Ganeti v2.16.1

« Changelog History

Ganeti v2.16.1 Release Notes

• 🛠 This is a bugfix and compatibility release.

  Important changes

  ⚡️ Updated X.509 certificate signing algorithm

  🔒 Ganeti now uses the SHA-256 digest algorithm to sign all generated X.509 certificates used to secure the RPC communications between nodes. Previously, Ganeti was using SHA-1 which is seen as weak (but not broken) and has been deprecated by most vendors; most notably, OpenSSL — used by Ganeti on some setups — rejects SHA-1-signed certificates when configured to run on security level 2 and above.

  Users are advised to re-generate Ganeti's server and node certificates after installing 2.16.1 on all nodes using the following command:

    gnt-cluster renew-crypto --new-cluster-certificate
  

  On setups using RAPI and/or SPICE with Ganeti-generated certificates, --new-rapi-certificate and --new-spice-certificate should be appended to the command above.

  QEMU 3.1 compatibility

  👀 Previous versions of Ganeti used QEMU command line options that were removed in QEMU 3.1, leading to an inability to start KVM instances with QEMU 3.1. This version restores compatibility with QEMU 3.1 by adapting to these changes. This was done in a backwards-compatible way, however there is one special case: Users using VNC with X.509 support enabled will need to be running at least QEMU 2.5. See #1342 for details.

  🆕 Newer GHC support

  🏗 Ganeti 2.16.0 could only be built using GHC versions prior to 7.10, as GHC 7.10 and later versions introduced breaking API changes that made the build fail.

  🚀 This release introduces support for building with newer GHC versions: Ganeti is now known to build with GHC 8.0, 8.2 and 8.4. Furthermore, Ganeti can now be built with snap-server 1.0 as well as hinotify 0.3.10 and later. Previously supported versions of GHC and of these libraries remain supported.

  Misc changes

  🛠 Compatibility fixes:

  • 🛠 Fix initscript operation on systems with dpkg >= 1.19.4 (#1322) (@apoikos)
  • 👌 Support Sphinx versions later than 1.7 (#1333) (@YSelfTool)
  • 👮 Force KVM to use cache=none when aio=native is set; this is mandatory for QEMU versions later than 2.6 (#43) (@akosiaris)
  • 🖐 Handle the new output format of rbd showmapped introduced in Ceph Mimic (#1339) (@atta)
  • 👌 Support current versions of python-psutil (@gedia)
  • 🛠 Fix distcheck-hook with automake versions >= 1.15 (@apoikos )
  • 🛠 Fix cli tests with shelltestrunner versions >= 1.9 (@apoikos )

  🛠 Bugfixes:

  • Allow IPv6 addresses in the vnc_bind_address KVM hypervisor parameter (#1257) (@candlerb)
  • 🛠 Fix iproute2 invocation to accept dev as a valid interface name (#26) (@arnd)
  • Properly handle OpenVSwitch trunk ports without native VLANs (#1324) (@gedia)
  • 🛠 Fix virtio-net multiqueue support (#1268) (@gedia)
  • 👉 Make the ganeti-kvm-poweroff example script work on systems with systemd/sysv integration (#1288)
  • Avoid triggering the CPU affinity code when the instance's CPU mask is set to all, relaxing the runtime dependency on python-psutil (@calumcalder)

  🐎 Performance improvements:

  • ✅ Speed up Haskell test execution (@iustin)
  • ✅ Speed up Python test execution (@apoikos)

  📚 Documentation fixes:

  • 🛠 Fix a couple of typos in the gnt-instance man page (#1279) (@regnauld)
  • 🛠 Fix a typo in doc/install.rst (Igor Vuk)

  ✨ Enhancements:

  • 🔊 KVM process logs are now obtained and saved under /var/log/ganeti/kvm (@yiannist)

  ganeti-2.16.1.tar.gz checksums

  MD5: 3b40440ba0996a0466e129198c342da9 ganeti-2.16.1.tar.gz
  SHA1: 1831ca5389647df96a3edbe2494208f82999e2cb ganeti-2.16.1.tar.gz
  SHA256: 45a79592a912caaa5290411447f661d5b81e99ea555dc272f3459b1d727a557b ganeti-2.16.1.tar.gz
  

• All Versions
• Previous v2.16.0
• Next v2.16.2
• Latest Version