Newer
Older
Version 2.4.3
-------------
*(unreleased)*
- Added a new parameter to instance stop/start called ``--no-remember``
that will make the state change to not be remembered
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
Many bug-fixes and a few new small features:
- Fixed a bug related to log opening failures
- Fixed a bug in instance listing with orphan instances
- Fixed a bug which prevented resetting the cluster-level node parameter
``oob_program`` to the default
- Many fixes related to the ``cluster-merge`` tool
- Fixed a race condition in the lock monitor, which caused failures
during (at least) creation of many instances in parallel
- Improved output for gnt-job info
- Removed the quiet flag on some ssh calls which prevented debugging
failures
- Improved the N+1 failure messages in cluster verify by actually
showing the memory values (needed and available)
- Increased lock attempt timeouts so that when executing long operations
(e.g. DRBD replace-disks) other jobs do not enter 'blocking acquire'
too early and thus prevent the use of the 'fair' mechanism
- Changed instance query data (``gnt-instance info``) to not acquire
locks unless needed, thus allowing its use on locked instance if only
static information is asked for
- Improved behaviour with filesystems that do not support rename on an
opened file
- Fixed the behaviour of ``prealloc_wipe_disks`` cluster parameter which
kept locks on all nodes during the wipe, which is unneeded
- Fixed ``gnt-watcher`` handling of errors during hooks execution
- Fixed bug in ``prealloc_wipe_disks`` with small disk sizes (less than
10GiB) which caused the wipe to fail right at the end in some cases
- Fixed master IP activation when doing master failover with no-voting
- Fixed bug in ``gnt-node add --readd`` which allowed the re-adding of
the master node itself
- Fixed potential data-loss in under disk full conditions, where Ganeti
wouldn't check correctly the return code and would consider
partially-written files 'correct'
- Fixed bug related to multiple VGs and DRBD disk replacing
- Added new disk parameter ``metavg`` that allows placement of the meta
device for DRBD in a different volume group
- Fixed error handling in the node daemon when the system libc doesn't
have major number 6 (i.e. if ``libc.so.6`` is not the actual libc)
- Fixed lock release during replace-disks, which kept cluster-wide locks
when doing disk replaces with an iallocator script
- Added check for missing bridges in cluster verify
- Handle EPIPE errors while writing to the terminal better, so that
piping the output to e.g. ``less`` doesn't cause a backtrace
- Fixed rare case where a ^C during Luxi calls could have been
interpreted as server errors, instead of simply terminating
- Fixed a race condition in LUGroupAssignNodes (``gnt-group
assign-nodes``)
- Added a few more parameters to the KVM hypervisor, allowing a second
CDROM, custom disk type for CDROMs and a floppy image
- Removed redundant message in instance rename when the name is given
already as a FQDN
- Added option to ``gnt-instance recreate-disks`` to allow creating the
disks on new nodes, allowing recreation when the original instance
nodes are completely gone
- Added option when converting disk templates to DRBD to skip waiting
for the resync, in order to make the instance available sooner
- Added two new variables to the OS scripts environment (containing the
instance's nodes)
- Made the root_path and optional parameter for the xen-pvm hypervisor,
to allow use of ``pvgrub`` as bootloader
- Changed the instance memory modifications to only check out-of-memory
conditions on memory increases, and turned the secondary node warnings
into errors (they can still be overridden via ``--force``)
- Fixed the handling of a corner case when the Python installation gets
corrupted (e.g. a bad disk) while ganeti-noded is running and we try
to execute a command that doesn't exist
- Fixed a bug in ``gnt-instance move`` (LUInstanceMove) when the primary
node of the instance returned failures during instance shutdown; this
adds the option ``--ignore-consistency`` to gnt-instance move
And as usual, various improvements to the error messages, documentation
and man pages.
Version 2.4.1
-------------
*(Released Wed, 09 Mar 2011)*
Emergency bug-fix release. ``tools/cfgupgrade`` was broken and overwrote
the RAPI users file if run twice (even with ``-dry-run``).
The release fixes that bug (nothing else changed).
Version 2.4.0
-------------
*(Released Mon, 07 Mar 2011)*
Final 2.4.0 release. Just a few small fixes:
- Fixed RAPI node evacuate
- Fixed the kvm-ifup script
- Fixed internal error handling for special job cases
- Updated man page to specify the escaping feature for options
Version 2.4.0 rc3
-----------------
*(Released Mon, 28 Feb 2011)*
A critical fix for the ``prealloc_wipe_disks`` feature: it is possible
that this feature wiped the disks of the wrong instance, leading to loss
of data.
