Red Hat SummitQuesto contenuto non è disponibile nella lingua selezionata.
Chapter 3. New features
This section lists all major updates, enhancements, and new features introduced in this release of Red Hat Ceph Storage.
3.1. The Cephadm utility
Added automation for the Ceph Object Gateway multi-site setup
With this enhancement, zone group host names can now be set using the Ceph Object Gateway realm bootstrap command. Set the zonegroups_hostnames by using the specification file that is provided to the ceph rgw realm bootstrap command.
This feature continues to add another setup option through the initial specification file that is passed to the bootstrap command, instead of requiring additional steps.
Add the zonegroup_hostnames section to the spec section of the Ceph Object Gateway specification that is passed to the realm bootstrap command. When the section is added, Cephadm automatically adds these specified host names to the zone group that is defined in the specification after the Ceph Object Gateway module finishes creating the palm, zone group, or zone.
The following provides an example of the zonegroup_hostnames section to be added to the specification file:
zonegroup_hostnames: - host1 - host2
zonegroup_hostnames:
- host1
- host2Adding the zone group host names can take a few minutes, depending on other Cephadm module workload activity at the time of compeltion.
New automatic application of updated SSL certificates during Ceph rgw service updates
Previously, when updating SSL certificates for Ceph Object Gateway in the service specification, the changes did not take effect until the daemons were manually restarted. This manual step hindered automation and could leave services temporarily running with outdated certificates.
With this enhancement, SSL certificate updates in the Ceph Object Gateway specification automatically trigger the necessary daemon restarts as part of the service update process. As a result, the feature helps ensure that new certificates are applied immediately and improves automation and operational reliability.
New ceph orch device replace HOST DEVICE_PATH command to simplify OSD device replacement
Previously, replacing a shared DB device was tedious and error-prone. Cephadm also often redeployed OSDs too quickly after destruction, before the physical device was replaced.
With this enhancement, users can now safely replace devices without race conditions or manual cleanup steps.
Improved core dump handling in cephadm systemd units
Previously, core dumps were not generated or were truncated when services crashed, especially in hard-to-reproduce cases, resulting in the loss of valuable debugging information.
With this enhancement, cephadm now sets LimitCORE=infinity in its systemd unit file template and configures the ProcessSizeMax and ExternalSizeMax settings for coredumpctl, provided that the mgr/cephadm/set_coredump_overrides setting is enabled. The maximum size for core dumps is controlled by the mgr/cephadm/coredump_max_size setting. As a result, services now generate complete core dumps, improving the ability to debug crash issues.
New custom log rotate configurations available for Cephadm to deploy to each host
With this enhancement, users can now set custom logrotate configurations for both the rotation of cephadm.log and daemons logs that cephadm will deploy to each host.
ceph orch write-custom-logrotate TYPE -i LOGROTATE_FILE
ceph orch write-custom-logrotate TYPE -i LOGROTATE_FILE
Replace TYPE with either cephadm or cluster, depending on whether you are overwriting the logrotate file for the cluster logs or the cephadm.log. Replace LOGROTATE_FILE to the contents of that logrotate file you want written out.
Start from an existing logrotate config deployed by cephadm and then edit it from there.
The following is the default cephadm.log logrotate configuration file:
The following is an example of the cluster logrotate configuration file:
Both cephadm and cluster files can be found on a host in the cluster at /etc/logrotate.d/cephadm and /etc/logrotate.d/ceph-FSID.
If either of these files have been previously edited, the edited version may still exist, and cephadm will not automatically overwrite these configuration files. To overwrite these files, use the ceph orch write-custom-logrotate command.
Cephadm can regenerate the default configurations by removing them and running and triggering a redeploy of daemon on that host. For example, for host1 that has the crash.host1 daemon deployed there, you could run the following command:
ceph orch daemon redeploy crash.host1
ceph orch daemon redeploy crash.host1In this example, if the two logrotate configs were not present, cephadm will write them out with the current Ceph version default.
New support for topographical labeling on hosts
This enhancement expands cephadm’s capabilities by introducing topological key/value properties for hosts. Administrators can now group hosts by meaningful, configurable labels, enabling more efficient rolling upgrades. Instead of issuing multiple commands for each service group (for example, distinct RGW services by rack), upgrades can iterate through a list of topographical labels—streamlining multi-rack operations. Additionally, these new properties open the door for enhanced RADOS read affinity by leveraging improved CRUSH location settings.
