Skip to content

4.7

Latest
Latest

Choose a tag to compare

View all tags
@aaronnw aaronnw released this 03 Jun 19:57
· 18 commits to main since this release
v1.4.7
16299b6

AIStore 4.7 is a small patch release for improved long-term stability and observability.

The primary changes fix unbounded growth of xaction notification metadata passed between IC members, extend Prometheus with Go runtime metrics and a per-node primary-proxy gauge, and tighten outbound network policy for the external downloader.

IC Notification Listener Cleanup

Finished xaction notification listeners were not being reclaimed reliably in long-lived clusters, causing IC ownership-table metadata to grow without bound.
Cleanup timing and IC synchronization of listener state are corrected.

Commits

  • 47628799e: core: fix notification listener time-based cleanup
  • d23009750: core: use consistent nl unmarshal, test atomic marshal round trips

Observability

Prometheus can now include a low-cardinality subset of Go runtime metrics (goroutines, GC, heap) alongside the existing AIS counters.
These are off by default and gated by the cluster Enable-Go-Runtime-Metrics feature flag.
Each node also exports ais_node_primary_info, a gauge labeled with primary_id for the primary proxy reflected in its cluster map.

Commits

  • 7e08a8461: stats: register subset of go runtime metrics with prometheus
  • da930ae0c: observability: conditionally publish Go-runtime Prometheus metrics
  • 0c395682c: stats: add primary info metric

Downloader egress controls

The downloader now applies egress policy to its outbound HTTP connections.
By default, destinations in non-public address space are not reachable.
Clusters that need to fetch from private networks can enable the Dload-Allow-Private-Egress feature flag; a subset of sensitive ranges stays blocked regardless of configuration.

Reported by tonghuaroot <tonghuaroot@gmail.com>. Thanks for the detailed write-up.

Commits

  • 06f8bfc83: ext/dload: restrict downloader egress to mitigate SSRF

Other Changes

  • Sendfile transmit — the GET sendfile path held back in 4.6 is now enabled for eligible plain-HTTP, file-backed objects, including range reads.
  • Shard index summary — new target-side summary-shard xaction aggregates indexed vs unindexed TAR coverage for a bucket.
  • Space cleanup — completed chunk manifests are validated by load, not LOM flag alone.
  • S3 compatibility — response XML root element names match the AWS spec for strict clients.

Commits

  • da541a1be: sendfile transmit path: enable; add range-read (part two)
  • fe855df60: shard index: add bucket shard summary xaction
  • 1739b1c59: space/cleanup: validate completed chunk manifests
  • 9a5d91c0d: ais/s3: emit AWS-spec XML root element names for S3 responses
Assets 10
Loading