This file is indexed.

/usr/share/doc/ganeti/html/news.html is in ganeti-doc 2.16.0~rc2-1build1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

   1
   2
   3
   4
   5
   6
   7
   8
   9
  10
  11
  12
  13
  14
  15
  16
  17
  18
  19
  20
  21
  22
  23
  24
  25
  26
  27
  28
  29
  30
  31
  32
  33
  34
  35
  36
  37
  38
  39
  40
  41
  42
  43
  44
  45
  46
  47
  48
  49
  50
  51
  52
  53
  54
  55
  56
  57
  58
  59
  60
  61
  62
  63
  64
  65
  66
  67
  68
  69
  70
  71
  72
  73
  74
  75
  76
  77
  78
  79
  80
  81
  82
  83
  84
  85
  86
  87
  88
  89
  90
  91
  92
  93
  94
  95
  96
  97
  98
  99
 100
 101
 102
 103
 104
 105
 106
 107
 108
 109
 110
 111
 112
 113
 114
 115
 116
 117
 118
 119
 120
 121
 122
 123
 124
 125
 126
 127
 128
 129
 130
 131
 132
 133
 134
 135
 136
 137
 138
 139
 140
 141
 142
 143
 144
 145
 146
 147
 148
 149
 150
 151
 152
 153
 154
 155
 156
 157
 158
 159
 160
 161
 162
 163
 164
 165
 166
 167
 168
 169
 170
 171
 172
 173
 174
 175
 176
 177
 178
 179
 180
 181
 182
 183
 184
 185
 186
 187
 188
 189
 190
 191
 192
 193
 194
 195
 196
 197
 198
 199
 200
 201
 202
 203
 204
 205
 206
 207
 208
 209
 210
 211
 212
 213
 214
 215
 216
 217
 218
 219
 220
 221
 222
 223
 224
 225
 226
 227
 228
 229
 230
 231
 232
 233
 234
 235
 236
 237
 238
 239
 240
 241
 242
 243
 244
 245
 246
 247
 248
 249
 250
 251
 252
 253
 254
 255
 256
 257
 258
 259
 260
 261
 262
 263
 264
 265
 266
 267
 268
 269
 270
 271
 272
 273
 274
 275
 276
 277
 278
 279
 280
 281
 282
 283
 284
 285
 286
 287
 288
 289
 290
 291
 292
 293
 294
 295
 296
 297
 298
 299
 300
 301
 302
 303
 304
 305
 306
 307
 308
 309
 310
 311
 312
 313
 314
 315
 316
 317
 318
 319
 320
 321
 322
 323
 324
 325
 326
 327
 328
 329
 330
 331
 332
 333
 334
 335
 336
 337
 338
 339
 340
 341
 342
 343
 344
 345
 346
 347
 348
 349
 350
 351
 352
 353
 354
 355
 356
 357
 358
 359
 360
 361
 362
 363
 364
 365
 366
 367
 368
 369
 370
 371
 372
 373
 374
 375
 376
 377
 378
 379
 380
 381
 382
 383
 384
 385
 386
 387
 388
 389
 390
 391
 392
 393
 394
 395
 396
 397
 398
 399
 400
 401
 402
 403
 404
 405
 406
 407
 408
 409
 410
 411
 412
 413
 414
 415
 416
 417
 418
 419
 420
 421
 422
 423
 424
 425
 426
 427
 428
 429
 430
 431
 432
 433
 434
 435
 436
 437
 438
 439
 440
 441
 442
 443
 444
 445
 446
 447
 448
 449
 450
 451
 452
 453
 454
 455
 456
 457
 458
 459
 460
 461
 462
 463
 464
 465
 466
 467
 468
 469
 470
 471
 472
 473
 474
 475
 476
 477
 478
 479
 480
 481
 482
 483
 484
 485
 486
 487
 488
 489
 490
 491
 492
 493
 494
 495
 496
 497
 498
 499
 500
 501
 502
 503
 504
 505
 506
 507
 508
 509
 510
 511
 512
 513
 514
 515
 516
 517
 518
 519
 520
 521
 522
 523
 524
 525
 526
 527
 528
 529
 530
 531
 532
 533
 534
 535
 536
 537
 538
 539
 540
 541
 542
 543
 544
 545
 546
 547
 548
 549
 550
 551
 552
 553
 554
 555
 556
 557
 558
 559
 560
 561
 562
 563
 564
 565
 566
 567
 568
 569
 570
 571
 572
 573
 574
 575
 576
 577
 578
 579
 580
 581
 582
 583
 584
 585
 586
 587
 588
 589
 590
 591
 592
 593
 594
 595
 596
 597
 598
 599
 600
 601
 602
 603
 604
 605
 606
 607
 608
 609
 610
 611
 612
 613
 614
 615
 616
 617
 618
 619
 620
 621
 622
 623
 624
 625
 626
 627
 628
 629
 630
 631
 632
 633
 634
 635
 636
 637
 638
 639
 640
 641
 642
 643
 644
 645
 646
 647
 648
 649
 650
 651
 652
 653
 654
 655
 656
 657
 658
 659
 660
 661
 662
 663
 664
 665
 666
 667
 668
 669
 670
 671
 672
 673
 674
 675
 676
 677
 678
 679
 680
 681
 682
 683
 684
 685
 686
 687
 688
 689
 690
 691
 692
 693
 694
 695
 696
 697
 698
 699
 700
 701
 702
 703
 704
 705
 706
 707
 708
 709
 710
 711
 712
 713
 714
 715
 716
 717
 718
 719
 720
 721
 722
 723
 724
 725
 726
 727
 728
 729
 730
 731
 732
 733
 734
 735
 736
 737
 738
 739
 740
 741
 742
 743
 744
 745
 746
 747
 748
 749
 750
 751
 752
 753
 754
 755
 756
 757
 758
 759
 760
 761
 762
 763
 764
 765
 766
 767
 768
 769
 770
 771
 772
 773
 774
 775
 776
 777
 778
 779
 780
 781
 782
 783
 784
 785
 786
 787
 788
 789
 790
 791
 792
 793
 794
 795
 796
 797
 798
 799
 800
 801
 802
 803
 804
 805
 806
 807
 808
 809
 810
 811
 812
 813
 814
 815
 816
 817
 818
 819
 820
 821
 822
 823
 824
 825
 826
 827
 828
 829
 830
 831
 832
 833
 834
 835
 836
 837
 838
 839
 840
 841
 842
 843
 844
 845
 846
 847
 848
 849
 850
 851
 852
 853
 854
 855
 856
 857
 858
 859
 860
 861
 862
 863
 864
 865
 866
 867
 868
 869
 870
 871
 872
 873
 874
 875
 876
 877
 878
 879
 880
 881
 882
 883
 884
 885
 886
 887
 888
 889
 890
 891
 892
 893
 894
 895
 896
 897
 898
 899
 900
 901
 902
 903
 904
 905
 906
 907
 908
 909
 910
 911
 912
 913
 914
 915
 916
 917
 918
 919
 920
 921
 922
 923
 924
 925
 926
 927
 928
 929
 930
 931
 932
 933
 934
 935
 936
 937
 938
 939
 940
 941
 942
 943
 944
 945
 946
 947
 948
 949
 950
 951
 952
 953
 954
 955
 956
 957
 958
 959
 960
 961
 962
 963
 964
 965
 966
 967
 968
 969
 970
 971
 972
 973
 974
 975
 976
 977
 978
 979
 980
 981
 982
 983
 984
 985
 986
 987
 988
 989
 990
 991
 992
 993
 994
 995
 996
 997
 998
 999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
3439
3440
3441
3442
3443
3444
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
3480
3481
3482
3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527
3528
3529
3530
3531
3532
3533
3534
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759
3760
3761
3762
3763
3764
3765
3766
3767
3768
3769
3770
3771
3772
3773
3774
3775
3776
3777
3778
3779
3780
3781
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
3793
3794
3795
3796
3797
3798
3799
3800
3801
3802
3803
3804
3805
3806
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
3885
3886
3887
3888
3889
3890
3891
3892
3893
3894
3895
3896
3897
3898
3899
3900
3901
3902
3903
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
3917
3918
3919
3920
3921
3922
3923
3924
3925
3926
3927
3928
3929
3930
3931
3932
3933
3934
3935
3936
3937
3938
3939
3940
3941
3942
3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
3953
3954
3955
3956
3957
3958
3959
3960
3961
3962
3963
3964
3965
3966
3967
3968
3969
3970
3971
3972
3973
3974
3975
3976
3977
3978
3979
3980
3981
3982
3983
3984
3985
3986
3987
3988
3989
3990
3991
3992
3993
3994
3995
3996
3997
3998
3999
4000
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
4036
4037
4038
4039
4040
4041
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105
4106
4107
4108
4109
4110
4111
4112
4113
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143
4144
4145
4146
4147
4148
4149
4150
4151
4152
4153
4154
4155
4156
4157
4158
4159
4160
4161
4162
4163
4164
4165
4166
4167
4168
4169
4170
4171
4172
4173
4174
4175
4176
4177
4178
4179
4180
4181
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198
4199
4200
4201
4202
4203
4204
4205
4206
4207
4208
4209
4210
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220
4221
4222
4223
4224
4225
4226
4227
4228
4229
4230
4231
4232
4233
4234
4235
4236
4237
4238
4239
4240
4241
4242
4243
4244
4245
4246
4247
4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289
4290
4291
4292
4293
4294
4295
4296
4297
4298
4299
4300
4301
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
4353
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
4389
4390
4391
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
4494
4495
4496
4497
4498
4499
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519
4520
4521
4522
4523
4524
4525
4526
4527
4528
4529
4530
4531
4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543
4544
4545
4546
4547
4548
4549
4550
4551
4552
4553
4554
4555
4556
4557
4558
4559
4560
4561
4562
4563
4564
4565
4566
4567
4568
4569
4570
4571
4572
4573
4574
4575
4576
4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
4664
4665
4666
4667
4668
4669
4670
4671
4672
4673
4674
4675
4676
4677
4678
4679
4680
4681
4682
4683
4684
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
4715
4716
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757
4758
4759
4760
4761
4762
4763
4764
4765
4766
4767
4768
4769
4770
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
4781
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855
4856
4857
4858
4859
4860
4861
4862
4863
4864
4865
4866
4867
4868
4869
4870
4871
4872
4873
4874
4875
4876
4877
4878
4879
4880
4881
4882
4883
4884
4885
4886
4887
4888
4889
4890
4891
4892
4893
4894
4895
4896
4897
4898
4899
4900
4901
4902
4903
4904
4905
4906
4907
4908
4909
4910
4911
4912
4913
4914
4915
4916
4917
4918
4919
4920
4921
4922
4923
4924
4925
4926
4927
4928
4929
4930
4931
4932
4933
4934
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944
4945
4946
4947
4948
4949
4950
4951
4952
4953
4954
4955
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974
4975
4976
4977
4978
4979
4980
4981
4982
4983
4984
4985
4986
4987
4988
4989
4990
4991
4992
4993
4994
4995
4996
4997
4998
4999
5000
5001
5002
5003
5004
5005
5006
5007
5008
5009
5010
5011
5012
5013
5014
5015
5016
5017
5018
5019
5020
5021
5022
5023
5024
5025
5026
5027
5028
5029
5030
5031
5032
5033
5034
5035
5036
5037
5038
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
5050
5051
5052
5053
5054
5055
5056
5057
5058
5059
5060
5061
5062
5063
5064
5065
5066
5067
5068
5069
5070
5071
5072
5073
5074
5075
5076
5077
5078
5079
5080
5081
5082
5083
5084
5085
5086
5087
5088
5089
5090
5091
5092
5093
5094
5095
5096
5097
5098
5099
5100
5101
5102
5103
5104
5105
5106
5107
5108
5109
5110
5111
5112
5113
5114
5115
5116
5117
5118
5119
5120
5121
5122
5123
5124
5125
5126
5127
5128
5129
5130
5131
5132
5133
5134
5135
5136
5137
5138
5139
5140
5141
5142
5143
5144
5145
5146
5147
5148
5149
5150
5151
5152
5153
5154
5155
5156
5157
5158
5159
5160
5161
5162
5163
5164
5165
5166
5167
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
5184
5185
5186
5187
5188
5189
5190
5191
5192
5193
5194
5195
5196
5197
5198
5199
5200
5201
5202
5203
5204
5205
5206
5207
5208
5209
5210
5211
5212
5213
5214
5215
5216
5217
5218
5219
5220
5221
5222
5223
5224
5225
5226
5227
5228
5229
5230
5231
5232
5233
5234
5235
5236
5237
5238
5239
5240
5241
5242
5243
5244
5245
5246
5247
5248
5249
5250
5251
5252
5253
5254
5255
5256
5257
5258
5259
5260
5261
5262
5263
5264
5265
5266
5267
5268
5269
5270
5271
5272
5273
5274
5275
5276
5277
5278
5279
5280
5281
5282
5283
5284
5285
5286
5287
5288
5289
5290
5291
5292
5293
5294
5295
5296
5297
5298
5299
5300
5301
5302
5303
5304
5305
5306
5307
5308
5309
5310
5311
5312
5313
5314
5315
5316
5317
5318
5319
5320
5321
5322
5323
5324
5325
5326
5327
5328
5329
5330
5331
5332
5333
5334
5335
5336
5337
5338
5339
5340
5341
5342
5343
5344
5345
5346
5347
5348
5349
5350
5351
5352
5353
5354
5355
5356
5357
5358
5359
5360
5361
5362
5363
5364
5365
5366
5367
5368
5369
5370
5371
5372
5373
5374
5375
5376
5377
5378
5379
5380
5381
5382
5383
5384
5385
5386
5387
5388
5389
5390
5391
5392
5393
5394
5395
5396
5397
5398
5399
5400
5401
5402
5403
5404
5405
5406
5407
5408
5409
5410
5411
5412
5413
5414
5415
5416
5417
5418
5419
5420
5421
5422
5423
5424
5425
5426
5427
5428
5429
5430
5431
5432
5433
5434
5435
5436
5437
5438
5439
5440
5441
5442
5443
5444
5445
5446
5447
5448
5449
5450
5451
5452
5453
5454
5455
5456
5457
5458
5459
5460
5461
5462
5463
5464
5465
5466
5467
5468
5469
5470
5471
5472
5473
5474
5475
5476
5477
5478
5479
5480
5481
5482
5483
5484
5485
5486
5487
5488
5489
5490
5491
5492
5493
5494
5495
5496
5497
5498
5499
5500
5501
5502
5503
5504
5505
5506
5507
5508
5509
5510
5511
5512
5513
5514
5515
5516
5517
5518
5519
5520
5521
5522
5523
5524
5525
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>News &#8212; Ganeti 2.16.0~rc2 documentation</title>
    <link rel="stylesheet" href="_static/style.css" type="text/css" />
    <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
    <script type="text/javascript">
      var DOCUMENTATION_OPTIONS = {
        URL_ROOT:    './',
        VERSION:     '2.16.0~rc2',
        COLLAPSE_INDEX: false,
        FILE_SUFFIX: '.html',
        HAS_SOURCE:  true,
        SOURCELINK_SUFFIX: '.txt'
      };
    </script>
    <script type="text/javascript" src="_static/jquery.js"></script>
    <script type="text/javascript" src="_static/underscore.js"></script>
    <script type="text/javascript" src="_static/doctools.js"></script>
    <link rel="search" title="Search" href="search.html" />
    <link rel="next" title="OVF converter" href="ovfconverter.html" />
    <link rel="prev" title="Moving instances between clusters" href="move-instance.html" /> 
  </head>
  <body>
    <div class="related" role="navigation" aria-label="related navigation">
      <h3>Navigation</h3>
      <ul>
        <li class="right" style="margin-right: 10px">
          <a href="ovfconverter.html" title="OVF converter"
             accesskey="N">next</a></li>
        <li class="right" >
          <a href="move-instance.html" title="Moving instances between clusters"
             accesskey="P">previous</a> |</li>
        <li class="nav-item nav-item-0"><a href="index.html">Ganeti 2.16.0~rc2 documentation</a> &#187;</li> 
      </ul>
    </div>  

    <div class="document">
      <div class="documentwrapper">
        <div class="bodywrapper">
          <div class="body" role="main">
            
  <div class="section" id="news">
<h1>News<a class="headerlink" href="#news" title="Permalink to this headline"></a></h1>
<div class="section" id="version-2-16-0-rc2">
<h2>Version 2.16.0 rc2<a class="headerlink" href="#version-2-16-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 29 Jan 2018)</em></p>
<div class="section" id="changes-since-2-16-0-rc1">
<h3>Changes since 2.16.0 rc1<a class="headerlink" href="#changes-since-2-16-0-rc1" title="Permalink to this headline"></a></h3>
<p>New features:
- Do not prompt when force-setting a node online
- Consider state-of-the-record free memory in htools memory model (#35)
- Add optStaticKvmNodeMemory to HTools and IAllocator (#34)
- Add discard KVM option to bdev
- StartInstance restores instance state if running
- Allow migrate –cleanup to adopt an instance
- Add ganeti-noded and ganeti-rapi –max-clients options
- Add gnt-instance rename –force option
- Allow master failover to ignore offline nodes
- Adding a confirmation before gnt-node –offline no</p>
<p>Compatibility fixes:
- kvm: use the current psutil CPU affinity API
- Provide alternative to decompressWithErrors in zlib 6.0
- Ceph/RBD rbd showmapped -p is no longer supported
- kvm: use_guest_agent: QEMU Guest Agent support
- Fix LogicalVolume code to work with older /sbin/lvs</p>
<p>Performance optimizations:
- Use fork instead of spawnv in the watcher
- Make executeRpcCall only compute rpcCallData once
- Special case WaitForJobChange to reduce heap use
- Get haskell daemons to only compress files &gt; 4kB
- Use zlib compression level 3 in Haskell RPC code
- Make the TH fieldsDictsKeys more efficient
- Implement localized cache for lvs commands
- Reduce load in NV_NODENETTEST and NV_MASTERIP</p>
<p>Bugfixes:
- impexpd: fix certificate verification with new socat versions
- impexpd: do not set socat SSL method
- backend: fix key renewal on single-node clusters
- hv_xen: generate correct type for paravirtualized nic (#57)
- Force CleanupInstance always on InstanceShutdown (#53)
- Cleanup blockdevs from target on migration failure (#50)
- kvm: Add missing ‘driver’ in ‘hvinfo’ dict (#46)
- Add cleanup of stale OS hvp data on cluster modify
- Htools should use state-of-record instance size
- Prohibit disk removal w/o hotplug on live instance
- Fix tuple-unpacking from QueryInstances result
- Fix index in RemoveDisks warning
- Fix coexistence of location tags and non-DRBD instances
- Fix backup export in case of ext disk template
- Fix instance state detection in _Shutdowninstance
- Fix for instance reinstall not updating config (issue #1193)
- Fix optimisation: Correctly extract secondary node
- Tune getNodeInstances DRBD secondary computation
- Fix LogicalVolume Attach failure on missing path
- Set USE_VERSION_FULL=no if –enable-versionfull=no
- Don’t verify disks when all disk templates are ext</p>
<p>Misc changes:
- Fixed several hlint and pylint styling errors
- Reduced the verbosity of several debug messages
- Fixed various typos in man pages and documentation
- Improved various unit tests</p>
<p>Fixes inherited from 2.15 branch:</p>
<ul class="simple">
<li>Update hv_kvm to handle output from qemu &gt;= 1.6.0</li>
<li>Disable logging CallRPCMethod timings in non-debug configs</li>
<li>Give atomicWriteFile temp filenames a more distinct pattern</li>
<li>FIX: Refactor DiagnoseOS to use a loop, not an inner fn</li>
<li>FIX: Set INSTANCE_NICn_NETWORK_NAME only if net is defined</li>
<li>Fix invalid variable error for file-based disks</li>
<li>Fix gnt-instance console instance unpausing for xl toolstack</li>
<li>KVM: handle gracefully too old/too new psutil versions</li>
<li>Fixup compatibility with GHC 7.4/base 4.5</li>
<li>mcpu: Raise caught OpPrereqErrors with too few args</li>
<li>Make EnsureDirs print chmod mode on errors</li>
<li>Use socat method string compatible with &lt;1.73 &amp; &gt;=1.73</li>
<li>Reduce heap when parsing &amp; storing ConfigData 10%</li>
<li>Cancel RAPI job if the client drops the connection</li>
<li>Make JQScheduler queues more strict to avoid leaks</li>
<li>Fix ganeti-rapi/noded exit-under-load bug</li>
<li>Fix ClusterVerifyConfig() causing high mem usage</li>
<li>Use threaded runtime when linking Haskell unit tests</li>
<li>Give JQueue test dirs unique prefixes so they can’t conflict</li>
<li>Update install-quick DRBD requirements to include DRBD 8.4</li>
<li>Fix memory/perf bug in gnt-cluster verify</li>
<li>Improve luxid QueryInstances performance for large clusters</li>
<li>Optimize LXC hypervisor GetAllInstancesInfo</li>
<li>Bracket ConfigWriter writeConfigAndUnlock with debug logging</li>
<li>Bracket client LockConfig calls with debug logging</li>
<li>Get onInotify and onPollTimer to print filepath</li>
<li>Prevent InstanceShutdown from waiting on success</li>
</ul>
<p>Fixes inherited from 2.14 branch:</p>
<ul class="simple">
<li>Support userspace disk URIs for OS import/export scripts</li>
<li>iallocator: only adjust memory usage for up instances</li>
</ul>
<p>Fixes inherited from 2.13 branch:
- Bugfix: migrate needs HypervisorClass, not an instance</p>
</div>
</div>
<div class="section" id="version-2-16-0-rc1">
<h2>Version 2.16.0 rc1<a class="headerlink" href="#version-2-16-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 18 Feb 2016)</em></p>
<div class="section" id="incompatible-important-changes">
<h3>Incompatible/important changes<a class="headerlink" href="#incompatible-important-changes" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The IAllocator protocol has been extended by a new <code class="docutils literal"><span class="pre">allocate-secondary</span></code>
request type. Currently, this new request type is only used when in disk
conversion to DRBD no secondary node is specified. As long as this new
feature is not used, a third-party IAllocator not aware of this extension can
be continued to be used.</li>
<li><code class="docutils literal"><span class="pre">htools</span></code> now also take into account N+1 redundancy for plain and shared
storage. To obtain the old behavior, add the <code class="docutils literal"><span class="pre">--no-capacity-checks</span></code> option.</li>
<li><code class="docutils literal"><span class="pre">hail</span></code> now tries to keep the overall cluster balanced; in particular it
now prefers more empty groups over groups that are internally more balanced.</li>
<li>The option <code class="docutils literal"><span class="pre">--no-node-setup</span></code> of <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">add</span></code> is disabled.
Instead, the cluster configuration parameter <code class="docutils literal"><span class="pre">modify_ssh_setup</span></code> is
used to determine whether or not to manipulate the SSH setup of a new
node.</li>
<li>Timeouts for communication with luxid have been increased. As a consequence,
Ganeti tools communicating (directly or indirectly) with luxid also time out
later. Please increase all timeouts for higher level tools interacting with
Ganeti accordingly.</li>
</ul>
</div>
<div class="section" id="new-features">
<h3>New features<a class="headerlink" href="#new-features" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">hbal</span></code> can now be made aware of common causes of failures (for
nodes). Look at <code class="docutils literal"><span class="pre">hbal</span></code> man page’s LOCATION TAGS section for more details.</li>
<li><code class="docutils literal"><span class="pre">hbal</span></code> can now be made aware of desired location for instances. Look
at <code class="docutils literal"><span class="pre">hbal</span></code> man page’s DESIRED LOCATION TAGS section for more details.</li>
<li>Secret parameters are now readacted in job files</li>
</ul>
</div>
<div class="section" id="new-dependencies">
<h3>New dependencies<a class="headerlink" href="#new-dependencies" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Using the metadata daemon now requires the presence of the ‘setcap’ utility.
On Debian-based systems, it is available as a part of the ‘libcap2-bin’
package.</li>
</ul>
</div>
<div class="section" id="changes-since-beta2">
<h3>Changes since beta2<a class="headerlink" href="#changes-since-beta2" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>On group verify, only flush to group nodes</li>
</ul>
</div>
</div>
<div class="section" id="version-2-16-0-beta2">
<h2>Version 2.16.0 beta2<a class="headerlink" href="#version-2-16-0-beta2" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 2 Feb 2016)</em></p>
<p>This was the second beta release of the 2.16 series. All important changes
are listed in the latest 2.16 entry.</p>
<div class="section" id="changes-since-beta1">
<h3>Changes since beta1<a class="headerlink" href="#changes-since-beta1" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Do not add a new Inotify watchers on timer</li>
<li>Set block buffering for UDSServer</li>
<li>Fix failover in case the source node is offline</li>
<li>Add a parameter to ignore groups in capacity checks</li>
<li>Make hspace correctly handle –independent-groups</li>
<li>Accept BoringSSL as a known good ssl library</li>
<li>Make CommitTemporaryIPs call out to WConfD</li>
<li>Fix requested instance desired location tags in IAllocator</li>
<li>monitor: Use hvinfo in QMP methods</li>
<li>KVM: Work around QEMU commit 48f364dd</li>
<li>KVM: Introduce scsi_controller_type and kvm_pci_reservations hvparams</li>
<li>Improvements in SSH key handling</li>
<li>Do not generate the ganeti_pub_keys file with –no-ssh-init</li>
<li>Support force option for deactivate disks on RAPI</li>
<li>Add a –dry-run option to htools</li>
<li>Extended logging to improve traceability</li>
<li>Many documentation improvements and cleanups</li>
<li>Performance optimizations on larger clusters</li>
<li>Various QA and testing improvements</li>
</ul>
<p>Fixes inherited from 2.15 branch:</p>
<ul class="simple">
<li>Metad: ignore instances that have no communication NIC</li>
<li>For queries, take the correct base address of an IP block</li>
<li>Fix computation in network blocks</li>
<li>Use bulk-adding of keys in renew-crypto</li>
<li>Introduce bulk-adding of SSH keys</li>
<li>Handle SSH key distribution on auto promotion</li>
<li>Do not remove authorized key of node itself</li>
<li>Support force option for deactivate disks on RAPI</li>
<li>renew-crypto: use bulk-removal of SSH keys</li>
<li>Bulk-removal of SSH keys</li>
<li>Catch IOError of SSH files when removing node</li>
<li>Fix renew-crypto on one-node-cluster</li>
<li>Increase timeout of RPC adding/removing keys</li>
<li>After TestNodeModify, fix the pool of master candidates</li>
</ul>
<p>Fixes inherited from 2.14 branch:</p>
<ul class="simple">
<li>bdev: Allow userspace-only disk templates</li>
<li>Export disk’s userspace URI to OS scripts</li>
<li>Fix instance failover in case of DTS_EXT_MIRROR</li>
<li>Set node tags in iallocator htools backend</li>
<li>Fix faulty iallocator type check</li>
<li>Allow disk attachment to diskless instances</li>
<li>Allow disk attachment with external storage</li>
</ul>
<p>Fixes inherited from 2.13 branch:</p>
<ul class="simple">
<li>Improve xl socat migrations</li>
<li>Renew-crypto: stop daemons on master node first</li>
<li>Extend timeout for gnt-cluster renew-crypto</li>
</ul>
<p>Fixes inherited from 2.12 branch:</p>
<ul class="simple">
<li>Accept timeout errors when luxi down</li>
<li>Fix disabling of user shutdown reporting</li>
<li>gnt-node add: password auth is only one method</li>
<li>Fix inconsistency in python and haskell objects</li>
<li>Increase default disk size of burnin to 1G</li>
<li>Only search for Python-2 interpreters</li>
<li>Handle Xen 4.3 states better</li>
<li>Return the correct error code in the post-upgrade script</li>
<li>Make openssl refrain from DH altogether</li>
<li>Fix upgrades of instances with missing creation time</li>
<li>Check for healthy majority on master failover with voting</li>
<li>Pass arguments to correct daemons during master-failover</li>
</ul>
<p>Fixes inherited from 2.11 branch:</p>
<ul class="simple">
<li>At IAlloc backend guess state from admin state</li>
<li>Fix default for –default-iallocator-params</li>
</ul>
<p>Fixes inherited from 2.10 branch:</p>
<ul class="simple">
<li>Make htools tolerate missing “dtotal” and “dfree” on luxi</li>
<li>KVM: explicitly configure routed NICs late</li>
</ul>
<p>Fixes inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Security patch for CVE-2015-7944 RAPI Vulnerable to DoS via SSL renegotiation</li>
<li>Security patch for CVE-2015-7945 Leak DRBD secret via RAPI</li>
<li>replace-disks: fix –ignore-ipolicy</li>
</ul>
</div>
</div>
<div class="section" id="version-2-16-0-beta1">
<h2>Version 2.16.0 beta1<a class="headerlink" href="#version-2-16-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 28 Jul 2015)</em></p>
<p>This was the first beta release of the 2.16 series. All important changes
are listed in the latest 2.16 entry.</p>
</div>
<div class="section" id="version-2-15-2">
<h2>Version 2.15.2<a class="headerlink" href="#version-2-15-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 16 Dec 2015)</em></p>
<div class="section" id="important-changes-and-security-notes">
<h3>Important changes and security notes<a class="headerlink" href="#important-changes-and-security-notes" title="Permalink to this headline"></a></h3>
<p>Security release.</p>
<p>CVE-2015-7944</p>
<p>Ganeti provides a RESTful control interface called the RAPI. Its HTTPS
implementation is vulnerable to DoS attacks via client-initiated SSL
parameter renegotiation. While the interface is not meant to be exposed
publicly, due to the fact that it binds to all interfaces, we believe
some users might be exposing it unintentionally and are vulnerable. A
DoS attack can consume resources meant for Ganeti daemons and instances
running on the master node, making both perform badly.</p>
<p>Fixes are not feasible due to the OpenSSL Python library not exposing
functionality needed to disable client-side renegotiation. Instead, we
offer instructions on how to control RAPI’s exposure, along with info
on how RAPI can be setup alongside an HTTPS proxy in case users still
want or need to expose the RAPI interface. The instructions are
outlined in Ganeti’s security document: doc/html/security.html</p>
<p>CVE-2015-7945</p>
<p>Ganeti leaks the DRBD secret through the RAPI interface. Examining job
results after an instance information job reveals the secret. With the
DRBD secret, access to the local cluster network, and ARP poisoning,
an attacker can impersonate a Ganeti node and clone the disks of a
DRBD-based instance. While an attacker with access to the cluster
network is already capable of accessing any data written as DRBD
traffic is unencrypted, having the secret expedites the process and
allows access to the entire disk.</p>
<p>Fixes contained in this release prevent the secret from being exposed
via the RAPI. The DRBD secret can be changed by converting an instance
to plain and back to DRBD, generating a new secret, but redundancy will
be lost until the process completes.
Since attackers with node access are capable of accessing some and
potentially all data even without the secret, we do not recommend that
the secret be changed for existing instances.</p>
</div>
<div class="section" id="minor-changes">
<h3>Minor changes<a class="headerlink" href="#minor-changes" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Allow disk aittachment to diskless instances</li>
<li>Reduce memory footprint: Compute lock allocation strictly</li>
<li>Calculate correct affected nodes set in InstanceChangeGroup
(Issue 1144)</li>
<li>Reduce memory footprint: Don’t keep input for error messages</li>
<li>Use bulk-adding of keys in renew-crypto</li>
<li>Reduce memory footprint: Send answers strictly</li>
<li>Reduce memory footprint: Store keys as ByteStrings</li>
<li>Reduce memory footprint: Encode UUIDs as ByteStrings</li>
<li>Do not retry all requests after connection timeouts to prevent
repeated job submission</li>
<li>Fix reason trails of expanding opcodes</li>
<li>Make lockConfig call retryable</li>
<li>Extend timeout for gnt-cluster renew-crypto</li>
<li>Return the correct error code in the post-upgrade script</li>
<li>Make OpenSSL refrain from DH altogether</li>
<li>Fix faulty iallocator type check</li>
<li>Improve cfgupgrade output in case of errors</li>
<li>Fix upgrades of instances with missing creation time</li>
<li>Support force option for deactivate disks on RAPI</li>
<li>Make htools tolerate missing “dtotal” and “dfree” on luxi</li>
<li>Fix default for –default-iallocator-params</li>
<li>Renew-crypto: stop daemons on master node first</li>
<li>Don’t warn about broken SSH setup of offline nodes (Issue 1131)</li>
<li>Fix computation in network blocks</li>
<li>At IAlloc backend guess state from admin state</li>
<li>Set node tags in iallocator htools backend</li>
<li>Only search for Python-2 interpreters</li>
<li>Handle Xen 4.3 states better</li>
<li>Improve xl socat migrations</li>
</ul>
</div>
</div>
<div class="section" id="version-2-15-1">
<h2>Version 2.15.1<a class="headerlink" href="#version-2-15-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 7 Sep 2015)</em></p>
<div class="section" id="id1">
<h3>New features<a class="headerlink" href="#id1" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The ext template now allows userspace-only disks to be used</li>
</ul>
</div>
<div class="section" id="bugfixes">
<h3>Bugfixes<a class="headerlink" href="#bugfixes" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Fixed the silently broken ‘gnt-instance replace-disks –ignore-ipolicy’
command.</li>
<li>User shutdown reporting can now be disabled on Xen using the
‘–user-shutdown’ flag.</li>
<li>Remove falsely reported communication NIC error messages on instance start.</li>
<li>Fix ‘gnt-node migrate’ behavior when no instances are present on a node.</li>
<li>Fix the multi-allocation functionality for non-DRBD instances.</li>
</ul>
</div>
</div>
<div class="section" id="version-2-15-0">
<h2>Version 2.15.0<a class="headerlink" href="#version-2-15-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 29 Jul 2015)</em></p>
<div class="section" id="id2">
<h3>Incompatible/important changes<a class="headerlink" href="#id2" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>In order to improve allocation efficiency when using DRBD, the cluster
metric now takes the total reserved memory into account. A consequence
of this change is that the best possible cluster metric is no longer 0.
htools(1) interprets minimal cluster scores to be offsets of the theoretical
lower bound, so only users interpreting the cluster score directly should
be affected.</li>
<li>This release contains a fix for the problem that different encodings in
SSL certificates can break RPC communication (issue 1094). The fix makes
it necessary to rerun ‘gnt-cluster renew-crypto –new-node-certificates’
after the cluster is fully upgraded to 2.14.1</li>
</ul>
</div>
<div class="section" id="id3">
<h3>New features<a class="headerlink" href="#id3" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>On dedicated clusters, hail will now favour allocations filling up
nodes efficiently over balanced allocations.</li>
</ul>
</div>
<div class="section" id="id4">
<h3>New dependencies<a class="headerlink" href="#id4" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The indirect dependency on Haskell package ‘case-insensitive’ is now
explicit.</li>
</ul>
</div>
</div>
<div class="section" id="version-2-15-0-rc1">
<h2>Version 2.15.0 rc1<a class="headerlink" href="#version-2-15-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 17 Jun 2015)</em></p>
<p>This was the first release candidate in the 2.15 series. All important
changes are listed in the latest 2.15 entry.</p>
<div class="section" id="known-issues">
<h3>Known issues:<a class="headerlink" href="#known-issues" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Issue 1094: differences in encodings in SSL certificates due to
different OpenSSL versions can result in rendering a cluster
uncommunicative after a master-failover.</li>
</ul>
</div>
</div>
<div class="section" id="version-2-15-0-beta1">
<h2>Version 2.15.0 beta1<a class="headerlink" href="#version-2-15-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 30 Apr 2015)</em></p>
<p>This was the second beta release in the 2.15 series. All important changes
are listed in the latest 2.15 entry.</p>
</div>
<div class="section" id="version-2-14-2">
<h2>Version 2.14.2<a class="headerlink" href="#version-2-14-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 15 Dec 2015)</em></p>
<div class="section" id="id5">
<h3>Important changes and security notes<a class="headerlink" href="#id5" title="Permalink to this headline"></a></h3>
<p>Security release.</p>
<p>CVE-2015-7944</p>
<p>Ganeti provides a RESTful control interface called the RAPI. Its HTTPS
implementation is vulnerable to DoS attacks via client-initiated SSL
parameter renegotiation. While the interface is not meant to be exposed
publicly, due to the fact that it binds to all interfaces, we believe
some users might be exposing it unintentionally and are vulnerable. A
DoS attack can consume resources meant for Ganeti daemons and instances
running on the master node, making both perform badly.</p>
<p>Fixes are not feasible due to the OpenSSL Python library not exposing
functionality needed to disable client-side renegotiation. Instead, we
offer instructions on how to control RAPI’s exposure, along with info
on how RAPI can be setup alongside an HTTPS proxy in case users still
want or need to expose the RAPI interface. The instructions are
outlined in Ganeti’s security document: doc/html/security.html</p>
<p>CVE-2015-7945</p>
<p>Ganeti leaks the DRBD secret through the RAPI interface. Examining job
results after an instance information job reveals the secret. With the
DRBD secret, access to the local cluster network, and ARP poisoning,
an attacker can impersonate a Ganeti node and clone the disks of a
DRBD-based instance. While an attacker with access to the cluster
network is already capable of accessing any data written as DRBD
traffic is unencrypted, having the secret expedites the process and
allows access to the entire disk.</p>
<p>Fixes contained in this release prevent the secret from being exposed
via the RAPI. The DRBD secret can be changed by converting an instance
to plain and back to DRBD, generating a new secret, but redundancy will
be lost until the process completes.
