root / Changelog @ ef5d2c1c
History | View | Annotate | Download (30.3 kB)
1 |
.. _Changelog: |
---|---|
2 |
|
3 |
Unified Changelog file for Synnefo versions >= 0.13 |
4 |
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
5 |
|
6 |
Since v0.13 most of the Synnefo components have been merged into a single |
7 |
repository and have aligned versions. |
8 |
|
9 |
v0.15next |
10 |
============= |
11 |
|
12 |
Released: UNRELEASED |
13 |
|
14 |
Synnefo-wide |
15 |
------------ |
16 |
|
17 |
* Replace accumulative projects with pool projects: |
18 |
|
19 |
* Projects are now viewed as a source of finite resources. A member can |
20 |
reserve a part of these resources up to a specified limit. |
21 |
|
22 |
* Base quota are now offered through a special purpose user-specific base |
23 |
project, identified with the same UUID as the user. |
24 |
|
25 |
* Each actual resource (Cyclades VM, network, floating IP and Pithos |
26 |
container) is now also associated with a project besides the owner. |
27 |
|
28 |
* In resource creation, project defaults to the user-specific base |
29 |
project, if not specified otherwise. It is also possible to change the |
30 |
project assignment of an existing resource. |
31 |
|
32 |
* All existing resources have been assigned to the respective |
33 |
user-specific base projects. |
34 |
|
35 |
Astakos |
36 |
------- |
37 |
|
38 |
* Decouple projects from applications: |
39 |
|
40 |
* Support project creation (by the system) and modification (by a |
41 |
privileged user) without the need to submit/approve an application. |
42 |
|
43 |
* View applications as modifications. When a project is uninitialized |
44 |
(e.g. an application for a new project is pending), no further |
45 |
modification is allowed. |
46 |
|
47 |
* Applications are removed from the API. A project's last application is |
48 |
only accessible as part of the project details. |
49 |
|
50 |
* Decouple project state from application state; they can be combined by |
51 |
an API client, if needed. |
52 |
|
53 |
* Changes concerning quota and pool projects: |
54 |
|
55 |
* A project must provide limits for all registered resources. On project |
56 |
activation, resources missing are automatically completed using a |
57 |
skeleton. |
58 |
|
59 |
* Field `uplimit' of registed resources is exposed as `base_default' and |
60 |
provide the skeleton for user-specific base projects. A new field |
61 |
`project_default' is introduce to act as a skeleton for conventional |
62 |
projects. |
63 |
|
64 |
* The quotaholder now also records project quota besides user quota. The |
65 |
two types of holders are distinguished with a prefix: `user:' and |
66 |
`project:'. |
67 |
|
68 |
* The quota API is extended to make project quota available. |
69 |
|
70 |
* Projects can be set `private', making it accessible only to its owner and |
71 |
members. |
72 |
|
73 |
v0.14next |
74 |
========= |
75 |
|
76 |
Released: UNRELEASED |
77 |
|
78 |
Synnefo-wide |
79 |
------------ |
80 |
|
81 |
* Integrate Pithos tests in continuous integration. |
82 |
|
83 |
* Change astakosclient to accept AUTH_URL instead of BASE_URL |
84 |
ASTAKOS_BASE_URL settings has been removed from Pithos and Cyclades |
85 |
and has been replaced with ASTAKOS_AUTH_URL. Both Pithos and Cyclades |
86 |
proxy the Astakos services under ASTAKOS_PROXY_PREFIX path. |
87 |
ASTAKOS_PROXY_PREFIX by default has a value of '_astakos'. |
88 |
More specifically, Astakos' identity service is proxied under |
89 |
'_astakos/identity', Astakos' account service is under '_astakos/account' |
90 |
and Astakos' ui service is under '_astakos/ui'. |
91 |
|
92 |
* Add 'mail_admins' handler to 'django.request' logger in order to send email |
93 |
notifactions to users listed in 'ADMINS' setting about unhandled exceptions |
94 |
in the code. |
95 |
|
96 |
* Extend astakosclient to request and validate OAuth 2.0 access tokens |
97 |
|
98 |
* Change response status code from 400 (Bad Request) to 405 (Not allowed |
99 |
method) in case of an unexpected request method. |
100 |
|
101 |
Astakos |
102 |
------- |
103 |
|
104 |
* Changes in project schema: |
105 |
|
106 |
* A Project entry is created when submitting an application for a new |
107 |
project, rather than on approval. Its state is dependent on the state |
108 |
of its `reference' application (current definition). Lock Project rather |
109 |
than Chain (the latter is semantically obsolete). |
110 |
|
111 |
* Project states "Active - Pending" and "Suspended - Pending" have been |
112 |
removed. In management command `project-list', the existence of a pending |
