Pacemaker 1.1.12 - Final

Details - 1.1.11 - final

Changesets	795
Diff	195 files changed, 13772 insertions(+), 6176 deletions(-)

Highlights

• ACLs are now on by default
• Thanks to a new algorithm, the CIB is now two orders of magnitude faster.
  Resulting in less CPU usage by the cluster itself and faster failover times

Features added since Pacemaker-1.1.11

• Changes to the ACL schema to support nodes and unix groups
• cib: Check ACLs prior to making the update instead of parsing the diff afterwards
• cib: Default ACL support to on
• cib: Enable the more efficient xml patchset format
• cib: Implement zero-copy status update
• cib: Send all r/w operations via the cluster connection and have all nodes process them
• crmd: Set "cluster-name" property to corosync's "cluster_name" by default for corosync-2
• crm_mon: Display brief output if "-b/--brief" is supplied or 'b' is toggled
• crm_report: Allow ssh alternatives to be used
• crm_ticket: Support multiple modifications for a ticket in an atomic operation
• extra: Add logrotate configuration file for /var/log/pacemaker.log
• Fencing: Add the ability to call stonith_api_time() from stonith_admin
• logging: daemons always get a log file, unless explicitly set to configured 'none'
• logging: allows the user to specify a log level that is output to syslog
• PE: Automatically re-unfence a node if the fencing device definition changes
• pengine: cl#5174 - Allow resource sets and templates for location constraints
• pengine: Support cib object tags
• pengine: Support cluster-specific instance attributes based on rules
• pengine: Support id-ref in nvpair with optional "name"
• pengine: Support per-resource maintenance mode
• pengine: Support site-specific instance attributes based on rules
• tools: Allow crm_shadow to create older configuration versions
• tools: Display pending state in crm_mon/crm_resource/crm_simulate if --pending/-j is supplied (cl#5178)
• xml: Add the ability to have lightweight schema revisions
• xml: Enable resource sets in location constraints for 1.2 schema
• xml: Support resources that require unfencing