Since attackers with node access are capable of accessing some and
potentially all data even without the secret, we do not recommend that
the secret be changed for existing instances.</p>
</div>
<div class="section" id="id6">
<h3>Minor changes<a class="headerlink" href="#id6" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Allow disk attachment to diskless instances</li>
<li>Calculate correct affected nodes set in InstanceChangeGroup
(Issue 1144)</li>
<li>Do not retry all requests after connection timeouts to prevent
repeated job submission</li>
<li>Fix reason trails of expanding opcodes</li>
<li>Make lockConfig call retryable</li>
<li>Extend timeout for gnt-cluster renew-crypto</li>
<li>Return the correct error code in the post-upgrade script</li>
<li>Make OpenSSL refrain from DH altogether</li>
<li>Fix faulty iallocator type check</li>
<li>Improve cfgupgrade output in case of errors</li>
<li>Fix upgrades of instances with missing creation time</li>
<li>Make htools tolerate missing “dtotal” and “dfree” on luxi</li>
<li>Fix default for –default-iallocator-params</li>
<li>Renew-crypto: stop daemons on master node first</li>
<li>Don’t warn about broken SSH setup of offline nodes (Issue 1131)</li>
<li>At IAlloc backend guess state from admin state</li>
<li>Set node tags in iallocator htools backend</li>
<li>Only search for Python-2 interpreters</li>
<li>Handle Xen 4.3 states better</li>
<li>Improve xl socat migrations</li>
<li>replace-disks: fix –ignore-ipolicy</li>
<li>Fix disabling of user shutdown reporting</li>
<li>Allow userspace-only disk templates</li>
<li>Fix instance failover in case of DTS_EXT_MIRROR</li>
<li>Fix operations on empty nodes by accepting allocation of 0 jobs</li>
<li>Fix instance multi allocation for non-DRBD disks</li>
<li>Redistribute master key on downgrade</li>
<li>Allow more failover options when using the –no-disk-moves flag</li>
</ul>
</div>
</div>
<div class="section" id="version-2-14-1">
<h2>Version 2.14.1<a class="headerlink" href="#version-2-14-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 10 Jul 2015)</em></p>
<div class="section" id="id7">
<h3>Incompatible/important changes<a class="headerlink" href="#id7" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The SSH security changes reduced the number of nodes which can SSH into
other nodes. Unfortunately enough, the Ganeti implementation of migration
for the xl stack of Xen required SSH to be able to migrate the instance,
leading to a situation where full movement of an instance around the cluster
was not possible. This version fixes the issue by using socat to transfer
instance data. While socat is less secure than SSH, it is about as secure as
xm migrations, and occurs over the secondary network if present. As a
consequence of this change, Xen instance migrations using xl cannot occur
between nodes running 2.14.0 and 2.14.1.</li>
<li>This release contains a fix for the problem that different encodings in
SSL certificates can break RPC communication (issue 1094). The fix makes
it necessary to rerun ‘gnt-cluster renew-crypto –new-node-certificates’
after the cluster is fully upgraded to 2.14.1</li>
</ul>
</div>
<div class="section" id="other-changes">
<h3>Other Changes<a class="headerlink" href="#other-changes" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The <code class="docutils literal"><span class="pre">htools</span></code> now properly work also on shared-storage clusters.</li>
<li>Instance moves now work properly also for the plain disk template.</li>
<li>Filter-evaluation for run-time data filter was fixed (issue 1100).</li>
<li>Various improvements to the documentation have been added.</li>
</ul>
</div>
</div>
<div class="section" id="version-2-14-0">
<h2>Version 2.14.0<a class="headerlink" href="#version-2-14-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 2 Jun 2015)</em></p>
<div class="section" id="id8">
<h3>New features<a class="headerlink" href="#id8" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The build system now enforces external Haskell dependencies to lie in
a supported range as declared by our new ganeti.cabal file.</li>
<li>Basic support for instance reservations has been added. Instance addition
supports a –forthcoming option telling Ganeti to only reserve the resources
but not create the actual instance. The instance can later be created with
by passing the –commit option to the instance addition command.</li>
<li>Node tags starting with htools:nlocation: now have a special meaning to htools(1).
They control between which nodes migration is possible, e.g., during hypervisor
upgrades. See hbal(1) for details.</li>
<li>The node-allocation lock as been removed for good, thus speeding up parallel
instance allocation and creation.</li>
<li>The external storage interface has been extended by optional <code class="docutils literal"><span class="pre">open</span></code>
and <code class="docutils literal"><span class="pre">close</span></code> scripts.</li>
</ul>
</div>
<div class="section" id="id9">
<h3>New dependencies<a class="headerlink" href="#id9" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Building the Haskell part of Ganeti now requires Cabal and cabal-install.</li>
</ul>
</div>
<div class="section" id="id10">
<h3>Known issues<a class="headerlink" href="#id10" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Under certain conditions instance doesn’t get unpaused after live
migration (issue #1050)</li>
</ul>
</div>
<div class="section" id="since-2-14-0-rc1">
<h3>Since 2.14.0 rc1<a class="headerlink" href="#since-2-14-0-rc1" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The call to the IAllocator in ‘gnt-node evacuate’ has been fixed.</li>
<li>In opportunistic locking, only ask for those node resource locks where
the node lock is held.</li>
<li>Lock requests are repeatable now; this avoids failure of a job in a
race condition with a signal sent to the job.</li>
<li>Various improvements to the QA.</li>
</ul>
</div>
</div>
<div class="section" id="version-2-14-0-rc2">
<h2>Version 2.14.0 rc2<a class="headerlink" href="#version-2-14-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 19 May 2015)</em></p>
<p>This was the second release candidate in the 2.14 series. All important
changes are listed in the 2.14.0 entry.</p>
<div class="section" id="id11">
<h3>Since 2.14.0 rc1<a class="headerlink" href="#id11" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>private parameters are now properly exported to instance create scripts</li>
<li>unnecessary config unlocks and upgrades have been removed, improving
performance, in particular of cluster verification</li>
<li>some rarely occuring file-descriptor leaks have been fixed</li>
<li>The checks for orphan and lost volumes have been fixed to also work
correctly when multiple volume groups are used.</li>
</ul>
</div>
</div>
<div class="section" id="version-2-14-0-rc1">
<h2>Version 2.14.0 rc1<a class="headerlink" href="#version-2-14-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 29 Apr 2015)</em></p>
<p>This was the first release candidate in the 2.14 series. All important
changes are listed in the latest 2.14 entry.</p>
<div class="section" id="since-2-14-0-beta2">
<h3>Since 2.14.0 beta2<a class="headerlink" href="#since-2-14-0-beta2" title="Permalink to this headline"></a></h3>
<p>The following issue has been fixed:</p>
<ul class="simple">
<li>A race condition where a badly timed kill of WConfD could lead to
an incorrect configuration.</li>
</ul>
<p>Fixes inherited from the 2.12 branch:</p>
<ul class="simple">
<li>Upgrade from old versions (2.5 and 2.6) was failing (issues 1070, 1019).</li>
<li>gnt-network info outputs wrong external reservations (issue 1068)</li>
<li>Refuse to demote master from master capability (issue 1023)</li>
</ul>
<p>Fixes inherited from the 2.13 branch:</p>
<ul class="simple">
<li>bugs related to ssh-key handling of master candidate (issues 1045, 1046, 1047)</li>
</ul>
</div>
</div>
<div class="section" id="version-2-14-0-beta2">
<h2>Version 2.14.0 beta2<a class="headerlink" href="#version-2-14-0-beta2" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 26 Mar 2015)</em></p>
<p>This was the second beta release in the 2.14 series. All important changes
are listed in the latest 2.14 entry.</p>
<div class="section" id="since-2-14-0-beta1">
<h3>Since 2.14.0 beta1<a class="headerlink" href="#since-2-14-0-beta1" title="Permalink to this headline"></a></h3>
<p>The following issues have been fixed:</p>
<ul class="simple">
<li>Issue 1018: Cluster init (and possibly other jobs) occasionally fail to start</li>
</ul>
<p>The extension of the external storage interface was not present in 2.14.0 beta1.</p>
</div>
</div>
<div class="section" id="version-2-14-0-beta1">
<h2>Version 2.14.0 beta1<a class="headerlink" href="#version-2-14-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 13 Feb 2015)</em></p>
<p>This was the first beta release of the 2.14 series. All important changes
are listed in the latest 2.14 entry.</p>
</div>
<div class="section" id="version-2-13-3">
<h2>Version 2.13.3<a class="headerlink" href="#version-2-13-3" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 14 Dec 2015)</em></p>
<div class="section" id="id12">
<h3>Important changes and security notes<a class="headerlink" href="#id12" title="Permalink to this headline"></a></h3>
<p>Security release.</p>
<p>CVE-2015-7944</p>
<p>Ganeti provides a RESTful control interface called the RAPI. Its HTTPS
implementation is vulnerable to DoS attacks via client-initiated SSL
parameter renegotiation. While the interface is not meant to be exposed
publicly, due to the fact that it binds to all interfaces, we believe
some users might be exposing it unintentionally and are vulnerable. A
DoS attack can consume resources meant for Ganeti daemons and instances
running on the master node, making both perform badly.</p>
<p>Fixes are not feasible due to the OpenSSL Python library not exposing
functionality needed to disable client-side renegotiation. Instead, we
offer instructions on how to control RAPI’s exposure, along with info
on how RAPI can be setup alongside an HTTPS proxy in case users still
want or need to expose the RAPI interface. The instructions are
outlined in Ganeti’s security document: doc/html/security.html</p>
<p>CVE-2015-7945</p>
<p>Ganeti leaks the DRBD secret through the RAPI interface. Examining job
results after an instance information job reveals the secret. With the
DRBD secret, access to the local cluster network, and ARP poisoning,
an attacker can impersonate a Ganeti node and clone the disks of a
DRBD-based instance. While an attacker with access to the cluster
network is already capable of accessing any data written as DRBD
traffic is unencrypted, having the secret expedites the process and
allows access to the entire disk.</p>
<p>Fixes contained in this release prevent the secret from being exposed
via the RAPI. The DRBD secret can be changed by converting an instance
to plain and back to DRBD, generating a new secret, but redundancy will
be lost until the process completes.
Since attackers with node access are capable of accessing some and
potentially all data even without the secret, we do not recommend that
the secret be changed for existing instances.</p>
</div>
<div class="section" id="id13">
<h3>Minor changes<a class="headerlink" href="#id13" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Calculate correct affected nodes set in InstanceChangeGroup
(Issue 1144)</li>
<li>Do not retry all requests after connection timeouts to prevent
repeated job submission</li>
<li>Fix reason trails of expanding opcodes</li>
<li>Make lockConfig call retryable</li>
<li>Extend timeout for gnt-cluster renew-crypto</li>
<li>Return the correct error code in the post-upgrade script</li>
<li>Make OpenSSL refrain from DH altogether</li>
<li>Fix upgrades of instances with missing creation time</li>
<li>Make htools tolerate missing “dtotal” and “dfree” on luxi</li>
<li>Fix default for –default-iallocator-params</li>
<li>Renew-crypto: stop daemons on master node first</li>
<li>Don’t warn about broken SSH setup of offline nodes (Issue 1131)</li>
<li>At IAlloc backend guess state from admin state</li>
<li>Only search for Python-2 interpreters</li>
<li>Handle Xen 4.3 states better</li>
<li>Improve xl socat migrations</li>
<li>replace-disks: fix –ignore-ipolicy</li>
<li>Fix disabling of user shutdown reporting</li>
<li>Fix operations on empty nodes by accepting allocation of 0 jobs</li>
<li>Fix instance multi allocation for non-DRBD disks</li>
<li>Redistribute master key on downgrade</li>
<li>Allow more failover options when using the –no-disk-moves flag</li>
</ul>
</div>
</div>
<div class="section" id="version-2-13-2">
<h2>Version 2.13.2<a class="headerlink" href="#version-2-13-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 13 Jul 2015)</em></p>
<div class="section" id="id14">
<h3>Incompatible/important changes<a class="headerlink" href="#id14" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>This release contains a fix for the problem that different encodings in
SSL certificates can break RPC communication (issue 1094). The fix makes
it necessary to rerun ‘gnt-cluster renew-crypto –new-node-certificates’
after the cluster is fully upgraded to 2.13.2</li>
</ul>
</div>
<div class="section" id="other-fixes-and-known-issues">
<h3>Other fixes and known issues<a class="headerlink" href="#other-fixes-and-known-issues" title="Permalink to this headline"></a></h3>
<p>Inherited from 2.12:</p>
<ul class="simple">
<li>Fixed Issue #1115: Race between starting WConfD and updating the config</li>
<li>Fixed Issue #1114: Binding RAPI to a specific IP makes the watcher
restart the RAPI</li>
<li>Fixed Issue #1100: Filter-evaluation for run-time data filter</li>
<li>Better handling of the “crashed” Xen state</li>
<li>The watcher can be instructed to skip disk verification</li>
<li>Reduce amount of logging on successful requests</li>
<li>Prevent multiple communication NICs being created for instances</li>
<li>The <code class="docutils literal"><span class="pre">htools</span></code> now properly work also on shared-storage clusters</li>
<li>Instance moves now work properly also for the plain disk template</li>
<li>Various improvements to the documentation have been added</li>
</ul>
<p>Known issues:
- Issue #1104: gnt-backup: dh key too small</p>
</div>
</div>
<div class="section" id="version-2-13-1">
<h2>Version 2.13.1<a class="headerlink" href="#version-2-13-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 16 Jun 2015)</em></p>
<div class="section" id="id15">
<h3>Incompatible/important changes<a class="headerlink" href="#id15" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The SSH security changes reduced the number of nodes which can SSH into
other nodes. Unfortunately enough, the Ganeti implementation of migration
for the xl stack of Xen required SSH to be able to migrate the instance,
leading to a situation where full movement of an instance around the cluster
was not possible. This version fixes the issue by using socat to transfer
instance data. While socat is less secure than SSH, it is about as secure as
xm migrations, and occurs over the secondary network if present. As a
consequence of this change, Xen instance migrations using xl cannot occur
between nodes running 2.13.0 and 2.13.1.</li>
</ul>
</div>
<div class="section" id="id16">
<h3>Other fixes and known issues<a class="headerlink" href="#id16" title="Permalink to this headline"></a></h3>
<p>Inherited from 2.12:</p>
<ul class="simple">
<li>Fixed Issue #1082: RAPI is unresponsive after master-failover</li>
<li>Fixed Issue #1083: Cluster verify reports existing instance disks on
non-default VGs as missing</li>
<li>Fixed Issue #1101: Modifying the storage directory for the shared-file disk
template doesn’t work</li>
<li>Fixed a possible file descriptor leak when forking jobs</li>
<li>Fixed missing private parameters in the environment for OS scripts</li>
<li>Fixed a performance regression when handling configuration
(only upgrade it if it changes)</li>
<li>Adapt for compilation with GHC7.8 (compiles with warnings;
cherrypicked from 2.14)</li>
</ul>
<p>Known issues:
- Issue #1094: Mismatch in SSL encodings breaks RPC communication
- Issue #1104: Export fails: key is too small</p>
</div>
</div>
<div class="section" id="version-2-13-0">
<h2>Version 2.13.0<a class="headerlink" href="#version-2-13-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 28 Apr 2015)</em></p>
<div class="section" id="id17">
<h3>Incompatible/important changes<a class="headerlink" href="#id17" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Ganeti now internally retries the instance creation opcode if opportunistic
locking did not acquire nodes with enough free resources. The internal retry
will not use opportunistic locking. In particular, instance creation, even
if opportunistic locking is set, will never fail with ECODE_TEMP_NORES.</li>
<li>The handling of SSH security had undergone a significant change. From
this version on, each node has an individual SSH key pair instead of
sharing one with all nodes of the cluster. From now on, we also
restrict SSH access to master candidates. This means that only master
candidates can ssh into other cluster nodes and all
non-master-candidates cannot. Refer to the UPGRADE notes
for further instructions on the creation and distribution of the keys.</li>
<li>Ganeti now checks hypervisor version compatibility before trying an instance
migration. It errors out if the versions are not compatible. Add the option
–ignore-hvversions to restore the old behavior of only warning.</li>
<li>Node tags starting with htools:migration: or htools:allowmigration: now have
a special meaning to htools(1). See hbal(1) for details.</li>
<li>The LXC hypervisor code has been repaired and improved. Instances cannot be
migrated and cannot have more than one disk, but should otherwise work as with
other hypervisors. OS script changes should not be necessary. LXC version
1.0.0 or higher required.</li>
</ul>
</div>
<div class="section" id="id18">
<h3>New features<a class="headerlink" href="#id18" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>A new job filter rules system allows to define iptables-like rules for the
job scheduler, making it easier to (soft-)drain the job queue, perform
maintenance, and rate-limit selected job types. See gnt-filter(8) for
details.</li>
<li>Ganeti jobs can now be ad-hoc rate limited via the reason trail.
For a set of jobs queued with “–reason=rate-limit:n:label”, the job
scheduler ensures that not more than n will be scheduled to run at the same
time. See ganeti(7), section “Options”, for details.</li>
<li>The monitoring daemon has now variable sleep times for the data
collectors. This currently means that the granularity of cpu-avg-load
can be configured.</li>
<li>The ‘gnt-cluster verify’ command now has the option
‘–verify-ssh-clutter’, which verifies whether Ganeti (accidentally)
cluttered up the ‘authorized_keys’ file.</li>
<li>Instance disks can now be converted from one disk template to another for many
different template combinations. When available, more efficient conversions
will be used, otherwise the disks are simply copied over.</li>
</ul>
</div>
<div class="section" id="id19">
<h3>New dependencies<a class="headerlink" href="#id19" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The monitoring daemon uses the PSQueue library. Be sure to install it
if you use Mond.</li>
<li>The formerly optional regex-pcre is now an unconditional dependency because
the new job filter rules have regular expressions as a core feature.</li>
</ul>
</div>
<div class="section" id="since-2-13-0-rc1">
<h3>Since 2.13.0 rc1<a class="headerlink" href="#since-2-13-0-rc1" title="Permalink to this headline"></a></h3>
<p>The following issues have been fixed:</p>
<ul class="simple">
<li>Bugs related to ssh-key handling of master candidates (issues 1045,
1046, 1047)</li>
</ul>
<p>Fixes inherited from the 2.12 branch:</p>
<ul class="simple">
<li>Upgrade from old versions (2.5 and 2.6) was failing (issues 1070, 1019).</li>
<li>gnt-network info outputs wrong external reservations (issue 1068)</li>
<li>Refuse to demote master from master capability (issue 1023)</li>
</ul>
</div>
</div>
<div class="section" id="version-2-13-0-rc1">
<h2>Version 2.13.0 rc1<a class="headerlink" href="#version-2-13-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 25 Mar 2015)</em></p>
<p>This was the first release candidate of the 2.13 series.
All important changes are listed in the latest 2.13 entry.</p>
<div class="section" id="since-2-13-0-beta1">
<h3>Since 2.13.0 beta1<a class="headerlink" href="#since-2-13-0-beta1" title="Permalink to this headline"></a></h3>
<p>The following issues have been fixed:</p>
<ul class="simple">
<li>Issue 1018: Cluster init (and possibly other jobs) occasionally fail to start</li>
</ul>
</div>
</div>
<div class="section" id="version-2-13-0-beta1">
<h2>Version 2.13.0 beta1<a class="headerlink" href="#version-2-13-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 14 Jan 2015)</em></p>
<p>This was the first beta release of the 2.13 series. All important changes
are listed in the latest 2.13 entry.</p>
</div>
<div class="section" id="version-2-12-6">
<h2>Version 2.12.6<a class="headerlink" href="#version-2-12-6" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 14 Dec 2015)</em></p>
<div class="section" id="id20">
<h3>Important changes and security notes<a class="headerlink" href="#id20" title="Permalink to this headline"></a></h3>
<p>Security release.</p>
<p>CVE-2015-7944</p>
<p>Ganeti provides a RESTful control interface called the RAPI. Its HTTPS
implementation is vulnerable to DoS attacks via client-initiated SSL
parameter renegotiation. While the interface is not meant to be exposed
publicly, due to the fact that it binds to all interfaces, we believe
some users might be exposing it unintentionally and are vulnerable. A
DoS attack can consume resources meant for Ganeti daemons and instances
running on the master node, making both perform badly.</p>
<p>Fixes are not feasible due to the OpenSSL Python library not exposing
functionality needed to disable client-side renegotiation. Instead, we
offer instructions on how to control RAPI’s exposure, along with info
on how RAPI can be setup alongside an HTTPS proxy in case users still
want or need to expose the RAPI interface. The instructions are
outlined in Ganeti’s security document: doc/html/security.html</p>
<p>CVE-2015-7945</p>
<p>Ganeti leaks the DRBD secret through the RAPI interface. Examining job
results after an instance information job reveals the secret. With the
DRBD secret, access to the local cluster network, and ARP poisoning,
an attacker can impersonate a Ganeti node and clone the disks of a
DRBD-based instance. While an attacker with access to the cluster
network is already capable of accessing any data written as DRBD
traffic is unencrypted, having the secret expedites the process and
allows access to the entire disk.</p>
<p>Fixes contained in this release prevent the secret from being exposed
via the RAPI. The DRBD secret can be changed by converting an instance
to plain and back to DRBD, generating a new secret, but redundancy will
be lost until the process completes.
Since attackers with node access are capable of accessing some and
potentially all data even without the secret, we do not recommend that
the secret be changed for existing instances.</p>
</div>
<div class="section" id="id21">
<h3>Minor changes<a class="headerlink" href="#id21" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Calculate correct affected nodes set in InstanceChangeGroup
(Issue 1144)</li>
<li>Do not retry all requests after connection timeouts to prevent
repeated job submission</li>
<li>Fix reason trails of expanding opcodes</li>
<li>Make lockConfig call retryable</li>
<li>Return the correct error code in the post-upgrade script</li>
<li>Make OpenSSL refrain from DH altogether</li>
<li>Fix upgrades of instances with missing creation time</li>
<li>Make htools tolerate missing “dtotal” and “dfree” on luxi</li>
<li>Fix default for –default-iallocator-params</li>
<li>At IAlloc backend guess state from admin state</li>
<li>Only search for Python-2 interpreters</li>
<li>Handle Xen 4.3 states better</li>
<li>replace-disks: fix –ignore-ipolicy</li>
<li>Fix disabling of user shutdown reporting</li>
<li>Fix operations on empty nodes by accepting allocation of 0 jobs</li>
<li>Fix instance multi allocation for non-DRBD disks</li>
<li>Allow more failover options when using the –no-disk-moves flag</li>
</ul>
</div>
</div>
<div class="section" id="version-2-12-5">
<h2>Version 2.12.5<a class="headerlink" href="#version-2-12-5" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 13 Jul 2015)</em></p>
<div class="section" id="id22">
<h3>Incompatible/important changes<a class="headerlink" href="#id22" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>This release contains a fix for the problem that different encodings in
SSL certificates can break RPC communication (issue 1094). The fix makes
it necessary to rerun ‘gnt-cluster renew-crypto –new-node-certificates’
after the cluster is fully upgraded to 2.12.5.</li>
</ul>
</div>
<div class="section" id="fixed-and-improvements">
<h3>Fixed and improvements<a class="headerlink" href="#fixed-and-improvements" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Fixed Issue #1030: GlusterFS support breaks at upgrade to 2.12 -
switches back to shared-file</li>
<li>Fixed Issue #1094 (see the notice in Incompatible/important changes):
Differences in encodings of SSL certificates can render a cluster
uncommunicative after a master-failover</li>
<li>Fixed Issue #1098: Support for ECDSA SSH keys</li>
<li>Fixed Issue #1100: Filter-evaluation for run-time data filter</li>
<li>Fixed Issue #1101: Modifying the storage directory for the shared-file
disk template doesn’t work</li>
<li>Fixed Issue #1108: Spurious “NIC name already used” errors during
instance creation</li>
<li>Fixed Issue #1114: Binding RAPI to a specific IP makes the watcher
restart the RAPI</li>
<li>Fixed Issue #1115: Race between starting WConfD and updating the config</li>
<li>Better handling of the “crashed” Xen state</li>
<li>The <code class="docutils literal"><span class="pre">htools</span></code> now properly work also on shared-storage clusters</li>
<li>Various improvements to the documentation have been added</li>
</ul>
<p>Inherited from the 2.11 branch:</p>
<ul class="simple">
<li>Fixed Issue #1113: Reduce amount of logging on successful requests</li>
</ul>
</div>
<div class="section" id="id23">
<h3>Known issues<a class="headerlink" href="#id23" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Issue #1104: gnt-backup: dh key too small</li>
</ul>
</div>
</div>
<div class="section" id="version-2-12-4">
<h2>Version 2.12.4<a class="headerlink" href="#version-2-12-4" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 12 May 2015)</em></p>
<ul class="simple">
<li>Fixed Issue #1082: RAPI is unresponsive after master-failover</li>
<li>Fixed Issue #1083: Cluster verify reports existing instance disks on
non-default VGs as missing</li>
<li>Fixed a possible file descriptor leak when forking jobs</li>
<li>Fixed missing private parameters in the environment for OS scripts</li>
<li>Fixed a performance regression when handling configuration
(only upgrade it if it changes)</li>
<li>Adapt for compilation with GHC7.8 (compiles with warnings;
cherrypicked from 2.14)</li>
</ul>
<div class="section" id="id24">
<h3>Known issues<a class="headerlink" href="#id24" title="Permalink to this headline"></a></h3>
<p>Pending since 2.12.2:</p>
<ul class="simple">
<li>Under certain conditions instance doesn’t get unpaused after live
migration (issue #1050)</li>
<li>GlusterFS support breaks at upgrade to 2.12 - switches back to
shared-file (issue #1030)</li>
</ul>
</div>
</div>
<div class="section" id="version-2-12-3">
<h2>Version 2.12.3<a class="headerlink" href="#version-2-12-3" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 29 Apr 2015)</em></p>
<ul class="simple">
<li>Fixed Issue #1019: upgrade from 2.6.2 to 2.12 fails. cfgupgrade
doesn’t migrate the config.data file properly</li>
<li>Fixed Issue 1023: Master master-capable option bug</li>
<li>Fixed Issue 1068: gnt-network info outputs wrong external reservations</li>
<li>Fixed Issue 1070: Upgrade of Ganeti 2.5.2 to 2.12.0 fails due to
missing UUIDs for disks</li>
<li>Fixed Issue 1073: ssconf_hvparams_* not distributed with ssconf</li>
</ul>
<p>Inherited from the 2.11 branch:</p>
<ul class="simple">
<li>Fixed Issue 1032: Renew-crypto –new-node-certificates sometimes does not
complete.
The operation ‘gnt-cluster renew-crypto –new-node-certificates’ is
now more robust against intermitten reachability errors. Nodes that
are temporarily not reachable, are contacted with several retries.
Nodes which are marked as offline are omitted right away.</li>
</ul>
<p>Inherited from the 2.10 branch:</p>
<ul class="simple">
<li>Fixed Issue 1057: master-failover succeeds, but IP remains assigned to
old master</li>
<li>Fixed Issue 1058: Python’s os.minor() does not support devices with
high minor numbers</li>
<li>Fixed Issue 1059: Luxid fails if DNS returns an IPv6 address that does
not reverse resolve</li>
</ul>
<div class="section" id="id25">
<h3>Known issues<a class="headerlink" href="#id25" title="Permalink to this headline"></a></h3>
<p>Pending since 2.12.2:</p>
<ul class="simple">
<li>GHC 7.8 introduced some incompatible changes, so currently Ganeti
2.12. doesn’t compile on GHC 7.8</li>
<li>Under certain conditions instance doesn’t get unpaused after live
migration (issue #1050)</li>
<li>GlusterFS support breaks at upgrade to 2.12 - switches back to
shared-file (issue #1030)</li>
</ul>
</div>
</div>
<div class="section" id="version-2-12-2">
<h2>Version 2.12.2<a class="headerlink" href="#version-2-12-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 25 Mar 2015)</em></p>
<ul class="simple">
<li>Support for the lens Haskell library up to version 4.7 (issue #1028)</li>
<li>SSH keys are now distributed only to master and master candidates
(issue #377)</li>
<li>Improved performance for operations that frequently read the
cluster configuration</li>
<li>Improved robustness of spawning job processes that occasionally caused
newly-started jobs to timeout</li>
<li>Fixed race condition during cluster verify which occasionally caused
it to fail</li>
</ul>
<p>Inherited from the 2.11 branch:</p>
<ul class="simple">
<li>Fix failing automatic glusterfs mounts (issue #984)</li>
<li>Fix watcher failing to read its status file after an upgrade
(issue #1022)</li>
<li>Improve Xen instance state handling, in particular of somewhat exotic
transitional states</li>
</ul>
<p>Inherited from the 2.10 branch:</p>
<ul class="simple">
<li>Fix failing to change a diskless drbd instance to plain
(issue #1036)</li>
<li>Fixed issues with auto-upgrades from pre-2.6
(hv_state_static and disk_state_static)</li>
<li>Fix memory leak in the monitoring daemon</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Fix file descriptor leak in Confd client</li>
</ul>
<div class="section" id="id26">
<h3>Known issues<a class="headerlink" href="#id26" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>GHC 7.8 introduced some incompatible changes, so currently Ganeti
2.12. doesn’t compile on GHC 7.8</li>
<li>Under certain conditions instance doesn’t get unpaused after live
migration (issue #1050)</li>
<li>GlusterFS support breaks at upgrade to 2.12 - switches back to
shared-file (issue #1030)</li>
</ul>
</div>
</div>
<div class="section" id="version-2-12-1">
<h2>Version 2.12.1<a class="headerlink" href="#version-2-12-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 14 Jan 2015)</em></p>
<ul class="simple">
<li>Fix users under which the wconfd and metad daemons run (issue #976)</li>
<li>Clean up stale livelock files (issue #865)</li>
<li>Fix setting up the metadata daemon’s network interface for Xen</li>
<li>Make watcher identify itself on disk activation</li>
<li>Add “ignore-ipolicy” option to gnt-instance grow-disk</li>
<li>Check disk size ipolicy during “gnt-instance grow-disk” (issue #995)</li>
</ul>
<p>Inherited from the 2.11 branch:</p>
<ul class="simple">
<li>Fix counting votes when doing master failover (issue #962)</li>
<li>Fix broken haskell dependencies (issues #758 and #912)</li>
<li>Check if IPv6 is used directly when running SSH (issue #892)</li>
</ul>
<p>Inherited from the 2.10 branch:</p>
<ul class="simple">
<li>Fix typo in gnt_cluster output (issue #1015)</li>
<li>Use the Python path detected at configure time in the top-level Python
scripts.</li>
<li>Fix check for sphinx-build from python2-sphinx</li>
<li>Properly check if an instance exists in ‘gnt-instance console’</li>
</ul>
</div>
<div class="section" id="version-2-12-0">
<h2>Version 2.12.0<a class="headerlink" href="#version-2-12-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 10 Oct 2014)</em></p>
<div class="section" id="id27">
<h3>Incompatible/important changes<a class="headerlink" href="#id27" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Ganeti is now distributed under the 2-clause BSD license.
See the COPYING file.</li>
<li>Do not use debug mode in production. Certain daemons will issue warnings
when launched in debug mode. Some debug logging violates some of the new
invariants in the system (see “New features”). The logging has been kept as
it aids diagnostics and development.</li>
</ul>
</div>
<div class="section" id="id28">
<h3>New features<a class="headerlink" href="#id28" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>OS install script parameters now come in public, private and secret
varieties:<ul>
<li>Public parameters are like all other parameters in Ganeti.</li>
<li>Ganeti will not log private and secret parameters, <em>unless</em> it is running
in debug mode.</li>
<li>Ganeti will not save secret parameters to configuration. Secret parameters
must be supplied every time you install, or reinstall, an instance.</li>
<li>Attempting to override public parameters with private or secret parameters
results in an error. Similarly, you may not use secret parameters to
override private parameters.</li>
</ul>
</li>
<li>The move-instance tool can now attempt to allocate an instance by using
opportunistic locking when an iallocator is used.</li>
<li>The build system creates sample systemd unit files, available under
doc/examples/systemd. These unit files allow systemd to natively
manage and supervise all Ganeti processes.</li>
<li>Different types of compression can be applied during instance moves, including
user-specified ones.</li>
<li>Ganeti jobs now run as separate processes. The jobs are coordinated by
a new daemon “WConfd” that manages cluster’s configuration and locks
for individual jobs. A consequence is that more jobs can run in parallel;
the number is run-time configurable, see “New features” entry
of 2.11.0. To avoid luxid being overloaded with tracking running jobs, it
backs of and only occasionally, in a sequential way, checks if jobs have
finished and schedules new ones. In this way, luxid keeps responsive under
high cluster load. The limit as when to start backing of is also run-time
configurable.</li>
<li>The metadata daemon is now optionally available, as part of the
partial implementation of the OS-installs design. It allows pass
information to OS install scripts or to instances.
It is also possible to run Ganeti without the daemon, if desired.</li>
<li>Detection of user shutdown of instances has been implemented for Xen
as well.</li>
</ul>
</div>
<div class="section" id="id29">
<h3>New dependencies<a class="headerlink" href="#id29" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The KVM CPU pinning no longer uses the affinity python package, but psutil
instead. The package is still optional and needed only if the feature is to
be used.</li>
</ul>
</div>
<div class="section" id="incomplete-features">
<h3>Incomplete features<a class="headerlink" href="#incomplete-features" title="Permalink to this headline"></a></h3>
<p>The following issues are related to features which are not completely
implemented in 2.12:</p>
<ul class="simple">
<li>Issue 885: Network hotplugging on KVM sometimes makes an instance
unresponsive</li>
<li>Issues 708 and 602: The secret parameters are currently still written
to disk in the job queue.</li>
<li>Setting up the metadata network interface under Xen isn’t fully
implemented yet.</li>
</ul>
</div>
<div class="section" id="id30">
<h3>Known issues<a class="headerlink" href="#id30" title="Permalink to this headline"></a></h3>
<ul>
<li><p class="first"><em>Wrong UDP checksums in DHCP network packets:</em>
If an instance communicates with the metadata daemon and uses DHCP to
obtain its IP address on the provided virtual network interface,
it can happen that UDP packets have a wrong checksum, due to
a bug in virtio. See for example <a class="reference external" href="https://bugs.launchpad.net/bugs/930962">https://bugs.launchpad.net/bugs/930962</a></p>
<p>Ganeti works around this bug by disabling the UDP checksums on the way
from a host to instances (only on the special metadata communication
network interface) using the ethtool command. Therefore if using
the metadata daemon the host nodes should have this tool available.</p>
</li>
<li><p class="first">The metadata daemon is run as root in the split-user mode, to be able
to bind to port 80.
This should be improved in future versions, see issue #949.</p>
</li>
</ul>
</div>
<div class="section" id="since-2-12-0-rc2">
<h3>Since 2.12.0 rc2<a class="headerlink" href="#since-2-12-0-rc2" title="Permalink to this headline"></a></h3>
<p>The following issues have been fixed:</p>
<ul class="simple">
<li>Fixed passing additional parameters to RecreateInstanceDisks over
RAPI.</li>
<li>Fixed the permissions of WConfd when running in the split-user mode.
As WConfd takes over the previous master daemon to manage the
configuration, it currently runs under the masterd user.</li>
<li>Fixed the permissions of the metadata daemon  wn running in the
split-user mode (see Known issues).</li>
<li>Watcher now properly adds a reason trail entry when initiating disk
checks.</li>
<li>Fixed removing KVM parameters introduced in 2.12 when downgrading a
cluster to 2.11: “migration_caps”, “disk_aio” and “virtio_net_queues”.</li>
<li>Improved retrying of RPC calls that fail due to network errors.</li>
</ul>
</div>
</div>
<div class="section" id="version-2-12-0-rc2">
<h2>Version 2.12.0 rc2<a class="headerlink" href="#version-2-12-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 22 Sep 2014)</em></p>
<p>This was the second release candidate of the 2.12 series.
All important changes are listed in the latest 2.12 entry.</p>
<div class="section" id="since-2-12-0-rc1">
<h3>Since 2.12.0 rc1<a class="headerlink" href="#since-2-12-0-rc1" title="Permalink to this headline"></a></h3>
<p>The following issues have been fixed:</p>
<ul class="simple">
<li>Watcher now checks if WConfd is running and functional.</li>
<li>Watcher now properly adds reason trail entries.</li>
<li>Fixed NIC options in Xen’s config files.</li>
</ul>
<p>Inherited from the 2.10 branch:</p>
<ul class="simple">
<li>Fixed handling of the –online option</li>
<li>Add warning against hvparam changes with live migrations, which might
lead to dangerous situations for instances.</li>
<li>Only the LVs in the configured VG are checked during cluster verify.</li>
</ul>
</div>
</div>
<div class="section" id="version-2-12-0-rc1">
<h2>Version 2.12.0 rc1<a class="headerlink" href="#version-2-12-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 20 Aug 2014)</em></p>
<p>This was the first release candidate of the 2.12 series.