Other changes:
- Fixed title of query field containing instance name
- Expanded the glossary in the documentation
- Fixed one unittest (internal issue)
Version 2.4.0 rc2
-----------------
*(Released Mon, 21 Feb 2011)*
A number of bug fixes plus just a couple functionality changes.
On the user-visible side, the ``gnt-* list`` command output has changed
with respect to "special" field states. The current rc1 style of display
can be re-enabled by passing a new ``--verbose`` (``-v``) flag, but in
the default output mode special fields states are displayed as follows:
- Offline resource: ``*``
- Unavailable/not applicable: ``-``
- Data missing (RPC failure): ``?``
- Unknown field: ``??``
Another user-visible change is the addition of ``--force-join`` to
``gnt-node add``.
As for bug fixes:
- ``tools/cluster-merge`` has seen many fixes and is now enabled again
- Fixed regression in RAPI/instance reinstall where all parameters were
- Fixed ``gnt-cluster repair-disk-sizes``, was broken since Ganeti 2.2
- Fixed iallocator usage (offline nodes were not considered offline)
- Fixed ``gnt-node list`` with respect to non-vm_capable nodes
- Fixed hypervisor and OS parameter validation with respect to
- Fixed ``gnt-cluster verify`` with respect to offline nodes (mostly
- Fixed ``tools/listrunner`` with respect to agent-based usage
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
Version 2.4.0 rc1
-----------------
*(Released Fri, 4 Feb 2011)*
Many changes and fixes since the beta1 release. While there were some
internal changes, the code has been mostly stabilised for the RC
release.
Note: the dumb allocator was removed in this release, as it was not kept
up-to-date with the IAllocator protocol changes. It is recommended to
use the ``hail`` command from the ganeti-htools package.
Note: the 2.4 and up versions of Ganeti are not compatible with the
0.2.x branch of ganeti-htools. You need to upgrade to
ganeti-htools-0.3.0 (or later).
Regressions fixed from 2.3
~~~~~~~~~~~~~~~~~~~~~~~~~~
- Fixed the ``gnt-cluster verify-disks`` command
- Made ``gnt-cluster verify-disks`` work in parallel (as opposed to
serially on nodes)
- Fixed disk adoption breakage
- Fixed wrong headers in instance listing for field aliases
Other bugs fixed
~~~~~~~~~~~~~~~~
- Fixed corner case in KVM handling of NICs
- Fixed many cases of wrong handling of non-vm_capable nodes
- Fixed a bug where a missing instance symlink was not possible to
recreate with any ``gnt-*`` command (now ``gnt-instance
activate-disks`` does it)
- Fixed the volume group name as reported by ``gnt-cluster
verify-disks``
- Increased timeouts for the import-export code, hopefully leading to
fewer aborts due network or instance timeouts
- Fixed bug in ``gnt-node list-storage``
- Fixed bug where not all daemons were started on cluster
initialisation, but only at the first watcher run
- Fixed many bugs in the OOB implementation
- Fixed watcher behaviour in presence of instances with offline
secondaries
- Fixed instance list output for instances running on the wrong node
- a few fixes to the cluster-merge tool, but it still cannot merge
multi-node groups (currently it is not recommended to use this tool)
Improvements
~~~~~~~~~~~~
- Improved network configuration for the KVM hypervisor
- Added e1000 as a supported NIC for Xen-HVM
- Improved the lvmstrap tool to also be able to use partitions, as
opposed to full disks
- Improved speed of disk wiping (the cluster parameter
``prealloc_wipe_disks``, so that it has a low impact on the total time
of instance creations
- Added documentation for the OS parameters
- Changed ``gnt-instance deactivate-disks`` so that it can work if the
hypervisor is not responding
- Added display of blacklisted and hidden OS information in
``gnt-cluster info``
- Extended ``gnt-cluster verify`` to also validate hypervisor, backend,
NIC and node parameters, which might create problems with currently
invalid (but undetected) configuration files, but prevents validation
failures when unrelated parameters are modified
- Changed cluster initialisation to wait for the master daemon to become
available
- Expanded the RAPI interface:
- Added config redistribution resource
- Added activation/deactivation of instance disks
- Added export of console information
- Implemented log file reopening on SIGHUP, which allows using
logrotate(8) for the Ganeti log files
- Added a basic OOB helper script as an example
Version 2.4.0 beta1
-------------------
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
User-visible
~~~~~~~~~~~~
- Fixed timezone issues when formatting timestamps
- Added support for node groups, available via ``gnt-group`` and other
commands
- Added out-of-band framework and management, see :doc:`design
document <design-oob>`
- Removed support for roman numbers from ``gnt-node list`` and
``gnt-instance list``.
