From Fedora Project Wiki

Stratis 3.0.0

Summary

Stratis 3.0.0 includes many internal improvements, bug fixes, and user-visible changes.

Owner

  • Email: dkeefe@redhat.com, amulhern@redhat.com, jbaublitz@redhat.com

Current status

Detailed Description

stratisd 3.0.0

stratisd 3.0.0 includes a number of significant internal improvements and a few bug fixes.

In stratisd 3.0.0 the D-Bus API has undergone a revision and the prior interfaces are all removed. The FetchProperties interfaces that were supported by all objects have been removed. The values that were previously obtainable via the FetchProperties methods are now conventional D-Bus properties. The possible values of error codes returned by the D-Bus methods have been reduced to 0 and 1, with the usual interpretation.

stratisd bug fixes:

  • The --prompt option was not passed to stratis-min in the

stratis-fstab-setup script; this prevented the user from entering the password necessary to unlock an encrypted pool during boot. This is no longer the case.

  • stratisd was not immediately updating the devicemapper device stack when

a cache was initialized with the result that the cache was not immediately put in use. This is no longer the case.

  • stratisd was not immediately updating the Clevis encryption info associated

with a pool on a command to bind an encrypted pool with Clevis. This problem has been corrected.

  • stratisd was sending an incorrect D-Bus signal on a pool name change; this

has been fixed.

  • Previously, when stratisd-min, which runs during boot before D-Bus functionality is available, gave way to stratisd when the D-Bus had been set up, it was possible for inconsistencies to arise if the Stratis engine was performing an operation which required invoking a distinct executable. The executable might be terminated during its execution, and stratisd-min would take the action appropriate to the command failure before exiting. Now, systemd is instructed to send a kill signal only to stratisd-min and not to any of stratisd-min's child processes when shutting down stratisd-min.
  • Previously, if the same device was specified using two different paths when creating or extending a pool the different paths would be interpreted as two different devices and an error would be returned when stratisd attempted to initialize the device a second time. Now, the different paths are canonicalized eagerly, and converted into a single canonical representation of the device, stratisd initializes the device only once, and no error is returned.
  • Previously, stratisd did not report all existing object paths in the result of a D-Bus Introspect() call. This was due to a bug in version 0.9.1 and previous of stratisd's dbus-tree dependency. stratisd now requires dbus-tree 0.9.2, so all nodes are reported.


Other stratisd improvements:

  • Previously, stratisd relied entirely on udev information when deciding whether a storage device was not in use by another application and could safely be overwritten with Stratis metadata. Now it performs a supplementary check using libblkid and exits with an error if libblkid reports that the device is in use.
  • Handling of errors returned by internal methods is improved; a chaining

mechanism has been introduced and the error chains can be scrutinized programatically to identify expected scenarios like rollback failures.

  • A set of states indicating that a pool has reduced capability have been

added internally and are published on the D-Bus. A pool's capability is reduced on an error being returned internally which contains, somewhere in its chain, the appropriate identifying error variant.

  • The code used to roll back failed encryption operations on a list of

pool devices has been refactored and generalized. It is now capable of returning an error that can be used to identify a restricted pool capability due to a rollback failure.

  • stratisd uses sha-256 instead of sha-1 for Clevis-related encryption

operations to conform with Clevis's own usage.

  • stratisd exits more elegantly and less frequently if it encounters an

error during execution of the distinct tasks that are assigned to the individual threads that it manages internally.

  • In preparation for edition 2021 of the Rust language, stratisd source code

has been updated to conform entirely to edition 2018 recommendations.

Detailed Description

stratis-cli 3.0.0

Users of the Stratis CLI may observe the following changes:

  • It is now possible to set the filesystem logical size when creating a

filesystem.

  • It is possible to rebind a pool using a Clevis tang server or with a key

in the kernel keyring.

  • Filesystem and pool list output have been extended and improved. The pool

listing includes an Alerts column. Currently this column is used to indicate whether the pool is in a restricted operation mode. A new subcommand, stratis pool explain, which provides a fuller explanation of the codes displayed in the Alerts column has been added. The filesystem listing now displays a filesystem's logical size.

  • With encrypted pools it was previously possible for the display of block

device paths to change format if stratisd was restarted after an encrypted pool had been created. Now the display of the block device paths is consistent across stratisd restarts.

Feedback

Benefits to Fedora

Users of Fedora will now benefit from Stratis 2.3.0 by:

  • Having the ability to set the filesystem size at create time
  • Changing the passphrase or NBDE server using the rebind option

Scope

  • Proposal owners:
    • Update existing stratis-cli package to specify new release
    • Update existing stratisd package to specify new release
  • Other developers: N/A
  • Release engineering: Self Contained
  • Policies guidelines: N/A
  • Trademark approval: N/A

Upgrade/compatibility impact

  • Users of the CLI will not be impacted
  • Developers that consume stratisd's D-Bus API will need to review the most recent changes make appropriate adjustments

How To Test

  • To test setting filesystem size:
 * Create a Stratis pool, either encrypted or not.
 * Create a Stratis filesystem on the pool, specifying a filesystem size:
   > stratis fs create <poolname> new-filesystem --size 256GiB
 * Verify that the size was set correctly:
   > stratis fs list <poolname>
   Verify the size of new-filesystem is 256 GiB by checking the first
   item in the size triple in the "Size" column.
  • To test rebinding with a key in the kernel keyring:
 * Create an encrypted pool, specifying a key in the kernel keyring:
   > stratis key set old-key
   > stratis pool create <poolname> --key-desc old-key <blockdevs>
 * Add an additional key to the kernel keyring, entering the value at the command-line:
   > stratis key set new-key --capture-key
 * Rebind the pool using the new key:
   > stratis pool rebind keyring <poolname> new-key
 * Verify that the pool has been rebound to the new keyring by rebooting your machine:
   * Reboot, make sure that stratisd is running.
   * Remove the old key from the kernel keyring, using stratis:
     > stratis key unset old-key
   * Verify that the old key is gone, by listing all the keys:
     > stratis key list
   * Unlock all the pools using the keyring:
     > stratis pool unlock keyring
   * Verify that the rebound pool is unlocked by listing the pools and verifying that it appears in the pool listing:
     > stratis pool list

User Experience

Other than the changes mentioned above the user experience will be the same.

Dependencies

None

Contingency Plan

  • Contingency mechanism:
  • Contingency deadline: N/A
  • Blocks release? No
  • Blocks product? No

Documentation

Release Notes

Includes recent version of Stratis

Retrieved from "https://fedoraproject.org/w/index.php?title=Changes/Stratis_3.0.0&oldid=630852"