Ganeti 3.0.2

This release contains the following bug- and compatibility fixes:

• KVM: fix NIC hotplugging with vhost_net=True (#1651), use_chroot=True (#1644) and use_guest_agent=True (#1620).
• KVM: fix asynchronous events breaking QMP handshakes (#1649)
• KVM: handle disk_cache consistently between boot and hotplugging (#1645)
• KVM: fix live migration with non-root / chrooted QEMU (dynamic auto-ro) (#1603)
• KVM: fix unsupported keymap include in >=qemu-4.0 (#1612)
• XEN: fix live migration of xen instances (#1582)
• NET: relax VLAN check with veth devices (#1533)
• LVM: fix lvcreate for newer lvm versions (#1586)
• DRBD: warn users that altered DRBD parameters do not affect existing devices (#781)
• Node-Add: byte/string comparison causes false-positive warning (#1635)
• RAPI: return HTTP 400 on request parse error (#1610)
• build: fix building docs on Debian Bullseye (#1602)
• build: adjust for Pyparsing 3.0 (#1638)
• build: adjust for TupE type change in Template Haskell 2.16 (#1613)
• build: permit base64-bytestring 1.1 and QuickCheck 2.14 (#1613)
• tools: fix 2to3 leftover for move-instance (#1616)
• Docs: fix building on recent sphinx versions (#1602)

Ganeti 3.0.1

This is a bugfix release, containing the following fixes:

• Fix disk hotplugging with QEMU >=4.0 (#1556)
• Correctly configure the aio, cache and discard disk parameters for hotplugged disks (#1561)
• Configure the correct number of vectors for hotplugged MQ tap devices (#1568)
• Properly detect MQ NIC support for newer KVM versions (#1569)
• Significantly speed up disk verification jobs by caching LVM information (#1565)
• Fix a potential issue when exchanging UTF-8 data over plain HTTP RAPI (#1575)

Ganeti 3.0.0

3.0 final is out! There are only a few fixes since rc1 and the notable addition of automatic postcopy migration in KVM. For upgrades from 2.x, please see the notes in the 3.0.0-beta1 release!

Automatic postcopy migration handling for KVM guests

Ganeti now supports switching a KVM live migration automatically over to postcopy mode if the instance's migration_caps include the
postcopy-ram capability and the live migration has already completed two full memory passes. Postcopy live migration support in Ganeti 3.0 is considered experimental; users are encouraged to test it and report bugs, but it should be used with care in production environments.

We recommend using postcopy migration with at least QEMU version 3.0; QEMU versions before 3.0 do not support limiting the bandwidth of a postcopy migration, which might saturate the network and cause interference with e.g. DRBD connections. For QEMU 3.0 and on, we apply the migration_bandwidth HV parameter that limits the regular live migration bandwidth to the postcopy phase as well.

Misc changes

Bugfixes:

• Fix multi-queue tap creation that was broken by the Python 3 migration (#1534)
• Make sure we set KVM migration capabilities on both sides of the live migration and clear them once the migration is over (#1525)
• Properly cleanup the dedicated spice connection used to set a KVM instance's spice password; this avoids blocking the instance on boot (#1535, #1536)
• Fix non-SSL operation for Python daemons, broken by the Python 3 migration. This should be only relevant for the RAPI daemon running behind a reverse proxy; noded requires SSL to function properly (#1508, #1538)

Compatibility fixes:

• Correctly report the status of user-down KVM instances with QEMU >= 3.1 (#1440, #1537)

Ganeti 3.0.0-rc1

This is the first release candidate for 3.0.0. Since releasing 3.0.0 beta1 in June no critical issues have surfaced, and this release includes some feature and compatibility improvements but no breaking changes.

Upgrade notes

This release comes with the same restrictions as the previous one: to upgrade, you either need 2.16.2 or 3.0.0 beta1 installed. Upgrading directly from older versions or from the Ganeti-2.17 beta version is not supported. Please refer to the 3.0.0 beta1 upgrade notes for more information.

Important changes

GHC 8.0 through 8.8 compatibility

This release has been built/tested against GHC 8.0 through 8.8 which means it should work on most current and near-future distribution versions. Support for GHC versions < 8 has already been dropped with the previous Ganeti release. Along with this change we have also added compatibility to Cabal version 3.0.