3.2. Ceph Metrics
New metric allows quick detection of Ceph daemon problems
This enhancement provides the new ceph_daemon_socket_up metric for each Ceph daemon running in the same host as the ceph exporter. The ceph_daemon_socket_up metric provides the health status of a Ceph daemon based on its ability to respond through the admin socket, where a value of 1 indicates a healthy state and 0 indicates an unhealthy state. The metric serves as a tool for quickly detecting problems in any of the main Ceph daemon.
This metric does not provide indicators for the ceph mgr and ceph exporter daemons.
3.3. Ceph Dashboard
New bucket shard count displayed
Previously, shard counts were not displayed, limiting visibility into bucket configurations.
With this enhancement, the user can see the number of shards for every bucket in the Object > Buckets list.
Ceph Dashboard now supports managing Storage Classes through the UI
Previously, users could not configure or manage Storage Classes through the Dashboard. Although Life Cycle (LC) policies introduced in 8.0 allowed data tiering between Storage Classes, the UI lacked the ability to define or manage the classes themselves.
With this enhancement, users can configure and manage Storage Classes, including cloud-S3 class types, directly from the Dashboard. The enhancement also introduces templates for easier setup of common storage class configurations.
KMIP is now added to the list of KMS providers under the Objects > Configuration section of the Dashboard
Previously, the Ceph dashboard supported only KMS providers for managing encryption keys.
With this enhancement, KMIP is now added to the list of KMS providers under the Objects > Configuration section of the dashboard. The dashboard now supports both vault and KMIP as the KMS providers for managing encryption keys. providers for managing encryption keys.
Ceph Dashboard now requires users to type the resource name to confirm deletion of critical resources
Previously, users could delete one or more critical resources (such as images, snapshots, subvolumes, subvolume groups, pools, hosts, OSDs, buckets, and file systems) by simply selecting a checkbox. This made accidental deletions more likely.
With this enhancement, the Dashboard prompts users to manually type the resource name in a confirmation textbox before deletion. Additionally, users can now delete only one critical resource at a time, reducing the risk of unintentional data loss.
3.4. Ceph File System
cephfs-mirror daemon only transfers changed blocks in a file
Previously, cephfs-mirror daemon would transfer whole files, which is inefficient for large files.
With this enhancement, the cephfs-mirror daemon uses the blockdiff API in the MDS to only transfer changed blocks in a file. As a result, sync performance is significantly improved in some circumstances, especially for large files.
Metadata and data pool names can now be used for creating the volume
With this enhancement, the ceph fs volume create command allows users to pass metadata and data pool names to be used for creating the volume. If either is not passed or if either is a non-empty pool, the command stops.
CephFS now supports hierarchical case-insensitive or normalized directory entry naming
With this enhancement, CephFS now supports performant case-insensitive file access protocols. As a result, CephFS performance is competitive with other case-insensitive native file systems.
FSCrypt encryption is now supported within user space CephFS
With this enhancement, FSCrypt encryption is supported, allowing other software stacks to enable encryption. As a result, encryption can now be enabled and used within CephFS.
New support for retrieving the path of a subvolume snapshot
With this enhancement, users can now obtain the path of a subvolume snapshot. Get the path of a subvolume snapshot, by using the new ceph fs subvolume snapshot getpath command. NOTE: If the snapshot does not exist, the command returns an ENOENT error.
New support for disabling always-on manager modules and plugins
This enhancement allows administrators to force-disable always-on modules and plugins in the Ceph MGR. Force disabling can help prevent flooding by module commands when the corresponding Ceph service is down or degraded.
quota.max_bytes is now set in more understandable size values
Previously, the quota.max_bytes value was set in bytes, resulting in often very large size values, which were hard to set or change.
With this enhancement, the quota.max_bytes values can now be set with human-friendly values, such as M/Mi, G/Gi, or T/Ti. For example, 10GiB or 100K.
3.5. Ceph Volume
New support for TPM 2.0 for encrypted OSDs
With this enhancement, users can now enroll a Trusted Platform Module (TPM) 2.0 token during OSD preparation to store Linux Unified Key Setup (LUKS) securely. As a result, key management is now improved by leveraging hardware-backed security.
