[ClusterLabs] pcs 0.10.0.alpha.6 available
Tomas Jelinek
tojeline at redhat.com
Wed Sep 19 11:30:02 EDT 2018
I am happy to announce another alpha of pcs-0.10: pcs-0.10.0.alpha.6.
Source code is available at:
https://github.com/ClusterLabs/pcs/archive/0.10.0.alpha.6.tar.gz
or
https://github.com/ClusterLabs/pcs/archive/0.10.0.alpha.6.zip
Pcs-0.10 is the new main pcs branch supporting Corosync 3.x and
Pacemaker 2.x clusters while dropping support for older Corosync and
Pacemaker versions. Pcs-0.9, being in maintenance mode, continues to
support Corosync 1.x/2.x and Pacemaker 1.x clusters.
Main changes since pcs-0.10.0.alpha.1:
* Added support for Pacemaker 2.x
* Added support for promotable clone resources; creating master
resources is no longer possible but managing existing master resources
is supported
* Added support for "podman" and "rkt" containers in bundles
* Fixed QDevice management when using new versions of nss
* Options starting with '-' and '--' are no longer accepted by commands
for which those options have no effect
Complete change log for pcs-0.10.alpha against 0.9.163:
### Removed
- Pcs-0.10 removes support for CMAN, Corosync 1.x, Corosync 2.x and
Pacemaker 1.x based clusters. For managing those clusters use
pcs-0.9.x.
- Pcs-0.10 requires Python 3.6 and Ruby 2.2, support for older Python
and Ruby versions has been removed.
- `pcs resource failcount reset` command has been removed as `pcs
resource cleanup` is doing exactly the same job. ([rhbz#1427273])
- `pcs cluster node delete`, a deprecated alias to `pcs cluster node
remove`, has been removed
- Deprecated commands `pcs cluster remote-node add | remove` have been
removed as they were replaced with `pcs cluster node add-guest |
remove-guest`
- Ability to create master resources has been removed as they are
deprecated in Pacemaker 2.x ([rhbz#1542288])
- Instead of `pcs resource create ... master` use `pcs resource create
... promotable` or `pcs resource create ... clone promotable=true`
- Instead of `pcs resource master` use `pcs resource promotable` or
`pcs resource clone ... promotable=true`
### Added
- Validation for an unaccessible resource inside a bundle
([rhbz#1462248])
- Options to filter failures by an operation and its interval in `pcs
resource cleanup` and `pcs resource failcount show` commands
([rhbz#1427273])
- Commands for listing and testing watchdog devices ([rhbz#1578891])
- Commands for creating promotable clone resources `pcs resource
promotable` and `pcs resource create ... promotable` ([rhbz#1542288])
- `pcs resource update` and `pcs resource meta` commands change master
resources to promotable clone resources because master resources are
deprecated in Pacemaker 2.x ([rhbz#1542288])
- Support for the `promoted-max` bundle option replacing the `masters`
option in Pacemaker 2.x ([rhbz#1542288])
- Support for OP_NO_RENEGOTIATION option when OpenSSL supports it (even
with Python 3.6) ([rhbz#1566430])
- Support for container types `rkt` and `podman` into bundle commands
([rhbz#1619620])
- Support for promotable clone resources in pcsd and web UI
([rhbz#1542288])
### Fixed
- `pcs cluster cib-push diff-against=` does not consider an empty diff
as an error ([ghpull#166])
- `pcs cluster cib-push diff-against=` exits gracefully with an error
message if crm_feature_set < 3.0.9 ([rhbz#1488044])
- `pcs resource update` does not create an empty meta_attributes
element any more ([rhbz#1568353])
- `pcs resource debug-*` commands provide debug messages even with
pacemaker-1.1.18 and newer ([rhbz#1574898])
- Improve `pcs quorum device add` usage and man page ([rhbz#1476862])
- Removing resources using web UI when the operation takes longer than
expected ([rhbz#1579911])
- Removing a cluster node no longer leaves the node in the CIB and
therefore cluster status even if the removal is run on the node which
is being removed ([rhbz#1595829])
- Possible race condition causing an HTTP 408 error when sending larger
files via pcs ([rhbz#1600169])
- Configuring QDevice works even if NSS with the new db format
(cert9.db, key4.db, pkcs11.txt) is used ([rhbz#1596721])
- Options starting with '-' and '--' are no longer accepted by commands
for which those options have no effect ([rhbz#1533866])
- When a user makes an error in a pcs command, usage for that specific
command is printed instead of printing the whole usage
- Show more user friendly error message when testing watchdog device and
multiple devices are present ([rhbz#1578891])
- Do not distinguish between supported and unsupported watchdog devices
as SBD cannot reliably provide such information ([rhbz#1578891])
- `pcs config` no longer crashes when `crm_mon` prints something to
stderr ([rhbz#1578955])
- `pcs resource bundle update` cmd for bundles which are using
unsupported container backend ([rhbz#1619620])
### Changed
- Authentication has been overhauled ([rhbz#1549535]):
- The `pcs cluster auth` command only authenticates nodes in a local
cluster and does not accept a node list.
- The new command for authentication is `pcs host auth`. It allows to
specify host names, addresses and pcsd ports.
- Previously, running `pcs cluster auth A B C` caused A, B and C to be
all authenticated against each other. Now, `pcs host auth A B C`
makes the local host authenticated against A, B and C. This allows
better control of what is authenticated against what.
- The `pcs pcsd clear-auth` command has been replaced by `pcs pcsd
deauth` and `pcs host deauth` commands. The new commands allows to
deauthenticate a single host / token as well as all hosts / tokens.
- These changes are not backward compatible. You should use the `pcs
host auth` command to re-authenticate your hosts.
