Revision 884aadb8 Changelog
b/Changelog | ||
---|---|---|
87 | 87 |
|
88 | 88 |
* Add API call for validating OAuth 2.0 access tokens |
89 | 89 |
|
90 |
* **Shibboleth module** Extract unique identifier from the
|
|
90 |
* **Shibboleth module** Extract unique identifier from the |
|
91 | 91 |
``REMOTE_USER`` header. |
92 | 92 |
|
93 |
* Automatically fill third party signup form fields when available by the
|
|
93 |
* Automatically fill third party signup form fields when available by the |
|
94 | 94 |
the third party provider. |
95 | 95 |
|
96 | 96 |
* Management commands: |
97 |
|
|
97 | 98 |
* Introduced new commands: |
98 |
* component-show
|
|
99 |
* quota-list (replacing quota, supports various filters)
|
|
100 |
* quota-verify (replacing quota)
|
|
101 |
* oauth2-client-add (register OAuth 2.0 client)
|
|
102 |
* oauth2-client-list (list registered oauth 2.0 clients)
|
|
103 |
* oauth2-client-remove (remove OAuth 2.0 client)
|
|
99 |
* component-show
|
|
100 |
* quota-list (replacing quota, supports various filters)
|
|
101 |
* quota-verify (replacing quota)
|
|
102 |
* oauth2-client-add (register OAuth 2.0 client) |
|
103 |
* oauth2-client-list (list registered oauth 2.0 clients) |
|
104 |
* oauth2-client-remove (remove OAuth 2.0 client) |
|
104 | 105 |
* Changed commands: |
105 |
* component-add got options --base-url and --ui-url
|
|
106 |
* resource-modify --limit became --default-quota
|
|
107 |
* user-modify can operate on multiple users with --all and --exclude
|
|
108 |
* user-modify --set-base-quota became --base-quota
|
|
106 |
* component-add got options --base-url and --ui-url
|
|
107 |
* resource-modify --limit became --default-quota
|
|
108 |
* user-modify can operate on multiple users with --all and --exclude
|
|
109 |
* user-modify --set-base-quota became --base-quota
|
|
109 | 110 |
* Removed commands: |
110 |
* quota
|
|
111 |
* resource-import (subsumed by service-import)
|
|
112 |
* resource-export-astakos (subsumed by service-export-astakos)
|
|
111 |
* quota
|
|
112 |
* resource-import (subsumed by service-import)
|
|
113 |
* resource-export-astakos (subsumed by service-export-astakos)
|
|
113 | 114 |
|
114 | 115 |
Cyclades |
115 | 116 |
-------- |
... | ... | |
117 | 118 |
* Major changes to Cyclades networks: |
118 | 119 |
|
119 | 120 |
* Implement 'cyclades_network' service, containing the /networks, /ports, |
120 |
/subnets and /floatingips API endpoints under '/network/v2.0'. |
|
121 |
The old /networks API of 'cyclades_compute' (under /compute/v2.0) is
|
|
122 |
removed.
|
|
121 |
/subnets and /floatingips API endpoints under '/network/v2.0'. The old
|
|
122 |
/networks API of 'cyclades_compute' (under /compute/v2.0) is
|
|
123 |
removed.
|
|
123 | 124 |
* Implement `snf-manage subnet-{create, list, modify, inspect}' management |
124 | 125 |
commands for handling of subnets. |
125 | 126 |
* Implement `snf-manage port-{create, list, remove, inspect}' management |
126 | 127 |
commands for handling of ports. |
127 | 128 |
* Add two new settings, 'CYCLADES_FORCED_SERVER_NETWORKS' and |
128 |
'CYCLADES_DEFAULT_SERVER_NETWORKS' to control the networks that newly
|
|
129 |
created servers will be connected.
|
|
129 |
'CYCLADES_DEFAULT_SERVER_NETWORKS' to control the networks that newly
|
|
130 |
created servers will be connected.
|
|
130 | 131 |
|
131 | 132 |
* Implement Floating IP addresses, which are IPv4 addresses that can be |
132 | 133 |
dynamically added and removed to a running server. |
133 | 134 |
|
134 | 135 |
* Add new 'cyclades.floating_ip' resource. |
135 | 136 |
* Implement 'snf-manage floating-ip-{create,list,remove,attach,detach}' |
136 |
management commands to handle floating IPs.
|
|
137 |
management commands to handle floating IPs.
