blink status. Drive blinking features may not work for multipath chassis yet.
  • You can now sort the device tables on the node drive management page.
  • Improved handling of LDAP search results when multiple configured servers respond with results. A config push is required.
  • Added a secondary provider type to CloudSync credentials -- "Other". Allows for specifying an endpoint other than Amazon S3, e.g. Google Cloud Storage.

Bug Fixes:

  • Improved reliability of node connectivity checker for large clusters.
  • Fixed issue on RHEL/CentOS 7.x nodes where Swift services did not get their open file descriptor limit raised. Swift daemons must be restarted to get the raised limits.
  • Fixed race condition that would sometimes interfere with concurrent formatting and mounting of drives on multiple nodes.
  • Object deletions in Swift will be propagated to the CloudSync buckets correctly.

Known Issue:

  • Clusters with erasure-coded storage policies running Swift 2.7.0.2 or earlier suffer from a memory leak in the object-reconstructor (see Launchpad Bug 1628906 for more information). Swift version 2.9.0.1 avoids the memory leak. Affected clusters should be upgraded to the latest Swift version as soon as possible.

4.4.0.2 (September 13, 2016)

Bug Fixes:

  • Fix issue preventing node agent code upgrade on RHEL/CentOS operating systems when the rpmdevtools package is installed on the node.
  • Fixed a problem that could interfere with controller restore.
  • Fixed issue which could cause spurious "No recent successful rsync of cluster metrics" alerts.

4.4.0.1 (September 8, 2016)

Features:

  • Cloud Sync now uploads up to ten objects in parallel on each node.
  • Cloud Sync validates S3 credentials at the time of addition. Initially, it only checks the ability to ListAllMyBuckets. This will require a potential change in the IAM policy to include permissions for ListAllMyBuckets. When a mapping is added, PUT, HEAD, and DELETE permissions for objects in the bucket are also validated.
  • Swift3 users may now access buckets in other users' accounts if appropriate ACLs have been set. Use an access ID like <your access ID>:<target> to access buckets in the target account. Note that you will need to use this same access ID when setting the ACL, and you will need to include any auth prefixes (such as AUTH_ or KEY_ ) when specifying the account.
  • On RHEL/CentOS/OL 7.x operating systems, SwiftStack no longer uses the system Python. This will decrease the chance of SwiftStack software interfering with other code.
  • There is a new version of Swift, but it only changes file locations for RHEL/CentOS/OL operating systems; the Swift code itself is unchanged. You do not need to upgrade if you are already running Swift version 2.9.0.
  • The SwiftStack Controller On-Premises now has a global option to disable firewall management on SwiftStack nodes. This is an advanced deployment scenario, and if you don't manage the firewall somehow, the cluster will not work. Please contact SwiftStack support if you require this.
  • The SwiftStack Controller On-Premises now supports deployment behind a reverse proxy. This is an advanced deployment scenario, and should not be utilized unless absolutely required. Please contact SwiftStack support if you require this.

Bug Fixes:

  • Swift3 now supports virtual-host-style access when using v4 signatures.
  • If a SwiftStack controller upgrade fails after database migrations have run, the installer will now roll them back.
  • Fixed issues on systems with restrictive umasks like 0077.

4.3.0.3 (August 19, 2016)

Features:

4.3.0 (August 18, 2016)

Features:

  • Swift version 2.9.0 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • Data can now be encrypted at rest in SwiftStack. To enable this feature, the Key Master and Encryption middlewares must be enabled and configuration pushed. A previously deployed cluster cannot have its data encrypted. Encryption must be enabled on new clusters before the pushing the configuration for the first time. Swift version 2.9 is required to use this feature.
  • CloudSync now supports v4-only regions: Frankfurt, Seoul, and Sydney.
  • If you need to disable the security protection which prevents the controller from being accessed with a mismatched Host: header, you can now do so by running sscontrol config set CONTROLLER_DISABLE_HOST_HEADER True, waiting for the value to appear in /opt/ss/etc/ssman.conf.sh, and then re-running the controller upgrade process.
  • Some convenience files that were placed in /etc/profile.d/ by the controller installation are now placed in /opt/ss/etc/profile.d/ and are therefore no longer active by default. If you want to use them, you can create symlinks from /etc/profile.d/ into the files in /opt/ss/etc/profile.d/.

Bug Fixes:

  • Unauthorized users cannot use autoprovisioning to add a node to a cluster.
  • Cloud Sync ensures that all data is copied by re-checking it if a drive is replaced.
  • Deleting a mapping of a container to one bucket and adding a mapping of the same container to another bucket will reupload all of the data to the new bucket.
  • CloudSync now includes the DLO X-Object-Manifest header with the objects and allows for reconstruction of the data back from S3.
  • The node connectivity checker no longer generates false alerts during Swift upgrades.
  • The SwiftStack controller can now be properly installed by the root user, without creating any service account with no-password sudo access. The root user account does not need sudo access.
  • The controller install process no longer requires the ability to SSH back into localhost without a password.
  • The superuser column is correctly displayed for invited users of the controller.
  • Adding a disaster recovery stand-by controller now works correctly when using IPv6.

Known Issue:

  • If encryption is enabled, CloudSync data in S3 will be in the encrypted form.

4.2.0.1 (August 1, 2016)

Bug Fixes:

  • The node connectivity checker no longer checks some Swift ring device ports when it shouldn't.
  • Cloud Sync daemons validate ETags between S3 and Swift correctly, avoiding a copy of objects into S3 from each of the daemons. A config push is required to activate this change.

