Ceph-announce July 2018

ceph-announce@ceph.io

2 participants
4 discussions

by Sage Weil

This is the first bugfix release of the Mimic v13.2.x long term stable release series. This release contains many fixes across all components of Ceph, including a few security fixes. We recommend that all users upgrade. Notable Changes -------------- * CVE 2018-1128: auth: cephx authorizer subject to replay attack (issue#24836 http://tracker.ceph.com/issues/24836, Sage Weil) * CVE 2018-1129: auth: cephx signature check is weak (issue#24837 http://tracker.ceph.com/issues/24837, Sage Weil) * CVE 2018-10861: mon: auth checks not correct for pool ops (issue#24838 * <http://tracker.ceph.com/issues/24838, Jason Dillaman) For more details and links to various issues and pull requests, please refer to the ceph release blog at https://ceph.com/releases/13-2-1-mimic-released Changelog --------- * bluestore: common/hobject: improved hash calculation for hobject_t etc (pr#22777, Adam Kupczyk, Sage Weil) * bluestore,core: mimic: os/bluestore: don't store/use path_block.{db,wal} from meta (pr#22477, Sage Weil, Alfredo Deza) * bluestore: os/bluestore: backport 24319 and 24550 (issue#24550, issue#24502, issue#24319, issue#24581, pr#22649, Sage Weil) * bluestore: os/bluestore: fix incomplete faulty range marking when doing compression (pr#22910, Igor Fedotov) * bluestore: spdk: fix ceph-osd crash when activate SPDK (issue#24472, issue#24371, pr#22684, tone-zhang) * build/ops: build/ops: ceph.git has two different versions of dpdk in the source tree (issue#24942, issue#24032, pr#23070, Kefu Chai) * build/ops: build/ops: install-deps.sh fails on newest openSUSE Leap (issue#25065, pr#23178, Kyr Shatskyy) * build/ops: build/ops: Mimic build fails with -DWITH_RADOSGW=0 (issue#24766, pr#22851, Dan Mick) * build/ops: cmake: enable RTTI for both debug and release RocksDB builds (pr#22299, Igor Fedotov) * build/ops: deb/rpm: add python-six as build-time and run-time dependency (issue#24885, pr#22948, Nathan Cutler, Kefu Chai) * build/ops: deb,rpm: fix block.db symlink ownership (pr#23246, Sage Weil) * build/ops: include: fix build with older clang (OSX target) (pr#23049, Christopher Blum) * build/ops: include: fix build with older clang (pr#23034, Kefu Chai) * build/ops,rbd: build/ops: order rbdmap.service before remote-fs-pre.target (issue#24713, issue#24734, pr#22843, Ilya Dryomov) * cephfs: cephfs: allow prohibiting user snapshots in CephFS (issue#24705, issue#24284, pr#22812, "Yan, Zheng") * cephfs: cephfs-journal-tool: Fix purging when importing an zero-length journal (issue#24861, pr#22981, yupeng chen, zhongyan gu) * cephfs: client: fix bug #24491 _ll_drop_pins may access invalid iterator (issue#24534, pr#22791, Liu Yangkuan) * cephfs: client: update inode fields according to issued caps (issue#24539, issue#24269, pr#22819, "Yan, Zheng") * cephfs: common/DecayCounter: set last_decay to current time when decoding dec… (issue#24440, issue#24537, pr#22816, Zhi Zhang) * cephfs,core: mon/MDSMonitor: do not send redundant MDS health messages to cluster log (issue#24308, issue#24330, pr#22265, Sage Weil) * cephfs: mds: add magic to header of open file table (issue#24541, issue#24240, pr#22841, "Yan, Zheng") * cephfs: mds: low wrlock efficiency due to dirfrags traversal (issue#24704, issue#24467, pr#22884, Xuehan Xu) * cephfs: PurgeQueue sometimes ignores Journaler errors (issue#24533, issue#24703, pr#22810, John Spray) * cephfs,rbd: osdc: Fix the wrong BufferHead offset (issue#24583, pr#22869, dongdong tao) * cephfs: repeated eviction of idle client until some IO happens (issue#24052, issue#24296, pr#22550, "Yan, Zheng") * cephfs: test gets ENOSPC from bluestore block device (issue#24238, issue#24913, issue#24899, issue#24758, pr#22835, Patrick Donnelly, Sage Weil) * cephfs,tests: pjd: cd: too many arguments (issue#24310, pr#22882, Neha Ojha) * cephfs,tests: qa: client socket inaccessible without sudo (issue#24872, issue#24904, pr#23030, Patrick