All important changes are listed in the latest 2.12 entry.</p>
<div class="section" id="since-2-12-0-beta1">
<h3>Since 2.12.0 beta1<a class="headerlink" href="#since-2-12-0-beta1" title="Permalink to this headline"></a></h3>
<p>The following issues have been fixed:</p>
<ul class="simple">
<li>Issue 881: Handle communication errors in mcpu</li>
<li>Issue 883: WConfd leaks memory for some long operations</li>
<li>Issue 884: Under heavy load the IAllocator fails with a “missing
instance” error</li>
</ul>
<p>Inherited from the 2.10 branch:</p>
<ul class="simple">
<li>Improve the recognition of Xen domU states</li>
<li>Automatic upgrades:
- Create the config backup archive in a safe way
- On upgrades, check for upgrades to resume first
- Pause watcher during upgrade</li>
<li>Allow instance disks to be added with –no-wait-for-sync</li>
</ul>
</div>
</div>
<div class="section" id="version-2-12-0-beta1">
<h2>Version 2.12.0 beta1<a class="headerlink" href="#version-2-12-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 21 Jul 2014)</em></p>
<p>This was the first beta release of the 2.12 series. All important changes
are listed in the latest 2.12 entry.</p>
</div>
<div class="section" id="version-2-11-8">
<h2>Version 2.11.8<a class="headerlink" href="#version-2-11-8" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 14 Dec 2015)</em></p>
<div class="section" id="id31">
<h3>Important changes and security notes<a class="headerlink" href="#id31" title="Permalink to this headline"></a></h3>
<p>Security release.</p>
<p>CVE-2015-7944</p>
<p>Ganeti provides a RESTful control interface called the RAPI. Its HTTPS
implementation is vulnerable to DoS attacks via client-initiated SSL
parameter renegotiation. While the interface is not meant to be exposed
publicly, due to the fact that it binds to all interfaces, we believe
some users might be exposing it unintentionally and are vulnerable. A
DoS attack can consume resources meant for Ganeti daemons and instances
running on the master node, making both perform badly.</p>
<p>Fixes are not feasible due to the OpenSSL Python library not exposing
functionality needed to disable client-side renegotiation. Instead, we
offer instructions on how to control RAPI’s exposure, along with info
on how RAPI can be setup alongside an HTTPS proxy in case users still
want or need to expose the RAPI interface. The instructions are
outlined in Ganeti’s security document: doc/html/security.html</p>
<p>CVE-2015-7945</p>
<p>Ganeti leaks the DRBD secret through the RAPI interface. Examining job
results after an instance information job reveals the secret. With the
DRBD secret, access to the local cluster network, and ARP poisoning,
an attacker can impersonate a Ganeti node and clone the disks of a
DRBD-based instance. While an attacker with access to the cluster
network is already capable of accessing any data written as DRBD
traffic is unencrypted, having the secret expedites the process and
allows access to the entire disk.</p>
<p>Fixes contained in this release prevent the secret from being exposed
via the RAPI. The DRBD secret can be changed by converting an instance
to plain and back to DRBD, generating a new secret, but redundancy will
be lost until the process completes.
Since attackers with node access are capable of accessing some and
potentially all data even without the secret, we do not recommend that
the secret be changed for existing instances.</p>
</div>
<div class="section" id="id32">
<h3>Minor changes<a class="headerlink" href="#id32" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Make htools tolerate missing “dtotal” and “dfree” on luxi</li>
<li>Fix default for –default-iallocator-params</li>
<li>At IAlloc backend guess state from admin state</li>
<li>replace-disks: fix –ignore-ipolicy</li>
<li>Fix instance multi allocation for non-DRBD disks</li>
<li>Trigger renew-crypto on downgrade to 2.11</li>
<li>Downgrade log-message for rereading job</li>
<li>Downgrade log-level for successful requests</li>
<li>Check for gnt-cluster before running gnt-cluster upgrade</li>
</ul>
</div>
</div>
<div class="section" id="version-2-11-7">
<h2>Version 2.11.7<a class="headerlink" href="#version-2-11-7" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 17 Apr 2015)</em></p>
<ul class="simple">
<li>The operation ‘gnt-cluster renew-crypto –new-node-certificates’ is
now more robust against intermitten reachability errors. Nodes that
are temporarily not reachable, are contacted with several retries.
Nodes which are marked as offline are omitted right away.</li>
</ul>
</div>
<div class="section" id="version-2-11-6">
<h2>Version 2.11.6<a class="headerlink" href="#version-2-11-6" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 22 Sep 2014)</em></p>
<ul class="simple">
<li>Ganeti is now distributed under the 2-clause BSD license.
See the COPYING file.</li>
<li>Fix userspace access checks.</li>
<li>Various documentation fixes have been added.</li>
</ul>
<p>Inherited from the 2.10 branch:</p>
<ul class="simple">
<li>The –online option now works as documented.</li>
<li>The watcher is paused during cluster upgrades; also, upgrade
checks for upgrades to resume first.</li>
<li>Instance disks can be added with –no-wait-for-sync.</li>
</ul>
</div>
<div class="section" id="version-2-11-5">
<h2>Version 2.11.5<a class="headerlink" href="#version-2-11-5" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 7 Aug 2014)</em></p>
<p>Inherited from the 2.10 branch:</p>
<p>Important security release. In 2.10.0, the
‘gnt-cluster upgrade’ command was introduced. Before
performing an upgrade, the configuration directory of
the cluster is backed up. Unfortunately, the archive was
written with permissions that make it possible for
non-privileged users to read the archive and thus have
access to cluster and RAPI keys. After this release,
the archive will be created with privileged access only.</p>
<p>We strongly advise you to restrict the permissions of
previously created archives. The archives are found in
/var/lib/ganeti*.tar (unless otherwise configured with
–localstatedir or –with-backup-dir).</p>
<p>If you suspect that non-privileged users have accessed
your archives already, we advise you to renew the
cluster’s crypto keys using ‘gnt-cluster renew-crypto’
and to reset the RAPI credentials by editing
/var/lib/ganeti/rapi_users (respectively under a
different path if configured differently with
–localstatedir).</p>
<p>Other changes included in this release:</p>
<ul class="simple">
<li>Fix handling of Xen instance states.</li>
<li>Fix NIC configuration with absent NIC VLAN</li>
<li>Adapt relative path expansion in PATH to new environment</li>
<li>Exclude archived jobs from configuration backups</li>
<li>Fix RAPI for split query setup</li>
<li>Allow disk hot-remove even with chroot or SM</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Make htools tolerate missing ‘spfree’ on luxi</li>
</ul>
</div>
<div class="section" id="version-2-11-4">
<h2>Version 2.11.4<a class="headerlink" href="#version-2-11-4" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 31 Jul 2014)</em></p>
<ul class="simple">
<li>Improved documentation of the instance shutdown behavior.</li>
</ul>
<p>Inherited from the 2.10 branch:</p>
<ul class="simple">
<li>KVM: fix NIC configuration with absent NIC VLAN (Issue 893)</li>
<li>Adapt relative path expansion in PATH to new environment</li>
<li>Exclude archived jobs from configuration backup</li>
<li>Expose early_release for ReplaceInstanceDisks</li>
<li>Add backup directory for configuration backups for upgrades</li>
<li>Fix BlockdevSnapshot in case of non lvm-based disk</li>
<li>Improve RAPI error handling for queries in non-existing items</li>
<li>Allow disk hot-remove even with chroot or SM</li>
<li>Remove superflous loop in instance queries (Issue 875)</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Make ganeti-cleaner switch to save working directory (Issue 880)</li>
</ul>
</div>
<div class="section" id="version-2-11-3">
<h2>Version 2.11.3<a class="headerlink" href="#version-2-11-3" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 9 Jul 2014)</em></p>
<ul class="simple">
<li>Readd nodes to their previous node group</li>
<li>Remove old-style gnt-network connect</li>
</ul>
<p>Inherited from the 2.10 branch:</p>
<ul class="simple">
<li>Make network_vlan an optional OpParam</li>
<li>hspace: support –accept-existing-errors</li>
<li>Make hspace support –independent-groups</li>
<li>Add a modifier for a group’s allocation policy</li>
<li>Export VLAN nicparam to NIC configuration scripts</li>
<li>Fix gnt-network client to accept vlan info</li>
<li>Support disk hotplug with userspace access</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Make htools tolerate missing “spfree” on luxi</li>
<li>Move the design for query splitting to the implemented list</li>
<li>Add tests for DRBD setups with empty first resource</li>
</ul>
<p>Inherited from the 2.8 branch:</p>
<ul class="simple">
<li>DRBD parser: consume initial empty resource lines</li>
</ul>
</div>
<div class="section" id="version-2-11-2">
<h2>Version 2.11.2<a class="headerlink" href="#version-2-11-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 13 Jun 2014)</em></p>
<ul class="simple">
<li>Improvements to KVM wrt to the kvmd and instance shutdown behavior.
WARNING: In contrast to our standard policy, this bug fix update
introduces new parameters to the configuration. This means in
particular that after an upgrade from 2.11.0 or 2.11.1, ‘cfgupgrade’
needs to be run, either manually or explicitly by running
‘gnt-cluster upgrade –to 2.11.2’ (which requires that they
had configured the cluster with –enable-versionfull).
This also means, that it is not easily possible to downgrade from
2.11.2 to 2.11.1 or 2.11.0. The only way is to go back to 2.10 and
back.</li>
</ul>
<p>Inherited from the 2.10 branch:</p>
<ul class="simple">
<li>Check for SSL encoding inconsistencies</li>
<li>Check drbd helper only in VM capable nodes</li>
<li>Improvements in statistics utils</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>check-man-warnings: use C.UTF-8 and set LC_ALL</li>
</ul>
</div>
<div class="section" id="version-2-11-1">
<h2>Version 2.11.1<a class="headerlink" href="#version-2-11-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 14 May 2014)</em></p>
<ul class="simple">
<li>Add design-node-security.rst to docinput</li>
<li>kvm: use a dedicated QMP socket for kvmd</li>
</ul>
<p>Inherited from the 2.10 branch:</p>
<ul class="simple">
<li>Set correct Ganeti version on setup commands</li>
<li>Add a utility to combine shell commands</li>
<li>Add design doc for performance tests</li>
<li>Fix failed DRBD disk creation cleanup</li>
<li>Hooking up verification for shared file storage</li>
<li>Fix –shared-file-storage-dir option of gnt-cluster modify</li>
<li>Clarify default setting of ‘metavg’</li>
<li>Fix invocation of GetCommandOutput in QA</li>
<li>Clean up RunWithLocks</li>
<li>Add an exception-trapping thread class</li>
<li>Wait for delay to provide interruption information</li>
<li>Add an expected block option to RunWithLocks</li>
<li>Track if a QA test was blocked by locks</li>
<li>Add a RunWithLocks QA utility function</li>
<li>Add restricted migration</li>
<li>Add an example for node evacuation</li>
<li>Add a test for parsing version strings</li>
<li>Tests for parallel job execution</li>
<li>Fail in replace-disks if attaching disks fails</li>
<li>Fix passing of ispecs in cluster init during QA</li>
<li>Move QAThreadGroup to qa_job_utils.py</li>
<li>Extract GetJobStatuses and use an unified version</li>
<li>Run disk template specific tests only if possible</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>If Automake version &gt; 1.11, force serial tests</li>
<li>KVM: set IFF_ONE_QUEUE on created tap interfaces</li>
<li>Add configure option to pass GHC flags</li>
</ul>
</div>
<div class="section" id="version-2-11-0">
<h2>Version 2.11.0<a class="headerlink" href="#version-2-11-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 25 Apr 2014)</em></p>
<div class="section" id="id33">
<h3>Incompatible/important changes<a class="headerlink" href="#id33" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list</span></code> no longer shows disk space information for shared file
disk templates because it is not a node attribute. (For example, if you have
both the file and shared file disk templates enabled, <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list</span></code> now
only shows information about the file disk template.)</li>
<li>The shared file disk template is now in the new ‘sharedfile’ storage type.
As a result, <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list-storage</span> <span class="pre">-t</span> <span class="pre">file</span></code> now only shows information
about the file disk template and you may use <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list-storage</span> <span class="pre">-t</span>
<span class="pre">sharedfile</span></code> to query storage information for the shared file disk template.</li>
<li>Over luxi, syntactially incorrect queries are now rejected as a whole;
before, a ‘SumbmitManyJobs’ request was partially executed, if the outer
structure of the request was syntactically correct. As the luxi protocol
is internal (external applications are expected to use RAPI), the impact
of this incompatible change should be limited.</li>
<li>Queries for nodes, instances, groups, backups and networks are now
exclusively done via the luxi daemon. Legacy python code was removed,
as well as the –enable-split-queries configuration option.</li>
<li>Orphan volumes errors are demoted to warnings and no longer affect the exit
code of <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code>.</li>
<li>RPC security got enhanced by using different client SSL certificates
for each node. In this context ‘gnt-cluster renew-crypto’ got a new
option ‘–new-node-certificates’, which renews the client
certificates of all nodes. After a cluster upgrade from pre-2.11, run
this to create client certificates and activate this feature.</li>
</ul>
</div>
<div class="section" id="id34">
<h3>New features<a class="headerlink" href="#id34" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Instance moves, backups and imports can now use compression to transfer the
instance data.</li>
<li>Node groups can be configured to use an SSH port different than the
default 22.</li>
<li>Added experimental support for Gluster distributed file storage as the
<code class="docutils literal"><span class="pre">gluster</span></code> disk template under the new <code class="docutils literal"><span class="pre">sharedfile</span></code> storage type through
automatic management of per-node FUSE mount points. You can configure the
mount point location at <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">init</span></code> time by using the new
<code class="docutils literal"><span class="pre">--gluster-storage-dir</span></code> switch.</li>
<li>Job scheduling is now handled by luxid, and the maximal number of jobs running
in parallel is a run-time parameter of the cluster.</li>
<li>A new tool for planning dynamic power management, called <code class="docutils literal"><span class="pre">hsqueeze</span></code>, has
been added. It suggests nodes to power up or down and corresponding instance
moves.</li>
</ul>
</div>
<div class="section" id="id35">
<h3>New dependencies<a class="headerlink" href="#id35" title="Permalink to this headline"></a></h3>
<p>The following new dependencies have been added:</p>
<p>For Haskell:</p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">zlib</span></code> library (<a class="reference external" href="http://hackage.haskell.org/package/base64-bytestring">http://hackage.haskell.org/package/base64-bytestring</a>)</li>
<li><code class="docutils literal"><span class="pre">base64-bytestring</span></code> library (<a class="reference external" href="http://hackage.haskell.org/package/zlib">http://hackage.haskell.org/package/zlib</a>),
at least version 1.0.0.0</li>
<li><code class="docutils literal"><span class="pre">lifted-base</span></code> library (<a class="reference external" href="http://hackage.haskell.org/package/lifted-base">http://hackage.haskell.org/package/lifted-base</a>)</li>
<li><code class="docutils literal"><span class="pre">lens</span></code> library (<a class="reference external" href="http://hackage.haskell.org/package/lens">http://hackage.haskell.org/package/lens</a>)</li>
</ul>
</div>
<div class="section" id="since-2-11-0-rc1">
<h3>Since 2.11.0 rc1<a class="headerlink" href="#since-2-11-0-rc1" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Fix Xen instance state</li>
</ul>
<p>Inherited from the 2.10 branch:</p>
<ul class="simple">
<li>Fix conflict between virtio + spice or soundhw</li>
<li>Fix bitarray ops wrt PCI slots</li>
<li>Allow releases scheduled 5 days in advance</li>
<li>Make watcher submit queries low priority</li>
<li>Fix specification of TIDiskParams</li>
<li>Add unittests for instance modify parameter renaming</li>
<li>Add renaming of instance custom params</li>
<li>Add RAPI symmetry tests for groups</li>
<li>Extend RAPI symmetry tests with RAPI-only aliases</li>
<li>Add test for group custom parameter renaming</li>
<li>Add renaming of group custom ndparams, ipolicy, diskparams</li>
<li>Add the RAPI symmetry test for nodes</li>
<li>Add aliases for nodes</li>
<li>Allow choice of HTTP method for modification</li>
<li>Add cluster RAPI symmetry test</li>
<li>Fix failing cluster query test</li>
<li>Add aliases for cluster parameters</li>
<li>Add support for value aliases to RAPI</li>
<li>Provide tests for GET/PUT symmetry</li>
<li>Sort imports</li>
<li>Also consider filter fields for deciding if using live data</li>
<li>Document the python-fdsend dependency</li>
<li>Verify configuration version number before parsing</li>
<li>KVM: use running HVPs to calc blockdev options</li>
<li>KVM: reserve a PCI slot for the SCSI controller</li>
<li>Check for LVM-based verification results only when enabled</li>
<li>Fix “existing” typos</li>
<li>Fix output of gnt-instance info after migration</li>
<li>Warn in UPGRADE about not tar’ing exported insts</li>
<li>Fix non-running test and remove custom_nicparams rename</li>
<li>Account for NODE_RES lock in opportunistic locking</li>
<li>Fix request flooding of noded during disk sync</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Make watcher submit queries low priority</li>
<li>Fix failing gnt-node list-drbd command</li>
<li>Update installation guide wrt to DRBD version</li>
<li>Fix list-drbd QA test</li>
<li>Add messages about skipped QA disk template tests</li>
<li>Allow QA asserts to produce more messages</li>
<li>Set exclusion tags correctly in requested instance</li>
<li>Export extractExTags and updateExclTags</li>
<li>Document spindles in the hbal man page</li>
<li>Sample logrotate conf breaks permissions with split users</li>
<li>Fix ‘gnt-cluster’ and ‘gnt-node list-storage’ outputs</li>
</ul>
<p>Inherited from the 2.8 branch:</p>
<ul class="simple">
<li>Add reason parameter to RAPI client functions</li>
<li>Include qa/patch in Makefile</li>
<li>Handle empty patches better</li>
<li>Move message formatting functions to separate file</li>
<li>Add optional ordering of QA patch files</li>
<li>Allow multiple QA patches</li>
<li>Refactor current patching code</li>
</ul>
</div>
</div>
<div class="section" id="version-2-11-0-rc1">
<h2>Version 2.11.0 rc1<a class="headerlink" href="#version-2-11-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 20 Mar 2014)</em></p>
<p>This was the first RC release of the 2.11 series. Since 2.11.0 beta1:</p>
<ul class="simple">
<li>Convert int to float when checking config. consistency</li>
<li>Rename compression option in gnt-backup export</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Fix error introduced during merge</li>
<li>gnt-cluster copyfile: accept relative paths</li>
</ul>
<p>Inherited from the 2.8 branch:</p>
<ul class="simple">
<li>Improve RAPI detection of the watcher</li>
<li>Add patching QA configuration files on buildbots</li>
<li>Enable a timeout for instance shutdown</li>
<li>Allow KVM commands to have a timeout</li>
<li>Allow xen commands to have a timeout</li>
<li>Fix wrong docstring</li>
</ul>
</div>
<div class="section" id="version-2-11-0-beta1">
<h2>Version 2.11.0 beta1<a class="headerlink" href="#version-2-11-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 5 Mar 2014)</em></p>
<p>This was the first beta release of the 2.11 series. All important changes
are listed in the latest 2.11 entry.</p>
</div>
<div class="section" id="version-2-10-8">
<h2>Version 2.10.8<a class="headerlink" href="#version-2-10-8" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 11 Dec 2015)</em></p>
<div class="section" id="id36">
<h3>Important changes and security notes<a class="headerlink" href="#id36" title="Permalink to this headline"></a></h3>
<p>Security release.</p>
<p>CVE-2015-7944</p>
<p>Ganeti provides a RESTful control interface called the RAPI. Its HTTPS
implementation is vulnerable to DoS attacks via client-initiated SSL
parameter renegotiation. While the interface is not meant to be exposed
publicly, due to the fact that it binds to all interfaces, we believe
some users might be exposing it unintentionally and are vulnerable. A
DoS attack can consume resources meant for Ganeti daemons and instances
running on the master node, making both perform badly.</p>
<p>Fixes are not feasible due to the OpenSSL Python library not exposing
functionality needed to disable client-side renegotiation. Instead, we
offer instructions on how to control RAPI’s exposure, along with info
on how RAPI can be setup alongside an HTTPS proxy in case users still
want or need to expose the RAPI interface. The instructions are
outlined in Ganeti’s security document: doc/html/security.html</p>
<p>CVE-2015-7945</p>
<p>Ganeti leaks the DRBD secret through the RAPI interface. Examining job
results after an instance information job reveals the secret. With the
DRBD secret, access to the local cluster network, and ARP poisoning,
an attacker can impersonate a Ganeti node and clone the disks of a
DRBD-based instance. While an attacker with access to the cluster
network is already capable of accessing any data written as DRBD
traffic is unencrypted, having the secret expedites the process and
allows access to the entire disk.</p>
<p>Fixes contained in this release prevent the secret from being exposed
via the RAPI. The DRBD secret can be changed by converting an instance
to plain and back to DRBD, generating a new secret, but redundancy will
be lost until the process completes.
Since attackers with node access are capable of accessing some and
potentially all data even without the secret, we do not recommend that
the secret be changed for existing instances.</p>
</div>
<div class="section" id="id37">
<h3>Minor changes<a class="headerlink" href="#id37" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Make htools tolerate missing “dtotal” and “dfree” on luxi</li>
<li>At IAlloc backend guess state from admin state</li>
<li>replace-disks: fix –ignore-ipolicy</li>
<li>Fix instance multi allocation for non-DRBD disks</li>
<li>Check for gnt-cluster before running gnt-cluster upgrade</li>
<li>Work around a Python os.minor bug</li>
<li>Add IP-related checks after master-failover</li>
<li>Pass correct backend params in move-instance</li>
<li>Allow plain/DRBD conversions regardless of lack of disks</li>
<li>Fix MonD collector thunk leak</li>
<li>Stop MonD when removing a node from a cluster</li>
<li>Finalize backup only if successful</li>
<li>Fix file descriptor leak in Confd Client</li>
<li>Auto-upgrade hv_state_static and disk_state_static</li>
<li>Do not hardcode the Python path in CLI tools</li>
<li>Use the Python interpreter from ENV</li>
<li>ganeti.daemon: fix daemon mode with GnuTLS &gt;= 3.3 (Issues 961, 964)</li>
<li>Ganeti.Daemon: always install SIGHUP handler (Issue 755)</li>
<li>Fix DRBD version check for non VM capable nodes</li>
<li>Fix handling of the –online option</li>
<li>Add warning against hvparam changes with live migrations</li>
<li>Only verify LVs in configured VG during cluster verify</li>
<li>Fix network info in case of multi NIC instances</li>
<li>On upgrades, check for upgrades to resume first</li>
<li>Pause watcher during upgrade</li>
<li>Allow instance disks to be added with –no-wait-for-sync</li>
</ul>
</div>
</div>
<div class="section" id="version-2-10-7">
<h2>Version 2.10.7<a class="headerlink" href="#version-2-10-7" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 7 Aug 2014)</em></p>
<p>Important security release. In 2.10.0, the
‘gnt-cluster upgrade’ command was introduced. Before
performing an upgrade, the configuration directory of
the cluster is backed up. Unfortunately, the archive was
written with permissions that make it possible for
non-privileged users to read the archive and thus have
access to cluster and RAPI keys. After this release,
the archive will be created with privileged access only.</p>
<p>We strongly advise you to restrict the permissions of
previously created archives. The archives are found in
/var/lib/ganeti*.tar (unless otherwise configured with
–localstatedir or –with-backup-dir).</p>
<p>If you suspect that non-privileged users have accessed
your archives already, we advise you to renew the
cluster’s crypto keys using ‘gnt-cluster renew-crypto’
and to reset the RAPI credentials by editing
/var/lib/ganeti/rapi_users (respectively under a
different path if configured differently with
–localstatedir).</p>
<p>Other changes included in this release:</p>
<ul class="simple">
<li>Fix handling of Xen instance states.</li>
<li>Fix NIC configuration with absent NIC VLAN</li>
<li>Adapt relative path expansion in PATH to new environment</li>
<li>Exclude archived jobs from configuration backups</li>
<li>Fix RAPI for split query setup</li>
<li>Allow disk hot-remove even with chroot or SM</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Make htools tolerate missing ‘spfree’ on luxi</li>
</ul>
</div>
<div class="section" id="version-2-10-6">
<h2>Version 2.10.6<a class="headerlink" href="#version-2-10-6" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 30 Jun 2014)</em></p>
<ul class="simple">
<li>Make Ganeti tolerant towards different openssl library
version on different nodes (issue 853).</li>
<li>Allow hspace to make useful predictions in multi-group
clusters with one group overfull (isse 861).</li>
<li>Various gnt-network related fixes.</li>
<li>Fix disk hotplug with userspace access.</li>
<li>Various documentation errors fixed.</li>
</ul>
</div>
<div class="section" id="version-2-10-5">
<h2>Version 2.10.5<a class="headerlink" href="#version-2-10-5" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 2 Jun 2014)</em></p>
<ul class="simple">
<li>Two new options have been added to gnt-group evacuate.
The ‘sequential’ option forces all the evacuation steps to
be carried out sequentially, thus avoiding congestion on a
slow link between node groups. The ‘force-failover’ option
disallows migrations and forces failovers to be used instead.
In this way evacuation to a group with vastly differnet
hypervisor is possible.</li>
<li>In tiered allocation, when looking for ways on how to shrink
an instance, the canoncial path is tried first, i.e., in each
step reduce on the resource most placements are blocked on. Only
if no smaller fitting instance can be found shrinking a single
resource till fit is tried.</li>
<li>For finding the placement of an instance, the duplicate computations
in the computation of the various cluster scores are computed only
once. This significantly improves the performance of hspace for DRBD
on large clusters; for other clusters, a slight performance decrease
might occur. Moreover, due to the changed order, floating point
number inaccuracies accumulate differently, thus resulting in different
cluster scores. It has been verified that the effect of these different
roundings is less than 1e-12.</li>
<li>network queries fixed with respect to instances</li>
<li>relax too strict prerequisite in LUClusterSetParams for DRBD helpers</li>
<li>VArious improvements to QA and build-time tests</li>
</ul>
</div>
<div class="section" id="version-2-10-4">
<h2>Version 2.10.4<a class="headerlink" href="#version-2-10-4" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 15 May 2014)</em></p>
<ul class="simple">
<li>Support restricted migration in hbal</li>
<li>Fix for the –shared-file-storage-dir of gnt-cluster modify (issue 811)</li>
<li>Fail in replace-disks if attaching disks fails (issue 814)</li>
<li>Set IFF_ONE_QUEUE on created tap interfaces for KVM</li>
<li>Small fixes and enhancements in the build system</li>
<li>Various documentation fixes (e.g. issue 810)</li>
</ul>
</div>
<div class="section" id="version-2-10-3">
<h2>Version 2.10.3<a class="headerlink" href="#version-2-10-3" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 16 Apr 2014)</em></p>
<ul class="simple">
<li>Fix filtering of pending jobs with -o id (issue 778)</li>
<li>Make RAPI API calls more symmetric (issue 770)</li>
<li>Make parsing of old cluster configuration more robust (issue 783)</li>
<li>Fix wrong output of gnt-instance info after migrations</li>
<li>Fix reserved PCI slots for KVM hotplugging</li>
<li>Use runtime hypervisor parameters to calculate bockdevice options for KVM</li>
<li>Fix high node daemon load during disk sync if the sync is paused manually
(issue 792)</li>
<li>Improve opportunistic locking during instance creation (issue 791)</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Make watcher submit queries low priority (issue 772)</li>
<li>Add reason parameter to RAPI client functions (issue 776)</li>
<li>Fix failing gnt-node list-drbd command (issue 777)</li>
<li>Properly display fake job locks in gnt-debug.</li>
<li>small fixes in documentation</li>
</ul>
</div>
<div class="section" id="version-2-10-2">
<h2>Version 2.10.2<a class="headerlink" href="#version-2-10-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 24 Mar 2014)</em></p>
<ul class="simple">
<li>Fix conflict between virtio + spice or soundhw (issue 757)</li>
<li>accept relative paths in gnt-cluster copyfile (issue 754)</li>
<li>Introduce shutdown timeout for ‘xm shutdown’ command</li>
<li>Improve RAPI detection of the watcher (issue 752)</li>
</ul>
</div>
<div class="section" id="version-2-10-1">
<h2>Version 2.10.1<a class="headerlink" href="#version-2-10-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 5 Mar 2014)</em></p>
<ul class="simple">
<li>Fix incorrect invocation of hooks on offline nodes (issue 742)</li>
<li>Fix incorrect exit code of gnt-cluster verify in certain circumstances
(issue 744)</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Fix overflow problem in hbal that caused it to break when waiting for
jobs for more than 10 minutes (issue 717)</li>
<li>Make hbal properly handle non-LVM storage</li>
<li>Properly export and import NIC parameters, and do so in a backwards
compatible way (issue 716)</li>
<li>Fix net-common script in case of routed mode (issue 728)</li>
<li>Improve documentation (issues 724, 730)</li>
</ul>
</div>
<div class="section" id="version-2-10-0">
<h2>Version 2.10.0<a class="headerlink" href="#version-2-10-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 20 Feb 2014)</em></p>
<div class="section" id="id38">
<h3>Incompatible/important changes<a class="headerlink" href="#id38" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Adding disks with ‘gnt-instance modify’ now waits for the disks to sync per
default. Specify –no-wait-for-sync to override this behavior.</li>
<li>The Ganeti python code now adheres to a private-module layout. In particular,
the module ‘ganeti’ is no longer in the python search path.</li>
<li>On instance allocation, the iallocator now considers non-LVM storage
properly. In particular, actual file storage space information is used
when allocating space for a file/sharedfile instance.</li>
<li>When disabling disk templates cluster-wide, the cluster now first
checks whether there are instances still using those templates.</li>
<li>‘gnt-node list-storage’ now also reports storage information about
file-based storage types.</li>
<li>In case of non drbd instances, export *_SECONDARY environment variables
as empty strings (and not “None”) during ‘instance-migrate’ related hooks.</li>
</ul>
</div>
<div class="section" id="id39">
<h3>New features<a class="headerlink" href="#id39" title="Permalink to this headline"></a></h3>
<ul>
<li><p class="first">KVM hypervisors can now access RBD storage directly without having to
go through a block device.</p>
</li>
<li><p class="first">A new command ‘gnt-cluster upgrade’ was added that automates the upgrade
procedure between two Ganeti versions that are both 2.10 or higher.</p>
</li>
<li><p class="first">The move-instance command can now change disk templates when moving
instances, and does not require any node placement options to be
specified if the destination cluster has a default iallocator.</p>
</li>
<li><p class="first">Users can now change the soundhw and cpuid settings for XEN hypervisors.</p>
</li>
<li><p class="first">Hail and hbal now have the (optional) capability of accessing average CPU
load information through the monitoring daemon, and to use it to dynamically
adapt the allocation of instances.</p>
</li>
<li><p class="first">Hotplug support. Introduce new option ‘–hotplug’ to <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">modify</span></code>
so that disk and NIC modifications take effect without the need of actual
reboot. There are a couple of constrains currently for this feature:</p>
<blockquote>
<div><ul class="simple">
<li>only KVM hypervisor (versions &gt;= 1.0) supports it,</li>
<li>one can not (yet) hotplug a disk using userspace access mode for RBD</li>
<li>in case of a downgrade instances should suffer a reboot in order to
be migratable (due to core change of runtime files)</li>
<li><code class="docutils literal"><span class="pre">python-fdsend</span></code> is required for NIC hotplugging.</li>
</ul>
</div></blockquote>
</li>
</ul>
</div>
<div class="section" id="misc-changes">
<h3>Misc changes<a class="headerlink" href="#misc-changes" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>A new test framework for logical units was introduced and the test
coverage for logical units was improved significantly.</li>
<li>Opcodes are entirely generated from Haskell using the tool ‘hs2py’ and
the module ‘src/Ganeti/OpCodes.hs’.</li>
<li>Constants are also generated from Haskell using the tool
‘hs2py-constants’ and the module ‘src/Ganeti/Constants.hs’, with the
exception of socket related constants, which require changing the
cluster configuration file, and HVS related constants, because they
are part of a port of instance queries to Haskell.  As a result, these
changes will be part of the next release of Ganeti.</li>
</ul>
</div>
<div class="section" id="id40">
<h3>New dependencies<a class="headerlink" href="#id40" title="Permalink to this headline"></a></h3>
<p>The following new dependencies have been added/updated.</p>
<p>Python</p>
<ul class="simple">
<li>The version requirements for <code class="docutils literal"><span class="pre">python-mock</span></code> have increased to at least
version 1.0.1. It is still used for testing only.</li>
<li><code class="docutils literal"><span class="pre">python-fdsend</span></code> (<a class="reference external" href="https://gitorious.org/python-fdsend">https://gitorious.org/python-fdsend</a>) is optional
but required for KVM NIC hotplugging to work.</li>
</ul>
</div>
<div class="section" id="since-2-10-0-rc3">
<h3>Since 2.10.0 rc3<a class="headerlink" href="#since-2-10-0-rc3" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Fix integer overflow problem in hbal</li>
</ul>
</div>
</div>
<div class="section" id="version-2-10-0-rc3">
<h2>Version 2.10.0 rc3<a class="headerlink" href="#version-2-10-0-rc3" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 12 Feb 2014)</em></p>
<p>This was the third RC release of the 2.10 series. Since 2.10.0 rc2:</p>
<ul class="simple">
<li>Improved hotplug robustness</li>
<li>Start Ganeti daemons after ensure-dirs during upgrade</li>
<li>Documentation improvements</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Fix the RAPI instances-multi-alloc call</li>
<li>assign unique filenames to file-based disks</li>
<li>gracefully handle degraded non-diskless instances with 0 disks (issue 697)</li>
<li>noded now runs with its specified group, which is the default group,
defaulting to root (issue 707)</li>
<li>make using UUIDs to identify nodes in gnt-node consistently possible
(issue 703)</li>
</ul>
</div>
<div class="section" id="version-2-10-0-rc2">
<h2>Version 2.10.0 rc2<a class="headerlink" href="#version-2-10-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 31 Jan 2014)</em></p>
<p>This was the second RC release of the 2.10 series. Since 2.10.0 rc1:</p>
<ul class="simple">
<li>Documentation improvements</li>
<li>Run drbdsetup syncer only on network attach</li>
<li>Include target node in hooks nodes for migration</li>
<li>Fix configure dirs</li>
<li>Support post-upgrade hooks during cluster upgrades</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>Ensure that all the hypervisors exist in the config file (Issue 640)</li>
<li>Correctly recognise the role as master node (Issue 687)</li>
<li>configure: allow detection of Sphinx 1.2+ (Issue 502)</li>
<li>gnt-instance now honors the KVM path correctly (Issue 691)</li>
</ul>
<p>Inherited from the 2.8 branch:</p>
<ul class="simple">
<li>Change the list separator for the usb_devices parameter from comma to space.
Commas could not work because they are already the hypervisor option
separator (Issue 649)</li>
<li>Add support for blktap2 file-driver (Issue 638)</li>
<li>Add network tag definitions to the haskell codebase (Issue 641)</li>
<li>Fix RAPI network tag handling</li>
<li>Add the network tags to the tags searched by gnt-cluster search-tags</li>
<li>Fix caching bug preventing jobs from being cancelled</li>
<li>Start-master/stop-master was always failing if ConfD was disabled. (Issue 685)</li>
</ul>
</div>
<div class="section" id="version-2-10-0-rc1">
<h2>Version 2.10.0 rc1<a class="headerlink" href="#version-2-10-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 17 Dec 2013)</em></p>
<p>This was the first RC release of the 2.10 series. Since 2.10.0 beta1:</p>
<ul class="simple">
<li>All known issues in 2.10.0 beta1 have been resolved (see changes from
the 2.8 branch).</li>
<li>Improve handling of KVM runtime files from earlier Ganeti versions</li>
<li>Documentation fixes</li>
</ul>
<p>Inherited from the 2.9 branch:</p>
<ul class="simple">
<li>use custom KVM path if set for version checking</li>
<li>SingleNotifyPipeCondition: don’t share pollers</li>
</ul>
<p>Inherited from the 2.8 branch:</p>
<ul class="simple">
<li>Fixed Luxi daemon socket permissions after master-failover</li>
<li>Improve IP version detection code directly checking for colons rather than
passing the family from the cluster object</li>
<li>Fix NODE/NODE_RES locking in LUInstanceCreate by not acquiring NODE_RES locks
opportunistically anymore (Issue 622)</li>
<li>Allow link local IPv6 gateways (Issue 624)</li>
<li>Fix error printing (Issue 616)</li>
<li>Fix a bug in InstanceSetParams concerning names: in case no name is passed in
disk modifications, keep the old one. If name=none then set disk name to
None.</li>
<li>Update build_chroot script to work with the latest hackage packages</li>
<li>Add a packet number limit to “fping” in master-ip-setup (Issue 630)</li>
<li>Fix evacuation out of drained node (Issue 615)</li>
<li>Add default file_driver if missing (Issue 571)</li>
<li>Fix job error message after unclean master shutdown (Issue 618)</li>
<li>Lock group(s) when creating instances (Issue 621)</li>
<li>SetDiskID() before accepting an instance (Issue 633)</li>
<li>Allow the ext template disks to receive arbitrary parameters, both at creation
time and while being modified</li>
<li>Xen handle domain shutdown (future proofing cherry-pick)</li>
<li>Refactor reading live data in htools (future proofing cherry-pick)</li>
</ul>
</div>
<div class="section" id="version-2-10-0-beta1">
<h2>Version 2.10.0 beta1<a class="headerlink" href="#version-2-10-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 27 Nov 2013)</em></p>
<p>This was the first beta release of the 2.10 series. All important changes
are listed in the latest 2.10 entry.</p>
<div class="section" id="id41">
<h3>Known issues<a class="headerlink" href="#id41" title="Permalink to this headline"></a></h3>
<p>The following issues are known to be present in the beta and will be fixed
before rc1.</p>
<ul class="simple">
<li>Issue 477: Wrong permissions for confd LUXI socket</li>
<li>Issue 621: Instance related opcodes do not aquire network/group locks</li>
<li>Issue 622: Assertion Error: Node locks differ from node resource locks</li>
<li>Issue 623: IPv6 Masterd &lt;-&gt; Luxid communication error</li>
</ul>
</div>
</div>
<div class="section" id="version-2-9-7">
<h2>Version 2.9.7<a class="headerlink" href="#version-2-9-7" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 11 Dec 2015)</em></p>
<div class="section" id="id42">
<h3>Important changes and security notes<a class="headerlink" href="#id42" title="Permalink to this headline"></a></h3>
<p>Security release.</p>
<p>CVE-2015-7944</p>
<p>Ganeti provides a RESTful control interface called the RAPI. Its HTTPS
implementation is vulnerable to DoS attacks via client-initiated SSL
parameter renegotiation. While the interface is not meant to be exposed
publicly, due to the fact that it binds to all interfaces, we believe
some users might be exposing it unintentionally and are vulnerable. A
DoS attack can consume resources meant for Ganeti daemons and instances
running on the master node, making both perform badly.</p>
<p>Fixes are not feasible due to the OpenSSL Python library not exposing
functionality needed to disable client-side renegotiation. Instead, we
offer instructions on how to control RAPI’s exposure, along with info
on how RAPI can be setup alongside an HTTPS proxy in case users still
want or need to expose the RAPI interface. The instructions are
outlined in Ganeti’s security document: doc/html/security.html</p>
<p>CVE-2015-7945</p>
<p>Ganeti leaks the DRBD secret through the RAPI interface. Examining job
results after an instance information job reveals the secret. With the
DRBD secret, access to the local cluster network, and ARP poisoning,
an attacker can impersonate a Ganeti node and clone the disks of a
DRBD-based instance. While an attacker with access to the cluster
network is already capable of accessing any data written as DRBD
traffic is unencrypted, having the secret expedites the process and
allows access to the entire disk.</p>
<p>Fixes contained in this release prevent the secret from being exposed
via the RAPI. The DRBD secret can be changed by converting an instance
to plain and back to DRBD, generating a new secret, but redundancy will
be lost until the process completes.