Known Issue:

  • Cloud Sync does not currently support the following AWS regions: Frankfurt, Seoul, and Sydney. The restriction will be removed in a subsequent release.

4.2.0 (July 28, 2016)

Features:

  • Cloud Sync allows for continuous one-way replication from a SwiftStack container to an Amazon S3 bucket. This gives you the ability to automatically provide access to data in the public cloud or to use another site for an additional level of data protection.
  • Connectivity issues between Swift nodes in a cluster are now automatically detected and alerted on. Connectivity status will also be reported when running ssdiag on nodes. See the Firewall Security for guidance on which ports must be accessible for SwiftStack Nodes.
  • Swift upgrades now operate on storage nodes first and proxy-only nodes last. Within each Node Role group, nodes will fully upgrade in each Zone before moving on to the next.
  • If utilization processing is not successfully completing, an alert will now be generated.

Bug Fixes:

  • Previously, rolling Swift upgrades on RHEL/CentOS 7.x platforms could fail if a client held a connection open forever. Now, on all operating systems, upgrades stop Swift services in two stages: existing connections get up to 45 minutes to complete before the services are forcefully terminated.

4.1.0 (July 14, 2016)

Bug Fixes:

  • New CentOS/RHEL nodes can install Swift even if a previously-hard-coded user and group ID is already in use.
  • Fixed a bug preventing subsequent config deploys with IPv6 and the SwiftStack Load Balancer.
  • Gateway configuration now allows specifying a URL ending with a two character country code.
  • If a package fails to install during auto-provisioning, the controller will attempt to correct the problem on retry.
  • Fixed a bug that leads to the auto-provisioning screen to remain at the "Finished claim" stage indefinitely.
  • Improved error messages on failures during auto-provisioning.
  • Non-proxy Swift nodes will now correctly repair their firewall rules.
  • Use the group of the installing user when installing the controller.
  • Added ssh packages in cases where the target node does not contain the packages and cannot retrieve them from any repository.
  • Fix issue with "firewall-cmd" on some CentOS/RHEL controllers with stale or missing upstream package repositories.

Known Issues:

  • When using the SwiftStack Load Balancer, you should always submit the interface-assignment form (even if it was already correct). The requirement will be removed in the next release.
  • If the SwiftStack Load Balancer is not used, remove all invalid or not fully configured groups before a config deploy. The requirement will be removed in the next release.

4.0.0.2 (June 30, 2016)

Bug Fixes:

  • Fixed display of the Auth and Web Console URLs for clusters which were using the SwiftStack Load Balancer without a hostname.

4.0.0.1 (June 29, 2016)

Features:

  • New SwiftStack Load Balancer. The LVS-based load balancer has been replaced with a better round-robin DNS–based system. Note that if you use the SwiftStack Load Balancer, you must take action. For more details about the new SwiftStack Load Balancer, see the full documentation.
  • NTP orphan mode is now enabled. This allows nodes to maintain consistent time between themselves when no external time sources are available.
  • Newly created clusters will now default to having proxy servers respond with Storage URLs with the same hostname the proxy was queried with. The new default override_storage_hosts setting can be overridden on the SwiftStack Authorization middleware page.

Bug Fixes:

  • Fixed a display issue on config push page when adding and removing custom middleware before a config deploy.
  • Allow removal of policies from devices if configuration has not yet been deployed.
  • Fixed issue with incorrect display of role changes on config deploy page.
  • Devices on disabled nodes can now be immediately removed from storage policies. If all devices are removed, the node can then be deleted.
  • Fixed a bug in the autosharder middleware that prevented the proxy-server from starting on Ubuntu operating systems.
  • Fixed Oracle Linux detection during installation.
  • Display error message if /home/swiftstack folder is not created properly during install.
  • Display error message if email address during installation VPN certificate generation is over 40 characters in length.
  • Fixed issue that allowed LDAP controller users to get a password in the controller's local user database.

Known Issues:

  • If you rename an RRDNS Group that has outstanding changes to other settings, the list of changes on the config push page can get duplicate entries. This issue is cosmetic and does not affect correct operation of the SwiftStack Load Balancer.

3.14.0.3 (June 20, 2016)

Bug Fix:

  • Fixed Swift3 to allow requests when proxy servers are not in the UTC timezone.

3.14.0.2 (June 13, 2016)

Bug Fixes:

  • Fixed one last middleware package to work with newest Swift (2.7.0.2)

3.14.0.1 (June 8, 2016)

Bug Fixes:

  • Fixed regression in the swift3 that shipped with controller release 3.14.0 that broke v2 pre-signed URLs.
  • Fixed some middleware packages to work with newest Swift (2.7.0.2)

3.14.0 (June 6, 2016)

Features:

  • Swift version 2.7.0.2 is available. Notable improvements include: concurrent bulk deletes, fixes for SLO, EC, logging, and even number quorum size (even quorum is now >= 1/2 instead of 1/2 + 1), and the removal of the threads-per-disk feature.
  • The threads-per-disk feature is now officially deprecated, and every cluster using it should be upgraded to the latest Swift version and switch to using servers-per-port.
  • Added support for AWS Signature v4 in the swift3 middleware.
  • Added visibility into cluster rebalancing: new tab on cluster monitor page.
  • Added support for CentOS and Oracle Linux 6.8.
  • SwiftStack nodes now automatically detect packaging conflicts that would prevent config pushes from succeeding. In the event this occurs, an alert will be opened with more information, and config pushes will be blocked until the problem is resolved.

