Ceph Rock: Tentacle (20.2.0) Release Notes

utkarshbhatthere · May 4, 2026, 11:29am

First Tentacle (20.x) build of the canonical/ceph rock, published to
ghcr.io/canonical/ceph under the tentacle and tentacle-edge tags.

Summary

Ceph version: 20.2.0 (tentacle, stable)
Base image: ubuntu@24.04 (noble)
Source: PPA lmlogiudice/ceph-tentacle-noble, pinned with priority: always

Why noble + PPA instead of archive ?

Resolute (26.04) ships Tentacle 20.2.0 in main but pairs Python 3.14 with python3-cryptography ~46.x. ceph-mgr fails to load any module importing cryptography (cephadm, dashboard, prometheus) with a PyO3 subinterpreter ImportError (LP #2150762).

Noble (24.04) ships Python 3.12 + cryptography ~41.x — the combination MicroCeph already runs. Tentacle isn’t in noble main, so we pull from lmlogiudice/ceph-tentacle-noble. This will be switched back to Resolute archive once the PyO3 / 3.14 issue is fixed upstream.

What’s new

Image

Bumped from Squid (19.2.x) to Tentacle (20.2.0, noble + tentacle PPA).
nfs-ganesha is now a separate rockcraft part.

Patches applied at build time

Three carry-over patches keep the mgr loadable until the noble PPA ships fixed packages:

0001-mgr_util-add-verify_cacrt_content — restores verify_cacrt_content missing from the PPA’s mgr_util.py; without it, ceph-mgr-cephadm fails to import on every bootstrap.
0002-mgr-prometheus-fix-string-formatting — fixes a TypeError raised by the prometheus module when orch get-security-config returns empty JSON.
0003-add-stub-smb-mgr-module — Ubuntu doesn’t ship ceph-mgr-smb; the dashboard imports it unconditionally via controllers/smb.py. Stub keeps the dashboard loadable.

CI / publishing

publish_edge.yaml and publish_release.yaml already gate Tentacle tags on version starting with 20; no workflow changes needed to release. Pushes to main produce tentacle-edge; tagged release commits produce tentacle + 20.2.0.

Validation

Validated on both supported orchestrators.

cephadm

Single-host LXD VM (ubuntu:26.04, 4 vCPU / 8 GiB / 3× 10 GiB volumes).
cephadm bootstrap against the rock from a local registry succeeds; mon, mgr (active + standby), crash, all run on tentacle 20.2.0.
ceph orch apply osd --all-available-devices provisions all 3 OSDs; final state osd: 3 osds: 3 up, 3 in, HEALTH_OK, 1 pg active+clean on the auto-created .mgr pool.

Rook

Validated against rook/ceph:v1.19.5 on minikube via the in-tree RookTest workflow.
Full canary suite passes: device prepare → cluster ready → mgr ready → external-cluster script tests → restricted-auth → upgrade flag → rgw endpoint validation.
Required CI updates for the rook 1.19 jump (label selectors, indexed CSI users, fixture paths, lowercase rados namespace, RGW realm/zonegroup/zone wiring) are in .github/workflows/build_and_test.yaml.

Known issues

Upstream — OSD crash with `allow_ec_optimizations`

ceph tracker #74813 — All the OSDs in the cluster crash if allow_ec_optimizations is set regardless of allow_ec_overwrites.

Affects EC pool creation/configuration paths in 20.2.0. Setting allow_ec_optimizations on a pool will crash every OSD in the cluster. Until the upstream fix lands and a new tentacle point release is published, do not enable allow_ec_optimizations on this rock.