Releases: ceph/ceph-csi
Ceph-CSI v3.4.0 Release
We are excited to announce another feature packed release of Ceph CSI , v3.4.0. This is another great step towards making it possible to use enhanced features of Container Storage Interface ( CSI) with Ceph Cluster in the backend. With this release, we have lifted many highly usable production features ( Snapshot, Clone, Metrics..etc) to its higher level of support. Also enhancements have been done on features like Encryption, Disaster Recovery, NBD mounter, Thick Provisioning..etc. Code improvements which increase performance on various CSI operations are also part of this release. With this release Ceph CSI make use of latest versions of kubernetes , sidecar containers, go ceph library which include many bug fixes and enhancements its own.
Changelog or Highlights:
Features:
Beta:
Below features have been lifted from its Alpha
support to Beta
- Snapshot creation and deletion
- Volume restore from snapshot
- Volume clone support
- Volume/PV Metrics of File Mode Volume
- Volume/PV Metrics of Block Mode Volume
Alpha:
- rbd-nbd volume mounter
Enhancement:
- Restore RBD snapshot to a different Pool
- Snapshot schedule support for RBD mirrored PVC
- Mirroring support for thick PVC
- Multi-Tenant support for vault encryption
- AmazonMetadata KMS provider support
- rbd-nbd volume healer support
- Locking enhancement for improving POD deletion performance
- Improvements in lock handling for snap and clone operations
- Better thick provisioning support
- Create CephFS subvolume with VolumeNamePrefix
- CephFS Subvolume path addition in PV object
- Consumption of go-ceph APIs for various CephFS controller and node operations.
- Resize of the RBD encrypted volume
- Better error handling for GRPC
- Golang profiling support for debugging
- Updated Kubernetes sidecar versions to the latest release
- Kubernetes dependency update to v1.21.2
- Create storageclass and secrets using helm charts
CI/E2E
- Expansion of RBD encrypted volumes
- Update and addition of new static golang tools
- Kubernetes v1.21 support
- Unit tests for SecretsKMS
- Test for Vault with ServiceAccount per Tenant
- E2E for user secret based metadata encryption
- Update rook.sh and Ceph cluster version in E2E
- Added RBD test for testing sc, secret via helm
- Update feature gates setting from minikube.sh
- Add CephFS test for sc, secret via helm
- Add e2e for static PVC without imageFeature parameter
- Make use of snapshot v1 API and client sets in e2e tests
- Validate thick-provisioned PVC-PVC cloning
- Adding retry support for various e2e failure scenarios
- Refactor KMS configuration and usage
Documentation
- Hashicorp Vault with a ServiceAccount per Tenant
- Added documentation for Disaster Recovery
- rbd-nbd mounter
- Updated helm chart doc
- Contribution guide update
Breaking Changes
None
Thanks to awesome Ceph CSI community for this great release 👍 🎉
Ceph CSI v3.2.2 Release
Changelog or Highlights:
Bug Fixes
Build
- Update ceph to 15.2.11 to fix CVE-2021-20288
Breaking Changes
None.
Ceph CSI v3.3.1 Release
Ceph CSI v3.3.0 Release
Changelog or Highlights:
Features:
Async DR
- A new volume replication protobuf and specification to achieve the Volume replication has been added with Ceph CSI driver.
Ceph CSI has implemented the required GRPC services ( EnableVolumeReplication, DisableVolumeReplication, PromoteVolume, DemoteVolume, ResyncVolume..etc) for volume replication. A new sidecar controller will be deployed as part of the RBD provisioner pod which will expose the CRD to a user to interact with the Ceph cluster for DR operations. When a User creates a CR with the PVC name, the new operator will get the required pvc and PV information and send a request to the ceph csi to perform the rbd async operation.
