NEWS 96.3 KB
Newer Older
Michael Hanselmann's avatar
Michael Hanselmann committed
1
2
News
====
3

4

5
6
7
8
9
10
11
12
13
14
Version 2.8.0 beta1
-------------------

*(unreleased)*

- The :doc:`Remote API <rapi>` daemon now supports a command line flag
  to always require authentication, ``--require-authentication``. It can
  be specified in ``$sysconfdir/default/ganeti``.


15
Version 2.7.0 beta1
16
17
-------------------

18
*(Released Wed, 6 Feb 2013)*
19
20
21
22
23

- ``gnt-instance batch-create`` has been changed to use the bulk create
  opcode from Ganeti. This lead to incompatible changes in the format of
  the JSON file. It's now not a custom dict anymore but a dict
  compatible with the ``OpInstanceCreate`` opcode.
24
25
26
27
- Parent directories for file storage need to be listed in
  ``$sysconfdir/ganeti/file-storage-paths`` now. ``cfgupgrade`` will
  write the file automatically based on old configuration values, but it
  can not distribute it across all nodes and the file contents should be
28
29
30
31
32
33
34
  verified. Use ``gnt-cluster copyfile
  $sysconfdir/ganeti/file-storage-paths`` once the cluster has been
  upgraded. The reason for requiring this list of paths now is that
  before it would have been possible to inject new paths via RPC,
  allowing files to be created in arbitrary locations. The RPC protocol
  is protected using SSL/X.509 certificates, but as a design principle
  Ganeti does not permit arbitrary paths to be passed.
35
- The parsing of the variants file for OSes (see
36
  :manpage:`ganeti-os-interface(7)`) has been slightly changed: now empty
37
38
39
40
41
42
43
  lines and comment lines (starting with ``#``) are ignored for better
  readability.
- The ``setup-ssh`` tool added in Ganeti 2.2 has been replaced and is no
  longer available. ``gnt-node add`` now invokes a new tool on the
  destination node, named ``prepare-node-join``, to configure the SSH
  daemon. Paramiko is no longer necessary to configure nodes' SSH
  daemons via ``gnt-node add``.
44
45
46
47
- A new user option, :pyeval:`rapi.RAPI_ACCESS_READ`, has been added
  for RAPI users. It allows granting permissions to query for
  information to a specific user without giving
  :pyeval:`rapi.RAPI_ACCESS_WRITE` permissions.
Michael Hanselmann's avatar
Michael Hanselmann committed
48
49
50
51
- A new tool named ``node-cleanup`` has been added. It cleans remains of
  a cluster from a machine by stopping all daemons, removing
  certificates and ssconf files. Unless the ``--no-backup`` option is
  given, copies of the certificates are made.
52
53
54
- Draining (``gnt-cluster queue drain``) and un-draining the job queue
  (``gnt-cluster queue undrain``) now affects all nodes in a cluster and
  the flag is not reset after a master failover.
55
56
57
58
59
60
- Instance creations now support the use of opportunistic locking,
  potentially speeding up the (parallel) creation of multiple instances.
  This feature is currently only available via the :doc:`RAPI
  <rapi>` interface and when an instance allocator is used. If the
  ``opportunistic_locking`` parameter is set the opcode will try to
  acquire as many locks as possible, but will not wait for any locks
61
  held by other opcodes. If not enough resources can be found to
62
63
64
  allocate the instance, the temporary error code
  :pyeval:`errors.ECODE_TEMP_NORES` is returned. The operation can be
  retried thereafter, with or without opportunistic locking.
65
66
- The functionality for allocating multiple instances at once has been
  overhauled and is now also available through :doc:`RAPI <rapi>`.
67
68
69
70
- Man pages can now be included when the documentation is built, in
  which case the output is in ``doc/man-html``. The configure-time
  option is ``--enable-manpages-in-doc``. Sphinx 1.0 or higher is
  required.
Guido Trotter's avatar
Guido Trotter committed
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
- A new htool called ``hroller`` helps scheduling parallel shutdown of
  nodes on clusters where all instances are shut down, but without ever
  rebooting both primary and secondary node for an instance at the same
  time.
- Queries not needing locks or RPC access to the node can now be
  performed by the confd daemon, making them independent from jobs, and
  thus faster to execute. This is selectable at configure time.
- The KVM hypervisor has been updated with many new hypervisor
  parameters, including a generic one for passing arbitrary command line
  values. See a complete list in :manpage:`gnt-instance(8)`.
- A new tool, called ``mon-collector``, is the stand-alone executor of
  the data collectors for a monitoring system. As of this version, it
  just includes the DRBD data collector, that can be executed by calling
  ``mon-collector`` using the ``drbd`` parameter. See
  :manpage:`mon-collector(7)`.
- New ``exclusive-storage`` node parameter added. When it's set to true,
  physical disks are assigned in an exclusive fashion to instances, as
  documented in :doc:`Partitioned Ganeti <design-partitioned>`.
  Currently, only instances using the ``plain`` disk template are
  supported.
- New network management functionality to support automatic allocation
  of IP addresses and managing of network parameters. See
  :manpage:`gnt-network(8)` for more details.
- New external storage backend, to allow managing arbitrary storage
  systems external to the cluster. See
  :manpage:`ganeti-extstorage-interface(7)`.
Iustin Pop's avatar
Iustin Pop committed
97
98
99
- Instance renames of LVM-based instances will now update the LV tags
  (which can be used to recover the instance-to-LV mapping in case of
  emergencies)
100
101


Michael Hanselmann's avatar
Michael Hanselmann committed
102
103
104
Version 2.6.2
-------------

105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
*(Released Fri, 21 Dec 2012)*

Important behaviour change: hbal won't rebalance anymore instances which
have the ``auto_balance`` attribute set to false. This was the intention
all along, but until now it only skipped those from the N+1 memory
reservation (DRBD-specific).

A significant number of bug fixes in this release:

- Fixed disk adoption interaction with ipolicy checks.
- Fixed networking issues when instances are started, stopped or
  migrated, by forcing the tap device's MAC prefix to "fe" (issue 217).
- Fixed the warning in cluster verify for shared storage instances not
  being redundant.
- Fixed removal of storage directory on shared file storage (issue 262).
- Fixed validation of LVM volume group name in OpClusterSetParams
  (``gnt-cluster modify``) (issue 285).
- Fixed runtime memory increases (``gnt-instance modify -m``).
- Fixed live migration under Xen's ``xl`` mode.
- Fixed ``gnt-instance console`` with ``xl``.
- Fixed building with newer Haskell compiler/libraries.
- Fixed PID file writing in Haskell daemons (confd); this prevents
  restart issues if confd was launched manually (outside of
  ``daemon-util``) while another copy of it was running
- Fixed a type error when doing live migrations with KVM (issue 297) and
  the error messages for failing migrations have been improved.
- Fixed opcode validation for the out-of-band commands (``gnt-node
  power``).
- Fixed a type error when unsetting OS hypervisor parameters (issue
  311); now it's possible to unset all OS-specific hypervisor
  parameters.
- Fixed the ``dry-run`` mode for many operations: verification of
  results was over-zealous but didn't take into account the ``dry-run``
  operation, resulting in "wrong" failures.
- Fixed bash completion in ``gnt-job list`` when the job queue has
  hundreds of entries; especially with older ``bash`` versions, this
  results in significant CPU usage.

And lastly, a few other improvements have been made:

- Added option to force master-failover without voting (issue 282).
Michael Hanselmann's avatar
Michael Hanselmann committed
146
147
148
149
150
151
152
153
154
- Clarified error message on lock conflict (issue 287).
- Logging of newly submitted jobs has been improved (issue 290).
- Hostname checks have been made uniform between instance rename and
  create (issue 291).
- The ``--submit`` option is now supported by ``gnt-debug delay``.
- Shutting down the master daemon by sending SIGTERM now stops it from
  processing jobs waiting for locks; instead, those jobs will be started
  once again after the master daemon is started the next time (issue
  296).
155
156
157
158
- Support for Xen's ``xl`` program has been improved (besides the fixes
  above).
- Reduced logging noise in the Haskell confd daemon (only show one log
  entry for each config reload, instead of two).
Michael Hanselmann's avatar
Michael Hanselmann committed
159
160
161
- Several man page updates and typo fixes.


162
163
164
165
166
Version 2.6.1
-------------

*(Released Fri, 12 Oct 2012)*

Bernardo Dal Seno's avatar
Bernardo Dal Seno committed
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
A small bugfix release. Among the bugs fixed:

- Fixed double use of ``PRIORITY_OPT`` in ``gnt-node migrate``, that
  made the command unusable.
- Commands that issue many jobs don't fail anymore just because some jobs
  take so long that other jobs are archived.
- Failures during ``gnt-instance reinstall`` are reflected by the exit
  status.
- Issue 190 fixed. Check for DRBD in cluster verify is enabled only when
  DRBD is enabled.
- When ``always_failover`` is set, ``--allow-failover`` is not required
  in migrate commands anymore.
- ``bash_completion`` works even if extglob is disabled.
- Fixed bug with locks that made failover for RDB-based instances fail.
- Fixed bug in non-mirrored instance allocation that made Ganeti choose
  a random node instead of one based on the allocator metric.
- Support for newer versions of pylint and pep8.
- Hail doesn't fail anymore when trying to add an instance of type
  ``file``, ``sharedfile`` or ``rbd``.
- Added new Makefile target to rebuild the whole distribution, so that
  all files are included.
188
189


Iustin Pop's avatar
Iustin Pop committed
190
191
192
193
194
195
196
197
198
199
200
201
202
Version 2.6.0
-------------

*(Released Fri, 27 Jul 2012)*


.. attention:: The ``LUXI`` protocol has been made more consistent
   regarding its handling of command arguments. This, however, leads to
   incompatibility issues with previous versions. Please ensure that you
   restart Ganeti daemons soon after the upgrade, otherwise most
   ``LUXI`` calls (job submission, setting/resetting the drain flag,
   pausing/resuming the watcher, cancelling and archiving jobs, querying
   the cluster configuration) will fail.
203
204