Donnelly) * cephfs,tests: qa: fix ffsb cd argument (issue#24719, issue#24829, issue#24680, issue#24579, pr#22956, Yan, Zheng, Patrick Donnelly) * cephfs,tests: qa/suites: Add supported-random-distro$ links (issue#24706, issue#24138, pr#22700, Warren Usui) * ceph-volume describe better the options for migrating away from ceph-disk (pr#22514, Alfredo Deza) * ceph-volume dmcrypt and activate --all documentation updates (pr#22529, Alfredo Deza) * ceph-volume: error on commands that need ceph.conf to operate (issue#23941, pr#22747, Andrew Schoen) * ceph-volume expand on the LVM API to create multiple LVs at different sizes (pr#22508, Alfredo Deza) * ceph-volume initial take on auto sub-command (pr#22515, Alfredo Deza) * ceph-volume lvm.activate Do not search for a MON configuration (pr#22398, Wido den Hollander) * ceph-volume lvm.common use destroy-new, doesn't need admin keyring (issue#24585, pr#22900, Alfredo Deza) * ceph-volume: provide a nice errror message when missing ceph.conf (pr#22832, Andrew Schoen) * ceph-volume tests destroy osds on monitor hosts (pr#22507, Alfredo Deza) * ceph-volume tests do not include admin keyring in OSD nodes (pr#22425, Alfredo Deza) * ceph-volume tests.functional install new ceph-ansible dependencies (pr#22535, Alfredo Deza) * ceph-volume: tests/functional run lvm list after OSD provisioning (issue#24961, pr#23148, Alfredo Deza) * ceph-volume tests/functional use Ansible 2.6 (pr#23244, Alfredo Deza) * ceph-volume: unmount lvs correctly before zapping (issue#24796, pr#23127, Andrew Schoen) * cmake: bump up the required boost version to 1.67 (pr#22412, Kefu Chai) * common: common: Abort in OSDMap::decode() during qa/standalone/erasure-code/test-erasure-eio.sh (issue#24865, issue#23492, pr#23024, Sage Weil) * common: common: fix typo in rados bench write JSON output (issue#24292, issue#24199, pr#22406, Sandor Zeestraten) * common,core: common: partially revert 95fc248 to make get_process_name work (issue#24123, issue#24215, pr#22311, Mykola Golub) * common: osd: Change osd_skip_data_digest default to false and make it LEVEL_DEV (pr#23084, Sage Weil, David Zafman) * common: tell ... config rm <foo> not idempotent (issue#24468, issue#24408, pr#22552, Sage Weil) * core: bluestore: flush_commit is racy (issue#24261, issue#21480, pr#22382, Sage Weil) * core: ceph osd safe-to-destroy crashes the mgr (issue#24708, issue#23249, pr#22805, Sage Weil) * core: change default filestore_merge_threshold to -10 (issue#24686, issue#24747, pr#22813, Douglas Fuller) * core: common/hobject: improved hash calculation (pr#22722, Adam Kupczyk) * core: cosbench stuck at booting cosbench driver (issue#24473, pr#22887, Neha Ojha) * core: librados: fix buffer overflow for aio_exec python binding (issue#24475, pr#22707, Aleksei Gutikov) * core: mon: enable level_compaction_dynamic_level_bytes for rocksdb (issue#24375, issue#24361, pr#22361, Kefu Chai) * core: mon/MgrMonitor: change 'unresponsive' message to info level (issue#24246, issue#24222, pr#22333, Sage Weil) * core: mon/OSDMonitor: no_reply on MOSDFailure messages (issue#24322, issue#24350, pr#22297, Sage Weil) * core: os/bluestore: firstly delete db then delete bluefs if open db met error (pr#22525, Jianpeng Ma) * core: os/bluestore: fix races on SharedBlob::coll in ~SharedBlob (issue#24859, issue#24887, pr#23065, Radoslaw Zarzynski) * core: osd: choose_acting loop (issue#24383, issue#24618, pr#22889, Neha Ojha) * core: osd: do not blindly roll forward to log.head (issue#24597, pr#22997, Sage Weil) * core: osd: eternal stuck PG in 'unfound_recovery' (issue#24500, issue#24373, pr#22545, Sage Weil) * core: osd: fix deep scrub with osd_skip_data_digest=true (default) and blue… (issue#24922, issue#24958, pr#23094, Sage Weil) * core: osd: fix getting osd maps on initial osd startup (pr#22651, Paul Emmerich) * core: osd: increase default hard pg limit (issue#24355, pr#22621, Josh Durgin) * core: osd: may get empty info at recovery (issue#24771, issue#24588, pr#22861, Sage Weil) * core: osd/PrimaryLogPG: rebuild attrs from clients (issue#24768, issue#24805, pr#22960, Sage Weil) * core: osd: retry to read object attrs at EC recovery (issue#24406, pr#22394, xiaofei cui) * core: osd/Session: fix invalid iterator dereference in Sessoin::have_backoff() (issue#24486, issue#24494, pr#22730, Sage Weil) * core: PG: add custom_reaction Backfilled and release reservations after bac… (issue#24332, pr#22559, Neha Ojha) * core: set correctly shard for existed Collection (issue#24769, issue#24761, pr#22859, Jianpeng Ma) * core,tests: Bring back diff -y for non-FreeBSD (issue#24738, issue#24470, pr#22826, Sage Weil, David Zafman) * core,tests: ceph_test_rados_api_misc: fix LibRadosMiscPool.PoolCreationRace (issue#24204, issue#24150, pr#22291, Sage Weil) * core,tests: qa/workunits/suites/blogbench.sh: use correct dir name (pr#22775, Neha Ojha) * core,tests: Wip scrub omap (issue#24366, issue#24381, pr#22374, David Zafman) * core,tools: ceph-detect-init: stop using platform.linux_distribution (issue#18163, pr#21523, Nathan Cutler) * core: ValueError: too many values to unpack due to lack of subdir (issue#24617, pr#22888, Neha Ojha) * doc: ceph-bluestore-tool manpage not getting rendered correctly (issue#25062, issue#24800, pr#23176, Nathan Cutler) * doc: doc: update experimental features - snapshots (pr#22803, Jos Collin) * doc: fix the links in releases/schedule.rst (pr#22372, Kefu Chai) * doc: [mimic] doc/cephfs: remove lingering "experimental" note about multimds (pr#22854, John Spray) * lvm: when osd creation fails log the exception (issue#24456, pr#22640, Andrew Schoen) * mgr/dashboard: Fix bug when creating S3 keys (pr#22468, Volker Theile) * mgr/dashboard: fix lint error caused by codelyzer update (pr#22713, Tiago Melo) * mgr/dashboard: Fix some datatable CSS issues (pr#22274, Volker Theile) * mgr/dashboard: Float numbers incorrectly formatted (issue#24081, issue#24707, pr#22886, Stephan Müller, Tiago Melo) * mgr/dashboard: Missing breadcrumb on monitor performance counters page (issue#24764, pr#22849, Ricardo Marques, Tiago Melo) * mgr/dashboard: Replace Pool with Pools (issue#24699, pr#22807, Lenz Grimmer) * mgr: mgr/dashboard: Listen on port 8443 by default and not 8080 (pr#22449, Wido den Hollander) * mgr,mon: exception for dashboard in config-key warning (pr#22770, John Spray) * mgr,pybind: Python bindings use iteritems method which is not Python 3 compatible (issue#24803, issue#24779, pr#22917, Nathan Cutler) * mgr: Sync up ceph-mgr prometheus related changes (pr#22341, Boris Ranto) * mon: don't require CEPHX_V2 from mons until nautilus (pr#23233, Sage Weil) * mon/OSDMonitor: Respect paxos_propose_interval (pr#22268, Xiaoxi CHEN) * osd: forward-port osd_distrust_data_digest from luminous (pr#23184, Sage Weil) * osd/OSDMap: fix CEPHX_V2 osd requirement to nautilus, not mimic (pr#23250, Sage Weil) * qa/rgw: disable testing on ec-cache pools (issue#23965, pr#23096, Casey Bodley) * qa/suites/upgrade/mimic-p2p: allow target version to apply (pr#23262, Sage Weil) * qa/tests: added supported distro for powercycle suite (pr#22224, Yuri Weinstein) * qa/tests: changed distro symlink to point to new way using supported OSes (pr#22653, Yuri Weinstein) * rbd: librbd: deep_copy: resize head object map if needed (issue#24499, issue#24399, pr#22768, Mykola Golub) * rbd: librbd: fix crash when opening nonexistent snapshot (issue#24637, issue#24698, pr#22943, Mykola Golub) * rbd: librbd: force 'invalid object map' flag on-disk update (issue#24496, issue#24434, pr#22754, Mykola Golub) * rbd: librbd: utilize the journal disabled policy when removing images (issue#24388, issue#23512, pr#22662, Jason Dillaman) * rbd: Prevent the use of internal feature bits from outside cls/rbd (issue#24165, issue#24203, pr#22222, Jason Dillaman) * rbd: rbd-mirror daemon failed to stop on active/passive test case (issue#24390, pr#22667, Jason Dillaman) * rbd: [rbd-mirror] entries_behind_master will not be zero after mirror over (issue#24391, issue#23516, pr#22549, Jason Dillaman) * rbd: rbd-mirror simple image map policy doesn't always level-load instances (issue#24519, issue#24161, pr#22892, Venky Shankar) * rbd: rbd trash purge --threshold should support data pool (issue#24476, issue#22872, pr#22891, Mahati Chamarthy) * rbd,tests: qa: krbd_exclusive_option.sh: bump lock_timeout to 60 seconds (issue#25081, pr#23209, Ilya Dryomov) * rbd: yet another case when deep copying a clone may result in invalid object map (issue#24596, issue#24545, pr#22894, Mykola Golub) * rgw: cls_bucket_list fails causes cascading osd crashes (issue#24631, issue#24117, pr#22927, Yehuda Sadeh) * rgw: multisite: RGWSyncTraceNode released twice and crashed in reload (issue#24432, issue#24619, pr#22926, Tianshan Qu) * rgw: objects in cache never refresh after rgw_cache_expiry_interval (issue#24346, issue#24385, pr#22643, Casey Bodley) * rgw: add configurable AWS-compat invalid range get behavior (issue#24317, issue#24352, pr#22590, Matt Benjamin) * rgw: Admin OPS Api overwrites email when user is modified (issue#24253, pr#22523, Volker Theile) * rgw: fix gc may cause a large number of read traffic (issue#24807, issue#24767, pr#22941, Xin Liao) * rgw: have a configurable authentication order (issue#23089, issue#24547, pr#22842, Abhishek Lekshmanan) * rgw: index complete miss zones_trace set (issue#24701, issue#24590, pr#22818, Tianshan Qu) * rgw: Invalid Access-Control-Request-Request may bypass validate_cors_rule_method (issue#24809, issue#24223, pr#22935, Jeegn Chen) * rgw: meta and data notify thread miss stop cr manager (issue#24702, issue#24589, pr#22821, Tianshan Qu) * rgw:-multisite: endless loop in RGWBucketShardIncrementalSyncCR (issue#24700, issue#24603, pr#22815, cfanz) * rgw: performance regression for luminous 12.2.4 (issue#23379, issue#24633, pr#22929, Mark Kogan) * rgw: radogw-admin reshard status command should print text for reshar… (issue#24834, issue#23257, pr#23021, Orit Wasserman) * rgw: "radosgw-admin objects expire" always returns ok even if the pro… (issue#24831, issue#24592, pr#23001, Zhang Shaowen) * rgw: require --yes-i-really-mean-it to run radosgw-admin orphans find (issue#24146, issue#24843, pr#22986, Matt Benjamin) * rgw: REST admin metadata API paging failure bucket & bucket.instance: InvalidArgument (issue#23099, issue#24813, pr#22933, Matt Benjamin) * rgw: set cr state if aio_read err return in RGWCloneMetaLogCoroutine:state_send_rest_request (issue#24566, issue#24783, pr#22880, Tianshan Qu) * rgw: test/rgw: fix for bucket checkpoints (issue#24212, issue#24313, pr#22466, Casey Bodley) * rgw,tests: add unit test for cls bi list command (issue#24736, issue#24483, pr#22845, Orit Wasserman) * tests: mimic - qa/tests: Set ansible-version: 2.4 (issue#24926, pr#23122, Yuri Weinstein) * tests: osd sends op_reply out of order (issue#25010, pr#23136, Neha Ojha) * tests: qa/tests - added overrides stanza to allow runs on ovh on rhel OS (pr#23156, Yuri Weinstein) * tests: qa/tests - added skeleton for mimic point to point upgrades testing (pr#22697, Yuri Weinstein) * tests: qa/tests: fix supported distro lists for ceph-deploy (pr#23017, Vasu Kulkarni) * tests: qa: wait longer for osd to flush pg stats (issue#24321, pr#22492, Kefu Chai) * tests: tests: Health check failed: 1 MDSs report slow requests (MDS_SLOW_REQUEST) in powercycle (issue#25034, pr#23154, Neha Ojha) * tests: tests: make test_ceph_argparse.py pass on py3-only systems (issue#24825, issue#24816, pr#22988, Nathan Cutler) * tests: upgrade/luminous-x: whitelist REQUEST_SLOW for rados_mon_thrash (issue#25056, issue#25051, pr#23164, Nathan Cutler) Getting ceph: * Git at git://github.com/ceph/ceph.git * Tarball at http://download.ceph.com/tarballs/ceph-13.2.1.tar.gz * For packages, see http://docs.ceph.com/docs/master/install/get-packages/ * Release git sha1: 5533ecdc0fda920179d7ad84e0aa65a127b20d77