Changes since Pacemaker-1.1.11

• acl: Authenticate pacemaker-remote requests with the node name as the client
• acl: Read access must be explicitly granted
• attrd: Ensure attribute dampening is always observed
• attrd: Remove offline nodes from node cache for "peer-remove" requests
• Bug cl#5055 - Improved migration support.
• Bug cl#5184 - Ensure pending probes that ultimately fail are correctly updated
• Bug cl#5196 - pengine: Check values after expanding templates
• Bug cl#5212 - Do not promote instances when quorum is lots and no-quorum-policy=freeze
• Bug cl#5213 - Ensure role colocation with -INFINITY is enforced
• Bug cl#5213 - Limit the scope of the previous commit to the masters role
• Bug cl#5219 - pengine: Allow unrelated resources with a common colocation target to remain promoted
• Bug cl#5222 - cib: Repair rolling update capability
• Bug cl#5222 - Enable legacy mode whenever a broadcast update is detected
• Bug rhbz#1036631 - Stop members of cloned groups when dependancies are stopped
• Bug rhbz#1054307 - cname pattern match should be more restrictive in init script
• Bug rhbz#1057697 - Use native DBus library for systemd/upstart support to avoid problematic use of threads
• Bug rhbz#1097457 - Limit the scope of the previous fix and include a helpful comment
• Bug rhbz#1097457 - Prevent invalid transition when resource are ordered to start after the container they're started in
• cib: allow setting permanent remote-node attributes
• cib: Auto-detect which patchset format to use
• cib: Determine the best value of validate-with if one is not supplied
• cib: Do not disable cib disk writes if on-disk cib is corrupt
• cib: Ensure 'cibadmin -R/--replace' commands get replies
• cib: Erasing the cib is an admin action, bump the admin_epoch instead
• cib: Fix remote cib based on TLS
• cib: Ingore patch failures if we already have their contents
• cib: Validate that everyone still sees the same configuration once all updates have completed
• cibadmin: Allow priviliged clients to perform tasks as unpriviliged users
• cibadmin: Remove dangerous commands that exposed unnecessary implementation internal details
• cluster: Fix segfault on removing a node
• cluster: Prevent search of unames from attempting to create node entries for unknown nodes
• cluster: Remove unknown offline nodes with conflicting unames from node cache
• controld: Do not consider the dlm up until the address list is present
• controld: handling startup fencing within the controld agent, not the dlm
• controld: Return OCF_ERR_INSTALLED instead of OCF_NOT_INSTALLED
• crmd: Ack pending operations that were cancelled due to rsc deletion
• crmd: Actions can only be executed if their pre-requisits completed successfully
• crmd: avoid double free caused by nested hash table removal
• crmd: Avoid spamming the cib by triggering a transition only once per non-status change
• crmd: Correctly react to successful unfencing operations
• crmd: Correctly recognise operation cancellations we initiated
• crmd: Do not erase the status section for unfenced nodes
• crmd: Do not overwrite existing node state when fencing completes
• crmd: Do not start timers for already completed operations
• crmd: Ensure crm_config options are re-read on updates
• crmd: Fenced nodes that return prior to an election do not need to have their status section reset
• crmd: make lrm_state hash table not case sensitive
• crmd: make node_state erase correctly
• crmd: Only write fence_averride if open() returns a positive file descriptor
• crmd: Prevent manual fencing confirmations from attempting to create node entries for unknown nodes
• crmd: Prevent SIGPIPE when notifying CMAN about fencing operations
• crmd: Remove state of unknown nodes with conflicting unames from CIB
• crmd: Remove unknown nodes with conflicting unames from CIB
• crmd: Report unsuccessful unfencing operations
• crm_diff: Allow the generation of xml patchsets without digests
• crm_mon: Allow the file created by --as-html to be world readable
• crm_mon: Ensure resource attributes have been unpacked before displaying connectivity data
• crm_node: Only remove the named resource from the cib
• crm_report: Gracefully handle rediculously large logfiles
• crm_report: Only gather dlm data if dlm_controld is running
• crm_resource: Gracefully handle -EACCESS when querying the cib
• crm_verify: Perform a full set of calculations whenever the status section is present
• fencing: Advertise support for reboot/on/off in the metadata for legacy agents
• fencing: Automatically switch from 'list' to 'status' to 'static-list' if those actions are not advertised in the metadata
• fencing: Cache metadata lookups to avoid repeated blocking during device registration
• fencing: Correctly record which peer performed the fencing operation
• fencing: default to 'off' when agent does not advertise 'reboot' in metadata
• fencing: Do not unregister/register all stonith devices on every resource agent change
• fencing: Execute all required fencing devices regardless of what topology level they are at
• fencing: Fence using all required devices
• fencing: Pass the correct options when looking up the history by node name
• fencing: Update stonith device list only if stonith is enabled
• get_cluster_type: failing concurrent tool invocations on heartbeat
• ignore SIGPIPE when gnutls is in use
• iso8601: Different logic is needed when logging and calculating durations
• iso8601: Fix memory leak in duration calculation
• Logging: Bootstrap daemon logging before processing arguments but configure it afterwards
• lrmd: Cancel recurring operations before stop action is executed
• lrmd: Expose logging variables expected by OCF agents
• lrmd: Handle systemd reporting 'done' before a resource is actually stopped/started
• lrmd: Merge duplicate recurring monitor operations
• lrmd: Prevent OCF agents from logging to random files due to "value" of setenv() being NULL
• lrmd: Provide stderr output from agents if available, otherwise fall back to stdout
• mainloop: Better handle the killing of processes in the act of exiting
• mainloop: Canceling in-flight operations should not fail if child process has already exited.
• mainloop: Fixes use after free in process monitor code
• mcp: Tell systemd not to respawn us if we exit with rc=100
• membership: Avoid duplicate peer entries in the peer cache
• pengine: Allow container nodes to migrate with connection resource
• pengine: avoid assert by searching for stop action on correct node during LogActions
• pengine: Block restart of resources if any dependent resource in a group is unmanaged
• pengine: cl#5186 - Avoid running rsc on two nodes when node is fenced during migration
• pengine: cl#5187 - Prevent resources in an anti-colocation from even temporarily running on a same node
• pengine: cl#5200 - Before migrating utilization-using resources to a node, take off the load that will no longer run there if it's not introducing transition loop
• pengine: Correctly handle origin offsets in the future
• pengine: Correctly observe requires=nothing
• pengine: Default sequential to TRUE for resource sets for consistency with colocation sets
• pengine: Delay unfencing until after we know the state of all resources that require unfencing
• pengine: Do not initiate fencing for unclean nodes when fencing is disabled
• pengine: Ensure instance numbers are preserved for cloned templates
• pengine: Ensure unfencing only happens once, even if the transition is interrupted
• pengine: Fencing devices default to only requiring quorum in order to start
• pengine: fixes invalid transition caused by clones with more than 10 instances
• pengine: Force record pending for migrate_to actions
• pengine: handles edge case where container order con...