Encryption
-
Users will be able to configure AWS KMS for Ceph-CSI volume encryption. This makes it possible to have in-flight encrypted data, and securely stored volume contents on Ceph clusters outside of the control/responsibility of the Ceph-CSI deployer. With this addition
- users can enable volume encryption in a StorageClass
- the CMK configured in Amazon KMS will be used for encrypting/decrypting the DEKs
- the encrypted DEK for a volume will be stored in the volumes metadata
-
Snapshot and cloning on encrypted RBD PVCs are enabled.
Multus Support
- Added support for network namespaces (Multus CNI)
Enhancement:
- Update Kubernetes sidecars to latest releases
- Update go-ceph to the latest release
- The external snapshotter APIs are updated from v1beta1 to V1
- Proper reuse of go ceph cluster Connections are established with this release.
- Fixed many warnings/errors reported by static code analyzers
- CSI driver creates a CSIDriver object, Kubernetes users can easily discover the CSI Drivers installed on their cluster (simply by issuing kubectl get CSIDriver)
- E2E tests are added/updated with this release to make sure the stability of the code achieved on various use cases and also for new features.
- Build utilities and dependencies are updated to latest versions.
- CSI driver deployment yamls are updated and various helm chart fixes for snapshot controller deployment, RBAC permissions...etc are part of this release.
CI
- Make use of ceph users created in e2e
- Enhanced e2e logging for failure debugging
- Track deletion of PVC and PV more closely
- Error out in case deploying Hashicorp Vault fails
- Added e2e for snapshot retention case/scenario
- Updated feature gate settings from minikube
- Verify (non)existence of keys for VaultTokensKMS
- Pass namespace once in deletePodWithLabel()
- Use secret with "encryptionPassphrase" for RBD tests
Documentation
- Updated snapshot and clone documentation
- Updated Encryption documentation for new KMS provider support and for other enhancements
- Corrected various reference link issues on doc
- Upgrade documentation is updated for release 3.3
- Updated release matrix and compatibility docs
- Various cleanups and corrections in general.
Breaking Changes
None
NOTE:
Ceph CSI repo Master
branch has been renamed to Devel
Ceph CSI v3.2.1 Release
Ceph CSI v3.2.0 Release
Changelog or Highlights:
Features:
- Add new controller sidecar for omap regeneration
- In case of Disaster Recovery, the admin can restore the Kubernetes objects on the second cluster. if the RBD images
are available in the second cluster and admin as created a static binding between PVC and PV, the controller will
regenerate the omap data.
- In case of Disaster Recovery, the admin can restore the Kubernetes objects on the second cluster. if the RBD images
- Add support for map options in RBD Storageclass
- Add support for unmap options in RBD Storageclass
Enhancement:
- Update Kubernetes sidecars to latest releases
- Update go-ceph to the latest release
- Implement ceph fs CLI calls with go-ceph
- Use libopenstorage/secrets API for Hashicorp Vault
- Use luks2 for RBD encryption
- Standardize error logs in CephFS
- Add pod anti-affinity for provisioner Deployment
- Make kubelet path configurable for the helm charts
- Make CSI log level configurable for the helm charts
CI
- verify Snapshot and PVC cloning as part of upgrade testing
- Add GitHub actions for static checks
- Add GitHub actions multi-stage docker build
- Use local image mirroring for container images in CentOS CI
Documentation
- Document for ceph user capabilities
- Merge RBD/CephFS snapshot and clone document
- Upgrade document for v3.2.0
- Improve E2E guide
- Add CI commands to retrigger CI to developer guide and GitHub template
- Improved static PVC document
- Add steps to setup GIT hooks
Breaking Changes
None
Ceph CSI v3.1.2 Release
Changelog or Highlights:
Bug Fix:
CephFS
- Fix wrong error check in CreateVolume rollback action
- Fix issues in cephfs clone
- Check only the stderror message for umount
RBD
- Add minsnapshotsonimage flag to have a soft limit for flattening to create clones faster on a single rbd image.
Journal
- Fix reading omaps from objects with large key
CI
- Fix shellcheck in test-go
Breaking Changes
None.
