Changelog 29.1 KB
Newer Older
1
.. _Changelog:
2 3 4 5

Unified Changelog file for Synnefo versions >= 0.13
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

6 7
Since v0.13 most of the Synnefo components have been merged into a single
repository and have aligned versions.
8

9 10
.. _Changelog-0.15rc5:

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
11 12
v0.15rc5
========
13

14
Released: Wed Feb 26 15:27:10 EET 2014
15

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
16 17 18
Astakos
-------

19
* Fix request authorization code failures due to Unicode issue:
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
20
  https://code.grnet.gr/issues/4971
21 22 23
* Omit validation issues for non-required metadata values received from the
  third party authentication provider.

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
24 25 26 27 28 29 30 31 32 33 34 35

Pithos
------

* Extend API to optionally enforce a specific content disposition type
  in view and public requests: https://code.grnet.gr/issues/5019

* Fix bulk operation (delete/copy/move) failures in overpopulated
  containers/folders: https://code.grnet.gr/issues/5119

* Fix performance issue due to missing index

36 37 38
Cyclades
--------

39 40 41 42
* Extend flavors with 'allow_create' attribute. Flavors that have this
  attribute unset cannot be used by users to create new servers.
* Store each image property(metadata) as a separate Pithos metadata and check
  that the size of each property is valid.
43
* Fix a few occurrences of HTTP 500 errors being triggered due to insufficient
44
  validation of incoming requests in the Network API
45
* Speed up some API calls by fixing the relevant DB queries
46

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
47 48 49 50 51 52 53
.. _Changelog-0.15rc4:

v0.15rc4
========

Released: Wed Jan 15 10:56:10 EET 2014

54 55 56 57 58
Synnefo-wide
------------

* Integrate Pithos tests in continuous integration.

59
* Change astakosclient to accept AUTH_URL instead of BASE_URL
60 61 62 63 64 65 66
  ASTAKOS_BASE_URL settings has been removed from Pithos and Cyclades
  and has been replaced with ASTAKOS_AUTH_URL. Both Pithos and Cyclades
  proxy the Astakos services under ASTAKOS_PROXY_PREFIX path.
  ASTAKOS_PROXY_PREFIX by default has a value of '_astakos'.
  More specifically, Astakos' identity service is proxied under
  '_astakos/identity', Astakos' account service is under '_astakos/account'
  and Astakos' ui service is under '_astakos/ui'.
67

68
* Add 'mail_admins' handler to 'django.request' logger in order to send email
69
  notifications to users listed in 'ADMINS' setting about unhandled exceptions
70 71
  in the code.

72 73
* Extend astakosclient to request and validate OAuth 2.0 access tokens

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
74 75 76
* Change response status code from 400 (Bad Request) to 405 (Not allowed
  method) in case of an unexpected request method.

77 78 79 80 81 82 83
Astakos
-------

* Changes in project schema:

  * A Project entry is created when submitting an application for a new
    project, rather than on approval. Its state is dependent on the state
84 85
    of its `reference' application (current definition). Lock Project rather
    than Chain (the latter is semantically obsolete).
86

87 88 89 90
  * Project states "Active - Pending" and "Suspended - Pending" have been
    removed. In management command `project-list', the existence of a pending
    modification is indicated by a non-blank `Pending AppID'.

91
  * Improve recording of project, application, and membership actions.
92

93 94
* Implement API calls for projects.

95 96 97 98 99 100
* Store the base URL of a component. Deployer should provide it when adding
  a new component. Service endpoints originating from a component are
  expected to match its base URL; otherwise, a warning is issued.
  Re-registration with `snf-component-register' affects both the base and
  the ui URL.

101 102 103 104 105 106 107 108 109 110 111 112 113 114 115
* Changes in resource and quota handling:

  * New resources are registered with unlimited default base quota,
    represented by 2**63-1.
  * Each newly accepted user copies the default value for all resources
    as their own base quota. A base quota is considered 'custom' if its
    value differs from the default.
  * Changing resource's default quota affects the base quota *only* of
    future users.
  * Resource definition got flags 'api_visible' and 'ui_visible',
    replacing flag 'allow_in_projects'. They control whether a user can
    access these resources. The system internally always accounts for
    all resources, and a user can get off quota even for a resource that
    is not visible.