205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
New features
~~~~~~~~~~~~

Instance run status
+++++++++++++++++++

The current ``admin_up`` field, which used to denote whether an instance
should be running or not, has been removed. Instead, ``admin_state`` is
introduced, with 3 possible values -- ``up``, ``down`` and ``offline``.

The rational behind this is that an instance being “down” can have
different meanings:

- it could be down during a reboot
- it could be temporarily be down for a reinstall
- or it could be down because it is deprecated and kept just for its
  disk

The previous Boolean state was making it difficult to do capacity
calculations: should Ganeti reserve memory for a down instance? Now, the
tri-state field makes it clear:

- in ``up`` and ``down`` state, all resources are reserved for the
  instance, and it can be at any time brought up if it is down
- in ``offline`` state, only disk space is reserved for it, but not
  memory or CPUs

The field can have an extra use: since the transition between ``up`` and
``down`` and vice-versus is done via ``gnt-instance start/stop``, but
transition between ``offline`` and ``down`` is done via ``gnt-instance
modify``, it is possible to given different rights to users. For
example, owners of an instance could be allowed to start/stop it, but
not transition it out of the offline state.

Instance policies and specs
+++++++++++++++++++++++++++

In previous Ganeti versions, an instance creation request was not
limited on the minimum size and on the maximum size just by the cluster
resources. As such, any policy could be implemented only in third-party
clients (RAPI clients, or shell wrappers over ``gnt-*``
tools). Furthermore, calculating cluster capacity via ``hspace`` again
required external input with regards to instance sizes.

In order to improve these workflows and to allow for example better
per-node group differentiation, we introduced instance specs, which
allow declaring:

- minimum instance disk size, disk count, memory size, cpu count
- maximum values for the above metrics
- and “standard” values (used in ``hspace`` to calculate the standard
  sized instances)

The minimum/maximum values can be also customised at node-group level,
for example allowing more powerful hardware to support bigger instance
memory sizes.

Beside the instance specs, there are a few other settings belonging to
the instance policy framework. It is possible now to customise, per
cluster and node-group:

- the list of allowed disk templates
- the maximum ratio of VCPUs per PCPUs (to control CPU oversubscription)
- the maximum ratio of instance to spindles (see below for more
  information) for local storage

All these together should allow all tools that talk to Ganeti to know
what are the ranges of allowed values for instances and the
over-subscription that is allowed.

For the VCPU/PCPU ratio, we already have the VCPU configuration from the
instance configuration, and the physical CPU configuration from the
node. For the spindle ratios however, we didn't track before these
values, so new parameters have been added:

- a new node parameter ``spindle_count``, defaults to 1, customisable at
  node group or node level
- at new backend parameter (for instances), ``spindle_use`` defaults to 1

Note that spindles in this context doesn't need to mean actual
mechanical hard-drives; it's just a relative number for both the node
I/O capacity and instance I/O consumption.

Instance migration behaviour
++++++++++++++++++++++++++++

While live-migration is in general desirable over failover, it is
possible that for some workloads it is actually worse, due to the
variable time of the “suspend” phase during live migration.

To allow the tools to work consistently over such instances (without
having to hard-code instance names), a new backend parameter
``always_failover`` has been added to control the migration/failover
behaviour. When set to True, all migration requests for an instance will
instead fall-back to failover.

Instance memory ballooning
++++++++++++++++++++++++++

Initial support for memory ballooning has been added. The memory for an
instance is no longer fixed (backend parameter ``memory``), but instead
can vary between minimum and maximum values (backend parameters
``minmem`` and ``maxmem``). Currently we only change an instance's
memory when:

- live migrating or failing over and instance and the target node
  doesn't have enough memory
- user requests changing the memory via ``gnt-instance modify
  --runtime-memory``

Instance CPU pinning
++++++++++++++++++++

In order to control the use of specific CPUs by instance, support for
controlling CPU pinning has been added for the Xen, HVM and LXC
hypervisors. This is controlled by a new hypervisor parameter
``cpu_mask``; details about possible values for this are in the
:manpage:`gnt-instance(8)`. Note that use of the most specific (precise
VCPU-to-CPU mapping) form will work well only when all nodes in your
cluster have the same amount of CPUs.

Disk parameters
+++++++++++++++

Another area in which Ganeti was not customisable were the parameters
used for storage configuration, e.g. how many stripes to use for LVM,
DRBD resync configuration, etc.

To improve this area, we've added disks parameters, which are
customisable at cluster and node group level, and which allow to
specify various parameters for disks (DRBD has the most parameters
currently), for example:

- DRBD resync algorithm and parameters (e.g. speed)
- the default VG for meta-data volumes for DRBD
- number of stripes for LVM (plain disk template)
- the RBD pool

These parameters can be modified via ``gnt-cluster modify -D …`` and
``gnt-group modify -D …``, and are used at either instance creation (in
case of LVM stripes, for example) or at disk “activation” time
(e.g. resync speed).

Rados block device support
++++++++++++++++++++++++++

A Rados (http://ceph.com/wiki/Rbd) storage backend has been added,
denoted by the ``rbd`` disk template type. This is considered
experimental, feedback is welcome. For details on configuring it, see
the :doc:`install` document and the :manpage:`gnt-cluster(8)` man page.

Master IP setup
+++++++++++++++

The existing master IP functionality works well only in simple setups (a
single network shared by all nodes); however, if nodes belong to
different networks, then the ``/32`` setup and lack of routing
information is not enough.

To allow the master IP to function well in more complex cases, the
system was reworked as follows:

- a master IP netmask setting has been added
- the master IP activation/turn-down code was moved from the node daemon
  to a separate script
- whether to run the Ganeti-supplied master IP script or a user-supplied
  on is a ``gnt-cluster init`` setting

Details about the location of the standard and custom setup scripts are
in the man page :manpage:`gnt-cluster(8)`; for information about the
setup script protocol, look at the Ganeti-supplied script.

SPICE support
+++++++++++++

The `SPICE <http://www.linux-kvm.org/page/SPICE>`_ support has been
improved.

It is now possible to use TLS-protected connections, and when renewing
or changing the cluster certificates (via ``gnt-cluster renew-crypto``,
it is now possible to specify spice or spice CA certificates. Also, it
is possible to configure a password for SPICE sessions via the
hypervisor parameter ``spice_password_file``.

There are also new parameters to control the compression and streaming
options (e.g. ``spice_image_compression``, ``spice_streaming_video``,
etc.). For details, see the man page :manpage:`gnt-instance(8)` and look
for the spice parameters.

Lastly, it is now possible to see the SPICE connection information via
``gnt-instance console``.

OVF converter
+++++++++++++

A new tool (``tools/ovfconverter``) has been added that supports
conversion between Ganeti and the `Open Virtualization Format
<http://en.wikipedia.org/wiki/Open_Virtualization_Format>`_ (both to and
from).

This relies on the ``qemu-img`` tool to convert the disk formats, so the
actual compatibility with other virtualization solutions depends on it.

Confd daemon changes
++++++++++++++++++++

The configuration query daemon (``ganeti-confd``) is now optional, and
has been rewritten in Haskell; whether to use the daemon at all, use the
Python (default) or the Haskell version is selectable at configure time
via the ``--enable-confd`` parameter, which can take one of the
``haskell``, ``python`` or ``no`` values. If not used, disabling the
daemon will result in a smaller footprint; for larger systems, we
welcome feedback on the Haskell version which might become the default
in future versions.

420
421
422
If you want to use ``gnt-node list-drbd`` you need to have the Haskell
daemon running. The Python version doesn't implement the new call.

423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440

User interface changes
~~~~~~~~~~~~~~~~~~~~~~

We have replaced the ``--disks`` option of ``gnt-instance
replace-disks`` with a more flexible ``--disk`` option, which allows
adding and removing disks at arbitrary indices (Issue 188). Furthermore,
disk size and mode can be changed upon recreation (via ``gnt-instance
recreate-disks``, which accepts the same ``--disk`` option).

As many people are used to a ``show`` command, we have added that as an
alias to ``info`` on all ``gnt-*`` commands.

The ``gnt-instance grow-disk`` command has a new mode in which it can
accept the target size of the disk, instead of the delta; this can be
more safe since two runs in absolute mode will be idempotent, and
sometimes it's also easier to specify the desired size directly.

441
442
443
444
Also the handling of instances with regard to offline secondaries has
been improved. Instance operations should not fail because one of it's
secondary nodes is offline, even though it's safe to proceed.

445
446
447
448
A new command ``list-drbd`` has been added to the ``gnt-node`` script to
support debugging of DRBD issues on nodes. It provides a mapping of DRBD
minors to instance name.

449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
API changes
~~~~~~~~~~~

RAPI coverage has improved, with (for example) new resources for
recreate-disks, node power-cycle, etc.

Compatibility
~~~~~~~~~~~~~

There is partial support for ``xl`` in the Xen hypervisor; feedback is
welcome.

Python 2.7 is better supported, and after Ganeti 2.6 we will investigate
whether to still support Python 2.4 or move to Python 2.6 as minimum
required version.

Iustin Pop's avatar
Iustin Pop committed
465
466
467
468
Support for Fedora has been slightly improved; the provided example
init.d script should work better on it and the INSTALL file should
document the needed dependencies.

