Unified Changelog file for Synnefo versions >= 0.13

Since v0.13 most of the Synnefo components have been merged into a single repository and have aligned versions.

v0.14.10

Released: Tue Nov 26 11:03:37 EET 2013

Cyclades

• This is the first release to support Ganeti 2.8. Support for older versions of Ganeti is dropped.
• Use Ganeti opportunistic locking to achive parallelized instance creations in the same backend. Add setting ‘GANETI_USE_OPPORTUNISTIC_LOCKING’ to enable the use of this feature.
• Fix warning message while getting object permissions to appear only when path is None and the object has permissions
• Add name to newly created NICs and the corresponding firewall tags.

v0.14.9

Released: Mon Nov 11 12:13:31 EET 2013

Astakos

• Astakos: Fix minor problems with logging in the Astakos module, which could lead to unexpected exceptions

v0.14.8

Released: Fri Nov 8 17:25:08 EET 2013

Synnefo-wide

• This is the first release to support Debian Wheezy along with Squeeze. You can mix and match nodes freely.
• Update Django dependency to Django>=1.2,<1.5. Django 1.4.5 is available for Squeeze through squeeze-backports.
• Since this version, Synnefo ships an example Gunicorn configuration file that is automatically installed at /etc/gunicorn.d/synnefo.example.

Cyclades

• On VM creation, pass the hashmap of the image (pithosmap://) instead of the image URL (pithos://). Access to the Pithos DB by Ganeti nodes is no longer required.
• Workaround race between server creation and server deletion. This will be fixed properly by updating Ganeti to support the ‘depends’ attribute for OP_INSTANCE_REMOVE.

Astakos

• For Shibboleth logins, store all attributes along with the user in the DB.

v0.14.7

Released: Wed Sep 18 17:50:12 EEST 2013

Cyclades

• Fix bug in helpdesk view

v0.14.6

Released: Wed Sep 18 16:18:58 EEST 2013

Pithos

• Substitute the PITHOS_BACKEND_QUOTA setting with two distinct settings: PITHOS_BACKEND_ACCOUNT_QUOTA & PITHOS_BACKEND_CONTAINER_QUOTA
• Set PITHOS_BACKEND_CONTAINER_QUOTA default value to 0 (unlimited)
• Fix bug that resulted in DB deadlocks.

Cyclades

• Fix bug in snf-dispatcher that resulted in servers to be deleted from the DB even if the corresponding Ganeti job failed.

Branding

• Add new BRANDING_FOOTER_EXTRA_MESSAGE setting.

v0.14.5

Released: Wed Aug 7 11:19:49 EEST 2013

Pithos

• Fix security issue with handling Pithos versions.

v0.14.4

Released: Mon Jul 29 12:24:22 EEST 2013

Pithos

• Fix bug in reconcile resources management command.

v0.14.3

Released: Thu Jul 25 12:22:47 EEST 2013

Synnefo-wide

• Use the SYNNEFO_TRACE environmental variable to control whether the greenlet tracing code will get loaded or not.
• Split the HIDDEN_COOKIES setting in HIDDEN_HEADERS and HIDDEN_COOKIES, and add the MAIL_MAX_LEN setting, to limit the mail size for unhandled exceptions.

v0.14.2

Released: Fri Jul 12 13:13:32 EEST 2013

Cyclades

• Add new setting PITHOS_BACKEND_POOL_SIZE, which configures the size of the pool of Pithos backends that are used by plankton.

v0.14

Released: Tue Jun 25 14:01:19 EEST 2013

Synnefo-wide

• Create ‘snf_django’ Python package to hold common code for all Synnefo components.
• Create a JSON-exportable definition document for each Synnefo Components (Astakos, Cyclades, Pithos, etc.) that consolidates APIs (services), resources, and other standardized properties (e.g. default URL prefixes).
• Standardize URLs for Synnefo Components, impose structure and naming conventions to related settings. Make each component deployable under a user-configurable <COMPONENT>_BASE_URL. Each API (compute, image, etc.) is deployable under a developer-configurable prefix beneath BASE_URL.
• Deprecate CLOUDBAR_ACTIVE_SERVICE setting from all apps.
• Common synnefo 404/500 templates (located in snf-webproject)

Astakos

• Redesign of the accounting system (quotaholder) and integration into Astakos.

  • Simplified the quotaholder model; removed tables Entity and Policy; now table Holding contains limit and usage for every holding.
  • Extended table Holding, so that we can keep track of quota for every valid combination of holder (e.g. user), resource, and source (e.g. the default system or some specific project).
  • Refactored code for issuing and resolving commissions for robustness; added a ‘force’ option to bypass the upper limit check when issuing a commission.
  • Simplified syncing to the quotaholder; removed fields from models Project and ProjectMembership, previously needed for syncing; removed state PROJECT_DEACTIVATED from ProjectMembership.
  • Removed settings ASTAKOS_QUOTAHOLDER_URL, ASTAKOS_QUOTAHOLDER_TOKEN, and ASTAKOS_QUOTAHOLDER_POOLSIZE.

