No edit summary |
m (Fix a formatting error) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 11: | Line 11: | ||
== Current status == | == Current status == | ||
[[Category: | [[Category:ChangeAcceptedF36]] | ||
[[Category:SelfContainedChange] | [[Category:SelfContainedChange]] | ||
<!-- When your change proposal page is completed and ready for review and announcement --> | <!-- When your change proposal page is completed and ready for review and announcement --> | ||
<!-- remove Category:ChangePageIncomplete and change it to Category:ChangeReadyForWrangler --> | <!-- remove Category:ChangePageIncomplete and change it to Category:ChangeReadyForWrangler --> | ||
Line 27: | Line 27: | ||
--> | --> | ||
* FESCo issue: [https://pagure.io/fesco/issue/2691 #2691] | * FESCo issue: [https://pagure.io/fesco/issue/2691 #2691] | ||
* Tracker bug: | * Tracker bug: [https://bugzilla.redhat.com/show_bug.cgi?id=2023360 #2023360] | ||
* Release notes tracker: | * Release notes tracker: [https://pagure.io/fedora-docs/release-notes/issue/768 #768] | ||
== Detailed Description == | == Detailed Description == |
Latest revision as of 19:23, 17 November 2021
Stratis 3.0.0
Summary
Stratis 3.0.0 includes many internal improvements, bug fixes, and user-visible changes.
Owner
- Name: Dennis Keefe, Anne Mulhern, John Baublitz
- Email: dkeefe@redhat.com, amulhern@redhat.com, jbaublitz@redhat.com
Current status
- Targeted release: Fedora Linux 36
- Last updated: 2021-11-17
- FESCo issue: #2691
- Tracker bug: #2023360
- Release notes tracker: #768
Detailed Description
stratisd 3.0.0
stratisd 3.0.0 includes a number of significant internal improvements and a few bug fixes.
In stratisd 3.0.0 the D-Bus API has undergone a revision and the prior
interfaces are all removed. The FetchProperties
interfaces that
were supported by all objects have been removed. The values that were
previously obtainable via the FetchProperties
methods
are now conventional D-Bus properties. The possible values of error codes
returned by the D-Bus methods have been reduced to 0 and 1, with the usual
interpretation.
stratisd
bug fixes:
- The
--prompt
option was not passed tostratis-min
in the
stratis-fstab-setup
script; this prevented the user from entering the
password necessary to unlock an encrypted pool during boot. This is
no longer the case.
stratisd
was not immediately updating the devicemapper device stack when
a cache was initialized with the result that the cache was not immediately put in use. This is no longer the case.
stratisd
was not immediately updating the Clevis encryption info associated
with a pool on a command to bind an encrypted pool with Clevis. This problem has been corrected.
stratisd
was sending an incorrect D-Bus signal on a pool name change; this
has been fixed.
- Previously, when stratisd-min, which runs during boot before D-Bus functionality is available, gave way to stratisd when the D-Bus had been set up, it was possible for inconsistencies to arise if the Stratis engine was performing an operation which required invoking a distinct executable. The executable might be terminated during its execution, and stratisd-min would take the action appropriate to the command failure before exiting. Now, systemd is instructed to send a kill signal only to stratisd-min and not to any of stratisd-min's child processes when shutting down stratisd-min.
- Previously, if the same device was specified using two different paths when creating or extending a pool the different paths would be interpreted as two different devices and an error would be returned when stratisd attempted to initialize the device a second time. Now, the different paths are canonicalized eagerly, and converted into a single canonical representation of the device, stratisd initializes the device only once, and no error is returned.
- Previously, stratisd did not report all existing object paths in the result of a D-Bus Introspect() call. This was due to a bug in version 0.9.1 and previous of stratisd's dbus-tree dependency. stratisd now requires dbus-tree 0.9.2, so all nodes are reported.
Other stratisd
improvements:
- Previously, stratisd relied entirely on udev information when deciding whether a storage device was not in use by another application and could safely be overwritten with Stratis metadata. Now it performs a supplementary check using libblkid and exits with an error if libblkid reports that the device is in use.