Since attackers with node access are capable of accessing some and
potentially all data even without the secret, we do not recommend that
the secret be changed for existing instances.</p>
</div>
<div class="section" id="id43">
<h3>Minor changes<a class="headerlink" href="#id43" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>gnt-instance replace-disks no longer crashes when –ignore-policy is
passed to it</li>
<li>Stop MonD when removing a node from a cluster</li>
<li>Fix file descriptor leak in Confd client</li>
<li>Always install SIGHUP handler for Haskell daemons (Issue 755)</li>
<li>Make ganeti-cleaner switch to a safe working directory (Issue 880)</li>
<li>Make htools tolerate missing “spfree” on Luxi</li>
<li>DRBD parser: consume initial empty resource lines (Issue 869)</li>
<li>KVM: set IFF_ONE_QUEUE on created tap interfaces</li>
<li>Set exclusion tags correctly in requested instance</li>
</ul>
</div>
</div>
<div class="section" id="version-2-9-6">
<h2>Version 2.9.6<a class="headerlink" href="#version-2-9-6" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 7 Apr 2014)</em></p>
<ul class="simple">
<li>Improve RAPI detection of the watcher (Issue 752)</li>
<li>gnt-cluster copyfile: accept relative paths (Issue 754)</li>
<li>Make watcher submit queries low priority (Issue 772)</li>
<li>Add reason parameter to RAPI client functions (Issue 776)</li>
<li>Fix failing gnt-node list-drbd command (Issue 777)</li>
<li>Properly display fake job locks in gnt-debug.</li>
<li>Enable timeout for instance shutdown</li>
<li>small fixes in documentation</li>
</ul>
</div>
<div class="section" id="version-2-9-5">
<h2>Version 2.9.5<a class="headerlink" href="#version-2-9-5" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 25 Feb 2014)</em></p>
<ul class="simple">
<li>Fix overflow problem in hbal that caused it to break when waiting for
jobs for more than 10 minutes (issue 717)</li>
<li>Make hbal properly handle non-LVM storage</li>
<li>Properly export and import NIC parameters, and do so in a backwards
compatible way (issue 716)</li>
<li>Fix net-common script in case of routed mode (issue 728)</li>
<li>Improve documentation (issues 724, 730)</li>
</ul>
</div>
<div class="section" id="version-2-9-4">
<h2>Version 2.9.4<a class="headerlink" href="#version-2-9-4" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 10 Feb 2014)</em></p>
<ul class="simple">
<li>Fix the RAPI instances-multi-alloc call</li>
<li>assign unique filenames to file-based disks</li>
<li>gracefully handle degraded non-diskless instances with 0 disks (issue 697)</li>
<li>noded now runs with its specified group, which is the default group,
defaulting to root (issue 707)</li>
<li>make using UUIDs to identify nodes in gnt-node consistently possible
(issue 703)</li>
</ul>
</div>
<div class="section" id="version-2-9-3">
<h2>Version 2.9.3<a class="headerlink" href="#version-2-9-3" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 27 Jan 2014)</em></p>
<ul class="simple">
<li>Ensure that all the hypervisors exist in the config file (Issue 640)</li>
<li>Correctly recognise the role as master node (Issue 687)</li>
<li>configure: allow detection of Sphinx 1.2+ (Issue 502)</li>
<li>gnt-instance now honors the KVM path correctly (Issue 691)</li>
</ul>
<p>Inherited from the 2.8 branch:</p>
<ul class="simple">
<li>Change the list separator for the usb_devices parameter from comma to space.
Commas could not work because they are already the hypervisor option
separator (Issue 649)</li>
<li>Add support for blktap2 file-driver (Issue 638)</li>
<li>Add network tag definitions to the haskell codebase (Issue 641)</li>
<li>Fix RAPI network tag handling</li>
<li>Add the network tags to the tags searched by gnt-cluster search-tags</li>
<li>Fix caching bug preventing jobs from being cancelled</li>
<li>Start-master/stop-master was always failing if ConfD was disabled. (Issue 685)</li>
</ul>
</div>
<div class="section" id="version-2-9-2">
<h2>Version 2.9.2<a class="headerlink" href="#version-2-9-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 13 Dec 2013)</em></p>
<ul class="simple">
<li>use custom KVM path if set for version checking</li>
<li>SingleNotifyPipeCondition: don’t share pollers</li>
</ul>
<p>Inherited from the 2.8 branch:</p>
<ul class="simple">
<li>Fixed Luxi daemon socket permissions after master-failover</li>
<li>Improve IP version detection code directly checking for colons rather than
passing the family from the cluster object</li>
<li>Fix NODE/NODE_RES locking in LUInstanceCreate by not acquiring NODE_RES locks
opportunistically anymore (Issue 622)</li>
<li>Allow link local IPv6 gateways (Issue 624)</li>
<li>Fix error printing (Issue 616)</li>
<li>Fix a bug in InstanceSetParams concerning names: in case no name is passed in
disk modifications, keep the old one. If name=none then set disk name to
None.</li>
<li>Update build_chroot script to work with the latest hackage packages</li>
<li>Add a packet number limit to “fping” in master-ip-setup (Issue 630)</li>
<li>Fix evacuation out of drained node (Issue 615)</li>
<li>Add default file_driver if missing (Issue 571)</li>
<li>Fix job error message after unclean master shutdown (Issue 618)</li>
<li>Lock group(s) when creating instances (Issue 621)</li>
<li>SetDiskID() before accepting an instance (Issue 633)</li>
<li>Allow the ext template disks to receive arbitrary parameters, both at creation
time and while being modified</li>
<li>Xen handle domain shutdown (future proofing cherry-pick)</li>
<li>Refactor reading live data in htools (future proofing cherry-pick)</li>
</ul>
</div>
<div class="section" id="version-2-9-1">
<h2>Version 2.9.1<a class="headerlink" href="#version-2-9-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 13 Nov 2013)</em></p>
<ul class="simple">
<li>fix bug, that kept nodes offline when readding</li>
<li>when verifying DRBD versions, ignore unavailable nodes</li>
<li>fix bug that made the console unavailable on kvm in split-user
setup (issue 608)</li>
<li>DRBD: ensure peers are UpToDate for dual-primary (inherited 2.8.2)</li>
</ul>
</div>
<div class="section" id="version-2-9-0">
<h2>Version 2.9.0<a class="headerlink" href="#version-2-9-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 5 Nov 2013)</em></p>
<div class="section" id="id44">
<h3>Incompatible/important changes<a class="headerlink" href="#id44" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>hroller now also plans for capacity to move non-redundant instances off
any node to be rebooted; the old behavior of completely ignoring any
non-redundant instances can be restored by adding the –ignore-non-redundant
option.</li>
<li>The cluster option ‘–no-lvm-storage’ was removed in favor of the new option
‘–enabled-disk-templates’.</li>
<li>On instance creation, disk templates no longer need to be specified
with ‘-t’. The default disk template will be taken from the list of
enabled disk templates.</li>
<li>The monitoring daemon is now running as root, in order to be able to collect
information only available to root (such as the state of Xen instances).</li>
<li>The ConfD client is now IPv6 compatible.</li>
<li>File and shared file storage is no longer dis/enabled at configure time,
but using the option ‘–enabled-disk-templates’ at cluster initialization and
modification.</li>
<li>The default directories for file and shared file storage are not anymore
specified at configure time, but taken from the cluster’s configuration.
They can be set at cluster initialization and modification with
‘–file-storage-dir’ and ‘–shared-file-storage-dir’.</li>
<li>Cluster verification now includes stricter checks regarding the
default file and shared file storage directories. It now checks that
the directories are explicitly allowed in the ‘file-storage-paths’ file and
that the directories exist on all nodes.</li>
<li>The list of allowed disk templates in the instance policy and the list
of cluster-wide enabled disk templates is now checked for consistency
on cluster or group modification. On cluster initialization, the ipolicy
disk templates are ensured to be a subset of the cluster-wide enabled
disk templates.</li>
</ul>
</div>
<div class="section" id="id45">
<h3>New features<a class="headerlink" href="#id45" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>DRBD 8.4 support. Depending on the installed DRBD version, Ganeti now uses
the correct command syntax. It is possible to use different DRBD versions
on different nodes as long as they are compatible to each other. This
enables rolling upgrades of DRBD with no downtime. As permanent operation
of different DRBD versions within a node group is discouraged,
<code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code> will emit a warning if it detects such a situation.</li>
<li>New “inst-status-xen” data collector for the monitoring daemon, providing
information about the state of the xen instances on the nodes.</li>
<li>New “lv” data collector for the monitoring daemon, collecting data about the
logical volumes on the nodes, and pairing them with the name of the instances
they belong to.</li>
<li>New “diskstats” data collector, collecting the data from /proc/diskstats and
presenting them over the monitoring daemon interface.</li>
<li>The ConfD client is now IPv6 compatible.</li>
</ul>
</div>
<div class="section" id="id46">
<h3>New dependencies<a class="headerlink" href="#id46" title="Permalink to this headline"></a></h3>
<p>The following new dependencies have been added.</p>
<p>Python</p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">python-mock</span></code> (<a class="reference external" href="http://www.voidspace.org.uk/python/mock/">http://www.voidspace.org.uk/python/mock/</a>) is now a required
for the unit tests (and only used for testing).</li>
</ul>
<p>Haskell</p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">hslogger</span></code> (<a class="reference external" href="http://software.complete.org/hslogger">http://software.complete.org/hslogger</a>) is now always
required, even if confd is not enabled.</li>
</ul>
</div>
<div class="section" id="since-2-9-0-rc3">
<h3>Since 2.9.0 rc3<a class="headerlink" href="#since-2-9-0-rc3" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Correctly start/stop luxid during gnt-cluster master-failover (inherited
from stable-2.8)</li>
<li>Improved error messsages (inherited from stable-2.8)</li>
</ul>
</div>
</div>
<div class="section" id="version-2-9-0-rc3">
<h2>Version 2.9.0 rc3<a class="headerlink" href="#version-2-9-0-rc3" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 15 Oct 2013)</em></p>
<p>The third release candidate in the 2.9 series. Since 2.9.0 rc2:</p>
<ul class="simple">
<li>in implicit configuration upgrade, match ipolicy with enabled disk templates</li>
<li>improved harep documentation (inherited from stable-2.8)</li>
</ul>
</div>
<div class="section" id="version-2-9-0-rc2">
<h2>Version 2.9.0 rc2<a class="headerlink" href="#version-2-9-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 9 Oct 2013)</em></p>
<p>The second release candidate in the 2.9 series. Since 2.9.0 rc1:</p>
<ul class="simple">
<li>Fix bug in cfgupgrade that led to failure when upgrading from 2.8 with
at least one DRBD instance.</li>
<li>Fix bug in cfgupgrade that led to an invalid 2.8 configuration after
downgrading.</li>
</ul>
</div>
<div class="section" id="version-2-9-0-rc1">
<h2>Version 2.9.0 rc1<a class="headerlink" href="#version-2-9-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 1 Oct 2013)</em></p>
<p>The first release candidate in the 2.9 series. Since 2.9.0 beta1:</p>
<ul class="simple">
<li>various bug fixes</li>
<li>update of the documentation, in particular installation instructions</li>
<li>merging of LD_* constants into DT_* constants</li>
<li>python style changes to be compatible with newer versions of pylint</li>
</ul>
</div>
<div class="section" id="version-2-9-0-beta1">
<h2>Version 2.9.0 beta1<a class="headerlink" href="#version-2-9-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 29 Aug 2013)</em></p>
<p>This was the first beta release of the 2.9 series. All important changes
are listed in the latest 2.9 entry.</p>
</div>
<div class="section" id="version-2-8-4">
<h2>Version 2.8.4<a class="headerlink" href="#version-2-8-4" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 23 Jan 2014)</em></p>
<ul class="simple">
<li>Change the list separator for the usb_devices parameter from comma to space.
Commas could not work because they are already the hypervisor option
separator (Issue 649)</li>
<li>Add support for blktap2 file-driver (Issue 638)</li>
<li>Add network tag definitions to the haskell codebase (Issue 641)</li>
<li>Fix RAPI network tag handling</li>
<li>Add the network tags to the tags searched by gnt-cluster search-tags</li>
<li>Fix caching bug preventing jobs from being cancelled</li>
<li>Start-master/stop-master was always failing if ConfD was disabled. (Issue 685)</li>
</ul>
</div>
<div class="section" id="version-2-8-3">
<h2>Version 2.8.3<a class="headerlink" href="#version-2-8-3" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 12 Dec 2013)</em></p>
<ul class="simple">
<li>Fixed Luxi daemon socket permissions after master-failover</li>
<li>Improve IP version detection code directly checking for colons rather than
passing the family from the cluster object</li>
<li>Fix NODE/NODE_RES locking in LUInstanceCreate by not acquiring NODE_RES locks
opportunistically anymore (Issue 622)</li>
<li>Allow link local IPv6 gateways (Issue 624)</li>
<li>Fix error printing (Issue 616)</li>
<li>Fix a bug in InstanceSetParams concerning names: in case no name is passed in
disk modifications, keep the old one. If name=none then set disk name to
None.</li>
<li>Update build_chroot script to work with the latest hackage packages</li>
<li>Add a packet number limit to “fping” in master-ip-setup (Issue 630)</li>
<li>Fix evacuation out of drained node (Issue 615)</li>
<li>Add default file_driver if missing (Issue 571)</li>
<li>Fix job error message after unclean master shutdown (Issue 618)</li>
<li>Lock group(s) when creating instances (Issue 621)</li>
<li>SetDiskID() before accepting an instance (Issue 633)</li>
<li>Allow the ext template disks to receive arbitrary parameters, both at creation
time and while being modified</li>
<li>Xen handle domain shutdown (future proofing cherry-pick)</li>
<li>Refactor reading live data in htools (future proofing cherry-pick)</li>
</ul>
</div>
<div class="section" id="version-2-8-2">
<h2>Version 2.8.2<a class="headerlink" href="#version-2-8-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 07 Nov 2013)</em></p>
<ul class="simple">
<li>DRBD: ensure peers are UpToDate for dual-primary</li>
<li>Improve error message for replace-disks</li>
<li>More dependency checks at configure time</li>
<li>Placate warnings on ganeti.outils_unittest.py</li>
</ul>
</div>
<div class="section" id="version-2-8-1">
<h2>Version 2.8.1<a class="headerlink" href="#version-2-8-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 17 Oct 2013)</em></p>
<ul class="simple">
<li>Correctly start/stop luxid during gnt-cluster master-failover</li>
<li>Don’t attempt IPv6 ssh in case of IPv4 cluster (Issue 595)</li>
<li>Fix path for the job queue serial file</li>
<li>Improved harep man page</li>
<li>Minor documentation improvements</li>
</ul>
</div>
<div class="section" id="version-2-8-0">
<h2>Version 2.8.0<a class="headerlink" href="#version-2-8-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 30 Sep 2013)</em></p>
<div class="section" id="id47">
<h3>Incompatible/important changes<a class="headerlink" href="#id47" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Instance policy can contain multiple instance specs, as described in
the “Constrained instance sizes” section of <a class="reference internal" href="design-partitioned.html"><span class="doc">Partitioned Ganeti</span></a>. As a consequence, it’s not possible to partially change
or override instance specs. Bounding specs (min and max) can be specified as a
whole using the new option <code class="docutils literal"><span class="pre">--ipolicy-bounds-specs</span></code>, while standard
specs use the new option <code class="docutils literal"><span class="pre">--ipolicy-std-specs</span></code>.</li>
<li>The output of the info command of gnt-cluster, gnt-group, gnt-node,
gnt-instance is a valid YAML object.</li>
<li>hail now honors network restrictions when allocating nodes. This led to an
update of the IAllocator protocol. See the IAllocator documentation for
details.</li>
<li>confd now only answers static configuration request over the network. luxid
was extracted, listens on the local LUXI socket and responds to live queries.
This allows finer grained permissions if using separate users.</li>
</ul>
</div>
<div class="section" id="id48">
<h3>New features<a class="headerlink" href="#id48" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The <a class="reference internal" href="rapi.html"><span class="doc">Remote API</span></a> daemon now supports a command line flag
to always require authentication, <code class="docutils literal"><span class="pre">--require-authentication</span></code>. It can
be specified in <code class="docutils literal"><span class="pre">$sysconfdir/default/ganeti</span></code>.</li>
<li>A new cluster attribute ‘enabled_disk_templates’ is introduced. It will
be used to manage the disk templates to be used by instances in the cluster.
Initially, it will be set to a list that includes plain, drbd, if they were
enabled by specifying a volume group name, and file and sharedfile, if those
were enabled at configure time. Additionally, it will include all disk
templates that are currently used by instances. The order of disk templates
will be based on Ganeti’s history of supporting them. In the future, the
first entry of the list will be used as a default disk template on instance
creation.</li>
<li><code class="docutils literal"><span class="pre">cfgupgrade</span></code> now supports a <code class="docutils literal"><span class="pre">--downgrade</span></code> option to bring the
configuration back to the previous stable version.</li>
<li>Disk templates in group ipolicy can be restored to the default value.</li>
<li>Initial support for diskless instances and virtual clusters in QA.</li>
<li>More QA and unit tests for instance policies.</li>
<li>Every opcode now contains a reason trail (visible through <code class="docutils literal"><span class="pre">gnt-job</span> <span class="pre">info</span></code>)
describing why the opcode itself was executed.</li>
<li>The monitoring daemon is now available. It allows users to query the cluster
for obtaining information about the status of the system. The daemon is only
responsible for providing the information over the network: the actual data
gathering is performed by data collectors (currently, only the DRBD status
collector is available).</li>
<li>In order to help developers work on Ganeti, a new script
(<code class="docutils literal"><span class="pre">devel/build_chroot</span></code>) is provided, for building a chroot that contains all
the required development libraries and tools for compiling Ganeti on a Debian
Squeeze system.</li>
<li>A new tool, <code class="docutils literal"><span class="pre">harep</span></code>, for performing self-repair and recreation of instances
in Ganeti has been added.</li>
<li>Split queries are enabled for tags, network, exports, cluster info, groups,
jobs, nodes.</li>
<li>New command <code class="docutils literal"><span class="pre">show-ispecs-cmd</span></code> for <code class="docutils literal"><span class="pre">gnt-cluster</span></code> and <code class="docutils literal"><span class="pre">gnt-group</span></code>.
It prints the command line to set the current policies, to ease
changing them.</li>
<li>Add the <code class="docutils literal"><span class="pre">vnet_hdr</span></code> HV parameter for KVM, to control whether the tap
devices for KVM virtio-net interfaces will get created with VNET_HDR
(IFF_VNET_HDR) support. If set to false, it disables offloading on the
virtio-net interfaces, which prevents host kernel tainting and log
flooding, when dealing with broken or malicious virtio-net drivers.
It’s set to true by default.</li>
<li>Instance failover now supports a <code class="docutils literal"><span class="pre">--cleanup</span></code> parameter for fixing previous
failures.</li>
<li>Support ‘viridian’ parameter in Xen HVM</li>
<li>Support DSA SSH keys in bootstrap</li>
<li>To simplify the work of packaging frameworks that want to add the needed users
and groups in a split-user setup themselves, at build time three files in
<code class="docutils literal"><span class="pre">doc/users</span></code> will be generated. The <code class="docutils literal"><span class="pre">groups</span></code> files contains, one per line,
the groups to be generated, the <code class="docutils literal"><span class="pre">users</span></code> file contains, one per line, the
users to be generated, optionally followed by their primary group, where
important. The <code class="docutils literal"><span class="pre">groupmemberships</span></code> file contains, one per line, additional
user-group membership relations that need to be established. The syntax of
these files will remain stable in all future versions.</li>
</ul>
</div>
<div class="section" id="id49">
<h3>New dependencies<a class="headerlink" href="#id49" title="Permalink to this headline"></a></h3>
<p>The following new dependencies have been added:</p>
<p>For Haskell:
- The <code class="docutils literal"><span class="pre">curl</span></code> library is not optional anymore for compiling the Haskell code.
- <code class="docutils literal"><span class="pre">snap-server</span></code> library (if monitoring is enabled).</p>
<p>For Python:
- The minimum Python version needed to run Ganeti is now 2.6.
- <code class="docutils literal"><span class="pre">yaml</span></code> library (only for running the QA).</p>
</div>
<div class="section" id="since-2-8-0-rc3">
<h3>Since 2.8.0 rc3<a class="headerlink" href="#since-2-8-0-rc3" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Perform proper cleanup on termination of Haskell daemons</li>
<li>Fix corner-case in handling of remaining retry time</li>
</ul>
</div>
</div>
<div class="section" id="version-2-8-0-rc3">
<h2>Version 2.8.0 rc3<a class="headerlink" href="#version-2-8-0-rc3" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 17 Sep 2013)</em></p>
<ul class="simple">
<li>To simplify the work of packaging frameworks that want to add the needed users
and groups in a split-user setup themselves, at build time three files in
<code class="docutils literal"><span class="pre">doc/users</span></code> will be generated. The <code class="docutils literal"><span class="pre">groups</span></code> files contains, one per line,
the groups to be generated, the <code class="docutils literal"><span class="pre">users</span></code> file contains, one per line, the
users to be generated, optionally followed by their primary group, where
important. The <code class="docutils literal"><span class="pre">groupmemberships</span></code> file contains, one per line, additional
user-group membership relations that need to be established. The syntax of
these files will remain stable in all future versions.</li>
<li>Add a default to file-driver when unspecified over RAPI (Issue 571)</li>
<li>Mark the DSA host pubkey as optional, and remove it during config downgrade
(Issue 560)</li>
<li>Some documentation fixes</li>
</ul>
</div>
<div class="section" id="version-2-8-0-rc2">
<h2>Version 2.8.0 rc2<a class="headerlink" href="#version-2-8-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 27 Aug 2013)</em></p>
<p>The second release candidate of the 2.8 series. Since 2.8.0. rc1:</p>
<ul class="simple">
<li>Support ‘viridian’ parameter in Xen HVM (Issue 233)</li>
<li>Include VCS version in <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">version</span></code></li>
<li>Support DSA SSH keys in bootstrap (Issue 338)</li>
<li>Fix batch creation of instances</li>
<li>Use FQDN to check master node status (Issue 551)</li>
<li>Make the DRBD collector more failure-resilient</li>
</ul>
</div>
<div class="section" id="version-2-8-0-rc1">
<h2>Version 2.8.0 rc1<a class="headerlink" href="#version-2-8-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 2 Aug 2013)</em></p>
<p>The first release candidate of the 2.8 series. Since 2.8.0 beta1:</p>
<ul class="simple">
<li>Fix upgrading/downgrading from 2.7</li>
<li>Increase maximum RAPI message size</li>
<li>Documentation updates</li>
<li>Split <code class="docutils literal"><span class="pre">confd</span></code> between <code class="docutils literal"><span class="pre">luxid</span></code> and <code class="docutils literal"><span class="pre">confd</span></code></li>
<li>Merge 2.7 series up to the 2.7.1 release</li>
<li>Allow the <code class="docutils literal"><span class="pre">modify_etc_hosts</span></code> option to be changed</li>
<li>Add better debugging for <code class="docutils literal"><span class="pre">luxid</span></code> queries</li>
<li>Expose bulk parameter for GetJobs in RAPI client</li>
<li>Expose missing <code class="docutils literal"><span class="pre">network</span></code> fields in RAPI</li>
<li>Add some <code class="docutils literal"><span class="pre">cluster</span> <span class="pre">verify</span></code> tests</li>
<li>Some unittest fixes</li>
<li>Fix a malfunction in <code class="docutils literal"><span class="pre">hspace</span></code>’s tiered allocation</li>
<li>Fix query compatibility between haskell and python implementations</li>
<li>Add the <code class="docutils literal"><span class="pre">vnet_hdr</span></code> HV parameter for KVM</li>
<li>Add <code class="docutils literal"><span class="pre">--cleanup</span></code> to instance failover</li>
<li>Change the connected groups format in <code class="docutils literal"><span class="pre">gnt-network</span> <span class="pre">info</span></code> output; it
was previously displayed as a raw list by mistake. (Merged from 2.7)</li>
</ul>
</div>
<div class="section" id="version-2-8-0-beta1">
<h2>Version 2.8.0 beta1<a class="headerlink" href="#version-2-8-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 24 Jun 2013)</em></p>
<p>This was the first beta release of the 2.8 series. All important changes
are listed in the latest 2.8 entry.</p>
</div>
<div class="section" id="version-2-7-2">
<h2>Version 2.7.2<a class="headerlink" href="#version-2-7-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 26 Sep 2013)</em></p>
<ul class="simple">
<li>Change the connected groups format in <code class="docutils literal"><span class="pre">gnt-network</span> <span class="pre">info</span></code> output; it
was previously displayed as a raw list by mistake</li>
<li>Check disk template in right dict when copying</li>
<li>Support multi-instance allocs without iallocator</li>
<li>Fix some errors in the documentation</li>
<li>Fix formatting of tuple in an error message</li>
</ul>
</div>
<div class="section" id="version-2-7-1">
<h2>Version 2.7.1<a class="headerlink" href="#version-2-7-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 25 Jul 2013)</em></p>
<ul class="simple">
<li>Add logrotate functionality in daemon-util</li>
<li>Add logrotate example file</li>
<li>Add missing fields to network queries over rapi</li>
<li>Fix network object timestamps</li>
<li>Add support for querying network timestamps</li>
<li>Fix a typo in the example crontab</li>
<li>Fix a documentation typo</li>
</ul>
</div>
<div class="section" id="version-2-7-0">
<h2>Version 2.7.0<a class="headerlink" href="#version-2-7-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 04 Jul 2013)</em></p>
<div class="section" id="id50">
<h3>Incompatible/important changes<a class="headerlink" href="#id50" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Instance policies for disk size were documented to be on a per-disk
basis, but hail applied them to the sum of all disks. This has been
fixed.</li>
<li><code class="docutils literal"><span class="pre">hbal</span></code> will now exit with status 0 if, during job execution over
LUXI, early exit has been requested and all jobs are successful;
before, exit status 1 was used, which cannot be differentiated from
“job error” case</li>
<li>Compatibility with newer versions of rbd has been fixed</li>
<li><code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">batch-create</span></code> has been changed to use the bulk create
opcode from Ganeti. This lead to incompatible changes in the format of
the JSON file. It’s now not a custom dict anymore but a dict
compatible with the <code class="docutils literal"><span class="pre">OpInstanceCreate</span></code> opcode.</li>
<li>Parent directories for file storage need to be listed in
<code class="docutils literal"><span class="pre">$sysconfdir/ganeti/file-storage-paths</span></code> now. <code class="docutils literal"><span class="pre">cfgupgrade</span></code> will
write the file automatically based on old configuration values, but it
can not distribute it across all nodes and the file contents should be
verified. Use <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">copyfile</span>
<span class="pre">$sysconfdir/ganeti/file-storage-paths</span></code> once the cluster has been
upgraded. The reason for requiring this list of paths now is that
before it would have been possible to inject new paths via RPC,
allowing files to be created in arbitrary locations. The RPC protocol
is protected using SSL/X.509 certificates, but as a design principle
Ganeti does not permit arbitrary paths to be passed.</li>
<li>The parsing of the variants file for OSes (see
<em class="manpage">ganeti-os-interface(7)</em>) has been slightly changed: now empty
lines and comment lines (starting with <code class="docutils literal"><span class="pre">#</span></code>) are ignored for better
readability.</li>
<li>The <code class="docutils literal"><span class="pre">setup-ssh</span></code> tool added in Ganeti 2.2 has been replaced and is no
longer available. <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">add</span></code> now invokes a new tool on the
destination node, named <code class="docutils literal"><span class="pre">prepare-node-join</span></code>, to configure the SSH
daemon. Paramiko is no longer necessary to configure nodes’ SSH
daemons via <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">add</span></code>.</li>
<li>Draining (<code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">queue</span> <span class="pre">drain</span></code>) and un-draining the job queue
(<code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">queue</span> <span class="pre">undrain</span></code>) now affects all nodes in a cluster and
the flag is not reset after a master failover.</li>
<li>Python 2.4 has <em>not</em> been tested with this release. Using 2.6 or above
is recommended. 2.6 will be mandatory from the 2.8 series.</li>
</ul>
</div>
<div class="section" id="id51">
<h3>New features<a class="headerlink" href="#id51" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>New network management functionality to support automatic allocation
of IP addresses and managing of network parameters. See
<em class="manpage">gnt-network(8)</em> for more details.</li>
<li>New external storage backend, to allow managing arbitrary storage
systems external to the cluster. See
<em class="manpage">ganeti-extstorage-interface(7)</em>.</li>
<li>New <code class="docutils literal"><span class="pre">exclusive-storage</span></code> node parameter added, restricted to
nodegroup level. When it’s set to true, physical disks are assigned in
an exclusive fashion to instances, as documented in <a class="reference internal" href="design-partitioned.html"><span class="doc">Partitioned
Ganeti</span></a>.  Currently, only instances using the
<code class="docutils literal"><span class="pre">plain</span></code> disk template are supported.</li>
<li>The KVM hypervisor has been updated with many new hypervisor
parameters, including a generic one for passing arbitrary command line
values. See a complete list in <em class="manpage">gnt-instance(8)</em>. It is now
compatible up to qemu 1.4.</li>
<li>A new tool, called <code class="docutils literal"><span class="pre">mon-collector</span></code>, is the stand-alone executor of
the data collectors for a monitoring system. As of this version, it
just includes the DRBD data collector, that can be executed by calling
<code class="docutils literal"><span class="pre">mon-collector</span></code> using the <code class="docutils literal"><span class="pre">drbd</span></code> parameter. See
<em class="manpage">mon-collector(7)</em>.</li>
<li>A new user option, <code class="docutils literal"><span class="pre">read</span></code>, has been added
for RAPI users. It allows granting permissions to query for
information to a specific user without giving
<code class="docutils literal"><span class="pre">write</span></code> permissions.</li>
<li>A new tool named <code class="docutils literal"><span class="pre">node-cleanup</span></code> has been added. It cleans remains of
a cluster from a machine by stopping all daemons, removing
certificates and ssconf files. Unless the <code class="docutils literal"><span class="pre">--no-backup</span></code> option is
given, copies of the certificates are made.</li>
<li>Instance creations now support the use of opportunistic locking,
potentially speeding up the (parallel) creation of multiple instances.