Other notable changes

Bugfixes:

• Fix distribution of hmac.key to new nodes - this has been pulled from the 2.17 tree #(1494)

Compatibility Improvements:

• Open vSwitch: Do not fail to add node when the ovs_name or ovs_link already exists (#1495)
• Improved support for DRBD >= 8.4 (#1496)
• Relax QuickCheck version restriction (#1479)

Documentation Fixes:

• Various typos have been fixed (#1483, #1487, #1489, #1501)
• Documentation build has been improved (#1500, #1504)
• Missing information has been added (#1490, #1505, #1517)

Build Environment:

• We now have matrix / nightly builds using Github Actions (#1512)
• We now have code analysis through Github CodeQL (#1514)

Misc:

• Support other values than 'none' for 'disk_cache' when using RBD (#1516)
• The OS install scripts can now query the configured disk size via a new environment variable 'DISK_%N_SIZE' (#1503)

Ganeti 3.0.0beta1

This is a major version pre-release, porting Ganeti to Python 3, fixing bugs and adding new features.

This is also the first major release to be created by community contributors exclusively. As of May 2020, Google transferred the maintenance of Ganeti to the community. We would like to thank Google for the support and resources it granted to the project and for allowing the community to carry it forward!

Upgrade notes

Ganeti versions earlier than 2.16.2 will refuse to upgrade to 3.0 using gnt-cluster upgrade. If you are using your distribution packages, chances are their maintainers will provide a smooth upgrade path from older versions, so check the package release notes. If you build Ganeti from source, please upgrade to 2.16.2 as an intermediate step before upgrading to 3.0, or consult Github issue #1423 for possible workarounds.

Note that at this time there is no supported upgrade path for users running Ganeti-2.17 (i.e. 2.17.0 beta1). Ganeti-2.17 was never released, so hopefully no one uses it.

Important changes

Python >=3.6 required

This release switches the whole Ganeti codebase over to Python 3. Python 2 has reached its end-of-life and is being removed from most distributions, so we opted to skip dual-version support completely and convert the code straight to Python 3-only, the only exception being the RAPI client which remains Python-2 compatible.

We have tested the code as well as we can, but there is still the possibility of breakage, as the conversion touches a big part of the codebase that cannot always be tested automatically. Please test this release if possible and report any bugs on GitHub.

Note that the minimum required Python version is 3.6.

GHC >= 8 required

This release removes support for ancient versions of GHC and now requires at least GHC 8.0 to build.

VLAN-aware bridging

This version adds support for VLAN-aware bridging. Traditionally setups using multiple VLANs had to create one Linux bridge per VLAN and assign instance NICs to the correct bridge. For large setups this usually incurred a fair amount of configuration that had to be kept in sync between nodes. An alternative was to use OpenVSwitch, for which Ganeti already included VLAN support.

Beginning with 3.0, Ganeti supports VLAN-aware bridging: it is now possible to have a single bridge handling traffic for multiple VLANs and have instance NICs assigned to one or more VLANs using the vlan NIC
parameter with the same syntax as for OpenVSwitch (see the manpage for gnt-instance). Note that Ganeti expects VLAN support for the bridge to be enabled externally, using ip link set dev <bridge> type bridge vlan_filtering 1.

Other notable changes

Bugfixes:

• Refactor LuxiD's job forking code to make job process creation more reliable. This fixes sporadic failures when polling jobs for status changes, as well as randomly-appearing 30-second delays when enqueueing a new job (#1411).
• Wait for a Luxi job to actually finish before archiving it. This prevents job file accumulation in master candidate queues (#1266).
• Avoid accidentally backing up the export directory on cluster upgrade (#1337).
• This release includes all fixes from 2.16.2 as well, please refer to the 2.16.2 changelog below.

Compatibility changes:

• Orchestrate KVM live migrations using only QMP (and not the human monitor), ensuring compatibility with QEMU 4.2 (#1433).
• Use iproute2 instead of brctl, removing the dependency on bridge-utils (#1394).
• Enable AM_MAINTAINER_MODE, supporting read-only VPATH builds (#1391).
• Port from Haskell Crypto (unmaintained) to cryptonite (#1405)
• Enable compatibility with pyopenssl >=19.1.0 (#1446)

Ganeti 2.16.2

Version 2.16.2

This is a bugfix and compatibility release.

