RESTful based volume management framework for GlusterFS
Please note that this is NOT a release for general availability. Those running Heketi as a server application should continue to use v10.4.0. This release exists to fix issues with Go modules which only affects code that is importing Heketi as a library.
This is a security/dependency related release.
go modules
and refresh base dependencies (PR #1867)heketi --version
(PR #1868)Release builds are now built on CentOS7. This should resolve glibc symbol versioning issues on some distributions.
This is a bugfix and client API improvement release.
[1] - In some cases related to this issue stale pending operations may not be automatically cleaned, due to a identification of the operation type. If you think you have encountered this condition, please file an issue. The original issue was introduced in Heketi version v10.0.0.
This is a security and bugfix release.
An information-disclosure flaw was found in the way Heketi logs sensitive information. This flaw allows an attacker with access to the Heketi server logs to read potentially sensitive information, such as the CHAP passwords for gluster-block volumes (CVE-2020-10763).
Administrators may want to check old logs for gluster-block passwords if they created block volumes with CHAP authentication enabled. Restrict access or remove old logs that retain the passwords.
Thanks to Prasanna Kumar Kalever of Red Hat for finding and fixing this issue.
heketi-cli blockvolume expand
subcommand.Among numerous other stability and bug fixes:
[1] - Authentication can no longer be turned off via the configuration JSON file. Authentication can be disabled for testing and development purposes with a command line option to the server only.
[2] - https://github.com/heketi/heketi/blob/release/10/docs/design/tag-matching.md
This is the new stable version of Heketi.
Among numerous other stability and bug fixes:
This is the new stable version of Heketi.
Among numerous other stability and bug fixes:
This is the new stable version of Heketi.
This is the new stable version of Heketi.
The main additions in this release are the block-volume API, a great deal of stabilization to prevent inconsistent database and out-of-sync situations, and tooling to do disaster recovery when the database is bad.