This feature is currently only available via the <a class="reference internal" href="rapi.html"><span class="doc">RAPI</span></a> interface and when an instance allocator is used. If the
<code class="docutils literal"><span class="pre">opportunistic_locking</span></code> parameter is set the opcode will try to
acquire as many locks as possible, but will not wait for any locks
held by other opcodes. If not enough resources can be found to
allocate the instance, the temporary error code
<code class="docutils literal"><span class="pre">temp_insufficient_resources</span></code> is returned. The operation can be
retried thereafter, with or without opportunistic locking.</li>
<li>New experimental linux-ha resource scripts.</li>
<li>Restricted-commands support: ganeti can now be asked (via command line
or rapi) to perform commands on a node. These are passed via ganeti
RPC rather than ssh. This functionality is restricted to commands
specified on the <code class="docutils literal"><span class="pre">$sysconfdir/ganeti/restricted-commands</span></code> for security
reasons. The file is not copied automatically.</li>
</ul>
</div>
<div class="section" id="id52">
<h3>Misc changes<a class="headerlink" href="#id52" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Diskless instances are now externally mirrored (Issue 237). This for
now has only been tested in conjunction with explicit target nodes for
migration/failover.</li>
<li>Queries not needing locks or RPC access to the node can now be
performed by the confd daemon, making them independent from jobs, and
thus faster to execute. This is selectable at configure time.</li>
<li>The functionality for allocating multiple instances at once has been
overhauled and is now also available through <a class="reference internal" href="rapi.html"><span class="doc">RAPI</span></a>.</li>
</ul>
<p>There are no significant changes from version 2.7.0~rc3.</p>
</div>
</div>
<div class="section" id="version-2-7-0-rc3">
<h2>Version 2.7.0 rc3<a class="headerlink" href="#version-2-7-0-rc3" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 25 Jun 2013)</em></p>
<ul class="simple">
<li>Fix permissions on the confd query socket (Issue 477)</li>
<li>Fix permissions on the job archive dir (Issue 498)</li>
<li>Fix handling of an internal exception in replace-disks (Issue 472)</li>
<li>Fix gnt-node info handling of shortened names (Issue 497)</li>
<li>Fix gnt-instance grow-disk when wiping is enabled</li>
<li>Documentation improvements, and support for newer pandoc</li>
<li>Fix hspace honoring ipolicy for disks (Issue 484)</li>
<li>Improve handling of the <code class="docutils literal"><span class="pre">kvm_extra</span></code> HV parameter</li>
</ul>
</div>
<div class="section" id="version-2-7-0-rc2">
<h2>Version 2.7.0 rc2<a class="headerlink" href="#version-2-7-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 24 May 2013)</em></p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">devel/upload</span></code> now works when <code class="docutils literal"><span class="pre">/var/run</span></code> on the target nodes is a
symlink.</li>
<li>Disks added through <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">modify</span></code> or created through
<code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">recreate-disks</span></code> are wiped, if the
<code class="docutils literal"><span class="pre">prealloc_wipe_disks</span></code> flag is set.</li>
<li>If wiping newly created disks fails, the disks are removed. Also,
partial failures in creating disks through <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">modify</span></code>
triggers a cleanup of the partially-created disks.</li>
<li>Removing the master IP address doesn’t fail if the address has been
already removed.</li>
<li>Fix ownership of the OS log dir</li>
<li>Workaround missing SO_PEERCRED constant (Issue 191)</li>
</ul>
</div>
<div class="section" id="version-2-7-0-rc1">
<h2>Version 2.7.0 rc1<a class="headerlink" href="#version-2-7-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 3 May 2013)</em></p>
<p>This was the first release candidate of the 2.7 series. Since beta3:</p>
<ul class="simple">
<li>Fix kvm compatibility with qemu 1.4 (Issue 389)</li>
<li>Documentation updates (admin guide, upgrade notes, install
instructions) (Issue 372)</li>
<li>Fix gnt-group list nodes and instances count (Issue 436)</li>
<li>Fix compilation without non-mandatory libraries (Issue 441)</li>
<li>Fix xen-hvm hypervisor forcing nics to type ‘ioemu’ (Issue 247)</li>
<li>Make confd logging more verbose at INFO level (Issue 435)</li>
<li>Improve “networks” documentation in <em class="manpage">gnt-instance(8)</em></li>
<li>Fix failure path for instance storage type conversion (Issue 229)</li>
<li>Update htools text backend documentation</li>
<li>Improve the renew-crypto section of <em class="manpage">gnt-cluster(8)</em></li>
<li>Disable inter-cluster instance move for file-based instances, because
it is dependant on instance export, which is not supported for
file-based instances. (Issue 414)</li>
<li>Fix gnt-job crashes on non-ascii characters (Issue 427)</li>
<li>Fix volume group checks on non-vm-capable nodes (Issue 432)</li>
</ul>
</div>
<div class="section" id="version-2-7-0-beta3">
<h2>Version 2.7.0 beta3<a class="headerlink" href="#version-2-7-0-beta3" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 22 Apr 2013)</em></p>
<p>This was the third beta release of the 2.7 series. Since beta2:</p>
<ul class="simple">
<li>Fix hail to verify disk instance policies on a per-disk basis (Issue 418).</li>
<li>Fix data loss on wrong usage of <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">move</span></code></li>
<li>Properly export errors in confd-based job queries</li>
<li>Add <code class="docutils literal"><span class="pre">users-setup</span></code> tool</li>
<li>Fix iallocator protocol to report 0 as a disk size for diskless
instances. This avoids hail breaking when a diskless instance is
present.</li>
<li>Fix job queue directory permission problem that made confd job queries
fail. This requires running an <code class="docutils literal"><span class="pre">ensure-dirs</span> <span class="pre">--full-run</span></code> on upgrade
for access to archived jobs (Issue 406).</li>
<li>Limit the sizes of networks supported by <code class="docutils literal"><span class="pre">gnt-network</span></code> to something
between a <code class="docutils literal"><span class="pre">/16</span></code> and a <code class="docutils literal"><span class="pre">/30</span></code> to prevent memory bloat and crashes.</li>
<li>Fix bugs in instance disk template conversion</li>
<li>Fix GHC 7 compatibility</li>
<li>Fix <code class="docutils literal"><span class="pre">burnin</span></code> install path (Issue 426).</li>
<li>Allow very small disk grows (Issue 347).</li>
<li>Fix a <code class="docutils literal"><span class="pre">ganeti-noded</span></code> memory bloat introduced in 2.5, by making sure
that noded doesn’t import masterd code (Issue 419).</li>
<li>Make sure the default metavg at cluster init is the same as the vg, if
unspecified (Issue 358).</li>
<li>Fix cleanup of partially created disks (part of Issue 416)</li>
</ul>
</div>
<div class="section" id="version-2-7-0-beta2">
<h2>Version 2.7.0 beta2<a class="headerlink" href="#version-2-7-0-beta2" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 2 Apr 2013)</em></p>
<p>This was the second beta release of the 2.7 series. Since beta1:</p>
<ul class="simple">
<li>Networks no longer have a “type” slot, since this information was
unused in Ganeti: instead of it tags should be used.</li>
<li>The rapi client now has a <code class="docutils literal"><span class="pre">target_node</span></code> option to MigrateInstance.</li>
<li>Fix early exit return code for hbal (Issue 386).</li>
<li>Fix <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">migrate/failover</span> <span class="pre">-n</span></code> (Issue 396).</li>
<li>Fix <code class="docutils literal"><span class="pre">rbd</span> <span class="pre">showmapped</span></code> output parsing (Issue 312).</li>
<li>Networks are now referenced indexed by UUID, rather than name. This
will require running cfgupgrade, from 2.7.0beta1, if networks are in
use.</li>
<li>The OS environment now includes network information.</li>
<li>Deleting of a network is now disallowed if any instance nic is using
it, to prevent dangling references.</li>
<li>External storage is now documented in man pages.</li>
<li>The exclusive_storage flag can now only be set at nodegroup level.</li>
<li>Hbal can now submit an explicit priority with its jobs.</li>
<li>Many network related locking fixes.</li>
<li>Bump up the required pylint version to 0.25.1.</li>
<li>Fix the <code class="docutils literal"><span class="pre">no_remember</span></code> option in RAPI client.</li>
<li>Many ipolicy related tests, qa, and fixes.</li>
<li>Many documentation improvements and fixes.</li>
<li>Fix building with <code class="docutils literal"><span class="pre">--disable-file-storage</span></code>.</li>
<li>Fix <code class="docutils literal"><span class="pre">-q</span></code> option in htools, which was broken if passed more than
once.</li>
<li>Some haskell/python interaction improvements and fixes.</li>
<li>Fix iallocator in case of missing LVM storage.</li>
<li>Fix confd config load in case of <code class="docutils literal"><span class="pre">--no-lvm-storage</span></code>.</li>
<li>The confd/query functionality is now mentioned in the security
documentation.</li>
</ul>
</div>
<div class="section" id="version-2-7-0-beta1">
<h2>Version 2.7.0 beta1<a class="headerlink" href="#version-2-7-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 6 Feb 2013)</em></p>
<p>This was the first beta release of the 2.7 series. All important changes
are listed in the latest 2.7 entry.</p>
</div>
<div class="section" id="version-2-6-2">
<h2>Version 2.6.2<a class="headerlink" href="#version-2-6-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 21 Dec 2012)</em></p>
<p>Important behaviour change: hbal won’t rebalance anymore instances which
have the <code class="docutils literal"><span class="pre">auto_balance</span></code> attribute set to false. This was the intention
all along, but until now it only skipped those from the N+1 memory
reservation (DRBD-specific).</p>
<p>A significant number of bug fixes in this release:</p>
<ul class="simple">
<li>Fixed disk adoption interaction with ipolicy checks.</li>
<li>Fixed networking issues when instances are started, stopped or
migrated, by forcing the tap device’s MAC prefix to “fe” (issue 217).</li>
<li>Fixed the warning in cluster verify for shared storage instances not
being redundant.</li>
<li>Fixed removal of storage directory on shared file storage (issue 262).</li>
<li>Fixed validation of LVM volume group name in OpClusterSetParams
(<code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">modify</span></code>) (issue 285).</li>
<li>Fixed runtime memory increases (<code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">modify</span> <span class="pre">-m</span></code>).</li>
<li>Fixed live migration under Xen’s <code class="docutils literal"><span class="pre">xl</span></code> mode.</li>
<li>Fixed <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">console</span></code> with <code class="docutils literal"><span class="pre">xl</span></code>.</li>
<li>Fixed building with newer Haskell compiler/libraries.</li>
<li>Fixed PID file writing in Haskell daemons (confd); this prevents
restart issues if confd was launched manually (outside of
<code class="docutils literal"><span class="pre">daemon-util</span></code>) while another copy of it was running</li>
<li>Fixed a type error when doing live migrations with KVM (issue 297) and
the error messages for failing migrations have been improved.</li>
<li>Fixed opcode validation for the out-of-band commands (<code class="docutils literal"><span class="pre">gnt-node</span>
<span class="pre">power</span></code>).</li>
<li>Fixed a type error when unsetting OS hypervisor parameters (issue
311); now it’s possible to unset all OS-specific hypervisor
parameters.</li>
<li>Fixed the <code class="docutils literal"><span class="pre">dry-run</span></code> mode for many operations: verification of
results was over-zealous but didn’t take into account the <code class="docutils literal"><span class="pre">dry-run</span></code>
operation, resulting in “wrong” failures.</li>
<li>Fixed bash completion in <code class="docutils literal"><span class="pre">gnt-job</span> <span class="pre">list</span></code> when the job queue has
hundreds of entries; especially with older <code class="docutils literal"><span class="pre">bash</span></code> versions, this
results in significant CPU usage.</li>
</ul>
<p>And lastly, a few other improvements have been made:</p>
<ul class="simple">
<li>Added option to force master-failover without voting (issue 282).</li>
<li>Clarified error message on lock conflict (issue 287).</li>
<li>Logging of newly submitted jobs has been improved (issue 290).</li>
<li>Hostname checks have been made uniform between instance rename and
create (issue 291).</li>
<li>The <code class="docutils literal"><span class="pre">--submit</span></code> option is now supported by <code class="docutils literal"><span class="pre">gnt-debug</span> <span class="pre">delay</span></code>.</li>
<li>Shutting down the master daemon by sending SIGTERM now stops it from
processing jobs waiting for locks; instead, those jobs will be started
once again after the master daemon is started the next time (issue
296).</li>
<li>Support for Xen’s <code class="docutils literal"><span class="pre">xl</span></code> program has been improved (besides the fixes
above).</li>
<li>Reduced logging noise in the Haskell confd daemon (only show one log
entry for each config reload, instead of two).</li>
<li>Several man page updates and typo fixes.</li>
</ul>
</div>
<div class="section" id="version-2-6-1">
<h2>Version 2.6.1<a class="headerlink" href="#version-2-6-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 12 Oct 2012)</em></p>
<p>A small bugfix release. Among the bugs fixed:</p>
<ul class="simple">
<li>Fixed double use of <code class="docutils literal"><span class="pre">PRIORITY_OPT</span></code> in <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">migrate</span></code>, that
made the command unusable.</li>
<li>Commands that issue many jobs don’t fail anymore just because some jobs
take so long that other jobs are archived.</li>
<li>Failures during <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">reinstall</span></code> are reflected by the exit
status.</li>
<li>Issue 190 fixed. Check for DRBD in cluster verify is enabled only when
DRBD is enabled.</li>
<li>When <code class="docutils literal"><span class="pre">always_failover</span></code> is set, <code class="docutils literal"><span class="pre">--allow-failover</span></code> is not required
in migrate commands anymore.</li>
<li><code class="docutils literal"><span class="pre">bash_completion</span></code> works even if extglob is disabled.</li>
<li>Fixed bug with locks that made failover for RDB-based instances fail.</li>
<li>Fixed bug in non-mirrored instance allocation that made Ganeti choose
a random node instead of one based on the allocator metric.</li>
<li>Support for newer versions of pylint and pep8.</li>
<li>Hail doesn’t fail anymore when trying to add an instance of type
<code class="docutils literal"><span class="pre">file</span></code>, <code class="docutils literal"><span class="pre">sharedfile</span></code> or <code class="docutils literal"><span class="pre">rbd</span></code>.</li>
<li>Added new Makefile target to rebuild the whole distribution, so that
all files are included.</li>
</ul>
</div>
<div class="section" id="version-2-6-0">
<h2>Version 2.6.0<a class="headerlink" href="#version-2-6-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 27 Jul 2012)</em></p>
<div class="admonition attention">
<p class="first admonition-title">Attention</p>
<p class="last">The <code class="docutils literal"><span class="pre">LUXI</span></code> protocol has been made more consistent
regarding its handling of command arguments. This, however, leads to
incompatibility issues with previous versions. Please ensure that you
restart Ganeti daemons soon after the upgrade, otherwise most
<code class="docutils literal"><span class="pre">LUXI</span></code> calls (job submission, setting/resetting the drain flag,
pausing/resuming the watcher, cancelling and archiving jobs, querying
the cluster configuration) will fail.</p>
</div>
<div class="section" id="id53">
<h3>New features<a class="headerlink" href="#id53" title="Permalink to this headline"></a></h3>
<div class="section" id="instance-run-status">
<h4>Instance run status<a class="headerlink" href="#instance-run-status" title="Permalink to this headline"></a></h4>
<p>The current <code class="docutils literal"><span class="pre">admin_up</span></code> field, which used to denote whether an instance
should be running or not, has been removed. Instead, <code class="docutils literal"><span class="pre">admin_state</span></code> is
introduced, with 3 possible values – <code class="docutils literal"><span class="pre">up</span></code>, <code class="docutils literal"><span class="pre">down</span></code> and <code class="docutils literal"><span class="pre">offline</span></code>.</p>
<p>The rational behind this is that an instance being “down” can have
different meanings:</p>
<ul class="simple">
<li>it could be down during a reboot</li>
<li>it could be temporarily be down for a reinstall</li>
<li>or it could be down because it is deprecated and kept just for its
disk</li>
</ul>
<p>The previous Boolean state was making it difficult to do capacity
calculations: should Ganeti reserve memory for a down instance? Now, the
tri-state field makes it clear:</p>
<ul class="simple">
<li>in <code class="docutils literal"><span class="pre">up</span></code> and <code class="docutils literal"><span class="pre">down</span></code> state, all resources are reserved for the
instance, and it can be at any time brought up if it is down</li>
<li>in <code class="docutils literal"><span class="pre">offline</span></code> state, only disk space is reserved for it, but not
memory or CPUs</li>
</ul>
<p>The field can have an extra use: since the transition between <code class="docutils literal"><span class="pre">up</span></code> and
<code class="docutils literal"><span class="pre">down</span></code> and vice-versus is done via <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">start/stop</span></code>, but
transition between <code class="docutils literal"><span class="pre">offline</span></code> and <code class="docutils literal"><span class="pre">down</span></code> is done via <code class="docutils literal"><span class="pre">gnt-instance</span>
<span class="pre">modify</span></code>, it is possible to given different rights to users. For
example, owners of an instance could be allowed to start/stop it, but
not transition it out of the offline state.</p>
</div>
<div class="section" id="instance-policies-and-specs">
<h4>Instance policies and specs<a class="headerlink" href="#instance-policies-and-specs" title="Permalink to this headline"></a></h4>
<p>In previous Ganeti versions, an instance creation request was not
limited on the minimum size and on the maximum size just by the cluster
resources. As such, any policy could be implemented only in third-party
clients (RAPI clients, or shell wrappers over <code class="docutils literal"><span class="pre">gnt-*</span></code>
tools). Furthermore, calculating cluster capacity via <code class="docutils literal"><span class="pre">hspace</span></code> again
required external input with regards to instance sizes.</p>
<p>In order to improve these workflows and to allow for example better
per-node group differentiation, we introduced instance specs, which
allow declaring:</p>
<ul class="simple">
<li>minimum instance disk size, disk count, memory size, cpu count</li>
<li>maximum values for the above metrics</li>
<li>and “standard” values (used in <code class="docutils literal"><span class="pre">hspace</span></code> to calculate the standard
sized instances)</li>
</ul>
<p>The minimum/maximum values can be also customised at node-group level,
for example allowing more powerful hardware to support bigger instance
memory sizes.</p>
<p>Beside the instance specs, there are a few other settings belonging to
the instance policy framework. It is possible now to customise, per
cluster and node-group:</p>
<ul class="simple">
<li>the list of allowed disk templates</li>
<li>the maximum ratio of VCPUs per PCPUs (to control CPU oversubscription)</li>
<li>the maximum ratio of instance to spindles (see below for more
information) for local storage</li>
</ul>
<p>All these together should allow all tools that talk to Ganeti to know
what are the ranges of allowed values for instances and the
over-subscription that is allowed.</p>
<p>For the VCPU/PCPU ratio, we already have the VCPU configuration from the
instance configuration, and the physical CPU configuration from the
node. For the spindle ratios however, we didn’t track before these
values, so new parameters have been added:</p>
<ul class="simple">
<li>a new node parameter <code class="docutils literal"><span class="pre">spindle_count</span></code>, defaults to 1, customisable at
node group or node level</li>
<li>at new backend parameter (for instances), <code class="docutils literal"><span class="pre">spindle_use</span></code> defaults to 1</li>
</ul>
<p>Note that spindles in this context doesn’t need to mean actual
mechanical hard-drives; it’s just a relative number for both the node
I/O capacity and instance I/O consumption.</p>
</div>
<div class="section" id="instance-migration-behaviour">
<h4>Instance migration behaviour<a class="headerlink" href="#instance-migration-behaviour" title="Permalink to this headline"></a></h4>
<p>While live-migration is in general desirable over failover, it is
possible that for some workloads it is actually worse, due to the
variable time of the “suspend” phase during live migration.</p>
<p>To allow the tools to work consistently over such instances (without
having to hard-code instance names), a new backend parameter
<code class="docutils literal"><span class="pre">always_failover</span></code> has been added to control the migration/failover
behaviour. When set to True, all migration requests for an instance will
instead fall-back to failover.</p>
</div>
<div class="section" id="instance-memory-ballooning">
<h4>Instance memory ballooning<a class="headerlink" href="#instance-memory-ballooning" title="Permalink to this headline"></a></h4>
<p>Initial support for memory ballooning has been added. The memory for an
instance is no longer fixed (backend parameter <code class="docutils literal"><span class="pre">memory</span></code>), but instead
can vary between minimum and maximum values (backend parameters
<code class="docutils literal"><span class="pre">minmem</span></code> and <code class="docutils literal"><span class="pre">maxmem</span></code>). Currently we only change an instance’s
memory when:</p>
<ul class="simple">
<li>live migrating or failing over and instance and the target node
doesn’t have enough memory</li>
<li>user requests changing the memory via <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">modify</span>
<span class="pre">--runtime-memory</span></code></li>
</ul>
</div>
<div class="section" id="instance-cpu-pinning">
<h4>Instance CPU pinning<a class="headerlink" href="#instance-cpu-pinning" title="Permalink to this headline"></a></h4>
<p>In order to control the use of specific CPUs by instance, support for
controlling CPU pinning has been added for the Xen, HVM and LXC
hypervisors. This is controlled by a new hypervisor parameter
<code class="docutils literal"><span class="pre">cpu_mask</span></code>; details about possible values for this are in the
<em class="manpage">gnt-instance(8)</em>. Note that use of the most specific (precise
VCPU-to-CPU mapping) form will work well only when all nodes in your
cluster have the same amount of CPUs.</p>
</div>
<div class="section" id="disk-parameters">
<h4>Disk parameters<a class="headerlink" href="#disk-parameters" title="Permalink to this headline"></a></h4>
<p>Another area in which Ganeti was not customisable were the parameters
used for storage configuration, e.g. how many stripes to use for LVM,
DRBD resync configuration, etc.</p>
<p>To improve this area, we’ve added disks parameters, which are
customisable at cluster and node group level, and which allow to
specify various parameters for disks (DRBD has the most parameters
currently), for example:</p>
<ul class="simple">
<li>DRBD resync algorithm and parameters (e.g. speed)</li>
<li>the default VG for meta-data volumes for DRBD</li>
<li>number of stripes for LVM (plain disk template)</li>
<li>the RBD pool</li>
</ul>
<p>These parameters can be modified via <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">modify</span> <span class="pre">-D</span> <span class="pre"></span></code> and
<code class="docutils literal"><span class="pre">gnt-group</span> <span class="pre">modify</span> <span class="pre">-D</span> <span class="pre"></span></code>, and are used at either instance creation (in
case of LVM stripes, for example) or at disk “activation” time
(e.g. resync speed).</p>
</div>
<div class="section" id="rados-block-device-support">
<h4>Rados block device support<a class="headerlink" href="#rados-block-device-support" title="Permalink to this headline"></a></h4>
<p>A Rados (<a class="reference external" href="http://ceph.com/wiki/Rbd">http://ceph.com/wiki/Rbd</a>) storage backend has been added,
denoted by the <code class="docutils literal"><span class="pre">rbd</span></code> disk template type. This is considered
experimental, feedback is welcome. For details on configuring it, see
the <a class="reference internal" href="install.html"><span class="doc">Ganeti installation tutorial</span></a> document and the <em class="manpage">gnt-cluster(8)</em> man page.</p>
</div>
<div class="section" id="master-ip-setup">
<h4>Master IP setup<a class="headerlink" href="#master-ip-setup" title="Permalink to this headline"></a></h4>
<p>The existing master IP functionality works well only in simple setups (a
single network shared by all nodes); however, if nodes belong to
different networks, then the <code class="docutils literal"><span class="pre">/32</span></code> setup and lack of routing
information is not enough.</p>
<p>To allow the master IP to function well in more complex cases, the
system was reworked as follows:</p>
<ul class="simple">
<li>a master IP netmask setting has been added</li>
<li>the master IP activation/turn-down code was moved from the node daemon
to a separate script</li>
<li>whether to run the Ganeti-supplied master IP script or a user-supplied
on is a <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">init</span></code> setting</li>
</ul>
<p>Details about the location of the standard and custom setup scripts are
in the man page <em class="manpage">gnt-cluster(8)</em>; for information about the
setup script protocol, look at the Ganeti-supplied script.</p>
</div>
<div class="section" id="spice-support">
<h4>SPICE support<a class="headerlink" href="#spice-support" title="Permalink to this headline"></a></h4>
<p>The <a class="reference external" href="http://www.linux-kvm.org/page/SPICE">SPICE</a> support has been
improved.</p>
<p>It is now possible to use TLS-protected connections, and when renewing
or changing the cluster certificates (via <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">renew-crypto</span></code>,
it is now possible to specify spice or spice CA certificates. Also, it
is possible to configure a password for SPICE sessions via the
hypervisor parameter <code class="docutils literal"><span class="pre">spice_password_file</span></code>.</p>
<p>There are also new parameters to control the compression and streaming
options (e.g. <code class="docutils literal"><span class="pre">spice_image_compression</span></code>, <code class="docutils literal"><span class="pre">spice_streaming_video</span></code>,
etc.). For details, see the man page <em class="manpage">gnt-instance(8)</em> and look
for the spice parameters.</p>
<p>Lastly, it is now possible to see the SPICE connection information via
<code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">console</span></code>.</p>
</div>
<div class="section" id="ovf-converter">
<h4>OVF converter<a class="headerlink" href="#ovf-converter" title="Permalink to this headline"></a></h4>
<p>A new tool (<code class="docutils literal"><span class="pre">tools/ovfconverter</span></code>) has been added that supports
conversion between Ganeti and the <a class="reference external" href="http://en.wikipedia.org/wiki/Open_Virtualization_Format">Open Virtualization Format</a> (both to and
from).</p>
<p>This relies on the <code class="docutils literal"><span class="pre">qemu-img</span></code> tool to convert the disk formats, so the
actual compatibility with other virtualization solutions depends on it.</p>
</div>
<div class="section" id="confd-daemon-changes">
<h4>Confd daemon changes<a class="headerlink" href="#confd-daemon-changes" title="Permalink to this headline"></a></h4>
<p>The configuration query daemon (<code class="docutils literal"><span class="pre">ganeti-confd</span></code>) is now optional, and
has been rewritten in Haskell; whether to use the daemon at all, use the
Python (default) or the Haskell version is selectable at configure time
via the <code class="docutils literal"><span class="pre">--enable-confd</span></code> parameter, which can take one of the
<code class="docutils literal"><span class="pre">haskell</span></code>, <code class="docutils literal"><span class="pre">python</span></code> or <code class="docutils literal"><span class="pre">no</span></code> values. If not used, disabling the
daemon will result in a smaller footprint; for larger systems, we
welcome feedback on the Haskell version which might become the default
in future versions.</p>
<p>If you want to use <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list-drbd</span></code> you need to have the Haskell
daemon running. The Python version doesn’t implement the new call.</p>
</div>
</div>
<div class="section" id="user-interface-changes">
<h3>User interface changes<a class="headerlink" href="#user-interface-changes" title="Permalink to this headline"></a></h3>
<p>We have replaced the <code class="docutils literal"><span class="pre">--disks</span></code> option of <code class="docutils literal"><span class="pre">gnt-instance</span>
<span class="pre">replace-disks</span></code> with a more flexible <code class="docutils literal"><span class="pre">--disk</span></code> option, which allows
adding and removing disks at arbitrary indices (Issue 188). Furthermore,
disk size and mode can be changed upon recreation (via <code class="docutils literal"><span class="pre">gnt-instance</span>
<span class="pre">recreate-disks</span></code>, which accepts the same <code class="docutils literal"><span class="pre">--disk</span></code> option).</p>
<p>As many people are used to a <code class="docutils literal"><span class="pre">show</span></code> command, we have added that as an
alias to <code class="docutils literal"><span class="pre">info</span></code> on all <code class="docutils literal"><span class="pre">gnt-*</span></code> commands.</p>
<p>The <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">grow-disk</span></code> command has a new mode in which it can
accept the target size of the disk, instead of the delta; this can be
more safe since two runs in absolute mode will be idempotent, and
sometimes it’s also easier to specify the desired size directly.</p>
<p>Also the handling of instances with regard to offline secondaries has
been improved. Instance operations should not fail because one of it’s
secondary nodes is offline, even though it’s safe to proceed.</p>
<p>A new command <code class="docutils literal"><span class="pre">list-drbd</span></code> has been added to the <code class="docutils literal"><span class="pre">gnt-node</span></code> script to
support debugging of DRBD issues on nodes. It provides a mapping of DRBD
minors to instance name.</p>
</div>
<div class="section" id="api-changes">
<h3>API changes<a class="headerlink" href="#api-changes" title="Permalink to this headline"></a></h3>
<p>RAPI coverage has improved, with (for example) new resources for
recreate-disks, node power-cycle, etc.</p>
</div>
<div class="section" id="compatibility">
<h3>Compatibility<a class="headerlink" href="#compatibility" title="Permalink to this headline"></a></h3>
<p>There is partial support for <code class="docutils literal"><span class="pre">xl</span></code> in the Xen hypervisor; feedback is
welcome.</p>
<p>Python 2.7 is better supported, and after Ganeti 2.6 we will investigate
whether to still support Python 2.4 or move to Python 2.6 as minimum
required version.</p>
<p>Support for Fedora has been slightly improved; the provided example
init.d script should work better on it and the INSTALL file should
document the needed dependencies.</p>
</div>
<div class="section" id="internal-changes">
<h3>Internal changes<a class="headerlink" href="#internal-changes" title="Permalink to this headline"></a></h3>
<p>The deprecated <code class="docutils literal"><span class="pre">QueryLocks</span></code> LUXI request has been removed. Use
<code class="docutils literal"><span class="pre">Query(what=QR_LOCK,</span> <span class="pre">...)</span></code> instead.</p>
<p>The LUXI requests <code class="docutils literal"><span class="pre">QueryJobs</span></code>,
<code class="docutils literal"><span class="pre">QueryInstances</span></code>, <code class="docutils literal"><span class="pre">QueryNodes</span></code>,
<code class="docutils literal"><span class="pre">QueryGroups</span></code>, <code class="docutils literal"><span class="pre">QueryExports</span></code> and
<code class="docutils literal"><span class="pre">QueryTags</span></code> are deprecated and will be removed in a
future version. <code class="docutils literal"><span class="pre">Query</span></code> should be used instead.</p>
<p>RAPI client: <code class="docutils literal"><span class="pre">CertificateError</span></code> now derives from
<code class="docutils literal"><span class="pre">GanetiApiError</span></code>. This should make it more easy to handle Ganeti
errors.</p>
<p>Deprecation warnings due to PyCrypto/paramiko import in
<code class="docutils literal"><span class="pre">tools/setup-ssh</span></code> have been silenced, as usually they are safe; please
make sure to run an up-to-date paramiko version, if you use this tool.</p>
<p>The QA scripts now depend on Python 2.5 or above (the main code base
still works with Python 2.4).</p>
<p>The configuration file (<code class="docutils literal"><span class="pre">config.data</span></code>) is now written without
indentation for performance reasons; if you want to edit it, it can be
re-formatted via <code class="docutils literal"><span class="pre">tools/fmtjson</span></code>.</p>
<p>A number of bugs has been fixed in the cluster merge tool.</p>
<p><code class="docutils literal"><span class="pre">x509</span></code> certification verification (used in import-export) has been
changed to allow the same clock skew as permitted by the cluster
verification. This will remove some rare but hard to diagnose errors in
import-export.</p>
</div>
</div>
<div class="section" id="version-2-6-0-rc4">
<h2>Version 2.6.0 rc4<a class="headerlink" href="#version-2-6-0-rc4" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 19 Jul 2012)</em></p>
<p>Very few changes from rc4 to the final release, only bugfixes:</p>
<ul class="simple">
<li>integrated fixes from release 2.5.2 (fix general boot flag for KVM
instance, fix CDROM booting for KVM instances)</li>
<li>fixed node group modification of node parameters</li>
<li>fixed issue in LUClusterVerifyGroup with multi-group clusters</li>
<li>fixed generation of bash completion to ensure a stable ordering</li>
<li>fixed a few typos</li>
</ul>
</div>
<div class="section" id="version-2-6-0-rc3">
<h2>Version 2.6.0 rc3<a class="headerlink" href="#version-2-6-0-rc3" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 13 Jul 2012)</em></p>
<p>Third release candidate for 2.6. The following changes were done from
rc3 to rc4:</p>
<ul class="simple">
<li>Fixed <code class="docutils literal"><span class="pre">UpgradeConfig</span></code> w.r.t. to disk parameters on disk objects.</li>
<li>Fixed an inconsistency in the LUXI protocol with the provided
arguments (NOT backwards compatible)</li>
<li>Fixed a bug with node groups ipolicy where <code class="docutils literal"><span class="pre">min</span></code> was greater than
the cluster <code class="docutils literal"><span class="pre">std</span></code> value</li>
<li>Implemented a new <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list-drbd</span></code> call to list DRBD minors for
easier instance debugging on nodes (requires <code class="docutils literal"><span class="pre">hconfd</span></code> to work)</li>
</ul>
</div>
<div class="section" id="version-2-6-0-rc2">
<h2>Version 2.6.0 rc2<a class="headerlink" href="#version-2-6-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 03 Jul 2012)</em></p>
<p>Second release candidate for 2.6. The following changes were done from
rc2 to rc3:</p>
<ul class="simple">
<li>Fixed <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code> regarding <code class="docutils literal"><span class="pre">master-ip-script</span></code> on non
master candidates</li>
<li>Fixed a RAPI regression on missing beparams/memory</li>
<li>Fixed redistribution of files on offline nodes</li>
<li>Added possibility to run activate-disks even though secondaries are
offline. With this change it relaxes also the strictness on some other
commands which use activate disks internally:
* <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">start|reboot|rename|backup|export</span></code></li>
<li>Made it possible to remove safely an instance if its secondaries are
offline</li>
<li>Made it possible to reinstall even though secondaries are offline</li>
</ul>
</div>
<div class="section" id="version-2-6-0-rc1">
<h2>Version 2.6.0 rc1<a class="headerlink" href="#version-2-6-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 25 Jun 2012)</em></p>
<p>First release candidate for 2.6. The following changes were done from
rc1 to rc2:</p>
<ul class="simple">
<li>Fixed bugs with disk parameters and <code class="docutils literal"><span class="pre">rbd</span></code> templates as well as
<code class="docutils literal"><span class="pre">instance_os_add</span></code></li>
<li>Made <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">modify</span></code> more consistent regarding new NIC/Disk
behaviour. It supports now the modify operation</li>
<li><code class="docutils literal"><span class="pre">hcheck</span></code> implemented to analyze cluster health and possibility of
improving health by rebalance</li>
<li><code class="docutils literal"><span class="pre">hbal</span></code> has been improved in dealing with split instances</li>
</ul>
</div>
<div class="section" id="version-2-6-0-beta2">
<h2>Version 2.6.0 beta2<a class="headerlink" href="#version-2-6-0-beta2" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 11 Jun 2012)</em></p>
<p>Second beta release of 2.6. The following changes were done from beta2
to rc1:</p>
<ul class="simple">
<li>Fixed <code class="docutils literal"><span class="pre">daemon-util</span></code> with non-root user models</li>
<li>Fixed creation of plain instances with <code class="docutils literal"><span class="pre">--no-wait-for-sync</span></code></li>
<li>Fix wrong iv_names when running <code class="docutils literal"><span class="pre">cfgupgrade</span></code></li>
<li>Export more information in RAPI group queries</li>
<li>Fixed bug when changing instance network interfaces</li>
<li>Extended burnin to do NIC changes</li>
<li>query: Added <code class="docutils literal"><span class="pre">&lt;</span></code>, <code class="docutils literal"><span class="pre">&gt;</span></code>, <code class="docutils literal"><span class="pre">&lt;=</span></code>, <code class="docutils literal"><span class="pre">&gt;=</span></code> comparison operators</li>
<li>Changed default for DRBD barriers</li>
<li>Fixed DRBD error reporting for syncer rate</li>
<li>Verify the options on disk parameters</li>
</ul>
<p>And of course various fixes to documentation and improved unittests and
QA.</p>
</div>
<div class="section" id="version-2-6-0-beta1">
<h2>Version 2.6.0 beta1<a class="headerlink" href="#version-2-6-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 23 May 2012)</em></p>
<p>First beta release of 2.6. The following changes were done from beta1 to
beta2:</p>
<ul class="simple">
<li>integrated patch for distributions without <code class="docutils literal"><span class="pre">start-stop-daemon</span></code></li>
<li>adapted example init.d script to work on Fedora</li>
<li>fixed log handling in Haskell daemons</li>
<li>adapted checks in the watcher for pycurl linked against libnss</li>
<li>add partial support for <code class="docutils literal"><span class="pre">xl</span></code> instead of <code class="docutils literal"><span class="pre">xm</span></code> for Xen</li>
<li>fixed a type issue in cluster verification</li>
<li>fixed ssconf handling in the Haskell code (was breaking confd in IPv6
clusters)</li>
</ul>
<p>Plus integrated fixes from the 2.5 branch:</p>
<ul class="simple">
<li>fixed <code class="docutils literal"><span class="pre">kvm-ifup</span></code> to use <code class="docutils literal"><span class="pre">/bin/bash</span></code></li>
<li>fixed parallel build failures</li>
<li>KVM live migration when using a custom keymap</li>
</ul>
</div>
<div class="section" id="version-2-5-2">
<h2>Version 2.5.2<a class="headerlink" href="#version-2-5-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 24 Jul 2012)</em></p>
<p>A small bugfix release, with no new features:</p>
<ul class="simple">
<li>fixed bash-isms in kvm-ifup, for compatibility with systems which use a
different default shell (e.g. Debian, Ubuntu)</li>
<li>fixed KVM startup and live migration with a custom keymap (fixes Issue
243 and Debian bug #650664)</li>
<li>fixed compatibility with KVM versions that don’t support multiple boot
devices (fixes Issue 230 and Debian bug #624256)</li>
</ul>
<p>Additionally, a few fixes were done to the build system (fixed parallel
build failures) and to the unittests (fixed race condition in test for
FileID functions, and the default enable/disable mode for QA test is now
customisable).</p>
</div>
<div class="section" id="version-2-5-1">
<h2>Version 2.5.1<a class="headerlink" href="#version-2-5-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 11 May 2012)</em></p>
<p>A small bugfix release.</p>
<p>The main issues solved are on the topic of compatibility with newer LVM
releases:</p>
<ul class="simple">
<li>fixed parsing of <code class="docutils literal"><span class="pre">lv_attr</span></code> field</li>
<li>adapted to new <code class="docutils literal"><span class="pre">vgreduce</span> <span class="pre">--removemissing</span></code> behaviour where sometimes
the <code class="docutils literal"><span class="pre">--force</span></code> flag is needed</li>
</ul>
<p>Also on the topic of compatibility, <code class="docutils literal"><span class="pre">tools/lvmstrap</span></code> has been changed
to accept kernel 3.x too (was hardcoded to 2.6.*).</p>
<p>A regression present in 2.5.0 that broke handling (in the gnt-* scripts)
of hook results and that also made display of other errors suboptimal
was fixed; the code behaves now like 2.4 and earlier.</p>
<p>Another change in 2.5, the cleanup of the OS scripts environment, is too
aggressive: it removed even the <code class="docutils literal"><span class="pre">PATH</span></code> variable, which requires the OS
scripts to <em>always</em> need to export it. Since this is a bit too strict,
we now export a minimal PATH, the same that we export for hooks.</p>
<p>The fix for issue 201 (Preserve bridge MTU in KVM ifup script) was
integrated into this release.</p>
<p>Finally, a few other miscellaneous changes were done (no new features,
just small improvements):</p>
<ul class="simple">
<li>Fix <code class="docutils literal"><span class="pre">gnt-group</span> <span class="pre">--help</span></code> display</li>
<li>Fix hardcoded Xen kernel path</li>
<li>Fix grow-disk handling of invalid units</li>
<li>Update synopsis for <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">repair-disk-sizes</span></code></li>
<li>Accept both PUT and POST in noded (makes future upgrade to 2.6 easier)</li>
</ul>
</div>
<div class="section" id="version-2-5-0">
<h2>Version 2.5.0<a class="headerlink" href="#version-2-5-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 12 Apr 2012)</em></p>
<div class="section" id="incompatible-important-changes-and-bugfixes">
<h3>Incompatible/important changes and bugfixes<a class="headerlink" href="#incompatible-important-changes-and-bugfixes" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The default of the <code class="docutils literal"><span class="pre">/2/instances/[instance_name]/rename</span></code> RAPI
resource’s <code class="docutils literal"><span class="pre">ip_check</span></code> parameter changed from <code class="docutils literal"><span class="pre">True</span></code> to <code class="docutils literal"><span class="pre">False</span></code>
to match the underlying LUXI interface.</li>
<li>The <code class="docutils literal"><span class="pre">/2/nodes/[node_name]/evacuate</span></code> RAPI resource was changed to use
body parameters, see <a class="reference internal" href="rapi.html"><span class="doc">RAPI documentation</span></a>. The server does
not maintain backwards-compatibility as the underlying operation
changed in an incompatible way. The RAPI client can talk to old
servers, but it needs to be told so as the return value changed.</li>
<li>When creating file-based instances via RAPI, the <code class="docutils literal"><span class="pre">file_driver</span></code>
parameter no longer defaults to <code class="docutils literal"><span class="pre">loop</span></code> and must be specified.</li>
<li>The deprecated <code class="docutils literal"><span class="pre">bridge</span></code> NIC parameter is no longer supported. Use
<code class="docutils literal"><span class="pre">link</span></code> instead.</li>
<li>Support for the undocumented and deprecated RAPI instance creation
request format version 0 has been dropped. Use version 1, supported
since Ganeti 2.1.3 and <a class="reference internal" href="rapi.html"><span class="doc">documented</span></a>, instead.</li>
<li>Pyparsing 1.4.6 or above is required, see <a class="reference internal" href="install.html"><span class="doc">installation
documentation</span></a>.</li>
<li>The “cluster-verify” hooks are now executed per group by the
<code class="docutils literal"><span class="pre">OP_CLUSTER_VERIFY_GROUP</span></code> opcode. This maintains the same behavior
if you just run <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code>, which generates one opcode per
group.</li>
<li>The environment as passed to the OS scripts is cleared, and thus no
environment variables defined in the node daemon’s environment will be
inherited by the scripts.</li>
<li>The <a class="reference internal" href="iallocator.html"><span class="doc">iallocator</span></a> mode <code class="docutils literal"><span class="pre">multi-evacuate</span></code> has been
