https://fedoraproject.org/wiki/Changes/Stratis_3.0.0 == Summary == Stratis 3.0.0 includes many internal improvements, bug fixes, and user-visible changes. == Owner == * Name: [[User:dkeefe|Dennis Keefe]], [[User:mulhern|Anne Mulhern]], [[User:jbaublitz|John Baublitz]] * Email: dkeefe@xxxxxxxxxx, amulhern@xxxxxxxxxx, jbaublitz@xxxxxxxxxx == Detailed Description == === stratisd 3.0.0 === stratisd 3.0.0 includes a number of significant internal improvements and a few bug fixes. In stratisd 3.0.0 the D-Bus API has undergone a revision and the prior interfaces are all removed. The `FetchProperties` interfaces that were supported by all objects have been removed. The values that were previously obtainable via the `FetchProperties` methods are now conventional D-Bus properties. The possible values of error codes returned by the D-Bus methods have been reduced to 0 and 1, with the usual interpretation. `stratisd` bug fixes: * The `--prompt` option was not passed to `stratis-min` in the `stratis-fstab-setup` script; this prevented the user from entering the password necessary to unlock an encrypted pool during boot. This is no longer the case. * `stratisd` was not immediately updating the devicemapper device stack when a cache was initialized with the result that the cache was not immediately put in use. This is no longer the case. * `stratisd` was not immediately updating the Clevis encryption info associated with a pool on a command to bind an encrypted pool with Clevis. This problem has been corrected. * `stratisd` was sending an incorrect D-Bus signal on a pool name change; this has been fixed. * Previously, when stratisd-min, which runs during boot before D-Bus functionality is available, gave way to stratisd when the D-Bus had been set up, it was possible for inconsistencies to arise if the Stratis engine was performing an operation which required invoking a distinct executable. The executable might be terminated during its execution, and stratisd-min would take the action appropriate to the command failure before exiting. Now, systemd is instructed to send a kill signal only to stratisd-min and not to any of stratisd-min's child processes when shutting down stratisd-min. * Previously, if the same device was specified using two different paths when creating or extending a pool the different paths would be interpreted as two different devices and an error would be returned when stratisd attempted to initialize the device a second time. Now, the different paths are canonicalized eagerly, and converted into a single canonical representation of the device, stratisd initializes the device only once, and no error is returned. * Previously, stratisd did not report all existing object paths in the result of a D-Bus Introspect() call. This was due to a bug in version 0.9.1 and previous of stratisd's dbus-tree dependency. stratisd now requires dbus-tree 0.9.2, so all nodes are reported. Other `stratisd` improvements: * Previously, stratisd relied entirely on udev information when deciding whether a storage device was not in use by another application and could safely be overwritten with Stratis metadata. Now it performs a supplementary check using libblkid and exits with an error if libblkid reports that the device is in use. * Handling of errors returned by internal methods is improved; a chaining mechanism has been introduced and the error chains can be scrutinized programatically to identify expected scenarios like rollback failures. * A set of states indicating that a pool has reduced capability have been added internally and are published on the D-Bus. A pool's capability is reduced on an error being returned internally which contains, somewhere in its chain, the appropriate identifying error variant. * The code used to roll back failed encryption operations on a list of pool devices has been refactored and generalized. It is now capable of returning an error that can be used to identify a restricted pool capability due to a rollback failure. * `stratisd` uses sha-256 instead of sha-1 for Clevis-related encryption operations to conform with Clevis's own usage. * `stratisd` exits more elegantly and less frequently if it encounters an error during execution of the distinct tasks that are assigned to the individual threads that it manages internally. * In preparation for edition 2021 of the Rust language, `stratisd` source code has been updated to conform entirely to edition 2018 recommendations. == Detailed Description == === stratis-cli 3.0.0 === Users of the Stratis CLI may observe the following changes: * It is now possible to set the filesystem logical size when creating a filesystem. * It is possible to rebind a pool using a Clevis tang server or with a key in the kernel keyring. * Filesystem and pool list output have been extended and improved. The pool listing includes an `Alerts` column. Currently this column is used to indicate whether the pool is in a restricted operation mode. A new subcommand, `stratis pool explain`, which provides a fuller explanation of the codes displayed in the `Alerts` column has been added. The filesystem listing now displays a filesystem's logical size. * With encrypted pools it was previously possible for the display of block device paths to change format if `stratisd` was restarted after an encrypted pool had been created. Now the display of the block device paths is consistent across `stratisd` restarts. == Feedback == == Benefits to Fedora == Users of Fedora will now benefit from Stratis 2.3.0 by: * Having the ability to set the filesystem size at create time * Changing the passphrase or NBDE server using the rebind option == Scope == * Proposal owners: ** Update existing stratis-cli package to specify new release ** Update existing stratisd package to specify new release * Other developers: N/A * Release engineering: Self Contained * Policies guidelines: N/A * Trademark approval: N/A == Upgrade/compatibility impact == * Users of the CLI will not be impacted * Developers that consume stratisd's D-Bus API will need to review the most recent changes make appropriate adjustments == How To Test == * To test setting filesystem size: * Create a Stratis pool, either encrypted or not. * Create a Stratis filesystem on the pool, specifying a filesystem size: > stratis fs create <poolname> new-filesystem --size 256GiB * Verify that the size was set correctly: > stratis fs list <poolname> Verify the size of new-filesystem is 256 GiB by checking the first item in the size triple in the "Size" column. * To test rebinding with a key in the kernel keyring: * Create an encrypted pool, specifying a key in the kernel keyring: > stratis key set old-key > stratis pool create <poolname> --key-desc old-key <blockdevs> * Add an additional key to the kernel keyring, entering the value at the command-line: > stratis key set new-key --capture-key * Rebind the pool using the new key: > stratis pool rebind keyring <poolname> new-key * Verify that the pool has been rebound to the new keyring by rebooting your machine: * Reboot, make sure that stratisd is running. * Remove the old key from the kernel keyring, using stratis: > stratis key unset old-key * Verify that the old key is gone, by listing all the keys: > stratis key list * Unlock all the pools using the keyring: > stratis pool unlock keyring * Verify that the rebound pool is unlocked by listing the pools and verifying that it appears in the pool listing: > stratis pool list == User Experience == Other than the changes mentioned above the user experience will be the same. == Dependencies == None == Contingency Plan == * Contingency mechanism: * Contingency deadline: N/A * Blocks release? No * Blocks product? No == Documentation == * Developers blog draft is here: ** https://github.com/stratis-storage/stratis-docs/pull/246 * Changelog for stratisd ** https://github.com/stratis-storage/stratisd/pull/2821/files * Changelog for stratis-cli ** https://github.com/stratis-storage/stratis-cli/pull/775/files == Release Notes == Includes recent version of Stratis -- Ben Cotton He / Him / His Fedora Program Manager Red Hat TZ=America/Indiana/Indianapolis _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