Bug Fixes:

  • Fixed how winbind is checked on CentOS/RHEL 7.x.
  • Added CSV format for more Utilization API endpoints, making them consistent with existing documentation.
  • Fixed race condition where LDAP controller users could occasionally revert to broken local user accounts, preventing login.

3.13.0 (May 19, 2016)

Features:

  • Added support for RHEL 6.8
  • Graphs of partition placement on nodes now available under the Admin's graphs page.

Bug Fixes:

  • Fixed regression in 3.12.0 where a proxy-only node would hold up ring rebalancing.
  • Various package dependency issues resolved.
  • Ongoing problems that raise alerts will no longer result in multiple alerts for the same issue.
  • Fixed a bug in the Gateway that would cause a restart loop when attempting to upload a file larger than the cache.
  • The controller install will no longer fail on systems with IPv6 support disabled.

3.12.0.1 (May 9, 2016)

Bug Fix:

  • Fixed issue where rsync could fail on non-object account or container nodes due to a missing required directory. This will be automatically fixed.

3.12.0 (May 5, 2016)

Features:

  • Swift nodes now try to restart required system daemons if they are not running.
  • Improved ring rebalancing and pushing to nodes: ring rebalancing will not happen until every enabled node in the cluster has completed at least one full replication cycle since the last time rebalanced rings were pushed out. This will prevent replication "demand" from outstripping "supply". There is no longer an "add/remove immediately" option for capacity changes: they are always gradual.
  • min_part_hours can now be configured per-storage policy in the administrative interface.

Bug Fixes:

  • Fixed issue where ss-python-dateutil could break system packages depending on python-dateutil on CentOS/RHEL 6.x platforms.

3.11.0 (April 21, 2016)

Features:

  • Swift version 2.7.0 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • Added support for Oracle Linux 7.2.
  • Improved multipart and metadata support in Swift3. A config push and proxy server restart is required to activate the changes.
  • Exposed the "request_node_count" as a tunable setting for proxy nodes.
  • Enabled Swift to submit GET and HEAD requests concurrently to the replicas for a given object, returning the first result. For EC policies, only HEAD requests are concurrent. This feature requires Swift 2.7.0 and is enabled by default for new and upgraded clusters. After an upgrade, configuration needs to be pushed to the cluster to propagate the setting. To disable the feature, toggle the "proxy_server_concurrent_gets" field. Administrators can control the concurrency of the requests by changing the "proxy_server_concurrency_timeout", which changes the time between sending a GET or HEAD request to the next replica.
  • Reduced warning about missing backups in the log files for newly provisioned controllers.

Bug Fixes:

  • Swift LDAP middleware verification requests are now only sent to proxy nodes, eliminating potential false negative results.
  • Unresponsive drives properly trigger notifications as failing.
  • Long container names are presented correctly in Swift Web Console.
  • Network bandwidth graphs properly handle periods in the names (e.g. "bond.2").
  • Storage policy names can be edited after the policy has been created.

Known Issue:

  • With SwiftStack controller versions 3.9 and 3.10, prior to Swift version 2.7, Swift proxy-server will fail all requests with status 500 if rsyslog is not running. Restarting rsyslog service should return the Swift proxy-server back to normal state. Swift 2.7 contains a bug fix that ensures the proxy-servers continue to process requests even if rsyslog stops running.

3.10.0.1 (April 13, 2016)

Bug Fixes:

  • Updated redistributed samba packages to include fix for the "Badlock Bug". Users of the SwiftStack Gateway will need to upgrade their samba-related packages and make sure samba is restarted.
  • Fixed Swift health checker regression in 3.10.0, when restarting Swift daemons on Ubuntu platforms.
  • Fixed issue that could delay node vpn client reconnect during controller upgrade.
  • Fixed issue with form validation that prevented changing the name of a Replicated Storage Policy once it was deployed.
  • Improved robustness of restarting services on the controller.

Known Issue:

  • The SwiftStack Gateway does not support IPv6 (this was omitted from the original release notes for 3.9.0.1).

3.10.0 (April 7, 2016)

Features:

  • Added support for Oracle Linux 6.7.
  • Swift clusters behave better when one or more storage disks fill up (you should still not let this happen). Previously, rsync replication operations could fill disks to a point which interfered with object DELETE requests. Now rsync is disabled when a disk is full; with Swift >= 2.5.0, rsync is disabled per-disk, while it is disabled server-wide for older versions of Swift. All customers are encouraged to upgrade to the latest version of Swift. A config push is required to gain this protection.
  • The "Object replicator emergency replication" mode is more effective at draining full disks after additional capacity has been added to a cluster. You should always add capacity before disks fill up.
  • Some numeric Swift tunables which are floating-point values in newer versions of Swift are now floating-point in the controller. When pushing config to clusters running older versions of Swift, the values will be truncated to the nearest integer.
  • Controller now uses the Strict-Transport-Security header to more securely redirect HTTP requests to use HTTPS.
  • A new Swift tunable, "Object replicator rsync max connections per disk", will limit the number of simultaneous replication rsync operations per disk. This feature requires Swift >= 2.5.0 and a config push to take effect. This new setting defaults to 4.

Bug Fixes:

  • Fixed issue where rsyslog dying could interrupt Swift services. The Swift health checker now ensures rsyslog is running prior to restarting Swift services.
  • Log messages will no longer get lost due to rate-limiting on CentOS/RHEL 7.x nodes.
  • Controller logins are no longer unnecessarily slow in some circumstances.

