September 2013 - OpenStack-announce

python-heatclient 0.2.5 released
by Steve Baker 03 Mar '14

03 Mar '14

The heat development community would like to announce the release of python-heatclient version 0.2.5. python-heatclient is a client library for Heat built on the Heat orchestration API. It provides a Python API (the heatclient module) and a command-line tool (heat). This release can be installed from the following locations: http://tarballs.openstack.org/python-heatclient <http://tarballs.openstack.org/python-heatclient> https://pypi.python.org/pypi/python-heatclient <https://pypi.python.org/pypi/python-heatclient> Bugs fixed in this release: https://launchpad.net/python-heatclient/+milestone/v0.2.5 <https://launchpad.net/python-heatclient/+milestone/v0.2.5>

1 2

OpenStack Community Weekly Newsletter (Sep 20-27)
by Stefano Maffulli 28 Sep '13

28 Sep '13

Register Now For The Summit in Hong Kong <http://www.openstack.org/summit/openstack-summit-hong-kong-2013/?source=o12> ???? ???????????????? ???????, ???????? <https://www.eventbrite.com/event/6786581849/o12> Last batch of invites to the Hong Kong summit has been sent to Active Technical Contributors (ATCs). Check your inbox and spam folders if your code merged before September 25^th . Participate in the OpenStack User Survey by September 30! <http://www.openstack.org/blog/2013/09/participate-in-the-openstack-user-sur…> A tale of 3 OpenStack clouds : 50,000 cores in production at CERN <http://openstack-in-production.blogspot.com/2013/09/a-tale-of-3-openstack-c…> Tim Bell in his blog post explains the different OpenStack environments at CERN and their distinct teams of evaluation and administration. OpenStack Icehouse Incubation Roundup <http://www.zerobanana.com/archive/2013/09/04#icehouse-incubation> The OpenStack Technical Committee met this week <http://eavesdrop.openstack.org/meetings/tc/2013/tc.2013-09-03-20.01.html> to consider the status of incubated projects for the upcoming Icehouse cycle. As a result, database provisioning (codename Trove)will be an official part of the Icehouse (2014.1) release, while message queues (Marconi) and bare-metal server provisioning (Ironic) will be in incubation with a view to becoming official in the as-yet-unnamed J (2014.2) release. MapReduce as a service <http://www.zerobanana.com/archive/2013/09/25#savanna-incubation> (Savanna) will also be incubated. How to Use Ask OpenStack <http://www.openstack.org/blog/2013/09/how-to-use-ask-openstack/> We're continuously building together "The best place on the Internet to find answers to common OpenStack problems": our Question&Answers site Ask <https://ask.openstack.org/>OpenStack <https://ask.openstack.org/> is such place and needs everybody's help. Ask OpenStack is a collaborative effort, think of it like a wiki where pages are made only of questions and answers. Anybody with more than 100 karma points can fix a question or an answer and anybody can gain karma points by getting votes on answers and/or questions. Introducing the NNFI scheduler for Zuul <http://amo-probos.org/post/16> We recently made a change to Zuul's scheduling algorithm (how it determines which changes to combine together and run tests). Now when a change fails tests (or has a merge conflict), Zuul will move it out of the series of changes that it is stacking together to be tested, but it will still keep that change's position in the queue. Jobs for changes behind it will be restarted without the failed change in their proposed repo states. And if something later fails ahead of it, Zuul will once again put it back into the stream of changes it's testing and give it another chance. Tips 'n Tricks * By Sean Dague <http://dague.net/>: Gerrit queries to avoid OpenStack review overload <http://dague.net/2013/09/27/gerrit-queries-to-avoid-openstack-review-overlo…> * By Chmouel Boudjnah <http://blog.chmouel.com/>: How to access Rackspace Cloud with latest novaclient/swiftclient <http://blog.chmouel.com/2013/09/27/how-to-access-rackspace-cloud-with-lates…> * By Adam Young <http://adam.younglogic.com/>: Keystone V3 API Examples <http://adam.younglogic.com/2013/09/keystone-v3-api-examples/> * By Mirantis <http://www.mirantis.com/>: Short Update on Hardware Calculator for OpenStack <http://www.mirantis.com/blog/short-update-on-openstack-hardware-calculator/> Upcoming Events * OpenStack on Ales <http://openstack.onales.com/> Sep 30 -- Oct 01, 2013 -- Bend, OR Details <http://openstack.onales.com/> * Open World Forum (Paris) <http://www.openworldforum.com/> Oct 03 -- 05, 2013 -- Paris, France Details <http://www.openworldforum.com/> * Gartner Symposium/IT Expo North America <http://www.gartner.com/technology/symposium/orlando/> Oct 06 -- 10, 2013 -- Orlando, FL, USA Details <http://www.gartner.com/technology/symposium/orlando/> * OpenStack in action ! -- The Canadian Chapter <https://openstackinactioncanada.eventbrite.com/> Oct 08, 2013 -- Montreal, Canada Details <https://openstackinactioncanada.eventbrite.com/> * Swift Hackathon <http://swifthackathon.eventbrite.com/> Oct 15 -- 17, 2013 -- Austin, TX Details <http://swifthackathon.eventbrite.com/> * LinuxCon/Cloud Open Europe <http://events.linuxfoundation.org/events/cloudopen-europe> Oct 21 -- 23, 2013 -- Edinburgh, Scotland, UK Details <http://events.linuxfoundation.org/events/cloudopen-europe> * Cloud Connect <http://www.cloudconnectevent.com/chicago> Oct 21 -- 17, 2013 -- Chicago, IL, USA Details <http://www.cloudconnectevent.com/chicago> Reports from Previous Events * CodeChix OpenStack workshop wrap-up and materials <http://princessleia.com/journal/?p=8526> * LinuxCon Wrapup <http://www.siliconloons.com/?p=508> * Summary: OpenStack India Day, 2013 <http://openstackindia.wordpress.com/2013/09/22/summary-openstack-india-day-…> Other News * Savanna accepted into OpenStack Incubation <http://www.mirantis.com/blog/savanna-accepted-into-openstack-incubation/> * Hadoop on OpenStack <http://www.zerobanana.com/archive/2013/09/25#savanna-incubation> * Tuskar is merging with TripleO <http://lists.openstack.org/pipermail/openstack-dev/2013-September/015599.ht…>. * OpenStack Governance: Electing Technical Leaders For Next Development Cycle <http://www.openstack.org/blog/2013/09/openstack-governance-electing-technic…> * Open Mic Spotlight: Terri Yu <http://www.openstack.org/blog/2013/09/open-mic-spotlight-terri-yu/> * OpenStack Project Meeting: Summary <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-09-24-21.…> and full logs <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-09-24-21.…> Welcome New Developers Is your affiliation correct? Check your profile in the OpenStack Foundation Members Database! <http://www.openstack.org/profile/> * Deepti Navale <http://50.56.249.200:8090/plugins/zfacts/view.action?viewproperties=true&in…>, Red Hat * Donovan Finch <http://50.56.249.200:8090/plugins/zfacts/view.action?viewproperties=true&in…>, None * Dennis Kliban <http://50.56.249.200:8090/plugins/zfacts/view.action?viewproperties=true&in…>, Red Hat * Timur Sufiev <http://50.56.249.200:8090/plugins/zfacts/view.action?viewproperties=true&in…>, Mirantis * Debasish Chowdhury <http://50.56.249.200:8090/plugins/zfacts/view.action?viewproperties=true&in…>, Globallogic * Kevin Jackson <http://50.56.249.200:8090/plugins/zfacts/view.action?viewproperties=true&in…>, Rackspace * Maxime Vidori <http://50.56.249.200:8090/plugins/zfacts/view.action?viewproperties=true&in…>, Enovance * zhu zhu <http://50.56.249.200:8090/plugins/zfacts/view.action?viewproperties=true&in…>, None (IBM?) * Vui Lam <http://50.56.249.200:8090/plugins/zfacts/view.action?viewproperties=true&in…>, Vmware * Sukhdev Kapur <http://50.56.249.200:8090/plugins/zfacts/view.action?viewproperties=true&in…>, Arista Networks * Prashanth Pai <http://50.56.249.200:8090/plugins/zfacts/view.action?viewproperties=true&in…>, Red Hat Got answers? Ask OpenStack <https://ask.openstack.org/> is the go-to destination for OpenStack users. Interesting questions waiting for answers: * Swift [Errno -5] No address associated with hostname <https://ask.openstack.org/en/question/5342/swift-errno-5-no-address-associa…> * what is the base endpoint url for networking api <https://ask.openstack.org/en/question/5309/what-is-the-base-endpoint-url-fo…> * How do I enable an instance to access the OpenStack and EC2 APIs on the controller? <https://ask.openstack.org/en/question/5182/how-do-i-enable-an-instance-to-a…> * How do I work around the "TypeError: dist must be a Distribution instance" problem when following the Swift-all-in-one instructions <https://ask.openstack.org/en/question/5478/how-do-i-work-around-the-typeerr…> * What is a "publishing policy" for ceilometer <https://ask.openstack.org/en/question/5467/what-is-a-publishing-policy-for-…> * How to edit the SNAT rules of the L3 agent so that it forwards packets of specific source/dest IPs to a certain VM? <https://ask.openstack.org/en/question/5435/how-to-edit-the-snat-rules-of-th…> /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./

