Please take a look at the following changelog and add/update anything else noteworthy -- it was generated by ChatGPT DeepResearch with a little extra input from myself.
Changelog All notable changes to Apache Ozone are documented in this file. This project adheres to the Keep a Changelog format and Semantic Versioning <https://semver.org/>. Apache Ozone 2.0.0 adds 1700 new features, improvements and bug fixes on top of Ozone 1.4. [2.0.0] - 2025-03-27 Added - *HDDS-7593 Supporting HSync and Lease Recovery:* Added support for HDFS-compatible hsync/hflush on Ozone client output streams, enabling durable writes for use cases like HBase and Solr. Also introduced HDFS-style lease recovery (recoverLease()) and the ability to toggle safe mode via the FileSystem API. - *HDDS-7852 SCM Decommissioning Support:* The Storage Container Manager now supports decommissioning in an HA cluster. Administrators can gracefully remove an SCM from the HA ring (or force remove if needed). - *HDDS-8829 Symmetric Keys for Delegation Tokens:* Added support for symmetric keys to secure delegation tokens, enhancing authentication and token management. - *HDDS-10656 Atomic Key Overwrite and Key Replacement:* Introduced atomic operations for key overwrite and key replacement, ensuring consistency during key updates. - *HDDS-6263 ARM64 Support:* Added native ARM64 support, enabling Apache Ozone to run efficiently on ARM-based servers. - *HDDS-8246 Java 11/17/21 Support and Testing:* Expanded runtime support and testing to include Java 11, 17, and 21, ensuring compatibility with modern Java environments. - *HDDS-11577 AWS SDK v2 Client Support:* Added AWS SDK v2 support for improved integration with Amazon Web Services and enhanced S3 gateway functionality. - *HDDS-9307 Ozone Performance and Operational Dashboards:* Introduced new dashboards to monitor cluster performance and operational metrics, providing real-time insights into Ozone’s health. - *HDDS-11825 Interactive Mode for Ozone CLI:* Added an interactive mode for the Ozone CLI, enhancing the command-line experience with guided prompts and real-time feedback. Changed - *Default Crypto Compliance Mode:* The default value for Ozone’s security compliance mode (ozone.security.crypto.compliance.mode) was changed to a stricter setting. Ozone 2.0 enables compliance mode by default, enforcing stronger cryptographic standards out-of-the-box. - *Kerberos Principal Pattern:* Ozone Manager now defines a default principal pattern for Kerberos principals. This change allows cross-realm authentication without additional configuration, preventing errors when Ozone clients interact across different Kerberos realms. - *HSync File Overwrite:* It is now possible to overwrite a file that has been hsync-ed. Previously, attempting to overwrite an hsync-flushed file could fail; Ozone 2.0 removes this restriction to better match HDFS semantics. - *DataNode Failure Handling:* If a DataNode’s internal Ratis server encounters a critical failure or stops, the DataNode will now shut itself down automatically. This fail-fast behavior ensures consistency and improves cluster stability. - *Performance Improvements:* Ozone 2.0 includes multiple optimizations for better throughput and lower latency. Notably, writes through the Hadoop FS interface have improved streaming performance, Ozone clients use less heap memory (avoiding unnecessary byte array copies), and replication between datanodes now leverages zero-copy transfers for efficiency. Data checksum verification was also optimized by using direct buffers and reducing overhead. - *UI Improvements for Recon:* Enhanced the Recon UI for improved data visualization and navigation, making it easier for users to analyze cluster data. Deprecated - *HDDS-11753 Deprecate File-Per-Chunk Container Layout:* The legacy *FILE_PER_CHUNK* container layout (configurable via ozone.scm.container.layout) is now *deprecated*. Beginning with 2.0.0, new containers cannot be created using this layout. Support for FILE_PER_CHUNK will be removed in a future release, so users should migrate any data off this layout if still in use. Removed - *Non-HA OM/SCM Modes:* *Standalone (non-Ratis) deployment modes for Ozone Manager and SCM have been removed.