469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
Internal changes
~~~~~~~~~~~~~~~~

The deprecated ``QueryLocks`` LUXI request has been removed. Use
``Query(what=QR_LOCK, ...)`` instead.

The LUXI requests :pyeval:`luxi.REQ_QUERY_JOBS`,
:pyeval:`luxi.REQ_QUERY_INSTANCES`, :pyeval:`luxi.REQ_QUERY_NODES`,
:pyeval:`luxi.REQ_QUERY_GROUPS`, :pyeval:`luxi.REQ_QUERY_EXPORTS` and
:pyeval:`luxi.REQ_QUERY_TAGS` are deprecated and will be removed in a
future version. :pyeval:`luxi.REQ_QUERY` should be used instead.

RAPI client: ``CertificateError`` now derives from
``GanetiApiError``. This should make it more easy to handle Ganeti
errors.

Deprecation warnings due to PyCrypto/paramiko import in
``tools/setup-ssh`` have been silenced, as usually they are safe; please
make sure to run an up-to-date paramiko version, if you use this tool.

The QA scripts now depend on Python 2.5 or above (the main code base
still works with Python 2.4).

The configuration file (``config.data``) is now written without
indentation for performance reasons; if you want to edit it, it can be
re-formatted via ``tools/fmtjson``.

A number of bugs has been fixed in the cluster merge tool.

``x509`` certification verification (used in import-export) has been
changed to allow the same clock skew as permitted by the cluster
verification. This will remove some rare but hard to diagnose errors in
import-export.

Iustin Pop's avatar
Iustin Pop committed
503
504
505
506
507
508
509
510
511
512
513
514
515
516

Version 2.6.0 rc4
-----------------

*(Released Thu, 19 Jul 2012)*

Very few changes from rc4 to the final release, only bugfixes:

- integrated fixes from release 2.5.2 (fix general boot flag for KVM
  instance, fix CDROM booting for KVM instances)
- fixed node group modification of node parameters
- fixed issue in LUClusterVerifyGroup with multi-group clusters
- fixed generation of bash completion to ensure a stable ordering
- fixed a few typos
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534


Version 2.6.0 rc3
-----------------

*(Released Fri, 13 Jul 2012)*

Third release candidate for 2.6. The following changes were done from
rc3 to rc4:

- Fixed ``UpgradeConfig`` w.r.t. to disk parameters on disk objects.
- Fixed an inconsistency in the LUXI protocol with the provided
  arguments (NOT backwards compatible)
- Fixed a bug with node groups ipolicy where ``min`` was greater than
  the cluster ``std`` value
- Implemented a new ``gnt-node list-drbd`` call to list DRBD minors for
  easier instance debugging on nodes (requires ``hconfd`` to work)

535

536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
Version 2.6.0 rc2
-----------------

*(Released Tue, 03 Jul 2012)*

Second release candidate for 2.6. The following changes were done from
rc2 to rc3:

- Fixed ``gnt-cluster verify`` regarding ``master-ip-script`` on non
  master candidates
- Fixed a RAPI regression on missing beparams/memory
- Fixed redistribution of files on offline nodes
- Added possibility to run activate-disks even though secondaries are
  offline. With this change it relaxes also the strictness on some other
  commands which use activate disks internally:
  * ``gnt-instance start|reboot|rename|backup|export``
- Made it possible to remove safely an instance if its secondaries are
  offline
- Made it possible to reinstall even though secondaries are offline


557
558
559
560
561
562
563
564
565
566
Version 2.6.0 rc1
-----------------

*(Released Mon, 25 Jun 2012)*

First release candidate for 2.6. The following changes were done from
rc1 to rc2:

- Fixed bugs with disk parameters and ``rbd`` templates as well as
  ``instance_os_add``
René Nussbaumer's avatar
René Nussbaumer committed
567
- Made ``gnt-instance modify`` more consistent regarding new NIC/Disk
568
569
570
571
572
573
  behaviour. It supports now the modify operation
- ``hcheck`` implemented to analyze cluster health and possibility of
  improving health by rebalance
- ``hbal`` has been improved in dealing with split instances


574
575
576
577
578
579
580
581
Version 2.6.0 beta2
-------------------

*(Released Mon, 11 Jun 2012)*

Second beta release of 2.6. The following changes were done from beta2
to rc1:

582
583
584
- Fixed ``daemon-util`` with non-root user models
- Fixed creation of plain instances with ``--no-wait-for-sync``
- Fix wrong iv_names when running ``cfgupgrade``
585
- Export more information in RAPI group queries
586
- Fixed bug when changing instance network interfaces
587
588
589
590
591
592
593
594
595
596
- Extended burnin to do NIC changes
- query: Added ``<``, ``>``, ``<=``, ``>=`` comparison operators
- Changed default for DRBD barriers
- Fixed DRBD error reporting for syncer rate
- Verify the options on disk parameters

And of course various fixes to documentation and improved unittests and
QA.


Iustin Pop's avatar
Iustin Pop committed
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
Version 2.6.0 beta1
-------------------

*(Released Wed, 23 May 2012)*

First beta release of 2.6. The following changes were done from beta1 to
beta2:

- integrated patch for distributions without ``start-stop-daemon``
- adapted example init.d script to work on Fedora
- fixed log handling in Haskell daemons
- adapted checks in the watcher for pycurl linked against libnss
- add partial support for ``xl`` instead of ``xm`` for Xen
- fixed a type issue in cluster verification
- fixed ssconf handling in the Haskell code (was breaking confd in IPv6
  clusters)

Plus integrated fixes from the 2.5 branch:

- fixed ``kvm-ifup`` to use ``/bin/bash``
- fixed parallel build failures
- KVM live migration when using a custom keymap


621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
Version 2.5.2
-------------

*(Released Tue, 24 Jul 2012)*

A small bugfix release, with no new features:

- fixed bash-isms in kvm-ifup, for compatibility with systems which use a
  different default shell (e.g. Debian, Ubuntu)
- fixed KVM startup and live migration with a custom keymap (fixes Issue
  243 and Debian bug #650664)
- fixed compatibility with KVM versions that don't support multiple boot
  devices (fixes Issue 230 and Debian bug #624256)

Additionally, a few fixes were done to the build system (fixed parallel
build failures) and to the unittests (fixed race condition in test for
Iustin Pop's avatar
Iustin Pop committed
637
638
FileID functions, and the default enable/disable mode for QA test is now
customisable).
639
640


641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
Version 2.5.1
-------------

*(Released Fri, 11 May 2012)*

A small bugfix release.

The main issues solved are on the topic of compatibility with newer LVM
releases:

- fixed parsing of ``lv_attr`` field
- adapted to new ``vgreduce --removemissing`` behaviour where sometimes
  the ``--force`` flag is needed

Also on the topic of compatibility, ``tools/lvmstrap`` has been changed
to accept kernel 3.x too (was hardcoded to 2.6.*).

A regression present in 2.5.0 that broke handling (in the gnt-* scripts)
of hook results and that also made display of other errors suboptimal
was fixed; the code behaves now like 2.4 and earlier.

Another change in 2.5, the cleanup of the OS scripts environment, is too
aggressive: it removed even the ``PATH`` variable, which requires the OS
scripts to *always* need to export it. Since this is a bit too strict,
we now export a minimal PATH, the same that we export for hooks.

The fix for issue 201 (Preserve bridge MTU in KVM ifup script) was
integrated into this release.

Finally, a few other miscellaneous changes were done (no new features,
just small improvements):

- Fix ``gnt-group --help`` display
- Fix hardcoded Xen kernel path
- Fix grow-disk handling of invalid units
- Update synopsis for ``gnt-cluster repair-disk-sizes``
- Accept both PUT and POST in noded (makes future upgrade to 2.6 easier)


680
681
Version 2.5.0
-------------
682

683
*(Released Thu, 12 Apr 2012)*
684

Michael Hanselmann's avatar
Michael Hanselmann committed
685
686
Incompatible/important changes and bugfixes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Iustin Pop's avatar
Iustin Pop committed
687

688
689
- The default of the ``/2/instances/[instance_name]/rename`` RAPI
  resource's ``ip_check`` parameter changed from ``True`` to ``False``
Michael Hanselmann's avatar
Michael Hanselmann committed
690
  to match the underlying LUXI interface.
691
692
693
694
695
- The ``/2/nodes/[node_name]/evacuate`` RAPI resource was changed to use
  body parameters, see :doc:`RAPI documentation <rapi>`. The server does
  not maintain backwards-compatibility as the underlying operation
  changed in an incompatible way. The RAPI client can talk to old
  servers, but it needs to be told so as the return value changed.
696
- When creating file-based instances via RAPI, the ``file_driver``
Michael Hanselmann's avatar
Michael Hanselmann committed
697
698
699
  parameter no longer defaults to ``loop`` and must be specified.
- The deprecated ``bridge`` NIC parameter is no longer supported. Use
  ``link`` instead.
700
701
702
- Support for the undocumented and deprecated RAPI instance creation
  request format version 0 has been dropped. Use version 1, supported
  since Ganeti 2.1.3 and :doc:`documented <rapi>`, instead.
703
- Pyparsing 1.4.6 or above is required, see :doc:`installation
Michael Hanselmann's avatar
Michael Hanselmann committed
704
  documentation <install>`.
705
- The "cluster-verify" hooks are now executed per group by the
Michael Hanselmann's avatar
Michael Hanselmann committed
706
707
708
  ``OP_CLUSTER_VERIFY_GROUP`` opcode. This maintains the same behavior
  if you just run ``gnt-cluster verify``, which generates one opcode per
  group.
Iustin Pop's avatar
Iustin Pop committed
709
710
- The environment as passed to the OS scripts is cleared, and thus no
  environment variables defined in the node daemon's environment will be
Michael Hanselmann's avatar
Michael Hanselmann committed
711
712
713
714
715
716
  inherited by the scripts.
- The :doc:`iallocator <iallocator>` mode ``multi-evacuate`` has been
  deprecated.
- :doc:`New iallocator modes <design-multi-reloc>` have been added to
  support operations involving multiple node groups.
- Offline nodes are ignored when failing over an instance.
717
718
- Support for KVM version 1.0, which changed the version reporting format
  from 3 to 2 digits.
719
720
- TCP/IP ports used by DRBD disks are returned to a pool upon instance
  removal.
721
- ``Makefile`` is now compatible with Automake 1.11.2
722
- Includes all bugfixes made in the 2.4 series
Michael Hanselmann's avatar
Michael Hanselmann committed
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750

New features
~~~~~~~~~~~~

- The ganeti-htools project has been merged into the ganeti-core source
  tree and will be built as part of Ganeti (see :doc:`install-quick`).
- Implemented support for :doc:`shared storage <design-shared-storage>`.
- Add support for disks larger than 2 TB in ``lvmstrap`` by supporting
  GPT-style partition tables (requires `parted
  <http://www.gnu.org/s/parted/>`_).
- Added support for floppy drive and 2nd CD-ROM drive in KVM hypervisor.
- Allowed adding tags on instance creation.
- Export instance tags to hooks (``INSTANCE_TAGS``, see :doc:`hooks`)
- Allow instances to be started in a paused state, enabling the user to
  see the complete console output on boot using the console.
- Added new hypervisor flag to control default reboot behaviour
  (``reboot_behavior``).
- Added support for KVM keymaps (hypervisor parameter ``keymap``).
- Improved out-of-band management support:

  - Added ``gnt-node health`` command reporting the health status of
    nodes.
  - Added ``gnt-node power`` command to manage power status of nodes.
  - Added command for emergency power-off (EPO), ``gnt-cluster epo``.

- Instance migration can fall back to failover if instance is not
  running.
- Filters can be used when listing nodes, instances, groups and locks;
751
  see :manpage:`ganeti(7)` manpage.
Michael Hanselmann's avatar
Michael Hanselmann committed
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
- Added post-execution status as variables to :doc:`hooks <hooks>`
  environment.
- Instance tags are exported/imported together with the instance.
- When given an explicit job ID, ``gnt-job info`` will work for archived
  jobs.
- Jobs can define dependencies on other jobs (not yet supported via
  RAPI or command line, but used by internal commands and usable via
  LUXI).

  - Lock monitor (``gnt-debug locks``) shows jobs waiting for
    dependencies.

- Instance failover is now available as a RAPI resource
  (``/2/instances/[instance_name]/failover``).
- ``gnt-instance info`` defaults to static information if primary node
  is offline.
- Opcodes have a new ``comment`` attribute.
769
- Added basic SPICE support to KVM hypervisor.
770
- ``tools/ganeti-listrunner`` allows passing of arguments to executable.
Michael Hanselmann's avatar
Michael Hanselmann committed
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803

Node group improvements
~~~~~~~~~~~~~~~~~~~~~~~

- ``gnt-cluster verify`` has been modified to check groups separately,
  thereby improving performance.
- Node group support has been added to ``gnt-cluster verify-disks``,
  which now operates per node group.
- Watcher has been changed to work better with node groups.

  - One process and state file per node group.
  - Slow watcher in one group doesn't block other group's watcher.

- Added new command, ``gnt-group evacuate``, to move all instances in a
  node group to other groups.
- Added ``gnt-instance change-group`` to move an instance to another
  node group.
- ``gnt-cluster command`` and ``gnt-cluster copyfile`` now support
  per-group operations.
- Node groups can be tagged.
- Some operations switch from an exclusive to a shared lock as soon as
  possible.
- Instance's primary and secondary nodes' groups are now available as
  query fields (``pnode.group``, ``pnode.group.uuid``, ``snodes.group``
  and ``snodes.group.uuid``).

Misc
~~~~

- Numerous updates to documentation and manpages.

  - :doc:`RAPI <rapi>` documentation now has detailed parameter
    descriptions.
804
805
  - Some opcode/job results are now also documented, see :doc:`RAPI
    <rapi>`.
Michael Hanselmann's avatar
Michael Hanselmann committed
806
807
808
809
810
811
812
813

- A lockset's internal lock is now also visible in lock monitor.
- Log messages from job queue workers now contain information about the
  opcode they're processing.
- ``gnt-instance console`` no longer requires the instance lock.
- A short delay when waiting for job changes reduces the number of LUXI
  requests significantly.
- DRBD metadata volumes are overwritten with zeros during disk creation.
814
815
- Out-of-band commands no longer acquire the cluster lock in exclusive
  mode.
816
817
818
- ``devel/upload`` now uses correct permissions for directories.


819
820
821
822
823
824
825
826
Version 2.5.0 rc6
-----------------

*(Released Fri, 23 Mar 2012)*

This was the sixth release candidate of the 2.5 series.