Important note

Due to the way the gnt-cluster upgrade mechanism is implemented, Ganeti versions earlier than 2.16.2 will refuse to upgrade to the upcoming 3.0 release. This release changes the upgrade logic to explicitly allow upgrades from 2.16.2 and later to 3.0.

See #1423 for more details and the relevant discussion.

Bugfixes

• Fix node secondary instance count. Secondary instances were counted as many times as their disk count (#1399)
• RPC: remove 1-second wait introduced by Expect: 100-Continue. This speeds up all RPC operations that pass through LuxiD (most notably queries like gnt-instance list) by 1 second.

Ganeti 2.16.1

This is a bugfix and compatibility release.

Important changes

Updated X.509 certificate signing algorithm

Ganeti now uses the SHA-256 digest algorithm to sign all generated X.509 certificates used to secure the RPC communications between nodes. Previously, Ganeti was using SHA-1 which is seen as weak (but not broken) and has been deprecated by most vendors; most notably, OpenSSL — used by Ganeti on some setups — rejects SHA-1-signed certificates when configured to run on security level 2 and above.

Users are advised to re-generate Ganeti's server and node certificates after installing 2.16.1 on all nodes using the following command:

  gnt-cluster renew-crypto --new-cluster-certificate

On setups using RAPI and/or SPICE with Ganeti-generated certificates, --new-rapi-certificate and --new-spice-certificate should be appended to the command above.

QEMU 3.1 compatibility

Previous versions of Ganeti used QEMU command line options that were removed in QEMU 3.1, leading to an inability to start KVM instances with QEMU 3.1. This version restores compatibility with QEMU 3.1 by adapting to these changes. This was done in a backwards-compatible way, however there is one special case: Users using VNC with X.509 support enabled will need to be running at least QEMU 2.5. See #1342 for details.

Newer GHC support

Ganeti 2.16.0 could only be built using GHC versions prior to 7.10, as GHC 7.10 and later versions introduced breaking API changes that made the build fail.

This release introduces support for building with newer GHC versions: Ganeti is now known to build with GHC 8.0, 8.2 and 8.4. Furthermore, Ganeti can now be built with snap-server 1.0 as well as hinotify 0.3.10 and later. Previously supported versions of GHC and of these libraries remain supported.

Misc changes

Compatibility fixes:

• Fix initscript operation on systems with dpkg >= 1.19.4 (#1322) (@apoikos)
• Support Sphinx versions later than 1.7 (#1333) (@YSelfTool)
• Force KVM to use cache=none when aio=native is set; this is mandatory for QEMU versions later than 2.6 (#43) (@akosiaris)
• Handle the new output format of rbd showmapped introduced in Ceph Mimic (#1339) (@atta)
• Support current versions of python-psutil (@gedia)
• Fix distcheck-hook with automake versions >= 1.15 (@apoikos )
• Fix cli tests with shelltestrunner versions >= 1.9 (@apoikos )

Bugfixes:

• Allow IPv6 addresses in the vnc_bind_address KVM hypervisor parameter (#1257) (@candlerb)
• Fix iproute2 invocation to accept dev as a valid interface name (#26) (@arnd)
• Properly handle OpenVSwitch trunk ports without native VLANs (#1324) (@gedia)
• Fix virtio-net multiqueue support (#1268) (@gedia)
• Make the ganeti-kvm-poweroff example script work on systems with systemd/sysv integration (#1288)
• Avoid triggering the CPU affinity code when the instance's CPU mask is set to all, relaxing the runtime dependency on python-psutil (@calumcalder)

Performance improvements:

• Speed up Haskell test execution (@iustin)
• Speed up Python test execution (@apoikos)

Documentation fixes:

• Fix a couple of typos in the gnt-instance man page (#1279) (@regnauld)
• Fix a typo in doc/install.rst (Igor Vuk)

Enhancements:

• KVM process logs are now obtained and saved under /var/log/ganeti/kvm (@yiannist)

ganeti-2.16.1.tar.gz checksums

MD5: 3b40440ba0996a0466e129198c342da9  ganeti-2.16.1.tar.gz
SHA1: 1831ca5389647df96a3edbe2494208f82999e2cb  ganeti-2.16.1.tar.gz
SHA256: 45a79592a912caaa5290411447f661d5b81e99ea555dc272f3459b1d727a557b  ganeti-2.16.1.tar.gz