• API-related changes:

  • Implemented API calls for quota, resources, and commissions.
  • Moved all API calls under ‘/account/v1.0’.
  • Implemented the keystone API call POST /tokens under ‘/identity/v2.0’.

• Service and resource specification and handling:

  • Specified a format for defining services along with the API endpoints and the resources they expose. Migrated internal resource name by prefixing it with service name (e.g. ‘vm’ becomes ‘cyclades.vm’); renamed registered service ‘pithos+’ to ‘pithos’.
  • Specified a procedure to register a Synnefo component, its services and their resources in astakos and set the resources’ default base quota limit. Removed resource definitions from settings.
  • Moved service and resource presentation data out of the respective db models into a separate file of UI constants.

• Converted the limit on pending applications from a setting to a quotable resource. Converted the related user setting to a user-specific base quota limit. Deprecated model UserSetting; removed setting ASTAKOS_PENDING_APPLICATION_LIMIT.

• Changes in locking strategy:

  • Lock only project’s chain for all project operations; lock user before syncing to quotaholder.
  • When locking multiple rows (e.g. users or holdings) include an ORDER BY clause in the query to impose ordering on locking.

• Changes in views:

  • Replaced custom transaction context with a simple decorator for managing transactions and a context ‘ExceptionHandler’, which logs and suppresses exceptions

• Added fine grain user auth provider’s policies.

  • Administrator can override default auth provider policies to a specific user or group of users.
  • Optionally a user can be assigned to a list of groups, based on the authentication method he choosed to signup.

• Removed explicit handling of SMTP errors on each email delivery. Exceptions are now propagated to base django exception handler.

• Email used in html/email tempaltes which prompt user to contact for service support prompts is now defined in CONTACT_EMAIL setting introduced in snf-common settings.

• Improvements in user activation flow

  • User moderation now takes place after the user has verified his email address.
  • User model enriched with additional user state fields
  • Split activation email from moderation process. Administrator is required to moderate user explicitly using the user-modify –accept or user-modify –reject commands.
  • Improved logging throught out user activation procedures.

• Remove deprecated AstakosUser model fields: provider, third_party_identifier

• Allow override of authentication provider messages using the following format in setting names: ASTAKOS_<PROVIDER_MODULE>_<MSGID>_MSG

• Cloudbar automatically tries to identify the active service based on window location.

• Removing authentication provider view is now CSRF protected.

• New API access view, containing useful information to users on how to access available Synnefo services API’s.

• Remove of ASTAKOS_*_EMAIL_SUBJECT settings. All email subjects are now defined in astakos.im.messages module. Overriding default values can be achieved using custom gettext files or using astakos messages settings:

  #change of greeting email subject
  ASTAKOS_GREETING_EMAIL_SUBJECT_MESSAGE = 'Welcome to my cloud'
  

• Remove ASTAKOS_ACTIVATION_REDIRECT_URL and ASTAKOS_LOGIN_SUCCESS_URL from astakos .conf file. Settings are dynamically computed based on ASTAKOS_BASE_URL.

• Management commands:

  • Introduced new commands:

    • authpolicy-{add, list, remove, set, show}
    • group-{add, list}
    • component-{add, list, modify, remove}
    • reconcile-resources-astakos
    • resource-{export-astakos, import, modify}
    • service-{export-astakos, import, show}

  • Renamed commands:

    • astakos-quota to quota
    • user-update to user-modify
    • full-cleanup to cleanup-full

  • Removed commands:

    • astakos-init
    • invitation-{details, list}
    • project-sync
    • resource-{add, remove}
    • service-{add, remove, token-renew, update}
    • user-invite
    • user-set-initial-quota (integrated its functionality in user-modify and quota)

  • Added quota and project-related information in user-show command; added membership information in project-show.

Cyclades

• Make ‘type’ attribute required for network create API request.
• Networks not created to all Ganeti backends upon creation, they are instead created to a backend only when a VM connects to the network.
• Add ‘CYCLADES_ASTAKOSCLIENT_POOLSIZE’ setting which tunes the size of the http connection pool to astakos.
• Remove ‘CYCLADES_USER_CATALOG_URL’ and ‘CYCLADES_USER_FEEDBACK_URL’ settings
• Remove CYCLADES_USE_QUOTAHOLDER, CYCLADES_QUOTAHOLDER_TOKEN, CYCLADES_QUOTAHOLDER_URL, CYCLADES_QUOTAHOLDER_POOLSIZE settings
• Rename ‘cyclades-usage-verify’ management command to ‘reconcile-resources-cyclades’. Also, remove ‘cyclades-usage-reset’ command, which is equivalent to ‘reconcile-resources-cyclades –fix’.
• Rename ‘cyclades-reconcile-commissions’ management command to ‘reconcile-commissions-cyclades’.
• Remove obsolete ‘MAX_VMS_PER_USER’, ‘MAX_NETWORKS_PER_USER’, “VMS_USER_QUOTA” and “NETWORKS_USER_QUOTA” settings, since their usage is covered by Quotaholder.
• Remove obsolete setting ‘API_ROOT_URL’, since it is being covered by the use of CYCLADES_BASE_URL* Remove obsolete setting ‘API_ROOT_URL’, since it is being covered by ‘CYCLADES_BASE_URL’.
• Remove obsolete settings GANETI_DISK_TEMPLATES and DEFAULT_GANETI_DISK_TEMPLATE