827
828
829
830
831
832
Version 2.5.0 rc5
-----------------

*(Released Mon, 9 Jan 2012)*

This was the fifth release candidate of the 2.5 series.
833
834


835
836
837
838
839
840
841
842
Version 2.5.0 rc4
-----------------

*(Released Thu, 27 Oct 2011)*

This was the fourth release candidate of the 2.5 series.


Michael Hanselmann's avatar
Michael Hanselmann committed
843
844
845
846
847
848
849
850
Version 2.5.0 rc3
-----------------

*(Released Wed, 26 Oct 2011)*

This was the third release candidate of the 2.5 series.


Michael Hanselmann's avatar
Michael Hanselmann committed
851
852
853
854
855
856
857
858
Version 2.5.0 rc2
-----------------

*(Released Tue, 18 Oct 2011)*

This was the second release candidate of the 2.5 series.


Michael Hanselmann's avatar
Michael Hanselmann committed
859
860
861
862
863
864
865
866
Version 2.5.0 rc1
-----------------

*(Released Tue, 4 Oct 2011)*

This was the first release candidate of the 2.5 series.


Michael Hanselmann's avatar
Michael Hanselmann committed
867
868
869
870
871
872
873
874
Version 2.5.0 beta3
-------------------

*(Released Wed, 31 Aug 2011)*

This was the third beta release of the 2.5 series.


875
876
877
878
879
880
881
882
Version 2.5.0 beta2
-------------------

*(Released Mon, 22 Aug 2011)*

This was the second beta release of the 2.5 series.


883
884
885
886
887
888
889
890
Version 2.5.0 beta1
-------------------

*(Released Fri, 12 Aug 2011)*

This was the first beta release of the 2.5 series.


891
892
893
Version 2.4.5
-------------

894
*(Released Thu, 27 Oct 2011)*
895
896
897
898
899
900

- Fixed bug when parsing command line parameter values ending in
  backslash
- Fixed assertion error after unclean master shutdown
- Disable HTTP client pool for RPC, significantly reducing memory usage
  of master daemon
901
- Fixed queue archive creation with wrong permissions
902
903


René Nussbaumer's avatar
René Nussbaumer committed
904
905
906
907
908
909
910
911
912
913
914
915
Version 2.4.4
-------------

*(Released Tue, 23 Aug 2011)*

Small bug-fixes:

- Fixed documentation for importing with ``--src-dir`` option
- Fixed a bug in ``ensure-dirs`` with queue/archive permissions
- Fixed a parsing issue with DRBD 8.3.11 in the Linux kernel


Iustin Pop's avatar
Iustin Pop committed
916
917
918
Version 2.4.3
-------------

René Nussbaumer's avatar
René Nussbaumer committed
919
*(Released Fri, 5 Aug 2011)*
920
921
922
923
924
925
926
927
928
929
930
931
932
933

Many bug-fixes and a few small features:

- Fixed argument order in ``ReserveLV`` and ``ReserveMAC`` which caused
  issues when you tried to add an instance with two MAC addresses in one
  request
- KVM: fixed per-instance stored UID value
- KVM: configure bridged NICs at migration start
- KVM: Fix a bug where instance will not start with never KVM versions
  (>= 0.14)
- Added OS search path to ``gnt-cluster info``
- Fixed an issue with ``file_storage_dir`` where you were forced to
  provide an absolute path, but the documentation states it is a
  relative path, the documentation was right
Iustin Pop's avatar
Iustin Pop committed
934
935
- Added a new parameter to instance stop/start called ``--no-remember``
  that will make the state change to not be remembered
936
937
938
939
940
941
942
943
944
945
946
- Implemented ``no_remember`` at RAPI level
- Improved the documentation
- Node evacuation: don't call IAllocator if node is already empty
- Fixed bug in DRBD8 replace disks on current nodes
- Fixed bug in recreate-disks for DRBD instances
- Moved assertion checking locks in ``gnt-instance replace-disks``
  causing it to abort with not owning the right locks for some situation
- Job queue: Fixed potential race condition when cancelling queued jobs
- Fixed off-by-one bug in job serial generation
- ``gnt-node volumes``: Fix instance names
- Fixed aliases in bash completion
Michael Hanselmann's avatar
Michael Hanselmann committed
947
- Fixed a bug in reopening log files after being sent a SIGHUP
948
949
- Added a flag to burnin to allow specifying VCPU count
- Bugfixes to non-root Ganeti configuration
Iustin Pop's avatar
Iustin Pop committed
950
951


952
953
954
Version 2.4.2
-------------

955
*(Released Thu, 12 May 2011)*
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016

Many bug-fixes and a few new small features:

- Fixed a bug related to log opening failures
- Fixed a bug in instance listing with orphan instances
- Fixed a bug which prevented resetting the cluster-level node parameter
  ``oob_program`` to the default
- Many fixes related to the ``cluster-merge`` tool
- Fixed a race condition in the lock monitor, which caused failures
  during (at least) creation of many instances in parallel
- Improved output for gnt-job info
- Removed the quiet flag on some ssh calls which prevented debugging
  failures
- Improved the N+1 failure messages in cluster verify by actually
  showing the memory values (needed and available)
- Increased lock attempt timeouts so that when executing long operations
  (e.g. DRBD replace-disks) other jobs do not enter 'blocking acquire'
  too early and thus prevent the use of the 'fair' mechanism
- Changed instance query data (``gnt-instance info``) to not acquire
  locks unless needed, thus allowing its use on locked instance if only
  static information is asked for
- Improved behaviour with filesystems that do not support rename on an
  opened file
- Fixed the behaviour of ``prealloc_wipe_disks`` cluster parameter which
  kept locks on all nodes during the wipe, which is unneeded
- Fixed ``gnt-watcher`` handling of errors during hooks execution
- Fixed bug in ``prealloc_wipe_disks`` with small disk sizes (less than
  10GiB) which caused the wipe to fail right at the end in some cases
- Fixed master IP activation when doing master failover with no-voting
- Fixed bug in ``gnt-node add --readd`` which allowed the re-adding of
  the master node itself
- Fixed potential data-loss in under disk full conditions, where Ganeti
  wouldn't check correctly the return code and would consider
  partially-written files 'correct'
- Fixed bug related to multiple VGs and DRBD disk replacing
- Added new disk parameter ``metavg`` that allows placement of the meta
  device for DRBD in a different volume group
- Fixed error handling in the node daemon when the system libc doesn't
  have major number 6 (i.e. if ``libc.so.6`` is not the actual libc)
- Fixed lock release during replace-disks, which kept cluster-wide locks
  when doing disk replaces with an iallocator script
- Added check for missing bridges in cluster verify
- Handle EPIPE errors while writing to the terminal better, so that
  piping the output to e.g. ``less`` doesn't cause a backtrace
- Fixed rare case where a ^C during Luxi calls could have been
  interpreted as server errors, instead of simply terminating
- Fixed a race condition in LUGroupAssignNodes (``gnt-group
  assign-nodes``)
- Added a few more parameters to the KVM hypervisor, allowing a second
  CDROM, custom disk type for CDROMs and a floppy image
- Removed redundant message in instance rename when the name is given
  already as a FQDN
- Added option to ``gnt-instance recreate-disks`` to allow creating the
  disks on new nodes, allowing recreation when the original instance
  nodes are completely gone
- Added option when converting disk templates to DRBD to skip waiting
  for the resync, in order to make the instance available sooner
- Added two new variables to the OS scripts environment (containing the
  instance's nodes)
- Made the root_path and optional parameter for the xen-pvm hypervisor,
  to allow use of ``pvgrub`` as bootloader
1017
1018
1019
- Changed the instance memory modifications to only check out-of-memory
  conditions on memory increases, and turned the secondary node warnings
  into errors (they can still be overridden via ``--force``)
1020
1021
1022
- Fixed the handling of a corner case when the Python installation gets
  corrupted (e.g. a bad disk) while ganeti-noded is running and we try
  to execute a command that doesn't exist
Iustin Pop's avatar
Iustin Pop committed
1023
1024
1025
- Fixed a bug in ``gnt-instance move`` (LUInstanceMove) when the primary
  node of the instance returned failures during instance shutdown; this
  adds the option ``--ignore-consistency`` to gnt-instance move
1026
1027
1028
1029

And as usual, various improvements to the error messages, documentation
and man pages.

1030

Iustin Pop's avatar
Iustin Pop committed
1031
1032
1033
1034
1035
1036
Version 2.4.1
-------------

*(Released Wed, 09 Mar 2011)*

Emergency bug-fix release. ``tools/cfgupgrade`` was broken and overwrote
Michael Hanselmann's avatar
Michael Hanselmann committed
1037
the RAPI users file if run twice (even with ``--dry-run``).
Iustin Pop's avatar
Iustin Pop committed
1038
1039
1040
1041

The release fixes that bug (nothing else changed).


Iustin Pop's avatar
Iustin Pop committed
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
Version 2.4.0
-------------

*(Released Mon, 07 Mar 2011)*

Final 2.4.0 release. Just a few small fixes:

- Fixed RAPI node evacuate
- Fixed the kvm-ifup script
- Fixed internal error handling for special job cases
- Updated man page to specify the escaping feature for options


Iustin Pop's avatar
Iustin Pop committed
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
Version 2.4.0 rc3
-----------------

*(Released Mon, 28 Feb 2011)*

A critical fix for the ``prealloc_wipe_disks`` feature: it is possible
that this feature wiped the disks of the wrong instance, leading to loss
of data.

Other changes:

1066
1067
1068
- Fixed title of query field containing instance name
- Expanded the glossary in the documentation
- Fixed one unittest (internal issue)
Iustin Pop's avatar
Iustin Pop committed
1069
1070


1071
1072
1073
1074
1075
1076
1077
1078
Version 2.4.0 rc2
-----------------

*(Released Mon, 21 Feb 2011)*

A number of bug fixes plus just a couple functionality changes.

On the user-visible side, the ``gnt-* list`` command output has changed
1079
1080
1081
with respect to "special" field states. The current rc1 style of display
can be re-enabled by passing a new ``--verbose`` (``-v``) flag, but in
the default output mode special fields states are displayed as follows:
1082

1083
1084
1085
1086
- Offline resource: ``*``
- Unavailable/not applicable: ``-``
- Data missing (RPC failure): ``?``
- Unknown field: ``??``
1087
1088
1089
1090
1091
1092
1093

Another user-visible change is the addition of ``--force-join`` to
``gnt-node add``.

As for bug fixes:

- ``tools/cluster-merge`` has seen many fixes and is now enabled again
1094
- Fixed regression in RAPI/instance reinstall where all parameters were
1095
  required (instead of optional)
1096
1097
1098
1099
- Fixed ``gnt-cluster repair-disk-sizes``, was broken since Ganeti 2.2
- Fixed iallocator usage (offline nodes were not considered offline)
- Fixed ``gnt-node list`` with respect to non-vm_capable nodes
- Fixed hypervisor and OS parameter validation with respect to
1100
  non-vm_capable nodes
1101
- Fixed ``gnt-cluster verify`` with respect to offline nodes (mostly
1102
  cosmetic)
1103
- Fixed ``tools/listrunner`` with respect to agent-based usage
1104
1105


1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
Version 2.4.0 rc1
-----------------

*(Released Fri,  4 Feb 2011)*

Many changes and fixes since the beta1 release. While there were some
internal changes, the code has been mostly stabilised for the RC
release.

