Synnefo

.. _Changelog:

Unified Changelog file for Synnefo versions >= 0.13

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Since v0.13 most of the Synnefo components have been merged into a single

repository and have aligned versions.

.. _Changelog-0.13next:

v0.13next

=========

Released: UNRELEASED

Synnefo-wide

------------

* Create 'snf_django' Python package to hold common code for all Synnefo

  components.

* Create a JSON-exportable definition document for each Synnefo Components

  (Astakos, Cyclades, Pithos, etc.) that consolidates APIs (services),

  resources, and other standardized properties (e.g. default URL prefixes).

* Standardize URLs for Synnefo Components, impose structure and naming

  conventions to related settings. Make each component deployable under

  a user-configurable <COMPONENT>_BASE_URL. Each API (compute, image, etc.)

  is deployable under a developer-configurable prefix beneath BASE_URL.

* Deprecate CLOUDBAR_ACTIVE_SERVICE setting from all apps. 

* Common synnefo 404/500 templates (located in snf-webproject)

Astakos

-------

* Redesign of the accounting system (quotaholder) and integration into

  Astakos.

  * Simplified the quotaholder model; removed tables Entity and Policy; now

    table Holding contains limit and usage for every holding.

  * Extended table Holding, so that we can keep track of quota for every

    valid combination of holder (e.g. user), resource, and source (e.g. the

    default system or some specific project).

  * Refactored code for issuing and resolving commissions for robustness;

    added a 'force' option to bypass the upper limit check when issuing a

    commission.

  * Simplified syncing to the quotaholder; removed fields from models

    Project and ProjectMembership, previously needed for syncing; removed

    state PROJECT_DEACTIVATED from ProjectMembership.

  * Removed settings ASTAKOS_QUOTAHOLDER_URL, ASTAKOS_QUOTAHOLDER_TOKEN,

    and ASTAKOS_QUOTAHOLDER_POOLSIZE.

* API-related changes:

  * Implemented API calls for quota, resources, and commissions.

  * Moved all API calls under '/account/v1.0'.

  * Implemented the keystone API call POST /tokens under '/identity/v2.0'.

* Service and resource specification and handling:

  * Specified a format for defining services along with the API endpoints

    and the resources they expose. Migrated internal resource name by

    prefixing it with service name (e.g. 'vm' becomes 'cyclades.vm');

    renamed registered service 'pithos+' to 'pithos'.

  * Specified a procedure to register a Synnefo component, its services and

    their resources in astakos and set the resources' default base quota

    limit. Removed resource definitions from settings.

  * Moved service and resource presentation data out of the respective db

    models into a separate file of UI constants.

* Converted the limit on pending applications from a setting to a quotable

  resource. Converted the related user setting to a user-specific base quota

  limit. Deprecated model UserSetting; removed setting

  ASTAKOS_PENDING_APPLICATION_LIMIT.

* Changes in locking strategy:

  * Lock only project's chain for all project operations; lock user before

    syncing to quotaholder.

  * When locking multiple rows (e.g. users or holdings) include an ORDER BY

    clause in the query to impose ordering on locking.

* Changes in views:

  * Replaced custom transaction context with a simple decorator for managing

    transactions and a context 'ExceptionHandler', which logs and suppresses

    exceptions

* Added fine grain user auth provider's policies.

  * Administrator can override default auth provider policies to a specific 

    user or group of users.

  * Optionally a user can be assigned to a list of groups, based on the

    authentication method he choosed to signup.

* Removed explicit handling of SMTP errors on each email delivery. Exceptions 

  are now propagated to base django exception handler.

* Email used in html/email tempaltes which prompt user to contact for service 

  support prompts is now defined in ``CONTACT_EMAIL`` setting introduced in 

  snf-common settings.

* Improvements in user activation flow

  * User moderation now takes place after the user has verified his email

    address.

  * User model enriched with additional user state fields

  * Split activation email from moderation process. Administrator is required 

    to moderate user explicitly using the `user-modify --accept` or

    `user-modify --reject` commands.

  * Improved logging throught out user activation procedures.