113 |
modification is indicated by a non-blank `Pending AppID'. |
114 |
|
115 |
* Improve recording of project, application, and membership actions. |
116 |
|
117 |
* Implement API calls for projects. |
118 |
|
119 |
* Store the base URL of a component. Deployer should provide it when adding |
120 |
a new component. Service endpoints originating from a component are |
121 |
expected to match its base URL; otherwise, a warning is issued. |
122 |
Re-registration with `snf-component-register' affects both the base and |
123 |
the ui URL. |
124 |
|
125 |
* Changes in resource and quota handling: |
126 |
|
127 |
* New resources are registered with unlimited default base quota, |
128 |
represented by 2**63-1. |
129 |
* Each newly accepted user copies the default value for all resources |
130 |
as their own base quota. A base quota is considered 'custom' if its |
131 |
value differs from the default. |
132 |
* Changing resource's default quota affects the base quota *only* of |
133 |
future users. |
134 |
* Resource definition got flags 'api_visible' and 'ui_visible', |
135 |
replacing flag 'allow_in_projects'. They control whether a user can |
136 |
access these resources. The system internally always accounts for |
137 |
all resources, and a user can get off quota even for a resource that |
138 |
is not visible. |
139 |
|
140 |
* Remove API call GET /account/v1.0/authenticate in favor of |
141 |
POST /identity/v2.0/tokens. |
142 |
|
143 |
* Export basic statistics about Astakos service from '/admin/stats/detail' API |
144 |
endpoint. Access to this endpoint is only allowed to users that belong to |
145 |
the Astakos groups that are defined in the |
146 |
'ASTAKOS_ADMIN_STATS_PERMITTED_GROUPS' setting. Statistics are also availble |
147 |
from 'snf-manage stats-astakos' management command. |
148 |
|
149 |
* Implement OAuth 2.0 Authorization Code Grant |
150 |
Add API calls for authorization code and access token generation |
151 |
|
152 |
* Add API call for validating OAuth 2.0 access tokens |
153 |
|
154 |
* **Shibboleth module** Extract unique identifier from the |
155 |
``REMOTE_USER`` header. |
156 |
|
157 |
* Automatically fill third party signup form fields when available by the |
158 |
the third party provider. |
159 |
|
160 |
* Omit validation issues for non-required metadata values received from the |
161 |
third party authentication provider. |
162 |
|
163 |
* Management commands: |
164 |
|
165 |
* Introduced new commands: |
166 |
* component-show |
167 |
* quota-list (replacing quota, supports various filters) |
168 |
* quota-verify (replacing quota) |
169 |
* oauth2-client-add (register OAuth 2.0 client) |
170 |
* oauth2-client-list (list registered oauth 2.0 clients) |
171 |
* oauth2-client-remove (remove OAuth 2.0 client) |
172 |
* Changed commands: |
173 |
* component-add got options --base-url and --ui-url |
174 |
* resource-modify --limit became --default-quota |
175 |
* user-modify can operate on multiple users with --all and --exclude |
176 |
* user-modify --set-base-quota became --base-quota |
177 |
* Removed commands: |
178 |
* quota |
179 |
* resource-import (subsumed by service-import) |
180 |
* resource-export-astakos (subsumed by service-export-astakos) |
181 |
|
182 |
Cyclades |
183 |
-------- |
184 |
|
185 |
* Major changes to Cyclades networks: |
186 |
|
187 |
* Implement 'cyclades_network' service, containing the /networks, /ports, |
188 |
/subnets and /floatingips API endpoints under '/network/v2.0'. The old |
189 |
/networks API of 'cyclades_compute' (under /compute/v2.0) is |
190 |
removed. |
191 |
* Implement `snf-manage subnet-{create, list, modify, inspect}' management |
192 |
commands for handling of subnets. |
193 |
* Implement `snf-manage port-{create, list, remove, inspect}' management |
194 |
commands for handling of ports. |
195 |
* Add two new settings, 'CYCLADES_FORCED_SERVER_NETWORKS' and |
196 |
'CYCLADES_DEFAULT_SERVER_NETWORKS' to control the networks that newly |
197 |
created servers will be connected. |
198 |
|
199 |
* Implement Floating IP addresses, which are IPv4 addresses that can be |
200 |
dynamically added and removed to a running server. |
201 |
|
202 |
* Add new 'cyclades.floating_ip' resource. |
203 |
* Implement 'snf-manage floating-ip-{create,list,remove,attach,detach}' |
204 |
management commands to handle floating IPs. |
205 |
* Add 'floating_ip_pool' attribute to networks to mark networks that can |
206 |
be used as floating IP pools. |
207 |
|
208 |
* Implement 'resize' server action. |
209 |
|
210 |
* Implement the 'resize' server action, to change the flavor of a server. |