Note: the dumb allocator was removed in this release, as it was not kept
up-to-date with the IAllocator protocol changes. It is recommended to
use the ``hail`` command from the ganeti-htools package.

Note: the 2.4 and up versions of Ganeti are not compatible with the
0.2.x branch of ganeti-htools. You need to upgrade to
ganeti-htools-0.3.0 (or later).

Regressions fixed from 2.3
~~~~~~~~~~~~~~~~~~~~~~~~~~

- Fixed the ``gnt-cluster verify-disks`` command
- Made ``gnt-cluster verify-disks`` work in parallel (as opposed to
  serially on nodes)
- Fixed disk adoption breakage
- Fixed wrong headers in instance listing for field aliases

Other bugs fixed
~~~~~~~~~~~~~~~~

- Fixed corner case in KVM handling of NICs
- Fixed many cases of wrong handling of non-vm_capable nodes
- Fixed a bug where a missing instance symlink was not possible to
  recreate with any ``gnt-*`` command (now ``gnt-instance
  activate-disks`` does it)
- Fixed the volume group name as reported by ``gnt-cluster
  verify-disks``
- Increased timeouts for the import-export code, hopefully leading to
  fewer aborts due network or instance timeouts
- Fixed bug in ``gnt-node list-storage``
- Fixed bug where not all daemons were started on cluster
  initialisation, but only at the first watcher run
- Fixed many bugs in the OOB implementation
- Fixed watcher behaviour in presence of instances with offline
  secondaries
- Fixed instance list output for instances running on the wrong node
- a few fixes to the cluster-merge tool, but it still cannot merge
  multi-node groups (currently it is not recommended to use this tool)


Improvements
~~~~~~~~~~~~

- Improved network configuration for the KVM hypervisor
- Added e1000 as a supported NIC for Xen-HVM
- Improved the lvmstrap tool to also be able to use partitions, as
  opposed to full disks
- Improved speed of disk wiping (the cluster parameter
  ``prealloc_wipe_disks``, so that it has a low impact on the total time
  of instance creations
- Added documentation for the OS parameters
- Changed ``gnt-instance deactivate-disks`` so that it can work if the
  hypervisor is not responding
- Added display of blacklisted and hidden OS information in
  ``gnt-cluster info``
- Extended ``gnt-cluster verify`` to also validate hypervisor, backend,
  NIC and node parameters, which might create problems with currently
  invalid (but undetected) configuration files, but prevents validation
  failures when unrelated parameters are modified
- Changed cluster initialisation to wait for the master daemon to become
  available
- Expanded the RAPI interface:

  - Added config redistribution resource
  - Added activation/deactivation of instance disks
  - Added export of console information

- Implemented log file reopening on SIGHUP, which allows using
  logrotate(8) for the Ganeti log files
- Added a basic OOB helper script as an example


1187
1188
Version 2.4.0 beta1
-------------------
1189

1190
*(Released Fri, 14 Jan 2011)*
1191

1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
User-visible
~~~~~~~~~~~~

- Fixed timezone issues when formatting timestamps
- Added support for node groups, available via ``gnt-group`` and other
  commands
- Added out-of-band framework and management, see :doc:`design
  document <design-oob>`
- Removed support for roman numbers from ``gnt-node list`` and
  ``gnt-instance list``.
- Allowed modification of master network interface via ``gnt-cluster
  modify --master-netdev``
- Accept offline secondaries while shutting down instance disks
- Added ``blockdev_prefix`` parameter to Xen PVM and HVM hypervisors
- Added support for multiple LVM volume groups
- Avoid sorting nodes for ``gnt-node list`` if specific nodes are
  requested
- Added commands to list available fields:

  - ``gnt-node list-fields``
  - ``gnt-group list-fields``
  - ``gnt-instance list-fields``

- Updated documentation and man pages

Integration
~~~~~~~~~~~

1220
- Moved ``rapi_users`` file into separate directory, now named
1221
  ``.../ganeti/rapi/users``, ``cfgupgrade`` moves the file and creates a
1222
1223
1224
  symlink
- Added new tool for running commands on many machines,
  ``tools/ganeti-listrunner``
1225
- Implemented more verbose result in ``OpInstanceConsole`` opcode, also
1226
1227
1228
1229
1230
1231
  improving the ``gnt-instance console`` output
- Allowed customisation of disk index separator at ``configure`` time
- Export node group allocation policy to :doc:`iallocator <iallocator>`
- Added support for non-partitioned md disks in ``lvmstrap``
- Added script to gracefully power off KVM instances
- Split ``utils`` module into smaller parts
1232
1233
1234
1235
- Changed query operations to return more detailed information, e.g.
  whether an information is unavailable due to an offline node. To use
  this new functionality, the LUXI call ``Query`` must be used. Field
  information is now stored by the master daemon and can be retrieved
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
  using ``QueryFields``. Instances, nodes and groups can also be queried
  using the new opcodes ``OpQuery`` and ``OpQueryFields`` (not yet
  exposed via RAPI). The following commands make use of this
  infrastructure change:

  - ``gnt-group list``
  - ``gnt-group list-fields``
  - ``gnt-node list``
  - ``gnt-node list-fields``
  - ``gnt-instance list``
  - ``gnt-instance list-fields``
  - ``gnt-debug locks``

Remote API
~~~~~~~~~~

- New RAPI resources (see :doc:`rapi`):

  - ``/2/modify``
  - ``/2/groups``
  - ``/2/groups/[group_name]``
  - ``/2/groups/[group_name]/assign-nodes``
  - ``/2/groups/[group_name]/modify``
  - ``/2/groups/[group_name]/rename``
  - ``/2/instances/[instance_name]/disk/[disk_index]/grow``

- RAPI changes:

  - Implemented ``no_install`` for instance creation
  - Implemented OS parameters for instance reinstallation, allowing
    use of special settings on reinstallation (e.g. for preserving data)