Pacemaker 1.1.12 - Release Candidate 4

• Changesets: 49
• Diff: 31 files changed, 403 insertions(+), 100 deletions(-)
• Features added since Pacemaker-1.1.12-rc3
  • extra: Add logrotate configuration file for /var/log/pacemaker.log
• Changes since Pacemaker-1.1.12-rc3
  • attrd: Remove offline nodes from node cache for "peer-remove" requests
  • Bug rhbz#1054307 - cname pattern match should be more restrictive in init script
  • cib: cl#5222 - Prevent assert in xml_calculate_changes() on performing cib operations
  • cluster: Remove unknown offline nodes with conflicting unames from node cache
  • controld: Return OCF_ERR_INSTALLED instead of OCF_NOT_INSTALLED
  • crmd: avoid double free caused by nested hash table removal
  • crmd: Only write to fence_override if open() returns a positive file descriptor
  • crmd: Remove state of unknown nodes with conflicting unames from CIB
  • crm_report: Correctly detect large files
  • crm_simulate: Remove resource states and transient attributes when a node is marked as down
  • crm_verify: Perform a full set of calculations whenever the status section is present
  • ignore SIGPIPE if gnutls is in use
  • lrmd: Handle systemd reporting 'done' before a resource is actually stopped
  • lrmd: Prevent OCF agents from logging to random files due to "value" of setenv() being NULL
  • mcp: Let daemons know when they have been respawned by the mcp
  • membership: Prevent use-after-free in reap_crm_member()
  • pengine: Correctly detect empty tags
  • pengine: Correctly observe requires=nothing

Pacemaker 1.1.12 - Release Candidate 3

• Changesets: 33
• Diff: 26 files changed, 330 insertions(+), 175 deletions(-)
• Changes since Pacemaker-1.1.12-rc2
  • Bug cl#5219 - pengine: Allow unrelated resources with a common colocation target to remain promoted
  • Bug cl#5222 - cib: Repair rolling update capability
  • Bug cl#5222 - Enable legacy mode whenever a broadcast update is detected
  • cib: Prevent assert on sending cib sync requests
  • cib: Use a better option name for enabling the legacy cib diff code
  • cluster: Prevent search of unames from attempting to create node entries for unknown nodes
  • crm_report: Gracefully handle rediculously large logfiles
  • crm_simulate: Clean up temporary shadow files on exit
  • fencing: Cache metadata lookups to avoid repeated blocking during device registration
  • pengine: cl#5200 - Before migrating utilization-using resources to a node, take off the load that will no longer run there if it's not introducing transition loop
  • pengine: properly handle fencing of container remote-nodes when the container is orphaned
  • pengine: properly place resource within a container when container is a remote-node.
  • remote: clear remote-node status correctly
  • remote: Handle request/response ipc proxy correctly
  • xml: Prevent incorrect xml diffs from corrupting the cib