|
|
137 | 138 |
* Add 'floating_ip_pool' attribute to networks to mark networks that can |
138 | 139 |
be used as floating IP pools. |
139 | 140 |
|
140 | 141 |
* Implement 'resize' server action. |
141 | 142 |
|
142 | 143 |
* Implement the 'resize' server action, to change the flavor of a server. |
143 |
Only 'cpu' and 'memory' resizing is supported. |
|
144 |
Only 'cpu' and 'memory' resizing is supported.
|
|
144 | 145 |
|
145 | 146 |
* Compute quotas for CPU and memory of running vms. |
146 | 147 |
|
... | ... | |
152 | 153 |
|
153 | 154 |
* Make cyclades give a unique name to each Ganeti NIC. NICs are refered by |
154 | 155 |
their unique name and not by their index inside the VM that are connected |
155 |
to.
|
|
156 |
to.
|
|
156 | 157 |
|
157 | 158 |
* Support firewall profile for all NICs of an instance. Change firewall |
158 | 159 |
settings to be filled with the unique name of the NIC. The affected settings |
... | ... | |
212 | 213 |
service. |
213 | 214 |
- New IPs pane from which user can manage floating IPs. |
214 | 215 |
- Redesign public keys overlay as an additional pane view. |
215 |
- Split networking configuration into an additional step in machine create
|
|
216 |
- Split networking configuration into an additional step in machine create |
|
216 | 217 |
wizard. |
217 |
- Display forced networks and choices of the available floating IPs which will
|
|
218 |
- Display forced networks and choices of the available floating IPs which will |
|
218 | 219 |
be assigned to the created machine. |
219 | 220 |
- Support for machine resize action. Explicit handling when machine is started |
220 | 221 |
by displaying an utility shutdown button within the resize overlay. |
221 | 222 |
- Machine IPs toggling subview in icon/single views. |
222 |
- Replace IPv4/IPv6 with machine's FQDN in icon/single view. When no FQDN can
|
|
223 |
be resolved display a message. Message can be configured using the introduced
|
|
224 |
``UI_NO_FQDN_MESSAGE``. Setting ``UI_VM_HOSTNAME_FORMAT`` has been removed
|
|
223 |
- Replace IPv4/IPv6 with machine's FQDN in icon/single view. When no FQDN can |
|
224 |
be resolved display a message. Message can be configured using the introduced |
|
225 |
``UI_NO_FQDN_MESSAGE``. Setting ``UI_VM_HOSTNAME_FORMAT`` has been removed |
|
225 | 226 |
and no longer used. |
226 | 227 |
- Respect ``SNF:task_state`` machine attribute in order to improve machine |
227 | 228 |
status display. |
228 |
- Append software version as a url parameter in HTML static files in order
|
|
229 |
- Append software version as a url parameter in HTML static files in order |
|
229 | 230 |
to force browser cache invalidation between versions. |
230 |
- Configurable Google fonts base url. Fonts base url can be changed usint the
|
|
231 |
- Configurable Google fonts base url. Fonts base url can be changed usint the |
|
231 | 232 |
``SYNNEFO_FONTS_BASE_URL`` setting. |
232 | 233 |
- Regression fix: Display reboot required notification on machine firewall |
233 | 234 |
parameters. |
234 |
- Handling of ``GANETI_USE_HOTPLUG`` setting. Do not allow live network actions
|
|
235 |
- Handling of ``GANETI_USE_HOTPLUG`` setting. Do not allow live network actions |
|
235 | 236 |
when setting is set to ``False``. |
236 |
- Double escaping fix in machine create wizard images list and machine details
|
|
237 |
- Double escaping fix in machine create wizard images list and machine details |
|
237 | 238 |
subview. |
238 | 239 |
- Fix image ordering in machine create wizard. |
239 |
- New setting ``UI_SUPPORT_SSH_OS_FAMILY_LIST``. A list of image OS families
|
|
240 |
- New setting ``UI_SUPPORT_SSH_OS_FAMILY_LIST``. A list of image OS families |
|
240 | 241 |
for which ui will enable ssh key injection in machine wizard. |
241 | 242 |
|
242 | 243 |
|
... | ... | |
244 | 245 |
------ |
245 | 246 |
|
246 | 247 |
* Rewrite tests. |
247 |
|
|
248 | 248 |
* Performance optimizations in object listing. |
249 |
|
|
250 | 249 |
* Introduce backend method decorator for handling transaction management if no |
251 | 250 |