* Remove deprecated AstakosUser model fields: `provider`,

  `third_party_identifier`

* Allow override of authentication provider messages using the following 

  format in setting names: ``ASTAKOS_<PROVIDER_MODULE>_<MSGID>_MSG``

* Cloudbar automatically tries to identify the active service based on window 

  location.

* Removing authentication provider view is now CSRF protected.

* New `API access` view, containing useful information to users on how to 

  access available Synnefo services API's.

* Management commands:

  * Introduced new commands:

     * authpolicy-{add, list, remove, set, show}

     * group-{add, list}

     * component-{add, list, modify, remove}

     * reconcile-resources-astakos

     * resource-{export-astakos, import, modify}

     * service-{export-astakos, import, show}

  * Renamed commands:

     * astakos-quota to quota

     * user-update to user-modify

     * full-cleanup to cleanup-full

  * Removed commands:

     * astakos-init

     * invitation-{details, list}

     * project-sync

     * resource-{add, remove}

     * service-{add, remove, token-renew, update}

     * user-invite

     * user-set-initial-quota (integrated its functionality in user-modify and quota)

  * Added quota and project-related information in user-show command; added

    membership information in project-show.

Cyclades

--------

* Make 'type' attribute required for network create API request.

* Networks not created to all Ganeti backends upon creation, they are instead

  created to a backend only when a VM connects to the network.

* Add 'CYCLADES_ASTAKOSCLIENT_POOLSIZE' setting which tunes the size of the

  http connection pool to astakos.

* Remove 'CYCLADES_USER_CATALOG_URL' and 'CYCLADES_USER_FEEDBACK_URL' settings

* Remove CYCLADES_USE_QUOTAHOLDER, CYCLADES_QUOTAHOLDER_TOKEN,

  CYCLADES_QUOTAHOLDER_URL, CYCLADES_QUOTAHOLDER_POOLSIZE settings

* Rename 'cyclades-usage-verify' management command to

  'reconcile-resources-cyclades'. Also, remove 'cyclades-usage-reset' command,

  which is equivalent to 'reconcile-resources-cyclades --fix'.

* Rename 'cyclades-reconcile-commissions' management command to

  'reconcile-commissions-cyclades'.

* Remove obsolete 'MAX_VMS_PER_USER', 'MAX_NETWORKS_PER_USER',

  "VMS_USER_QUOTA" and "NETWORKS_USER_QUOTA" settings, since their usage

  is covered by Quotaholder.

* Remove obsolete setting 'API_ROOT_URL', since it is being covered by

  the use of CYCLADES_BASE_URL* Remove obsolete setting 'API_ROOT_URL', since

  it is being covered by 'CYCLADES_BASE_URL'.

* Remove obsolete settings GANETI_DISK_TEMPLATES and

  DEFAULT_GANETI_DISK_TEMPLATE

Cyclades helpdesk

-----------------

* Additional start/stop vm action

* Display extend backend info in vm's view

* Fixed IP lookup

Pithos

------

* Remove PITHOS_AUTHENTICATION_USERS setting, which was used to override

  astakos users.

* Remove 'PITHOS_USER_CATALOG_URL', 'PITHOS_USER_FEEDBACK_URL' and

  'PITHOS_USER_LOGIN_URL' settings.

* Remove PITHOS_USE_QUOTAHOLDER, PITHOS_QUOTAHOLDER_URL,

  PITHOS_QUOTAHOLDER_TOKEN and PITHOS_ASTAKOSCLIENT_POOLSIZE

Tools

-----

.. _Changelog-0.13:

v0.13

=====

Released: Wed Apr 10 18:52:50 EEST 2013

In v0.13 the code was very heavily refactored for increased uniformity since

most of the Synnefo components have been merged into a single repository. Thus,

**just for this version** we will not document a complete Changelog (features,

fixes, improvements, issues, setting changes), but rather just copy from the

`NEWS` file with minor additions wherever needed.