Pacemaker 1.1.12 - Release Candidate 2

• Changesets: 87
• Diff: 29 files changed, 273 insertions(+), 72 deletions(-)
• Features added since Pacemaker-1.1.12-rc1
  • crmd: Set "cluster-name" property to corosync's "cluster_name" by default for corosync-2
• Changes since Pacemaker-1.1.12-rc1
  • Bug rhbz#1057697 - Use native DBus library for systemd async support to avoid problematic use of threads
  • Bug rhbz#1057697 - Use native DBus library for systemd support to avoid problematic use of threads
  • Bug rhbz#1057697 - Use native DBus library for upstart support to avoid problematic use of threads
  • attrd: Ensure attribute dampening is always observed
  • Bug cl#5184 - Ensure pending probes that ultimately fail are correctly updated
  • Bug cl#5212 - Do not promote instances when quorum is lots and no-quorum-policy=freeze
  • Bug cl#5213 - Ensure role colocation with -INFINITY is enforced
  • Bug cl#5213 - Limit the scope of the previous commit to the masters role
  • Bug rhbz#1097457 - Limit the scope of the previous fix and include a helpful comment
  • Bug rhbz#1097457 - Prevent invalid transition when resource are ordered to start after the container they're started in
  • cib: Fix remote cib based on TLS
  • cluster: Fix segfault on removing a node
  • crmd: Avoid spamming the cib by triggering a transition only once per non-status change
  • crmd: Use correctly signed inputs to sscanf()
  • iso8601: Fix memory leak in duration calculation
  • mainloop: Better handle the killing of processes in the act of exiting
  • mainloop: Canceling in-flight operations should not fail if child process has already exited.
  • membership: Avoid duplicate peer entries in the peer cache
  • pengine: avoid assert by searching for stop action on correct node during LogActions
  • pengine: Block restart of resources if any dependent resource in a group is unmanaged
  • pengine: cl#5186 - Avoid running rsc on two nodes when node is fenced during migration
  • pengine: Force record pending for migrate_to actions
  • pengine: Mark unrunnable stop actions as "blocked" and show the correct current locations
  • pengine: Use "#cluster-name" in rules for setting cluster-specific instance attributes
  • pengine: Use "#site-name" in rules for setting site-specific instance attributes
  • services: Correctly reset the nice value for lrmd's children
  • services: Do not block synced service executions
  • services: Fixes segfault associated with cancelling in-flight recurring operations.
  • services: Remove cancelled recurring ops from internal lists as early as possible
  • services: Remove file descriptors from mainloop as soon as we have drained them
  • services: Reset the scheduling policy and priority for lrmd's children without replying on SCHED_RESET_ON_FORK
  • stonith_admin: Ensure pointers passed to sscanf() are properly initialized
  • systemd: Try to handle dbus actions that complete prior to configuring a callback
  • upstart: Allow comilation with glib versions older than 2.28
  • xml: Do not prune meaningful leaves from v1 patchsets
  • xml: Fix segfault in find_entity()

Pacemaker 1.1.12 - Release Candidate 1

This release primarily focuses on important but mostly invisible changes under-the-hood:

• The CIB is now O(2) faster. Thats 100x for those not familiar with Big-O notation :-)

  This has massively reduced the cluster's use of system resources,
  allowing us to scale further on the same hardware, and dramatically
  reduced failover times for large clusters.

• Support for ACLs are is enabled by default.

  The new implementation can restrict cluster access for containers
  where pacemaker-remoted is used and is also more efficient.

• All CIB updates are now serialized and pre-synchronized via the
  corosync CPG interface. This makes it impossible for updates to be
  lost, even when the cluster is electing a new DC.

• Schema versioning changes

  New features are no longer silently added to the schema. Instead
  the ${Y} in pacemaker-${X}-${Y} will be incremented for simple
  additions, and ${X} will be bumped for removals or other changes
  requiring an XSL transformation.

  To take advantage of new features, you will need to updates all the
  nodes and then run the equivalent of cibadmin --upgrade.

Thankyou to everyone that has tested out the new CIB and ACL code
already. Please keep those bug reports coming in!