211 |
Only 'cpu' and 'memory' resizing is supported. |
212 |
|
213 |
* Compute quotas for CPU and memory of running vms. |
214 |
|
215 |
* Change 'cyclades.cpu' and 'cyclades.ram' resources to represent the CPU |
216 |
and RAM for running VMs. Total CPU and RAM usage is represented by new |
217 |
'cyclades.total_cpu' and 'cyclades.total_ram' resources. |
218 |
|
219 |
* Refer to Ganeti NICs by their name instead of their index. |
220 |
|
221 |
* Make cyclades give a unique name to each Ganeti NIC. NICs are refered by |
222 |
their unique name and not by their index inside the VM that are connected |
223 |
to. |
224 |
|
225 |
* Support firewall profile for all NICs of an instance. Change firewall |
226 |
settings to be filled with the unique name of the NIC. The affected settings |
227 |
are the GANETI_FIREWALL_{ENABLED, DISABLED, PROTECTED}_TAG settings. |
228 |
* Add accounting for public IP addresses that is accessible via `snf-manage |
229 |
ip-list` management command and via the helpdesk app. |
230 |
* Implement IPv6 only networks. |
231 |
* Extend servers info API response with 'SNF:fqdn' attribute, and introduce |
232 |
CYCLADES_SERVERS_FQDN to set the template for servers FDQN. Remove |
233 |
'UI_VM_HOSTNAME_FORMAT' setting. |
234 |
* Extend servers info API response with 'SNF:port_forwarding' attribute, |
235 |
describing port fowarding rules (DNAT) that are applied to vms. The |
236 |
description of such rules is done via the new CYCLADES_PORT_FORWARDING |
237 |
setting. |
238 |
* Speed up server reconciliation, by performing parallel reconciliation for |
239 |
each backend. |
240 |
* Change --dhcp option of network management commands from a flag to a boolean |
241 |
value, e.g. --dhcp=True |
242 |
* Remove 'ARCHIPELAGO_BACKENDS' setting used to distinquish between backends |
243 |
that hosted only archipelago backends. Instead allocation is based on which |
244 |
disk-templates are enabled in each backend. |
245 |
* Implement 'snf-manage server-remove' management command. |
246 |
* Move reconciliation of IP pools from 'reconcile-networks' to |
247 |
'reconcile-pools'. The IP pool reconciliation does not reconcile the IP |
248 |
pools with Ganeti. Instead it checks if the pool is consistent with the |
249 |
IPs that are used by instances. |
250 |
* Do not automatically release externally reserved IPs if they are released |
251 |
from a Ganeti backend. Management of externally reserved IPs must be |
252 |
performed from Cyclades with 'network-modify' command. |
253 |
* Export basic statistics about Cyclades Service from '/admin/stats/detail' |
254 |
API endpoint. Access to this endpoint is only allowed to users that belong |
255 |
to the Astakos groups that are defined in the 'ADMIN_STATS_PERMITTED_GROUPS' |
256 |
setting. Statistics are also availble from 'snf-manage stats-cyclades' |
257 |
management command. |
258 |
* Support enforcing quota through command 'enforce-resources-cyclades'. |
259 |
* Remove command 'resource-export-cyclades' subsumed by |
260 |
'service-export-cyclades'. |
261 |
* Obsolete PUBLIC_USE_POOL setting, since Cyclades manages IP pool for all |
262 |
type of networks. |
263 |
* Encrypt / decrypt the instance id / hostname in the stats URL in |
264 |
snf-cyclades-app and snf-stats-app, using the 'CYCLADES_STATS_SECRET_KEY' |
265 |
and 'STATS_SECRET_KEY' respectively. |
266 |
* Add support for snf-vncauthproxy-1.5 and the setting |
267 |
'CYCLADES_VNCAUTHPROXY_OPTS', which configures the extra options / arguments |
268 |
needed by the newer version of snf-vncauthproxy. Support for older versions |
269 |
of snf-vncauthproxy has been dropped. See also the upgrade notes for Synnefo |
270 |
and snf-vncauthproxy-1.5. |
271 |
* Remove 'DEFAULT_ROUTING_TABLE' setting. If a link for an IP_LESS_ROUTED |
272 |
network is not specified, the link will be uniquely named |
273 |
'snf-link-$network_id'. |
274 |
* Extend flavors with 'allow_create' attribute. Flavors that have this |
275 |
attribute unset cannot be used by users to create new servers. |
276 |
|
277 |
|
278 |
Cyclades UI |
279 |
----------- |
280 |
|
281 |
- Retrieve all networks information from the introduced cyclades network |
282 |
service. |
283 |
- New IPs pane from which user can manage floating IPs. |
284 |
- Redesign public keys overlay as an additional pane view. |
285 |
- Split networking configuration into an additional step in machine create |
286 |
wizard. |
287 |
- Display forced networks and choices of the available floating IPs which will |
288 |
be assigned to the created machine. |
289 |
