Changelog 40 KB
Newer Older
1
.. _Changelog:
2 3 4 5

Unified Changelog file for Synnefo versions >= 0.13
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

6 7
Since v0.13 most of the Synnefo components have been merged into a single
repository and have aligned versions.
8

9
.. _Changelog-0.16:
10

11 12 13 14 15 16 17 18 19 20 21 22 23
v0.16rc2
========

Released:

Admin
-----

* Define the Admin node URL and path with the ``ADMIN_BASE_URL`` setting

  * The ``ADMIN_BASE_URL`` setting should be adjusted in every node that Admin
    is installed.

24 25 26 27 28 29
UI
--

* Remove UI_SNAPSHOTS_ENABLED setting. UI now uses CYCLADES_SNAPSHOTS_ENABLED 
  setting to resolve whether or not snapshot functionality should be enabled.

30

31 32 33
v0.16rc1
========

Stratos Psomadakis's avatar
Stratos Psomadakis committed
34
Released: Mon Sep  8 17:26:35 EEST 2014
35 36 37 38 39 40 41 42 43

Synnefo-wide
------------

* Replace accumulative projects with pool projects:

  * Projects are now viewed as a source of finite resources. A member can
    reserve a part of these resources up to a specified limit.

44
  * Base quota are now offered through a special purpose user-specific system
45 46 47 48 49
    project, identified with the same UUID as the user.

  * Each actual resource (Cyclades VM, network, floating IP and Pithos
    container) is now also associated with a project besides the owner.

50
  * In resource creation, project defaults to the user-specific system
51 52 53 54
    project, if not specified otherwise. It is also possible to change the
    project assignment of an existing resource.

  * All existing resources have been assigned to the respective
55
    user-specific system projects.
56

57 58 59 60 61 62 63 64 65
* Logging mechanism for Synnefo management commands

  * Log all stdout and stderr output of every invocation of snf-manage,
    on unique filenames under a given directory.

  * Add a new setting in the snf-common package, namely 'LOG_DIR', which
    specifies the directory to be used by Synnefo components to write
    their log files.

66 67 68 69 70 71
* Rename argument names of Synnefo management commands

  * All Synnefo management commands now use 'user/flavor/image/network'
    as argument names, instead of 'userid/user-id/owner/flavor-id/image
    -id/network-id', for consistency across commands.

72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95
Astakos
-------

* Decouple projects from applications:

  * Support project creation (by the system) and modification (by a
    privileged user) without the need to submit/approve an application.

  * View applications as modifications. When a project is uninitialized
    (e.g. an application for a new project is pending), no further
    modification is allowed.

  * Applications are removed from the API. A project's last application is
    only accessible as part of the project details.

  * Decouple project state from application state; they can be combined by
    an API client, if needed.

* Changes concerning quota and pool projects:

  * A project must provide limits for all registered resources. On project
    activation, resources missing are automatically completed using a
    skeleton.

96 97
  * Field `uplimit' of registed resources is exposed as `system_default' and
    provide the skeleton for user-specific system projects. A new field
98 99 100 101 102 103 104 105 106
    `project_default' is introduce to act as a skeleton for conventional
    projects.

  * The quotaholder now also records project quota besides user quota. The
    two types of holders are distinguished with a prefix: `user:' and
    `project:'.

  * The quota API is extended to make project quota available.

107 108 109
  * Removed setting `ASTAKOS_PROJECTS_VISIBLE'; we now always display
    projects in Astakos menu.

110 111 112
* Projects can be set `private', making it accessible only to its owner and
  members.

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
113 114
* Admin users API

115 116 117 118 119 120 121
  * Extend astakos identity API to support user management functionality.
  * Admin API related settings
  * ``ADMIN_API_ENABLED``
    Whether or not the admin api endpoints will be enabled.
  * ``ADMIN_API_PERMITTED_GROUPS``
    A list of group names for which users which belong to any of
    them be granted full access to the admin API endpoints.
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
122 123 124 125


*  Updated projects integration in UI

126 127 128 129 130 131
  * Display both max per member/total in group quota in project views.
  * Enhanced usage view to display individual resource usage details for
    each of the projects the user is associated with.
  * Display project usage statistics in project details view.
  * Display system projects in admin project list view.
  * Handle display of infinite resource quota values.
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
132 133


Stratos Psomadakis's avatar
Stratos Psomadakis committed
134 135 136
Cyclades
--------

137
* Introduce Volumes and Snapshots:
138

139 140 141 142 143 144 145 146 147
  * Implement 'cyclades_volumes' service, containing the /volumes, /types,
    and /snapshots API endpoints under '/volumes/v2.0'.
  * Implement `snf-manage volume-{create, list, show, modify, inspect, remove}'
    management commands for handling of volumes.
  * Implement `snf-manage snapshot-{create, list, show, modify}` management
    commands for handling of snapshots.
  * Implement 'volume-type-{create, list, modify, show, remove}` management
    commands for handling of volume types.
  * Add new settings:
148

149 150 151 152 153 154
    * GANETI_MAX_DISKS_PER_INSTANCE: Maximum number of disks that each Ganeti
      instance can have.
    * CYCLADES_VOLUME_MAX_SIZE: The maximum allowed size (in GB) for Cyclades
      volumes.
    * CYCLADES_SNAPSHOTS_ENABLED: Enable/Disable the snapshots feature
      altogether at the API level.
155 156


157
* Integrate Cyclades resources with Astakos projects.
158

159 160 161 162
  * Extend API calls that create resources with the 'project' attribute
    in order to assign resources to the specified project.
  * Implement API calls for reassigning resources to a new project.
  * Export the project that a resource belongs in the 'tenant_id' API
163
    attribute.
164 165 166

* Add support for snf-vncauthproxy 1.6 (configurable VNC console types).
* Add support for more types of VM console:
167