Improved stability for DB partitions
With this enhancement, users can create a dedicated DB partition, even on a colocated OSD deployment scenario. Isolating the RocksDB helps improve stability and prevents fragmentation-related issues.
3.6. Ceph Object Gateway
Sites can now configure Ceph Object Gateway error handling for existing bucket creation
Previously, Ceph Object Gateway (RGW) returned a success response when creating a bucket that already existed in the same zone, even if no new bucket was created. This caused confusion in automated workflows.
With this enhancement, sites can now configure RGW to return an error instead of success when attempting to create a bucket that already exists in the zone.
If the configuration option rgw_bucket_exist_override is set to true, RGW returns a 409 BucketAlreadyExists error for duplicate bucket creation requests. By default, this option is set to false.
New cloud restore support for Glacier/Tape endpoints to retrieve objects
This enhancement introduces the new cloud-glacier-s3 tier-type to extend S3 endpoint support for Glacier/Tape.
For more information, see Policy Based Data Archival and Retrieval to S3 compatible platforms.
Bugzilla:2358617, Bugzilla:2345486
Dynamic bucket resharding now has the ability to reduce the number of shards
When a bucket undergoes a reduction in the number of objects contained within for an extended period of time, the number of shards should be reduced automatically.
With this enhancement, over time the number of bucket index shards for a bucket will better correspond to the number of objects in the bucket.
New support for restoration of versioned objects transitioned to Cloud
With this enhancement, versioned objects can now be restored from the Cloud back into the Ceph Object Gateway cluster.
For more information, see Restoring objects from S3 cloud-tier storage.
Creation dates are now added as part of user keys
With this enhancement, when keys are added to a user, a creation stamp is now attached to it. As a result, keys are removed in the proper order when credentials are rotated.
HeadBucket requests are now less resource intensive
Previously, all HeadBucket requests required querying all the shards to assemble statistics, which made the requests resource intensive operations.
With this enhancement, the HeadBucket API now reports the X-RGW-Bytes-Used and X-RGW-Object-Count headers only when the read-stats query string is explicitly included in the API request. As a result, HeadBucket requests are now less resource intensive but results received, when specified.
A clientID can now be removed from an OpenID Connect provider registered with Ceph Object Gateway
Previously, a clientID could be added to an OpenID Connect provider, but removal was not supported.
With this enhancement, a REST API was added to remove an existing clientID from an OpenID Connect provider.
Administrators can now delete bucket index entries with a missing head object
Previously, using a radosgw-admin object rm command would not remove a bucket index entry with a head object missing. Instead of removing the bucket, an error message would be emitted.
With this enhancement, bucket index entries with a missing head object can now be removed with the ` --yes-i-really-mean-it` flag.
AssumeRoleWithIdentity now supports validating JWT signatures
Previously, AssumeRoleWithWebIdenity supported JSON Web Token (JWT) signature validation using only x5c.
With this enhancement, AssumeRoleWithIdentity validates JWT signatures by using a JSON Web Key (JWK) with modulus and exponent (n+e). As a result, an OpenID Connect (OIDC) IdP issuing JWK with n+e can now integrate with Ceph Object Gateway.
Cloud-transitioned objects can now be restored to a selected storage class
Previously, objects transitioned to cloud were restored only to STANDARD storage class. This was a limitation and can affect data usage of the cluster.
With this enhancement, the new tier-config restore-storage-class option is introduced. Administrators can now choose the data pool to which the objects need to be restored to, providing more flexibility.
For more information, see Restoring objects from S3 cloud-tier storage.
New support for PUT bucket notifications from other tenant users
With this enhancement, there is added support for cross tenant topic management, allowing PUT bucket notifications from other tenant users. Cross tenant management includes creating, deleting, and modifying topic management.
Support for user accounts through Identity and Access Management (IAM)
User accounts through IAM was previously available as limited release. This enhancement provides full availability for new and existing customers in production environments.
With this release, Ceph Object Gateway supports user accounts as an optional feature to enable the self-service management of users, groups, and roles similar to those in AWS Identity and Access Management (IAM).
For more information, see Identity and Access Management (IAM).