- Support for machine resize action. Explicit handling when machine is started |
290 |
by displaying an utility shutdown button within the resize overlay. |
291 |
- Machine IPs toggling subview in icon/single views. |
292 |
- Replace IPv4/IPv6 with machine's FQDN in icon/single view. When no FQDN can |
293 |
be resolved display a message. Message can be configured using the introduced |
294 |
``UI_NO_FQDN_MESSAGE``. Setting ``UI_VM_HOSTNAME_FORMAT`` has been removed |
295 |
and no longer used. |
296 |
- Respect ``SNF:task_state`` machine attribute in order to improve machine |
297 |
status display. |
298 |
- Append software version as a url parameter in HTML static files in order |
299 |
to force browser cache invalidation between versions. |
300 |
- Configurable Google fonts base url. Fonts base url can be changed usint the |
301 |
``SYNNEFO_FONTS_BASE_URL`` setting. |
302 |
- Regression fix: Display reboot required notification on machine firewall |
303 |
parameters. |
304 |
- Handling of ``GANETI_USE_HOTPLUG`` setting. Do not allow live network actions |
305 |
when setting is set to ``False``. |
306 |
- Double escaping fix in machine create wizard images list and machine details |
307 |
subview. |
308 |
- Fix image ordering in machine create wizard. |
309 |
- New setting ``UI_SSH_SUPPORT_OSFAMILY_EXCLUDE_LIST``. A list of image OS |
310 |
families for which ui will disable ssh key injection in machine wizard. |
311 |
- Setting ``UI_SUPPORT_SSH_OS_LIST`` removed and no longer used. |
312 |
- Group public networks by name if setting ``UI_GROUP_PUBLIC_NETWORKS`` is set |
313 |
to True. |
314 |
- Setting ``UI_GROUPED_PUBLIC_NETWORK_NAME`` has been deprecated and no longer |
315 |
used. |
316 |
|
317 |
|
318 |
Cyclades Userdata |
319 |
----------------- |
320 |
|
321 |
- Maximum allowed length of ssh key content. Configurable from the |
322 |
``USERDATA_SSH_KEY_MAX_CONTENT_SIZE`` setting. |
323 |
|
324 |
|
325 |
Pithos |
326 |
------ |
327 |
|
328 |
* Rewrite tests. |
329 |
* Performance optimizations in object listing. |
330 |
* Introduce backend method decorator for handling transaction management if no |
331 |
transaction is initiated from the frontend. |
332 |
* Fix Internal Server Errors https://code.grnet.gr/issues/4501 & |
333 |
https://code.grnet.gr/issues/4502. |
334 |
* Fix REQUEST ENTITY TOO LARGE request failure during move operations |
335 |
https://code.grnet.gr/issues/4154. |
336 |
* Fix FORBIDDEN request failure while listing implicitly shared objects |
337 |
https://code.grnet.gr/issues/4131. |
338 |
* Fix issue with the computed size of an updated object. |
339 |
* Reply with the Merkle hash in the ETag header if MD5 is deactivated. |
340 |
* Reply with FORBIDDEN (403) to public listing requests performed by non path |
341 |
owners. |
342 |
* Change response status to NOT FOUND (404) while trying to delete an |
343 |
already deleted object. |
344 |
* Change SQLAlchemy version to 0.7 |
345 |
* Change view authorization |
346 |
The pithos views do not use the cookie information for user authentication. |
347 |
They request (from Astakos) and use a short-term access token for a |
348 |
specific resource. |
349 |
* Remove PITHOS_ASTAKOS_COOKIE_NAME setting, since it is no longer useful |
350 |
* Add PITHOS_OAUTH2_CLIENT_CREDENTIALS setting to authenticate the views with |
351 |
astakos during the resource access token generation procedure |
352 |
* Add PITHOS_UNSAFE_DOMAIN setting to restrict file serving endpoints to a |
353 |
specific host |
354 |
* Added new 'file-show' management command |
355 |
* Remove command 'resource-export-pithos' subsumed by 'service-export-pithos'. |
356 |
|
357 |
.. _Changelog-0.14.10: |
358 |
|
359 |
v0.14.10 |
360 |
======= |
361 |
|
362 |
Released: Tue Nov 26 11:03:37 EET 2013 |
363 |
|
364 |
Cyclades |
365 |
------- |
366 |
|
367 |
* This is the first release to support Ganeti 2.8. Support for older versions |
368 |
of Ganeti is dropped. |
369 |
* Use Ganeti opportunistic locking to achive parallelized instance creations |
370 |
in the same backend. Add setting 'GANETI_USE_OPPORTUNISTIC_LOCKING' to |
371 |
enable the use of this feature. |
372 |
* Fix warning message while getting object permissions to appear only when |
373 |
path is None and the object has permissions |
374 |
* Add name to newly created NICs and the corresponding firewall tags. |
375 |
|
376 |
.. _Changelog-0.14.9: |
377 |
|
378 |
v0.14.9 |
379 |
======= |
380 |
|
381 |
Released: Mon Nov 11 12:13:31 EET 2013 |
382 |
|
383 |
* Astakos: Fix minor problems with logging in the Astakos module, which could |
384 |