* Ozone 2.x now always runs OM and SCM in HA (Ratis) mode. Clusters upgrading from a non-HA setup will be automatically converted to a single-node Ratis quorum. Legacy configuration flags to disable Ratis are no longer applicable. - *HDDS-7307 Move S3 Gateway Web Admin:* Moved the S3 Gateway web administration to a dedicated port to isolate admin traffic. - *HDDS-11759 Remove LegacyReplicationManager:* Removed the LegacyReplicationManager component, consolidating replication logic into the modern framework. - *(Various internal and unused configurations were also cleaned up—for example, some unused Netty-related SCM config keys were removed to simplify configuration.)* Fixed - *Encryption Functionality:* Fixed a critical regression where Ozone encryption was unintentionally broken by a prior change. Encryption for buckets/keys now works as expected, restoring data-at-rest encryption capabilities. - *S3 Secret Generation:* Resolved an issue that caused an *Internal Server Error* when generating an S3 secret via the HTTP API. The S3 secret creation endpoint now returns proper status on success or failure. - *OM Crash on S3 Secret:* Fixed a bug that could cause the Ozone Manager to terminate with an NPE when handling S3 secret value protos. Generating or fetching S3 credentials will no longer crash the OM. - *S3 MPU ETag Compatibility:* Corrected multi-part upload ETag calculation to match AWS S3 behavior, ensuring compatibility with S3 clients. - *Orphaned Blocks on Overwrite:* Fixed a scenario that left orphaned data blocks when overwriting an existing key. Ozone now properly cleans up replaced blocks during key overwrite, preventing storage leaks. - *FSO ListKeys Results:* Corrected the ListKeys API for FileSystem Optimized (O3FS) buckets. Previously, a key prefix matching multiple keys could yield incomplete results; this issue has been resolved. - *Dynamic Config in Secure Clusters:* The ozone admin reconfig command now works in secure (Kerberized) clusters. Earlier, reconfiguration would fail when security was enabled; dynamic updates to configuration now succeed. - *Block Allocation in Safe Mode:* Fixed an issue where clients could not allocate blocks if SCM was in safe mode. The client/Ozone Manager now retries or waits when SCM is in safe mode, ensuring smoother startup and write operations. - *SCM Recommission State:* Fixed an InvalidStateTransitionException that could occur after recommissioning an SCM in an HA cluster. The SCM state machine now correctly handles recommissioning. - *DataNode Out-of-Memory:* Fixed a memory issue on DataNodes that could lead to out-of-memory errors due to excessive mmap allocations. DataNodes now better manage mmap buffers and avoid resource exhaustion. - *OM Memory Leak:* Patched a memory leak in Ozone Manager request handling. Previously, per-client thread-local data in OM requests was not properly released, potentially causing memory growth over time. - *DataNode Block Deletion Leak:* Fixed a resource leak on DataNodes when the delete blocks queue was full, preventing stale state accumulation and memory buildup. - *Heartbeat Reporting:* Resolved an issue where DataNodes could stop reporting heartbeats or container reports for extended periods. Transient failures no longer prevent timely SCM reporting. - *Replication Count Accuracy:* Fixed mis-counting of containers on decommissioning or decommissioned DataNodes, preventing false alarms in replication metrics. - *Log Spam on Pipeline Loss:* Fixed an infinite-loop bug in SCM that caused log flooding when a pipeline’s nodes could not be found, reducing noise and CPU usage. - *SetTimes on Linked Bucket:* Corrected the ozone fs -setTimes