- Allowed modification of master network interface via ``gnt-cluster
modify --master-netdev``
- Accept offline secondaries while shutting down instance disks
- Added ``blockdev_prefix`` parameter to Xen PVM and HVM hypervisors
- Added support for multiple LVM volume groups
- Avoid sorting nodes for ``gnt-node list`` if specific nodes are
requested
- Added commands to list available fields:
- ``gnt-node list-fields``
- ``gnt-group list-fields``
- ``gnt-instance list-fields``
- Updated documentation and man pages
Integration
~~~~~~~~~~~
- Moved ``rapi_users`` file into separate directory, now named
``.../ganeti/rapi/users``, ``cfgupgrade`` moves the file and creates a
symlink
- Added new tool for running commands on many machines,
``tools/ganeti-listrunner``
- Implemented more verbose result in ``OpInstanceConsole`` opcode, also
improving the ``gnt-instance console`` output
- Allowed customisation of disk index separator at ``configure`` time
- Export node group allocation policy to :doc:`iallocator <iallocator>`
- Added support for non-partitioned md disks in ``lvmstrap``
- Added script to gracefully power off KVM instances
- Split ``utils`` module into smaller parts
- Changed query operations to return more detailed information, e.g.
whether an information is unavailable due to an offline node. To use
this new functionality, the LUXI call ``Query`` must be used. Field
information is now stored by the master daemon and can be retrieved
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
using ``QueryFields``. Instances, nodes and groups can also be queried
using the new opcodes ``OpQuery`` and ``OpQueryFields`` (not yet
exposed via RAPI). The following commands make use of this
infrastructure change:
- ``gnt-group list``
- ``gnt-group list-fields``
- ``gnt-node list``
- ``gnt-node list-fields``
- ``gnt-instance list``
- ``gnt-instance list-fields``
- ``gnt-debug locks``
Remote API
~~~~~~~~~~
- New RAPI resources (see :doc:`rapi`):
- ``/2/modify``
- ``/2/groups``
- ``/2/groups/[group_name]``
- ``/2/groups/[group_name]/assign-nodes``
- ``/2/groups/[group_name]/modify``
- ``/2/groups/[group_name]/rename``
- ``/2/instances/[instance_name]/disk/[disk_index]/grow``
- RAPI changes:
- Implemented ``no_install`` for instance creation
- Implemented OS parameters for instance reinstallation, allowing
use of special settings on reinstallation (e.g. for preserving data)
Misc
~~~~
- Added IPv6 support in import/export
- Pause DRBD synchronization while wiping disks on instance creation
- Updated unittests and QA scripts
- Improved network parameters passed to KVM
- Converted man pages from docbook to reStructuredText
Version 2.3.1
-------------
*(Released Mon, 20 Dec 2010)*
Released version 2.3.1~rc1 without any changes.
Version 2.3.1 rc1
-----------------
*(Released Wed, 1 Dec 2010)*
- impexpd: Disable OpenSSL compression in socat if possible (backport
from master, commit e90739d625b, see :doc:`installation guide
<install-quick>` for details)
- Changed unittest coverage report to exclude test scripts
- Added script to check version format
Version 2.3.0
-------------
*(Released Wed, 1 Dec 2010)*
Released version 2.3.0~rc1 without any changes.
Version 2.3.0 rc1
-----------------
*(Released Fri, 19 Nov 2010)*
A number of bugfixes and documentation updates:
- Update ganeti-os-interface documentation
- Fixed a bug related to duplicate MACs or similar items which should be
unique
- Fix breakage in OS state modify
- Reinstall instance: disallow offline secondaries (fixes bug related to
OS changing but reinstall failing)
- plus all the other fixes between 2.2.1 and 2.2.2
- Fixed clearing of the default iallocator using ``gnt-cluster modify``
- Fixed master failover race with watcher
- Fixed a bug in ``gnt-node modify`` which could lead to an inconsistent
configuration
- Accept previously stopped instance for export with instance removal
- Simplify and extend the environment variables for instance OS scripts
- Added new node flags, ``master_capable`` and ``vm_capable``
- Added optional instance disk wiping prior during allocation. This is a
cluster-wide option and can be set/modified using
``gnt-cluster {init,modify} --prealloc-wipe-disks``.