3.9.0.1 (March 21, 2016)

Features:

  • The controller and Swift nodes now support IPv6. Swift version 2.6.0.3 or later is required to use IPv6. A mixture of IPv4 and IPv6 is not supported. The SwiftStack Load Balancer is not supported with IPv6. The SwiftStack Gateway is not supported with IPv6.
  • Proxy servers can now be restarted outside of a config deploy. This is done from the deploy page.
  • New clusters, and clusters with the default values for Swift workers, will now use the value of auto, allowing Swift to better utilize system resources. You may see "Pending Configuration Changes" related to this automatic migration. You must push config to your clusters to take advantage of the superior default.
  • A new setting under "Object Settings" in the cluster Swift tuning page called "Object replicator emergency replication" can help clusters whose disks have become full recover more quickly. It should be disabled after the full disk or disks have drained enough data.
  • The default value for the Swift object replicator tunable "rsync timeout" was too low and has been raised. Existing clusters using the default value have been automatically adjusted to use the new default. You must push config to your clusters to take advantage of the new, higher, value.

Bug Fixes:

  • The Swift object-replicator will no longer copy rsync temporary files when copying hashdirs. A future version of Swift will automatically clean up any existing "orphaned" rsync temporary files.
  • CentOS and RHEL nodes can now infer the Content-Type of uploaded files.
  • Security bug (CVE-2016-2512) allowing maliciously crafted controller URLs to redirect users to other domains has been fixed. Learn more.
  • Clusters using object servers per port configurations will use significantly fewer operating system threads.
  • Fixed issue preventing PUT (data into Swift) data from showing up in the proxy throughput graphs for RHEL and CentOS 7.x nodes.
  • Reduced page load time for the cluster "Swift Usage" page. Note that the utilization data is designed for batch usage, so this page may still take a long time to load.
  • Fixed some issues with the Gateway on RHEL/CentOS 7.x.
  • Fixed issue where an existing chrony package on RHEL/CentOS 7.x nodes could interfere with ntpd.
  • For Swift nodes terminating SSL, the "stud" process is now expected to be running and will show up in ssdiag and an alert if it is not running when it should be.
  • Fixed a way in which the Swift health checker could say the object-server was not working when it actually was fine.
  • Fixed a bug that caused proxy nodes that did not support the avx cpu instruction set running erasure coded policies to fail on GETs and PUTs of objects in erasure coded containers. If you have a cluster affected by this bug, you need to push a new config and restart proxy servers.
  • New controllers will no longer issue alerts about failing to create backups.

3.8.0.3 (March 8, 2016)

Bug Fixes:

  • Fixed issue sending emails from the controller.

3.8.0.2 (March 3, 2016)

Bug Fixes:

  • Fixed issue preventing setting Account ACLs with Swift version 2.6.0.3. A config push and proxy server restart is required for the fix to take effect in any cluster already running 2.6.0.3.
  • Fixed issue where "ss-collectd" package installation could occasionally cause Ubuntu controller installations to fail.

3.8.0 (February 25, 2016)

Features:

  • Swift version 2.6.0.3 is available. See Swift Changelog for more information. Customers are encouraged to upgrade their Swift clusters at their earliest convenience.
  • On cluster tuning page, the number of workers may now be set to "auto" to set the number of workers to the number of CPU cores (only for Swift 2.0 and later). A config push is required to make the change take effect.
  • Controller Recovery is now generally available. See the documentation for more information.

Bug Fixes:

  • The partition power on new rings is now limited to 22. This is to prevent creation of rings that adversely affect performance.
  • Services that fail to start will no longer get restarted indefinitely by Systemd on RHEL/CentOS 7.x controllers and nodes.
  • Increased robustness of node ingestion.
  • Some RHEL/CentOS systems have a default per-user-session process limit which could cause problems on Swift nodes in certain configurations. The SwiftStack node agent now automatically raises this limit.
  • With servers-per-port active, the controller now assigns device port numbers contiguously so node firewall rules have no "holes". A config push is required to change existing nodes.
  • Firewall rules for RHEL/CentOS 7.x nodes will now be correctly active after reboots.
  • RHEL/CentOS 7.x nodes will automatically install and/or enable firewalld if necessary, so required firewall rules can be active.
  • Outgoing email settings changes now take effect immediately.
  • Extraneous files will no longer pile up in the /var/lib/ss-utilization/ tree.
  • Fixed log rotation issues on some CentOS/RHEL installation.
  • Fixed issue where having /home be a symlink to another filesystem could cause an install to fail.

3.7.0.1 (February 4, 2016)

Bug Fix:

  • Fixed a data migration scalability issue.

3.7.0 (February 4, 2016)

Feature:

  • Added replication stats to cluster Swift Stats and node monitor pages.

Bug Fixes:

  • Fixed issue with parentheses in LDAP CNs for controller and Swift LDAP integration. A config push and restarting the proxy servers is required for the new code to take effect.
  • Fixed issue on CentOS/RHEL 7.2 which could prevent the database from starting when the controller server boots.

3.6.0 (January 21, 2016)

Feature:

  • Added alerting when configured interfaces disappearing from nodes.

Bug Fixes:

  • A new Swift version is available (2.5.0.2.1) which fixes CVE-2016-0738. Customers are encouraged to upgrade their Swift clusters at their earliest convenience. Client disconnects during large-object downloads would leak file descriptors on the proxy, eventually leading to resource exhaustion.
  • Improved file validation on the SwiftStack Gateway. This will require a Gateway upgrade.

3.5.0 (January 7, 2016)

Bug Fixes:

  • Better unicode support for Swift3

3.4.0.1 (January 5, 2016)

Bug Fixes:

  • Better handle background work jobs that consume a lot of RAM.