116 117 118
* Remove API call GET /account/v1.0/authenticate in favor of
  POST /identity/v2.0/tokens.

119 120 121
* Export basic statistics about Astakos service from '/admin/stats/detail' API
  endpoint. Access to this endpoint is only allowed to users that belong to
  the Astakos groups that are defined in the
122
  'ASTAKOS_ADMIN_STATS_PERMITTED_GROUPS' setting. Statistics are also available
123 124
  from 'snf-manage stats-astakos' management command.

125 126 127 128 129
* Implement OAuth 2.0 Authorization Code Grant
  Add API calls for authorization code and access token generation

* Add API call for validating OAuth 2.0 access tokens

130
* **Shibboleth module** Extract unique identifier from the
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
131 132
  ``REMOTE_USER`` header.

133
* Automatically fill third party signup form fields when available by the
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
134 135
  the third party provider.

136
* Management commands:
137

138
  * Introduced new commands:
139 140 141 142 143 144
	* component-show
	* quota-list (replacing quota, supports various filters)
	* quota-verify (replacing quota)
	* oauth2-client-add (register OAuth 2.0 client)
	* oauth2-client-list (list registered oauth 2.0 clients)
	* oauth2-client-remove (remove OAuth 2.0 client)
145
  * Changed commands:
146 147 148 149
	* component-add got options --base-url and --ui-url
	* resource-modify --limit became --default-quota
	* user-modify can operate on multiple users with --all and --exclude
	* user-modify --set-base-quota became --base-quota
150
  * Removed commands:
151 152 153
	* quota
	* resource-import (subsumed by service-import)
	* resource-export-astakos (subsumed by service-export-astakos)
154

155 156 157
Cyclades
--------

158 159 160
* Major changes to Cyclades networks:

  * Implement 'cyclades_network' service, containing the /networks, /ports,
161 162 163
    /subnets and /floatingips API endpoints under '/network/v2.0'. The old
    /networks API of 'cyclades_compute' (under /compute/v2.0) is
    removed.
164 165 166 167 168
  * Implement `snf-manage subnet-{create, list, modify, inspect}' management
    commands for handling of subnets.
  * Implement `snf-manage port-{create, list, remove, inspect}' management
    commands for handling of ports.
  * Add two new settings, 'CYCLADES_FORCED_SERVER_NETWORKS' and
169 170
    'CYCLADES_DEFAULT_SERVER_NETWORKS' to control the networks that newly
    created servers will be connected.
171 172 173 174 175 176

* Implement Floating IP addresses, which are IPv4 addresses that can be
  dynamically added and removed to a running server.

  * Add new 'cyclades.floating_ip' resource.
  * Implement 'snf-manage floating-ip-{create,list,remove,attach,detach}'
177
    management commands to handle floating IPs.
178 179
  * Add 'floating_ip_pool' attribute to networks to mark networks that can
    be used as floating IP pools.
Christos Stavrakakis's avatar
Christos Stavrakakis committed
180 181 182 183

* Implement 'resize' server action.

  * Implement the 'resize' server action, to change the flavor of a server.
184
    Only 'cpu' and 'memory' resizing is supported.
Christos Stavrakakis's avatar
Christos Stavrakakis committed
185 186

* Compute quotas for CPU and memory of running vms.
187 188 189 190 191 192 193 194 195

  * Change 'cyclades.cpu' and 'cyclades.ram' resources to represent the CPU
    and RAM for running VMs. Total CPU and RAM usage is represented by new
    'cyclades.total_cpu' and 'cyclades.total_ram' resources.

* Refer to Ganeti NICs by their name instead of their index.

  * Make cyclades give a unique name to each Ganeti NIC. NICs are refered by
    their unique name and not by their index inside the VM that are connected
196
    to.
197 198 199 200 201 202 203

