Major Feature Release
minio-trusted
released this
25 Nov 08:12
·
2935 commits
to master
since this release
Highlights
-
Click here to download the latest version of MinIO.
-
Click here for production support.
-
Downgrades are not supported in this release for erasure-coded clusters, due to on-disk data format version bump - once upgraded erasure-coded clusters cannot be downgraded to the previous release. Please upgrade staging or testing environments first.
-
Re-implementation of
xl.meta
metadata handling for objects with multiple versions, provides following improvements - refer #13573- Allows checking if a version exists.
- Allows reading a single version without file wide unmarshal.
- Allows reading latest version of type without file wide unmarshal.
- Allows reading the latest version without file wide unmarshal.
- Allows checking if the latest is delete-marker by reading the first entry.
- Allows adding/updating/deleting a version with only header deserialization.
- Reduces allocations on conversion to internal data structures.
-
'Host' header-based dynamic redirect_uri when OpenID SSO is enabled.
mc admin config set alias/ identity_openid --env
...
MINIO_IDENTITY_OPENID_REDIRECT_URI_DYNAMIC (on|off) Enable 'Host' header based dynamic redirect URI
- Multiple healing-related issues were addressed related to objects healed from
xl.json -> xl.meta
format, refer #13671 #13681 #13717 #13715 - Disk caching now supports multipart write-through caching by default, refer #13613
- Adds explicit deny support for AddServiceAccoun, refer #13657
- Other miscellaneous bug fixes in ListObjects(), Tiering and LDAP service account handling.
What's Changed
- Add CI for etcd IAM backend by @donatello in #13614
- allocate new highwayhash for each string hash by @harshavardhana in #13623
- Default multipart caching to writethrough by @poornas in #13613
- fix: use equalFold() instead of lower and compare by @harshavardhana in #13624
- Support dynamic reset of minio config by @anjalshireesh in #13626
- Fix missing entries on first list resume by @klauspost in #13627
- add multi-site replication tests by @harshavardhana in #13631
- fix: backend not reachable should be more descriptive by @harshavardhana in #13634
- Add tests for OpenID STS creds and add to CI by @donatello in #13638
- IAM: init IAM with Init() rather than InitStore() in tests by @donatello in #13643
- add a tool to read healing.bin for debugging by @harshavardhana in #13650
- add explicit deny support for service accounts by @harshavardhana in #13657
- ignore swapped drives instead of throwing errors by @harshavardhana in #13655
- fix: restored object to preserve x-amz-meta properly by @harshavardhana in #13664
- Fix: Thread context in surrounding function into IAM functions by @donatello in #13658
- add gocritic/ruleguard checks back again, cleanup code. by @harshavardhana in #13665
- reduceErrs to handle context.Canceled errors by @krisis in #13670
- support dynamic redirect_uri based on incoming 'host' header by @harshavardhana in #13666
- honor requests_max based on cgroup_limits if configured by @harshavardhana in #13673
- metrics: Add replication latency metrics by @vadmeste in #13515
- de-couple bucket metadata loading with lock context by @harshavardhana in #13679
- Add grafana json file for replication metrics by @sinhaashish in #13678
- fallback O_DIRECT if not supported, do regular reads() by @harshavardhana in #13680
- heal legacy objects when versioning is enabled after upgrade by @harshavardhana in #13671
- Use pointer based TLS field by @anjalshireesh in #13659
- Improve performance on multiple versions by @klauspost in #13573
- fix: Use policies from claims for service accounts by @donatello in #13690
- add missing copyright on testfile by @harshavardhana in #13691
- do not flush if Write() failed by @harshavardhana in #13597
- Fix the unit of measurement by @mshanmu in #13686
- allow in-memory persistence for gateway by @harshavardhana in #13694
- retry disk replacement healing if listing fails by @harshavardhana in #13689
- simplify the reader for speedtest by @harshavardhana in #13682
- Allow users to list their own service accounts by @donatello in #13706
- fix: allow scanner compaction on replicated buckets by @harshavardhana in #13711
- Add caching to CI job by @donatello in #13712
- Add MaxNoncurrentVersions to NoncurrentExpiration action by @krisis in #13580
- Fix entries not cleared on resolve by @klauspost in #13705
- Fix OpenID service accounts creation and update by @donatello in #13708
- dataDir needs maxima calculation to be correct by @harshavardhana in #13715
- re-implement pickValidInfo dataDir, move to quorum calculation by @harshavardhana in #13681
- fix: obtaining a valid FileInfo in getLatestFileInfo by @harshavardhana in #13717
- fix: make sure esClient is allocated before use by @harshavardhana in #13727
- Don't set net.ipv6.conf.wlp59s0.disable_ipv6=1 on host in docker-buildx.sh by @3nprob in #13724
- remove "expires" header from presign v2 as metadata by @harshavardhana in #13718
- policy: Fix a typo when validating the list of policies by @vadmeste in #13735
- Update minio-overview.json by @chrisbecke in #13730
- Reduce JWT overhead. by @klauspost in #13738
- allow service freeze/unfreeze on a setup by @harshavardhana in #13707
- fix: atomic.Value should be a concrete type to avoid panics by @harshavardhana in #13740
- Fix "send on closed channel" panic by @klauspost in #13745
- multi-delete: Avoid empty Delete tag in the response by @vadmeste in #13725
- use acceptedResponseStatusCode everywhere in HTTP logger by @harshavardhana in #13755
- Fix returning invalid account-not-exists error for LDAP svc acc by @donatello in #13756
New Contributors
- @mshanmu made their first contribution in #13686
- @3nprob made their first contribution in #13724
- @chrisbecke made their first contribution in #13730
Full Changelog: RELEASE.2021-11-09T03-21-45Z...RELEASE.2021-11-24T23-19-33Z