Misc
~~~~

- Added IPv6 support in import/export
- Pause DRBD synchronization while wiping disks on instance creation
- Updated unittests and QA scripts
- Improved network parameters passed to KVM
- Converted man pages from docbook to reStructuredText
1276
1277


Michael Hanselmann's avatar
Michael Hanselmann committed
1278
1279
1280
1281
1282
1283
1284
1285
Version 2.3.1
-------------

*(Released Mon, 20 Dec 2010)*

Released version 2.3.1~rc1 without any changes.


1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
Version 2.3.1 rc1
-----------------

*(Released Wed, 1 Dec 2010)*

- impexpd: Disable OpenSSL compression in socat if possible (backport
  from master, commit e90739d625b, see :doc:`installation guide
  <install-quick>` for details)
- Changed unittest coverage report to exclude test scripts
- Added script to check version format


Michael Hanselmann's avatar
Michael Hanselmann committed
1298
1299
1300
1301
1302
1303
1304
1305
Version 2.3.0
-------------

*(Released Wed, 1 Dec 2010)*

Released version 2.3.0~rc1 without any changes.


1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
Version 2.3.0 rc1
-----------------

*(Released Fri, 19 Nov 2010)*

A number of bugfixes and documentation updates:

- Update ganeti-os-interface documentation
- Fixed a bug related to duplicate MACs or similar items which should be
  unique
- Fix breakage in OS state modify
- Reinstall instance: disallow offline secondaries (fixes bug related to
  OS changing but reinstall failing)
- plus all the other fixes between 2.2.1 and 2.2.2


Michael Hanselmann's avatar
Michael Hanselmann committed
1322
1323
Version 2.3.0 rc0
-----------------
René Nussbaumer's avatar
René Nussbaumer committed
1324

1325
*(Released Tue, 2 Nov 2010)*
René Nussbaumer's avatar
René Nussbaumer committed
1326

1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
- Fixed clearing of the default iallocator using ``gnt-cluster modify``
- Fixed master failover race with watcher
- Fixed a bug in ``gnt-node modify`` which could lead to an inconsistent
  configuration
- Accept previously stopped instance for export with instance removal
- Simplify and extend the environment variables for instance OS scripts
- Added new node flags, ``master_capable`` and ``vm_capable``
- Added optional instance disk wiping prior during allocation. This is a
  cluster-wide option and can be set/modified using
  ``gnt-cluster {init,modify} --prealloc-wipe-disks``.
- Added IPv6 support, see :doc:`design document <design-2.3>` and
  :doc:`install-quick`
- Added a new watcher option (``--ignore-pause``)
- Added option to ignore offline node on instance start/stop
  (``--ignore-offline``)
- Allow overriding OS parameters with ``gnt-instance reinstall``
1343
1344
- Added ability to change node's secondary IP address using ``gnt-node
  modify``
1345
1346
1347
1348
1349
1350
1351
1352
- Implemented privilege separation for all daemons except
  ``ganeti-noded``, see ``configure`` options
- Complain if an instance's disk is marked faulty in ``gnt-cluster
  verify``
- Implemented job priorities (see ``ganeti(7)`` manpage)
- Ignore failures while shutting down instances during failover from
  offline node
- Exit daemon's bootstrap process only once daemon is ready
1353
- Export more information via ``LUInstanceQuery``/remote API
1354
1355
1356
1357
1358
- Improved documentation, QA and unittests
- RAPI daemon now watches ``rapi_users`` all the time and doesn't need a
  restart if the file was created or changed
- Added LUXI protocol version sent with each request and response,
  allowing detection of server/client mismatches
Michael Hanselmann's avatar
Michael Hanselmann committed
1359
- Moved the Python scripts among gnt-* and ganeti-* into modules
1360
1361
1362
1363
- Moved all code related to setting up SSH to an external script,
  ``setup-ssh``
- Infrastructure changes for node group support in future versions

René Nussbaumer's avatar
René Nussbaumer committed
1364

1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
Version 2.2.2
-------------

*(Released Fri, 19 Nov 2010)*

A few small bugs fixed, and some improvements to the build system:

- Fix documentation regarding conversion to drbd
- Fix validation of parameters in cluster modify (``gnt-cluster modify
  -B``)
- Fix error handling in node modify with multiple changes
- Allow remote imports without checked names


1379
1380
1381
1382
1383
1384
1385
1386
Version 2.2.1
-------------

*(Released Tue, 19 Oct 2010)*

- Disable SSL session ID cache in RPC client


Iustin Pop's avatar
Iustin Pop committed
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
Version 2.2.1 rc1
-----------------

*(Released Thu, 14 Oct 2010)*

- Fix interaction between Curl/GnuTLS and the Python's HTTP server
  (thanks Apollon Oikonomopoulos!), finally allowing the use of Curl
  with GnuTLS
- Fix problems with interaction between Curl and Python's HTTP server,
  resulting in increased speed in many RPC calls
- Improve our release script to prevent breakage with older aclocal and
  Python 2.6

1400

Michael Hanselmann's avatar
Michael Hanselmann committed
1401
1402
1403
1404
1405
Version 2.2.1 rc0
-----------------

*(Released Thu, 7 Oct 2010)*

1406
- Fixed issue 125, replace hardcoded "xenvg" in ``gnt-cluster`` with
Michael Hanselmann's avatar
Michael Hanselmann committed
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
  value retrieved from master
- Added support for blacklisted or hidden OS definitions
- Added simple lock monitor (accessible via (``gnt-debug locks``)
- Added support for -mem-path in KVM hypervisor abstraction layer
- Allow overriding instance parameters in tool for inter-cluster
  instance moves (``tools/move-instance``)
- Improved opcode summaries (e.g. in ``gnt-job list``)
- Improve consistency of OS listing by sorting it
- Documentation updates


Guido Trotter's avatar
Guido Trotter committed
1418
1419
1420
1421
1422
1423
1424
1425
Version 2.2.0.1
---------------

*(Released Fri, 8 Oct 2010)*

- Rebuild with a newer autotools version, to fix python 2.6 compatibility


1426
1427
1428
1429
1430
1431
1432
1433
Version 2.2.0
-------------

*(Released Mon, 4 Oct 2010)*

- Fixed regression in ``gnt-instance rename``


Michael Hanselmann's avatar
Michael Hanselmann committed
1434
1435
1436
Version 2.2.0 rc2
-----------------

1437
*(Released Wed, 22 Sep 2010)*
Michael Hanselmann's avatar
Michael Hanselmann committed
1438
1439
1440
1441
1442
1443
1444

- Fixed OS_VARIANT variable for OS scripts
- Fixed cluster tag operations via RAPI
- Made ``setup-ssh`` exit with non-zero code if an error occurred
- Disabled RAPI CA checks in watcher


Michael Hanselmann's avatar
Michael Hanselmann committed
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
Version 2.2.0 rc1
-----------------

*(Released Mon, 23 Aug 2010)*

- Support DRBD versions of the format "a.b.c.d"
- Updated manpages
- Re-introduce support for usage from multiple threads in RAPI client
- Instance renames and modify via RAPI
- Work around race condition between processing and archival in job
  queue
- Mark opcodes following failed one as failed, too
- Job field ``lock_status`` was removed due to difficulties making it
  work with the changed job queue in Ganeti 2.2; a better way to monitor
  locks is expected for a later 2.2.x release
- Fixed dry-run behaviour with many commands
- Support ``ssh-agent`` again when adding nodes
- Many additional bugfixes


1465
1466
1467
Version 2.2.0 rc0
-----------------

Iustin Pop's avatar
Iustin Pop committed
1468
*(Released Fri, 30 Jul 2010)*
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540

Important change: the internal RPC mechanism between Ganeti nodes has
changed from using a home-grown http library (based on the Python base
libraries) to use the PycURL library. This requires that PycURL is
installed on nodes. Please note that on Debian/Ubuntu, PycURL is linked
against GnuTLS by default. cURL's support for GnuTLS had known issues
before cURL 7.21.0 and we recommend using the latest cURL release or
linking against OpenSSL. Most other distributions already link PycURL
and cURL against OpenSSL. The command::

  python -c 'import pycurl; print pycurl.version'

can be used to determine the libraries PycURL and cURL are linked
against.

Other significant changes:

- Rewrote much of the internals of the job queue, in order to achieve
  better parallelism; this decouples job query operations from the job
  processing, and it should allow much nicer behaviour of the master
  daemon under load, and it also has uncovered some long-standing bugs
  related to the job serialisation (now fixed)
- Added a default iallocator setting to the cluster parameters,
  eliminating the need to always pass nodes or an iallocator for
  operations that require selection of new node(s)
- Added experimental support for the LXC virtualization method
- Added support for OS parameters, which allows the installation of
  instances to pass parameter to OS scripts in order to customise the
  instance
- Added a hypervisor parameter controlling the migration type (live or
  non-live), since hypervisors have various levels of reliability; this
  has renamed the 'live' parameter to 'mode'
- Added a cluster parameter ``reserved_lvs`` that denotes reserved
  logical volumes, meaning that cluster verify will ignore them and not
  flag their presence as errors
- The watcher will now reset the error count for failed instances after
  8 hours, thus allowing self-healing if the problem that caused the
  instances to be down/fail to start has cleared in the meantime
- Added a cluster parameter ``drbd_usermode_helper`` that makes Ganeti
  check for, and warn, if the drbd module parameter ``usermode_helper``
  is not consistent with the cluster-wide setting; this is needed to
  make diagnose easier of failed drbd creations
- Started adding base IPv6 support, but this is not yet
  enabled/available for use
- Rename operations (cluster, instance) will now return the new name,
  which is especially useful if a short name was passed in
- Added support for instance migration in RAPI
- Added a tool to pre-configure nodes for the SSH setup, before joining
  them to the cluster; this will allow in the future a simplified model
  for node joining (but not yet fully enabled in 2.2); this needs the
  paramiko python library
- Fixed handling of name-resolving errors
- Fixed consistency of job results on the error path
- Fixed master-failover race condition when executed multiple times in
  sequence
- Fixed many bugs related to the job queue (mostly introduced during the
  2.2 development cycle, so not all are impacting 2.1)
- Fixed instance migration with missing disk symlinks
- Fixed handling of unknown jobs in ``gnt-job archive``
- And many other small fixes/improvements

Internal changes:

- Enhanced both the unittest and the QA coverage
- Switched the opcode validation to a generic model, and extended the
  validation to all opcode parameters
- Changed more parts of the code that write shell scripts to use the
  same class for this
- Switched the master daemon to use the asyncore library for the Luxi
  server endpoint


1541
1542
Version 2.2.0 beta0
-------------------
1543
1544

*(Released Thu, 17 Jun 2010)*
1545

1546
1547
1548
1549
- Added tool (``move-instance``) and infrastructure to move instances
  between separate clusters (see :doc:`separate documentation
  <move-instance>` and :doc:`design document <design-2.2>`)
- Added per-request RPC timeout
1550
1551
- RAPI now requires a Content-Type header for requests with a body (e.g.
  ``PUT`` or ``POST``) which must be set to ``application/json`` (see
1552
  :rfc:`2616` (HTTP/1.1), section 7.2.1)
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
- ``ganeti-watcher`` attempts to restart ``ganeti-rapi`` if RAPI is not
  reachable
- Implemented initial support for running Ganeti daemons as separate
  users, see configure-time flags ``--with-user-prefix`` and
  ``--with-group-prefix`` (only ``ganeti-rapi`` is supported at this
  time)
- Instances can be removed after export (``gnt-backup export
  --remove-instance``)
- Self-signed certificates generated by Ganeti now use a 2048 bit RSA
  key (instead of 1024 bit)
- Added new cluster configuration file for cluster domain secret
- Import/export now use SSL instead of SSH
- Added support for showing estimated time when exporting an instance,
  see the ``ganeti-os-interface(7)`` manpage and look for
  ``EXP_SIZE_FD``
1568

1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579

Version 2.1.8
-------------

*(Released Tue, 16 Nov 2010)*

Some more bugfixes. Unless critical bugs occur, this will be the last
2.1 release:

- Fix case of MAC special-values
- Fix mac checker regex
1580
- backend: Fix typo causing "out of range" error
1581
1582
1583
- Add missing --units in gnt-instance list man page


1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
Version 2.1.7
-------------

*(Released Tue, 24 Aug 2010)*

Bugfixes only:
  - Don't ignore secondary node silently on non-mirrored disk templates
    (issue 113)
  - Fix --master-netdev arg name in gnt-cluster(8) (issue 114)
  - Fix usb_mouse parameter breaking with vnc_console (issue 109)
  - Properly document the usb_mouse parameter
  - Fix path in ganeti-rapi(8) (issue 116)
  - Adjust error message when the ganeti user's .ssh directory is
    missing
  - Add same-node-check when changing the disk template to drbd

1600

Guido Trotter's avatar
Guido Trotter committed
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
Version 2.1.6
-------------

*(Released Fri, 16 Jul 2010)*

Bugfixes only:
  - Add an option to only select some reboot types during qa/burnin.
    (on some hypervisors consequent reboots are not supported)
  - Fix infrequent race condition in master failover. Sometimes the old
    master ip address would be still detected as up for a short time
    after it was removed, causing failover to fail.
  - Decrease mlockall warnings when the ctypes module is missing. On
    Python 2.4 we support running even if no ctypes module is installed,
    but we were too verbose about this issue.
  - Fix building on old distributions, on which man doesn't have a
    --warnings option.
  - Fix RAPI not to ignore the MAC address on instance creation
  - Implement the old instance creation format in the RAPI client.


1621
1622
1623
Version 2.1.5
-------------

1624
*(Released Thu, 01 Jul 2010)*
1625
1626
1627
1628
1629
1630

A small bugfix release:
  - Fix disk adoption: broken by strict --disk option checking in 2.1.4
  - Fix batch-create: broken in the whole 2.1 series due to a lookup on
    a non-existing option
  - Fix instance create: the --force-variant option was ignored
1631
1632
1633
1634
1635
1636
  - Improve pylint 0.21 compatibility and warnings with Python 2.6
  - Fix modify node storage with non-FQDN arguments
  - Fix RAPI client to authenticate under Python 2.6 when used
    for more than 5 requests needing authentication
  - Fix gnt-instance modify -t (storage) giving a wrong error message
    when converting a non-shutdown drbd instance to plain
1637

Guido Trotter's avatar
Guido Trotter committed
1638

Guido Trotter's avatar
Guido Trotter committed
1639
1640
1641
Version 2.1.4
-------------

1642
*(Released Fri, 18 Jun 2010)*
Guido Trotter's avatar
Guido Trotter committed
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656

A small bugfix release:

  - Fix live migration of KVM instances started with older Ganeti
    versions which had fewer hypervisor parameters
  - Fix gnt-instance grow-disk on down instances
  - Fix an error-reporting bug during instance migration
  - Better checking of the ``--net`` and ``--disk`` values, to avoid
    silently ignoring broken ones
  - Fix an RPC error reporting bug affecting, for example, RAPI client
    users
  - Fix bug triggered by different API version os-es on different nodes
  - Fix a bug in instance startup with custom hvparams: OS level
    parameters would fail to be applied.
1657
1658
1659
  - Fix the RAPI client under Python 2.6 (but more work is needed to
    make it work completely well with OpenSSL)
  - Fix handling of errors when resolving names from DNS
Guido Trotter's avatar
Guido Trotter committed
1660

Guido Trotter's avatar
Guido Trotter committed
1661

Guido Trotter's avatar
Guido Trotter committed
1662
1663
1664
Version 2.1.3
-------------

1665
*(Released Thu, 3 Jun 2010)*
Guido Trotter's avatar
Guido Trotter committed
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677

A medium sized development cycle. Some new features, and some
fixes/small improvements/cleanups.

Significant features
~~~~~~~~~~~~~~~~~~~~

The node deamon now tries to mlock itself into memory, unless the
``--no-mlock`` flag is passed. It also doesn't fail if it can't write
its logs, and falls back to console logging. This allows emergency
features such as ``gnt-node powercycle`` to work even in the event of a
broken node disk (tested offlining the disk hosting the node's
1678
filesystem and dropping its memory caches; don't try this at home)
Guido Trotter's avatar
Guido Trotter committed
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700

KVM: add vhost-net acceleration support. It can be tested with a new
enough version of the kernel and of qemu-kvm.

KVM: Add instance chrooting feature. If you use privilege dropping for
your VMs you can also now force them to chroot to an empty directory,
before starting the emulated guest.