- The `pcs cluster setup` command has been overhauled ([rhbz#1158816],
[rhbz#1183103]):
- It works with Corosync 3.x only and supports knet as well as
udp/udpu.
- Node names are now supported.
- The number of Corosync options configurable by the command has been
significantly increased.
- The syntax of the command has been completely changed to accommodate
the changes and new features.
- The `pcs cluster node add` command has been overhauled
([rhbz#1158816], [rhbz#1183103])
- It works with Corosync 3.x only and supports knet as well as
udp/udpu.
- Node names are now supported.
- The syntax of the command has been changed to accommodate new
features and to be consistent with other pcs commands.
- The `pcs cluster node remove` has been overhauled ([rhbz#1158816],
[rhbz#1595829]):
- It works with Corosync 3.x only and supports knet as well as
udp/udpu.
- It is now possible to remove more than one node at once.
- Removing a cluster node no longer leaves the node in the CIB and
therefore cluster status even if the removal is run on the node
which is being removed
- Node names are fully supported now and are no longer coupled with node
addresses. It is possible to set up a cluster where Corosync
communicates over different addresses than pcs/pcsd. ([rhbz#1158816],
[rhbz#1183103])
- Commands related to resource failures have been overhauled to support
changes in pacemaker. Failures are now tracked per resource operations
on top of resources and nodes. ([rhbz#1427273], [rhbz#1588667])
- `--watchdog` and `--device` options of `pcs stonith sbd enable` and
`pcs stonith sbd device setup` commands have been replaced with
`watchdog` and `device` options respectively
- Update pacemaker daemon names to match changes in pacemaker-2.0
([rhbz#1573344])
- Watchdog devices are validated against a list provided by sbd
([rhbz#1578891])
- Resource operation option `requires` is no longer accepted to match
changes in pacemaker-2.0 ([rhbz#1605185])
- Update pacemaker exit codes to match changes in pacemaker-2.0
([rhbz#1536121])
- `pcs cluster cib-upgrade` no longer exits with an error if the CIB
schema is already the latest available (this has been changed in
pacemaker-2.0)
- Pcs now configures corosync to put timestamps in its log
([rhbz#1615420])
- Option `-V` has been replaced with `--full` and a CIB file can be
specified only using option `-f` in `pcs cluster verify`
- Master resources are now called promotable clone resources to match
changes in pacemaker-2.0 ([rhbz#1542288])
### Security
- CVE-2018-1086: Debug parameter removal bypass, allowing information
disclosure ([rhbz#1557366])
- CVE-2018-1079: Privilege escalation via authorized user malicious REST
call ([rhbz#1550243])
### Deprecated
- The `masters` bundle option is obsoleted by the `promoted-max` option
in Pacemaker 2.x and therefore in pcs ([rhbz#1542288])
Thanks / congratulations to everyone who contributed to this milestone,
including Ivan Devat, Jan Pokorný, Ondrej Mular and Tomas Jelinek.
Cheers,
Tomas
[ghpull#166]: https://github.com/ClusterLabs/pcs/pull/166
[rhbz#1158816]: https://bugzilla.redhat.com/show_bug.cgi?id=1158816
[rhbz#1183103]: https://bugzilla.redhat.com/show_bug.cgi?id=1183103
[rhbz#1427273]: https://bugzilla.redhat.com/show_bug.cgi?id=1427273
[rhbz#1462248]: https://bugzilla.redhat.com/show_bug.cgi?id=1462248
[rhbz#1476862]: https://bugzilla.redhat.com/show_bug.cgi?id=1476862
[rhbz#1488044]: https://bugzilla.redhat.com/show_bug.cgi?id=1488044
[rhbz#1533866]: https://bugzilla.redhat.com/show_bug.cgi?id=1533866
[rhbz#1536121]: https://bugzilla.redhat.com/show_bug.cgi?id=1536121
[rhbz#1542288]: https://bugzilla.redhat.com/show_bug.cgi?id=1542288
[rhbz#1549535]: https://bugzilla.redhat.com/show_bug.cgi?id=1549535
[rhbz#1550243]: https://bugzilla.redhat.com/show_bug.cgi?id=1550243
[rhbz#1557366]: https://bugzilla.redhat.com/show_bug.cgi?id=1557366
[rhbz#1566430]: https://bugzilla.redhat.com/show_bug.cgi?id=1566430
[rhbz#1568353]: https://bugzilla.redhat.com/show_bug.cgi?id=1568353
[rhbz#1573344]: https://bugzilla.redhat.com/show_bug.cgi?id=1573344
[rhbz#1574898]: https://bugzilla.redhat.com/show_bug.cgi?id=1574898
[rhbz#1578891]: https://bugzilla.redhat.com/show_bug.cgi?id=1578891
[rhbz#1578955]: https://bugzilla.redhat.com/show_bug.cgi?id=1578955
[rhbz#1579911]: https://bugzilla.redhat.com/show_bug.cgi?id=1579911
[rhbz#1588667]: https://bugzilla.redhat.com/show_bug.cgi?id=1588667
[rhbz#1595829]: https://bugzilla.redhat.com/show_bug.cgi?id=1595829
[rhbz#1596721]: https://bugzilla.redhat.com/show_bug.cgi?id=1596721
[rhbz#1600169]: https://bugzilla.redhat.com/show_bug.cgi?id=1600169
[rhbz#1605185]: https://bugzilla.redhat.com/show_bug.cgi?id=1605185
[rhbz#1615420]: https://bugzilla.redhat.com/show_bug.cgi?id=1615420
[rhbz#1619620]: https://bugzilla.redhat.com/show_bug.cgi?id=1619620
More information about the Users
mailing list