command for linked buckets so that setting access or modification times works as intended. Security - *CVE-2024-45106 (S3 Secret Vulnerability):* Fixed an authentication flaw in the S3 Gateway where an HTTP endpoint could allow any authenticated Kerberos user to regenerate another user’s S3 secret. In Ozone 2.0.0, this endpoint is disabled by default and secured. - *Sticky-bit in Shared /tmp:* Fixed enforcement of sticky-bit permissions on the shared /tmp bucket when Ranger authorization is used. Ozone now properly upholds the expected Unix semantics for shared temporary storage, closing a potential access control gap. Developer - *HDDS-6729 JUnit 4 to 5 Upgrade:* Upgraded the testing framework from JUnit 4 to JUnit 5 for improved test capabilities and modern annotations. - *HDDS-8113 Dropped Hadoop 2.7–2.9 Support:* Removed support for older Hadoop versions (2.7 through 2.9) to streamline compatibility and leverage newer Hadoop features. - *HDDS-10986 Publish SBOM Artifacts:* Enabled the publication of SBOM (Software Bill of Materials) artifacts to enhance supply chain transparency. - *HDDS-11617 Hadoop Dependency Updated to 3.4.1:* Updated the Hadoop dependency to version 3.4.1, improving compatibility and performance. On Mon, Mar 31, 2025 at 8:47 AM Ethan Rose <er...@apache.org> wrote: > Have we run this change through the upgrade/downgrade acceptance tests yet? > It would be good to know: > 1. If it works with downgrade (only affects network related protos) > 2. If we are supporting downgrade from the 2.x to 1.x line. > There is a lot of room for improvement on the current release > notes/changelog but one thing I cannot find that should be called out right > at the top is what this major version increase means for client/server and > upgrade/downgrade compatibility. > > On Sun, Mar 30, 2025 at 5:04 PM Tsz-Wo Nicholas Sze <szets...@gmail.com> > wrote: > > > Hi Wei-Chiu, > > > > (1) A reason for not yet being able to merge the PR is the protolock > file. > > We are not sure how and when to update it for such a change. The "Build > > and commit the proto.lock change" section in our release guideline [2] > does > > not mention it. > > > > (2) For future incompatible changes, we must wait for the next major > > version. Anyway, this PR definitely is a good improvement. > > > > (3) If we are not doing it now, I guess it may be hard to get it in a > > maintenance release such as 2.0.1. This kind of change is usually > > unwelcome in a maintenance release. > > > > XiChen, not sure if you could work on HDDS-11351 in a timely manner. If > > not, I could continue the work. Since we already know what to do, we > > should be able to merge the change within a week. > > > > Tsz-Wo > > [2] > > > > > https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=173085374#OzoneReleaseGuideline-Buildandcommittheproto.lockchange > > > > > > > > On Sun, Mar 30, 2025 at 1:12 PM Wei-Chiu Chuang <weic...@apache.org> > > wrote: > > > > > Thanks for bringing it up! > > > > > > I'm not against including it but > > > > > > (1) the PR has stalled for a few months now. Do we think it can be done > > > soon? > > > (2) there's no guarantee the PR will be the final version. What if > later > > on > > > we realize we need to change protobuf again? > > > (3) if it's a compatible change, it doesn't need to be in 2.0.0. > > > > > > On Sat, Mar 29, 2025 at 12:23 PM Tsz-Wo Nicholas Sze < > szets...