Skip to content

blobfuse2-2.5.4

Latest

Choose a tag to compare

@souravgupta-msft souravgupta-msft released this 08 Jul 10:45
4b08493

Features

  • Make Blobfuse2 binary FIPS compliant by building with the Microsoft Go toolchain (systemcrypto GOEXPERIMENT) and CGO_ENABLED=1, routing all crypto/* calls through the system OpenSSL FIPS provider (PR #2226)
  • Attribute cache is now memory-bounded. The cache uses a least-recently-used (LRU) eviction policy and a background sweeper that reclaims memory from TTL-expired entries when the cache is idle. A new max-size-mb config parameter (or --attr-cache-max-size-mb CLI flag) controls the memory limit. By default the limit is auto-tuned to 1% of total system RAM, clamped to [64 MB, 1 GB] (~70 K–1.1 M file entries depending on machine size). Omitting max-size-mb or setting it to 0 both use the auto-tuned value. Increase the limit for workloads with large directory trees or many distinct file paths. Example configuration:
    attr_cache:
      timeout-sec: 120
      max-size-mb: 256   # set explicitly to override auto-tuning
  • Kernel directory-listing cache (fuse3 only). When kernel-list-cache-expiration-sec is set in the libfuse config section, blobfuse2 instructs the kernel to cache readdir results for that many seconds. Repeat ls calls within the TTL are served entirely from the kernel's page cache without any userspace round-trip, significantly reducing latency and backend API traffic for read-heavy workloads. After the TTL expires the next opendir call signals the kernel to discard the stale listing and issue a fresh READDIRPLUS. A background sweeper proactively invalidates entries that were never re-opened, keeping kernel memory usage bounded. The default TTL is 120 seconds (matching the other libfuse timeouts); set to 0 to disable. Example configuration:
    libfuse:
      kernel-list-cache-expiration-sec: 120   # 0 disables kernel list caching
    Alternatively, pass --kernel-list-cache-timeout=<seconds> on the mount command line.

Bug Fixes

  • Fix CPK-encrypted blob attribute lookup duplicating the prefix path when subdirectory is configured (PR #2199)
  • Return ENAMETOOLONG instead of EIO when creating a directory path that exceeds the ADLS depth limit of 63 segments (PR #2221)
  • Return ENAMETOOLONG instead of EIO when renaming a directory to an ADLS path that exceeds the depth limit of 63 segments (PR #2251)
  • Fix Debian 13 (trixie) release by publishing a dedicated package built against libfuse3.so.4 (libfuse 3.17+) (PR #2264)
  • Fixed filtering of blobs by blob index tags via the azstorage.filter (--filter) option. (PR #2261)

Other Changes

  • CBL-Mariner 2.0 has reached end-of-life; Blobfuse2 packages will no longer be published to Mariner 2.0 repositories.
  • Reduce the default block-cache memory pool size from 80% of free memory to 60% of available memory when block_cache.mem-size-mb is not configured. This change improves mountpoint resilience by leaving more memory headroom for system processes, reducing the risk of out-of-memory conditions when concurrent workloads compete for memory resources. Users can continue to set the block-cache memory limit explicitly with block_cache.mem-size-mb or the --block-cache-pool-size CLI option. (PR #2260).
  • Mirror Go runtime panic/fatal stack traces to the Blobfuse2 log file in addition to the existing per-mount .trace file.