KVM: Add maximum migration bandwith and maximum downtime tweaking
support (requires a new-enough version of qemu-kvm).

Cluster verify will now warn if the master node doesn't have the master
ip configured on it.

Add a new (incompatible) instance creation request format to RAPI which
supports all parameters (previously only a subset was supported, and it
wasn't possible to extend the old format to accomodate all the new
features. The old format is still supported, and a client can check for
this feature, before using it, by checking for its presence in the
``features`` RAPI resource.

Now with ancient latin support. Try it passing the ``--roman`` option to
1701
1702
``gnt-instance info``, ``gnt-cluster info`` or ``gnt-node list``
(requires the python-roman module to be installed, in order to work).
Guido Trotter's avatar
Guido Trotter committed
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720

Other changes
~~~~~~~~~~~~~

As usual many internal code refactorings, documentation updates, and
such. Among others:

  - Lots of improvements and cleanups to the experimental Remote API
    (RAPI) client library.
  - A new unit test suite for the core daemon libraries.
  - A fix to creating missing directories makes sure the umask is not
    applied anymore. This enforces the same directory permissions
    everywhere.
  - Better handling terminating daemons with ctrl+c (used when running
    them in debugging mode).
  - Fix a race condition in live migrating a KVM instance, when stat()
    on the old proc status file returned EINVAL, which is an unexpected
    value.
Guido Trotter's avatar
Guido Trotter committed
1721
1722
  - Fixed manpage checking with newer man and utf-8 charachters. But now
    you need the en_US.UTF-8 locale enabled to build Ganeti from git.
Guido Trotter's avatar
Guido Trotter committed
1723
1724


Guido Trotter's avatar
Guido Trotter committed
1725
1726
1727
1728
1729
1730
1731
Version 2.1.2.1
---------------

*(Released Fri, 7 May 2010)*

Fix a bug which prevented untagged KVM instances from starting.

Guido Trotter's avatar
Guido Trotter committed
1732

Iustin Pop's avatar
Iustin Pop committed
1733
1734
1735
Version 2.1.2
-------------

Iustin Pop's avatar
Iustin Pop committed
1736
*(Released Fri, 7 May 2010)*
Iustin Pop's avatar
Iustin Pop committed
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829

Another release with a long development cycle, during which many
different features were added.

Significant features
~~~~~~~~~~~~~~~~~~~~

The KVM hypervisor now can run the individual instances as non-root, to
reduce the impact of a VM being hijacked due to bugs in the
hypervisor. It is possible to run all instances as a single (non-root)
user, to manually specify a user for each instance, or to dynamically
allocate a user out of a cluster-wide pool to each instance, with the
guarantee that no two instances will run under the same user ID on any
given node.

An experimental RAPI client library, that can be used standalone
(without the other Ganeti libraries), is provided in the source tree as
``lib/rapi/client.py``. Note this client might change its interface in
the future, as we iterate on its capabilities.

A new command, ``gnt-cluster renew-crypto`` has been added to easily
replace the cluster's certificates and crypto keys. This might help in
case they have been compromised, or have simply expired.

A new disk option for instance creation has been added that allows one
to "adopt" currently existing logical volumes, with data
preservation. This should allow easier migration to Ganeti from
unmanaged (or managed via other software) instances.

Another disk improvement is the possibility to convert between redundant
(DRBD) and plain (LVM) disk configuration for an instance. This should
allow better scalability (starting with one node and growing the
cluster, or shrinking a two-node cluster to one node).

A new feature that could help with automated node failovers has been
implemented: if a node sees itself as offline (by querying the master
candidates), it will try to shutdown (hard) all instances and any active
DRBD devices. This reduces the risk of duplicate instances if an
external script automatically failovers the instances on such nodes. To
enable this, the cluster parameter ``maintain_node_health`` should be
enabled; in the future this option (per the name) will enable other
automatic maintenance features.

Instance export/import now will reuse the original instance
specifications for all parameters; that means exporting an instance,
deleting it and the importing it back should give an almost identical
instance. Note that the default import behaviour has changed from
before, where it created only one NIC; now it recreates the original
number of NICs.

Cluster verify has added a few new checks: SSL certificates validity,
/etc/hosts consistency across the cluster, etc.

Other changes
~~~~~~~~~~~~~

As usual, many internal changes were done, documentation fixes,
etc. Among others:

- Fixed cluster initialization with disabled cluster storage (regression
  introduced in 2.1.1)
- File-based storage supports growing the disks
- Fixed behaviour of node role changes
- Fixed cluster verify for some corner cases, plus a general rewrite of
  cluster verify to allow future extension with more checks
- Fixed log spamming by watcher and node daemon (regression introduced
  in 2.1.1)
- Fixed possible validation issues when changing the list of enabled
  hypervisors
- Fixed cleanup of /etc/hosts during node removal
- Fixed RAPI response for invalid methods
- Fixed bug with hashed passwords in ``ganeti-rapi`` daemon
- Multiple small improvements to the KVM hypervisor (VNC usage, booting
  from ide disks, etc.)
- Allow OS changes without re-installation (to record a changed OS
  outside of Ganeti, or to allow OS renames)
- Allow instance creation without OS installation (useful for example if
  the OS will be installed manually, or restored from a backup not in
  Ganeti format)
- Implemented option to make cluster ``copyfile`` use the replication
  network
- Added list of enabled hypervisors to ssconf (possibly useful for
  external scripts)
- Added a new tool (``tools/cfgupgrade12``) that allows upgrading from
  1.2 clusters
- A partial form of node re-IP is possible via node readd, which now
  allows changed node primary IP
- Command line utilities now show an informational message if the job is
  waiting for a lock
- The logs of the master daemon now show the PID/UID/GID of the
  connected client


1830
1831
1832
Version 2.1.1
-------------

Iustin Pop's avatar
Iustin Pop committed
1833
1834
*(Released Fri, 12 Mar 2010)*

1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
During the 2.1.0 long release candidate cycle, a lot of improvements and
changes have accumulated with were released later as 2.1.1.

Major changes
~~~~~~~~~~~~~

The node evacuate command (``gnt-node evacuate``) was significantly
rewritten, and as such the IAllocator protocol was changed - a new
request type has been added. This unfortunate change during a stable
series is designed to improve performance of node evacuations; on
clusters with more than about five nodes and which are well-balanced,
evacuation should proceed in parallel for all instances of the node
being evacuated. As such, any existing IAllocator scripts need to be
updated, otherwise the above command will fail due to the unknown
request. The provided "dumb" allocator has not been updated; but the
ganeti-htools package supports the new protocol since version 0.2.4.

Another important change is increased validation of node and instance
names. This might create problems in special cases, if invalid host
names are being used.

Also, a new layer of hypervisor parameters has been added, that sits at
OS level between the cluster defaults and the instance ones. This allows
customisation of virtualization parameters depending on the installed
OS. For example instances with OS 'X' may have a different KVM kernel
(or any other parameter) than the cluster defaults. This is intended to
help managing a multiple OSes on the same cluster, without manual
modification of each instance's parameters.

A tool for merging clusters, ``cluster-merge``, has been added in the
tools sub-directory.

Bug fixes
~~~~~~~~~

- Improved the int/float conversions that should make the code more
  robust in face of errors from the node daemons
- Fixed the remove node code in case of internal configuration errors
- Fixed the node daemon behaviour in face of inconsistent queue
  directory (e.g. read-only file-system where we can't open the files
  read-write, etc.)
- Fixed the behaviour of gnt-node modify for master candidate demotion;
1877
  now it either aborts cleanly or, if given the new "auto_promote"
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
  parameter, will automatically promote other nodes as needed
- Fixed compatibility with (unreleased yet) Python 2.6.5 that would
  completely prevent Ganeti from working
- Fixed bug for instance export when not all disks were successfully
  exported
- Fixed behaviour of node add when the new node is slow in starting up
  the node daemon
- Fixed handling of signals in the LUXI client, which should improve
  behaviour of command-line scripts
- Added checks for invalid node/instance names in the configuration (now
  flagged during cluster verify)
- Fixed watcher behaviour for disk activation errors
- Fixed two potentially endless loops in http library, which led to the
  RAPI daemon hanging and consuming 100% CPU in some cases
- Fixed bug in RAPI daemon related to hashed passwords
- Fixed bug for unintended qemu-level bridging of multi-NIC KVM
  instances
- Enhanced compatibility with non-Debian OSes, but not using absolute
  path in some commands and allowing customisation of the ssh
  configuration directory
- Fixed possible future issue with new Python versions by abiding to the
  proper use of ``__slots__`` attribute on classes
- Added checks that should prevent directory traversal attacks
- Many documentation fixes based on feedback from users

New features
~~~~~~~~~~~~

1906
- Added an "early_release" more for instance replace disks and node
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
  evacuate, where we release locks earlier and thus allow higher
  parallelism within the cluster
- Added watcher hooks, intended to allow the watcher to restart other
  daemons (e.g. from the ganeti-nbma project), but they can be used of
  course for any other purpose
- Added a compile-time disable for DRBD barriers, to increase
  performance if the administrator trusts the power supply or the
  storage system to not lose writes
- Added the option of using syslog for logging instead of, or in
  addition to, Ganeti's own log files
- Removed boot restriction for paravirtual NICs for KVM, recent versions
  can indeed boot from a paravirtual NIC
- Added a generic debug level for many operations; while this is not
  used widely yet, it allows one to pass the debug value all the way to
  the OS scripts
- Enhanced the hooks environment for instance moves (failovers,
  migrations) where the primary/secondary nodes changed during the
  operation, by adding {NEW,OLD}_{PRIMARY,SECONDARY} vars
- Enhanced data validations for many user-supplied values; one important
  item is the restrictions imposed on instance and node names, which
  might reject some (invalid) host names
- Add a configure-time option to disable file-based storage, if it's not
  needed; this allows greater security separation between the master
  node and the other nodes from the point of view of the inter-node RPC
  protocol
- Added user notification in interactive tools if job is waiting in the
  job queue or trying to acquire locks
- Added log messages when a job is waiting for locks
- Added filtering by node tags in instance operations which admit
  multiple instances (start, stop, reboot, reinstall)
- Added a new tool for cluster mergers, ``cluster-merge``
- Parameters from command line which are of the form ``a=b,c=d`` can now
  use backslash escapes to pass in values which contain commas,
  e.g. ``a=b\\c,d=e`` where the 'a' parameter would get the value
  ``b,c``
- For KVM, the instance name is the first parameter passed to KVM, so
  that it's more visible in the process list


1946
1947
1948
Version 2.1.0
-------------

Iustin Pop's avatar
Iustin Pop committed
1949
1950
*(Released Tue, 2 Mar 2010)*

1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
Ganeti 2.1 brings many improvements with it. Major changes:

- Added infrastructure to ease automated disk repairs
- Added new daemon to export configuration data in a cheaper way than
  using the remote API
- Instance NICs can now be routed instead of being associated with a
  networking bridge
- Improved job locking logic to reduce impact of jobs acquiring multiple
  locks waiting for other long-running jobs

1961
In-depth implementation details can be found in the Ganeti 2.1 design
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
document.