3.4.0 (December 17, 2015)

Bug Fixes:

  • Fixed problem where a Swift Web Console URL without a trailing slash would not work for a cluster with SSL enabled.
  • Fixed issue when nodes have existing Centrify packages installed.

3.3.0.1 (December 10, 2015)

Bug Fix:

  • Fixed a security issue in the Swift3 middleware that allowed replay attacks. See Launchpad Bug 1497424 for more information; the vulnerability is being tracked as CVE-2015-8466. A config push and proxy-server restart is required to activate the fix.
  • Fixed issues which would cause upgrades to spuriously fail.

3.3.0 (December 3, 2015)

Feature:

  • Added support for RHEL 7.2.

Bug Fixes:

  • Several bugs were fixed in the Swift3 middleware. A config push is required to activate the change.

3.2.0 (November 19, 2015)

Features:

  • The swift db_preallocation setting will now be automatically set appropriately to maximize performance based on the kinds of devices used in Account and Container rings.

Bug Fixes:

  • Changing middleware settings will no longer result in spurious notifications about unchanged values on the cluster deploy page.
  • Improvements to the handling of software RAID devices, including the suppression of spurious health alerts for RAID devices.

3.1.0.2 (November 10, 2015)

Bug Fixes:

  • Fixed issue where Swift LDAP middleware could not be configured to have a non-default account prefix. It now works as expected and also supports multiple account prefixes. Once any data is stored in Swift using LDAP-authenticated users, the LDAP account prefixes should NOT be modified.

3.1.0 (November 5, 2015)

Bug Fixes:

  • Fixed issue affecting object deletion in the Swift Web Console. Proxy servers must be restarted and Swift Web Console windows/tabs reloaded for the change to take effect.
  • Fixed issue with Swift health check where having many tombstone files could slow it down.
  • Fixed issue with servers-per-port feature on nodes with exactly 2 disks.
  • An unreachable LDAP server can no longer prevent successful login to the controller with a local user.

3.0.0 (October 22, 2015)

  • New version of Swift (2.5.0, OpenStack Liberty) is available, including support for range requests of static large objects. See the changelog.
  • Swift logs are now uploaded to a ".logs" account within the cluster for indefinite retention.

Bug Fixes:

  • Fixed issue in which upgraded Ubuntu nodes could erroneously have duplicated configuration files, interfering with log rotation.

2.55.0.1 (October 12, 2015)

This hotfix release addresses issues in SwiftStack Controller On-Premises only, and was not deployed to platform.swiftstack.com.

Bug Fixes:

  • Fixed issue which could prevent deletion of processed Utilization data on the controller in rare cases.

2.55.0 (October 8, 2015)

Features:

  • The config-push page now includes the old and new values for changed fields. Note that currently pending changes may display improperly until the next config push.

2.54.0.3 (September 30, 2015)

Bug Fixes:

  • Increase reliability during the installation process

2.54.0.2 (September 28, 2015)

Bug Fixes:

  • Nodes with InfiniBand devices can now be ingested properly.
  • A bug that would have caused some out-of-date backups to not get deleted on time has been fixed.

2.54.0 (September 24, 2015)

Features:

  • New Swift clusters will now run one set of object-server workers per disk. To use this feature with existing clusters, you must upgrade to Swift >= 2.3.0.4, enable the feature on the Swift tuning page, and push a config to the cluster.
  • You can now set DEBUG-level logging for each type of Swift service on the Swift tuning page. A config push is required to activate the change. DEBUG-level logging should only be enabled for troubleshooting and disabled again.
  • Clusters in the "Testing" deployment status can now be deleted after disabling each node.

Bug Fixes:

  • When using the Swift3 middleware, deleting multipart uploads now deletes the underlying segments.

2.53.0 (September 9, 2015)

Features:

  • Added support for CentOS/RHEL 7.1
  • Nodes will have SELinux set to "permissive" from "enforcing"
  • Timeout/retries are configurable for the LDAP service ping in the "LDAP-based Authentication for SwiftStackAuth" middleware configuration page. For the new settings to take effect, you must push a config to the cluster.
  • Nodes no longer upgrade all packages every hour.

Bug Fixes:

  • Swift version 2.3.0.4.1 is available. It is the same as 2.3.0.4 with a backported security fix for CVE-2015-5223. You must upgrade Swift to take advantage of the bugfix.
  • LDAP group searches now work correctly from the root. You must push a config to your cluster and/or restart your proxy servers for this change to take effect.
  • Fixed bug preventing ingest of Nodes with Infiniband interfaces.
  • On the SwiftStack Gateway if a full synchronization is performed segmented files will not be mistakenly downloaded to compare MD5 checksums.

2.52.0 (August 20, 2015)

Features:

  • Multiple LDAP endpoints can now be disambiguated when authenticating with SwiftStack LDAP Authentication. See the documentation for more information.

Bug Fixes:

  • Fixed a regression (regrettably introduced in 2.51.0) in some features (for example, configuration of cluster network interface rules) relying on Ajax requests.
  • Users with the Cluster Operator role may once again ingest nodes without receiving an erroneous Forbidden error.
  • The licensing form now accepts UTF-8-encoded input correctly.
  • Fixed an issue in the SwiftStack Gateway that could prevent local accounts from being authenticated.
  • Applied security fixes preventing a denial-of-service vulnerability in the Django web application framework's session store (CVE-2015-5963 and CVE-2015-5964).

2.51.0.2 (August 11, 2015)

This hotfix release addresses issues in SwiftStack Controller On-Premises only, and was not deployed to platform.swiftstack.com.