- Added IPv6 support, see :doc:`design document <design-2.3>` and
:doc:`install-quick`
- Added a new watcher option (``--ignore-pause``)
- Added option to ignore offline node on instance start/stop
(``--ignore-offline``)
- Allow overriding OS parameters with ``gnt-instance reinstall``
- Added ability to change node's secondary IP address using ``gnt-node
modify``
- Implemented privilege separation for all daemons except
``ganeti-noded``, see ``configure`` options
- Complain if an instance's disk is marked faulty in ``gnt-cluster
verify``
- Implemented job priorities (see ``ganeti(7)`` manpage)
- Ignore failures while shutting down instances during failover from
offline node
- Exit daemon's bootstrap process only once daemon is ready
- Export more information via ``LUInstanceQuery``/remote API
- Improved documentation, QA and unittests
- RAPI daemon now watches ``rapi_users`` all the time and doesn't need a
restart if the file was created or changed
- Added LUXI protocol version sent with each request and response,
allowing detection of server/client mismatches
- Moved the Python scripts among gnt-* and ganeti-* into modules
- Moved all code related to setting up SSH to an external script,
``setup-ssh``
- Infrastructure changes for node group support in future versions
Version 2.2.2
-------------
*(Released Fri, 19 Nov 2010)*
A few small bugs fixed, and some improvements to the build system:
- Fix documentation regarding conversion to drbd
- Fix validation of parameters in cluster modify (``gnt-cluster modify
-B``)
- Fix error handling in node modify with multiple changes
- Allow remote imports without checked names
Version 2.2.1
-------------
*(Released Tue, 19 Oct 2010)*
- Disable SSL session ID cache in RPC client
Version 2.2.1 rc1
-----------------
*(Released Thu, 14 Oct 2010)*
- Fix interaction between Curl/GnuTLS and the Python's HTTP server
(thanks Apollon Oikonomopoulos!), finally allowing the use of Curl
with GnuTLS
- Fix problems with interaction between Curl and Python's HTTP server,
resulting in increased speed in many RPC calls
- Improve our release script to prevent breakage with older aclocal and
Python 2.6
Version 2.2.1 rc0
-----------------
*(Released Thu, 7 Oct 2010)*
- Fixed issue 125, replace hardcoded "xenvg" in ``gnt-cluster`` with
value retrieved from master
- Added support for blacklisted or hidden OS definitions
- Added simple lock monitor (accessible via (``gnt-debug locks``)
- Added support for -mem-path in KVM hypervisor abstraction layer
- Allow overriding instance parameters in tool for inter-cluster
instance moves (``tools/move-instance``)
- Improved opcode summaries (e.g. in ``gnt-job list``)
- Improve consistency of OS listing by sorting it
- Documentation updates
Version 2.2.0.1
---------------
*(Released Fri, 8 Oct 2010)*
- Rebuild with a newer autotools version, to fix python 2.6 compatibility
Version 2.2.0
-------------
*(Released Mon, 4 Oct 2010)*
- Fixed regression in ``gnt-instance rename``
Version 2.2.0 rc2
-----------------
- Fixed OS_VARIANT variable for OS scripts
- Fixed cluster tag operations via RAPI
- Made ``setup-ssh`` exit with non-zero code if an error occurred
- Disabled RAPI CA checks in watcher
Version 2.2.0 rc1
-----------------
*(Released Mon, 23 Aug 2010)*
- Support DRBD versions of the format "a.b.c.d"
- Updated manpages
- Re-introduce support for usage from multiple threads in RAPI client
- Instance renames and modify via RAPI
- Work around race condition between processing and archival in job
queue
- Mark opcodes following failed one as failed, too
- Job field ``lock_status`` was removed due to difficulties making it
work with the changed job queue in Ganeti 2.2; a better way to monitor
locks is expected for a later 2.2.x release
- Fixed dry-run behaviour with many commands
- Support ``ssh-agent`` again when adding nodes
- Many additional bugfixes
Version 2.2.0 rc0
-----------------
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
Important change: the internal RPC mechanism between Ganeti nodes has
changed from using a home-grown http library (based on the Python base
libraries) to use the PycURL library. This requires that PycURL is
installed on nodes. Please note that on Debian/Ubuntu, PycURL is linked
against GnuTLS by default. cURL's support for GnuTLS had known issues
before cURL 7.21.0 and we recommend using the latest cURL release or
linking against OpenSSL. Most other distributions already link PycURL
and cURL against OpenSSL. The command::
python -c 'import pycurl; print pycurl.version'
can be used to determine the libraries PycURL and cURL are linked
against.