@gmail.com > > > > > > wrote: > > > > > > > More info on HDDS-11351: > > > > > > > > TLDR: The change is wire compatible but requires updating protolock. > > > > > > > > XiChen pointed out that both hdds.proto and > > > > ScmServerDatanodeHeartbeatProtocol.proto have the same proto package > > > > "hadoop.hdds". So, we could safely move StorageTypeProto from > > > > ScmServerDatanodeHeartbeatProtocol.proto to hdds.proto. The only > > > difference > > > > is the java_outer_classname. Fortunately, > > > > ScmServerDatanodeHeartbeatProtocol.proto is a non-user facing > internal > > > > protocol and the change is wire compatible. (It is API incompatible > > but > > > it > > > > is fine since the protocol is not a public API.) So there are no > > > > compatibility issues. > > > > > > > > A problem is that we need to update the protolock file. If we are > > going > > > to > > > > do it, let's also rename ScmServerDatanodeHeartbeatProtocol.proto to > > > > StorageContainerDatanodeProtocol.proto, i.e. make it consistent with > > its > > > > java_outer_classname. > > > > > > > > Tsz-Wo > > > > [1] https://github.com/apache/ozone/pull/7109#discussion_r2008750162 > > > > > > > > > > > > On Sat, Mar 29, 2025 at 10:04 AM Tsz-Wo Nicholas Sze < > > szets...@gmail.com > > > > > > > > wrote: > > > > > > > > > Hi Ozone dev, > > > > > > > > > > HDDS-11351 is unifying the protobuf definition of StorageType. How > > > about > > > > > we get it in 2.0.0? > > > > > > > > > > Sorry that I came with this idea late. > > > > > > > > > > Tsz-Wo > > > > > > > > > > > > > > > > > > > > On Wed, Mar 26, 2025 at 11:05 PM Wei-Chiu Chuang < > weic...@apache.org > > > > > > > > wrote: > > > > > > > > > >> By the way, build environment: > > > > >> > > > > >> x86, Amazon Linux, OpenJDK8, Maven 3.9.9, gcc 11 > > > > >> > > > > >> build parameters: > > > > >> mvn clean install -Dmaven.javadoc.skip=true -DskipTests > > > -Psign,dist,src > > > > >> -Dtar -Dgpg.keyname="$CODESIGNINGKEY" -Drocks_tools_native > > > > >> > > > > >> # cat /etc/amazon-linux-release > > > > >> Amazon Linux release 2023.6.20250317 (Amazon Linux) > > > > >> > > > > >> # java -version > > > > >> openjdk version "1.8.0_442" > > > > >> OpenJDK Runtime Environment Corretto-8.442.06.1 (build > > 1.8.0_442-b06) > > > > >> OpenJDK 64-Bit Server VM Corretto-8.442.06.1 (build 25.442-b06, > > mixed > > > > >> mode) > > > > >> > > > > >> # mvn -v > > > > >> Apache Maven 3.9.9 (8e8579a9e76f7d015ee5ec7bfcdc97d260186937) > > > > >> Maven home: /root/apache-maven-3.9.9 > > > > >> Java version: 1.8.0_442, vendor: Amazon.com Inc., runtime: > > > > >> /usr/lib/jvm/java-1.8.0-amazon-corretto.x86_64/jre > > > > >> Default locale: en, platform encoding: UTF-8 > > > > >> OS name: "linux", version: "6.1.130-139.222.amzn2023.x86_64", > arch: > > > > >> "amd64", family: "unix" > > > > >> > > > > >> # g++ -v > > > > >> Using built-in specs. > > > > >> COLLECT_GCC=g++ > > > > >> > > > COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-amazon-linux/11/lto-wrapper > > > > >> OFFLOAD_TARGET_NAMES=nvptx-none > > > > >> OFFLOAD_TARGET_DEFAULT=1 > > > > >> Target: x86_64-amazon-linux > > > > >> Configured with: ../configure --enable-bootstrap --enable-host-pie > > > > >> --enable-host-bind-now --enable-languages=c,c++,fortran,lto > > > > --prefix=/usr > > > > >> --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl= > > > > >> https://github.com/amazonlinux/amazon-linux-2022 --enable-shared > > > > >> --enable-threads=posix --enable-checking=release > --with-system-zlib > > > > >> --enable-__cxa_atexit --disable-libunwind-exceptions > > > > >> --enable-gnu-unique-object --enable-linker-build-id > > > > >> --with-gcc-major-version-only --enable-plugin > > --enable-initfini-array > > > > >> > > > > >> > > > > > > > > > > --with-isl=/builddir/build/BUILD/gcc-11.5.0-20240719/obj-x86_64-amazon-linux/isl-install > > > > >> --enable-multilib --with-linker-hash-style=gnu > > > > >> --enable-offload-targets=nvptx-none --without-cuda-driver > > > > >> --enable-gnu-indirect-function --enable-cet --with-tune=generic > > > > >> --with-arch_64=x86-64-v2 --with-arch_32=x86-64 > > > > --build=x86_64-amazon-linux > > > > >> --with-build-config=bootstrap-lto --enable-link-serialization=1 > > > > >> Thread model: posix > > > > >> Supported LTO compression algorithms: zlib zstd > > > > >> gcc version 11.5.0 20240719 (Red Hat 11.5.0-5) (GCC) > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> On Wed, Mar 26, 2025 at 10:58 PM Wei-Chiu Chuang < > > weic...