Bug Fixes:

  • Fixed some potential install issues for most supported SwiftStack Controller On-Premises operating systems.

2.51.0.1 (August 10, 2015)

Features:

  • Add support for CentOS 6.7

2.51.0 (August 6, 2015)

Features:

  • Storage nodes can now detect and use NVME drives.
  • Improved UI for the cluster Users page; it is now possible to toggle a user's superuser or enabled status without also setting their password.
  • Alerts regarding failed config pushes now also link to the relevant workjob.
  • The Swift Drives page now indicates whether a drive is an SSD or HDD.
  • When installing or upgrading the controller, SELinux will be set to permissive if it was previously set to enforcing.

Bug Fixes:

  • Swift version 2.3.0.4 is available. This version replaces 2.3.0.3 which had a bug preventing configuration changes from taking effect. Any Swift cluster running 2.3.0.3 should immediately upgrade.
  • Improved Swift3 compatibility for the SwiftStack Auth middleware. This change requires a proxy server restart.
  • Improved prefix filtering for the Web Console. This change requires a proxy server restart.
  • Various fixes to the node agent.

Known Issues:

  • If you created a new cluster or upgraded Swift on an existing cluster since the previous release, you will not be able to ingest new nodes for that cluster until you upgrade Swift. Clusters running Swift 2.3.0.3 should be immediately upgraded to Swift 2.3.0.4.
  • CentOS 6.7 will be released in the near future. Registering or ingesting CentOS nodes that follow the Continuous Release repositories may be broken. This will be addressed in a future release, after CentOS 6.7 is released.

2.50.0.1 (July 28, 2015)

This hotfix release primarly addresses issues in SwiftStack Controller On-Premises only, and was not deployed to platform.swiftstack.com.

Bug Fixes:

  • Provide initial support for RHEL 6.7 (CentOS 6.7 is not released yet).
  • Fix issue with LDAP server connectivity check when using RRDNS for LDAP or AD server names.

2.50.0 (July 23, 2015)

Features:

  • Swift version 2.3.0.3 is available. This version fixes some bugs in the initial Erasure Coding support. It also reduces unnecessary partition movement with unbalanced cluster capacity. A Swift upgrade is required to take advantage of these new fixes.
  • SwiftStack Auth Swift Users can now be disabled on the Users And Accounts page (More info). After disabling or reenabling a SwiftStack Auth Swift User, you must push a config or push users to the cluster for the change to take effect.
  • A superuser SwiftStack Auth token may be used to disable any account in a Swift cluster (Account Disablement). To take advantage of this feature, you must restart the proxy servers.
  • Events created on nodes are now logged on those same nodes. These will be logged to /var/log/ssevents.log. See Events for more information about events.
  • Swift3, the Amazon S3 compatibility layer for Swift, has been updated and offers improved coverage of the S3 API.

Bug Fixes:

  • Sorting nodes by zone on the Node Management page now works properly.

2.49.0 (July 9, 2015)

Features:

  • Result pages for jobs in progress now update dynamically, and a list of all jobs is available.
  • When a rolling Swift upgrade fails, the stage at which it failed is exposed.
  • Required middlewares are now visually indicated as such.

Bug Fixes:

  • The removal of all devices from a policy is no longer allowed when doing so would prevent a config push.

2.48.0.2 (July 1, 2015)

This hotfix addresses a potential install/upgrade issue only affecting SwiftStack Controller On-Premises and was not deployed to platform.swiftstack.com.

  • Fixed a dependency issue preventing installation on Ubuntu Precise and Trusty.

2.48.0 (June 26, 2015)

Features:

  • Added a download link to the job-result page.
  • Improved UI on the Swift tuning and middleware configuration pages.
  • Improved output and diagnostics from ssdiag.
  • Added the ability to manage account and container ACLs from the Web Console.
  • Controller user API keys can now be rotated from the command-line.

Bug Fixes:

  • Improved Unicode support in the SwiftStack Gateway. This will require a Gateway upgrade.
  • Removed the SwiftStack Gateway Optimize-for-SMB/NFS setting, as it could cause data corruption. This will require a Gateway config push.

2.47.0.1 (June 17, 2015)

Bug Fixes:

  • Fixed a bug in which async_pending writes could fail in some cases.

2.47.0 (June 11, 2015)

Features:

  • The user's username is now also displayed on the Edit Organization API Keys page.
  • ssdiag now reports SELinux status (we recommend SELinux be set to "disabled" or "permissive").
  • Added a list of background work jobs to the UI, accessed via a link in the header. The information is currently "raw" and mostly suitable for providing to SwiftStack Support, but this page will be improved in future releases.
  • Added a "Go Now" link for System alerts.

Bug Fixes:

  • Fixed a package dependency in the ss-swift package which could cause upgrades to fail. If you have already upgraded to 2.3.0.2, then you do not need to upgrade again at this time.
  • Fixed bug in Utilization processing for Swift account names containing tabs.
  • Fixed bug in Swift Web Console when the container list had multiple pages.

2.46.0 (May 28, 2015)

This release consists primarily of back end improvements in preparation for upcoming feature releases.

Bug Fixes:

  • Fixed a bug making it impossible to acknowledge system-wide alerts.
  • Whether the controller allows signups without an invitation code is now configurable through the sscontrol CLI (as the SIGNUPS_ALLOWED config entry).

2.45.0.1 (May 13, 2015)

This hotfix addresses a potential install issue only affecting SwiftStack Controller On-Premises and was not deployed to platform.swiftstack.com.

  • Fixed an issue preventing installation when the environment contains exported shell functions.