Other significant changes:
- Rewrote much of the internals of the job queue, in order to achieve
better parallelism; this decouples job query operations from the job
processing, and it should allow much nicer behaviour of the master
daemon under load, and it also has uncovered some long-standing bugs
related to the job serialisation (now fixed)
- Added a default iallocator setting to the cluster parameters,
eliminating the need to always pass nodes or an iallocator for
operations that require selection of new node(s)
- Added experimental support for the LXC virtualization method
- Added support for OS parameters, which allows the installation of
instances to pass parameter to OS scripts in order to customise the
instance
- Added a hypervisor parameter controlling the migration type (live or
non-live), since hypervisors have various levels of reliability; this
has renamed the 'live' parameter to 'mode'
- Added a cluster parameter ``reserved_lvs`` that denotes reserved
logical volumes, meaning that cluster verify will ignore them and not
flag their presence as errors
- The watcher will now reset the error count for failed instances after
8 hours, thus allowing self-healing if the problem that caused the
instances to be down/fail to start has cleared in the meantime
- Added a cluster parameter ``drbd_usermode_helper`` that makes Ganeti
check for, and warn, if the drbd module parameter ``usermode_helper``
is not consistent with the cluster-wide setting; this is needed to
make diagnose easier of failed drbd creations
- Started adding base IPv6 support, but this is not yet
enabled/available for use
- Rename operations (cluster, instance) will now return the new name,
which is especially useful if a short name was passed in
- Added support for instance migration in RAPI
- Added a tool to pre-configure nodes for the SSH setup, before joining
them to the cluster; this will allow in the future a simplified model
for node joining (but not yet fully enabled in 2.2); this needs the
paramiko python library
- Fixed handling of name-resolving errors
- Fixed consistency of job results on the error path
- Fixed master-failover race condition when executed multiple times in
sequence
- Fixed many bugs related to the job queue (mostly introduced during the
2.2 development cycle, so not all are impacting 2.1)
- Fixed instance migration with missing disk symlinks
- Fixed handling of unknown jobs in ``gnt-job archive``
- And many other small fixes/improvements
Internal changes:
- Enhanced both the unittest and the QA coverage
- Switched the opcode validation to a generic model, and extended the
validation to all opcode parameters
- Changed more parts of the code that write shell scripts to use the
same class for this
- Switched the master daemon to use the asyncore library for the Luxi
server endpoint
Version 2.2.0 beta 0
--------------------
*(Released Thu, 17 Jun 2010)*
- Added tool (``move-instance``) and infrastructure to move instances
between separate clusters (see :doc:`separate documentation
<move-instance>` and :doc:`design document <design-2.2>`)
- Added per-request RPC timeout
- RAPI now requires a Content-Type header for requests with a body (e.g.