Cyclades helpdesk

• Additional start/stop vm action
• Display extend backend info in vm’s view
• Fixed IP lookup

Pithos

• Remove PITHOS_AUTHENTICATION_USERS setting, which was used to override astakos users.
• Remove ‘PITHOS_USER_CATALOG_URL’, ‘PITHOS_USER_FEEDBACK_URL’ and ‘PITHOS_USER_LOGIN_URL’ settings.
• Remove PITHOS_USE_QUOTAHOLDER, PITHOS_QUOTAHOLDER_URL, PITHOS_QUOTAHOLDER_TOKEN and PITHOS_ASTAKOSCLIENT_POOLSIZE

Tools

v0.13

Released: Wed Apr 10 18:52:50 EEST 2013

In v0.13 the code was very heavily refactored for increased uniformity since most of the Synnefo components have been merged into a single repository. Thus, just for this version we will not document a complete Changelog (features, fixes, improvements, issues, setting changes), but rather just copy from the NEWS file with minor additions wherever needed.

Synnefo-wide

• Support for pooling throughout Synnefo
  • Pooled Django DB connections, Pithos backend connections, HTTP connections using single objpool package
• Improved management commands
  • Unified codebase for output of tables in JSON, CSV
• Bring most of Synnefo code inside a single, unified repository
  • support automatic Python and Debian package builds for individual commits
  • with automatic version generation
• Overhauling of Synnefo settings: renames and refactoring, for increased uniformity (in progress)
• Deployment: Standardize on gunicorn, with gevent-based workers and use of Green threads throughout Synnefo
• Documentation: New scale-out guide, with distinct node roles, for mass Synnefo deployments

Astakos

• Support multiple authentication methods

  • Classic (username/password), Shibboleth, LDAP/Active Directory, Google, Twitter, LinkedIn
  • Users can enable/disable auth methods, and switch between them

• Introduce a UUID as a global identifier for users, throughout Synnefo

  • The UUID remains constant as the user enables/disables login methods

• Allow users to modify their email address freely

• Per-user, per-resource accounting mechanism (quotaholder)

• Full quota support, with per-user, per-resource quotas, based on quotaholder

• Projects: Users can create and join Projects

  • Projects grant extra resources to their members

• UI Enhancements for quotas and projects

  • distinct Usage tab, showing usage of individual resources
  • Project management UI
  • New Overview page

• refactored/improved /login endpoint used by desktop/mobile clients. * endpoint url is now exposed by weblogin service * clients should use unauthenticated identity/tokens api to resolve the

  endpoint url

  • view only allows redirects to pithos:// scheme urls
  • removed uuid from redirect parameters. Client should use authenticated request to identity/tokens to retrieve user uuid.

Cyclades

• Commission resources on quotaholder/Astakos
• Support mass creation of flavors
• Support for the ExtStorage disk template in Ganeti
• Query and report quotas in the UI
• Pass VM configuration parameters over a VM-side API (vmapi)
  • Do not pass sensitive data as Ganeti OS parameters
  • Keep sensitive data in memory caches (memcached) and never allow them to hit the disk
• Display additional backend information in helpdesk machines list
• Allow helpdesk users to search for an account using a known machine id
• Helpdesk actions are now logged using the synnefo’s common login infrastructure

UI

• Removed feedback endpoint. Feedback requests delegate to astakos feedback service. FEEDBACK_CONTACTS, FEEDBACK_EMAIL_FROM settings removed, and no longer used.
• UI_LOGIN_URL, UI_GLANCE_URL, COMPUTE_URL settings no longer required to be set and are dynamically computed based on ASTAKOS_BASE_URL and CYCLADES_BASE_URL settings.
• File group is no longer included in ssh keys personality metadata sent in create vm calls.

• Support storage of blocks on a RADOS backend, for Archipelago
  • new settings: PITHOS_RADOS_STORAGE, PITHOS_RADOS_POOL_BLOCKS, PITHOS_RADOS_POOL_MAPS
• X-Object-Public now contains full url (domain + proper component prefix + file path)
• Rewritten support for public URLs, with admin-selectable length
  • new settings: PITHOS_PUBLIC_URL_SECURITY, PITHOS_PUBLIC_URL_ALPHABET
• Enable pithos backend to use external quotaholder component
  • new settings: PITHOS_USE_QUOTAHOLDER, PITHOS_QUOTAHOLDER_URL, PITHOS_QUOTAHOLDER_TOKEN, PITHOS_QUOTAHOLDER_POOLSIZE
• Moderated version debiting mechanism
  • new setting: PITHOS_BACKEND_FREE_VERSIONING
• Proxy Astakos user-visible services
  • new settings: PITHOS_PROXY_USER_SERVICES, PITHOS_USER_CATALOG_URL, PITHOS_USER_FEEDBACK_URL, PITHOS_USER_LOGIN_URL

• Extend snf-burnin to include testing of Pithos functionality