5 years, 8 months

v12.2.7 Luminous released

by Abhishek Lekshmanan

This is the seventh bugfix release of Luminous v12.2.x long term stable release series. This release contains several fixes for regressions in the v12.2.6 and v12.2.5 releases. We recommend that all users upgrade. *NOTE* The v12.2.6 release has serious known regressions, while 12.2.6 wasn't formally announced in the mailing lists or blog, the packages were built and available on download.ceph.com since last week. If you installed this release, please see the upgrade procedure below. *NOTE* The v12.2.5 release has a potential data corruption issue with erasure coded pools. If you ran v12.2.5 with erasure coding, please see below. The full blog post alongwith the complete changelog is published at the official ceph blog at https://ceph.com/releases/12-2-7-luminous-released/ Upgrading from v12.2.6 ---------------------- v12.2.6 included an incomplete backport of an optimization for BlueStore OSDs that avoids maintaining both the per-object checksum and the internal BlueStore checksum. Due to the accidental omission of a critical follow-on patch, v12.2.6 corrupts (fails to update) the stored per-object checksum value for some objects. This can result in an EIO error when trying to read those objects. #. If your cluster uses FileStore only, no special action is required. This problem only affects clusters with BlueStore. #. If your cluster has only BlueStore OSDs (no FileStore), then you should enable the following OSD option:: osd skip data digest = true This will avoid setting and start ignoring the full-object digests whenever the primary for a PG is BlueStore. #. If you have a mix of BlueStore and FileStore OSDs, then you should enable the following OSD option:: osd distrust data digest = true This will avoid setting and start ignoring the full-object digests in all cases. This weakens the data integrity checks for FileStore (although those checks were always only opportunistic). If your cluster includes BlueStore OSDs and was affected, deep scrubs will generate errors about mismatched CRCs for affected objects. Currently the repair operation does not know how to correct them (since all replicas do not match the expected checksum it does not know how to proceed). These warnings are harmless in the sense that IO is not affected and the replicas are all still in sync. The number of affected objects is likely to drop (possibly to zero) on their own over time as those objects are modified. We expect to include a scrub improvement in v12.2.8 to clean up any remaining objects. Additionally, see the notes below, which apply to both v12.2.5 and v12.2.6. Upgrading from v12.2.5 or v12.2.6 --------------------------------- If you used v12.2.5 or v12.2.6 in combination with erasure coded pools, there is a small risk of corruption under certain workloads. Specifically, when: * An erasure coded pool is in use * The pool is busy with successful writes * The pool is also busy with updates that result in an error result to the librados user. RGW garbage collection is the most common example of this (it sends delete operations on objects that don't always exist.) * Some OSDs are reasonably busy. One known example of such load is FileStore splitting, although in principle any load on the cluster could also trigger the behavior. * One or more OSDs restarts. This combination can trigger an OSD crash and possibly leave PGs in a state where they fail to peer. Notably, upgrading a cluster involves OSD restarts and as such may increase the risk of encountering this bug. For this reason, for clusters with erasure coded pools, we recommend the following upgrade procedure to minimize risk: 1. Install the v12.2.7 packages. 2. Temporarily quiesce IO to cluster:: ceph osd pause 3. Restart all OSDs and wait for all PGs to become active. 4. Resume IO:: ceph osd unpause This will cause an availability outage for the duration of the OSD restarts. If this in unacceptable, an *more risky* alternative is to disable RGW garbage collection (the primary known cause of these rados operations) for the duration of the upgrade:: 1. Set ``rgw_enable_gc_threads = false`` in ceph.conf 2. Restart all radosgw daemons 3. Upgrade and restart all OSDs 4. Remove ``rgw_enable_gc_threads = false`` from ceph.conf 5. Restart all radosgw daemons Upgrading from other versions ----------------------------- If your cluster did not run v12.2.5 or v12.2.6 then none of the above issues apply to you and you should upgrade normally. v12.2.7 Changelog ----------------- * mon/AuthMonitor: improve error message (issue#21765, pr#22963, Douglas Fuller) * osd/PG: do not blindly roll forward to log.head (issue#24597, pr#22976, Sage Weil) * osd/PrimaryLogPG: rebuild attrs from clients (issue#24768 , pr#22962, Sage Weil) * osd: work around data digest problems in 12.2.6 (version 2) (issue#24922, pr#23055, Sage Weil) * rgw: objects in cache never refresh after rgw_cache_expiry_interval (issue#24346, pr#22369, Casey Bodley, Matt Benjamin) Notable changes in v12.2.6 Luminous =================================== :note: This is a broken release with serious known regressions. Do not install it. The release notes below are to help track the changes that went in 12.2.6 and hence a part of 12.2.7 - *Auth*: * In 12.2.4 and earlier releases, keyring caps were not checked for validity, so the caps string could be anything. As of 12.2.6, caps strings are validated and providing a keyring with an invalid caps string to, e.g., "ceph auth add" will result in an error. * CVE 2018-1128: auth: cephx authorizer subject to replay attack (issue#24836, Sage Weil) * CVE 2018-1129: auth: cephx signature check is weak (issue#24837, Sage Weil) * CVE 2018-10861: mon: auth checks not correct for pool ops (issue#24838, Jason Dillaman) - The config-key interface can store arbitrary binary blobs but JSON can only express printable strings. If binary blobs are present, the 'ceph config-key dump' command will show them as something like ``<<< binary blob of length N >>>``. The full changelog for 12.2.6 is published in the release blog. Getting ceph: * Git at git://github.com/ceph/ceph.git * Tarball at http://download.ceph.com/tarballs/ceph-12.2.7.tar.gz * For packages, see http://docs.ceph.com/docs/master/install/get-packages/ * Release git sha1: 3ec878d1e53e1aeb47a9f619c49d9e7c0aa384d5 -- Abhishek Lekshmanan SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)

