Release 3.12.3

Release Date

v3.12.3 was released to the public on June 12, 2025.

New in This Release

This release is the latest 3.12.x LTS release. It introduces the following changes since version 3.12.2. Upgrading from earlier versions to 3.12.3 is recommended.

Issue TypeDescriptionID
Enhancement api-service: Returned an error to the client when enabling cluster encryption with TPM, but when one or more of the servers in the cluster did not support TPM 2.0.LBM1-35117
Enhancement cluster-manager: 1. Prevented replacing a node when encryption was enabled in the cluster, but the target node was located on a server that could not/did not enable encryption yet. 2. When encryption was enabled in the cluster, it prevented the cluster from creating internal resources on servers that could not/did not enable encryption yet.LBM1-34674
Enhancement cluster-manager: Allowed for creating a snapshot with the same name as a snapshot waiting for deletion.LBM1-19435
Enhancement cluster-manager: When encryption was enabled in the cluster, it prevented servers that did not have the latest encryption-info from participating in the election for being the active cluster-manager.LBM1-34671
Enhancement lbcli: Added the parse jwt command, which parses and shows a JWT's content.LBM1-36666
Enhancement lbcli: Added a request for confirmation before enabling cluster encryption. To confirm, 'y' or 'yes' must be entered.LBM1-33826
Enhancement lightbits-api: It is only possible to create a clone from a snapshot that is Available. The API will now return Unavailable when attempting to create a clone from a snapshot that is Creating, return FailedPrecondition when the snapshot is Deleting or Failed, return NotFound when the snapshot is Deleted, and return Internal for any other invalid snapshot states.LBM1-20954
Major duroslight: When a primary reads an object requested by secondary rebuild, it could detect that the object is not good (failure to decompress, CRC mismatch, etc.). It might also not detect this, especially if dek_generation is corrupt (non 0) - so we consider the object encrypted and pass it as is. The secondary assumes that the object received is not malformed; i.e., it can be written into the storage/journal. This might not be the case if the primary passed a malformed object. With this change, the primary does its best to pass the object without violating the protocol assumptions, and the secondary sanity checks the object received, detects a violation if a violation occurs, and fixes it so the object can be persisted.LBM1-37650
Major duroslight: /etc/duroslight/conf.yaml now has a max_ctrl_io_queues parameter that allows configuring the maximal number of IO queues allowed per controller (client connection). The default is 128. See NVMe 1.4, 5.21.1.7 for details. This option enables reducing the number of sockets connected per client: every client connection will have min(nr_cpus, max_ctrl_io_queue) + 1 sockets.LBM1-36567
Major duroslight: Fixed an issue when a snapshot was created immediately following a primary switch/failover. Such a snapshot did not wait for all the previously-written snapshot data to persist in the GFTL storage, which could lead to a possible transient state where a clone from this snapshot or snapshot diff would not observe all the snapshot data correctly.LBM1-36122
Minor api-service: Exited gracefully when unable to contact etcd instead of panicking.LBM1-36213
Minor control-plane: Fixed an issue where GetVolumeStatisticscould get stuck and block the stop node-manager service due to ioctl commands that were not returned while trying to collect the volume's information.LBM1-36308
Minor data-layer: Fixed FSM retries on snapshot transaction failures, ensured atomic deletion of node and cluster snapshots, and added validation to prevent race conditions when storing node snapshots.LBM1-35984
Minor data-layer: Resolved an issue preventing proactive rebalance from selecting target nodes that previously had permanent failures and proactive rebalance involving volumes that had snapshots - even after a long period of time - due to certain conditions that caused obsolete snapshot keys to still exist in etcd even though their corresponding data was moved or deleted.LBM1-34858
Minor lightbits-api: Updated gRPC and the REST API documentation. Information on required fields was not always correct in the documentation, with various fields missing some information. The documentation is up to date now.LBM1-36161
Minor node-manager: Fixed unexpected behaviors such as node-manager failing to complete rebuilds and volumes stuck in Migrating state, or node-manager crashing and restarting for no apparent reason, following a timed-out request to duroslight. This could occur for a dynamic rebalance operation that took place shortly after a disconnection between the node manager and etcd, and in which the node was previously hosting a replica for the corresponding volume.LBM1-36089
Minor node-manager: Fixed a race condition related to Data Integrity (DI) errors that could cause some errors to be detected and reported twice instead of once (which could not have caused a data integrity error to be missed - i.e., a missed event).LBM1-35757
Minor upgrade-manager: Fixed a rare race condition in which the running upgrade-manager could miss out on an existing upgrade-server task when handling a cluster-upgrade, causing the cluster-upgrade command to later fail.LBM1-35910
Minor userlbe: Fault all pages of allocated memory on startup. This can prevent cases where pages are faulted during runtime and there is no available physical memory to back them, which causes the userlbe to OOM and crash.LBM1-36162

Installation and Upgradeability

You can upgrade to this release from all previous Lightbits v3.9.x, v3.10.x, and v3.11.x releases - as well as from 3.12.1 and 3.12.2. Upgrading is recommended.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard