From fbad538d21688c6e76f2196bd599ff1b22f12582 Mon Sep 17 00:00:00 2001
From: John Dickinson <me@not.mn>
Date: Wed, 12 Dec 2018 10:21:07 -0800
Subject: [PATCH] authors/changelog for 2.20.0 release
Change-Id: I149cb14cbfef456b6368564dae8529faf430333d
---
.mailmap | 1 +
AUTHORS | 13 +-
CHANGELOG | 106 ++++++++++++++++
.../2_20_0_release-7b090a5f4bd916e4.yaml | 116 ++++++++++++++++++
4 files changed, 234 insertions(+), 2 deletions(-)
create mode 100644 releasenotes/notes/2_20_0_release-7b090a5f4bd916e4.yaml
diff --git a/.mailmap b/.mailmap
index 046a19d8fb..08ae9e4b97 100644
--- a/.mailmap
+++ b/.mailmap
@@ -125,3 +125,4 @@ Bryan Keller <kellerbr@us.ibm.com>
Doug Hellmann <doug@doughellmann.com> <doug.hellmann@dreamhost.com>
zhangdebo1987 <zhangdebo@inspur.com> zhangdebo
Thomas Goirand <thomas@goirand.fr> <zigo@debian.org>
+Thiago da Silva <thiagodasilva@gmail.com> <thiago@redhat.com>
diff --git a/AUTHORS b/AUTHORS
index a41bed0925..c4f4fc0faf 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -88,6 +88,7 @@ chenaidong1 (chen.aidong@zte.com.cn)
cheng (li.chenga@h3c.com)
Cheng Li (shcli@cn.ibm.com)
chengebj5238 (chengebj@inspur.com)
+chenxiangui (chenxiangui@inspur.com)
Chmouel Boudjnah (chmouel@enovance.com)
Chris Wedgwood (cw@f00f.org)
Christian Berendt (berendt@b1-systems.de)
@@ -106,6 +107,7 @@ Constantine Peresypkin (constantine.peresypk@rackspace.com)
Corey Bryant (corey.bryant@canonical.com)
Cory Wright (cory.wright@rackspace.com)
Cristian A Sanchez (cristian.a.sanchez@intel.com)
+Cyril Roelandt (cyril@redhat.com)
Dae S. Kim (dae@velatum.com)
Daisuke Morita (morita.daisuke@ntti3.com)
Dan Dillinger (dan.dillinger@sonian.net)
@@ -152,6 +154,7 @@ Eugene Kirpichov (ekirpichov@gmail.com)
Ewan Mellor (ewan.mellor@citrix.com)
Fabien Boucher (fabien.boucher@enovance.com)
Falk Reimann (falk.reimann@sap.com)
+FatemaKhalid (fatemakhalid96@gmail.com)
Felipe Reyes (freyes@tty.cl)
Ferenc Horváth (hferenc@inf.u-szeged.hu)
Filippo Giunchedi (fgiunchedi@wikimedia.org)
@@ -329,10 +332,12 @@ Ricardo Ferreira (ricardo.sff@gmail.com)
Richard Hawkins (richard.hawkins@rackspace.com)
Robert Francis (robefran@ca.ibm.com)
Robin Naundorf (r.naundorf@fh-muenster.de)
+Romain de Joux (romain.de-joux@corp.ovh.com)
Romain Le Disez (romain.ledisez@ovh.net)
Russ Nelson (russ@crynwr.com)
Russell Bryant (rbryant@redhat.com)
Sachin Patil (psachin@redhat.com)
+Sam Morrison (sorrison@gmail.com)
Samuel Merritt (sam@swiftstack.com)
Sarafraj Singh (Sarafraj.Singh@intel.com)
Sarvesh Ranjan (saranjan@cisco.com)
@@ -359,7 +364,7 @@ Sushil Kumar (sushil.kumar2@globallogic.com)
Takashi Kajinami (kajinamit@nttdata.co.jp)
Takashi Natsume (natsume.takashi@lab.ntt.co.jp)
TheSriram (sriram@klusterkloud.com)
-Thiago da Silva (thiago@redhat.com)
+Thiago da Silva (thiagodasilva@gmail.com)
Thierry Carrez (thierry@openstack.org)
Thomas Goirand (thomas@goirand.fr)
Thomas Herve (therve@redhat.com)
@@ -392,11 +397,13 @@ wangdequn (wangdequn@inspur.com)
wanghongtaozz (wanghongtaozz@inspur.com)
wanghui (wang_hui@inspur.com)
wangqi (wang.qi@99cloud.net)
+whoami-rajat (rajatdhasmana@gmail.com)
Wu Wenxiang (wu.wenxiang@99cloud.net)
Wyllys Ingersoll (wyllys.ingersoll@evault.com)
xhancar (pavel.hancar@gmail.com)
XieYingYun (smokony@sina.com)
Yaguang Wang (yaguang.wang@intel.com)
+yanghuichan (yanghc@fiberhome.com)
Yatin Kumbhare (yatinkumbhare@gmail.com)
Ye Jia Xu (xyj.asmy@gmail.com)
Yee (mail.zhang.yee@gmail.com)
@@ -406,6 +413,7 @@ yuhui_inspur (yuhui@inspur.com)
Yummy Bian (yummy.bian@gmail.com)
Yuriy Taraday (yorik.sar@gmail.com)
Yushiro FURUKAWA (y.furukawa_2@jp.fujitsu.com)
+Yuxin Wang (wang.yuxin@ostorage.com.cn)
Zack M. Davis (zdavis@swiftstack.com)
Zap Chang (zapchang@gmail.com)
Zhang Guoqing (zhang.guoqing@99cloud.net)
@@ -418,7 +426,8 @@ Zheng Yao (zheng.yao1@zte.com.cn)
zheng yin (yin.zheng@easystack.cn)
Zhenguo Niu (zhenguo@unitedstack.com)
zhengwei6082 (zhengwei6082@fiberhome.com)
+ZhijunWei (wzj334965317@outlook.com)
ZhiQiang Fan (aji.zqfan@gmail.com)
Zhongyue Luo (zhongyue.nah@intel.com)
zhufl (zhu.fanglei@zte.com.cn)
-Виль Суркин (vills@vills-pro.local)
+zhulingjie (easyzlj@gmail.com)
diff --git a/CHANGELOG b/CHANGELOG
index d4add2e0fd..b26d3eb22d 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,109 @@
+swift (2.20.0)
+
+ * S3 API compatibility updates
+
+ * Swift can now cache the S3 secret from Keystone to use for
+ subsequent requests. This functionality is disabled by default but
+ can be enabled by setting the `secret_cache_duration` in the s3token
+ section of the proxy server config to a number greater than 0.
+
+ * s3api now mimics the AWS S3 behavior of periodically sending
+ whitespace characters on a Complete Multipart Upload request to keep
+ the connection from timing out. Note that since a request could fail
+ after the initial 200 OK response has been sent, it is important to
+ check the response body to determine if the request succeeded.
+
+ * s3api now properly handles x-amz-metadata-directive headers on
+ COPY operations.
+
+ * s3api now uses concurrency (default 2) to handle multi-delete
+ requests. This allows multi-delete requests to be processed much
+ more quickly.
+
+ * s3api now mimics some forms of AWS server-side encryption
+ based on whether Swift's at-rest encryption functionality is enabled.
+ Note that S3 API users are now able to know more about how the
+ cluster is configured than they were previously, ie knowledge of
+ encryption at-rest functionality being enabled or not.
+
+ * s3api responses now include a '-' in multipart ETags.
+
+ For new multipart-uploads via the S3 API, the ETag that is
+ stored will be calculated in the same way that AWS uses. This
+ ETag will be used in GET/HEAD responses, bucket listings, and
+ conditional requests via the S3 API. Accessing the same object
+ via the Swift API will use the SLO Etag; however, in JSON
+ container listings the multipart upload etag will be exposed
+ in a new "s3_etag" key. Previously, some S3 clients would complain
+ about download corruption when the ETag did not have a '-'.
+
+ * S3 ETag for SLOs now include a '-'.
+
+ Ordinary objects in S3 use the MD5 of the object as the ETag,
+ just like Swift. Multipart Uploads follow a different format, notably
+ including a dash followed by the number of segments. To that end
+ (and for S3 API requests *only*), SLO responses via the S3 API have a
+ literal '-N' added on the end of the ETag.
+
+ * The default location is now set to "us-east-1". This is more likely
+ to be the default region that a client will try when using v4
+ signatures.
+
+ Deployers with clusters that relied on the old implicit default
+ location of "US" should explicitly set `location = US` in the
+ `[filter:s3api]` section of proxy-server.conf before upgrading.
+
+ * Add basic support for ?versions bucket listings. We still do not
+ have support for toggling S3 bucket versioning, but we can at least
+ support getting the latest versions of all objects.
+
+ * Fixed an issue with SSYNC requests to ensure that only one request
+ can be running on a partition at a time.
+
+ * Data encryption updates
+
+ * The kmip_keymaster middleware can now be configured directly in the
+ proxy-server config file. The existing behavior of using an external
+ config file is still supported.
+
+ * Multiple keymaster middlewares are now supported. This allows
+ migration from one key provider to another.
+
+ Note that secret_id values must remain unique across all keymasters
+ in a given pipeline. If they are not unique, the right-most keymaster
+ will take precedence.
+
+ When looking for the active root secret, only the right-most
+ keymaster is used.
+
+ * Prevent PyKMIP's kmip_protocol logger from logging at DEBUG.
+ Previously, some versions of PyKMIP would include all wire
+ data when the root logger was configured to log at DEBUG; this
+ could expose key material in logs. Only the kmip_keymaster was
+ affected.
+
+ * Fixed an issue where a failed drive could prevent the container sharder
+ from making progress.
+
+ * Storage policy definitions in swift.conf can now define the diskfile
+ to use to access objects. See the included swift.conf-sample file for
+ a description of usage.
+
+ * The EC reconstructor will now attempt to remove empty directories
+ immediately, while the inodes are still cached, rather than waiting
+ until the next run.
+
+ * Added a keep_idle config option to configure KEEPIDLE time for TCP
+ sockets. The default value is the old constant of 600.
+
+ * Add databases_per_second to the account-replicator,
+ container-replicator, and container-sharder. This prevents them from
+ using a full CPU core when they are not IO limited.
+
+ * Allow direct_client users to overwrite the X-Timestamp header.
+
+ * Various other minor bug fixes and improvements.
+
swift (2.19.0, OpenStack Rocky)
* TempURLs now support IP range restrictions. Please see
diff --git a/releasenotes/notes/2_20_0_release-7b090a5f4bd916e4.yaml b/releasenotes/notes/2_20_0_release-7b090a5f4bd916e4.yaml
new file mode 100644
index 0000000000..7d15183f30
--- /dev/null
+++ b/releasenotes/notes/2_20_0_release-7b090a5f4bd916e4.yaml
@@ -0,0 +1,116 @@
+---
+features:
+ - |
+ S3 API compatibility updates
+
+ - Swift can now cache the S3 secret from Keystone to use for
+ subsequent requests. This functionality is disabled by default but
+ can be enabled by setting the ``secret_cache_duration`` in the
+ ``[filter:s3token]`` section of the proxy server config to a number
+ greater than 0.
+
+ - s3api now mimics the AWS S3 behavior of periodically sending
+ whitespace characters on a Complete Multipart Upload request to keep
+ the connection from timing out. Note that since a request could fail
+ after the initial 200 OK response has been sent, it is important to
+ check the response body to determine if the request succeeded.