transaction is initiated from the frontend. |
252 |
|
|
253 | 251 |
* Fix Internal Server Errors https://code.grnet.gr/issues/4501 & |
254 | 252 |
https://code.grnet.gr/issues/4502. |
255 |
|
|
256 | 253 |
* Fix REQUEST ENTITY TOO LARGE request failure during move operations |
257 | 254 |
https://code.grnet.gr/issues/4154. |
258 |
|
|
259 | 255 |
* Fix FORBIDDEN request failure while listing implicitly shared objects |
260 | 256 |
https://code.grnet.gr/issues/4131. |
261 |
|
|
262 | 257 |
* Fix issue with the computed size of an updated object. |
263 |
|
|
264 | 258 |
* Reply with the Merkle hash in the ETag header if MD5 is deactivated. |
265 |
|
|
266 | 259 |
* Reply with FORBIDDEN (403) to public listing requests performed by non path |
267 | 260 |
owners. |
268 |
|
|
269 | 261 |
* Change response status to NOT FOUND (404) while trying to delete an |
270 | 262 |
already deleted object. |
271 |
|
|
272 | 263 |
* Change SQLAlchemy version to 0.7 |
273 |
|
|
274 | 264 |
* Change view authorization |
275 | 265 |
The pithos views do not use the cookie information for user authentication. |
276 | 266 |
They request (from Astakos) and use a short-term access token for a |
277 | 267 |
specific resource. |
278 |
|
|
279 | 268 |
* Remove PITHOS_ASTAKOS_COOKIE_NAME setting, since it is no longer useful |
280 |
|
|
281 | 269 |
* Add PITHOS_OAUTH2_CLIENT_CREDENTIALS setting to authenticate the views with |
282 | 270 |
astakos during the resource access token generation procedure |
283 |
|
|
284 | 271 |
* Add PITHOS_UNSAFE_DOMAIN setting to restrict file serving endpoints to a |
285 | 272 |
specific host |
286 |
|
|
287 |
* Management commands: |
|
288 |
* Introduced new command: |
|
289 |
* file-show |
|
290 |
|
|
273 |
* Added new 'file-show' management command |
|
291 | 274 |
* Remove command 'resource-export-pithos' subsumed by 'service-export-pithos'. |
292 | 275 |
|
293 | 276 |
.. _Changelog-0.14.10: |
... | ... | |
476 | 459 |
a user-configurable <COMPONENT>_BASE_URL. Each API (compute, image, etc.) |
477 | 460 |
is deployable under a developer-configurable prefix beneath BASE_URL. |
478 | 461 |
|
479 |
* Deprecate CLOUDBAR_ACTIVE_SERVICE setting from all apps.
|
|
462 |
* Deprecate CLOUDBAR_ACTIVE_SERVICE setting from all apps. |
|
480 | 463 |
|
481 | 464 |
* Common synnefo 404/500 templates (located in snf-webproject) |
482 | 465 |
|
... | ... | |
538 | 521 |
|
539 | 522 |
* Added fine grain user auth provider's policies. |
540 | 523 |
|
541 |
* Administrator can override default auth provider policies to a specific
|
|
524 |
* Administrator can override default auth provider policies to a specific |
|
542 | 525 |
user or group of users. |
543 | 526 |
* Optionally a user can be assigned to a list of groups, based on the |
544 | 527 |
authentication method he choosed to signup. |
545 | 528 |
|
546 |
* Removed explicit handling of SMTP errors on each email delivery. Exceptions
|
|
529 |
* Removed explicit handling of SMTP errors on each email delivery. Exceptions |
|
547 | 530 |
are now propagated to base django exception handler. |
548 | 531 |
|
549 |
* Email used in html/email tempaltes which prompt user to contact for service
|
|
550 |
support prompts is now defined in ``CONTACT_EMAIL`` setting introduced in
|
|
532 |
* Email used in html/email tempaltes which prompt user to contact for service |
|
533 |
support prompts is now defined in ``CONTACT_EMAIL`` setting introduced in |
|
551 | 534 |
snf-common settings. |
552 | 535 |
|
553 | 536 |
* Improvements in user activation flow |
... | ... | |
555 | 538 |
* User moderation now takes place after the user has verified his email |
556 | 539 |
address. |
557 | 540 |
* User model enriched with additional user state fields |
558 |
* Split activation email from moderation process. Administrator is required
|
|
541 |
* Split activation email from moderation process. Administrator is required |
|
559 | 542 |
to moderate user explicitly using the `user-modify --accept` or |
560 | 543 |
`user-modify --reject` commands. |
561 | 544 |