168 169 170
  * Modify the current 'console' action to support VNC WebSockets (requires
    snf-vncauthproxy=1.6).
  * Add support for the three OpenStack Compute console actions
171
    (VNC, RDP, Spice). RDP and Spice are currently not implemented.
172 173 174 175

* Update Cyclades to work with Pithos with integrated Archipelago v2
  mapfiles.
* Include functionality for checking the status of the Cyclades update path,
176 177 178
  which includes Ganeti, AMQP, snf-ganeti-eventd and snf-dispatcher. This
  functionality is implemented as part of the snf-dispatcher and can be used
  by passing the '--status-check' option.
179 180
* Add setting `CYCLADES_VM_MAX_METADATA` to limit the maximum number of
  metadata per vm.
181
* Add setting `CYCLADES_VOLUME_MAX_METADATA` to limit the maximum number of
Christos Stavrakakis's avatar
Christos Stavrakakis committed
182
  metadata per volume.
183 184 185
* Use common -u/--user option to specify the UUID or email of the user, for
  all management commands.
* Store basic information about images that have been used to create servers,
186 187
  in order to preserve this information even if images are deleted from
  Pithos.
188 189 190
* Make 'snf-ganeti-eventd' tolerate failures when processing Ganeti jobs. The
  daemon will not crash but continue to run in order to process jobs that can
  be processed.
191 192 193 194
* Update 'backend-list' command to not count the free IPs from networks that
  are drained.
* Fix the'network-inspect' command to not contain externally reserved IPs
  in th number of available IPs.
195 196
* Add `GANETI_DISKS_WAIT_FOR_SYNC` setting to decide whether Ganeti will
  wait for the disk mirror to sync (`--no-wait-for-sync` Ganeti option).
197 198
* Fix mishandling of `MAX_CIDR_BLOCK` setting. Allowed CIDR sizes
  changed from (MAX_CIDR_BLOCK, 29) to [MAX_CIDR_BLOCK, 29].
199
* Fix various minor bugs.
Stratos Psomadakis's avatar
Stratos Psomadakis committed
200 201 202 203

Cyclades UI
-----------

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
204 205
* In sync with the updated astakos projects API

206 207 208 209
  * Include a project select widget within all resource create views, to let user
    decide the project that the created resources will be assigned to.
  * Display resource assigned project in resource list views.
  * Let user reassign resource project.
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
210 211 212

* Volumes API integration.

213 214 215 216
  * Introduce the Disks list/create views.
  * Display machine attached disks in icon/single machine views.
  * Use ``CYCLADES_VOLUME_MAX_SIZE`` setting to determine the
    maximum allowed disk size.
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
217 218 219

* Integrate volume snapshots

220 221 222 223 224
  * Include available snapshots in disk/vm create wizards.
  * Disk snaphot create actions.
  * The ui snapshoting functionality (snapshot actions and listing)
    can be enabled/disabled using the introduced ``UI_SNAPSHOTS_ENABLED``
    setting.
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
225

Stratos Psomadakis's avatar
Stratos Psomadakis committed
226 227
* Replace TigerVNC Java client with an HTML5 Websocket-based client (noVNC)

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
228 229
* Other UI fixes

230 231 232 233 234 235 236 237 238
  * Disabled suspended vm actions
  * Custom error message for 413 api error response codes
  * Enable resize actions from both info/actions subviews for active
    machines
  * Update images collection each time machine create wizard opens
  * Fixed a couple of title truncate in several views
  * Handle display of infinite resource quota values.
  * Improve network create wizard. Support for custom gateway.
  * Common font styling for all resource titles
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
239

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
240 241 242 243 244 245
Pithos
------

* Change default disposition type: If no disposition-type is
  specifically requested or an invalid value is passed, the disposition type
  is set to 'inline'.
246

247 248 249 250 251
Admin
-----

* Introduce Administrator Dashboard, which provides the following:

252 253 254 255 256
  * Graphic access to the details of various Synnefo entities (users, VMs,
    Projects).
  * Intuitive filtering.
  * Multiple actions and notifications.
  * Charts and statistics generation.
257

258 259 260 261 262
.. _Changelog-0.15.2:

v0.15.2
=======

263
Released: Tue May 27 13:50:31 EEST 2014
264 265 266 267

Cyclades
--------

Christos Stavrakakis's avatar
Christos Stavrakakis committed
268
* Fix minor problem in network stats plugin of collectd
269 270
* Fix small issue in the 'stats-cyclades' command arising when Ganeti cannot
  communicate with a node.
Christos Stavrakakis's avatar
Christos Stavrakakis committed
271 272 273 274 275 276 277
* Check max size of server metadata
* Add support for Ganeti 2.10

Cyclades UI
-----------

* Fix oraclelinux icon name
278

Christos Stavrakakis's avatar
Christos Stavrakakis committed
279 280
.. _Changelog-0.15.1:

281

Christos Stavrakakis's avatar
Christos Stavrakakis committed
282
v0.15.1
283
=======
Christos Stavrakakis's avatar
Christos Stavrakakis committed
284

285
Released: Thu May 15 13:31:37 EEST 2014
Christos Stavrakakis's avatar
Christos Stavrakakis committed
286

287 288 289 290
Synnefo-wide
------------

* Documentation: New CentOS installation guide.
Christos Stavrakakis's avatar
Christos Stavrakakis committed
291
* Handle Unicode issue in proxy requests.
292

Christos Stavrakakis's avatar
Christos Stavrakakis committed
293 294 295 296 297
Astakos
-------

* Change statistics API to expose statistics for all users and for users
  per authentication provider (users that are exclusively using a provider).
Christos Stavrakakis's avatar
Christos Stavrakakis committed
298 299 300 301
* Fix minor problem in weblogin, which could lead to unexpected exception
* Fix Authenticate Identity API call with trailing slash, which used to fail
  with 405 (Method not allowed)

Christos Stavrakakis's avatar
Christos Stavrakakis committed
302 303 304 305 306 307 308 309
Cyclades
--------

* Fix bug in snf-dispatcher that could result in unsynced NICs between
  Cyclades and Ganeti.
* Support queries by IPv6 address in helpdesk app.
* Extend statistics API with detailed information about Ganeti clusters,
  virtual servers and networks, public IPv4 pools and images.
310 311
* Allow creation of ports with existing floating IPs from networks that are
  marked as drained.
Christos Stavrakakis's avatar
Christos Stavrakakis committed
312

Christos Stavrakakis's avatar
Christos Stavrakakis committed
313 314 315 316 317 318 319
Cyclades UI
-----------

* Include icons for Oracle Linux OS (oraclelinux)
* Include a null gateway IP when creating subnets for private networks to
  override the default gateway IP of Neutron API.