@apache.org> > > > > >> wrote: > > > > >> > > > > >> > Here's RC1 vote: > > > > >> > > > > > >> > Git tag: > > > https://github.com/apache/ozone/releases/tag/ozone-2.0.0-RC1 > > > > >> > A total of 1699 resolved jiras: > > > > >> > > > > > >> > > > > > > > > > > https://issues.apache.org/jira/issues/?jql=project%20%3D%20HDDS%20AND%20status%20in%20(Resolved%2C%20Closed)%20AND%20fixVersion%20%3D%202.0.0 > > > > >> > > > > > >> > Source code and binary tarball: > > > > >> > https://dist.apache.org/repos/dist/dev/ozone/2.0.0-rc1/ > > > > >> > Maven artifacts: > > > > >> > > > > > > > https://repository.apache.org/content/repositories/orgapacheozone-1030/ > > > > >> > PGP key: https://dist.apache.org/repos/dist/dev/ozone/KEYS > > > > >> > Fingerprint: 3ED23305D7631918 > > > > >> > > > > > >> > RC0 and RC1 diff: > > > > >> > > > > > >> > > > > > > > > > > https://github.com/apache/ozone/compare/ozone-2.0.0-RC0...ozone-2.0.0-RC1 > > > > >> > 7 commits: > > > > >> > > > > > >> > HDDS-12327. HDDS-12668. Fix HSync upgrade test failure in non-HA > > > > upgrade > > > > >> > test (#8171) > > > > >> > HDDS-12684. Update NOTICE and LICENSE file (#8160) > > > > >> > HDDS-12327. Restore non-HA (to HA) upgrade test (#7880) > > > > >> > HDDS-12662. Rename upgrade callback directory 1.5.0 to 2.0.0 > > (#8131) > > > > >> > HDDS-12668. HSync upgrade test failure (#8137) > > > > >> > HDDS-12671. Include .editorconfig and .run in source tarball > > (#8139) > > > > >> > HDDS-12666. Remove -SNAPSHOT from OZONE_CURRENT_VERSION in > upgrade > > > > test > > > > >> > (#8136) > > > > >> > > > > > >> > Please also take a look at the release page draft: > > > > >> > https://jojochuang.github.io/release/2.0.0/ > > > > >> > Full CHANGELOGS > > > > >> > https://jojochuang.github.io/release/2.0.0/changelog.2.0.0/ > > > > >> > Full ReleaseNotes: > > > > >> > https://jojochuang.github.io/release/2.0.0/releasenotes.2.0.0/ > > > > >> > > > > > >> > changelogs and releasenotes are generated by Apache Yetus > > > > >> releasedocmaker: > > > > >> > ./releasedocmaker --project HDDS --version 2.0.0 --projecttitle > > > > "Apache > > > > >> > Ozone" --fileversions --dirversions --usetoday > > > > >> > > > > > >> > On Fri, Mar 21, 2025 at 3:42 PM Wei-Chiu Chuang < > > weic...@apache.org > > > > > > > > >> > wrote: > > > > >> > > > > > >> >> Hi Ozone community, > > > > >> >> > > > > >> >> Please try out and cast your vote for the Ozone 2.0.0 release > > > > >> candidate 0. > > > > >> >> > > > > >> >> This is a huge release, containing 1691 resolved jiras, > numerous > > > > >> features > > > > >> >> and stability improvements. > > > > >> >> > > > > >> >> Release process: > > > > >> >> > > > > >> > > > > > > > > > > https://ozone-site-v2.staged.apache.org/docs/developer-guide/project/release-guide/ > > > > >> >> Git tag: > > > > https://github.com/apache/ozone/releases/tag/ozone-2.0.0-RC0 > > > > >> >> All resolved jiras: > > > > >> >> > > > > >> > > > > > > > > > > https://issues.apache.org/jira/issues/?jql=project%20%3D%20HDDS%20AND%20status%20in%20(Resolved%2C%20Closed)%20AND%20fixVersion%20%3D%202.0.0 > > > > >> >> Source code and binary tarball: > > > > >> >> https://dist.apache.org/repos/dist/release/ozone/2.0.0-rc0/ > > > > >> >> The Maven artifacts are staged at: > > > > >> >> > > > > >> > > > > https://repository.apache.org/content/repositories/orgapacheozone-1029/ > > > > >> >> PGP key: https://dist.apache.org/repos/dist/dev/ozone/KEYS > > > > >> >> Fingerprint: 3ED23305D7631918 > > > > >> >> > > > > >> >> Per Apache policy, this release candidate vote will open for 7 > > days > > > > >> until > > > > >> >> the end of March 28th 2025. PMC members can cast binding votes > > > while > > > > >> >> committers and community contributors are welcomed to cast > > > > non-binding > > > > >> >> votes. > > > > >> >> > > > > >> >> Best regards, > > > > >> >> Weichiu > > > > >> >> > > > > >> > > > > > >> > > > > > > > > > > > > > > >