List of known bugs to be investigating during the RC phase:

• 5206 Fileencoding broken
• 5194 A resource starts with a standby node. (Latest attrd does not serve as the crmd-transition-delay parameter)
• 5197 Fail-over is delayed. (State transition is not calculated.)
• 5139 Each node fenced in its own transition during start-up fencing
• 5200 target node is over-utilized with allow-migrate=true
• 5184 Pending probe left in the cib
• 5187 -INFINITY colocation constraint not fully respected
• 5165 Add support for transient node utilization attributes

To build rpm packages for testing:

1. Clone the current sources:

   git clone --depth 0 git://github.com/ClusterLabs/pacemaker.git

   cd pacemaker

2. Install dependancies (if you haven't already)

   [Fedora] # sudo yum install -y yum-utils
   [ALL] # make rpm-dep

3. Build Pacemaker

   make rc

4. Copy and deploy as needed

Details

Changesets: 633
Diff: 184 files changed, 12690 insertions(+), 5843 deletions(-)

Highlights

Features added since Pacemaker-1.1.11

• Changes to the ACL schema to support nodes and unix groups
• cib: Check ACLs prior to making the update instead of parsing the diff afterwards
• cib: Default ACL support to on
• cib: Enable the more efficient xml patchset format
• cib: Implement zero-copy status update (performance)
• cib: Send all r/w operations via the cluster connection and have all nodes process them
• crm_mon: Display brief output if "-b/--brief" is supplied or 'b' is toggled
• crm_ticket: Support multiple modifications for a ticket in an atomic operation
• Fencing: Add the ability to call stonith_api_time() from stonith_admin
• logging: daemons always get a log file, unless explicitly set to configured 'none'
• PE: Automatically re-unfence a node if the fencing device definition changes
• pengine: cl#5174 - Allow resource sets and templates for location constraints
• pengine: Support cib object tags
• pengine: Support cluster-specific instance attributes based on rules
• pengine: Support id-ref in nvpair with optional "name"
• pengine: Support per-resource maintenance mode
• pengine: Support site-specific instance attributes based on rules
• tools: Display pending state in crm_mon/crm_resource/crm_simulate if --pending/-j is supplied (cl#5178)
• xml: Add the ability to have lightweight schema revisions
• xml: Enable resource sets in location constraints for 1.2 schema
• xml: Support resources that require unfencing