320 321 322 323 324 325
Pithos
------

* Support selectable storage backend

  * new settings:
Christos Stavrakakis's avatar
Christos Stavrakakis committed
326 327
   - PITHOS_BACKEND_STORAGE: Possible values are 'nfs' and 'rados'.
   - PITHOS_RADOS_CEPH_CONF: The Ceph configuration file.
328 329

* Remove unused variable PITHOS_RADOS_STORAGE
Christos Stavrakakis's avatar
Christos Stavrakakis committed
330 331 332 333 334
* Add 'pithos-sync-rados.sh' shell script in Pithos tools,
  a Pithos object synchronization tool from NFS to Rados.
* Fix missing Content-Disposition header in object response, which caused
  publicly shared objects to be saved with a meaningless name
  (without extension)
335 336


337
.. _Changelog-0.15:
338

339 340
v0.15
=====
341

342
Released: Mon Mar 10 14:01:32 EET 2014
343 344


345 346 347 348 349
Synnefo-wide
------------

* Integrate Pithos tests in continuous integration.

350
* Change astakosclient to accept AUTH_URL instead of BASE_URL
351 352 353 354 355 356 357
  ASTAKOS_BASE_URL settings has been removed from Pithos and Cyclades
  and has been replaced with ASTAKOS_AUTH_URL. Both Pithos and Cyclades
  proxy the Astakos services under ASTAKOS_PROXY_PREFIX path.
  ASTAKOS_PROXY_PREFIX by default has a value of '_astakos'.
  More specifically, Astakos' identity service is proxied under
  '_astakos/identity', Astakos' account service is under '_astakos/account'
  and Astakos' ui service is under '_astakos/ui'.
358

359
* Add 'mail_admins' handler to 'django.request' logger in order to send email
360
  notifications to users listed in 'ADMINS' setting about unhandled exceptions
361 362
  in the code.

363 364
* Extend astakosclient to request and validate OAuth 2.0 access tokens

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
365 366 367
* Change response status code from 400 (Bad Request) to 405 (Not allowed
  method) in case of an unexpected request method.

368 369 370 371 372 373 374
Astakos
-------

* Changes in project schema:

  * A Project entry is created when submitting an application for a new
    project, rather than on approval. Its state is dependent on the state
375 376
    of its `reference' application (current definition). Lock Project rather
    than Chain (the latter is semantically obsolete).
377

378 379 380 381
  * Project states "Active - Pending" and "Suspended - Pending" have been
    removed. In management command `project-list', the existence of a pending
    modification is indicated by a non-blank `Pending AppID'.

382
  * Improve recording of project, application, and membership actions.
383

384
* Implement API calls for projects.
385 386 387 388 389
* Store the base URL of a component. Deployer should provide it when adding
  a new component. Service endpoints originating from a component are
  expected to match its base URL; otherwise, a warning is issued.
  Re-registration with `snf-component-register' affects both the base and
  the ui URL.
390 391 392 393 394 395 396 397 398 399 400 401 402 403 404
* Changes in resource and quota handling:

  * New resources are registered with unlimited default base quota,
    represented by 2**63-1.
  * Each newly accepted user copies the default value for all resources
    as their own base quota. A base quota is considered 'custom' if its
    value differs from the default.
  * Changing resource's default quota affects the base quota *only* of
    future users.
  * Resource definition got flags 'api_visible' and 'ui_visible',
    replacing flag 'allow_in_projects'. They control whether a user can
    access these resources. The system internally always accounts for
    all resources, and a user can get off quota even for a resource that
    is not visible.

405 406
* Remove API call GET /account/v1.0/authenticate in favor of
  POST /identity/v2.0/tokens.
407
* Export basic statistics about Astakos service at the '/admin/stats/detail' API
408 409
  endpoint. Access to this endpoint is only allowed to users that belong to
  the Astakos groups that are defined in the
410
  'ASTAKOS_ADMIN_STATS_PERMITTED_GROUPS' setting. Statistics are also available
411
  through the 'snf-manage stats-astakos' management command.
412 413 414
* Implement OAuth 2.0 Authorization Code Grant
  Add API calls for authorization code and access token generation
* Add API call for validating OAuth 2.0 access tokens
415
* **Shibboleth module** Extract unique identifier from the
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
416
  ``REMOTE_USER`` header.
417 418
* Automatically fill third-party signup form fields when available by the
  the third-party provider.
419
* Management commands:
420

421
  * Introduced new commands:
422 423 424 425 426 427 428 429

    * component-show
    * quota-list (replacing quota, supports various filters)
    * quota-verify (replacing quota)
    * oauth2-client-add (register OAuth 2.0 client)
    * oauth2-client-list (list registered oauth 2.0 clients)
    * oauth2-client-remove (remove OAuth 2.0 client)

430
  * Changed commands:
431 432 433 434 435 436

    * component-add got options --base-url and --ui-url
    * resource-modify --limit became --default-quota
    * user-modify can operate on multiple users with --all and --exclude
    * user-modify --set-base-quota became --base-quota

437
  * Removed commands:
438 439 440 441 442 443 444 445 446

    * quota
    * resource-import (subsumed by service-import)
    * resource-export-astakos (subsumed by service-export-astakos)