* Support firewall profile for all NICs of an instance. Change firewall
  settings to be filled with the unique name of the NIC. The affected settings
  are the GANETI_FIREWALL_{ENABLED, DISABLED, PROTECTED}_TAG settings.
* Add accounting for public IP addresses that is accessible via `snf-manage
  ip-list` management command and via the helpdesk app.
* Implement IPv6 only networks.
204
* Extend servers info API response with 'SNF:fqdn' attribute, and introduce
205 206
  CYCLADES_SERVERS_FQDN to set the template for servers FDQN. Remove
  'UI_VM_HOSTNAME_FORMAT' setting.
207
* Extend servers info API response with 'SNF:port_forwarding' attribute,
208
  describing port forwarding rules (DNAT) that are applied to vms. The
209 210
  description of such rules is done via the new CYCLADES_PORT_FORWARDING
  setting.
211 212
* Speed up server reconciliation, by performing parallel reconciliation for
  each backend.
213 214
* Change --dhcp option of network management commands from a flag to a boolean
  value, e.g. --dhcp=True
215
* Remove 'ARCHIPELAGO_BACKENDS' setting used to distinguish between backends
216 217
  that hosted only archipelago backends. Instead allocation is based on which
  disk-templates are enabled in each backend.
218
* Implement 'snf-manage server-remove' management command.
219 220 221 222 223 224 225
* Move reconciliation of IP pools from 'reconcile-networks' to
  'reconcile-pools'. The IP pool reconciliation does not reconcile the IP
  pools with Ganeti. Instead it checks if the pool is consistent with the
  IPs that are used by instances.
* Do not automatically release externally reserved IPs if they are released
  from a Ganeti backend. Management of externally reserved IPs must be
  performed from Cyclades with 'network-modify' command.
226 227 228
* Export basic statistics about Cyclades Service from '/admin/stats/detail'
  API endpoint. Access to this endpoint is only allowed to users that belong
  to the Astakos groups that are defined in the 'ADMIN_STATS_PERMITTED_GROUPS'
229
  setting.  Statistics are also available from 'snf-manage stats-cyclades'
230
  management command.
231 232 233
* Support enforcing quota through command 'enforce-resources-cyclades'.
* Remove command 'resource-export-cyclades' subsumed by
  'service-export-cyclades'.
234 235
* Obsolete PUBLIC_USE_POOL setting, since Cyclades manages IP pool for all
  type of networks.
236 237 238 239 240 241 242 243
* Encrypt / decrypt the instance id / hostname in the  stats URL in
  snf-cyclades-app and snf-stats-app, using the 'CYCLADES_STATS_SECRET_KEY'
  and 'STATS_SECRET_KEY' respectively.
* Add support for snf-vncauthproxy-1.5 and the setting
  'CYCLADES_VNCAUTHPROXY_OPTS', which configures the extra options / arguments
  needed by the newer version of snf-vncauthproxy. Support for older versions
  of snf-vncauthproxy has been dropped. See also the upgrade notes for Synnefo
  and snf-vncauthproxy-1.5.
244 245 246
* Remove 'DEFAULT_ROUTING_TABLE' setting. If a link for an IP_LESS_ROUTED
  network is not specified, the link will be uniquely named
  'snf-link-$network_id'.
247

248 249 250 251 252 253 254 255

Cyclades UI
-----------

- Retrieve all networks information from the introduced cyclades network
  service.
- New IPs pane from which user can manage floating IPs.
- Redesign public keys overlay as an additional pane view.
256
- Split networking configuration into an additional step in machine create
257
  wizard.
258
- Display forced networks and choices of the available floating IPs which will
259 260 261 262
  be assigned to the created machine.
- Support for machine resize action. Explicit handling when machine is started
  by displaying an utility shutdown button within the resize overlay.
- Machine IPs toggling subview in icon/single views.
263 264 265
- Replace IPv4/IPv6 with machine's FQDN in icon/single view. When no FQDN can
  be resolved display a message. Message can be configured using the introduced
  ``UI_NO_FQDN_MESSAGE``. Setting ``UI_VM_HOSTNAME_FORMAT`` has been removed
266 267 268
  and no longer used.
- Respect ``SNF:task_state`` machine attribute in order to improve machine
  status display.
269
- Append software version as a url parameter in HTML static files in order
270
  to force browser cache invalidation between versions.
271
- Configurable Google fonts base url. Fonts base url can be changed usint the
272 273 274
  ``SYNNEFO_FONTS_BASE_URL`` setting.
- Regression fix: Display reboot required notification on machine firewall
  parameters.
275
- Handling of ``GANETI_USE_HOTPLUG`` setting. Do not allow live network actions
276
  when setting is set to ``False``.
277
- Double escaping fix in machine create wizard images list and machine details
278 279
  subview.
- Fix image ordering in machine create wizard.
280 281 282
- New setting ``UI_SSH_SUPPORT_OSFAMILY_EXCLUDE_LIST``. A list of image OS
  families for which ui will disable ssh key injection in machine wizard.
- Setting ``UI_SUPPORT_SSH_OS_LIST`` removed and no longer used.
283 284 285 286
- Group public networks by name if setting ``UI_GROUP_PUBLIC_NETWORKS`` is set 
  to True.
- Setting ``UI_GROUPED_PUBLIC_NETWORK_NAME`` has been deprecated and no longer 
  used.
287 288


Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
289 290 291 292 293 294 295
Cyclades Userdata
-----------------

- Maximum allowed length of ssh key content. Configurable from the 
  ``USERDATA_SSH_KEY_MAX_CONTENT_SIZE`` setting.


296 297 298
Pithos
------

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316
* Rewrite tests.
* Performance optimizations in object listing.
* Introduce backend method decorator for handling transaction management if no
  transaction is initiated from the frontend.
* Fix Internal Server Errors https://code.grnet.gr/issues/4501 &
  https://code.grnet.gr/issues/4502.
* Fix REQUEST ENTITY TOO LARGE request failure during move operations
  https://code.grnet.gr/issues/4154.
* Fix FORBIDDEN request failure while listing implicitly shared objects
  https://code.grnet.gr/issues/4131.
* Fix issue with the computed size of an updated object.
* Reply with the Merkle hash in the ETag header if MD5 is deactivated.
* Reply with FORBIDDEN (403) to public listing requests performed by non path
  owners.
* Change response status to NOT FOUND (404) while trying to delete an
  already deleted object.
* Change SQLAlchemy version to 0.7
* Change view authorization
317 318 319 320 321 322
  The pithos views do not use the cookie information for user authentication.
  They request (from Astakos) and use a short-term access token for a
  specific resource.
* Remove PITHOS_ASTAKOS_COOKIE_NAME setting, since it is no longer useful
* Add PITHOS_OAUTH2_CLIENT_CREDENTIALS setting to authenticate the views with
  astakos during the resource access token generation procedure
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
323
* Add PITHOS_UNSAFE_DOMAIN setting to restrict file serving endpoints to a
324
  specific host
325
* Added new 'file-show' management command
326 327
* Remove command 'resource-export-pithos' subsumed by 'service-export-pithos'.

Christos Stavrakakis's avatar
Christos Stavrakakis committed
328 329 330 331 332
.. _Changelog-0.14.10:

v0.14.10
=======

333
Released: Tue Nov 26 11:03:37 EET 2013
Christos Stavrakakis's avatar
Christos Stavrakakis committed
334 335 336 337 338 339 340 341 342 343 344

Cyclades
-------

* This is the first release to support Ganeti 2.8. Support for older versions
  of Ganeti is dropped.
* Use Ganeti opportunistic locking to achive parallelized instance creations
  in the same backend. Add setting 'GANETI_USE_OPPORTUNISTIC_LOCKING' to
  enable the use of this feature.
* Fix warning message while getting object permissions to appear only when
  path is None and the object has permissions
345
* Add name to newly created NICs and the corresponding firewall tags.
346

347 348 349 350 351
.. _Changelog-0.14.9:

v0.14.9
=======

352
Released: Mon Nov 11 12:13:31 EET 2013
353 354 355 356

* Astakos: Fix minor problems with logging in the Astakos module, which could
  lead to unexpected exceptions

Christos Stavrakakis's avatar
Christos Stavrakakis committed
357 358 359 360 361
.. _Changelog-0.14.8:

v0.14.8
=======

362
Released: Fri Nov  8 17:25:08 EET 2013
Christos Stavrakakis's avatar
Christos Stavrakakis committed
363 364 365 366

Synnefo-wide
------------

367 368
* This is the first release to support Debian Wheezy along with Squeeze. You
  can mix and match nodes freely.
369
* Update Django dependency to Django>=1.2,<1.5. Django 1.4.5 is available for
370
  Squeeze through squeeze-backports.
371 372
* Since this version, Synnefo ships an example Gunicorn configuration file
  that is automatically installed at ``/etc/gunicorn.d/synnefo.example``.
Christos Stavrakakis's avatar
Christos Stavrakakis committed
373 374 375 376 377 378 379

Cyclades
--------

* On VM creation, pass the hashmap of the image (pithosmap://) instead of the
  image URL (pithos://). Access to the Pithos DB by Ganeti nodes is no longer
  required.
380 381 382 383 384 385 386 387
* Workaround race between server creation and server deletion. This will be
  fixed properly by updating Ganeti to support the 'depends' attribute for
  OP_INSTANCE_REMOVE.