2.45.0 (May 7, 2015)

  • New version of Swift (2.3.0) is available. For more details, see the changelog.
  • Added configuration of new Swift 2.3.0 tunable memcached settings.
  • Added configuration of proxy access log headers settings (under Proxy Settings on the Swift Cluster Tuning page).

Bug Fixes:

  • Improvements to the Swift Web Console, including filtering objects by prefix and supporting container listing limits under 10,000.
  • Fixed a unicode issue in the SwiftStack Gateway affecting directories with many files. You must upgrade your Gateway to version 0.0.138 to take advantage of this fix.
  • Swift node processes now run with NSS_SDB_USE_CACHE=YES to work around a behavior which could cause excessive and spurious dentry cache growth. See this RedHat bug for more details. This issue seems to be rare and may only affect RHEL 6.x. You must push a config to your cluster and upgrade Swift to fully take advantage of the environment variable.
  • Fixed an issue preventing SwiftStack Gateway installation on Ubuntu 14.04.
  • Improved robustness when collecting Swift Account DB data for utilization.

2.44.0.2 (Apr 23, 2015)

Bug Fixes:

  • Fixed issue preventing controller sign-up when pasting an invite code into the form field (versus having the invite code in the URL).

2.44.0.1 (Apr 16, 2015)

This hotfix addresses one potential install issue only affecting SwiftStack Controller On-Premises and was not deployed to platform.swiftstack.com.

2.44.0 (Apr 16, 2015)

Features:

  • Upgraded Keystone-related middlewares to add support for Keystone V3. You must push a config to your cluster after the deploy to take advantage of this feature.
  • Unmounted devices can be deleted again (this was possible in the past and is useful in some workflows).
  • The Swift health check now also alerts if the async_pending recon cron job has not run recently.
  • Significant UI improvements for the network rule configuration editor.

Bug Fixes:

  • Removed the "Cluster Capacity (Fill Rate & Est. Total Usable Free)" graph on the cluster capacity monitoring page, because it has never actually been useful.
  • Controller hostnames can now contain capital letters (hostnames are inherently case-insensitive).
  • Fixed a controller install issue affecting some Ubuntu Precise and Trusty servers.

2.43.0.1 (Apr 7, 2015)

Bug Fixes:

  • Fixed edge case in ring rebalancing which could cause ring rebalancing to take an excessive amount of time.
  • Fixed issue in uninstall-swiftstack-node affecting RHEL/CentOS operating systems.

2.43.0 (Apr 2, 2015)

Features:

  • A new Swift version is available (2.2.2.1) which fixes CVE-2015-1856. Customers are encouraged to upgrade their Swift clusters at their earliest convenience. An authenticated user could delete the most recent version of any versioned object whose name was known, if the user had listing access to the X-Versions-Location container.
  • Added support for the Keystone Auth Token middleware configuration items token_cache_time and revocation_cache_time.
  • Added support for the Static Large Object middleware configuration items min_segment_size, max_manifest_segments, max_manifest_size, rate_limit_after_segment, rate_limit_segments_per_sec, and max_get_time.
  • Added the ability to tune replication maximum rsync connections setting for Accounts, Containers, and Objects on the cluster tuning page (the default is the previously-hardcoded value of 25).
  • Added a raw cluster capacity API endpoint (see View Cluster Disk Capacity). It basically returns the table data from the cluster capacity planning page via the controller REST API.
  • Added the ability to create rules for automatically configuring which interface a new node will use, for outward-, cluster-, and replication-facing interfaces. See Network Rules for more. As part of this, the algorithm for assigning these interfaces without the presence of rules was updated to be a little more intelligent.

Bug Fixes:

  • Fixed issue in SwiftStack Gateway where the gateway could fail when receiving large (multi-gigabyte) files containing all NUL bytes. This will require a Gateway upgrade.
  • Fixed an issue in Swift Web Console where a session timeout would lead to failed requests with no indication of what happened. Proxy servers must be restarted for this change to take effect (upgrading to the new version of Swift, which is recommended, will include a graceful, rolling proxy-server restart).

2.42.0 (Mar 19, 2015)

Features:

  • Added a new Delegated Authorization Swift middleware. It requires an external web service and associated Swift client changes (not provided), but can support advisory/cooperative Swift object semantics for various workflows.
  • Gradual capacity adjustment now adds or removes disks much faster, when possible.
  • SwiftStack Node Agent, Swift or Gateway code may be fully uninstalled by running uninstall-swiftstack-node as the superuser. While this can be done at any time, it is recommended to delete the Node in the controller GUI first, then uninstall the Node's software.
  • SwiftStack Authorization middleware can now be configured to return storage URLs with the same domain as the authentication request.
  • Swift middleware can now be configured before enabling a Swift Node.

Bug Fixes:

  • Submitting multiple gradual capacity adjustments to different disks on the same node at different times will now only push new rings to the Swift nodes at most once per hour.
  • Fixed Device Health check to better detect a class of disk failure.
  • Fixed issue with Keystone Auth Token middleware where it would retry failed connections forever. Also added configuration of timeout and retries values, which can help mitigate the impact for other authorization systems when the Keystone server is unavailable. You must edit the Keystone Auth Token middleware, save, and push a config to your clusters for the new settings to take effect.
  • Fixed issue where the Swift health checker could spuriously think a server wasn't working.
  • Improved user experience in the Swift Web Console in preparation for Internet Explorer support in a future release. A proxy-server restart is required for this change to be active.
  • Package bootstrapping during install/upgrade will no longer downgrade a package that's already installed.