Changes since Pacemaker-1.1.11

• acl: Authenticate pacemaker-remote requests with the node name as the client
• cib: allow setting permanent remote-node attributes
• cib: Do not disable cib disk writes if on-disk cib is corrupt
• cib: Ensure 'cibadmin -R/--replace' commands get replies
• cib: Fix remote cib based on TLS
• cib: Ingore patch failures if we already have their contents
• cib: Resolve memory leaks in query paths
• cl#5055: Improved migration support.
• cluster: Fix segfault on removing a node
• controld: Do not consider the dlm up until the address list is present
• controld: handling startup fencing within the controld agent, not the dlm
• crmd: Ack pending operations that were cancelled due to rsc deletion
• crmd: Actions can only be executed if their pre-requisits completed successfully
• crmd: Do not erase the status section for unfenced nodes
• crmd: Do not overwrite existing node state when fencing completes
• crmd: Do not start timers for already completed operations
• crmd: Fenced nodes that return prior to an election do not need to have their status section reset
• crmd: make lrm_state hash table not case sensitive
• crmd: make node_state erase correctly
• crmd: Prevent manual fencing confirmations from attempting to create node entries for unknown nodes
• crmd: Prevent memory leak in error paths
• crmd: Prevent memory leak when accepting a new DC
• crmd: Prevent message relay from attempting to create node entries for unknown nodes
• crmd: Prevent SIGPIPE when notifying CMAN about fencing operations
• crmd: Report unsuccessful unfencing operations
• crm_diff: Allow the generation of xml patchsets without digests
• crm_mon: Allow the file created by --as-html to be world readable
• crm_mon: Ensure resource attributes have been unpacked before displaying connectivity data
• crm_node: Only remove the named resource from the cib
• crm_node: Prevent use-after-free in tools_remove_node_cache()
• crm_resource: Gracefully handle -EACCESS when querying the cib
• fencing: Advertise support for reboot/on/off in the metadata for legacy agents
• fencing: Automatically switch from 'list' to 'status' to 'static-list' if those actions are not advertised in the metadata
• fencing: Correctly record which peer performed the fencing operation
• fencing: default to 'off' when agent does not advertise 'reboot' in metadata
• fencing: Execute all required fencing devices regardless of what topology level they are at
• fencing: Pass the correct options when looking up the history by node name
• fencing: Update stonith device list only if stonith is enabled
• get_cluster_type: failing concurrent tool invocations on heartbeat
• iso8601: Different logic is needed when logging and calculating durations
• lrmd: Cancel recurring operations before stop action is executed
• lrmd: Expose logging variables expected by OCF agents
• lrmd: Merge duplicate recurring monitor operations
• lrmd: Provide stderr output from agents if available, otherwise fall back to stdout
• mainloop: Fixes use after free in process monitor code
• make resource ID case sensitive
• mcp: Tell systemd not to respawn us if we exit with rc=100
• pengine: Allow container nodes to migrate with connection resource
• pengine: cl#5186 - Avoid running rsc on two nodes when node is fenced during migration
• pengine: cl#5187 - Prevent resources in an anti-colocation from even temporarily running on a same node
• pengine: Correctly handle origin offsets in the future
• pengine: Correctly search failcount
• pengine: Default sequential to TRUE for resource sets for consistency with colocation sets
• pengine: Delay unfencing until after we know the state of all resources that require unfencing
• pengine: Do not initiate fencing for unclean nodes when fencing is disabled
• pengine: Do not unfence nodes that are offline, unclean or shutting down
• pengine: Fencing devices default to only requiring quorum in order to start
• pengine: fixes invalid transition caused by clones with more than 10 instances
• pengine: Force record pending for migrate_to actions
• pengine: handles edge case where container order constraints are not honored during migration
• pengine: Ignore failure-timeout only if the failed operation has on-fail="block"
• pengine: Log when resources require fencing but fencing is disabled
• pengine: Memory leaks
• pengine: Unfencing is based on device probes, there is no need to unfence when normal resources are found active
• Portability: Use basic types for DBus compatability struct
• remote: Allow baremetal remote-node connection resources to migrate
• remote: Enable migration support for baremetal connection resources by default
• services: Correctly reset the nice value for lrmd's children
• services: Do not allow duplicate recurring op entries
• services: Do not block synced service executions
• services: Fixes segfault associated with cancelling in-flight recurring operations.
• services: Reset the scheduling policy and priority for lrmd's children without replying on SCHED_RESET_ON_FORK
• services_action_cancel: Interpret return code from mainloop_child_kill() correctly
• stonith_admin: Ensure pointers passed to sscanf() are properly initialized
• stonith_api_time_helper now returns when the most recent fencing operation completed
• systemd: Prevent use-of-NULL when determining if an agent exists
• upstart: Allow comilation with glib versions older than 2.28
• xml: Better move detection logic for xml nodes
• xml: Check all available schemas when doing upgrades
• xml: Convert misbehaving #define into a more easily understood inline function
• xml: If validate-with is missing, we find the most recent schema that accepts it and go from there
• xml: Update xml validation to allow ''

1.1.11 - final

Details - 1.1.11 - final

Changesets	462
Diff	147 files changed, 6810 insertions(+), 4057 deletions(-)

Highlights

Features added since Pacemaker-1.1.10

• attrd: A truly atomic version of attrd for use where CPG is used for cluster communication
• cib: Allow values to be added/updated and removed in a single update
• cib: Support XML comments in diffs
• Core: Allow blackbox logging to be disabled with SIGUSR2
• crmd: Do not block on proxied calls from pacemaker_remoted
• crmd: Enable cluster-wide throttling when the cib heavily exceeds its target load
• crmd: Make the per-node action limit directly configurable in the CIB
• crmd: Slow down recovery on nodes with IO load
• crmd: Track CPU usage on cluster nodes and slow down recovery on nodes with high CPU/IO load
• crm_mon: add --hide-headers option to hide all headers
• crm_node: Display partition output in sorted order
• crm_report: Collect logs directly from journald if available
• Fencing: On timeout, clean up the agent's entire process group
• Fencing: Support agents that need the host to be unfenced at startup
• ipc: Raise the default buffer size to 128k
• PE: Add a special attribute for distinguishing between real nodes and containers in constraint rules
• PE: Allow location constraints to take a regex pattern to match against resource IDs
• pengine: Distinguish between the agent being missing and something the agent needs being missing
• remote: Properly version the remote connection protocol