lead to unexpected exceptions |
385 |
|
386 |
.. _Changelog-0.14.8: |
387 |
|
388 |
v0.14.8 |
389 |
======= |
390 |
|
391 |
Released: Fri Nov 8 17:25:08 EET 2013 |
392 |
|
393 |
Synnefo-wide |
394 |
------------ |
395 |
|
396 |
* This is the first release to support Debian Wheezy along with Squeeze. You |
397 |
can mix and match nodes freely. |
398 |
* Update Django dependency to Django>=1.2,<1.5. Django 1.4.5 is available for |
399 |
Squeeze through squeeze-backports. |
400 |
* Since this version, Synnefo ships an example Gunicorn configuration file |
401 |
that is automatically installed at ``/etc/gunicorn.d/synnefo.example``. |
402 |
|
403 |
Cyclades |
404 |
-------- |
405 |
|
406 |
* On VM creation, pass the hashmap of the image (pithosmap://) instead of the |
407 |
image URL (pithos://). Access to the Pithos DB by Ganeti nodes is no longer |
408 |
required. |
409 |
* Workaround race between server creation and server deletion. This will be |
410 |
fixed properly by updating Ganeti to support the 'depends' attribute for |
411 |
OP_INSTANCE_REMOVE. |
412 |
|
413 |
Astakos |
414 |
------- |
415 |
|
416 |
* For Shibboleth logins, store all attributes along with the user in the DB. |
417 |
|
418 |
.. _Changelog-0.14.7: |
419 |
|
420 |
v0.14.7 |
421 |
======= |
422 |
|
423 |
Released: Wed Sep 18 17:50:12 EEST 2013 |
424 |
|
425 |
Cyclades |
426 |
-------- |
427 |
|
428 |
* Fix bug in helpdesk view |
429 |
|
430 |
.. _Changelog-0.14.6: |
431 |
|
432 |
v0.14.6 |
433 |
======= |
434 |
|
435 |
Released: Wed Sep 18 16:18:58 EEST 2013 |
436 |
|
437 |
Pithos |
438 |
------ |
439 |
|
440 |
* Substitute the PITHOS_BACKEND_QUOTA setting with two |
441 |
distinct settings: PITHOS_BACKEND_ACCOUNT_QUOTA & |
442 |
PITHOS_BACKEND_CONTAINER_QUOTA |
443 |
* Set PITHOS_BACKEND_CONTAINER_QUOTA default value to 0 (unlimited) |
444 |
* Fix bug that resulted in DB deadlocks. |
445 |
|
446 |
Cyclades |
447 |
-------- |
448 |
|
449 |
* Fix bug in snf-dispatcher that resulted in servers to be deleted from the |
450 |
DB even if the corresponding Ganeti job failed. |
451 |
|
452 |
Branding |
453 |
-------- |
454 |
|
455 |
* Add new BRANDING_FOOTER_EXTRA_MESSAGE setting. |
456 |
|
457 |
|
458 |
.. _Changelog-0.14.5: |
459 |
|
460 |
v0.14.5 |
461 |
======= |
462 |
|
463 |
Released: Wed Aug 7 11:19:49 EEST 2013 |
464 |
|
465 |
Pithos |
466 |
------ |
467 |
|
468 |
* Fix security issue with handling Pithos versions. |
469 |
|
470 |
|
471 |
.. _Changelog-0.14.4: |
472 |
|
473 |
v0.14.4 |
474 |
======= |
475 |
|
476 |
Released: Mon Jul 29 12:24:22 EEST 2013 |
477 |
|
478 |
Pithos |
479 |
------ |
480 |
|
481 |
* Fix bug in reconcile resources management command. |
482 |
|
483 |
|
484 |
.. _Changelog-0.14.3: |
485 |
|
486 |
v0.14.3 |
487 |
======= |
488 |
|
489 |
Released: Thu Jul 25 12:22:47 EEST 2013 |
490 |
|
491 |
Synnefo-wide |
492 |
------------ |
493 |
|
494 |
* Use the SYNNEFO_TRACE environmental variable to control whether the greenlet |
495 |
tracing code will get loaded or not. |
496 |
* Split the HIDDEN_COOKIES setting in HIDDEN_HEADERS and HIDDEN_COOKIES, and |
497 |
add the MAIL_MAX_LEN setting, to limit the mail size for unhandled |
498 |
exceptions. |
499 |
|
500 |
|
501 |
.. _Changelog-0.14.2: |
502 |
|
503 |
Released: Fri Jul 12 13:13:32 EEST 2013 |
504 |
|
505 |
v0.14.2 |
506 |
======= |
507 |
|
508 |
Cyclades |
509 |
-------- |
510 |
|
511 |
* Add new setting PITHOS_BACKEND_POOL_SIZE, which configures the size |
512 |
of the pool of Pithos backends that are used by plankton. |
513 |
|
514 |
Pithos |
515 |
------ |
516 |
|
517 |
* Refactor metadata schema (table attributes) in Pithos DB to speedup current |
518 |
objects by domain attribute. This is used by Plankton for listing VM images. |
519 |
|
520 |
|
521 |
.. _Changelog-0.14: |
522 |
|
523 |
v0.14 |
524 |
===== |
525 |
|
526 |
Released: Tue Jun 25 14:01:19 EEST 2013 |
527 |
|
528 |
Synnefo-wide |
529 |
------------ |
530 |
|
531 |
* Create 'snf_django' Python package to hold common code for all Synnefo |
532 |
components. |
533 |
|
534 |
* Create a JSON-exportable definition document for each Synnefo Components |
535 |
(Astakos, Cyclades, Pithos, etc.) that consolidates APIs (services), |
536 |
resources, and other standardized properties (e.g. default URL prefixes). |
537 |
|
538 |
* Standardize URLs for Synnefo Components, impose structure and naming |
539 |
conventions to related settings. Make each component deployable under |
540 |
a user-configurable <COMPONENT>_BASE_URL. Each API (compute, image, etc.) |
541 |
is deployable under a developer-configurable prefix beneath BASE_URL. |
542 |