Synnefo-wide

------------

* Support for pooling throughout Synnefo

  * Pooled Django DB connections, Pithos backend connections, HTTP

    connections using single `objpool` package

* Improved management commands

  * Unified codebase for output of tables in JSON, CSV

* Bring most of Synnefo code inside a single, unified repository

  * support automatic Python and Debian package builds for individual commits

  * with automatic version generation

* Overhauling of Synnefo settings: renames and refactoring, for increased

  uniformity (in progress)

* Deployment: Standardize on gunicorn, with gevent-based workers

  and use of Green threads throughout Synnefo

* Documentation: New scale-out guide, with distinct node roles,

  for mass Synnefo deployments

Astakos

-------

* Support multiple authentication methods

  * Classic (username/password), Shibboleth, LDAP/Active Directory,

    Google, Twitter, LinkedIn

  * Users can enable/disable auth methods, and switch between them

* Introduce a UUID as a global identifier for users, throughout Synnefo

  * The UUID remains constant as the user enables/disables login methods

* Allow users to modify their email address freely

* Per-user, per-resource accounting mechanism (quotaholder)

* Full quota support, with per-user, per-resource quotas, based on quotaholder

* Projects: Users can create and join Projects

  * Projects grant extra resources to their members

* UI Enhancements for quotas and projects

  * distinct Usage tab, showing usage of individual resources

  * Project management UI

  * New Overview page

* refactored/improved /login endpoint used by desktop/mobile clients.

  * endpoint url is now exposed by `weblogin` service

  * clients should use unauthenticated identity/tokens api to resolve the 

    endpoint url

  * view only allows redirects to `pithos://` scheme urls

  * removed uuid from redirect parameters. Client should use authenticated 

    request to identity/tokens to retrieve user uuid.

Cyclades

--------

* Commission resources on quotaholder/Astakos

* Support mass creation of flavors

* Support for the ExtStorage disk template in Ganeti

* Query and report quotas in the UI

* Pass VM configuration parameters over a VM-side API (`vmapi`)

  * Do not pass sensitive data as Ganeti OS parameters

  * Keep sensitive data in memory caches (memcached) and

    never allow them to hit the disk

* Display additional backend information in helpdesk machines list

* Allow helpdesk users to search for an account using a known machine id

* Helpdesk actions are now logged using the synnefo's common login

  infrastructure

UI

^^

* Removed feedback endpoint. Feedback requests delegate to astakos feedback

  service. ``FEEDBACK_CONTACTS``, ``FEEDBACK_EMAIL_FROM`` settings removed, 

  and no longer used.

* ``UI_LOGIN_URL``, ``UI_GLANCE_URL``, ``COMPUTE_URL`` settings no longer 

  required to be set and are dynamically computed based on ``ASTAKOS_BASE_URL``

  and ``CYCLADES_BASE_URL`` settings.

* File group is no longer included in ssh keys personality metadata sent in 

  create vm calls.

Pithos

------

* Support storage of blocks on a RADOS backend, for Archipelago

  * new settings:

    PITHOS_RADOS_STORAGE, PITHOS_RADOS_POOL_BLOCKS, PITHOS_RADOS_POOL_MAPS

* X-Object-Public now contains full url (domain + proper component prefix + 

  file path)

* Rewritten support for public URLs, with admin-selectable length

  * new settings:

    PITHOS_PUBLIC_URL_SECURITY, PITHOS_PUBLIC_URL_ALPHABET

* Enable pithos backend to use external quotaholder component

  * new settings:

    PITHOS_USE_QUOTAHOLDER, PITHOS_QUOTAHOLDER_URL, PITHOS_QUOTAHOLDER_TOKEN,

    PITHOS_QUOTAHOLDER_POOLSIZE

* Moderated version debiting mechanism

  * new setting:

    PITHOS_BACKEND_FREE_VERSIONING

* Proxy Astakos user-visible services

  * new settings:

    PITHOS_PROXY_USER_SERVICES, PITHOS_USER_CATALOG_URL,

    PITHOS_USER_FEEDBACK_URL, PITHOS_USER_LOGIN_URL

Tools

-----

* Extend snf-burnin to include testing of Pithos functionality