* Fix request authorization code failures due to Unicode issue:
  https://code.grnet.gr/issues/4971
* Omit validation issues for non-required metadata values received from the
  third-party authentication provider.
447

448 449 450
Cyclades
--------

451 452 453
* Major changes to Cyclades networks:

  * Implement 'cyclades_network' service, containing the /networks, /ports,
454 455 456
    /subnets and /floatingips API endpoints under '/network/v2.0'. The old
    /networks API of 'cyclades_compute' (under /compute/v2.0) is
    removed.
457 458 459 460 461
  * Implement `snf-manage subnet-{create, list, modify, inspect}' management
    commands for handling of subnets.
  * Implement `snf-manage port-{create, list, remove, inspect}' management
    commands for handling of ports.
  * Add two new settings, 'CYCLADES_FORCED_SERVER_NETWORKS' and
462 463
    'CYCLADES_DEFAULT_SERVER_NETWORKS' to control the networks that newly
    created servers will be connected.
464 465 466 467 468 469

* Implement Floating IP addresses, which are IPv4 addresses that can be
  dynamically added and removed to a running server.

  * Add new 'cyclades.floating_ip' resource.
  * Implement 'snf-manage floating-ip-{create,list,remove,attach,detach}'
470
    management commands to handle floating IPs.
471 472
  * Add 'floating_ip_pool' attribute to networks to mark networks that can
    be used as floating IP pools.
Christos Stavrakakis's avatar
Christos Stavrakakis committed
473 474 475 476

* Implement 'resize' server action.

  * Implement the 'resize' server action, to change the flavor of a server.
477
    Only 'cpu' and 'memory' resizing is supported.
Christos Stavrakakis's avatar
Christos Stavrakakis committed
478

479
* Compute quotas for CPU and memory of running VMs.
480 481 482 483 484 485 486 487 488

  * Change 'cyclades.cpu' and 'cyclades.ram' resources to represent the CPU
    and RAM for running VMs. Total CPU and RAM usage is represented by new
    'cyclades.total_cpu' and 'cyclades.total_ram' resources.

* Refer to Ganeti NICs by their name instead of their index.

  * Make cyclades give a unique name to each Ganeti NIC. NICs are refered by
    their unique name and not by their index inside the VM that are connected
489
    to.
490 491 492 493 494 495 496

* Support firewall profile for all NICs of an instance. Change firewall
  settings to be filled with the unique name of the NIC. The affected settings
  are the GANETI_FIREWALL_{ENABLED, DISABLED, PROTECTED}_TAG settings.
* Add accounting for public IP addresses that is accessible via `snf-manage
  ip-list` management command and via the helpdesk app.
* Implement IPv6 only networks.
497
* Extend servers info API response with 'SNF:fqdn' attribute, and introduce
498 499
  CYCLADES_SERVERS_FQDN to set the template for servers FDQN. Remove
  'UI_VM_HOSTNAME_FORMAT' setting.
500
* Extend servers info API response with 'SNF:port_forwarding' attribute,
501
  describing port forwarding rules (DNAT) that are applied to vms. The
502 503
  description of such rules is done via the new CYCLADES_PORT_FORWARDING
  setting.
504 505
* Speed up server reconciliation, by performing parallel reconciliation for
  each backend.
506 507
* Change --dhcp option of network management commands from a flag to a boolean
  value, e.g. --dhcp=True
508
* Remove 'ARCHIPELAGO_BACKENDS' setting used to distinguish between backends
509 510
  that hosted only archipelago backends. Instead allocation is based on which
  disk-templates are enabled in each backend.
511
* Implement 'snf-manage server-remove' management command.
512 513 514 515 516 517 518
* Move reconciliation of IP pools from 'reconcile-networks' to
  'reconcile-pools'. The IP pool reconciliation does not reconcile the IP
  pools with Ganeti. Instead it checks if the pool is consistent with the
  IPs that are used by instances.
* Do not automatically release externally reserved IPs if they are released
  from a Ganeti backend. Management of externally reserved IPs must be
  performed from Cyclades with 'network-modify' command.
519
* Export basic statistics about Cyclades Service at the '/admin/stats/detail'
520 521
  API endpoint. Access to this endpoint is only allowed to users that belong
  to the Astakos groups that are defined in the 'ADMIN_STATS_PERMITTED_GROUPS'
522
  setting.  Statistics are also available through the 'snf-manage stats-cyclades'
523
  management command.
524 525 526
* Support enforcing quota through command 'enforce-resources-cyclades'.
* Remove command 'resource-export-cyclades' subsumed by
  'service-export-cyclades'.
527 528
* Obsolete PUBLIC_USE_POOL setting, since Cyclades manages IP pool for all
  type of networks.
529 530 531 532 533 534 535 536
* Encrypt / decrypt the instance id / hostname in the  stats URL in
  snf-cyclades-app and snf-stats-app, using the 'CYCLADES_STATS_SECRET_KEY'
  and 'STATS_SECRET_KEY' respectively.
* Add support for snf-vncauthproxy-1.5 and the setting
  'CYCLADES_VNCAUTHPROXY_OPTS', which configures the extra options / arguments
  needed by the newer version of snf-vncauthproxy. Support for older versions
  of snf-vncauthproxy has been dropped. See also the upgrade notes for Synnefo
  and snf-vncauthproxy-1.5.
537 538 539
* Remove 'DEFAULT_ROUTING_TABLE' setting. If a link for an IP_LESS_ROUTED
  network is not specified, the link will be uniquely named
  'snf-link-$network_id'.
540 541
* Extend flavors with 'allow_create' attribute. Flavors that have this
  attribute unset cannot be used by users to create new servers.
542 543 544 545 546
* Store each image property(metadata) as a separate Pithos metadata and check
  that the size of each property is valid.
* Fix a few occurrences of HTTP 500 errors being triggered due to insufficient
  validation of incoming requests in the Network API
* Speed up some API calls by fixing the relevant DB queries
547