* Improved logging throught out user activation procedures. |
... | ... | |
563 | 546 |
* Remove deprecated AstakosUser model fields: `provider`, |
564 | 547 |
`third_party_identifier` |
565 | 548 |
|
566 |
* Allow override of authentication provider messages using the following
|
|
549 |
* Allow override of authentication provider messages using the following |
|
567 | 550 |
format in setting names: ``ASTAKOS_<PROVIDER_MODULE>_<MSGID>_MSG`` |
568 | 551 |
|
569 |
* Cloudbar automatically tries to identify the active service based on window
|
|
552 |
* Cloudbar automatically tries to identify the active service based on window |
|
570 | 553 |
location. |
571 | 554 |
|
572 | 555 |
* Removing authentication provider view is now CSRF protected. |
573 | 556 |
|
574 |
* New `API access` view, containing useful information to users on how to
|
|
557 |
* New `API access` view, containing useful information to users on how to |
|
575 | 558 |
access available Synnefo services API's. |
576 | 559 |
|
577 |
* Remove of ASTAKOS_*_EMAIL_SUBJECT settings. All email subjects are now
|
|
578 |
defined in astakos.im.messages module. Overriding default values can be
|
|
560 |
* Remove of ASTAKOS_*_EMAIL_SUBJECT settings. All email subjects are now |
|
561 |
defined in astakos.im.messages module. Overriding default values can be |
|
579 | 562 |
achieved using custom gettext files or using astakos messages settings:: |
580 |
|
|
563 |
|
|
581 | 564 |
#change of greeting email subject |
582 | 565 |
ASTAKOS_GREETING_EMAIL_SUBJECT_MESSAGE = 'Welcome to my cloud' |
583 | 566 |
|
584 |
* Remove ``ASTAKOS_ACTIVATION_REDIRECT_URL`` and ``ASTAKOS_LOGIN_SUCCESS_URL``
|
|
585 |
from astakos .conf file. Settings are dynamically computed based on
|
|
567 |
* Remove ``ASTAKOS_ACTIVATION_REDIRECT_URL`` and ``ASTAKOS_LOGIN_SUCCESS_URL`` |
|
568 |
from astakos .conf file. Settings are dynamically computed based on |
|
586 | 569 |
``ASTAKOS_BASE_URL``. |
587 | 570 |
|
588 | 571 |
* Management commands: |
... | ... | |
723 | 706 |
|
724 | 707 |
* refactored/improved /login endpoint used by desktop/mobile clients. |
725 | 708 |
* endpoint url is now exposed by `weblogin` service |
726 |
* clients should use unauthenticated identity/tokens api to resolve the
|
|
709 |
* clients should use unauthenticated identity/tokens api to resolve the |
|
727 | 710 |
endpoint url |
728 | 711 |
* view only allows redirects to `pithos://` scheme urls |
729 |
* removed uuid from redirect parameters. Client should use authenticated
|
|
712 |
* removed uuid from redirect parameters. Client should use authenticated |
|
730 | 713 |
request to identity/tokens to retrieve user uuid. |
731 | 714 |
|
732 | 715 |
|
... | ... | |
751 | 734 |
UI |
752 | 735 |
^^ |
753 | 736 |
* Removed feedback endpoint. Feedback requests delegate to astakos feedback |
754 |
service. ``FEEDBACK_CONTACTS``, ``FEEDBACK_EMAIL_FROM`` settings removed,
|
|
737 |
service. ``FEEDBACK_CONTACTS``, ``FEEDBACK_EMAIL_FROM`` settings removed, |
|
755 | 738 |
and no longer used. |
756 |
* ``UI_LOGIN_URL``, ``UI_GLANCE_URL``, ``COMPUTE_URL`` settings no longer
|
|
739 |
* ``UI_LOGIN_URL``, ``UI_GLANCE_URL``, ``COMPUTE_URL`` settings no longer |
|
757 | 740 |
required to be set and are dynamically computed based on ``ASTAKOS_BASE_URL`` |
758 | 741 |
and ``CYCLADES_BASE_URL`` settings. |
759 |
* File group is no longer included in ssh keys personality metadata sent in
|
|
742 |
* File group is no longer included in ssh keys personality metadata sent in |
|
760 | 743 |
create vm calls. |
761 |
|
|
744 |
|
|
762 | 745 |
|
763 | 746 |
Pithos |
764 | 747 |
------ |
... | ... | |
768 | 751 |
* new settings: |
769 | 752 |
PITHOS_RADOS_STORAGE, PITHOS_RADOS_POOL_BLOCKS, PITHOS_RADOS_POOL_MAPS |
770 | 753 |
|
771 |
* X-Object-Public now contains full url (domain + proper component prefix +
|
|
754 |
* X-Object-Public now contains full url (domain + proper component prefix + |
|
772 | 755 |
file path) |
773 | 756 |
|
774 | 757 |
* Rewritten support for public URLs, with admin-selectable length |
Also available in: Unified diff