2.41.0 (Mar 5, 2015)

Features:

  • LDAP users with commas in their names (e.g. CN=Doe, John,OU=SomeGroup,DC=somecorp,DC=com) are now fully supported for Swift and SwiftStack Controller On-Premises authentication/authorization.
  • You may now add a custom login banner for the SwiftStack Controller On-Premises (See Adding a Login Banner).

Bug Fixes:

  • Fixed possible Server Error page during node claim.
  • SwiftStackAuth no longer allows the user "bob" to automatically access a Swift account called bob (but the user "bob" still automatically has administrative privileges for the Swift account, AUTH_bob). A proxy-server restart is required for this change to be active.
  • SwiftStackAuth no longer allows usernames which start with a handled prefix (e.g. AUTH_, LDAP_, etc.). A proxy-server restart is required for this change to be active.
  • If there is a SwiftStackAuth user "bob" and an LDAP user "bob", then the SwiftStackAuth user will not be able to access the Swift account, LDAP_bob and the LDAP "bob" will not be able to access the AUTH_bob Swift account. Also, the returned X-Storage-Url for the LDAP "bob" user has been fixed. Even with these fixes, shadowing usernames between the two authentication systems (SwiftStackAuth and LDAP) is NOT recommended. A proxy-server restart is required for this change to be active.
  • Gateway index synchronization now works correctly with Unicode file/directory names. You must upgrade your SwiftStack Gateways for this change to take effect.
  • SwiftStack Gateway Samba packages were updated to contain a fix for a recent security issue. The Samba packages on SwiftStack Gateways will automatically upgrade within 1 to 2 hours after the SwiftStack Controller On-Premises upgrade.

2.40.0.1 (Feb 18, 2015)

Bug Fixes:

  • Increase AJAX request timeout on cluster's monitor nodes dispersion graph.
  • Ingesting nodes as replacement fixed.

2.40.0 (Feb 12, 2015)

Features:

  • New version of Swift (2.2.2) includes changes to data placement. For more details, see the changelog. To take advantage of the new features and bug fixes, you must initiate a Rolling Swift Upgrade in each cluster.
  • Added a visualization for the disk usage and dispersion by node. Find this under the Monitor Cluster page, in the "Nodes" tab.
  • The SwiftStack Gateway now supports Unicode characters in directory and filenames within shares. See important Known Issue below regarding a particular CentOS kernel. A user-initiated Gateway upgrade is required to take advantage of this new feature.

Bug Fixes:

  • When using LDAP authentication, an unreachable LDAP server no longer prevents users with valid SwiftStack Auth credentials from accessing the cluster. Proxy servers must be restarted for this change to take effect (upgrading to the new version of Swift, which is recommended, will include a graceful, rolling proxy-server restart).
  • SwiftStack Auth V2 responses now have a correct Content-Type header. Proxy servers must be restarted for this change to take effect (upgrading to the new version of Swift, which is recommended, will include a graceful, rolling proxy-server restart).
  • Utilization API now behaves better when there is no data for the specified storage policy index.
  • Invitation links for users invited to join your Organization can now be retrieved in the case that the email did not get sent or was lost.
  • Fixed a bug that caused upgrading a controller with no nodes to fail.

Known Issues:

  • On CentOS, kernel version 2.6.32-504.1.3.el6.x86_64 has exhibited kernel panics when filenames or directories include Unicode characters in a Gateway share and are accessed via NFS. Customers have also reported kernel panics with kernel version 2.6.32-504.el6.x86_64-x86_64-with-redhat-6.6-Santiago during NFS usage, even when not using Unicode file or directory names. Kernel versions from 2.6.32-504.8.1.el6.x86_64 have been verified to not have either issue.
  • Gateway index synchronization does not work with Unicode file/directory names. This will be fixed in a future release.
  • Unicode characters are not allowed in the Swift Account, Swift Container, or share names for the Gateway.

2.39.0 (Jan 29, 2015)

Features:

  • Added ability to delete claimed-but-not-ingested nodes.
  • Added a write-check device health metric.
  • Added disk-capacity graphs for nodes.
  • Added audit logging for administrative controller tasks.

Bug Fixes:

  • Fixed an issue when remounting an already-mounted device.
  • Fixed an issue when a regular file is found at an expected mount point.
  • Fixed an issue with V2 auth via SwiftStack Auth over SSL.
  • Fixed dependency issues with the Gateway.
  • Fixed issue where invalid response from system package manager could cause a subsequent config push to fail.
  • Fixed a potential issue with RPM signing during install.
  • Fixed an issue with email addresses gathered during install.

2.38.0.1 (Jan 21, 2015)

Bug Fixes:

  • Fixed issue on nodes where a background thread could exit early, generating log noise.
  • Fixed issue rotating rsync log file on Swift nodes when SELinux is enforcing.

2.38.0 (Jan 15, 2015)

Features:

  • Node monitor page now displays open alerts for that node.

Bug Fixes:

  • Node disk mounting on boot now has a time-bounded retry loop.
  • The setup-swiftstack.sh installer now accepts a broader range of characters for the Organization name.
  • The controller installation pre-check script now allows RHEL/CentOS 6.6.

2.37.0.1 (Jan 8, 2015)

Bug Fixes:

  • Fixed resource leak on Swift nodes when LDAP cluster authentication/authorization is enabled.
  • Improved ATA-over-Ethernet device recognition.
  • Fixed resource leak in SwiftStack Controller On-Premises application server when LDAP authentication/authorization is enabled.

Older Release Notes

See SwiftStack Controller Release Notes Archive for older release notes