548 549 550 551 552 553 554 555

Cyclades UI
-----------

- Retrieve all networks information from the introduced cyclades network
  service.
- New IPs pane from which user can manage floating IPs.
- Redesign public keys overlay as an additional pane view.
556
- Split networking configuration into an additional step in machine create
557
  wizard.
558
- Display forced networks and choices of the available floating IPs which will
559 560 561 562
  be assigned to the created machine.
- Support for machine resize action. Explicit handling when machine is started
  by displaying an utility shutdown button within the resize overlay.
- Machine IPs toggling subview in icon/single views.
563 564 565
- Replace IPv4/IPv6 with machine's FQDN in icon/single view. When no FQDN can
  be resolved display a message. Message can be configured using the introduced
  ``UI_NO_FQDN_MESSAGE``. Setting ``UI_VM_HOSTNAME_FORMAT`` has been removed
566 567 568
  and no longer used.
- Respect ``SNF:task_state`` machine attribute in order to improve machine
  status display.
569
- Append software version as a url parameter in HTML static files in order
570
  to force browser cache invalidation between versions.
571
- Configurable Google fonts base url. Fonts base url can be changed usint the
572 573 574
  ``SYNNEFO_FONTS_BASE_URL`` setting.
- Regression fix: Display reboot required notification on machine firewall
  parameters.
575
- Handling of ``GANETI_USE_HOTPLUG`` setting. Do not allow live network actions
576
  when setting is set to ``False``.
577
- Double escaping fix in machine create wizard images list and machine details
578 579
  subview.
- Fix image ordering in machine create wizard.
580 581 582
- New setting ``UI_SSH_SUPPORT_OSFAMILY_EXCLUDE_LIST``. A list of image OS
  families for which ui will disable ssh key injection in machine wizard.
- Setting ``UI_SUPPORT_SSH_OS_LIST`` removed and no longer used.
583 584 585 586
- Group public networks by name if setting ``UI_GROUP_PUBLIC_NETWORKS`` is set 
  to True.
- Setting ``UI_GROUPED_PUBLIC_NETWORK_NAME`` has been deprecated and no longer 
  used.
587
- Fix UI to filter available flavors in VM wizard
588 589


Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
590 591 592 593 594 595 596
Cyclades Userdata
-----------------

- Maximum allowed length of ssh key content. Configurable from the 
  ``USERDATA_SSH_KEY_MAX_CONTENT_SIZE`` setting.


597 598 599
Pithos
------

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617
* Rewrite tests.
* Performance optimizations in object listing.
* Introduce backend method decorator for handling transaction management if no
  transaction is initiated from the frontend.
* Fix Internal Server Errors https://code.grnet.gr/issues/4501 &
  https://code.grnet.gr/issues/4502.
* Fix REQUEST ENTITY TOO LARGE request failure during move operations
  https://code.grnet.gr/issues/4154.
* Fix FORBIDDEN request failure while listing implicitly shared objects
  https://code.grnet.gr/issues/4131.
* Fix issue with the computed size of an updated object.
* Reply with the Merkle hash in the ETag header if MD5 is deactivated.
* Reply with FORBIDDEN (403) to public listing requests performed by non path
  owners.
* Change response status to NOT FOUND (404) while trying to delete an
  already deleted object.
* Change SQLAlchemy version to 0.7
* Change view authorization
618 619 620 621 622 623
  The pithos views do not use the cookie information for user authentication.
  They request (from Astakos) and use a short-term access token for a
  specific resource.
* Remove PITHOS_ASTAKOS_COOKIE_NAME setting, since it is no longer useful
* Add PITHOS_OAUTH2_CLIENT_CREDENTIALS setting to authenticate the views with
  astakos during the resource access token generation procedure
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
624
* Add PITHOS_UNSAFE_DOMAIN setting to restrict file serving endpoints to a
625
  specific host
626
* Added new 'file-show' management command
627
* Remove command 'resource-export-pithos' subsumed by 'service-export-pithos'.
628 629 630 631 632 633 634 635 636 637 638
* Extend API to optionally enforce a specific content disposition type
  in view and public requests: https://code.grnet.gr/issues/5019

* Fix bulk operation (delete/copy/move) failures in overpopulated
  containers/folders: https://code.grnet.gr/issues/5119

* Fix performance issue due to missing index
* Fix backend open hashfile bug:
  https://code.grnet.gr/issues/5011
* Fix GET request for public path with If-None-Match
  https://code.grnet.gr/issues/5168
639

Christos Stavrakakis's avatar
Christos Stavrakakis committed
640 641 642 643 644
.. _Changelog-0.14.10:

v0.14.10
=======

645
Released: Tue Nov 26 11:03:37 EET 2013
Christos Stavrakakis's avatar
Christos Stavrakakis committed
646 647 648 649 650 651 652 653 654 655 656

Cyclades
-------

* This is the first release to support Ganeti 2.8. Support for older versions
  of Ganeti is dropped.
* Use Ganeti opportunistic locking to achive parallelized instance creations
  in the same backend. Add setting 'GANETI_USE_OPPORTUNISTIC_LOCKING' to
  enable the use of this feature.
* Fix warning message while getting object permissions to appear only when
  path is None and the object has permissions
657
* Add name to newly created NICs and the corresponding firewall tags.
658

659 660 661 662 663
.. _Changelog-0.14.9:

v0.14.9
=======

664
Released: Mon Nov 11 12:13:31 EET 2013
665 666 667 668

* Astakos: Fix minor problems with logging in the Astakos module, which could
  lead to unexpected exceptions

Christos Stavrakakis's avatar
Christos Stavrakakis committed
669 670 671 672 673
.. _Changelog-0.14.8:

v0.14.8
=======

674
Released: Fri Nov  8 17:25:08 EET 2013
Christos Stavrakakis's avatar
Christos Stavrakakis committed
675 676 677 678

Synnefo-wide
------------

679 680
* This is the first release to support Debian Wheezy along with Squeeze. You
  can mix and match nodes freely.
681
* Update Django dependency to Django>=1.2,<1.5. Django 1.4.5 is available for
682
  Squeeze through squeeze-backports.
683 684
* Since this version, Synnefo ships an example Gunicorn configuration file
  that is automatically installed at ``/etc/gunicorn.d/synnefo.example``.
Christos Stavrakakis's avatar
Christos Stavrakakis committed
685 686 687 688 689 690 691

Cyclades
--------

* On VM creation, pass the hashmap of the image (pithosmap://) instead of the
  image URL (pithos://). Access to the Pithos DB by Ganeti nodes is no longer
  required.
692 693 694 695 696 697 698 699
* Workaround race between server creation and server deletion. This will be
  fixed properly by updating Ganeti to support the 'depends' attribute for
  OP_INSTANCE_REMOVE.