``PUT`` or ``POST``) which must be set to ``application/json`` (see
:rfc:`2616` (HTTP/1.1), section 7.2.1)
- ``ganeti-watcher`` attempts to restart ``ganeti-rapi`` if RAPI is not
reachable
- Implemented initial support for running Ganeti daemons as separate
users, see configure-time flags ``--with-user-prefix`` and
``--with-group-prefix`` (only ``ganeti-rapi`` is supported at this
time)
- Instances can be removed after export (``gnt-backup export
--remove-instance``)
- Self-signed certificates generated by Ganeti now use a 2048 bit RSA
key (instead of 1024 bit)
- Added new cluster configuration file for cluster domain secret
- Import/export now use SSL instead of SSH
- Added support for showing estimated time when exporting an instance,
see the ``ganeti-os-interface(7)`` manpage and look for
``EXP_SIZE_FD``
Version 2.1.8
-------------
*(Released Tue, 16 Nov 2010)*
Some more bugfixes. Unless critical bugs occur, this will be the last
2.1 release:
- Fix case of MAC special-values
- Fix mac checker regex
- backend: Fix typo causing "out of range" error
- Add missing --units in gnt-instance list man page
Version 2.1.7
-------------
*(Released Tue, 24 Aug 2010)*
Bugfixes only:
- Don't ignore secondary node silently on non-mirrored disk templates
(issue 113)
- Fix --master-netdev arg name in gnt-cluster(8) (issue 114)
- Fix usb_mouse parameter breaking with vnc_console (issue 109)
- Properly document the usb_mouse parameter
- Fix path in ganeti-rapi(8) (issue 116)
- Adjust error message when the ganeti user's .ssh directory is
missing
- Add same-node-check when changing the disk template to drbd
Version 2.1.6
-------------
*(Released Fri, 16 Jul 2010)*
Bugfixes only:
- Add an option to only select some reboot types during qa/burnin.
(on some hypervisors consequent reboots are not supported)
- Fix infrequent race condition in master failover. Sometimes the old
master ip address would be still detected as up for a short time
after it was removed, causing failover to fail.
- Decrease mlockall warnings when the ctypes module is missing. On
Python 2.4 we support running even if no ctypes module is installed,
but we were too verbose about this issue.
- Fix building on old distributions, on which man doesn't have a
--warnings option.
- Fix RAPI not to ignore the MAC address on instance creation
- Implement the old instance creation format in the RAPI client.
A small bugfix release:
- Fix disk adoption: broken by strict --disk option checking in 2.1.4
- Fix batch-create: broken in the whole 2.1 series due to a lookup on
a non-existing option
- Fix instance create: the --force-variant option was ignored
- Improve pylint 0.21 compatibility and warnings with Python 2.6
- Fix modify node storage with non-FQDN arguments
- Fix RAPI client to authenticate under Python 2.6 when used
for more than 5 requests needing authentication
- Fix gnt-instance modify -t (storage) giving a wrong error message
when converting a non-shutdown drbd instance to plain
A small bugfix release:
- Fix live migration of KVM instances started with older Ganeti
versions which had fewer hypervisor parameters
- Fix gnt-instance grow-disk on down instances
- Fix an error-reporting bug during instance migration
- Better checking of the ``--net`` and ``--disk`` values, to avoid
silently ignoring broken ones
- Fix an RPC error reporting bug affecting, for example, RAPI client
users
- Fix bug triggered by different API version os-es on different nodes
- Fix a bug in instance startup with custom hvparams: OS level
parameters would fail to be applied.
- Fix the RAPI client under Python 2.6 (but more work is needed to
make it work completely well with OpenSSL)
- Fix handling of errors when resolving names from DNS
A medium sized development cycle. Some new features, and some
fixes/small improvements/cleanups.
Significant features
~~~~~~~~~~~~~~~~~~~~
The node deamon now tries to mlock itself into memory, unless the
``--no-mlock`` flag is passed. It also doesn't fail if it can't write
its logs, and falls back to console logging. This allows emergency
features such as ``gnt-node powercycle`` to work even in the event of a
broken node disk (tested offlining the disk hosting the node's
filesystem and dropping its memory caches; don't try this at home)
KVM: add vhost-net acceleration support. It can be tested with a new
enough version of the kernel and of qemu-kvm.
KVM: Add instance chrooting feature. If you use privilege dropping for
your VMs you can also now force them to chroot to an empty directory,
before starting the emulated guest.
KVM: Add maximum migration bandwith and maximum downtime tweaking
support (requires a new-enough version of qemu-kvm).
Cluster verify will now warn if the master node doesn't have the master
ip configured on it.
Add a new (incompatible) instance creation request format to RAPI which
supports all parameters (previously only a subset was supported, and it
wasn't possible to extend the old format to accomodate all the new
features. The old format is still supported, and a client can check for
this feature, before using it, by checking for its presence in the
``features`` RAPI resource.
Now with ancient latin support. Try it passing the ``--roman`` option to
``gnt-instance info``, ``gnt-cluster info`` or ``gnt-node list``
(requires the python-roman module to be installed, in order to work).
Other changes
~~~~~~~~~~~~~
As usual many internal code refactorings, documentation updates, and
such. Among others:
- Lots of improvements and cleanups to the experimental Remote API
(RAPI) client library.