Astakos
-------

* For Shibboleth logins, store all attributes along with the user in the DB.
Christos Stavrakakis's avatar
Christos Stavrakakis committed
388

389 390 391 392 393 394 395 396 397 398 399 400
.. _Changelog-0.14.7:

v0.14.7
=======

Released: Wed Sep 18 17:50:12 EEST 2013

Cyclades
--------

* Fix bug in helpdesk view

401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426
.. _Changelog-0.14.6:

v0.14.6
=======

Released: Wed Sep 18 16:18:58 EEST 2013

Pithos
------

* Substitute the PITHOS_BACKEND_QUOTA setting with two
  distinct settings: PITHOS_BACKEND_ACCOUNT_QUOTA &
  PITHOS_BACKEND_CONTAINER_QUOTA
* Set PITHOS_BACKEND_CONTAINER_QUOTA default value to 0 (unlimited)
* Fix bug that resulted in DB deadlocks.

Cyclades
--------

* Fix bug in snf-dispatcher that resulted in servers to be deleted from the
  DB even if the corresponding Ganeti job failed.

Branding
--------

* Add new BRANDING_FOOTER_EXTRA_MESSAGE setting.
427

428

429 430 431 432 433 434 435 436 437 438 439 440 441 442 443
.. _Changelog-0.14.5:

v0.14.5
=======

Released: Wed Aug  7 11:19:49 EEST 2013

Pithos
------

* Fix security issue with handling Pithos versions.


.. _Changelog-0.14.4:

444 445 446 447 448 449 450 451 452 453 454
v0.14.4
=======

Released: Mon Jul 29 12:24:22 EEST 2013

Pithos
------

* Fix bug in reconcile resources management command.


455 456 457 458 459
.. _Changelog-0.14.3:

v0.14.3
=======

460 461
Released: Thu Jul 25 12:22:47 EEST 2013

462 463 464 465 466
Synnefo-wide
------------

* Use the SYNNEFO_TRACE environmental variable to control whether the greenlet
  tracing code will get loaded or not.
Stratos Psomadakis's avatar
Stratos Psomadakis committed
467 468 469
* Split the HIDDEN_COOKIES setting in HIDDEN_HEADERS and HIDDEN_COOKIES, and
  add the MAIL_MAX_LEN setting, to limit the mail size for unhandled
  exceptions.
470 471


472 473
.. _Changelog-0.14.2:

474 475
Released: Fri Jul 12 13:13:32 EEST 2013

476 477 478 479 480 481 482 483
v0.14.2
=======

Cyclades
--------

* Add new setting PITHOS_BACKEND_POOL_SIZE, which configures the size
  of the pool of Pithos backends that are used by plankton.
484

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
485 486 487 488 489
Pithos
------

* Refactor metadata schema (table attributes) in Pithos DB to speedup current
objects by domain attribute. This is used by Plankton for listing VM images.
490

491

492
.. _Changelog-0.14:
493

494 495
v0.14
=====
496

497
Released: Tue Jun 25 14:01:19 EEST 2013
498 499 500

Synnefo-wide
------------
501

502 503
* Create 'snf_django' Python package to hold common code for all Synnefo
  components.
504

505 506 507 508 509 510 511 512 513
* Create a JSON-exportable definition document for each Synnefo Components
  (Astakos, Cyclades, Pithos, etc.) that consolidates APIs (services),
  resources, and other standardized properties (e.g. default URL prefixes).

* Standardize URLs for Synnefo Components, impose structure and naming
  conventions to related settings. Make each component deployable under
  a user-configurable <COMPONENT>_BASE_URL. Each API (compute, image, etc.)
  is deployable under a developer-configurable prefix beneath BASE_URL.