Astakos
-------

* For Shibboleth logins, store all attributes along with the user in the DB.
Christos Stavrakakis's avatar
Christos Stavrakakis committed
700

701 702 703 704 705 706 707 708 709 710 711 712
.. _Changelog-0.14.7:

v0.14.7
=======

Released: Wed Sep 18 17:50:12 EEST 2013

Cyclades
--------

* Fix bug in helpdesk view

713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738
.. _Changelog-0.14.6:

v0.14.6
=======

Released: Wed Sep 18 16:18:58 EEST 2013

Pithos
------

* Substitute the PITHOS_BACKEND_QUOTA setting with two
  distinct settings: PITHOS_BACKEND_ACCOUNT_QUOTA &
  PITHOS_BACKEND_CONTAINER_QUOTA
* Set PITHOS_BACKEND_CONTAINER_QUOTA default value to 0 (unlimited)
* Fix bug that resulted in DB deadlocks.

Cyclades
--------

* Fix bug in snf-dispatcher that resulted in servers to be deleted from the
  DB even if the corresponding Ganeti job failed.

Branding
--------

* Add new BRANDING_FOOTER_EXTRA_MESSAGE setting.
739

740

741 742 743 744 745 746 747 748 749 750 751 752 753 754 755
.. _Changelog-0.14.5:

v0.14.5
=======

Released: Wed Aug  7 11:19:49 EEST 2013

Pithos
------

* Fix security issue with handling Pithos versions.


.. _Changelog-0.14.4:

756 757 758 759 760 761 762 763 764 765 766
v0.14.4
=======

Released: Mon Jul 29 12:24:22 EEST 2013

Pithos
------

* Fix bug in reconcile resources management command.


767 768 769 770 771
.. _Changelog-0.14.3:

v0.14.3
=======

772 773
Released: Thu Jul 25 12:22:47 EEST 2013

774 775 776 777 778
Synnefo-wide
------------

* Use the SYNNEFO_TRACE environmental variable to control whether the greenlet
  tracing code will get loaded or not.
Stratos Psomadakis's avatar
Stratos Psomadakis committed
779 780 781
* Split the HIDDEN_COOKIES setting in HIDDEN_HEADERS and HIDDEN_COOKIES, and
  add the MAIL_MAX_LEN setting, to limit the mail size for unhandled
  exceptions.
782 783


784 785
.. _Changelog-0.14.2:

786 787
Released: Fri Jul 12 13:13:32 EEST 2013

788 789 790 791 792 793 794 795
v0.14.2
=======

Cyclades
--------

* Add new setting PITHOS_BACKEND_POOL_SIZE, which configures the size
  of the pool of Pithos backends that are used by plankton.
796

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
797 798 799 800 801
Pithos
------

* Refactor metadata schema (table attributes) in Pithos DB to speedup current
objects by domain attribute. This is used by Plankton for listing VM images.
802

803

804
.. _Changelog-0.14:
805

806 807
v0.14
=====
808

809
Released: Tue Jun 25 14:01:19 EEST 2013
810 811 812

Synnefo-wide
------------
813

814 815
* Create 'snf_django' Python package to hold common code for all Synnefo
  components.
816

817 818 819 820 821 822 823 824 825
* Create a JSON-exportable definition document for each Synnefo Components
  (Astakos, Cyclades, Pithos, etc.) that consolidates APIs (services),
  resources, and other standardized properties (e.g. default URL prefixes).

* Standardize URLs for Synnefo Components, impose structure and naming
  conventions to related settings. Make each component deployable under
  a user-configurable <COMPONENT>_BASE_URL. Each API (compute, image, etc.)
  is deployable under a developer-configurable prefix beneath BASE_URL.

826
* Deprecate CLOUDBAR_ACTIVE_SERVICE setting from all apps.
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
827 828 829

* Common synnefo 404/500 templates (located in snf-webproject)

830 831
Astakos
-------
832

833
* Redesign of the accounting system (quotaholder) and integration into
834
  Astakos.
835 836 837 838 839 840 841 842 843 844 845 846

  * Simplified the quotaholder model; removed tables Entity and Policy; now
    table Holding contains limit and usage for every holding.
  * Extended table Holding, so that we can keep track of quota for every
    valid combination of holder (e.g. user), resource, and source (e.g. the
    default system or some specific project).
  * Refactored code for issuing and resolving commissions for robustness;
    added a 'force' option to bypass the upper limit check when issuing a
    commission.
  * Simplified syncing to the quotaholder; removed fields from models
    Project and ProjectMembership, previously needed for syncing; removed
    state PROJECT_DEACTIVATED from ProjectMembership.
847 848 849
  * Removed settings ASTAKOS_QUOTAHOLDER_URL, ASTAKOS_QUOTAHOLDER_TOKEN,
    and ASTAKOS_QUOTAHOLDER_POOLSIZE.

850 851 852 853 854 855
* API-related changes:

  * Implemented API calls for quota, resources, and commissions.
  * Moved all API calls under '/account/v1.0'.
  * Implemented the keystone API call POST /tokens under '/identity/v2.0'.