Changes since Pacemaker-1.1.10

• Bug rhbz#1011618 - Consistently use 'Slave' as the role for unpromoted master/slave resources
• Bug rhbz#1057697 - Use native DBus library for systemd and upstart support to avoid problematic use of threads
• attrd: Any variable called 'cluster' makes the daemon crash before reaching main()
• attrd: Avoid infinite write loop for unknown peers
• attrd: Drop all attributes for peers that left the cluster
• attrd: Give remote-nodes ability to set attributes with attrd
• attrd: Prevent inflation of attribute dampen intervals
• attrd: Support SI units for attribute dampening
• Bug cl#5171 - pengine: Don't prevent clones from running due to dependant resources
• Bug cl#5179 - Corosync: Attempt to retrieve a peer's node name if it is not already known
• Bug cl#5181 - corosync: Ensure node IDs are written to the CIB as unsigned integers
• Bug rhbz#902407 - crm_resource: Handle --ban for master/slave resources as advertised
• cib: Correctly check for archived configuration files
• cib: Correctly log short-form xml diffs
• cib: Fix remote cib based on TLS
• cibadmin: Report errors during sign-off
• cli: Do not enabled blackbox for cli tools
• cluster: Fix segfault on removing a node
• cman: Do not start pacemaker if cman startup fails
• cman: Start clvmd and friends from the init script if enabled
• Command-line tools should stop after an assertion failure
• controld: Use the correct variant of dlm_controld for corosync-2 clusters
• cpg: Correctly set the group name length
• cpg: Ensure the CPG group is always null-terminated
• cpg: Only process one message at a time to allow other priority jobs to be performed
• crmd: Correctly observe the configured batch-limit
• crmd: Correctly update expected state when the previous DC shuts down
• crmd: Correcty update the history cache when recurring ops change their return code
• crmd: Don't add node_state to cib, if we have not seen or fenced this node yet
• crmd: don't segfault on shutdown when using heartbeat
• crmd: Prevent recurring monitors being cancelled due to notify operations
• crmd: Reliably detect and act on reprobe operations from the policy engine
• crmd: When a peer expectedly shuts down, record the new join and expected states into the cib
• crmd: When the DC gracefully shuts down, record the new expected state into the cib
• crm_attribute: Do not swallow hostname lookup failures
• crm_mon: Do not display duplicates of failed actions
• crm_mon: Reduce flickering in interactive mode
• crm_resource: Observe --master modifier for --move
• crm_resource: Provide a meaningful error if --master is used for primitives and groups
• fencing: Allow fencing for node after topology entries are deleted
• fencing: Apply correct score to the resource of group
• fencing: Ignore changes to non-fencing resources
• fencing: Observe pcmk_host_list during automatic unfencing
• fencing: Put all fencing agent processes into their own process group
• fencing: Wait until all possible replies are recieved before continuing with unverified devices
• ipc: Compress msgs based on client's actual max send size
• ipc: Have the ipc server enforce a minimum buffer size all clients must use.
• iso8601: Prevent dates from jumping backwards a day in some timezones
• lrmd: Correctly calculate metadata for the 'service' class
• lrmd: Correctly cancel monitor actions for lsb/systemd/service resources on cleaning up
• mcp: Remove LSB hints that instruct chkconfig to start pacemaker at boot time
• mcp: Some distros complain when LSB scripts do not include Default-Start/Stop directives
• pengine: Allow fencing of baremetal remote nodes
• pengine: cl#5186 - Avoid running rsc on two nodes when node is fenced during migration
• pengine: Correctly account for the location preferences of things colocated with a group
• pengine: Correctly handle demotion of grouped masters that are partially demoted
• pengine: Disable container node probes due to constraint conflicts
• pengine: Do not allow colocation with blocked clone instances
• pengine: Do not re-allocate clone instances that are blocked in the Stopped state
• pengine: Do not restart resources that depend on unmanaged resources
• pengine: Force record pending for migrate_to actions
• pengine: Location constraints with role=Started should prevent masters from running at all
• pengine: Order demote/promote of resources on remote nodes to happen only once the connection is up
• pengine: Properly handle orphaned multistate resources living on remote-nodes
• pengine: Properly shutdown orphaned remote connection resources
• pengine: Recover unexpectedly running container nodes.
• remote: Add support for ipv6 into pacemaker_remote daemon
• remote: Handle endian changes between client and server and improve forward compatibility
• services: Fixes segfault associated with cancelling in-flight recurring operations.
• services: Reset the scheduling policy and priority for lrmd's children without replying on SCHED_RESET_ON_FORK