514
* Deprecate CLOUDBAR_ACTIVE_SERVICE setting from all apps.
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
515 516 517

* Common synnefo 404/500 templates (located in snf-webproject)

518 519
Astakos
-------
520

521
* Redesign of the accounting system (quotaholder) and integration into
522
  Astakos.
523 524 525 526 527 528 529 530 531 532 533 534

  * Simplified the quotaholder model; removed tables Entity and Policy; now
    table Holding contains limit and usage for every holding.
  * Extended table Holding, so that we can keep track of quota for every
    valid combination of holder (e.g. user), resource, and source (e.g. the
    default system or some specific project).
  * Refactored code for issuing and resolving commissions for robustness;
    added a 'force' option to bypass the upper limit check when issuing a
    commission.
  * Simplified syncing to the quotaholder; removed fields from models
    Project and ProjectMembership, previously needed for syncing; removed
    state PROJECT_DEACTIVATED from ProjectMembership.
535 536 537
  * Removed settings ASTAKOS_QUOTAHOLDER_URL, ASTAKOS_QUOTAHOLDER_TOKEN,
    and ASTAKOS_QUOTAHOLDER_POOLSIZE.

538 539 540 541 542 543
* API-related changes:

  * Implemented API calls for quota, resources, and commissions.
  * Moved all API calls under '/account/v1.0'.
  * Implemented the keystone API call POST /tokens under '/identity/v2.0'.

544 545
* Service and resource specification and handling:

546 547 548 549 550 551 552
  * Specified a format for defining services along with the API endpoints
    and the resources they expose. Migrated internal resource name by
    prefixing it with service name (e.g. 'vm' becomes 'cyclades.vm');
    renamed registered service 'pithos+' to 'pithos'.
  * Specified a procedure to register a Synnefo component, its services and
    their resources in astakos and set the resources' default base quota
    limit. Removed resource definitions from settings.
553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573
  * Moved service and resource presentation data out of the respective db
    models into a separate file of UI constants.

* Converted the limit on pending applications from a setting to a quotable
  resource. Converted the related user setting to a user-specific base quota
  limit. Deprecated model UserSetting; removed setting
  ASTAKOS_PENDING_APPLICATION_LIMIT.

* Changes in locking strategy:

  * Lock only project's chain for all project operations; lock user before
    syncing to quotaholder.
  * When locking multiple rows (e.g. users or holdings) include an ORDER BY
    clause in the query to impose ordering on locking.

* Changes in views:

  * Replaced custom transaction context with a simple decorator for managing
    transactions and a context 'ExceptionHandler', which logs and suppresses
    exceptions

574 575
* Added fine grain user auth provider's policies.

576
  * Administrator can override default auth provider policies to a specific
577 578 579 580
    user or group of users.
  * Optionally a user can be assigned to a list of groups, based on the
    authentication method he choosed to signup.

581
* Removed explicit handling of SMTP errors on each email delivery. Exceptions
582 583
  are now propagated to base django exception handler.

584 585
* Email used in html/email tempaltes which prompt user to contact for service
  support prompts is now defined in ``CONTACT_EMAIL`` setting introduced in
586 587
  snf-common settings.

588 589 590 591 592
* Improvements in user activation flow

  * User moderation now takes place after the user has verified his email
    address.
  * User model enriched with additional user state fields
593
  * Split activation email from moderation process. Administrator is required
594 595
    to moderate user explicitly using the `user-modify --accept` or
    `user-modify --reject` commands.
596
  * Improved logging throught out user activation procedures.
597

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
598 599 600
* Remove deprecated AstakosUser model fields: `provider`,
  `third_party_identifier`

601
* Allow override of authentication provider messages using the following
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
602 603
  format in setting names: ``ASTAKOS_<PROVIDER_MODULE>_<MSGID>_MSG``

604
* Cloudbar automatically tries to identify the active service based on window
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
605 606 607 608
  location.

* Removing authentication provider view is now CSRF protected.

609
* New `API access` view, containing useful information to users on how to
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
610 611
  access available Synnefo services API's.

612 613
* Remove of ASTAKOS_*_EMAIL_SUBJECT settings. All email subjects are now
  defined in astakos.im.messages module. Overriding default values can be
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
614
  achieved using custom gettext files or using astakos messages settings::
615

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
616 617 618
	#change of greeting email subject
  	ASTAKOS_GREETING_EMAIL_SUBJECT_MESSAGE = 'Welcome to my cloud'

619 620
* Remove ``ASTAKOS_ACTIVATION_REDIRECT_URL`` and ``ASTAKOS_LOGIN_SUCCESS_URL``
  from astakos .conf file. Settings are dynamically computed based on
621 622
  ``ASTAKOS_BASE_URL``.