- Handling of errors returned by internal methods is improved; a chaining
mechanism has been introduced and the error chains can be scrutinized programatically to identify expected scenarios like rollback failures.
- A set of states indicating that a pool has reduced capability have been
added internally and are published on the D-Bus. A pool's capability is reduced on an error being returned internally which contains, somewhere in its chain, the appropriate identifying error variant.
- The code used to roll back failed encryption operations on a list of
pool devices has been refactored and generalized. It is now capable of returning an error that can be used to identify a restricted pool capability due to a rollback failure.
stratisd
uses sha-256 instead of sha-1 for Clevis-related encryption
operations to conform with Clevis's own usage.
stratisd
exits more elegantly and less frequently if it encounters an
error during execution of the distinct tasks that are assigned to the individual threads that it manages internally.
- In preparation for edition 2021 of the Rust language,
stratisd
source code
has been updated to conform entirely to edition 2018 recommendations.
Detailed Description
stratis-cli 3.0.0
Users of the Stratis CLI may observe the following changes:
- It is now possible to set the filesystem logical size when creating a
filesystem.
- It is possible to rebind a pool using a Clevis tang server or with a key
in the kernel keyring.
- Filesystem and pool list output have been extended and improved. The pool
listing includes an Alerts
column. Currently this column is used to indicate
whether the pool is in a restricted operation mode. A new subcommand,
stratis pool explain
, which provides a fuller explanation of the codes
displayed in the Alerts
column has been added. The filesystem listing
now displays a filesystem's logical size.
- With encrypted pools it was previously possible for the display of block
device paths to change format if stratisd
was restarted after an encrypted
pool had been created. Now the display of the block device paths is consistent
across stratisd
restarts.
Feedback
Benefits to Fedora
Users of Fedora will now benefit from Stratis 2.3.0 by:
- Having the ability to set the filesystem size at create time
- Changing the passphrase or NBDE server using the rebind option
Scope
- Proposal owners:
- Update existing stratis-cli package to specify new release
- Update existing stratisd package to specify new release
- Other developers: N/A
- Release engineering: Self Contained
- Policies guidelines: N/A
- Trademark approval: N/A
Upgrade/compatibility impact
- Users of the CLI will not be impacted
- Developers that consume stratisd's D-Bus API will need to review the most recent changes make appropriate adjustments
How To Test
- To test setting filesystem size:
* Create a Stratis pool, either encrypted or not. * Create a Stratis filesystem on the pool, specifying a filesystem size: > stratis fs create <poolname> new-filesystem --size 256GiB * Verify that the size was set correctly: > stratis fs list <poolname> Verify the size of new-filesystem is 256 GiB by checking the first item in the size triple in the "Size" column.
- To test rebinding with a key in the kernel keyring:
* Create an encrypted pool, specifying a key in the kernel keyring: > stratis key set old-key > stratis pool create <poolname> --key-desc old-key <blockdevs> * Add an additional key to the kernel keyring, entering the value at the command-line: > stratis key set new-key --capture-key * Rebind the pool using the new key: > stratis pool rebind keyring <poolname> new-key * Verify that the pool has been rebound to the new keyring by rebooting your machine: * Reboot, make sure that stratisd is running. * Remove the old key from the kernel keyring, using stratis: > stratis key unset old-key * Verify that the old key is gone, by listing all the keys: > stratis key list * Unlock all the pools using the keyring: > stratis pool unlock keyring * Verify that the rebound pool is unlocked by listing the pools and verifying that it appears in the pool listing: > stratis pool list
User Experience
Other than the changes mentioned above the user experience will be the same.
Dependencies
None
Contingency Plan
- Contingency mechanism:
- Contingency deadline: N/A
- Blocks release? No
- Blocks product? No
Documentation
- Developers blog draft is here:
- Changelog for stratisd
- Changelog for stratis-cli
Release Notes
Includes recent version of Stratis