deprecated.</li>
<li><a class="reference internal" href="design-multi-reloc.html"><span class="doc">New iallocator modes</span></a> have been added to
support operations involving multiple node groups.</li>
<li>Offline nodes are ignored when failing over an instance.</li>
<li>Support for KVM version 1.0, which changed the version reporting format
from 3 to 2 digits.</li>
<li>TCP/IP ports used by DRBD disks are returned to a pool upon instance
removal.</li>
<li><code class="docutils literal"><span class="pre">Makefile</span></code> is now compatible with Automake 1.11.2</li>
<li>Includes all bugfixes made in the 2.4 series</li>
</ul>
</div>
<div class="section" id="id54">
<h3>New features<a class="headerlink" href="#id54" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>The ganeti-htools project has been merged into the ganeti-core source
tree and will be built as part of Ganeti (see <a class="reference internal" href="install-quick.html"><span class="doc">Ganeti quick installation guide</span></a>).</li>
<li>Implemented support for <a class="reference internal" href="design-shared-storage.html"><span class="doc">shared storage</span></a>.</li>
<li>Add support for disks larger than 2 TB in <code class="docutils literal"><span class="pre">lvmstrap</span></code> by supporting
GPT-style partition tables (requires <a class="reference external" href="http://www.gnu.org/s/parted/">parted</a>).</li>
<li>Added support for floppy drive and 2nd CD-ROM drive in KVM hypervisor.</li>
<li>Allowed adding tags on instance creation.</li>
<li>Export instance tags to hooks (<code class="docutils literal"><span class="pre">INSTANCE_TAGS</span></code>, see <a class="reference internal" href="hooks.html"><span class="doc">Ganeti customisation using hooks</span></a>)</li>
<li>Allow instances to be started in a paused state, enabling the user to
see the complete console output on boot using the console.</li>
<li>Added new hypervisor flag to control default reboot behaviour
(<code class="docutils literal"><span class="pre">reboot_behavior</span></code>).</li>
<li>Added support for KVM keymaps (hypervisor parameter <code class="docutils literal"><span class="pre">keymap</span></code>).</li>
<li>Improved out-of-band management support:<ul>
<li>Added <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">health</span></code> command reporting the health status of
nodes.</li>
<li>Added <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">power</span></code> command to manage power status of nodes.</li>
<li>Added command for emergency power-off (EPO), <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">epo</span></code>.</li>
</ul>
</li>
<li>Instance migration can fall back to failover if instance is not
running.</li>
<li>Filters can be used when listing nodes, instances, groups and locks;
see <em class="manpage">ganeti(7)</em> manpage.</li>
<li>Added post-execution status as variables to <a class="reference internal" href="hooks.html"><span class="doc">hooks</span></a>
environment.</li>
<li>Instance tags are exported/imported together with the instance.</li>
<li>When given an explicit job ID, <code class="docutils literal"><span class="pre">gnt-job</span> <span class="pre">info</span></code> will work for archived
jobs.</li>
<li>Jobs can define dependencies on other jobs (not yet supported via
RAPI or command line, but used by internal commands and usable via
LUXI).<ul>
<li>Lock monitor (<code class="docutils literal"><span class="pre">gnt-debug</span> <span class="pre">locks</span></code>) shows jobs waiting for
dependencies.</li>
</ul>
</li>
<li>Instance failover is now available as a RAPI resource
(<code class="docutils literal"><span class="pre">/2/instances/[instance_name]/failover</span></code>).</li>
<li><code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">info</span></code> defaults to static information if primary node
is offline.</li>
<li>Opcodes have a new <code class="docutils literal"><span class="pre">comment</span></code> attribute.</li>
<li>Added basic SPICE support to KVM hypervisor.</li>
<li><code class="docutils literal"><span class="pre">tools/ganeti-listrunner</span></code> allows passing of arguments to executable.</li>
</ul>
</div>
<div class="section" id="node-group-improvements">
<h3>Node group improvements<a class="headerlink" href="#node-group-improvements" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code> has been modified to check groups separately,
thereby improving performance.</li>
<li>Node group support has been added to <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify-disks</span></code>,
which now operates per node group.</li>
<li>Watcher has been changed to work better with node groups.<ul>
<li>One process and state file per node group.</li>
<li>Slow watcher in one group doesn’t block other group’s watcher.</li>
</ul>
</li>
<li>Added new command, <code class="docutils literal"><span class="pre">gnt-group</span> <span class="pre">evacuate</span></code>, to move all instances in a
node group to other groups.</li>
<li>Added <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">change-group</span></code> to move an instance to another
node group.</li>
<li><code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">command</span></code> and <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">copyfile</span></code> now support
per-group operations.</li>
<li>Node groups can be tagged.</li>
<li>Some operations switch from an exclusive to a shared lock as soon as
possible.</li>
<li>Instance’s primary and secondary nodes’ groups are now available as
query fields (<code class="docutils literal"><span class="pre">pnode.group</span></code>, <code class="docutils literal"><span class="pre">pnode.group.uuid</span></code>, <code class="docutils literal"><span class="pre">snodes.group</span></code>
and <code class="docutils literal"><span class="pre">snodes.group.uuid</span></code>).</li>
</ul>
</div>
<div class="section" id="misc">
<h3>Misc<a class="headerlink" href="#misc" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Numerous updates to documentation and manpages.<ul>
<li><a class="reference internal" href="rapi.html"><span class="doc">RAPI</span></a> documentation now has detailed parameter
descriptions.</li>
<li>Some opcode/job results are now also documented, see <a class="reference internal" href="rapi.html"><span class="doc">RAPI</span></a>.</li>
</ul>
</li>
<li>A lockset’s internal lock is now also visible in lock monitor.</li>
<li>Log messages from job queue workers now contain information about the
opcode they’re processing.</li>
<li><code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">console</span></code> no longer requires the instance lock.</li>
<li>A short delay when waiting for job changes reduces the number of LUXI
requests significantly.</li>
<li>DRBD metadata volumes are overwritten with zeros during disk creation.</li>
<li>Out-of-band commands no longer acquire the cluster lock in exclusive
mode.</li>
<li><code class="docutils literal"><span class="pre">devel/upload</span></code> now uses correct permissions for directories.</li>
</ul>
</div>
</div>
<div class="section" id="version-2-5-0-rc6">
<h2>Version 2.5.0 rc6<a class="headerlink" href="#version-2-5-0-rc6" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 23 Mar 2012)</em></p>
<p>This was the sixth release candidate of the 2.5 series.</p>
</div>
<div class="section" id="version-2-5-0-rc5">
<h2>Version 2.5.0 rc5<a class="headerlink" href="#version-2-5-0-rc5" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 9 Jan 2012)</em></p>
<p>This was the fifth release candidate of the 2.5 series.</p>
</div>
<div class="section" id="version-2-5-0-rc4">
<h2>Version 2.5.0 rc4<a class="headerlink" href="#version-2-5-0-rc4" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 27 Oct 2011)</em></p>
<p>This was the fourth release candidate of the 2.5 series.</p>
</div>
<div class="section" id="version-2-5-0-rc3">
<h2>Version 2.5.0 rc3<a class="headerlink" href="#version-2-5-0-rc3" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 26 Oct 2011)</em></p>
<p>This was the third release candidate of the 2.5 series.</p>
</div>
<div class="section" id="version-2-5-0-rc2">
<h2>Version 2.5.0 rc2<a class="headerlink" href="#version-2-5-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 18 Oct 2011)</em></p>
<p>This was the second release candidate of the 2.5 series.</p>
</div>
<div class="section" id="version-2-5-0-rc1">
<h2>Version 2.5.0 rc1<a class="headerlink" href="#version-2-5-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 4 Oct 2011)</em></p>
<p>This was the first release candidate of the 2.5 series.</p>
</div>
<div class="section" id="version-2-5-0-beta3">
<h2>Version 2.5.0 beta3<a class="headerlink" href="#version-2-5-0-beta3" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 31 Aug 2011)</em></p>
<p>This was the third beta release of the 2.5 series.</p>
</div>
<div class="section" id="version-2-5-0-beta2">
<h2>Version 2.5.0 beta2<a class="headerlink" href="#version-2-5-0-beta2" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 22 Aug 2011)</em></p>
<p>This was the second beta release of the 2.5 series.</p>
</div>
<div class="section" id="version-2-5-0-beta1">
<h2>Version 2.5.0 beta1<a class="headerlink" href="#version-2-5-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 12 Aug 2011)</em></p>
<p>This was the first beta release of the 2.5 series.</p>
</div>
<div class="section" id="version-2-4-5">
<h2>Version 2.4.5<a class="headerlink" href="#version-2-4-5" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 27 Oct 2011)</em></p>
<ul class="simple">
<li>Fixed bug when parsing command line parameter values ending in
backslash</li>
<li>Fixed assertion error after unclean master shutdown</li>
<li>Disable HTTP client pool for RPC, significantly reducing memory usage
of master daemon</li>
<li>Fixed queue archive creation with wrong permissions</li>
</ul>
</div>
<div class="section" id="version-2-4-4">
<h2>Version 2.4.4<a class="headerlink" href="#version-2-4-4" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 23 Aug 2011)</em></p>
<p>Small bug-fixes:</p>
<ul class="simple">
<li>Fixed documentation for importing with <code class="docutils literal"><span class="pre">--src-dir</span></code> option</li>
<li>Fixed a bug in <code class="docutils literal"><span class="pre">ensure-dirs</span></code> with queue/archive permissions</li>
<li>Fixed a parsing issue with DRBD 8.3.11 in the Linux kernel</li>
</ul>
</div>
<div class="section" id="version-2-4-3">
<h2>Version 2.4.3<a class="headerlink" href="#version-2-4-3" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 5 Aug 2011)</em></p>
<p>Many bug-fixes and a few small features:</p>
<ul class="simple">
<li>Fixed argument order in <code class="docutils literal"><span class="pre">ReserveLV</span></code> and <code class="docutils literal"><span class="pre">ReserveMAC</span></code> which caused
issues when you tried to add an instance with two MAC addresses in one
request</li>
<li>KVM: fixed per-instance stored UID value</li>
<li>KVM: configure bridged NICs at migration start</li>
<li>KVM: Fix a bug where instance will not start with never KVM versions
(&gt;= 0.14)</li>
<li>Added OS search path to <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">info</span></code></li>
<li>Fixed an issue with <code class="docutils literal"><span class="pre">file_storage_dir</span></code> where you were forced to
provide an absolute path, but the documentation states it is a
relative path, the documentation was right</li>
<li>Added a new parameter to instance stop/start called <code class="docutils literal"><span class="pre">--no-remember</span></code>
that will make the state change to not be remembered</li>
<li>Implemented <code class="docutils literal"><span class="pre">no_remember</span></code> at RAPI level</li>
<li>Improved the documentation</li>
<li>Node evacuation: don’t call IAllocator if node is already empty</li>
<li>Fixed bug in DRBD8 replace disks on current nodes</li>
<li>Fixed bug in recreate-disks for DRBD instances</li>
<li>Moved assertion checking locks in <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">replace-disks</span></code>
causing it to abort with not owning the right locks for some situation</li>
<li>Job queue: Fixed potential race condition when cancelling queued jobs</li>
<li>Fixed off-by-one bug in job serial generation</li>
<li><code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">volumes</span></code>: Fix instance names</li>
<li>Fixed aliases in bash completion</li>
<li>Fixed a bug in reopening log files after being sent a SIGHUP</li>
<li>Added a flag to burnin to allow specifying VCPU count</li>
<li>Bugfixes to non-root Ganeti configuration</li>
</ul>
</div>
<div class="section" id="version-2-4-2">
<h2>Version 2.4.2<a class="headerlink" href="#version-2-4-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 12 May 2011)</em></p>
<p>Many bug-fixes and a few new small features:</p>
<ul class="simple">
<li>Fixed a bug related to log opening failures</li>
<li>Fixed a bug in instance listing with orphan instances</li>
<li>Fixed a bug which prevented resetting the cluster-level node parameter
<code class="docutils literal"><span class="pre">oob_program</span></code> to the default</li>
<li>Many fixes related to the <code class="docutils literal"><span class="pre">cluster-merge</span></code> tool</li>
<li>Fixed a race condition in the lock monitor, which caused failures
during (at least) creation of many instances in parallel</li>
<li>Improved output for gnt-job info</li>
<li>Removed the quiet flag on some ssh calls which prevented debugging
failures</li>
<li>Improved the N+1 failure messages in cluster verify by actually
showing the memory values (needed and available)</li>
<li>Increased lock attempt timeouts so that when executing long operations
(e.g. DRBD replace-disks) other jobs do not enter ‘blocking acquire’
too early and thus prevent the use of the ‘fair’ mechanism</li>
<li>Changed instance query data (<code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">info</span></code>) to not acquire
locks unless needed, thus allowing its use on locked instance if only
static information is asked for</li>
<li>Improved behaviour with filesystems that do not support rename on an
opened file</li>
<li>Fixed the behaviour of <code class="docutils literal"><span class="pre">prealloc_wipe_disks</span></code> cluster parameter which
kept locks on all nodes during the wipe, which is unneeded</li>
<li>Fixed <code class="docutils literal"><span class="pre">gnt-watcher</span></code> handling of errors during hooks execution</li>
<li>Fixed bug in <code class="docutils literal"><span class="pre">prealloc_wipe_disks</span></code> with small disk sizes (less than
10GiB) which caused the wipe to fail right at the end in some cases</li>
<li>Fixed master IP activation when doing master failover with no-voting</li>
<li>Fixed bug in <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">add</span> <span class="pre">--readd</span></code> which allowed the re-adding of
the master node itself</li>
<li>Fixed potential data-loss in under disk full conditions, where Ganeti
wouldn’t check correctly the return code and would consider
partially-written files ‘correct’</li>
<li>Fixed bug related to multiple VGs and DRBD disk replacing</li>
<li>Added new disk parameter <code class="docutils literal"><span class="pre">metavg</span></code> that allows placement of the meta
device for DRBD in a different volume group</li>
<li>Fixed error handling in the node daemon when the system libc doesn’t
have major number 6 (i.e. if <code class="docutils literal"><span class="pre">libc.so.6</span></code> is not the actual libc)</li>
<li>Fixed lock release during replace-disks, which kept cluster-wide locks
when doing disk replaces with an iallocator script</li>
<li>Added check for missing bridges in cluster verify</li>
<li>Handle EPIPE errors while writing to the terminal better, so that
piping the output to e.g. <code class="docutils literal"><span class="pre">less</span></code> doesn’t cause a backtrace</li>
<li>Fixed rare case where a ^C during Luxi calls could have been
interpreted as server errors, instead of simply terminating</li>
<li>Fixed a race condition in LUGroupAssignNodes (<code class="docutils literal"><span class="pre">gnt-group</span>
<span class="pre">assign-nodes</span></code>)</li>
<li>Added a few more parameters to the KVM hypervisor, allowing a second
CDROM, custom disk type for CDROMs and a floppy image</li>
<li>Removed redundant message in instance rename when the name is given
already as a FQDN</li>
<li>Added option to <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">recreate-disks</span></code> to allow creating the
disks on new nodes, allowing recreation when the original instance
nodes are completely gone</li>
<li>Added option when converting disk templates to DRBD to skip waiting
for the resync, in order to make the instance available sooner</li>
<li>Added two new variables to the OS scripts environment (containing the
instance’s nodes)</li>
<li>Made the root_path and optional parameter for the xen-pvm hypervisor,
to allow use of <code class="docutils literal"><span class="pre">pvgrub</span></code> as bootloader</li>
<li>Changed the instance memory modifications to only check out-of-memory
conditions on memory increases, and turned the secondary node warnings
into errors (they can still be overridden via <code class="docutils literal"><span class="pre">--force</span></code>)</li>
<li>Fixed the handling of a corner case when the Python installation gets
corrupted (e.g. a bad disk) while ganeti-noded is running and we try
to execute a command that doesn’t exist</li>
<li>Fixed a bug in <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">move</span></code> (LUInstanceMove) when the primary
node of the instance returned failures during instance shutdown; this
adds the option <code class="docutils literal"><span class="pre">--ignore-consistency</span></code> to gnt-instance move</li>
</ul>
<p>And as usual, various improvements to the error messages, documentation
and man pages.</p>
</div>
<div class="section" id="version-2-4-1">
<h2>Version 2.4.1<a class="headerlink" href="#version-2-4-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 09 Mar 2011)</em></p>
<p>Emergency bug-fix release. <code class="docutils literal"><span class="pre">tools/cfgupgrade</span></code> was broken and overwrote
the RAPI users file if run twice (even with <code class="docutils literal"><span class="pre">--dry-run</span></code>).</p>
<p>The release fixes that bug (nothing else changed).</p>
</div>
<div class="section" id="version-2-4-0">
<h2>Version 2.4.0<a class="headerlink" href="#version-2-4-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 07 Mar 2011)</em></p>
<p>Final 2.4.0 release. Just a few small fixes:</p>
<ul class="simple">
<li>Fixed RAPI node evacuate</li>
<li>Fixed the kvm-ifup script</li>
<li>Fixed internal error handling for special job cases</li>
<li>Updated man page to specify the escaping feature for options</li>
</ul>
</div>
<div class="section" id="version-2-4-0-rc3">
<h2>Version 2.4.0 rc3<a class="headerlink" href="#version-2-4-0-rc3" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 28 Feb 2011)</em></p>
<p>A critical fix for the <code class="docutils literal"><span class="pre">prealloc_wipe_disks</span></code> feature: it is possible
that this feature wiped the disks of the wrong instance, leading to loss
of data.</p>
<p>Other changes:</p>
<ul class="simple">
<li>Fixed title of query field containing instance name</li>
<li>Expanded the glossary in the documentation</li>
<li>Fixed one unittest (internal issue)</li>
</ul>
</div>
<div class="section" id="version-2-4-0-rc2">
<h2>Version 2.4.0 rc2<a class="headerlink" href="#version-2-4-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 21 Feb 2011)</em></p>
<p>A number of bug fixes plus just a couple functionality changes.</p>
<p>On the user-visible side, the <code class="docutils literal"><span class="pre">gnt-*</span> <span class="pre">list</span></code> command output has changed
with respect to “special” field states. The current rc1 style of display
can be re-enabled by passing a new <code class="docutils literal"><span class="pre">--verbose</span></code> (<code class="docutils literal"><span class="pre">-v</span></code>) flag, but in
the default output mode special fields states are displayed as follows:</p>
<ul class="simple">
<li>Offline resource: <code class="docutils literal"><span class="pre">*</span></code></li>
<li>Unavailable/not applicable: <code class="docutils literal"><span class="pre">-</span></code></li>
<li>Data missing (RPC failure): <code class="docutils literal"><span class="pre">?</span></code></li>
<li>Unknown field: <code class="docutils literal"><span class="pre">??</span></code></li>
</ul>
<p>Another user-visible change is the addition of <code class="docutils literal"><span class="pre">--force-join</span></code> to
<code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">add</span></code>.</p>
<p>As for bug fixes:</p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">tools/cluster-merge</span></code> has seen many fixes and is now enabled again</li>
<li>Fixed regression in RAPI/instance reinstall where all parameters were
required (instead of optional)</li>
<li>Fixed <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">repair-disk-sizes</span></code>, was broken since Ganeti 2.2</li>
<li>Fixed iallocator usage (offline nodes were not considered offline)</li>
<li>Fixed <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list</span></code> with respect to non-vm_capable nodes</li>
<li>Fixed hypervisor and OS parameter validation with respect to
non-vm_capable nodes</li>
<li>Fixed <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code> with respect to offline nodes (mostly
cosmetic)</li>
<li>Fixed <code class="docutils literal"><span class="pre">tools/listrunner</span></code> with respect to agent-based usage</li>
</ul>
</div>
<div class="section" id="version-2-4-0-rc1">
<h2>Version 2.4.0 rc1<a class="headerlink" href="#version-2-4-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri,  4 Feb 2011)</em></p>
<p>Many changes and fixes since the beta1 release. While there were some
internal changes, the code has been mostly stabilised for the RC
release.</p>
<p>Note: the dumb allocator was removed in this release, as it was not kept
up-to-date with the IAllocator protocol changes. It is recommended to
use the <code class="docutils literal"><span class="pre">hail</span></code> command from the ganeti-htools package.</p>
<p>Note: the 2.4 and up versions of Ganeti are not compatible with the
0.2.x branch of ganeti-htools. You need to upgrade to
ganeti-htools-0.3.0 (or later).</p>
<div class="section" id="regressions-fixed-from-2-3">
<h3>Regressions fixed from 2.3<a class="headerlink" href="#regressions-fixed-from-2-3" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Fixed the <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify-disks</span></code> command</li>
<li>Made <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify-disks</span></code> work in parallel (as opposed to
serially on nodes)</li>
<li>Fixed disk adoption breakage</li>
<li>Fixed wrong headers in instance listing for field aliases</li>
</ul>
</div>
<div class="section" id="other-bugs-fixed">
<h3>Other bugs fixed<a class="headerlink" href="#other-bugs-fixed" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Fixed corner case in KVM handling of NICs</li>
<li>Fixed many cases of wrong handling of non-vm_capable nodes</li>
<li>Fixed a bug where a missing instance symlink was not possible to
recreate with any <code class="docutils literal"><span class="pre">gnt-*</span></code> command (now <code class="docutils literal"><span class="pre">gnt-instance</span>
<span class="pre">activate-disks</span></code> does it)</li>
<li>Fixed the volume group name as reported by <code class="docutils literal"><span class="pre">gnt-cluster</span>
<span class="pre">verify-disks</span></code></li>
<li>Increased timeouts for the import-export code, hopefully leading to
fewer aborts due network or instance timeouts</li>
<li>Fixed bug in <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list-storage</span></code></li>
<li>Fixed bug where not all daemons were started on cluster
initialisation, but only at the first watcher run</li>
<li>Fixed many bugs in the OOB implementation</li>
<li>Fixed watcher behaviour in presence of instances with offline
secondaries</li>
<li>Fixed instance list output for instances running on the wrong node</li>
<li>a few fixes to the cluster-merge tool, but it still cannot merge
multi-node groups (currently it is not recommended to use this tool)</li>
</ul>
</div>
<div class="section" id="improvements">
<h3>Improvements<a class="headerlink" href="#improvements" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Improved network configuration for the KVM hypervisor</li>
<li>Added e1000 as a supported NIC for Xen-HVM</li>
<li>Improved the lvmstrap tool to also be able to use partitions, as
opposed to full disks</li>
<li>Improved speed of disk wiping (the cluster parameter
<code class="docutils literal"><span class="pre">prealloc_wipe_disks</span></code>, so that it has a low impact on the total time
of instance creations</li>
<li>Added documentation for the OS parameters</li>
<li>Changed <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">deactivate-disks</span></code> so that it can work if the
hypervisor is not responding</li>
<li>Added display of blacklisted and hidden OS information in
<code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">info</span></code></li>
<li>Extended <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code> to also validate hypervisor, backend,
NIC and node parameters, which might create problems with currently
invalid (but undetected) configuration files, but prevents validation
failures when unrelated parameters are modified</li>
<li>Changed cluster initialisation to wait for the master daemon to become
available</li>
<li>Expanded the RAPI interface:<ul>
<li>Added config redistribution resource</li>
<li>Added activation/deactivation of instance disks</li>
<li>Added export of console information</li>
</ul>
</li>
<li>Implemented log file reopening on SIGHUP, which allows using
logrotate(8) for the Ganeti log files</li>
<li>Added a basic OOB helper script as an example</li>
</ul>
</div>
</div>
<div class="section" id="version-2-4-0-beta1">
<h2>Version 2.4.0 beta1<a class="headerlink" href="#version-2-4-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 14 Jan 2011)</em></p>
<div class="section" id="user-visible">
<h3>User-visible<a class="headerlink" href="#user-visible" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Fixed timezone issues when formatting timestamps</li>
<li>Added support for node groups, available via <code class="docutils literal"><span class="pre">gnt-group</span></code> and other
commands</li>
<li>Added out-of-band framework and management, see <a class="reference internal" href="design-oob.html"><span class="doc">design
document</span></a></li>
<li>Removed support for roman numbers from <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list</span></code> and
<code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">list</span></code>.</li>
<li>Allowed modification of master network interface via <code class="docutils literal"><span class="pre">gnt-cluster</span>
<span class="pre">modify</span> <span class="pre">--master-netdev</span></code></li>
<li>Accept offline secondaries while shutting down instance disks</li>
<li>Added <code class="docutils literal"><span class="pre">blockdev_prefix</span></code> parameter to Xen PVM and HVM hypervisors</li>
<li>Added support for multiple LVM volume groups</li>
<li>Avoid sorting nodes for <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list</span></code> if specific nodes are
requested</li>
<li>Added commands to list available fields:<ul>
<li><code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list-fields</span></code></li>
<li><code class="docutils literal"><span class="pre">gnt-group</span> <span class="pre">list-fields</span></code></li>
<li><code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">list-fields</span></code></li>
</ul>
</li>
<li>Updated documentation and man pages</li>
</ul>
</div>
<div class="section" id="integration">
<h3>Integration<a class="headerlink" href="#integration" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Moved <code class="docutils literal"><span class="pre">rapi_users</span></code> file into separate directory, now named
<code class="docutils literal"><span class="pre">.../ganeti/rapi/users</span></code>, <code class="docutils literal"><span class="pre">cfgupgrade</span></code> moves the file and creates a
symlink</li>
<li>Added new tool for running commands on many machines,
<code class="docutils literal"><span class="pre">tools/ganeti-listrunner</span></code></li>
<li>Implemented more verbose result in <code class="docutils literal"><span class="pre">OpInstanceConsole</span></code> opcode, also
improving the <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">console</span></code> output</li>
<li>Allowed customisation of disk index separator at <code class="docutils literal"><span class="pre">configure</span></code> time</li>
<li>Export node group allocation policy to <a class="reference internal" href="iallocator.html"><span class="doc">iallocator</span></a></li>
<li>Added support for non-partitioned md disks in <code class="docutils literal"><span class="pre">lvmstrap</span></code></li>
<li>Added script to gracefully power off KVM instances</li>
<li>Split <code class="docutils literal"><span class="pre">utils</span></code> module into smaller parts</li>
<li>Changed query operations to return more detailed information, e.g.
whether an information is unavailable due to an offline node. To use
this new functionality, the LUXI call <code class="docutils literal"><span class="pre">Query</span></code> must be used. Field
information is now stored by the master daemon and can be retrieved
using <code class="docutils literal"><span class="pre">QueryFields</span></code>. Instances, nodes and groups can also be queried
using the new opcodes <code class="docutils literal"><span class="pre">OpQuery</span></code> and <code class="docutils literal"><span class="pre">OpQueryFields</span></code> (not yet
exposed via RAPI). The following commands make use of this
infrastructure change:<ul>
<li><code class="docutils literal"><span class="pre">gnt-group</span> <span class="pre">list</span></code></li>
<li><code class="docutils literal"><span class="pre">gnt-group</span> <span class="pre">list-fields</span></code></li>
<li><code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list</span></code></li>
<li><code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list-fields</span></code></li>
<li><code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">list</span></code></li>
<li><code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">list-fields</span></code></li>
<li><code class="docutils literal"><span class="pre">gnt-debug</span> <span class="pre">locks</span></code></li>
</ul>
</li>
</ul>
</div>
<div class="section" id="remote-api">
<h3>Remote API<a class="headerlink" href="#remote-api" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>New RAPI resources (see <a class="reference internal" href="rapi.html"><span class="doc">Ganeti remote API</span></a>):<ul>
<li><code class="docutils literal"><span class="pre">/2/modify</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/groups</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/groups/[group_name]</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/groups/[group_name]/assign-nodes</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/groups/[group_name]/modify</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/groups/[group_name]/rename</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/instances/[instance_name]/disk/[disk_index]/grow</span></code></li>
</ul>
</li>
<li>RAPI changes:<ul>
<li>Implemented <code class="docutils literal"><span class="pre">no_install</span></code> for instance creation</li>
<li>Implemented OS parameters for instance reinstallation, allowing
use of special settings on reinstallation (e.g. for preserving data)</li>
</ul>
</li>
</ul>
</div>
<div class="section" id="id55">
<h3>Misc<a class="headerlink" href="#id55" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Added IPv6 support in import/export</li>
<li>Pause DRBD synchronization while wiping disks on instance creation</li>
<li>Updated unittests and QA scripts</li>
<li>Improved network parameters passed to KVM</li>
<li>Converted man pages from docbook to reStructuredText</li>
</ul>
</div>
</div>
<div class="section" id="version-2-3-1">
<h2>Version 2.3.1<a class="headerlink" href="#version-2-3-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 20 Dec 2010)</em></p>
<p>Released version 2.3.1~rc1 without any changes.</p>
</div>
<div class="section" id="version-2-3-1-rc1">
<h2>Version 2.3.1 rc1<a class="headerlink" href="#version-2-3-1-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 1 Dec 2010)</em></p>
<ul class="simple">
<li>impexpd: Disable OpenSSL compression in socat if possible (backport
from master, commit e90739d625b, see <a class="reference internal" href="install-quick.html"><span class="doc">installation guide</span></a> for details)</li>
<li>Changed unittest coverage report to exclude test scripts</li>
<li>Added script to check version format</li>
</ul>
</div>
<div class="section" id="version-2-3-0">
<h2>Version 2.3.0<a class="headerlink" href="#version-2-3-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 1 Dec 2010)</em></p>
<p>Released version 2.3.0~rc1 without any changes.</p>
</div>
<div class="section" id="version-2-3-0-rc1">
<h2>Version 2.3.0 rc1<a class="headerlink" href="#version-2-3-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 19 Nov 2010)</em></p>
<p>A number of bugfixes and documentation updates:</p>
<ul class="simple">
<li>Update ganeti-os-interface documentation</li>
<li>Fixed a bug related to duplicate MACs or similar items which should be
unique</li>
<li>Fix breakage in OS state modify</li>
<li>Reinstall instance: disallow offline secondaries (fixes bug related to
OS changing but reinstall failing)</li>
<li>plus all the other fixes between 2.2.1 and 2.2.2</li>
</ul>
</div>
<div class="section" id="version-2-3-0-rc0">
<h2>Version 2.3.0 rc0<a class="headerlink" href="#version-2-3-0-rc0" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 2 Nov 2010)</em></p>
<ul class="simple">
<li>Fixed clearing of the default iallocator using <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">modify</span></code></li>
<li>Fixed master failover race with watcher</li>
<li>Fixed a bug in <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">modify</span></code> which could lead to an inconsistent
configuration</li>
<li>Accept previously stopped instance for export with instance removal</li>
<li>Simplify and extend the environment variables for instance OS scripts</li>
<li>Added new node flags, <code class="docutils literal"><span class="pre">master_capable</span></code> and <code class="docutils literal"><span class="pre">vm_capable</span></code></li>
<li>Added optional instance disk wiping prior during allocation. This is a
cluster-wide option and can be set/modified using
<code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">{init,modify}</span> <span class="pre">--prealloc-wipe-disks</span></code>.</li>
<li>Added IPv6 support, see <a class="reference internal" href="design-2.3.html"><span class="doc">design document</span></a> and
<a class="reference internal" href="install-quick.html"><span class="doc">Ganeti quick installation guide</span></a></li>
<li>Added a new watcher option (<code class="docutils literal"><span class="pre">--ignore-pause</span></code>)</li>
<li>Added option to ignore offline node on instance start/stop
(<code class="docutils literal"><span class="pre">--ignore-offline</span></code>)</li>
<li>Allow overriding OS parameters with <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">reinstall</span></code></li>
<li>Added ability to change node’s secondary IP address using <code class="docutils literal"><span class="pre">gnt-node</span>
<span class="pre">modify</span></code></li>
<li>Implemented privilege separation for all daemons except
<code class="docutils literal"><span class="pre">ganeti-noded</span></code>, see <code class="docutils literal"><span class="pre">configure</span></code> options</li>
<li>Complain if an instance’s disk is marked faulty in <code class="docutils literal"><span class="pre">gnt-cluster</span>
<span class="pre">verify</span></code></li>
<li>Implemented job priorities (see <code class="docutils literal"><span class="pre">ganeti(7)</span></code> manpage)</li>
<li>Ignore failures while shutting down instances during failover from
offline node</li>
<li>Exit daemon’s bootstrap process only once daemon is ready</li>
<li>Export more information via <code class="docutils literal"><span class="pre">LUInstanceQuery</span></code>/remote API</li>
<li>Improved documentation, QA and unittests</li>
<li>RAPI daemon now watches <code class="docutils literal"><span class="pre">rapi_users</span></code> all the time and doesn’t need a
restart if the file was created or changed</li>
<li>Added LUXI protocol version sent with each request and response,
allowing detection of server/client mismatches</li>
<li>Moved the Python scripts among gnt-* and ganeti-* into modules</li>
<li>Moved all code related to setting up SSH to an external script,
<code class="docutils literal"><span class="pre">setup-ssh</span></code></li>
<li>Infrastructure changes for node group support in future versions</li>
</ul>
</div>
<div class="section" id="version-2-2-2">
<h2>Version 2.2.2<a class="headerlink" href="#version-2-2-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 19 Nov 2010)</em></p>
<p>A few small bugs fixed, and some improvements to the build system:</p>
<ul class="simple">
<li>Fix documentation regarding conversion to drbd</li>
<li>Fix validation of parameters in cluster modify (<code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">modify</span>
<span class="pre">-B</span></code>)</li>
<li>Fix error handling in node modify with multiple changes</li>
<li>Allow remote imports without checked names</li>
</ul>
</div>
<div class="section" id="version-2-2-1">
<h2>Version 2.2.1<a class="headerlink" href="#version-2-2-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 19 Oct 2010)</em></p>
<ul class="simple">
<li>Disable SSL session ID cache in RPC client</li>
</ul>
</div>
<div class="section" id="version-2-2-1-rc1">
<h2>Version 2.2.1 rc1<a class="headerlink" href="#version-2-2-1-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 14 Oct 2010)</em></p>
<ul class="simple">
<li>Fix interaction between Curl/GnuTLS and the Python’s HTTP server
(thanks Apollon Oikonomopoulos!), finally allowing the use of Curl
with GnuTLS</li>
<li>Fix problems with interaction between Curl and Python’s HTTP server,
resulting in increased speed in many RPC calls</li>
<li>Improve our release script to prevent breakage with older aclocal and
Python 2.6</li>
</ul>
</div>
<div class="section" id="version-2-2-1-rc0">
<h2>Version 2.2.1 rc0<a class="headerlink" href="#version-2-2-1-rc0" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 7 Oct 2010)</em></p>
<ul class="simple">
<li>Fixed issue 125, replace hardcoded “xenvg” in <code class="docutils literal"><span class="pre">gnt-cluster</span></code> with
value retrieved from master</li>
<li>Added support for blacklisted or hidden OS definitions</li>
<li>Added simple lock monitor (accessible via (<code class="docutils literal"><span class="pre">gnt-debug</span> <span class="pre">locks</span></code>)</li>
<li>Added support for -mem-path in KVM hypervisor abstraction layer</li>
<li>Allow overriding instance parameters in tool for inter-cluster
instance moves (<code class="docutils literal"><span class="pre">tools/move-instance</span></code>)</li>
<li>Improved opcode summaries (e.g. in <code class="docutils literal"><span class="pre">gnt-job</span> <span class="pre">list</span></code>)</li>
<li>Improve consistency of OS listing by sorting it</li>
<li>Documentation updates</li>
</ul>
</div>
<div class="section" id="version-2-2-0-1">
<h2>Version 2.2.0.1<a class="headerlink" href="#version-2-2-0-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 8 Oct 2010)</em></p>
<ul class="simple">
<li>Rebuild with a newer autotools version, to fix python 2.6 compatibility</li>
</ul>
</div>
<div class="section" id="version-2-2-0">
<h2>Version 2.2.0<a class="headerlink" href="#version-2-2-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 4 Oct 2010)</em></p>
<ul class="simple">
<li>Fixed regression in <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">rename</span></code></li>
</ul>
</div>
<div class="section" id="version-2-2-0-rc2">
<h2>Version 2.2.0 rc2<a class="headerlink" href="#version-2-2-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 22 Sep 2010)</em></p>
<ul class="simple">
<li>Fixed OS_VARIANT variable for OS scripts</li>
<li>Fixed cluster tag operations via RAPI</li>
<li>Made <code class="docutils literal"><span class="pre">setup-ssh</span></code> exit with non-zero code if an error occurred</li>
<li>Disabled RAPI CA checks in watcher</li>
</ul>
</div>
<div class="section" id="version-2-2-0-rc1">
<h2>Version 2.2.0 rc1<a class="headerlink" href="#version-2-2-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 23 Aug 2010)</em></p>
<ul class="simple">
<li>Support DRBD versions of the format “a.b.c.d”</li>
<li>Updated manpages</li>
<li>Re-introduce support for usage from multiple threads in RAPI client</li>
<li>Instance renames and modify via RAPI</li>
<li>Work around race condition between processing and archival in job
queue</li>
<li>Mark opcodes following failed one as failed, too</li>
<li>Job field <code class="docutils literal"><span class="pre">lock_status</span></code> was removed due to difficulties making it
work with the changed job queue in Ganeti 2.2; a better way to monitor
locks is expected for a later 2.2.x release</li>
<li>Fixed dry-run behaviour with many commands</li>
<li>Support <code class="docutils literal"><span class="pre">ssh-agent</span></code> again when adding nodes</li>
<li>Many additional bugfixes</li>
</ul>
</div>
<div class="section" id="version-2-2-0-rc0">
<h2>Version 2.2.0 rc0<a class="headerlink" href="#version-2-2-0-rc0" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 30 Jul 2010)</em></p>
<p>Important change: the internal RPC mechanism between Ganeti nodes has
changed from using a home-grown http library (based on the Python base
libraries) to use the PycURL library. This requires that PycURL is
installed on nodes. Please note that on Debian/Ubuntu, PycURL is linked
against GnuTLS by default. cURL’s support for GnuTLS had known issues
before cURL 7.21.0 and we recommend using the latest cURL release or
linking against OpenSSL. Most other distributions already link PycURL
and cURL against OpenSSL. The command:</p>
<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">python</span> <span class="o">-</span><span class="n">c</span> <span class="s1">&#39;import pycurl; print pycurl.version&#39;</span>
</pre></div>
</div>
<p>can be used to determine the libraries PycURL and cURL are linked
against.</p>
<p>Other significant changes:</p>
<ul class="simple">
<li>Rewrote much of the internals of the job queue, in order to achieve
better parallelism; this decouples job query operations from the job
processing, and it should allow much nicer behaviour of the master
daemon under load, and it also has uncovered some long-standing bugs
related to the job serialisation (now fixed)</li>
<li>Added a default iallocator setting to the cluster parameters,
eliminating the need to always pass nodes or an iallocator for
operations that require selection of new node(s)</li>
<li>Added experimental support for the LXC virtualization method</li>
<li>Added support for OS parameters, which allows the installation of
instances to pass parameter to OS scripts in order to customise the
instance</li>
<li>Added a hypervisor parameter controlling the migration type (live or
non-live), since hypervisors have various levels of reliability; this
has renamed the ‘live’ parameter to ‘mode’</li>
<li>Added a cluster parameter <code class="docutils literal"><span class="pre">reserved_lvs</span></code> that denotes reserved
logical volumes, meaning that cluster verify will ignore them and not
flag their presence as errors</li>
<li>The watcher will now reset the error count for failed instances after
8 hours, thus allowing self-healing if the problem that caused the
instances to be down/fail to start has cleared in the meantime</li>
<li>Added a cluster parameter <code class="docutils literal"><span class="pre">drbd_usermode_helper</span></code> that makes Ganeti
check for, and warn, if the drbd module parameter <code class="docutils literal"><span class="pre">usermode_helper</span></code>
is not consistent with the cluster-wide setting; this is needed to
make diagnose easier of failed drbd creations</li>
<li>Started adding base IPv6 support, but this is not yet
enabled/available for use</li>
<li>Rename operations (cluster, instance) will now return the new name,
which is especially useful if a short name was passed in</li>
<li>Added support for instance migration in RAPI</li>
<li>Added a tool to pre-configure nodes for the SSH setup, before joining
them to the cluster; this will allow in the future a simplified model
for node joining (but not yet fully enabled in 2.2); this needs the
paramiko python library</li>
<li>Fixed handling of name-resolving errors</li>
<li>Fixed consistency of job results on the error path</li>
<li>Fixed master-failover race condition when executed multiple times in
sequence</li>
<li>Fixed many bugs related to the job queue (mostly introduced during the
2.2 development cycle, so not all are impacting 2.1)</li>
<li>Fixed instance migration with missing disk symlinks</li>
<li>Fixed handling of unknown jobs in <code class="docutils literal"><span class="pre">gnt-job</span> <span class="pre">archive</span></code></li>
<li>And many other small fixes/improvements</li>
</ul>
<p>Internal changes:</p>
<ul class="simple">
<li>Enhanced both the unittest and the QA coverage</li>
<li>Switched the opcode validation to a generic model, and extended the
validation to all opcode parameters</li>
<li>Changed more parts of the code that write shell scripts to use the
same class for this</li>
<li>Switched the master daemon to use the asyncore library for the Luxi
server endpoint</li>
</ul>
</div>
<div class="section" id="version-2-2-0-beta0">
<h2>Version 2.2.0 beta0<a class="headerlink" href="#version-2-2-0-beta0" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 17 Jun 2010)</em></p>
<ul class="simple">
<li>Added tool (<code class="docutils literal"><span class="pre">move-instance</span></code>) and infrastructure to move instances
between separate clusters (see <a class="reference internal" href="move-instance.html"><span class="doc">separate documentation</span></a> and <a class="reference internal" href="design-2.2.html"><span class="doc">design document</span></a>)</li>
<li>Added per-request RPC timeout</li>
<li>RAPI now requires a Content-Type header for requests with a body (e.g.