623 624
* Management commands:

625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643
  * Introduced new commands:
     * authpolicy-{add, list, remove, set, show}
     * group-{add, list}
     * component-{add, list, modify, remove}
     * reconcile-resources-astakos
     * resource-{export-astakos, import, modify}
     * service-{export-astakos, import, show}
  * Renamed commands:
     * astakos-quota to quota
     * user-update to user-modify
     * full-cleanup to cleanup-full
  * Removed commands:
     * astakos-init
     * invitation-{details, list}
     * project-sync
     * resource-{add, remove}
     * service-{add, remove, token-renew, update}
     * user-invite
     * user-set-initial-quota (integrated its functionality in user-modify and quota)
644 645
  * Added quota and project-related information in user-show command; added
    membership information in project-show.
646

647 648
Cyclades
--------
649

Christos Stavrakakis's avatar
Christos Stavrakakis committed
650 651 652
* Make 'type' attribute required for network create API request.
* Networks not created to all Ganeti backends upon creation, they are instead
  created to a backend only when a VM connects to the network.
653 654
* Add 'CYCLADES_ASTAKOSCLIENT_POOLSIZE' setting which tunes the size of the
  http connection pool to astakos.
655
* Remove 'CYCLADES_USER_CATALOG_URL' and 'CYCLADES_USER_FEEDBACK_URL' settings
656 657
* Remove CYCLADES_USE_QUOTAHOLDER, CYCLADES_QUOTAHOLDER_TOKEN,
  CYCLADES_QUOTAHOLDER_URL, CYCLADES_QUOTAHOLDER_POOLSIZE settings
658 659 660 661 662
* Rename 'cyclades-usage-verify' management command to
  'reconcile-resources-cyclades'. Also, remove 'cyclades-usage-reset' command,
  which is equivalent to 'reconcile-resources-cyclades --fix'.
* Rename 'cyclades-reconcile-commissions' management command to
  'reconcile-commissions-cyclades'.
663 664 665
* Remove obsolete 'MAX_VMS_PER_USER', 'MAX_NETWORKS_PER_USER',
  "VMS_USER_QUOTA" and "NETWORKS_USER_QUOTA" settings, since their usage
  is covered by Quotaholder.
666 667 668
* Remove obsolete setting 'API_ROOT_URL', since it is being covered by
  the use of CYCLADES_BASE_URL* Remove obsolete setting 'API_ROOT_URL', since
  it is being covered by 'CYCLADES_BASE_URL'.
669 670
* Remove obsolete settings GANETI_DISK_TEMPLATES and
  DEFAULT_GANETI_DISK_TEMPLATE
671

672 673
Cyclades helpdesk
-----------------
674

675 676 677 678
* Additional start/stop vm action
* Display extend backend info in vm's view
* Fixed IP lookup

679 680
Pithos
------
681

682 683
* Remove PITHOS_AUTHENTICATION_USERS setting, which was used to override
  astakos users.
684 685
* Remove 'PITHOS_USER_CATALOG_URL', 'PITHOS_USER_FEEDBACK_URL' and
  'PITHOS_USER_LOGIN_URL' settings.
686 687
* Remove PITHOS_USE_QUOTAHOLDER, PITHOS_QUOTAHOLDER_URL,
  PITHOS_QUOTAHOLDER_TOKEN and PITHOS_ASTAKOSCLIENT_POOLSIZE
688

Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
689 690 691
* Enforce container-level atomicity in (most) Pithos API calls.


692 693 694 695
Tools
-----


696 697 698 699 700
.. _Changelog-0.13:

v0.13
=====

701
Released: Wed Apr 10 18:52:50 EEST 2013
702

703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732
In v0.13 the code was very heavily refactored for increased uniformity since
most of the Synnefo components have been merged into a single repository. Thus,
**just for this version** we will not document a complete Changelog (features,
fixes, improvements, issues, setting changes), but rather just copy from the
`NEWS` file with minor additions wherever needed.