Pacemaker 1.1.11 - Release Candidate 5

Changes since Release Candidate 4

• Low: services: fix building dbus support in buildbot.
• Low: services: Fix building dbus
• Low: services: Keep dbus build support optional
• Refactor: dbus: Use native function for adding arguments to messages
• Fix: Bug rhbz#1057697 - Use native DBus library for upstart support to avoid problematic use of threads
• Fix: Portability: Use basic types for DBus compatability struct
• Build: Add dbus as an rpm dependancy
• Refactor: systemd: Simplify dbus API usage
• Fix: Bug rhbz#1057697 - Use native DBus library for systemd async support to avoid problematic use of threads
• Fix: Bug rhbz#1057697 - Use native DBus library for systemd support to avoid problematic use of threads
• Low: pengine: Regression test update for record-pending=true on migrate_to
• Fix: xml: Fix segfault in find_entity()
• Fix: cib: Fix remote cib based on TLS
• High: services: Do not block synced service executions
• Fix: cluster: Fix segfault on removing a node
• Fix: services: Reset the scheduling policy and priority for lrmd's children without replying on SCHED_RESET_ON_FORK
• Fix: services: Correctly reset the nice value for lrmd's children
• High: pengine: Force record pending for migrate_to actions
• High: pengine: cl#5186 - Avoid running rsc on two nodes when node is fenced during migration

If you are a user of pacemaker_remoted, you should take the time to read about changes to the online wire protocol that are present in this release.

Pacemaker 1.1.11 - Release Candidate 4

Changes since Release Candidate 3

• Fix: stonith_admin: Ensure pointers passed to sscanf() are properly initialized
• Fix: Prevent potential use-of-NULL
• Fix: upstart: Allow comilation with glib versions older than 2.28
• Fix: services: Fixes segfault associated with cancelling in-flight recurring operations.
• Low: crmd: Change the default value of node-action-limit

If you are a user of pacemaker_remoted, you should take the time to read about changes to the online wire protocol that are present in this release.

Pacemaker 1.1.11 - Release Candidate 3

Changes since Release Candidate 2

• Fix: ipc: fix memory leak for failed ipc client connections.
• Fix: pengine: Fixes memory leak in regex pattern matching code for constraints.
• Low: Avoid potentially misleading and inaccurate compression time log msg
• Fix: crm_report: Suppress logging errors after the target directory has been compressed
• Fix: crm_attribute: Do not swallow hostname lookup failures
• Fix: crmd: Avoid deleting the 'shutdown' attribute
• Log: attrd: Quote attribute names
• Doc: Pacemaker_Explained: Fix formatting

If you are a user of pacemaker_remoted, you should take the time to read about changes to the online wire protocol that are present in this release.

Pacemaker 1.1.11 - Release Candidate 2

Changes since Release Candidate 1

• Build: cts: Install cib_xml.py
• Low: report: Add support for xz compressed logs
• Fix: attrd: Memory leak
• Fix overflow on SMTP subject line
• Fix: Removes unnecessary newlines in crm_resource -O output
• Fix: crmd: Memory leak
• Fixed a problem that chkconfig has not been able to get a list correctly in the environment of RHEL5.

If you are a user of pacemaker_remoted, you should take the time to read about changes to the online wire protocol that are present in this release.