+
+ - s3api now properly handles ``x-amz-metadata-directive`` headers on
+ COPY operations.
+
+ - s3api now uses concurrency (default 2) to handle multi-delete
+ requests. This allows multi-delete requests to be processed much
+ more quickly.
+
+ - s3api now mimics some forms of AWS server-side encryption
+ based on whether Swift's at-rest encryption functionality is enabled.
+ Note that S3 API users are now able to know more about how the
+ cluster is configured than they were previously, ie knowledge of
+ encryption at-rest functionality being enabled or not.
+
+ - s3api responses now include a '-' in multipart ETags.
+
+ For new multipart-uploads via the S3 API, the ETag that is
+ stored will be calculated in the same way that AWS uses. This
+ ETag will be used in GET/HEAD responses, bucket listings, and
+ conditional requests via the S3 API. Accessing the same object
+ via the Swift API will use the SLO Etag; however, in JSON
+ container listings the multipart upload etag will be exposed
+ in a new "s3_etag" key. Previously, some S3 clients would complain
+ about download corruption when the ETag did not have a '-'.
+
+ - S3 ETag for SLOs now include a '-'.
+
+ Ordinary objects in S3 use the MD5 of the object as the ETag,
+ just like Swift. Multipart Uploads follow a different format, notably
+ including a dash followed by the number of segments. To that end
+ (and for S3 API requests *only*), SLO responses via the S3 API have a
+ literal '-N' added on the end of the ETag.
+
+ - The default location is now set to "us-east-1". This is more likely
+ to be the default region that a client will try when using v4
+ signatures.
+
+ Deployers with clusters that relied on the old implicit default
+ location of "US" should explicitly set ``location = US`` in the
+ ``[filter:s3api]`` section of proxy-server.conf before upgrading.
+
+ - Add basic support for ?versions bucket listings. We still do not
+ have support for toggling S3 bucket versioning, but we can at least
+ support getting the latest versions of all objects.
+
+ - |
+ Fixed an issue with SSYNC requests to ensure that only one request
+ can be running on a partition at a time.
+
+ - |
+ Data encryption updates
+
+ - The ``kmip_keymaster`` middleware can now be configured directly in the
+ proxy-server config file. The existing behavior of using an external
+ config file is still supported.
+
+ - Multiple keymaster middlewares are now supported. This allows
+ migration from one key provider to another.
+
+ Note that ``secret_id`` values must remain unique across all keymasters
+ in a given pipeline. If they are not unique, the right-most keymaster
+ will take precedence.
+
+ When looking for the active root secret, only the right-most
+ keymaster is used.
+
+ - Prevent PyKMIP's kmip_protocol logger from logging at DEBUG.
+ Previously, some versions of PyKMIP would include all wire
+ data when the root logger was configured to log at DEBUG; this
+ could expose key material in logs. Only the ``kmip_keymaster`` was
+ affected.
+
+ - |
+ Fixed an issue where a failed drive could prevent the container sharder
+ from making progress.
+
+ - |
+ Storage policy definitions in swift.conf can now define the diskfile
+ to use to access objects. See the included swift.conf-sample file for
+ a description of usage.
+
+ - |
+ The EC reconstructor will now attempt to remove empty directories
+ immediately, while the inodes are still cached, rather than waiting
+ until the next run.
+
+ - |
+ Added a ``keep_idle`` config option to configure KEEPIDLE time for TCP
+ sockets. The default value is the old constant of 600.
+
+ - |
+ Add ``databases_per_second`` to the account-replicator,
+ container-replicator, and container-sharder. This prevents them from
+ using a full CPU core when they are not IO limited.
+
+ - |
+ Allow direct_client users to overwrite the ``X-Timestamp`` header.
+
+ - |
+ Various other minor bug fixes and improvements.