<code class="docutils literal"><span class="pre">PUT</span></code> or <code class="docutils literal"><span class="pre">POST</span></code>) which must be set to <code class="docutils literal"><span class="pre">application/json</span></code> (see
<span class="target" id="index-0"></span><a class="rfc reference external" href="https://tools.ietf.org/html/rfc2616.html"><strong>RFC 2616</strong></a> (HTTP/1.1), section 7.2.1)</li>
<li><code class="docutils literal"><span class="pre">ganeti-watcher</span></code> attempts to restart <code class="docutils literal"><span class="pre">ganeti-rapi</span></code> if RAPI is not
reachable</li>
<li>Implemented initial support for running Ganeti daemons as separate
users, see configure-time flags <code class="docutils literal"><span class="pre">--with-user-prefix</span></code> and
<code class="docutils literal"><span class="pre">--with-group-prefix</span></code> (only <code class="docutils literal"><span class="pre">ganeti-rapi</span></code> is supported at this
time)</li>
<li>Instances can be removed after export (<code class="docutils literal"><span class="pre">gnt-backup</span> <span class="pre">export</span>
<span class="pre">--remove-instance</span></code>)</li>
<li>Self-signed certificates generated by Ganeti now use a 2048 bit RSA
key (instead of 1024 bit)</li>
<li>Added new cluster configuration file for cluster domain secret</li>
<li>Import/export now use SSL instead of SSH</li>
<li>Added support for showing estimated time when exporting an instance,
see the <code class="docutils literal"><span class="pre">ganeti-os-interface(7)</span></code> manpage and look for
<code class="docutils literal"><span class="pre">EXP_SIZE_FD</span></code></li>
</ul>
</div>
<div class="section" id="version-2-1-8">
<h2>Version 2.1.8<a class="headerlink" href="#version-2-1-8" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 16 Nov 2010)</em></p>
<p>Some more bugfixes. Unless critical bugs occur, this will be the last
2.1 release:</p>
<ul class="simple">
<li>Fix case of MAC special-values</li>
<li>Fix mac checker regex</li>
<li>backend: Fix typo causing “out of range” error</li>
<li>Add missing –units in gnt-instance list man page</li>
</ul>
</div>
<div class="section" id="version-2-1-7">
<h2>Version 2.1.7<a class="headerlink" href="#version-2-1-7" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 24 Aug 2010)</em></p>
<dl class="docutils">
<dt>Bugfixes only:</dt>
<dd><ul class="first last simple">
<li>Don’t ignore secondary node silently on non-mirrored disk templates
(issue 113)</li>
<li>Fix –master-netdev arg name in gnt-cluster(8) (issue 114)</li>
<li>Fix usb_mouse parameter breaking with vnc_console (issue 109)</li>
<li>Properly document the usb_mouse parameter</li>
<li>Fix path in ganeti-rapi(8) (issue 116)</li>
<li>Adjust error message when the ganeti user’s .ssh directory is
missing</li>
<li>Add same-node-check when changing the disk template to drbd</li>
</ul>
</dd>
</dl>
</div>
<div class="section" id="version-2-1-6">
<h2>Version 2.1.6<a class="headerlink" href="#version-2-1-6" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 16 Jul 2010)</em></p>
<dl class="docutils">
<dt>Bugfixes only:</dt>
<dd><ul class="first last simple">
<li>Add an option to only select some reboot types during qa/burnin.
(on some hypervisors consequent reboots are not supported)</li>
<li>Fix infrequent race condition in master failover. Sometimes the old
master ip address would be still detected as up for a short time
after it was removed, causing failover to fail.</li>
<li>Decrease mlockall warnings when the ctypes module is missing. On
Python 2.4 we support running even if no ctypes module is installed,
but we were too verbose about this issue.</li>
<li>Fix building on old distributions, on which man doesn’t have a
–warnings option.</li>
<li>Fix RAPI not to ignore the MAC address on instance creation</li>
<li>Implement the old instance creation format in the RAPI client.</li>
</ul>
</dd>
</dl>
</div>
<div class="section" id="version-2-1-5">
<h2>Version 2.1.5<a class="headerlink" href="#version-2-1-5" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 01 Jul 2010)</em></p>
<dl class="docutils">
<dt>A small bugfix release:</dt>
<dd><ul class="first last simple">
<li>Fix disk adoption: broken by strict –disk option checking in 2.1.4</li>
<li>Fix batch-create: broken in the whole 2.1 series due to a lookup on
a non-existing option</li>
<li>Fix instance create: the –force-variant option was ignored</li>
<li>Improve pylint 0.21 compatibility and warnings with Python 2.6</li>
<li>Fix modify node storage with non-FQDN arguments</li>
<li>Fix RAPI client to authenticate under Python 2.6 when used
for more than 5 requests needing authentication</li>
<li>Fix gnt-instance modify -t (storage) giving a wrong error message
when converting a non-shutdown drbd instance to plain</li>
</ul>
</dd>
</dl>
</div>
<div class="section" id="version-2-1-4">
<h2>Version 2.1.4<a class="headerlink" href="#version-2-1-4" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 18 Jun 2010)</em></p>
<p>A small bugfix release:</p>
<blockquote>
<div><ul class="simple">
<li>Fix live migration of KVM instances started with older Ganeti
versions which had fewer hypervisor parameters</li>
<li>Fix gnt-instance grow-disk on down instances</li>
<li>Fix an error-reporting bug during instance migration</li>
<li>Better checking of the <code class="docutils literal"><span class="pre">--net</span></code> and <code class="docutils literal"><span class="pre">--disk</span></code> values, to avoid
silently ignoring broken ones</li>
<li>Fix an RPC error reporting bug affecting, for example, RAPI client
users</li>
<li>Fix bug triggered by different API version os-es on different nodes</li>
<li>Fix a bug in instance startup with custom hvparams: OS level
parameters would fail to be applied.</li>
<li>Fix the RAPI client under Python 2.6 (but more work is needed to
make it work completely well with OpenSSL)</li>
<li>Fix handling of errors when resolving names from DNS</li>
</ul>
</div></blockquote>
</div>
<div class="section" id="version-2-1-3">
<h2>Version 2.1.3<a class="headerlink" href="#version-2-1-3" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 3 Jun 2010)</em></p>
<p>A medium sized development cycle. Some new features, and some
fixes/small improvements/cleanups.</p>
<div class="section" id="significant-features">
<h3>Significant features<a class="headerlink" href="#significant-features" title="Permalink to this headline"></a></h3>
<p>The node daemon now tries to mlock itself into memory, unless the
<code class="docutils literal"><span class="pre">--no-mlock</span></code> flag is passed. It also doesn’t fail if it can’t write
its logs, and falls back to console logging. This allows emergency
features such as <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">powercycle</span></code> to work even in the event of a
broken node disk (tested offlining the disk hosting the node’s
filesystem and dropping its memory caches; don’t try this at home)</p>
<p>KVM: add vhost-net acceleration support. It can be tested with a new
enough version of the kernel and of qemu-kvm.</p>
<p>KVM: Add instance chrooting feature. If you use privilege dropping for
your VMs you can also now force them to chroot to an empty directory,
before starting the emulated guest.</p>
<p>KVM: Add maximum migration bandwith and maximum downtime tweaking
support (requires a new-enough version of qemu-kvm).</p>
<p>Cluster verify will now warn if the master node doesn’t have the master
ip configured on it.</p>
<p>Add a new (incompatible) instance creation request format to RAPI which
supports all parameters (previously only a subset was supported, and it
wasn’t possible to extend the old format to accomodate all the new
features. The old format is still supported, and a client can check for
this feature, before using it, by checking for its presence in the
<code class="docutils literal"><span class="pre">features</span></code> RAPI resource.</p>
<p>Now with ancient latin support. Try it passing the <code class="docutils literal"><span class="pre">--roman</span></code> option to
<code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">info</span></code>, <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">info</span></code> or <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list</span></code>
(requires the python-roman module to be installed, in order to work).</p>
</div>
<div class="section" id="id56">
<h3>Other changes<a class="headerlink" href="#id56" title="Permalink to this headline"></a></h3>
<p>As usual many internal code refactorings, documentation updates, and
such. Among others:</p>
<blockquote>
<div><ul class="simple">
<li>Lots of improvements and cleanups to the experimental Remote API
(RAPI) client library.</li>
<li>A new unit test suite for the core daemon libraries.</li>
<li>A fix to creating missing directories makes sure the umask is not
applied anymore. This enforces the same directory permissions
everywhere.</li>
<li>Better handling terminating daemons with ctrl+c (used when running
them in debugging mode).</li>
<li>Fix a race condition in live migrating a KVM instance, when stat()
on the old proc status file returned EINVAL, which is an unexpected
value.</li>
<li>Fixed manpage checking with newer man and utf-8 charachters. But now
you need the en_US.UTF-8 locale enabled to build Ganeti from git.</li>
</ul>
</div></blockquote>
</div>
</div>
<div class="section" id="version-2-1-2-1">
<h2>Version 2.1.2.1<a class="headerlink" href="#version-2-1-2-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 7 May 2010)</em></p>
<p>Fix a bug which prevented untagged KVM instances from starting.</p>
</div>
<div class="section" id="version-2-1-2">
<h2>Version 2.1.2<a class="headerlink" href="#version-2-1-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 7 May 2010)</em></p>
<p>Another release with a long development cycle, during which many
different features were added.</p>
<div class="section" id="id57">
<h3>Significant features<a class="headerlink" href="#id57" title="Permalink to this headline"></a></h3>
<p>The KVM hypervisor now can run the individual instances as non-root, to
reduce the impact of a VM being hijacked due to bugs in the
hypervisor. It is possible to run all instances as a single (non-root)
user, to manually specify a user for each instance, or to dynamically
allocate a user out of a cluster-wide pool to each instance, with the
guarantee that no two instances will run under the same user ID on any
given node.</p>
<p>An experimental RAPI client library, that can be used standalone
(without the other Ganeti libraries), is provided in the source tree as
<code class="docutils literal"><span class="pre">lib/rapi/client.py</span></code>. Note this client might change its interface in
the future, as we iterate on its capabilities.</p>
<p>A new command, <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">renew-crypto</span></code> has been added to easily
replace the cluster’s certificates and crypto keys. This might help in
case they have been compromised, or have simply expired.</p>
<p>A new disk option for instance creation has been added that allows one
to “adopt” currently existing logical volumes, with data
preservation. This should allow easier migration to Ganeti from
unmanaged (or managed via other software) instances.</p>
<p>Another disk improvement is the possibility to convert between redundant
(DRBD) and plain (LVM) disk configuration for an instance. This should
allow better scalability (starting with one node and growing the
cluster, or shrinking a two-node cluster to one node).</p>
<p>A new feature that could help with automated node failovers has been
implemented: if a node sees itself as offline (by querying the master
candidates), it will try to shutdown (hard) all instances and any active
DRBD devices. This reduces the risk of duplicate instances if an
external script automatically failovers the instances on such nodes. To
enable this, the cluster parameter <code class="docutils literal"><span class="pre">maintain_node_health</span></code> should be
enabled; in the future this option (per the name) will enable other
automatic maintenance features.</p>
<p>Instance export/import now will reuse the original instance
specifications for all parameters; that means exporting an instance,
deleting it and the importing it back should give an almost identical
instance. Note that the default import behaviour has changed from
before, where it created only one NIC; now it recreates the original
number of NICs.</p>
<p>Cluster verify has added a few new checks: SSL certificates validity,
/etc/hosts consistency across the cluster, etc.</p>
</div>
<div class="section" id="id58">
<h3>Other changes<a class="headerlink" href="#id58" title="Permalink to this headline"></a></h3>
<p>As usual, many internal changes were done, documentation fixes,
etc. Among others:</p>
<ul class="simple">
<li>Fixed cluster initialization with disabled cluster storage (regression
introduced in 2.1.1)</li>
<li>File-based storage supports growing the disks</li>
<li>Fixed behaviour of node role changes</li>
<li>Fixed cluster verify for some corner cases, plus a general rewrite of
cluster verify to allow future extension with more checks</li>
<li>Fixed log spamming by watcher and node daemon (regression introduced
in 2.1.1)</li>
<li>Fixed possible validation issues when changing the list of enabled
hypervisors</li>
<li>Fixed cleanup of /etc/hosts during node removal</li>
<li>Fixed RAPI response for invalid methods</li>
<li>Fixed bug with hashed passwords in <code class="docutils literal"><span class="pre">ganeti-rapi</span></code> daemon</li>
<li>Multiple small improvements to the KVM hypervisor (VNC usage, booting
from ide disks, etc.)</li>
<li>Allow OS changes without re-installation (to record a changed OS
outside of Ganeti, or to allow OS renames)</li>
<li>Allow instance creation without OS installation (useful for example if
the OS will be installed manually, or restored from a backup not in
Ganeti format)</li>
<li>Implemented option to make cluster <code class="docutils literal"><span class="pre">copyfile</span></code> use the replication
network</li>
<li>Added list of enabled hypervisors to ssconf (possibly useful for
external scripts)</li>
<li>Added a new tool (<code class="docutils literal"><span class="pre">tools/cfgupgrade12</span></code>) that allows upgrading from
1.2 clusters</li>
<li>A partial form of node re-IP is possible via node readd, which now
allows changed node primary IP</li>
<li>Command line utilities now show an informational message if the job is
waiting for a lock</li>
<li>The logs of the master daemon now show the PID/UID/GID of the
connected client</li>
</ul>
</div>
</div>
<div class="section" id="version-2-1-1">
<h2>Version 2.1.1<a class="headerlink" href="#version-2-1-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 12 Mar 2010)</em></p>
<p>During the 2.1.0 long release candidate cycle, a lot of improvements and
changes have accumulated with were released later as 2.1.1.</p>
<div class="section" id="major-changes">
<h3>Major changes<a class="headerlink" href="#major-changes" title="Permalink to this headline"></a></h3>
<p>The node evacuate command (<code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">evacuate</span></code>) was significantly
rewritten, and as such the IAllocator protocol was changed - a new
request type has been added. This unfortunate change during a stable
series is designed to improve performance of node evacuations; on
clusters with more than about five nodes and which are well-balanced,
evacuation should proceed in parallel for all instances of the node
being evacuated. As such, any existing IAllocator scripts need to be
updated, otherwise the above command will fail due to the unknown
request. The provided “dumb” allocator has not been updated; but the
ganeti-htools package supports the new protocol since version 0.2.4.</p>
<p>Another important change is increased validation of node and instance
names. This might create problems in special cases, if invalid host
names are being used.</p>
<p>Also, a new layer of hypervisor parameters has been added, that sits at
OS level between the cluster defaults and the instance ones. This allows
customisation of virtualization parameters depending on the installed
OS. For example instances with OS ‘X’ may have a different KVM kernel
(or any other parameter) than the cluster defaults. This is intended to
help managing a multiple OSes on the same cluster, without manual
modification of each instance’s parameters.</p>
<p>A tool for merging clusters, <code class="docutils literal"><span class="pre">cluster-merge</span></code>, has been added in the
tools sub-directory.</p>
</div>
<div class="section" id="bug-fixes">
<h3>Bug fixes<a class="headerlink" href="#bug-fixes" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Improved the int/float conversions that should make the code more
robust in face of errors from the node daemons</li>
<li>Fixed the remove node code in case of internal configuration errors</li>
<li>Fixed the node daemon behaviour in face of inconsistent queue
directory (e.g. read-only file-system where we can’t open the files
read-write, etc.)</li>
<li>Fixed the behaviour of gnt-node modify for master candidate demotion;
now it either aborts cleanly or, if given the new “auto_promote”
parameter, will automatically promote other nodes as needed</li>
<li>Fixed compatibility with (unreleased yet) Python 2.6.5 that would
completely prevent Ganeti from working</li>
<li>Fixed bug for instance export when not all disks were successfully
exported</li>
<li>Fixed behaviour of node add when the new node is slow in starting up
the node daemon</li>
<li>Fixed handling of signals in the LUXI client, which should improve
behaviour of command-line scripts</li>
<li>Added checks for invalid node/instance names in the configuration (now
flagged during cluster verify)</li>
<li>Fixed watcher behaviour for disk activation errors</li>
<li>Fixed two potentially endless loops in http library, which led to the
RAPI daemon hanging and consuming 100% CPU in some cases</li>
<li>Fixed bug in RAPI daemon related to hashed passwords</li>
<li>Fixed bug for unintended qemu-level bridging of multi-NIC KVM
instances</li>
<li>Enhanced compatibility with non-Debian OSes, but not using absolute
path in some commands and allowing customisation of the ssh
configuration directory</li>
<li>Fixed possible future issue with new Python versions by abiding to the
proper use of <code class="docutils literal"><span class="pre">__slots__</span></code> attribute on classes</li>
<li>Added checks that should prevent directory traversal attacks</li>
<li>Many documentation fixes based on feedback from users</li>
</ul>
</div>
<div class="section" id="id59">
<h3>New features<a class="headerlink" href="#id59" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Added an “early_release” more for instance replace disks and node
evacuate, where we release locks earlier and thus allow higher
parallelism within the cluster</li>
<li>Added watcher hooks, intended to allow the watcher to restart other
daemons (e.g. from the ganeti-nbma project), but they can be used of
course for any other purpose</li>
<li>Added a compile-time disable for DRBD barriers, to increase
performance if the administrator trusts the power supply or the
storage system to not lose writes</li>
<li>Added the option of using syslog for logging instead of, or in
addition to, Ganeti’s own log files</li>
<li>Removed boot restriction for paravirtual NICs for KVM, recent versions
can indeed boot from a paravirtual NIC</li>
<li>Added a generic debug level for many operations; while this is not
used widely yet, it allows one to pass the debug value all the way to
the OS scripts</li>
<li>Enhanced the hooks environment for instance moves (failovers,
migrations) where the primary/secondary nodes changed during the
operation, by adding {NEW,OLD}_{PRIMARY,SECONDARY} vars</li>
<li>Enhanced data validations for many user-supplied values; one important
item is the restrictions imposed on instance and node names, which
might reject some (invalid) host names</li>
<li>Add a configure-time option to disable file-based storage, if it’s not
needed; this allows greater security separation between the master
node and the other nodes from the point of view of the inter-node RPC
protocol</li>
<li>Added user notification in interactive tools if job is waiting in the
job queue or trying to acquire locks</li>
<li>Added log messages when a job is waiting for locks</li>
<li>Added filtering by node tags in instance operations which admit
multiple instances (start, stop, reboot, reinstall)</li>
<li>Added a new tool for cluster mergers, <code class="docutils literal"><span class="pre">cluster-merge</span></code></li>
<li>Parameters from command line which are of the form <code class="docutils literal"><span class="pre">a=b,c=d</span></code> can now
use backslash escapes to pass in values which contain commas,
e.g. <code class="docutils literal"><span class="pre">a=b\\c,d=e</span></code> where the ‘a’ parameter would get the value
<code class="docutils literal"><span class="pre">b,c</span></code></li>
<li>For KVM, the instance name is the first parameter passed to KVM, so
that it’s more visible in the process list</li>
</ul>
</div>
</div>
<div class="section" id="version-2-1-0">
<h2>Version 2.1.0<a class="headerlink" href="#version-2-1-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 2 Mar 2010)</em></p>
<p>Ganeti 2.1 brings many improvements with it. Major changes:</p>
<ul class="simple">
<li>Added infrastructure to ease automated disk repairs</li>
<li>Added new daemon to export configuration data in a cheaper way than
using the remote API</li>
<li>Instance NICs can now be routed instead of being associated with a
networking bridge</li>
<li>Improved job locking logic to reduce impact of jobs acquiring multiple
locks waiting for other long-running jobs</li>
</ul>
<p>In-depth implementation details can be found in the Ganeti 2.1 design
document.</p>
<div class="section" id="details">
<h3>Details<a class="headerlink" href="#details" title="Permalink to this headline"></a></h3>
<ul class="simple">
<li>Added chroot hypervisor</li>
<li>Added more options to xen-hvm hypervisor (<code class="docutils literal"><span class="pre">kernel_path</span></code> and
<code class="docutils literal"><span class="pre">device_model</span></code>)</li>
<li>Added more options to xen-pvm hypervisor (<code class="docutils literal"><span class="pre">use_bootloader</span></code>,
<code class="docutils literal"><span class="pre">bootloader_path</span></code> and <code class="docutils literal"><span class="pre">bootloader_args</span></code>)</li>
<li>Added the <code class="docutils literal"><span class="pre">use_localtime</span></code> option for the xen-hvm and kvm
hypervisors, and the default value for this has changed to false (in
2.0 xen-hvm always enabled it)</li>
<li>Added luxi call to submit multiple jobs in one go</li>
<li>Added cluster initialization option to not modify <code class="docutils literal"><span class="pre">/etc/hosts</span></code>
file on nodes</li>
<li>Added network interface parameters</li>
<li>Added dry run mode to some LUs</li>
<li>Added RAPI resources:<ul>
<li><code class="docutils literal"><span class="pre">/2/instances/[instance_name]/info</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/instances/[instance_name]/replace-disks</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/nodes/[node_name]/evacuate</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/nodes/[node_name]/migrate</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/nodes/[node_name]/role</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/nodes/[node_name]/storage</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/nodes/[node_name]/storage/modify</span></code></li>
<li><code class="docutils literal"><span class="pre">/2/nodes/[node_name]/storage/repair</span></code></li>
</ul>
</li>
<li>Added OpCodes to evacuate or migrate all instances on a node</li>
<li>Added new command to list storage elements on nodes (<code class="docutils literal"><span class="pre">gnt-node</span>
<span class="pre">list-storage</span></code>) and modify them (<code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">modify-storage</span></code>)</li>
<li>Added new ssconf files with master candidate IP address
(<code class="docutils literal"><span class="pre">ssconf_master_candidates_ips</span></code>), node primary IP address
(<code class="docutils literal"><span class="pre">ssconf_node_primary_ips</span></code>) and node secondary IP address
(<code class="docutils literal"><span class="pre">ssconf_node_secondary_ips</span></code>)</li>
<li>Added <code class="docutils literal"><span class="pre">ganeti-confd</span></code> and a client library to query the Ganeti
configuration via UDP</li>
<li>Added ability to run hooks after cluster initialization and before
cluster destruction</li>
<li>Added automatic mode for disk replace (<code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">replace-disks</span>
<span class="pre">--auto</span></code>)</li>
<li>Added <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">recreate-disks</span></code> to re-create (empty) disks
after catastrophic data-loss</li>
<li>Added <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">repair-storage</span></code> command to repair damaged LVM volume
groups</li>
<li>Added <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">move</span></code> command to move instances</li>
<li>Added <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">watcher</span></code> command to control watcher</li>
<li>Added <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">powercycle</span></code> command to powercycle nodes</li>
<li>Added new job status field <code class="docutils literal"><span class="pre">lock_status</span></code></li>
<li>Added parseable error codes to cluster verification (<code class="docutils literal"><span class="pre">gnt-cluster</span>
<span class="pre">verify</span> <span class="pre">--error-codes</span></code>) and made output less verbose (use
<code class="docutils literal"><span class="pre">--verbose</span></code> to restore previous behaviour)</li>
<li>Added UUIDs to the main config entities (cluster, nodes, instances)</li>
<li>Added support for OS variants</li>
<li>Added support for hashed passwords in the Ganeti remote API users file
(<code class="docutils literal"><span class="pre">rapi_users</span></code>)</li>
<li>Added option to specify maximum timeout on instance shutdown</li>
<li>Added <code class="docutils literal"><span class="pre">--no-ssh-init</span></code> option to <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">init</span></code></li>
<li>Added new helper script to start and stop Ganeti daemons
(<code class="docutils literal"><span class="pre">daemon-util</span></code>), with the intent to reduce the work necessary to
adjust Ganeti for non-Debian distributions and to start/stop daemons
from one place</li>
<li>Added more unittests</li>
<li>Fixed critical bug in ganeti-masterd startup</li>
<li>Removed the configure-time <code class="docutils literal"><span class="pre">kvm-migration-port</span></code> parameter, this is
now customisable at the cluster level for both the KVM and Xen
hypervisors using the new <code class="docutils literal"><span class="pre">migration_port</span></code> parameter</li>
<li>Pass <code class="docutils literal"><span class="pre">INSTANCE_REINSTALL</span></code> variable to OS installation script when
reinstalling an instance</li>
<li>Allowed <code class="docutils literal"><span class="pre">&#64;</span></code> in tag names</li>
<li>Migrated to Sphinx (<a class="reference external" href="http://sphinx.pocoo.org/">http://sphinx.pocoo.org/</a>) for documentation</li>
<li>Many documentation updates</li>
<li>Distribute hypervisor files on <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">redist-conf</span></code></li>
<li><code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">reinstall</span></code> can now reinstall multiple instances</li>
<li>Updated many command line parameters</li>
<li>Introduced new OS API version 15</li>
<li>No longer support a default hypervisor</li>
<li>Treat virtual LVs as inexistent</li>
<li>Improved job locking logic to reduce lock contention</li>
<li>Match instance and node names case insensitively</li>
<li>Reimplemented bash completion script to be more complete</li>
<li>Improved burnin</li>
</ul>
</div>
</div>
<div class="section" id="version-2-0-6">
<h2>Version 2.0.6<a class="headerlink" href="#version-2-0-6" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 4 Feb 2010)</em></p>
<ul class="simple">
<li>Fix cleaner behaviour on nodes not in a cluster (Debian bug 568105)</li>
<li>Fix a string formatting bug</li>
<li>Improve safety of the code in some error paths</li>
<li>Improve data validation in the master of values returned from nodes</li>
</ul>
</div>
<div class="section" id="version-2-0-5">
<h2>Version 2.0.5<a class="headerlink" href="#version-2-0-5" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 17 Dec 2009)</em></p>
<ul class="simple">
<li>Fix security issue due to missing validation of iallocator names; this
allows local and remote execution of arbitrary executables</li>
<li>Fix failure of gnt-node list during instance removal</li>
<li>Ship the RAPI documentation in the archive</li>
</ul>
</div>
<div class="section" id="version-2-0-4">
<h2>Version 2.0.4<a class="headerlink" href="#version-2-0-4" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 30 Sep 2009)</em></p>
<ul class="simple">
<li>Fixed many wrong messages</li>
<li>Fixed a few bugs related to the locking library</li>
<li>Fixed MAC checking at instance creation time</li>
<li>Fixed a DRBD parsing bug related to gaps in /proc/drbd</li>
<li>Fixed a few issues related to signal handling in both daemons and
scripts</li>
<li>Fixed the example startup script provided</li>
<li>Fixed insserv dependencies in the example startup script (patch from
Debian)</li>
<li>Fixed handling of drained nodes in the iallocator framework</li>
<li>Fixed handling of KERNEL_PATH parameter for xen-hvm (Debian bug
#528618)</li>
<li>Fixed error related to invalid job IDs in job polling</li>
<li>Fixed job/opcode persistence on unclean master shutdown</li>
<li>Fixed handling of partial job processing after unclean master
shutdown</li>
<li>Fixed error reporting from LUs, previously all errors were converted
into execution errors</li>
<li>Fixed error reporting from burnin</li>
<li>Decreased significantly the memory usage of the job queue</li>
<li>Optimised slightly multi-job submission</li>
<li>Optimised slightly opcode loading</li>
<li>Backported the multi-job submit framework from the development
branch; multi-instance start and stop should be faster</li>
<li>Added script to clean archived jobs after 21 days; this will reduce
the size of the queue directory</li>
<li>Added some extra checks in disk size tracking</li>
<li>Added an example ethers hook script</li>
<li>Added a cluster parameter that prevents Ganeti from modifying of
/etc/hosts</li>
<li>Added more node information to RAPI responses</li>
<li>Added a <code class="docutils literal"><span class="pre">gnt-job</span> <span class="pre">watch</span></code> command that allows following the ouput of a
job</li>
<li>Added a bind-address option to ganeti-rapi</li>
<li>Added more checks to the configuration verify</li>
<li>Enhanced the burnin script such that some operations can be retried
automatically</li>
<li>Converted instance reinstall to multi-instance model</li>
</ul>
</div>
<div class="section" id="version-2-0-3">
<h2>Version 2.0.3<a class="headerlink" href="#version-2-0-3" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 7 Aug 2009)</em></p>
<ul class="simple">
<li>Added <code class="docutils literal"><span class="pre">--ignore-size</span></code> to the <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">activate-disks</span></code> command
to allow using the pre-2.0.2 behaviour in activation, if any existing
instances have mismatched disk sizes in the configuration</li>
<li>Added <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">repair-disk-sizes</span></code> command to check and update
any configuration mismatches for disk sizes</li>
<li>Added <code class="docutils literal"><span class="pre">gnt-master</span> <span class="pre">cluste-failover</span> <span class="pre">--no-voting</span></code> to allow master
failover to work on two-node clusters</li>
<li>Fixed the <code class="docutils literal"><span class="pre">--net</span></code> option of <code class="docutils literal"><span class="pre">gnt-backup</span> <span class="pre">import</span></code>, which was
unusable</li>
<li>Fixed detection of OS script errors in <code class="docutils literal"><span class="pre">gnt-backup</span> <span class="pre">export</span></code></li>
<li>Fixed exit code of <code class="docutils literal"><span class="pre">gnt-backup</span> <span class="pre">export</span></code></li>
</ul>
</div>
<div class="section" id="version-2-0-2">
<h2>Version 2.0.2<a class="headerlink" href="#version-2-0-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 17 Jul 2009)</em></p>
<ul class="simple">
<li>Added experimental support for stripped logical volumes; this should
enhance performance but comes with a higher complexity in the block
device handling; stripping is only enabled when passing
<code class="docutils literal"><span class="pre">--with-lvm-stripecount=N</span></code> to <code class="docutils literal"><span class="pre">configure</span></code>, but codepaths are
affected even in the non-stripped mode</li>
<li>Improved resiliency against transient failures at the end of DRBD
resyncs, and in general of DRBD resync checks</li>
<li>Fixed a couple of issues with exports and snapshot errors</li>
<li>Fixed a couple of issues in instance listing</li>
<li>Added display of the disk size in <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">info</span></code></li>
<li>Fixed checking for valid OSes in instance creation</li>
<li>Fixed handling of the “vcpus” parameter in instance listing and in
general of invalid parameters</li>
<li>Fixed http server library, and thus RAPI, to handle invalid
username/password combinations correctly; this means that now they
report unauthorized for queries too, not only for modifications,
allowing earlier detect of configuration problems</li>
<li>Added a new “role” node list field, equivalent to the master/master
candidate/drained/offline flags combinations</li>
<li>Fixed cluster modify and changes of candidate pool size</li>
<li>Fixed cluster verify error messages for wrong files on regular nodes</li>
<li>Fixed a couple of issues with node demotion from master candidate role</li>
<li>Fixed node readd issues</li>
<li>Added non-interactive mode for <code class="docutils literal"><span class="pre">ganeti-masterd</span> <span class="pre">--no-voting</span></code> startup</li>
<li>Added a new <code class="docutils literal"><span class="pre">--no-voting</span></code> option for masterfailover to fix failover
on two-nodes clusters when the former master node is unreachable</li>
<li>Added instance reinstall over RAPI</li>
</ul>
</div>
<div class="section" id="version-2-0-1">
<h2>Version 2.0.1<a class="headerlink" href="#version-2-0-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 16 Jun 2009)</em></p>
<ul class="simple">
<li>added <code class="docutils literal"><span class="pre">-H</span></code>/<code class="docutils literal"><span class="pre">-B</span></code> startup parameters to <code class="docutils literal"><span class="pre">gnt-instance</span></code>, which will
allow re-adding the start in single-user option (regression from 1.2)</li>
<li>the watcher writes the instance status to a file, to allow monitoring
to report the instance status (from the master) based on cached
results of the watcher’s queries; while this can get stale if the
watcher is being locked due to other work on the cluster, this is
still an improvement</li>
<li>the watcher now also restarts the node daemon and the rapi daemon if
they died</li>
<li>fixed the watcher to handle full and drained queue cases</li>
<li>hooks export more instance data in the environment, which helps if
hook scripts need to take action based on the instance’s properties
(no longer need to query back into ganeti)</li>
<li>instance failovers when the instance is stopped do not check for free
RAM, so that failing over a stopped instance is possible in low memory
situations</li>
<li>rapi uses queries for tags instead of jobs (for less job traffic), and
for cluster tags it won’t talk to masterd at all but read them from
ssconf</li>
<li>a couple of error handling fixes in RAPI</li>
<li>drbd handling: improved the error handling of inconsistent disks after
resync to reduce the frequency of “there are some degraded disks for
this instance” messages</li>
<li>fixed a bug in live migration when DRBD doesn’t want to reconnect (the
error handling path called a wrong function name)</li>
</ul>
</div>
<div class="section" id="version-2-0-0">
<h2>Version 2.0.0<a class="headerlink" href="#version-2-0-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 27 May 2009)</em></p>
<ul class="simple">
<li>no changes from rc5</li>
</ul>
</div>
<div class="section" id="version-2-0-rc5">
<h2>Version 2.0 rc5<a class="headerlink" href="#version-2-0-rc5" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 20 May 2009)</em></p>
<ul class="simple">
<li>fix a couple of bugs (validation, argument checks)</li>
<li>fix <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">getmaster</span></code> on non-master nodes (regression)</li>
<li>some small improvements to RAPI and IAllocator</li>
<li>make watcher automatically start the master daemon if down</li>
</ul>
</div>
<div class="section" id="version-2-0-rc4">
<h2>Version 2.0 rc4<a class="headerlink" href="#version-2-0-rc4" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 27 Apr 2009)</em></p>
<ul class="simple">
<li>change the OS list to not require locks; this helps with big clusters</li>
<li>fix <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code> and <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify-disks</span></code> when the
volume group is broken</li>
<li><code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">info</span></code>, without any arguments, doesn’t run for all
instances anymore; either pass <code class="docutils literal"><span class="pre">--all</span></code> or pass the desired
instances; this helps against mistakes on big clusters where listing
the information for all instances takes a long time</li>
<li>miscellaneous doc and man pages fixes</li>
</ul>
</div>
<div class="section" id="version-2-0-rc3">
<h2>Version 2.0 rc3<a class="headerlink" href="#version-2-0-rc3" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 8 Apr 2009)</em></p>
<ul class="simple">
<li>Change the internal locking model of some <code class="docutils literal"><span class="pre">gnt-node</span></code> commands, in
order to reduce contention (and blocking of master daemon) when
batching many creation/reinstall jobs</li>
<li>Fixes to Xen soft reboot</li>
<li>No longer build documentation at build time, instead distribute it in
the archive, in order to reduce the need for the whole docbook/rst
toolchains</li>
</ul>
</div>
<div class="section" id="version-2-0-rc2">
<h2>Version 2.0 rc2<a class="headerlink" href="#version-2-0-rc2" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 27 Mar 2009)</em></p>
<ul class="simple">
<li>Now the cfgupgrade scripts works and can upgrade 1.2.7 clusters to 2.0</li>
<li>Fix watcher startup sequence, improves the behaviour of busy clusters</li>
<li>Some other fixes in <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code>, <code class="docutils literal"><span class="pre">gnt-instance</span>
<span class="pre">replace-disks</span></code>, <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">add</span></code>, <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">queue</span></code>, KVM VNC
bind address and other places</li>
<li>Some documentation fixes and updates</li>
</ul>
</div>
<div class="section" id="version-2-0-rc1">
<h2>Version 2.0 rc1<a class="headerlink" href="#version-2-0-rc1" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 2 Mar 2009)</em></p>
<ul class="simple">
<li>More documentation updates, now all docs should be more-or-less
up-to-date</li>
<li>A couple of small fixes (mixed hypervisor clusters, offline nodes,
etc.)</li>
<li>Added a customizable HV_KERNEL_ARGS hypervisor parameter (for Xen PVM
and KVM)</li>
<li>Fix an issue related to $libdir/run/ganeti and cluster creation</li>
</ul>
</div>
<div class="section" id="version-2-0-beta2">
<h2>Version 2.0 beta2<a class="headerlink" href="#version-2-0-beta2" title="Permalink to this headline"></a></h2>
<p><em>(Released Thu, 19 Feb 2009)</em></p>
<ul class="simple">
<li>Xen PVM and KVM have switched the default value for the instance root
disk to the first partition on the first drive, instead of the whole
drive; this means that the OS installation scripts must be changed
accordingly</li>
<li>Man pages have been updated</li>
<li>RAPI has been switched by default to HTTPS, and the exported functions
should all work correctly</li>
<li>RAPI v1 has been removed</li>
<li>Many improvements to the KVM hypervisor</li>
<li>Block device errors are now better reported</li>
<li>Many other bugfixes and small improvements</li>
</ul>
</div>
<div class="section" id="version-2-0-beta1">
<h2>Version 2.0 beta1<a class="headerlink" href="#version-2-0-beta1" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 26 Jan 2009)</em></p>
<ul class="simple">
<li>Version 2 is a general rewrite of the code and therefore the
differences are too many to list, see the design document for 2.0 in
the <code class="docutils literal"><span class="pre">doc/</span></code> subdirectory for more details</li>
<li>In this beta version there is not yet a migration path from 1.2 (there
will be one in the final 2.0 release)</li>
<li>A few significant changes are:<ul>
<li>all commands are executed by a daemon (<code class="docutils literal"><span class="pre">ganeti-masterd</span></code>) and the
various <code class="docutils literal"><span class="pre">gnt-*</span></code> commands are just front-ends to it</li>
<li>all the commands are entered into, and executed from a job queue,
see the <code class="docutils literal"><span class="pre">gnt-job(8)</span></code> manpage</li>
<li>the RAPI daemon supports read-write operations, secured by basic
HTTP authentication on top of HTTPS</li>
<li>DRBD version 0.7 support has been removed, DRBD 8 is the only
supported version (when migrating from Ganeti 1.2 to 2.0, you need
to migrate to DRBD 8 first while still running Ganeti 1.2)</li>
<li>DRBD devices are using statically allocated minor numbers, which
will be assigned to existing instances during the migration process</li>
<li>there is support for both Xen PVM and Xen HVM instances running on
the same cluster</li>
<li>KVM virtualization is supported too</li>
<li>file-based storage has been implemented, which means that it is
possible to run the cluster without LVM and DRBD storage, for
example using a shared filesystem exported from shared storage (and
still have live migration)</li>
</ul>
</li>
</ul>
</div>
<div class="section" id="version-1-2-7">
<h2>Version 1.2.7<a class="headerlink" href="#version-1-2-7" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 13 Jan 2009)</em></p>
<ul class="simple">
<li>Change the default reboot type in <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">reboot</span></code> to “hard”</li>
<li>Reuse the old instance mac address by default on instance import, if
the instance name is the same.</li>
<li>Handle situations in which the node info rpc returns incomplete
results (issue 46)</li>
<li>Add checks for tcp/udp ports collisions in <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code></li>
<li>Improved version of batcher:<ul>
<li>state file support</li>
<li>instance mac address support</li>
<li>support for HVM clusters/instances</li>
</ul>
</li>
<li>Add an option to show the number of cpu sockets and nodes in
<code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">list</span></code></li>
<li>Support OSes that handle more than one version of the OS api (but do
not change the current API in any other way)</li>
<li>Fix <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">migrate</span></code></li>
<li><code class="docutils literal"><span class="pre">gnt-debug</span></code> man page</li>
<li>Fixes various more typos and small issues</li>
<li>Increase disk resync maximum speed to 60MB/s (from 30MB/s)</li>
</ul>
</div>
<div class="section" id="version-1-2-6">
<h2>Version 1.2.6<a class="headerlink" href="#version-1-2-6" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 24 Sep 2008)</em></p>
<ul class="simple">
<li>new <code class="docutils literal"><span class="pre">--hvm-nic-type</span></code> and <code class="docutils literal"><span class="pre">--hvm-disk-type</span></code> flags to control the
type of disk exported to fully virtualized instances.</li>
<li>provide access to the serial console of HVM instances</li>
<li>instance auto_balance flag, set by default. If turned off it will
avoid warnings on cluster verify if there is not enough memory to fail
over an instance. in the future it will prevent automatically failing
it over when we will support that.</li>
<li>batcher tool for instance creation, see <code class="docutils literal"><span class="pre">tools/README.batcher</span></code></li>
<li><code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">reinstall</span> <span class="pre">--select-os</span></code> to interactively select a new
operating system when reinstalling an instance.</li>
<li>when changing the memory amount on instance modify a check has been
added that the instance will be able to start. also warnings are
emitted if the instance will not be able to fail over, if auto_balance
is true.</li>
<li>documentation fixes</li>
<li>sync fields between <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">list/modify/add/import</span></code></li>
<li>fix a race condition in drbd when the sync speed was set after giving
the device a remote peer.</li>
</ul>
</div>
<div class="section" id="version-1-2-5">
<h2>Version 1.2.5<a class="headerlink" href="#version-1-2-5" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 22 Jul 2008)</em></p>
<ul class="simple">
<li>note: the allowed size and number of tags per object were reduced</li>
<li>fix a bug in <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code> with inconsistent volume groups</li>
<li>fixed twisted 8.x compatibility</li>
<li>fixed <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">replace-disks</span></code> with iallocator</li>
<li>add TCP keepalives on twisted connections to detect restarted nodes</li>
<li>disk increase support, see <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">grow-disk</span></code></li>
<li>implement bulk node/instance query for RAPI</li>
<li>add tags in node/instance listing (optional)</li>
<li>experimental migration (and live migration) support, read the man page
for <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">migrate</span></code></li>
<li>the <code class="docutils literal"><span class="pre">ganeti-watcher</span></code> logs are now timestamped, and the watcher also
has some small improvements in handling its state file</li>
</ul>
</div>
<div class="section" id="version-1-2-4">
<h2>Version 1.2.4<a class="headerlink" href="#version-1-2-4" title="Permalink to this headline"></a></h2>
<p><em>(Released Fri, 13 Jun 2008)</em></p>
<ul class="simple">
<li>Experimental readonly, REST-based remote API implementation;
automatically started on master node, TCP port 5080, if enabled by
<code class="docutils literal"><span class="pre">--enable-rapi</span></code> parameter to configure script.</li>
<li>Instance allocator support. Add and import instance accept a
<code class="docutils literal"><span class="pre">--iallocator</span></code> parameter, and call that instance allocator to decide
which node to use for the instance. The iallocator document describes
what’s expected from an allocator script.</li>
<li><code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code> N+1 memory redundancy checks: Unless passed the
<code class="docutils literal"><span class="pre">--no-nplus1-mem</span></code> option <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code> now checks that if a
node is lost there is still enough memory to fail over the instances
that reside on it.</li>
<li><code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code> hooks: it is now possible to add post-hooks to
<code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code>, to check for site-specific compliance. All the
hooks will run, and their output, if any, will be displayed. Any
failing hook will make the verification return an error value.</li>
<li><code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify</span></code> now checks that its peers are reachable on the
primary and secondary interfaces</li>
<li><code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">add</span></code> now supports the <code class="docutils literal"><span class="pre">--readd</span></code> option, to readd a node
that is still declared as part of the cluster and has failed.</li>
<li><code class="docutils literal"><span class="pre">gnt-*</span> <span class="pre">list</span></code> commands now accept a new <code class="docutils literal"><span class="pre">-o</span> <span class="pre">+field</span></code> way of
specifying output fields, that just adds the chosen fields to the
default ones.</li>
<li><code class="docutils literal"><span class="pre">gnt-backup</span></code> now has a new <code class="docutils literal"><span class="pre">remove</span></code> command to delete an existing
export from the filesystem.</li>
<li>New per-instance parameters hvm_acpi, hvm_pae and hvm_cdrom_image_path
have been added. Using them you can enable/disable acpi and pae
support, and specify a path for a cd image to be exported to the
instance. These parameters as the name suggest only work on HVM
clusters.</li>
<li>When upgrading an HVM cluster to Ganeti 1.2.4, the values for ACPI and
PAE support will be set to the previously hardcoded values, but the
(previously hardcoded) path to the CDROM ISO image will be unset and
if required, needs to be set manually with <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">modify</span></code>
after the upgrade.</li>
<li>The address to which an instance’s VNC console is bound is now
selectable per-instance, rather than being cluster wide. Of course
this only applies to instances controlled via VNC, so currently just
applies to HVM clusters.</li>
</ul>
</div>
<div class="section" id="version-1-2-3">
<h2>Version 1.2.3<a class="headerlink" href="#version-1-2-3" title="Permalink to this headline"></a></h2>
<p><em>(Released Mon, 18 Feb 2008)</em></p>
<ul class="simple">
<li>more tweaks to the disk activation code (especially helpful for DRBD)</li>
<li>change the default <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">list</span></code> output format, now there is
one combined status field (see the manpage for the exact values this
field will have)</li>
<li>some more fixes for the mac export to hooks change</li>
<li>make Ganeti not break with DRBD 8.2.x (which changed the version
format in <code class="docutils literal"><span class="pre">/proc/drbd</span></code>) (issue 24)</li>
<li>add an upgrade tool from “remote_raid1” disk template to “drbd” disk
template, allowing migration from DRBD0.7+MD to DRBD8</li>
</ul>
</div>
<div class="section" id="version-1-2-2">
<h2>Version 1.2.2<a class="headerlink" href="#version-1-2-2" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 30 Jan 2008)</em></p>
<ul class="simple">
<li>fix <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">modify</span></code> breakage introduced in 1.2.1 with the HVM
support (issue 23)</li>
<li>add command aliases infrastructure and a few aliases</li>
<li>allow listing of VCPUs in the <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">list</span></code> and improve the
man pages and the <code class="docutils literal"><span class="pre">--help</span></code> option of <code class="docutils literal"><span class="pre">gnt-node</span>
<span class="pre">list</span></code>/<code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">list</span></code></li>
<li>fix <code class="docutils literal"><span class="pre">gnt-backup</span> <span class="pre">list</span></code> with down nodes (issue 21)</li>
<li>change the tools location (move from $pkgdatadir to $pkglibdir/tools)</li>
<li>fix the dist archive and add a check for including svn/git files in
the future</li>
<li>some developer-related changes: improve the burnin and the QA suite,
add an upload script for testing during development</li>
</ul>
</div>
<div class="section" id="version-1-2-1">
<h2>Version 1.2.1<a class="headerlink" href="#version-1-2-1" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 16 Jan 2008)</em></p>
<ul class="simple">
<li>experimental HVM support, read the install document, section
“Initializing the cluster”</li>
<li>allow for the PVM hypervisor per-instance kernel and initrd paths</li>
<li>add a new command <code class="docutils literal"><span class="pre">gnt-cluster</span> <span class="pre">verify-disks</span></code> which uses a new
algorithm to improve the reconnection of the DRBD pairs if the device
on the secondary node has gone away</li>
<li>make logical volume code auto-activate LVs at disk activation time</li>
<li>slightly improve the speed of activating disks</li>
<li>allow specification of the MAC address at instance creation time, and
changing it later via <code class="docutils literal"><span class="pre">gnt-instance</span> <span class="pre">modify</span></code></li>
<li>fix handling of external commands that generate lots of output on
stderr</li>
<li>update documentation with regard to minimum version of DRBD8 supported</li>
</ul>
</div>
<div class="section" id="version-1-2-0">
<h2>Version 1.2.0<a class="headerlink" href="#version-1-2-0" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 4 Dec 2007)</em></p>
<ul class="simple">
<li>Log the <code class="docutils literal"><span class="pre">xm</span> <span class="pre">create</span></code> output to the node daemon log on failure (to
help diagnosing the error)</li>
<li>In debug mode, log all external commands output if failed to the logs</li>
<li>Change parsing of lvm commands to ignore stderr</li>
</ul>
</div>
<div class="section" id="version-1-2-beta3">
<h2>Version 1.2 beta3<a class="headerlink" href="#version-1-2-beta3" title="Permalink to this headline"></a></h2>
<p><em>(Released Wed, 28 Nov 2007)</em></p>
<ul class="simple">
<li>Another round of updates to the DRBD 8 code to deal with more failures
in the replace secondary node operation</li>
<li>Some more logging of failures in disk operations (lvm, drbd)</li>
<li>A few documentation updates</li>
<li>QA updates</li>
</ul>
</div>
<div class="section" id="version-1-2-beta2">
<h2>Version 1.2 beta2<a class="headerlink" href="#version-1-2-beta2" title="Permalink to this headline"></a></h2>
<p><em>(Released Tue, 13 Nov 2007)</em></p>
<ul class="simple">
<li>Change configuration file format from Python’s Pickle to JSON.
Upgrading is possible using the cfgupgrade utility.</li>
<li>Add support for DRBD 8.0 (new disk template <code class="docutils literal"><span class="pre">drbd</span></code>) which allows for
faster replace disks and is more stable (DRBD 8 has many improvements
compared to DRBD 0.7)</li>
<li>Added command line tags support (see man pages for <code class="docutils literal"><span class="pre">gnt-instance</span></code>,
<code class="docutils literal"><span class="pre">gnt-node</span></code>, <code class="docutils literal"><span class="pre">gnt-cluster</span></code>)</li>
<li>Added instance rename support</li>
<li>Added multi-instance startup/shutdown</li>
<li>Added cluster rename support</li>
<li>Added <code class="docutils literal"><span class="pre">gnt-node</span> <span class="pre">evacuate</span></code> to simplify some node operations</li>
<li>Added instance reboot operation that can speedup reboot as compared to
stop and start</li>
<li>Soften the requirement that hostnames are in FQDN format</li>
<li>The <code class="docutils literal"><span class="pre">ganeti-watcher</span></code> now activates drbd pairs after secondary node
reboots</li>
<li>Removed dependency on debian’s patched fping that uses the
non-standard <code class="docutils literal"><span class="pre">-S</span></code> option</li>
<li>Now the OS definitions are searched for in multiple, configurable
paths (easier for distros to package)</li>
<li>Some changes to the hooks infrastructure (especially the new
post-configuration update hook)</li>
<li>Other small bugfixes</li>
</ul>
</div>
</div>


          </div>
        </div>
      </div>
      <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
        <div class="sphinxsidebarwrapper">
  <h3><a href="index.html">Table Of Contents</a></h3>
  <ul>
<li><a class="reference internal" href="#">News</a><ul>
<li><a class="reference internal" href="#version-2-16-0-rc2">Version 2.16.0 rc2</a><ul>
<li><a class="reference internal" href="#changes-since-2-16-0-rc1">Changes since 2.16.0 rc1</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-16-0-rc1">Version 2.16.0 rc1</a><ul>
<li><a class="reference internal" href="#incompatible-important-changes">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#new-features">New features</a></li>
<li><a class="reference internal" href="#new-dependencies">New dependencies</a></li>
<li><a class="reference internal" href="#changes-since-beta2">Changes since beta2</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-16-0-beta2">Version 2.16.0 beta2</a><ul>
<li><a class="reference internal" href="#changes-since-beta1">Changes since beta1</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-16-0-beta1">Version 2.16.0 beta1</a></li>
<li><a class="reference internal" href="#version-2-15-2">Version 2.15.2</a><ul>
<li><a class="reference internal" href="#important-changes-and-security-notes">Important changes and security notes</a></li>
<li><a class="reference internal" href="#minor-changes">Minor changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-15-1">Version 2.15.1</a><ul>
<li><a class="reference internal" href="#id1">New features</a></li>
<li><a class="reference internal" href="#bugfixes">Bugfixes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-15-0">Version 2.15.0</a><ul>
<li><a class="reference internal" href="#id2">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#id3">New features</a></li>
<li><a class="reference internal" href="#id4">New dependencies</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-15-0-rc1">Version 2.15.0 rc1</a><ul>
<li><a class="reference internal" href="#known-issues">Known issues:</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-15-0-beta1">Version 2.15.0 beta1</a></li>
<li><a class="reference internal" href="#version-2-14-2">Version 2.14.2</a><ul>
<li><a class="reference internal" href="#id5">Important changes and security notes</a></li>
<li><a class="reference internal" href="#id6">Minor changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-14-1">Version 2.14.1</a><ul>
<li><a class="reference internal" href="#id7">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#other-changes">Other Changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-14-0">Version 2.14.0</a><ul>
<li><a class="reference internal" href="#id8">New features</a></li>
<li><a class="reference internal" href="#id9">New dependencies</a></li>
<li><a class="reference internal" href="#id10">Known issues</a></li>
<li><a class="reference internal" href="#since-2-14-0-rc1">Since 2.14.0 rc1</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-14-0-rc2">Version 2.14.0 rc2</a><ul>
<li><a class="reference internal" href="#id11">Since 2.14.0 rc1</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-14-0-rc1">Version 2.14.0 rc1</a><ul>
<li><a class="reference internal" href="#since-2-14-0-beta2">Since 2.14.0 beta2</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-14-0-beta2">Version 2.14.0 beta2</a><ul>
<li><a class="reference internal" href="#since-2-14-0-beta1">Since 2.14.0 beta1</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-14-0-beta1">Version 2.14.0 beta1</a></li>
<li><a class="reference internal" href="#version-2-13-3">Version 2.13.3</a><ul>
<li><a class="reference internal" href="#id12">Important changes and security notes</a></li>
<li><a class="reference internal" href="#id13">Minor changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-13-2">Version 2.13.2</a><ul>
<li><a class="reference internal" href="#id14">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#other-fixes-and-known-issues">Other fixes and known issues</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-13-1">Version 2.13.1</a><ul>
<li><a class="reference internal" href="#id15">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#id16">Other fixes and known issues</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-13-0">Version 2.13.0</a><ul>
<li><a class="reference internal" href="#id17">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#id18">New features</a></li>
<li><a class="reference internal" href="#id19">New dependencies</a></li>
<li><a class="reference internal" href="#since-2-13-0-rc1">Since 2.13.0 rc1</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-13-0-rc1">Version 2.13.0 rc1</a><ul>
<li><a class="reference internal" href="#since-2-13-0-beta1">Since 2.13.0 beta1</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-13-0-beta1">Version 2.13.0 beta1</a></li>
<li><a class="reference internal" href="#version-2-12-6">Version 2.12.6</a><ul>
<li><a class="reference internal" href="#id20">Important changes and security notes</a></li>
<li><a class="reference internal" href="#id21">Minor changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-12-5">Version 2.12.5</a><ul>
<li><a class="reference internal" href="#id22">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#fixed-and-improvements">Fixed and improvements</a></li>
<li><a class="reference internal" href="#id23">Known issues</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-12-4">Version 2.12.4</a><ul>
<li><a class="reference internal" href="#id24">Known issues</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-12-3">Version 2.12.3</a><ul>
<li><a class="reference internal" href="#id25">Known issues</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-12-2">Version 2.12.2</a><ul>
<li><a class="reference internal" href="#id26">Known issues</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-12-1">Version 2.12.1</a></li>
<li><a class="reference internal" href="#version-2-12-0">Version 2.12.0</a><ul>
<li><a class="reference internal" href="#id27">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#id28">New features</a></li>
<li><a class="reference internal" href="#id29">New dependencies</a></li>
<li><a class="reference internal" href="#incomplete-features">Incomplete features</a></li>
<li><a class="reference internal" href="#id30">Known issues</a></li>
<li><a class="reference internal" href="#since-2-12-0-rc2">Since 2.12.0 rc2</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-12-0-rc2">Version 2.12.0 rc2</a><ul>
<li><a class="reference internal" href="#since-2-12-0-rc1">Since 2.12.0 rc1</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-12-0-rc1">Version 2.12.0 rc1</a><ul>
<li><a class="reference internal" href="#since-2-12-0-beta1">Since 2.12.0 beta1</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-12-0-beta1">Version 2.12.0 beta1</a></li>
<li><a class="reference internal" href="#version-2-11-8">Version 2.11.8</a><ul>
<li><a class="reference internal" href="#id31">Important changes and security notes</a></li>
<li><a class="reference internal" href="#id32">Minor changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-11-7">Version 2.11.7</a></li>
<li><a class="reference internal" href="#version-2-11-6">Version 2.11.6</a></li>
<li><a class="reference internal" href="#version-2-11-5">Version 2.11.5</a></li>
<li><a class="reference internal" href="#version-2-11-4">Version 2.11.4</a></li>
<li><a class="reference internal" href="#version-2-11-3">Version 2.11.3</a></li>
<li><a class="reference internal" href="#version-2-11-2">Version 2.11.2</a></li>
<li><a class="reference internal" href="#version-2-11-1">Version 2.11.1</a></li>
<li><a class="reference internal" href="#version-2-11-0">Version 2.11.0</a><ul>
<li><a class="reference internal" href="#id33">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#id34">New features</a></li>
<li><a class="reference internal" href="#id35">New dependencies</a></li>
<li><a class="reference internal" href="#since-2-11-0-rc1">Since 2.11.0 rc1</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-11-0-rc1">Version 2.11.0 rc1</a></li>
<li><a class="reference internal" href="#version-2-11-0-beta1">Version 2.11.0 beta1</a></li>
<li><a class="reference internal" href="#version-2-10-8">Version 2.10.8</a><ul>
<li><a class="reference internal" href="#id36">Important changes and security notes</a></li>
<li><a class="reference internal" href="#id37">Minor changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-10-7">Version 2.10.7</a></li>
<li><a class="reference internal" href="#version-2-10-6">Version 2.10.6</a></li>
<li><a class="reference internal" href="#version-2-10-5">Version 2.10.5</a></li>
<li><a class="reference internal" href="#version-2-10-4">Version 2.10.4</a></li>
<li><a class="reference internal" href="#version-2-10-3">Version 2.10.3</a></li>
<li><a class="reference internal" href="#version-2-10-2">Version 2.10.2</a></li>
<li><a class="reference internal" href="#version-2-10-1">Version 2.10.1</a></li>
<li><a class="reference internal" href="#version-2-10-0">Version 2.10.0</a><ul>
<li><a class="reference internal" href="#id38">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#id39">New features</a></li>
<li><a class="reference internal" href="#misc-changes">Misc changes</a></li>
<li><a class="reference internal" href="#id40">New dependencies</a></li>
<li><a class="reference internal" href="#since-2-10-0-rc3">Since 2.10.0 rc3</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-10-0-rc3">Version 2.10.0 rc3</a></li>
<li><a class="reference internal" href="#version-2-10-0-rc2">Version 2.10.0 rc2</a></li>
<li><a class="reference internal" href="#version-2-10-0-rc1">Version 2.10.0 rc1</a></li>
<li><a class="reference internal" href="#version-2-10-0-beta1">Version 2.10.0 beta1</a><ul>
<li><a class="reference internal" href="#id41">Known issues</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-9-7">Version 2.9.7</a><ul>
<li><a class="reference internal" href="#id42">Important changes and security notes</a></li>
<li><a class="reference internal" href="#id43">Minor changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-9-6">Version 2.9.6</a></li>
<li><a class="reference internal" href="#version-2-9-5">Version 2.9.5</a></li>
<li><a class="reference internal" href="#version-2-9-4">Version 2.9.4</a></li>
<li><a class="reference internal" href="#version-2-9-3">Version 2.9.3</a></li>
<li><a class="reference internal" href="#version-2-9-2">Version 2.9.2</a></li>
<li><a class="reference internal" href="#version-2-9-1">Version 2.9.1</a></li>
<li><a class="reference internal" href="#version-2-9-0">Version 2.9.0</a><ul>
<li><a class="reference internal" href="#id44">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#id45">New features</a></li>
<li><a class="reference internal" href="#id46">New dependencies</a></li>
<li><a class="reference internal" href="#since-2-9-0-rc3">Since 2.9.0 rc3</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-9-0-rc3">Version 2.9.0 rc3</a></li>
<li><a class="reference internal" href="#version-2-9-0-rc2">Version 2.9.0 rc2</a></li>
<li><a class="reference internal" href="#version-2-9-0-rc1">Version 2.9.0 rc1</a></li>
<li><a class="reference internal" href="#version-2-9-0-beta1">Version 2.9.0 beta1</a></li>
<li><a class="reference internal" href="#version-2-8-4">Version 2.8.4</a></li>
<li><a class="reference internal" href="#version-2-8-3">Version 2.8.3</a></li>
<li><a class="reference internal" href="#version-2-8-2">Version 2.8.2</a></li>
<li><a class="reference internal" href="#version-2-8-1">Version 2.8.1</a></li>
<li><a class="reference internal" href="#version-2-8-0">Version 2.8.0</a><ul>
<li><a class="reference internal" href="#id47">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#id48">New features</a></li>
<li><a class="reference internal" href="#id49">New dependencies</a></li>
<li><a class="reference internal" href="#since-2-8-0-rc3">Since 2.8.0 rc3</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-8-0-rc3">Version 2.8.0 rc3</a></li>
<li><a class="reference internal" href="#version-2-8-0-rc2">Version 2.8.0 rc2</a></li>
<li><a class="reference internal" href="#version-2-8-0-rc1">Version 2.8.0 rc1</a></li>
<li><a class="reference internal" href="#version-2-8-0-beta1">Version 2.8.0 beta1</a></li>
<li><a class="reference internal" href="#version-2-7-2">Version 2.7.2</a></li>
<li><a class="reference internal" href="#version-2-7-1">Version 2.7.1</a></li>
<li><a class="reference internal" href="#version-2-7-0">Version 2.7.0</a><ul>
<li><a class="reference internal" href="#id50">Incompatible/important changes</a></li>
<li><a class="reference internal" href="#id51">New features</a></li>
<li><a class="reference internal" href="#id52">Misc changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-7-0-rc3">Version 2.7.0 rc3</a></li>
<li><a class="reference internal" href="#version-2-7-0-rc2">Version 2.7.0 rc2</a></li>
<li><a class="reference internal" href="#version-2-7-0-rc1">Version 2.7.0 rc1</a></li>
<li><a class="reference internal" href="#version-2-7-0-beta3">Version 2.7.0 beta3</a></li>
<li><a class="reference internal" href="#version-2-7-0-beta2">Version 2.7.0 beta2</a></li>
<li><a class="reference internal" href="#version-2-7-0-beta1">Version 2.7.0 beta1</a></li>
<li><a class="reference internal" href="#version-2-6-2">Version 2.6.2</a></li>
<li><a class="reference internal" href="#version-2-6-1">Version 2.6.1</a></li>
<li><a class="reference internal" href="#version-2-6-0">Version 2.6.0</a><ul>
<li><a class="reference internal" href="#id53">New features</a><ul>
<li><a class="reference internal" href="#instance-run-status">Instance run status</a></li>
<li><a class="reference internal" href="#instance-policies-and-specs">Instance policies and specs</a></li>
<li><a class="reference internal" href="#instance-migration-behaviour">Instance migration behaviour</a></li>
<li><a class="reference internal" href="#instance-memory-ballooning">Instance memory ballooning</a></li>
<li><a class="reference internal" href="#instance-cpu-pinning">Instance CPU pinning</a></li>
<li><a class="reference internal" href="#disk-parameters">Disk parameters</a></li>
<li><a class="reference internal" href="#rados-block-device-support">Rados block device support</a></li>
<li><a class="reference internal" href="#master-ip-setup">Master IP setup</a></li>
<li><a class="reference internal" href="#spice-support">SPICE support</a></li>
<li><a class="reference internal" href="#ovf-converter">OVF converter</a></li>
<li><a class="reference internal" href="#confd-daemon-changes">Confd daemon changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#user-interface-changes">User interface changes</a></li>
<li><a class="reference internal" href="#api-changes">API changes</a></li>
<li><a class="reference internal" href="#compatibility">Compatibility</a></li>
<li><a class="reference internal" href="#internal-changes">Internal changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-6-0-rc4">Version 2.6.0 rc4</a></li>
<li><a class="reference internal" href="#version-2-6-0-rc3">Version 2.6.0 rc3</a></li>
<li><a class="reference internal" href="#version-2-6-0-rc2">Version 2.6.0 rc2</a></li>
<li><a class="reference internal" href="#version-2-6-0-rc1">Version 2.6.0 rc1</a></li>
<li><a class="reference internal" href="#version-2-6-0-beta2">Version 2.6.0 beta2</a></li>
<li><a class="reference internal" href="#version-2-6-0-beta1">Version 2.6.0 beta1</a></li>
<li><a class="reference internal" href="#version-2-5-2">Version 2.5.2</a></li>
<li><a class="reference internal" href="#version-2-5-1">Version 2.5.1</a></li>
<li><a class="reference internal" href="#version-2-5-0">Version 2.5.0</a><ul>
<li><a class="reference internal" href="#incompatible-important-changes-and-bugfixes">Incompatible/important changes and bugfixes</a></li>
<li><a class="reference internal" href="#id54">New features</a></li>
<li><a class="reference internal" href="#node-group-improvements">Node group improvements</a></li>
<li><a class="reference internal" href="#misc">Misc</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-5-0-rc6">Version 2.5.0 rc6</a></li>
<li><a class="reference internal" href="#version-2-5-0-rc5">Version 2.5.0 rc5</a></li>
<li><a class="reference internal" href="#version-2-5-0-rc4">Version 2.5.0 rc4</a></li>
<li><a class="reference internal" href="#version-2-5-0-rc3">Version 2.5.0 rc3</a></li>
<li><a class="reference internal" href="#version-2-5-0-rc2">Version 2.5.0 rc2</a></li>
<li><a class="reference internal" href="#version-2-5-0-rc1">Version 2.5.0 rc1</a></li>
<li><a class="reference internal" href="#version-2-5-0-beta3">Version 2.5.0 beta3</a></li>
<li><a class="reference internal" href="#version-2-5-0-beta2">Version 2.5.0 beta2</a></li>
<li><a class="reference internal" href="#version-2-5-0-beta1">Version 2.5.0 beta1</a></li>
<li><a class="reference internal" href="#version-2-4-5">Version 2.4.5</a></li>
<li><a class="reference internal" href="#version-2-4-4">Version 2.4.4</a></li>
<li><a class="reference internal" href="#version-2-4-3">Version 2.4.3</a></li>
<li><a class="reference internal" href="#version-2-4-2">Version 2.4.2</a></li>
<li><a class="reference internal" href="#version-2-4-1">Version 2.4.1</a></li>
<li><a class="reference internal" href="#version-2-4-0">Version 2.4.0</a></li>
<li><a class="reference internal" href="#version-2-4-0-rc3">Version 2.4.0 rc3</a></li>
<li><a class="reference internal" href="#version-2-4-0-rc2">Version 2.4.0 rc2</a></li>
<li><a class="reference internal" href="#version-2-4-0-rc1">Version 2.4.0 rc1</a><ul>
<li><a class="reference internal" href="#regressions-fixed-from-2-3">Regressions fixed from 2.3</a></li>
<li><a class="reference internal" href="#other-bugs-fixed">Other bugs fixed</a></li>
<li><a class="reference internal" href="#improvements">Improvements</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-4-0-beta1">Version 2.4.0 beta1</a><ul>
<li><a class="reference internal" href="#user-visible">User-visible</a></li>
<li><a class="reference internal" href="#integration">Integration</a></li>
<li><a class="reference internal" href="#remote-api">Remote API</a></li>
<li><a class="reference internal" href="#id55">Misc</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-3-1">Version 2.3.1</a></li>
<li><a class="reference internal" href="#version-2-3-1-rc1">Version 2.3.1 rc1</a></li>
<li><a class="reference internal" href="#version-2-3-0">Version 2.3.0</a></li>
<li><a class="reference internal" href="#version-2-3-0-rc1">Version 2.3.0 rc1</a></li>
<li><a class="reference internal" href="#version-2-3-0-rc0">Version 2.3.0 rc0</a></li>
<li><a class="reference internal" href="#version-2-2-2">Version 2.2.2</a></li>
<li><a class="reference internal" href="#version-2-2-1">Version 2.2.1</a></li>
<li><a class="reference internal" href="#version-2-2-1-rc1">Version 2.2.1 rc1</a></li>
<li><a class="reference internal" href="#version-2-2-1-rc0">Version 2.2.1 rc0</a></li>
<li><a class="reference internal" href="#version-2-2-0-1">Version 2.2.0.1</a></li>
<li><a class="reference internal" href="#version-2-2-0">Version 2.2.0</a></li>
<li><a class="reference internal" href="#version-2-2-0-rc2">Version 2.2.0 rc2</a></li>
<li><a class="reference internal" href="#version-2-2-0-rc1">Version 2.2.0 rc1</a></li>
<li><a class="reference internal" href="#version-2-2-0-rc0">Version 2.2.0 rc0</a></li>
<li><a class="reference internal" href="#version-2-2-0-beta0">Version 2.2.0 beta0</a></li>
<li><a class="reference internal" href="#version-2-1-8">Version 2.1.8</a></li>
<li><a class="reference internal" href="#version-2-1-7">Version 2.1.7</a></li>
<li><a class="reference internal" href="#version-2-1-6">Version 2.1.6</a></li>
<li><a class="reference internal" href="#version-2-1-5">Version 2.1.5</a></li>
<li><a class="reference internal" href="#version-2-1-4">Version 2.1.4</a></li>
<li><a class="reference internal" href="#version-2-1-3">Version 2.1.3</a><ul>
<li><a class="reference internal" href="#significant-features">Significant features</a></li>
<li><a class="reference internal" href="#id56">Other changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-1-2-1">Version 2.1.2.1</a></li>
<li><a class="reference internal" href="#version-2-1-2">Version 2.1.2</a><ul>
<li><a class="reference internal" href="#id57">Significant features</a></li>
<li><a class="reference internal" href="#id58">Other changes</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-1-1">Version 2.1.1</a><ul>
<li><a class="reference internal" href="#major-changes">Major changes</a></li>
<li><a class="reference internal" href="#bug-fixes">Bug fixes</a></li>
<li><a class="reference internal" href="#id59">New features</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-1-0">Version 2.1.0</a><ul>
<li><a class="reference internal" href="#details">Details</a></li>
</ul>
</li>
<li><a class="reference internal" href="#version-2-0-6">Version 2.0.6</a></li>
<li><a class="reference internal" href="#version-2-0-5">Version 2.0.5</a></li>
<li><a class="reference internal" href="#version-2-0-4">Version 2.0.4</a></li>
<li><a class="reference internal" href="#version-2-0-3">Version 2.0.3</a></li>
<li><a class="reference internal" href="#version-2-0-2">Version 2.0.2</a></li>
<li><a class="reference internal" href="#version-2-0-1">Version 2.0.1</a></li>
<li><a class="reference internal" href="#version-2-0-0">Version 2.0.0</a></li>
<li><a class="reference internal" href="#version-2-0-rc5">Version 2.0 rc5</a></li>
<li><a class="reference internal" href="#version-2-0-rc4">Version 2.0 rc4</a></li>
<li><a class="reference internal" href="#version-2-0-rc3">Version 2.0 rc3</a></li>
<li><a class="reference internal" href="#version-2-0-rc2">Version 2.0 rc2</a></li>
<li><a class="reference internal" href="#version-2-0-rc1">Version 2.0 rc1</a></li>
<li><a class="reference internal" href="#version-2-0-beta2">Version 2.0 beta2</a></li>
<li><a class="reference internal" href="#version-2-0-beta1">Version 2.0 beta1</a></li>
<li><a class="reference internal" href="#version-1-2-7">Version 1.2.7</a></li>
<li><a class="reference internal" href="#version-1-2-6">Version 1.2.6</a></li>
<li><a class="reference internal" href="#version-1-2-5">Version 1.2.5</a></li>
<li><a class="reference internal" href="#version-1-2-4">Version 1.2.4</a></li>
<li><a class="reference internal" href="#version-1-2-3">Version 1.2.3</a></li>
<li><a class="reference internal" href="#version-1-2-2">Version 1.2.2</a></li>
<li><a class="reference internal" href="#version-1-2-1">Version 1.2.1</a></li>
<li><a class="reference internal" href="#version-1-2-0">Version 1.2.0</a></li>
<li><a class="reference internal" href="#version-1-2-beta3">Version 1.2 beta3</a></li>
<li><a class="reference internal" href="#version-1-2-beta2">Version 1.2 beta2</a></li>
</ul>
</li>
</ul>

  <h4>Previous topic</h4>
  <p class="topless"><a href="move-instance.html"
                        title="previous chapter">Moving instances between clusters</a></p>
  <h4>Next topic</h4>
  <p class="topless"><a href="ovfconverter.html"
                        title="next chapter">OVF converter</a></p>
  <div role="note" aria-label="source link">
    <h3>This Page</h3>
    <ul class="this-page-menu">
      <li><a href="_sources/news.rst.txt"
            rel="nofollow">Show Source</a></li>
    </ul>
   </div>
<div id="searchbox" style="display: none" role="search">
  <h3>Quick search</h3>
    <form class="search" action="search.html" method="get">
      <div><input type="text" name="q" /></div>
      <div><input type="submit" value="Go" /></div>
      <input type="hidden" name="check_keywords" value="yes" />
      <input type="hidden" name="area" value="default" />
    </form>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
        </div>
      </div>
      <div class="clearer"></div>
    </div>
    <div class="related" role="navigation" aria-label="related navigation">
      <h3>Navigation</h3>
      <ul>
        <li class="right" style="margin-right: 10px">
          <a href="ovfconverter.html" title="OVF converter"
             >next</a></li>
        <li class="right" >
          <a href="move-instance.html" title="Moving instances between clusters"
             >previous</a> |</li>
        <li class="nav-item nav-item-0"><a href="index.html">Ganeti 2.16.0~rc2 documentation</a> &#187;</li> 
      </ul>
    </div>
    <div class="footer" role="contentinfo">
        &#169; Copyright 2018, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Google Inc..
      Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.6.7.
    </div>
  </body>
</html>