5 years, 9 months

IMPORTANT: broken luminous 12.2.6 release in repo, do not upgrade

by Sage Weil

Hi everyone, tl;dr: Please avoid the 12.2.6 packages that are currently present on download.ceph.com. We will have a 12.2.7 published ASAP (probably Monday). If you do not use bluestore or erasure-coded pools, none of the issues affect you. Details: We built 12.2.6 and pushed it to the repos Wednesday, but as that was happening realized there was a potentially dangerous regression in 12.2.5[1] that an upgrade might exacerbate. While we sorted that issue out, several people noticed the updated version in the repo and upgraded. That turned up two other regressions[2][3]. We have fixes for those, but are working on an additional fix to make the damage from [3] be transparently repaired. More details: -- [1] http://tracker.ceph.com/issues/24597 -- This is actually a regression in 12.2.5 that affects erasure-coded pools. If there are (1) normal erasure code writes, and simultanously (2) erasure code writes that result in rados returning an error (for example, a delete of a non-existent object, which commonly happens when rgw is doing garbage collection), and (3) OSDs that are somewhat heavily loaded and then restart, then the bug might incorrectly roll-forward the in-progress EC operations. When the PG repeers this results in an OSD crash like src/os/filestore/FileStore.cc: 5524: FAILED assert(0 == "ERROR: source must exist") It seems to affect filestore and busy clusters with this specific workload. The OSDs recover once restarted. However, it is also unclear whether it damages the objects in question. For this reason, please avoid unnecessary OSD restarts if you are running 12.2.5 or 12.2.6. When we release 12.2.7, we will have an upgrade procedure in the release notes that quiesces RADOS IO to minimize the probability that this bug will affect you. If you do not have erasure-coded pools, this bug does not affect you. -- [2] https://tracker.ceph.com/issues/24903 -- ceph-volume has had a bug for a while that leaves the /var/lib/ceph/osd/*/block.db or block.wal symlinks for bluestore OSDs owned by root:root. This didn't matter because bluestore was ignoring these symlinks and using an internally stored value instead. Both of these were fixed/changed in 12.2.6. However, after upgrading and restarting, the symlink is still present in the /var/lib/ceph/osd/*/ tmpfs and the OSD won't restart. Rerunning ceph-volume will fix it, as will manually chown -h ceph:ceph /var/lib/ceph/osd/*/block*, or a reboot. 12.2.7 has a packaging fix to fixed this up on upgrade so there is no disruption. If you do not run bluestore, this bug does not affect you. -- [3] https://tracker.ceph.com/issues/23871 -- We modified the OSD recently to avoid storing full-object CRCs when bluestore is in use because those CRCs are redundant. There was a bug in this code that was later fixed in master. This code was backported to luminous, but the follow-on fix was missed. The result is that a sequence of - running 12.2.5 - deep-scrub (updates stored whole-object crc) - upgrade to 12.2.6 - writefull to existing (on 12.2.6) fails to clear the whole-object crc - read of full object -> crc mismatch which leads to an (incorrect) EIO error. We have fixed the original problem by backporting the missing fix. However, users who mistakenly installed 12.2.6 may have many objects with a mismatched whole-object crc. We are currently working on a fix to ignore the whole-object CRC if the same conditions are met that make us skip them entirely (i.e., running bluestore), and to clear/repair them on scrub. Once this is done, we'll push out 12.2.7. If you do not run bluestore, this bug does no affect you. We don't have an easy workaround for this one at the moment, unfortunately. Exciting week! Thanks everyone, sage

5 years, 9 months

v10.2.11 Jewel released

by Abhishek Lekshmanan

We're glad to announce v10.2.11 release of the Jewel stable release series. This point releases brings a number of important bugfixes and has a few important security fixes. This is most likely going to be the final Jewel release (shine on you crazy diamond). We thank everyone in the community for contributing towards this release and particularly want to thank Nathan and Yuri for their relentless efforts in backporting and testing this release. We recommend that all Jewel 10.2.x users upgrade. Notable Changes --------------- * CVE 2018-1128: auth: cephx authorizer subject to replay attack (issue#24836 http://tracker.ceph.com/issues/24836, Sage Weil) * CVE 2018-1129: auth: cephx signature check is weak (issue#24837 http://tracker.ceph.com/issues/24837, Sage Weil) * CVE 2018-10861: mon: auth checks not correct for pool ops (issue#24838 http://tracker.ceph.com/issues/24838, Jason Dillaman) * The RBD C API's rbd_discard method and the C++ API's Image::discard method now enforce a maximum length of 2GB. This restriction prevents overflow of the result code. * New OSDs will now use rocksdb for omap data by default, rather than leveldb. omap is used by RGW bucket indexes and CephFS directories, and when a single leveldb grows to 10s of GB with a high write or delete workload, it can lead to high latency when leveldb's single-threaded compaction cannot keep up. rocksdb supports multiple threads for compaction, which avoids this problem. * The CephFS client now catches failures to clear dentries during startup and refuses to start as consistency and untrimmable cache issues may develop. The new option client_die_on_failed_dentry_invalidate (default: true) may be turned off to allow the client to proceed (dangerous!). * In 10.2.10 and earlier releases, keyring caps were not checked for validity, so the caps string could be anything. As of 10.2.11, caps strings are validated and providing a keyring with an invalid caps string to, e.g., "ceph auth add" will result in an error. The changelog and the full release notes are at the release blog entry at https://ceph.com/releases/v10-2-11-jewel-released/ Getting Ceph ------------ * Git at git://github.com/ceph/ceph.git * Tarball at http://download.ceph.com/tarballs/ceph-10.2.11.tar.gz * For packages, see http://docs.ceph.com/docs/master/install/get-packages/ * Release git sha1: e4b061b47f07f583c92a050d9e84b1813a35671e Best, Abhishek -- SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)

5 years, 9 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

Ceph-announce July 2018