Ceph CSI 3.1.1 Release
Changelog or Highlights:
Enhancement:
- Bail out from node expansion if its block mode pvc
- Use common logging for rbd
- Add Upgrade E2E testing from 3.0.0 to 3.1.0
- Update Sidecars to the latest version
- Update go-ceph to v0.5.0
- Implement rbd.updateVolWithImageInfo() with go-ceph
- Add support for snapshot retention
- Add support for "snapshot-autoprotect" feature
Bug Fix:
CephFS
- Check error output contains Error: ENOENT
- Fix lock release in volumeDelete
- Trim spaces around fuseMountOptions
- Check ENOTEMPTY when removing subvolume
RBD
- Fix cleanup in case of clone failure
- Use stagingTargetPath in NodeExpandVolume RPC
- Allow readonly only for volume with contentsource
- Rados namespaced image deletion fix
Breaking Changes
None.
Ceph CSI 3.1.0 Release
Release Issue #1272
Changelog or Highlights:
New Features:
- Create/Delete snapshot for CephFS
- Create PVC from CephFS snapshot
- Create PVC from CephFS PVC
- Add RADOS namespace support for RBD
Enhancement:
- E2E migration from Travis minikube to CentOS CI
- Use common logging functions in utils
- Add Upgrade E2E testing from 3.0.0 to 3.1.0
- Update Sidecars to the latest version
- Add vault creation to rbd driver deployment
- Update E2E testing to test with latest kubernetes versions
- Update Rook to 1.3.8 for E2E testing
- Add backend validation of cephfs PVC in E2E
- Make the number of CPUs for minikube VM configurable
- Use rbdVolume.resize() with go-ceph
- Introduce new makefile target run-e2e
- upgrade to minikube 1.12.1
- Debugging tool (tracevol.py) enhancement
Bug Fix:
- Fix tracevol.py to work with the dynamic value of fsname
- Fix tracevol.py to take config map namespace as an option
Breaking Changes
None.
NOTE: At present, there is a limit of 400 snapshots per cephFS filesystem.
Also PVC cannot be deleted if it's having snapshots. Make sure all the snapshots
on the PVC are deleted before you delete the PVC.
Many other bug fixes, code improvements are also part of this release.
Ceph CSI v3.0.0 Release
Release Issue #865
Changelog or Highlights:
New Features:
- Create/Delete snapshot for RBD
- Create PVC from RBD snapshot
- Create PVC from RBD PVC
- Add support for multiple CephFS subvolume groups
- Multi Architecture docker images(amd64 and arm64)
- Support ROX(ReadOnlyMany) PVC for RBD
- Support ROX(ReadOnlyMany) PVC for CephFS
Enhancement:
- Move to go-ceph binding from RBD CLI
- Move to go-ceph binding from RADOS CLI
- Add Upgrade E2E testing from 2.1.2 to 3.0.0
- Update Sidecars to the latest version
- Improve locking to create a parallel clone and snapshot restore
- Simplify Error Handling
- Update golangci-lint version in CI
- Update gosec version in CI
- Add support to track cephfs PVC and subvolumes
- Introduce build.env for configuration of the environment variables
- Update go-ceph to v0.4.0
- Update E2E testing to test with latest kubernetes versions
- Split out CephFS and RBD E2E tests
- Integration with Centos CI to run containerized builds
- Update Rook to 1.2.7 for E2E testing
- Disable reflink when creating xfs filesystem for RBD
- Replace klog with klog v2
- Reduce RBAC for kubernetes sidecar containers
- Add option to compile e2e tests in containerized
- Add commitlint bot in CI
- Add Stale bot to the repo
- Add E2E and documentation for CephFS PVC
- Update kubernetes dependency to v1.18.6
Bug Fix:
- Fix issue in CephFS Volume Not found
Breaking Changes
- Remove support for v1.x.x PVC
- Remove support for Mimic
- Snapshot Alpha is no longer supported
Many other bug fixes, code improvements are also part of this release.