Details
~~~~~~~

- Added chroot hypervisor
- Added more options to xen-hvm hypervisor (``kernel_path`` and
  ``device_model``)
- Added more options to xen-pvm hypervisor (``use_bootloader``,
  ``bootloader_path`` and ``bootloader_args``)
1972
1973
1974
- Added the ``use_localtime`` option for the xen-hvm and kvm
  hypervisors, and the default value for this has changed to false (in
  2.0 xen-hvm always enabled it)
1975
- Added luxi call to submit multiple jobs in one go
1976
- Added cluster initialization option to not modify ``/etc/hosts``
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
  file on nodes
- Added network interface parameters
- Added dry run mode to some LUs
- Added RAPI resources:

  - ``/2/instances/[instance_name]/info``
  - ``/2/instances/[instance_name]/replace-disks``
  - ``/2/nodes/[node_name]/evacuate``
  - ``/2/nodes/[node_name]/migrate``
  - ``/2/nodes/[node_name]/role``
  - ``/2/nodes/[node_name]/storage``
  - ``/2/nodes/[node_name]/storage/modify``
  - ``/2/nodes/[node_name]/storage/repair``

- Added OpCodes to evacuate or migrate all instances on a node
Iustin Pop's avatar
Iustin Pop committed
1992
1993
- Added new command to list storage elements on nodes (``gnt-node
  list-storage``) and modify them (``gnt-node modify-storage``)
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
- Added new ssconf files with master candidate IP address
  (``ssconf_master_candidates_ips``), node primary IP address
  (``ssconf_node_primary_ips``) and node secondary IP address
  (``ssconf_node_secondary_ips``)
- Added ``ganeti-confd`` and a client library to query the Ganeti
  configuration via UDP
- Added ability to run hooks after cluster initialization and before
  cluster destruction
- Added automatic mode for disk replace (``gnt-instance replace-disks
  --auto``)
2004
2005
- Added ``gnt-instance recreate-disks`` to re-create (empty) disks
  after catastrophic data-loss
Iustin Pop's avatar
Iustin Pop committed
2006
- Added ``gnt-node repair-storage`` command to repair damaged LVM volume
2007
2008
2009
2010
2011
2012
2013
2014
  groups
- Added ``gnt-instance move`` command to move instances
- Added ``gnt-cluster watcher`` command to control watcher
- Added ``gnt-node powercycle`` command to powercycle nodes
- Added new job status field ``lock_status``
- Added parseable error codes to cluster verification (``gnt-cluster
  verify --error-codes``) and made output less verbose (use
  ``--verbose`` to restore previous behaviour)
2015
- Added UUIDs to the main config entities (cluster, nodes, instances)
2016
- Added support for OS variants
Michael Hanselmann's avatar
Michael Hanselmann committed
2017
2018
2019
2020
- Added support for hashed passwords in the Ganeti remote API users file
  (``rapi_users``)
- Added option to specify maximum timeout on instance shutdown
- Added ``--no-ssh-init`` option to ``gnt-cluster init``
2021
2022
2023
2024
- Added new helper script to start and stop Ganeti daemons
  (``daemon-util``), with the intent to reduce the work necessary to
  adjust Ganeti for non-Debian distributions and to start/stop daemons
  from one place
2025
2026
- Added more unittests
- Fixed critical bug in ganeti-masterd startup
2027
2028
2029
- Removed the configure-time ``kvm-migration-port`` parameter, this is
  now customisable at the cluster level for both the KVM and Xen
  hypervisors using the new ``migration_port`` parameter
2030
2031
- Pass ``INSTANCE_REINSTALL`` variable to OS installation script when
  reinstalling an instance
Michael Hanselmann's avatar
Michael Hanselmann committed
2032
- Allowed ``@`` in tag names
Michael Hanselmann's avatar
Michael Hanselmann committed
2033
- Migrated to Sphinx (http://sphinx.pocoo.org/) for documentation
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
- Many documentation updates
- Distribute hypervisor files on ``gnt-cluster redist-conf``
- ``gnt-instance reinstall`` can now reinstall multiple instances
- Updated many command line parameters
- Introduced new OS API version 15
- No longer support a default hypervisor
- Treat virtual LVs as inexistent
- Improved job locking logic to reduce lock contention
- Match instance and node names case insensitively
- Reimplemented bash completion script to be more complete
- Improved burnin


2047
Version 2.0.6
2048
2049
-------------

Iustin Pop's avatar
Iustin Pop committed
2050
2051
*(Released Thu, 4 Feb 2010)*

2052
2053
2054
2055
2056
- Fix cleaner behaviour on nodes not in a cluster (Debian bug 568105)
- Fix a string formatting bug
- Improve safety of the code in some error paths
- Improve data validation in the master of values returned from nodes

2057

2058
Version 2.0.5
2059
2060
-------------

Iustin Pop's avatar
Iustin Pop committed
2061
2062
*(Released Thu, 17 Dec 2009)*

2063
2064
2065
2066
2067
- Fix security issue due to missing validation of iallocator names; this
  allows local and remote execution of arbitrary executables
- Fix failure of gnt-node list during instance removal
- Ship the RAPI documentation in the archive

2068

2069
Version 2.0.4
2070
2071
-------------

Iustin Pop's avatar
Iustin Pop committed
2072
2073
*(Released Wed, 30 Sep 2009)*

2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
- Fixed many wrong messages
- Fixed a few bugs related to the locking library
- Fixed MAC checking at instance creation time
- Fixed a DRBD parsing bug related to gaps in /proc/drbd
- Fixed a few issues related to signal handling in both daemons and
  scripts
- Fixed the example startup script provided
- Fixed insserv dependencies in the example startup script (patch from
  Debian)
- Fixed handling of drained nodes in the iallocator framework
- Fixed handling of KERNEL_PATH parameter for xen-hvm (Debian bug
  #528618)
- Fixed error related to invalid job IDs in job polling
- Fixed job/opcode persistence on unclean master shutdown
- Fixed handling of partial job processing after unclean master
  shutdown
- Fixed error reporting from LUs, previously all errors were converted
  into execution errors
- Fixed error reporting from burnin
- Decreased significantly the memory usage of the job queue
- Optimised slightly multi-job submission
- Optimised slightly opcode loading
- Backported the multi-job submit framework from the development
  branch; multi-instance start and stop should be faster
- Added script to clean archived jobs after 21 days; this will reduce
  the size of the queue directory
- Added some extra checks in disk size tracking
- Added an example ethers hook script
- Added a cluster parameter that prevents Ganeti from modifying of
  /etc/hosts
- Added more node information to RAPI responses
Michael Hanselmann's avatar
Michael Hanselmann committed
2105
- Added a ``gnt-job watch`` command that allows following the ouput of a
2106
2107
2108
2109
2110
2111
  job
- Added a bind-address option to ganeti-rapi
- Added more checks to the configuration verify
- Enhanced the burnin script such that some operations can be retried
  automatically
- Converted instance reinstall to multi-instance model
Michael Hanselmann's avatar
Michael Hanselmann committed
2112

Michael Hanselmann's avatar
Michael Hanselmann committed
2113

2114
Version 2.0.3
Michael Hanselmann's avatar
Michael Hanselmann committed
2115
2116
-------------

Iustin Pop's avatar
Iustin Pop committed
2117
2118
*(Released Fri, 7 Aug 2009)*

Michael Hanselmann's avatar
Michael Hanselmann committed
2119
2120
2121
- Added ``--ignore-size`` to the ``gnt-instance activate-disks`` command
  to allow using the pre-2.0.2 behaviour in activation, if any existing
  instances have mismatched disk sizes in the configuration
2122
2123
- Added ``gnt-cluster repair-disk-sizes`` command to check and update
  any configuration mismatches for disk sizes
Michael Hanselmann's avatar
Michael Hanselmann committed
2124
2125
- Added ``gnt-master cluste-failover --no-voting`` to allow master
  failover to work on two-node clusters
Michael Hanselmann's avatar
Michael Hanselmann committed
2126
2127
- Fixed the ``--net`` option of ``gnt-backup import``, which was
  unusable
Michael Hanselmann's avatar
Michael Hanselmann committed
2128
2129
2130
- Fixed detection of OS script errors in ``gnt-backup export``
- Fixed exit code of ``gnt-backup export``

2131

2132
Version 2.0.2
Michael Hanselmann's avatar
Michael Hanselmann committed
2133
2134
-------------

Iustin Pop's avatar
Iustin Pop committed
2135
2136
*(Released Fri, 17 Jul 2009)*

Michael Hanselmann's avatar
Michael Hanselmann committed
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
- Added experimental support for stripped logical volumes; this should
  enhance performance but comes with a higher complexity in the block
  device handling; stripping is only enabled when passing
  ``--with-lvm-stripecount=N`` to ``configure``, but codepaths are
  affected even in the non-stripped mode
- Improved resiliency against transient failures at the end of DRBD
  resyncs, and in general of DRBD resync checks
- Fixed a couple of issues with exports and snapshot errors
- Fixed a couple of issues in instance listing
- Added display of the disk size in ``gnt-instance info``
- Fixed checking for valid OSes in instance creation
Michael Hanselmann's avatar
Michael Hanselmann committed
2148
- Fixed handling of the "vcpus" parameter in instance listing and in
Michael Hanselmann's avatar
Michael Hanselmann committed
2149
2150
2151
2152
2153
  general of invalid parameters
- Fixed http server library, and thus RAPI, to handle invalid
  username/password combinations correctly; this means that now they
  report unauthorized for queries too, not only for modifications,
  allowing earlier detect of configuration problems
Michael Hanselmann's avatar
Michael Hanselmann committed
2154
- Added a new "role" node list field, equivalent to the master/master
Michael Hanselmann's avatar
Michael Hanselmann committed
2155
2156
2157
2158
2159
2160
  candidate/drained/offline flags combinations
- Fixed cluster modify and changes of candidate pool size
- Fixed cluster verify error messages for wrong files on regular nodes
- Fixed a couple of issues with node demotion from master candidate role
- Fixed node readd issues
- Added non-interactive mode for ``ganeti-masterd --no-voting`` startup
Michael Hanselmann's avatar
Michael Hanselmann committed
2161
2162
- Added a new ``--no-voting`` option for masterfailover to fix failover
  on two-nodes clusters when the former master node is unreachable
Michael Hanselmann's avatar
Michael Hanselmann committed
2163
2164
- Added instance reinstall over RAPI

2165

2166
Version 2.0.1
Michael Hanselmann's avatar
Michael Hanselmann committed
2167
2168
-------------

Iustin Pop's avatar
Iustin Pop committed
2169
2170
*(Released Tue, 16 Jun 2009)*

Michael Hanselmann's avatar
Michael Hanselmann committed
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
- added ``-H``/``-B`` startup parameters to ``gnt-instance``, which will
  allow re-adding the start in single-user option (regression from 1.2)
- the watcher writes the instance status to a file, to allow monitoring
  to report the instance status (from the master) based on cached
  results of the watcher's queries; while this can get stale if the
  watcher is being locked due to other work on the cluster, this is
  still an improvement
- the watcher now also restarts the node daemon and the rapi daemon if
  they died
- fixed the watcher to handle full and drained queue cases
2181
2182
2183
- hooks export more instance data in the environment, which helps if
  hook scripts need to take action based on the instance's properties
  (no longer need to query back into ganeti)
Michael Hanselmann's avatar
Michael Hanselmann committed
2184
2185
2186
2187
2188