Synnefo-wide
------------

* Support for pooling throughout Synnefo

  * Pooled Django DB connections, Pithos backend connections, HTTP
    connections using single `objpool` package

* Improved management commands

  * Unified codebase for output of tables in JSON, CSV

* Bring most of Synnefo code inside a single, unified repository

  * support automatic Python and Debian package builds for individual commits
  * with automatic version generation

* Overhauling of Synnefo settings: renames and refactoring, for increased
  uniformity (in progress)
* Deployment: Standardize on gunicorn, with gevent-based workers
  and use of Green threads throughout Synnefo
* Documentation: New scale-out guide, with distinct node roles,
  for mass Synnefo deployments

733 734 735
Astakos
-------

736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757
* Support multiple authentication methods

  * Classic (username/password), Shibboleth, LDAP/Active Directory,
    Google, Twitter, LinkedIn
  * Users can enable/disable auth methods, and switch between them

* Introduce a UUID as a global identifier for users, throughout Synnefo

  * The UUID remains constant as the user enables/disables login methods

* Allow users to modify their email address freely
* Per-user, per-resource accounting mechanism (quotaholder)
* Full quota support, with per-user, per-resource quotas, based on quotaholder
* Projects: Users can create and join Projects

  * Projects grant extra resources to their members

* UI Enhancements for quotas and projects

  * distinct Usage tab, showing usage of individual resources
  * Project management UI
  * New Overview page
758

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
759 760
* refactored/improved /login endpoint used by desktop/mobile clients.
  * endpoint url is now exposed by `weblogin` service
761
  * clients should use unauthenticated identity/tokens api to resolve the
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
762 763
    endpoint url
  * view only allows redirects to `pithos://` scheme urls
764
  * removed uuid from redirect parameters. Client should use authenticated
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
765 766 767
    request to identity/tokens to retrieve user uuid.


768 769 770
Cyclades
--------

771 772 773 774 775 776 777 778 779 780 781 782 783 784
* Commission resources on quotaholder/Astakos
* Support mass creation of flavors
* Support for the ExtStorage disk template in Ganeti
* Query and report quotas in the UI
* Pass VM configuration parameters over a VM-side API (`vmapi`)

  * Do not pass sensitive data as Ganeti OS parameters
  * Keep sensitive data in memory caches (memcached) and
    never allow them to hit the disk

* Display additional backend information in helpdesk machines list
* Allow helpdesk users to search for an account using a known machine id
* Helpdesk actions are now logged using the synnefo's common login
  infrastructure
785

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
786 787 788
UI
^^
* Removed feedback endpoint. Feedback requests delegate to astakos feedback
789
  service. ``FEEDBACK_CONTACTS``, ``FEEDBACK_EMAIL_FROM`` settings removed,
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
790
  and no longer used.
791
* ``UI_LOGIN_URL``, ``UI_GLANCE_URL``, ``COMPUTE_URL`` settings no longer
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
792 793
  required to be set and are dynamically computed based on ``ASTAKOS_BASE_URL``
  and ``CYCLADES_BASE_URL`` settings.
794
* File group is no longer included in ssh keys personality metadata sent in
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
795
  create vm calls.
796

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
797

798 799 800
Pithos
------

801
* Support storage of blocks on a RADOS backend, for Archipelago
802 803 804 805

  * new settings:
    PITHOS_RADOS_STORAGE, PITHOS_RADOS_POOL_BLOCKS, PITHOS_RADOS_POOL_MAPS

806
* X-Object-Public now contains full url (domain + proper component prefix +
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
807 808
  file path)

809
* Rewritten support for public URLs, with admin-selectable length
810

811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830
  * new settings:
    PITHOS_PUBLIC_URL_SECURITY, PITHOS_PUBLIC_URL_ALPHABET

* Enable pithos backend to use external quotaholder component

  * new settings:
    PITHOS_USE_QUOTAHOLDER, PITHOS_QUOTAHOLDER_URL, PITHOS_QUOTAHOLDER_TOKEN,
    PITHOS_QUOTAHOLDER_POOLSIZE

* Moderated version debiting mechanism

  * new setting:
    PITHOS_BACKEND_FREE_VERSIONING

* Proxy Astakos user-visible services

  * new settings:
    PITHOS_PROXY_USER_SERVICES, PITHOS_USER_CATALOG_URL,
    PITHOS_USER_FEEDBACK_URL, PITHOS_USER_LOGIN_URL

831
Tools
832 833
-----

834
* Extend snf-burnin to include testing of Pithos functionality