3.7. RADOS
Ceph now optimizes OMAP listing at the OSD level.
OMAP listing at the Ceph OSD is optimized.
PG scrub performance improved by removing unnecessary object ID repair check.
Previously, every PG scrub triggered the repair_oinfo_oid() function, which addressed rare object ID mismatches caused by a historical filesystem bug. This added overhead, even when the conditions didn’t apply.
pg-upmap-primary mappings can now be removed from the OSDmap
With this enhancement, the new ceph osd rm-pg-upmap-primary-all command is introduced. The command allows users to clear all pg-upmap-primary mappings in the OSDmap at any time.
Use the command to remove pg-upmap-primary with a single command. The command can also be used to remove any invalid mappings, when required.
Use the command carefully, as it directly modifies primary PG mappings and can impact read performance.
Cluster log level verbosity for external entities can now be controlled
Previously, debug verbosity logs were sent to all external logging systems regardless of their level settings. As a result, the /var/ filesystem would rapidly fill up.
With this enhancement, the new mon_cluster_log_level command option is introduced and the previous mon_cluster_log_file_level and mon_cluster_log_to_syslog_level command options have been removed.
From this release, use only the new generic mon_cluster_log_level command option to control the cluster log level verbosity for the cluster log file and all external entities.
Ceph now reports BlueStore fragmentation through the health warning subsystem
Previously, Ceph only logged BlueStore fragmentation issues in low-visibility log entries, making them easy to overlook.
With this enhancement, Ceph surfaces fragmentation issues directly in the health status, enabling faster detection and easier troubleshooting.
Advance notifications are now provided on free fragmentation disk space
Previously, when free space on the disk was significantly fragmented, the searching for free space took longer and potentially impacted performance. While this did not immediately cause problems, impact only emerged at a very late stage, free disk space was very low.
With this enhancement, the disk allocator is queried for current fragmentation, by using the config.bluestore_fragmentation_check_period option. The default check period is every 3600 seconds (1 hour). The fragmentation value is then emitted to the respective OSD log, on level 0. If the value exceeds the free fragmentation level, config.bluestore_warn_on_free_fragmentation with the default value of 0.8, a health warning for the OSD is emitted.
As a result, fragmentation disk space is not at risk, as warnings are emitted with advance notice. For more information, see Health messages of a Ceph cluster.
For more information, see Health messages of a Ceph cluster.
New support for 2-site stretch cluster (stretch-mode)
This enhancement enables a two-site stretch cluster deployment, allowing users to extend Ceph’s failure domain from the OSD level to the data-center or zone level. In this configuration, OSDs and Monitors can be deployed across two data sites, while a third site (monitor-only) acts as a tie-breaker for MON quorum during site failure. This architecture enhances fault tolerance by enabling automatic failover, preventing split-brain scenarios, and supporting recovery to ensure continued cluster availability and data integrity, even during a full-site outage.
Reduced fast storage requirements with RocksDB compression enabled
With this enhancement, when RocksDB compression is enabled, Ceph Object Gateway has a reduced block.db reserved size. The new reduced requirement is changed from 4% to 2.5% of reserved space. The RocksDB compression is enabled by default.
3.8. RBD Mirroring
RBD now supports mirroring between default and non-default namespaces.
With this enhancement, Ceph Block Device introduces a new init-only mode for the rbd mirror pool enable command. This command provides the ability to configure a pool for mirroring and disable mirroring on the default namespace. However, mirroring can still be configured for other namespaces. This feature allows a non-default namespace in the pool to be mirrored to the default namespace in a pool of the same name in the remote cluster.
New consistency group snapshot mirroring (CGSM)
Previously, disaster recovery relied on single-image mirroring between clusters. This approach supported isolated images but did not meet the needs of applications that depend on multiple volumes. For example, in a libvirt VM with several disks, each disk serves a different role. Restoring all volumes to a consistent, same-point-in-time state was challenging.
With this enhancement, consistency group mirroring in snapshot mode is now available. CGSM mirrors a group of images or volumes as a consistent set, ensuring data uniformity during recovery. The feature introduces various operations, including enabling, disabling, promoting, demoting, resyncing, snapshotting, and scheduling, which support more robust relocation, failover, and failback processes.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}