856 857
* Service and resource specification and handling:

858 859 860 861 862 863 864
  * Specified a format for defining services along with the API endpoints
    and the resources they expose. Migrated internal resource name by
    prefixing it with service name (e.g. 'vm' becomes 'cyclades.vm');
    renamed registered service 'pithos+' to 'pithos'.
  * Specified a procedure to register a Synnefo component, its services and
    their resources in astakos and set the resources' default base quota
    limit. Removed resource definitions from settings.
865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885
  * Moved service and resource presentation data out of the respective db
    models into a separate file of UI constants.

* Converted the limit on pending applications from a setting to a quotable
  resource. Converted the related user setting to a user-specific base quota
  limit. Deprecated model UserSetting; removed setting
  ASTAKOS_PENDING_APPLICATION_LIMIT.

* Changes in locking strategy:

  * Lock only project's chain for all project operations; lock user before
    syncing to quotaholder.
  * When locking multiple rows (e.g. users or holdings) include an ORDER BY
    clause in the query to impose ordering on locking.

* Changes in views:

  * Replaced custom transaction context with a simple decorator for managing
    transactions and a context 'ExceptionHandler', which logs and suppresses
    exceptions

886 887
* Added fine grain user auth provider's policies.

888
  * Administrator can override default auth provider policies to a specific
889 890 891 892
    user or group of users.
  * Optionally a user can be assigned to a list of groups, based on the
    authentication method he choosed to signup.

893
* Removed explicit handling of SMTP errors on each email delivery. Exceptions
894 895
  are now propagated to base django exception handler.

896 897
* Email used in html/email tempaltes which prompt user to contact for service
  support prompts is now defined in ``CONTACT_EMAIL`` setting introduced in
898 899
  snf-common settings.

900 901 902 903 904
* Improvements in user activation flow

  * User moderation now takes place after the user has verified his email
    address.
  * User model enriched with additional user state fields
905
  * Split activation email from moderation process. Administrator is required
906 907
    to moderate user explicitly using the `user-modify --accept` or
    `user-modify --reject` commands.
908
  * Improved logging throught out user activation procedures.
909

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
910 911 912
* Remove deprecated AstakosUser model fields: `provider`,
  `third_party_identifier`

913
* Allow override of authentication provider messages using the following
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
914 915
  format in setting names: ``ASTAKOS_<PROVIDER_MODULE>_<MSGID>_MSG``

916
* Cloudbar automatically tries to identify the active service based on window
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
917 918 919 920
  location.

* Removing authentication provider view is now CSRF protected.

921
* New `API access` view, containing useful information to users on how to
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
922 923
  access available Synnefo services API's.

924 925
* Remove of ASTAKOS_*_EMAIL_SUBJECT settings. All email subjects are now
  defined in astakos.im.messages module. Overriding default values can be
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
926
  achieved using custom gettext files or using astakos messages settings::
927

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
928 929 930
	#change of greeting email subject
  	ASTAKOS_GREETING_EMAIL_SUBJECT_MESSAGE = 'Welcome to my cloud'

931 932
* Remove ``ASTAKOS_ACTIVATION_REDIRECT_URL`` and ``ASTAKOS_LOGIN_SUCCESS_URL``
  from astakos .conf file. Settings are dynamically computed based on
933 934
  ``ASTAKOS_BASE_URL``.

935 936
* Management commands:

937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955
  * Introduced new commands:
     * authpolicy-{add, list, remove, set, show}
     * group-{add, list}
     * component-{add, list, modify, remove}
     * reconcile-resources-astakos
     * resource-{export-astakos, import, modify}
     * service-{export-astakos, import, show}
  * Renamed commands:
     * astakos-quota to quota
     * user-update to user-modify
     * full-cleanup to cleanup-full
  * Removed commands:
     * astakos-init
     * invitation-{details, list}
     * project-sync
     * resource-{add, remove}
     * service-{add, remove, token-renew, update}
     * user-invite
     * user-set-initial-quota (integrated its functionality in user-modify and quota)
956 957
  * Added quota and project-related information in user-show command; added
    membership information in project-show.
958

959 960
Cyclades
--------
961

Christos Stavrakakis's avatar
Christos Stavrakakis committed
962 963 964
* Make 'type' attribute required for network create API request.
* Networks not created to all Ganeti backends upon creation, they are instead
  created to a backend only when a VM connects to the network.
965 966
* Add 'CYCLADES_ASTAKOSCLIENT_POOLSIZE' setting which tunes the size of the
  http connection pool to astakos.
967
* Remove 'CYCLADES_USER_CATALOG_URL' and 'CYCLADES_USER_FEEDBACK_URL' settings
968 969
* Remove CYCLADES_USE_QUOTAHOLDER, CYCLADES_QUOTAHOLDER_TOKEN,
  CYCLADES_QUOTAHOLDER_URL, CYCLADES_QUOTAHOLDER_POOLSIZE settings
970 971 972 973 974
* Rename 'cyclades-usage-verify' management command to
  'reconcile-resources-cyclades'. Also, remove 'cyclades-usage-reset' command,
  which is equivalent to 'reconcile-resources-cyclades --fix'.
* Rename 'cyclades-reconcile-commissions' management command to
  'reconcile-commissions-cyclades'.
975 976 977
* Remove obsolete 'MAX_VMS_PER_USER', 'MAX_NETWORKS_PER_USER',
  "VMS_USER_QUOTA" and "NETWORKS_USER_QUOTA" settings, since their usage
  is covered by Quotaholder.
978 979 980
* Remove obsolete setting 'API_ROOT_URL', since it is being covered by
  the use of CYCLADES_BASE_URL* Remove obsolete setting 'API_ROOT_URL', since
  it is being covered by 'CYCLADES_BASE_URL'.
981 982
* Remove obsolete settings GANETI_DISK_TEMPLATES and
  DEFAULT_GANETI_DISK_TEMPLATE
983

984 985
Cyclades helpdesk
-----------------
986

987 988 989 990
* Additional start/stop vm action
* Display extend backend info in vm's view
* Fixed IP lookup

991 992
Pithos
------
993

994 995
* Remove PITHOS_AUTHENTICATION_USERS setting, which was used to override
  astakos users.
996 997
* Remove 'PITHOS_USER_CATALOG_URL', 'PITHOS_USER_FEEDBACK_URL' and
  'PITHOS_USER_LOGIN_URL' settings.
998 999
* Remove PITHOS_USE_QUOTAHOLDER, PITHOS_QUOTAHOLDER_URL,
  PITHOS_QUOTAHOLDER_TOKEN and PITHOS_ASTAKOSCLIENT_POOLSIZE
1000

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
1001 1002 1003
* Enforce container-level atomicity in (most) Pithos API calls.