|
543 |
* Deprecate CLOUDBAR_ACTIVE_SERVICE setting from all apps. |
544 |
|
545 |
* Common synnefo 404/500 templates (located in snf-webproject) |
546 |
|
547 |
Astakos |
548 |
------- |
549 |
|
550 |
* Redesign of the accounting system (quotaholder) and integration into |
551 |
Astakos. |
552 |
|
553 |
* Simplified the quotaholder model; removed tables Entity and Policy; now |
554 |
table Holding contains limit and usage for every holding. |
555 |
* Extended table Holding, so that we can keep track of quota for every |
556 |
valid combination of holder (e.g. user), resource, and source (e.g. the |
557 |
default system or some specific project). |
558 |
* Refactored code for issuing and resolving commissions for robustness; |
559 |
added a 'force' option to bypass the upper limit check when issuing a |
560 |
commission. |
561 |
* Simplified syncing to the quotaholder; removed fields from models |
562 |
Project and ProjectMembership, previously needed for syncing; removed |
563 |
state PROJECT_DEACTIVATED from ProjectMembership. |
564 |
* Removed settings ASTAKOS_QUOTAHOLDER_URL, ASTAKOS_QUOTAHOLDER_TOKEN, |
565 |
and ASTAKOS_QUOTAHOLDER_POOLSIZE. |
566 |
|
567 |
* API-related changes: |
568 |
|
569 |
* Implemented API calls for quota, resources, and commissions. |
570 |
* Moved all API calls under '/account/v1.0'. |
571 |
* Implemented the keystone API call POST /tokens under '/identity/v2.0'. |
572 |
|
573 |
* Service and resource specification and handling: |
574 |
|
575 |
* Specified a format for defining services along with the API endpoints |
576 |
and the resources they expose. Migrated internal resource name by |
577 |
prefixing it with service name (e.g. 'vm' becomes 'cyclades.vm'); |
578 |
renamed registered service 'pithos+' to 'pithos'. |
579 |
* Specified a procedure to register a Synnefo component, its services and |
580 |
their resources in astakos and set the resources' default base quota |
581 |
limit. Removed resource definitions from settings. |
582 |
* Moved service and resource presentation data out of the respective db |
583 |
models into a separate file of UI constants. |
584 |
|
585 |
* Converted the limit on pending applications from a setting to a quotable |
586 |
resource. Converted the related user setting to a user-specific base quota |
587 |
limit. Deprecated model UserSetting; removed setting |
588 |
ASTAKOS_PENDING_APPLICATION_LIMIT. |
589 |
|
590 |
* Changes in locking strategy: |
591 |
|
592 |
* Lock only project's chain for all project operations; lock user before |
593 |
syncing to quotaholder. |
594 |
* When locking multiple rows (e.g. users or holdings) include an ORDER BY |
595 |
clause in the query to impose ordering on locking. |
596 |
|
597 |
* Changes in views: |
598 |
|
599 |
* Replaced custom transaction context with a simple decorator for managing |
600 |
transactions and a context 'ExceptionHandler', which logs and suppresses |
601 |
exceptions |
602 |
|
603 |
* Added fine grain user auth provider's policies. |
604 |
|
605 |
* Administrator can override default auth provider policies to a specific |
606 |
user or group of users. |
607 |
* Optionally a user can be assigned to a list of groups, based on the |
608 |
authentication method he choosed to signup. |
609 |
|
610 |
* Removed explicit handling of SMTP errors on each email delivery. Exceptions |
611 |
are now propagated to base django exception handler. |
612 |
|
613 |
* Email used in html/email tempaltes which prompt user to contact for service |
614 |
support prompts is now defined in ``CONTACT_EMAIL`` setting introduced in |
615 |
snf-common settings. |
616 |
|
617 |
* Improvements in user activation flow |
618 |
|
619 |
* User moderation now takes place after the user has verified his email |
620 |
address. |
621 |
* User model enriched with additional user state fields |
622 |
* Split activation email from moderation process. Administrator is required |
623 |
to moderate user explicitly using the `user-modify --accept` or |
624 |
`user-modify --reject` commands. |
625 |
* Improved logging throught out user activation procedures. |
626 |
|
627 |
* Remove deprecated AstakosUser model fields: `provider`, |
628 |
`third_party_identifier` |
629 |
|
630 |
* Allow override of authentication provider messages using the following |
631 |
format in setting names: ``ASTAKOS_<PROVIDER_MODULE>_<MSGID>_MSG`` |
632 |
|
633 |
* Cloudbar automatically tries to identify the active service based on window |
634 |
location. |
635 |
|
636 |
* Removing authentication provider view is now CSRF protected. |
637 |
|
638 |