- A new unit test suite for the core daemon libraries.
- A fix to creating missing directories makes sure the umask is not
applied anymore. This enforces the same directory permissions
everywhere.
- Better handling terminating daemons with ctrl+c (used when running
them in debugging mode).
- Fix a race condition in live migrating a KVM instance, when stat()
on the old proc status file returned EINVAL, which is an unexpected
value.
- Fixed manpage checking with newer man and utf-8 charachters. But now
you need the en_US.UTF-8 locale enabled to build Ganeti from git.
Version 2.1.2.1
---------------
*(Released Fri, 7 May 2010)*
Fix a bug which prevented untagged KVM instances from starting.
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
Another release with a long development cycle, during which many
different features were added.
Significant features
~~~~~~~~~~~~~~~~~~~~
The KVM hypervisor now can run the individual instances as non-root, to
reduce the impact of a VM being hijacked due to bugs in the
hypervisor. It is possible to run all instances as a single (non-root)
user, to manually specify a user for each instance, or to dynamically
allocate a user out of a cluster-wide pool to each instance, with the
guarantee that no two instances will run under the same user ID on any
given node.
An experimental RAPI client library, that can be used standalone
(without the other Ganeti libraries), is provided in the source tree as
``lib/rapi/client.py``. Note this client might change its interface in
the future, as we iterate on its capabilities.
A new command, ``gnt-cluster renew-crypto`` has been added to easily
replace the cluster's certificates and crypto keys. This might help in
case they have been compromised, or have simply expired.
A new disk option for instance creation has been added that allows one
to "adopt" currently existing logical volumes, with data
preservation. This should allow easier migration to Ganeti from
unmanaged (or managed via other software) instances.
Another disk improvement is the possibility to convert between redundant
(DRBD) and plain (LVM) disk configuration for an instance. This should
allow better scalability (starting with one node and growing the
cluster, or shrinking a two-node cluster to one node).
A new feature that could help with automated node failovers has been
implemented: if a node sees itself as offline (by querying the master
candidates), it will try to shutdown (hard) all instances and any active
DRBD devices. This reduces the risk of duplicate instances if an
external script automatically failovers the instances on such nodes. To
enable this, the cluster parameter ``maintain_node_health`` should be
enabled; in the future this option (per the name) will enable other
automatic maintenance features.
Instance export/import now will reuse the original instance
specifications for all parameters; that means exporting an instance,
deleting it and the importing it back should give an almost identical
instance. Note that the default import behaviour has changed from
before, where it created only one NIC; now it recreates the original
number of NICs.
Cluster verify has added a few new checks: SSL certificates validity,
/etc/hosts consistency across the cluster, etc.
Other changes
~~~~~~~~~~~~~
As usual, many internal changes were done, documentation fixes,
etc. Among others:
- Fixed cluster initialization with disabled cluster storage (regression
introduced in 2.1.1)
- File-based storage supports growing the disks
- Fixed behaviour of node role changes
- Fixed cluster verify for some corner cases, plus a general rewrite of
cluster verify to allow future extension with more checks
- Fixed log spamming by watcher and node daemon (regression introduced
in 2.1.1)
- Fixed possible validation issues when changing the list of enabled
hypervisors
- Fixed cleanup of /etc/hosts during node removal
- Fixed RAPI response for invalid methods
- Fixed bug with hashed passwords in ``ganeti-rapi`` daemon
- Multiple small improvements to the KVM hypervisor (VNC usage, booting
from ide disks, etc.)
- Allow OS changes without re-installation (to record a changed OS
outside of Ganeti, or to allow OS renames)
- Allow instance creation without OS installation (useful for example if
the OS will be installed manually, or restored from a backup not in
Ganeti format)
- Implemented option to make cluster ``copyfile`` use the replication
network
- Added list of enabled hypervisors to ssconf (possibly useful for
external scripts)
- Added a new tool (``tools/cfgupgrade12``) that allows upgrading from
1.2 clusters
- A partial form of node re-IP is possible via node readd, which now
allows changed node primary IP
- Command line utilities now show an informational message if the job is
waiting for a lock
- The logs of the master daemon now show the PID/UID/GID of the
connected client
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
During the 2.1.0 long release candidate cycle, a lot of improvements and
changes have accumulated with were released later as 2.1.1.