1004 1005 1006 1007
Tools
-----


1008 1009 1010 1011 1012
.. _Changelog-0.13:

v0.13
=====

1013
Released: Wed Apr 10 18:52:50 EEST 2013
1014

1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044
In v0.13 the code was very heavily refactored for increased uniformity since
most of the Synnefo components have been merged into a single repository. Thus,
**just for this version** we will not document a complete Changelog (features,
fixes, improvements, issues, setting changes), but rather just copy from the
`NEWS` file with minor additions wherever needed.

Synnefo-wide
------------

* Support for pooling throughout Synnefo

  * Pooled Django DB connections, Pithos backend connections, HTTP
    connections using single `objpool` package

* Improved management commands

  * Unified codebase for output of tables in JSON, CSV

* Bring most of Synnefo code inside a single, unified repository

  * support automatic Python and Debian package builds for individual commits
  * with automatic version generation

* Overhauling of Synnefo settings: renames and refactoring, for increased
  uniformity (in progress)
* Deployment: Standardize on gunicorn, with gevent-based workers
  and use of Green threads throughout Synnefo
* Documentation: New scale-out guide, with distinct node roles,
  for mass Synnefo deployments

1045 1046 1047
Astakos
-------

1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069
* Support multiple authentication methods

  * Classic (username/password), Shibboleth, LDAP/Active Directory,
    Google, Twitter, LinkedIn
  * Users can enable/disable auth methods, and switch between them

* Introduce a UUID as a global identifier for users, throughout Synnefo

  * The UUID remains constant as the user enables/disables login methods

* Allow users to modify their email address freely
* Per-user, per-resource accounting mechanism (quotaholder)
* Full quota support, with per-user, per-resource quotas, based on quotaholder
* Projects: Users can create and join Projects

  * Projects grant extra resources to their members

* UI Enhancements for quotas and projects

  * distinct Usage tab, showing usage of individual resources
  * Project management UI
  * New Overview page
1070

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
1071 1072
* refactored/improved /login endpoint used by desktop/mobile clients.
  * endpoint url is now exposed by `weblogin` service
1073
  * clients should use unauthenticated identity/tokens api to resolve the
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
1074 1075
    endpoint url
  * view only allows redirects to `pithos://` scheme urls
1076
  * removed uuid from redirect parameters. Client should use authenticated
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
1077 1078 1079
    request to identity/tokens to retrieve user uuid.


1080 1081 1082
Cyclades
--------

1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096
* Commission resources on quotaholder/Astakos
* Support mass creation of flavors
* Support for the ExtStorage disk template in Ganeti
* Query and report quotas in the UI
* Pass VM configuration parameters over a VM-side API (`vmapi`)

  * Do not pass sensitive data as Ganeti OS parameters
  * Keep sensitive data in memory caches (memcached) and
    never allow them to hit the disk

* Display additional backend information in helpdesk machines list
* Allow helpdesk users to search for an account using a known machine id
* Helpdesk actions are now logged using the synnefo's common login
  infrastructure
1097

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
1098 1099 1100
UI
^^
* Removed feedback endpoint. Feedback requests delegate to astakos feedback
1101
  service. ``FEEDBACK_CONTACTS``, ``FEEDBACK_EMAIL_FROM`` settings removed,
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
1102
  and no longer used.
1103
* ``UI_LOGIN_URL``, ``UI_GLANCE_URL``, ``COMPUTE_URL`` settings no longer
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
1104 1105
  required to be set and are dynamically computed based on ``ASTAKOS_BASE_URL``
  and ``CYCLADES_BASE_URL`` settings.
1106
* File group is no longer included in ssh keys personality metadata sent in
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
1107
  create vm calls.
1108

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
1109

1110 1111 1112
Pithos
------

1113
* Support storage of blocks on a RADOS backend, for Archipelago
1114 1115 1116 1117

  * new settings:
    PITHOS_RADOS_STORAGE, PITHOS_RADOS_POOL_BLOCKS, PITHOS_RADOS_POOL_MAPS

1118
* X-Object-Public now contains full url (domain + proper component prefix +
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
1119 1120
  file path)

1121
* Rewritten support for public URLs, with admin-selectable length
1122

1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142
  * new settings:
    PITHOS_PUBLIC_URL_SECURITY, PITHOS_PUBLIC_URL_ALPHABET

* Enable pithos backend to use external quotaholder component

  * new settings:
    PITHOS_USE_QUOTAHOLDER, PITHOS_QUOTAHOLDER_URL, PITHOS_QUOTAHOLDER_TOKEN,
    PITHOS_QUOTAHOLDER_POOLSIZE

* Moderated version debiting mechanism

  * new setting:
    PITHOS_BACKEND_FREE_VERSIONING

* Proxy Astakos user-visible services

  * new settings:
    PITHOS_PROXY_USER_SERVICES, PITHOS_USER_CATALOG_URL,
    PITHOS_USER_FEEDBACK_URL, PITHOS_USER_LOGIN_URL

1143
Tools
1144 1145
-----

1146
* Extend snf-burnin to include testing of Pithos functionality