* New `API access` view, containing useful information to users on how to |
639 |
access available Synnefo services API's. |
640 |
|
641 |
* Remove of ASTAKOS_*_EMAIL_SUBJECT settings. All email subjects are now |
642 |
defined in astakos.im.messages module. Overriding default values can be |
643 |
achieved using custom gettext files or using astakos messages settings:: |
644 |
|
645 |
#change of greeting email subject |
646 |
ASTAKOS_GREETING_EMAIL_SUBJECT_MESSAGE = 'Welcome to my cloud' |
647 |
|
648 |
* Remove ``ASTAKOS_ACTIVATION_REDIRECT_URL`` and ``ASTAKOS_LOGIN_SUCCESS_URL`` |
649 |
from astakos .conf file. Settings are dynamically computed based on |
650 |
``ASTAKOS_BASE_URL``. |
651 |
|
652 |
* Management commands: |
653 |
|
654 |
* Introduced new commands: |
655 |
* authpolicy-{add, list, remove, set, show} |
656 |
* group-{add, list} |
657 |
* component-{add, list, modify, remove} |
658 |
* reconcile-resources-astakos |
659 |
* resource-{export-astakos, import, modify} |
660 |
* service-{export-astakos, import, show} |
661 |
* Renamed commands: |
662 |
* astakos-quota to quota |
663 |
* user-update to user-modify |
664 |
* full-cleanup to cleanup-full |
665 |
* Removed commands: |
666 |
* astakos-init |
667 |
* invitation-{details, list} |
668 |
* project-sync |
669 |
* resource-{add, remove} |
670 |
* service-{add, remove, token-renew, update} |
671 |
* user-invite |
672 |
* user-set-initial-quota (integrated its functionality in user-modify and quota) |
673 |
* Added quota and project-related information in user-show command; added |
674 |
membership information in project-show. |
675 |
|
676 |
Cyclades |
677 |
-------- |
678 |
|
679 |
* Make 'type' attribute required for network create API request. |
680 |
* Networks not created to all Ganeti backends upon creation, they are instead |
681 |
created to a backend only when a VM connects to the network. |
682 |
* Add 'CYCLADES_ASTAKOSCLIENT_POOLSIZE' setting which tunes the size of the |
683 |
http connection pool to astakos. |
684 |
* Remove 'CYCLADES_USER_CATALOG_URL' and 'CYCLADES_USER_FEEDBACK_URL' settings |
685 |
* Remove CYCLADES_USE_QUOTAHOLDER, CYCLADES_QUOTAHOLDER_TOKEN, |
686 |
CYCLADES_QUOTAHOLDER_URL, CYCLADES_QUOTAHOLDER_POOLSIZE settings |
687 |
* Rename 'cyclades-usage-verify' management command to |
688 |
'reconcile-resources-cyclades'. Also, remove 'cyclades-usage-reset' command, |
689 |
which is equivalent to 'reconcile-resources-cyclades --fix'. |
690 |
* Rename 'cyclades-reconcile-commissions' management command to |
691 |
'reconcile-commissions-cyclades'. |
692 |
* Remove obsolete 'MAX_VMS_PER_USER', 'MAX_NETWORKS_PER_USER', |
693 |
"VMS_USER_QUOTA" and "NETWORKS_USER_QUOTA" settings, since their usage |
694 |
is covered by Quotaholder. |
695 |
* Remove obsolete setting 'API_ROOT_URL', since it is being covered by |
696 |
the use of CYCLADES_BASE_URL* Remove obsolete setting 'API_ROOT_URL', since |
697 |
it is being covered by 'CYCLADES_BASE_URL'. |
698 |
* Remove obsolete settings GANETI_DISK_TEMPLATES and |
699 |
DEFAULT_GANETI_DISK_TEMPLATE |
700 |
|
701 |
Cyclades helpdesk |
702 |
----------------- |
703 |
|
704 |
* Additional start/stop vm action |
705 |
* Display extend backend info in vm's view |
706 |
* Fixed IP lookup |
707 |
|
708 |
Pithos |
709 |
------ |
710 |
|
711 |
* Remove PITHOS_AUTHENTICATION_USERS setting, which was used to override |
712 |
astakos users. |
713 |
* Remove 'PITHOS_USER_CATALOG_URL', 'PITHOS_USER_FEEDBACK_URL' and |
714 |
'PITHOS_USER_LOGIN_URL' settings. |
715 |
* Remove PITHOS_USE_QUOTAHOLDER, PITHOS_QUOTAHOLDER_URL, |
716 |
PITHOS_QUOTAHOLDER_TOKEN and PITHOS_ASTAKOSCLIENT_POOLSIZE |
717 |
|
718 |
* Enforce container-level atomicity in (most) Pithos API calls. |
719 |
|
720 |
|
721 |
Tools |
722 |
----- |
723 |
|
724 |
|
725 |
.. _Changelog-0.13: |
726 |
|
727 |
v0.13 |
728 |
===== |
729 |
|
730 |
Released: Wed Apr 10 18:52:50 EEST 2013 |
731 |
|
732 |
In v0.13 the code was very heavily refactored for increased uniformity since |
733 |
most of the Synnefo components have been merged into a single repository. Thus, |
734 |
**just for this version** we will not document a complete Changelog (features, |
735 |
fixes, improvements, issues, setting changes), but rather just copy from the |
736 |
`NEWS` file with minor additions wherever needed. |
737 |
|
738 |
Synnefo-wide |
739 |
------------ |
740 |
|
741 |
* Support for pooling throughout Synnefo |
742 |
|
743 |
* Pooled Django DB connections, Pithos backend connections, HTTP |
744 |
connections using single `objpool` package |
745 |
|
746 |
* Improved management commands |