Major changes
~~~~~~~~~~~~~
The node evacuate command (``gnt-node evacuate``) was significantly
rewritten, and as such the IAllocator protocol was changed - a new
request type has been added. This unfortunate change during a stable
series is designed to improve performance of node evacuations; on
clusters with more than about five nodes and which are well-balanced,
evacuation should proceed in parallel for all instances of the node
being evacuated. As such, any existing IAllocator scripts need to be
updated, otherwise the above command will fail due to the unknown
request. The provided "dumb" allocator has not been updated; but the
ganeti-htools package supports the new protocol since version 0.2.4.
Another important change is increased validation of node and instance
names. This might create problems in special cases, if invalid host
names are being used.
Also, a new layer of hypervisor parameters has been added, that sits at
OS level between the cluster defaults and the instance ones. This allows
customisation of virtualization parameters depending on the installed
OS. For example instances with OS 'X' may have a different KVM kernel
(or any other parameter) than the cluster defaults. This is intended to
help managing a multiple OSes on the same cluster, without manual
modification of each instance's parameters.
A tool for merging clusters, ``cluster-merge``, has been added in the
tools sub-directory.
Bug fixes
~~~~~~~~~
- Improved the int/float conversions that should make the code more
robust in face of errors from the node daemons
- Fixed the remove node code in case of internal configuration errors
- Fixed the node daemon behaviour in face of inconsistent queue
directory (e.g. read-only file-system where we can't open the files
read-write, etc.)
- Fixed the behaviour of gnt-node modify for master candidate demotion;
now it either aborts cleanly or, if given the new "auto_promote"
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
parameter, will automatically promote other nodes as needed
- Fixed compatibility with (unreleased yet) Python 2.6.5 that would
completely prevent Ganeti from working
- Fixed bug for instance export when not all disks were successfully
exported
- Fixed behaviour of node add when the new node is slow in starting up
the node daemon
- Fixed handling of signals in the LUXI client, which should improve
behaviour of command-line scripts
- Added checks for invalid node/instance names in the configuration (now
flagged during cluster verify)
- Fixed watcher behaviour for disk activation errors
- Fixed two potentially endless loops in http library, which led to the
RAPI daemon hanging and consuming 100% CPU in some cases
- Fixed bug in RAPI daemon related to hashed passwords
- Fixed bug for unintended qemu-level bridging of multi-NIC KVM
instances
- Enhanced compatibility with non-Debian OSes, but not using absolute
path in some commands and allowing customisation of the ssh
configuration directory
- Fixed possible future issue with new Python versions by abiding to the
proper use of ``__slots__`` attribute on classes
- Added checks that should prevent directory traversal attacks
- Many documentation fixes based on feedback from users
New features
~~~~~~~~~~~~
- Added an "early_release" more for instance replace disks and node
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
evacuate, where we release locks earlier and thus allow higher
parallelism within the cluster
- Added watcher hooks, intended to allow the watcher to restart other
daemons (e.g. from the ganeti-nbma project), but they can be used of
course for any other purpose
- Added a compile-time disable for DRBD barriers, to increase
performance if the administrator trusts the power supply or the
storage system to not lose writes
- Added the option of using syslog for logging instead of, or in
addition to, Ganeti's own log files
- Removed boot restriction for paravirtual NICs for KVM, recent versions
can indeed boot from a paravirtual NIC
- Added a generic debug level for many operations; while this is not
used widely yet, it allows one to pass the debug value all the way to
the OS scripts
- Enhanced the hooks environment for instance moves (failovers,
migrations) where the primary/secondary nodes changed during the
operation, by adding {NEW,OLD}_{PRIMARY,SECONDARY} vars
- Enhanced data validations for many user-supplied values; one important
item is the restrictions imposed on instance and node names, which
might reject some (invalid) host names
- Add a configure-time option to disable file-based storage, if it's not
needed; this allows greater security separation between the master
node and the other nodes from the point of view of the inter-node RPC
protocol
- Added user notification in interactive tools if job is waiting in the
job queue or trying to acquire locks
- Added log messages when a job is waiting for locks
- Added filtering by node tags in instance operations which admit
multiple instances (start, stop, reboot, reinstall)
- Added a new tool for cluster mergers, ``cluster-merge``
- Parameters from command line which are of the form ``a=b,c=d`` can now
use backslash escapes to pass in values which contain commas,
e.g. ``a=b\\c,d=e`` where the 'a' parameter would get the value