747 |
|
748 |
* Unified codebase for output of tables in JSON, CSV |
749 |
|
750 |
* Bring most of Synnefo code inside a single, unified repository |
751 |
|
752 |
* support automatic Python and Debian package builds for individual commits |
753 |
* with automatic version generation |
754 |
|
755 |
* Overhauling of Synnefo settings: renames and refactoring, for increased |
756 |
uniformity (in progress) |
757 |
* Deployment: Standardize on gunicorn, with gevent-based workers |
758 |
and use of Green threads throughout Synnefo |
759 |
* Documentation: New scale-out guide, with distinct node roles, |
760 |
for mass Synnefo deployments |
761 |
|
762 |
Astakos |
763 |
------- |
764 |
|
765 |
* Support multiple authentication methods |
766 |
|
767 |
* Classic (username/password), Shibboleth, LDAP/Active Directory, |
768 |
Google, Twitter, LinkedIn |
769 |
* Users can enable/disable auth methods, and switch between them |
770 |
|
771 |
* Introduce a UUID as a global identifier for users, throughout Synnefo |
772 |
|
773 |
* The UUID remains constant as the user enables/disables login methods |
774 |
|
775 |
* Allow users to modify their email address freely |
776 |
* Per-user, per-resource accounting mechanism (quotaholder) |
777 |
* Full quota support, with per-user, per-resource quotas, based on quotaholder |
778 |
* Projects: Users can create and join Projects |
779 |
|
780 |
* Projects grant extra resources to their members |
781 |
|
782 |
* UI Enhancements for quotas and projects |
783 |
|
784 |
* distinct Usage tab, showing usage of individual resources |
785 |
* Project management UI |
786 |
* New Overview page |
787 |
|
788 |
* refactored/improved /login endpoint used by desktop/mobile clients. |
789 |
* endpoint url is now exposed by `weblogin` service |
790 |
* clients should use unauthenticated identity/tokens api to resolve the |
791 |
endpoint url |
792 |
* view only allows redirects to `pithos://` scheme urls |
793 |
* removed uuid from redirect parameters. Client should use authenticated |
794 |
request to identity/tokens to retrieve user uuid. |
795 |
|
796 |
|
797 |
Cyclades |
798 |
-------- |
799 |
|
800 |
* Commission resources on quotaholder/Astakos |
801 |
* Support mass creation of flavors |
802 |
* Support for the ExtStorage disk template in Ganeti |
803 |
* Query and report quotas in the UI |
804 |
* Pass VM configuration parameters over a VM-side API (`vmapi`) |
805 |
|
806 |
* Do not pass sensitive data as Ganeti OS parameters |
807 |
* Keep sensitive data in memory caches (memcached) and |
808 |
never allow them to hit the disk |
809 |
|
810 |
* Display additional backend information in helpdesk machines list |
811 |
* Allow helpdesk users to search for an account using a known machine id |
812 |
* Helpdesk actions are now logged using the synnefo's common login |
813 |
infrastructure |
814 |
|
815 |
UI |
816 |
^^ |
817 |
* Removed feedback endpoint. Feedback requests delegate to astakos feedback |
818 |
service. ``FEEDBACK_CONTACTS``, ``FEEDBACK_EMAIL_FROM`` settings removed, |
819 |
and no longer used. |
820 |
* ``UI_LOGIN_URL``, ``UI_GLANCE_URL``, ``COMPUTE_URL`` settings no longer |
821 |
required to be set and are dynamically computed based on ``ASTAKOS_BASE_URL`` |
822 |
and ``CYCLADES_BASE_URL`` settings. |
823 |
* File group is no longer included in ssh keys personality metadata sent in |
824 |
create vm calls. |
825 |
|
826 |
|
827 |
Pithos |
828 |
------ |
829 |
|
830 |
* Support storage of blocks on a RADOS backend, for Archipelago |
831 |
|
832 |
* new settings: |
833 |
PITHOS_RADOS_STORAGE, PITHOS_RADOS_POOL_BLOCKS, PITHOS_RADOS_POOL_MAPS |
834 |
|
835 |
* X-Object-Public now contains full url (domain + proper component prefix + |
836 |
file path) |
837 |
|
838 |
* Rewritten support for public URLs, with admin-selectable length |
839 |
|
840 |
* new settings: |
841 |
PITHOS_PUBLIC_URL_SECURITY, PITHOS_PUBLIC_URL_ALPHABET |
842 |
|
843 |
* Enable pithos backend to use external quotaholder component |
844 |
|
845 |
* new settings: |
846 |
PITHOS_USE_QUOTAHOLDER, PITHOS_QUOTAHOLDER_URL, PITHOS_QUOTAHOLDER_TOKEN, |
847 |
PITHOS_QUOTAHOLDER_POOLSIZE |
848 |
|
849 |
* Moderated version debiting mechanism |
850 |
|
851 |
* new setting: |
852 |
PITHOS_BACKEND_FREE_VERSIONING |
853 |
|
854 |
* Proxy Astakos user-visible services |
855 |
|
856 |
* new settings: |
857 |
PITHOS_PROXY_USER_SERVICES, PITHOS_USER_CATALOG_URL, |
858 |
PITHOS_USER_FEEDBACK_URL, PITHOS_USER_LOGIN_URL |
859 |
|
860 |
Tools |
861 |
----- |
862 |
|
863 |
* Extend snf-burnin to include testing of Pithos functionality |