1 0

OpenStack Community Weekly Newsletter (Sep 13-20)
by Stefano Maffulli 22 Sep '13

22 Sep '13

Register Now For The Summit in Hong Kong <http://www.openstack.org/summit/openstack-summit-hong-kong-2013/?source=o12> ?????? ?????????????? ???????, ???????? <https://www.eventbrite.com/event/6786581849/o12> Today all Hong Kong Summit Speakers were notified whether or not your submission was accepted for inclusion in the final Summit agenda. If you submitted a talk please check your email now (the email address that you used when you submitted the session). If you do not see a notification email sent from OpenStack please contact events(a)openstack.org <mailto:events@openstack.org>. Participate in the OpenStack User Survey by September 30! <http://www.openstack.org/blog/2013/09/participate-in-the-openstack-user-sur…> OpenStack Launches Training Marketplace <http://www.openstack.org/blog/2013/09/openstack-launches-training-marketpla…> The OpenStack Foundation has launched a new Training Marketplace, making it easier to discover and participate in training courses offered by technology providers in the OpenStack ecosystem. Aptira, hastexo, The Linux Foundation, Mirantis, Morphlabs, Piston, Rackspace, Red Hat, SUSE and SwiftStack are the first companies to have courses available in the Marketplace, with the goal of growing the OpenStack talent pool and accelerating the availability of OpenStack training courses worldwide. Tips 'n Tricks * By Anne Gentle <http://justwriteclick.com/>: OpenStack DocImpact Flag Walk-through <http://justwriteclick.com/2013/09/17/openstack-docimpact-flag-walk-through/> * By Mirantis <http://www.mirantis.com/>: Planning hardware for your OpenStack cluster: the answers to your questions <http://www.mirantis.com/blog/planning-hardware-for-your-openstack-cluster-t…> * By Adam Young <http://adam.younglogic.com/>: Autoregistering an OpenStack Virtual Machine with FreeIPA <http://adam.younglogic.com/2013/09/register-vm-freeipa/> Upcoming Events * OpenStack India Day <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> Sep 21, 2013 -- Bangalore Details <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> * CodeChix OpenStack Workshop <http://codechix-openstack1-rss.eventbrite.com/> Sep 22, 2013 -- Palo Alto, CA Details <http://codechix-openstack1-rss.eventbrite.com/> * Hosting & Cloud Transformation Summit <http://na.hostingtransformation.com/>Sep 23 -- 25, 2013 -- Las Vegas, USA Details <http://na.hostingtransformation.com/> * OpenStack on Ales <http://openstack.onales.com/> Sep 30 -- Oct 01, 2013 -- Bend, OR Details <http://openstack.onales.com/> * Open World Forum (Paris) <http://www.openworldforum.com/> Oct 03 -- 05, 2013 -- Paris, France Details <http://www.openworldforum.com/> * Gartner Symposium/IT Expo North America <http://www.gartner.com/technology/symposium/orlando/> Oct 06 -- 10, 2013 -- Orlando, FL, USA Details <http://www.gartner.com/technology/symposium/orlando/> * OpenStack in action ! -- The Canadian Chapter <https://openstackinactioncanada.eventbrite.com/> Oct 08, 2013 -- Montreal, Canada Details <https://openstackinactioncanada.eventbrite.com/> * Swift Hackathon <http://swifthackathon.eventbrite.com/> Oct 15 -- 17, 2013 -- Austin, TX Details <http://swifthackathon.eventbrite.com/> * LinuxCon/Cloud Open Europe <http://events.linuxfoundation.org/events/cloudopen-europe> Oct 21 -- 23, 2013 -- Edinburgh, Scotland, UK Details <http://events.linuxfoundation.org/events/cloudopen-europe> * Cloud Connect <http://www.cloudconnectevent.com/chicago> Oct 21 -- 17, 2013 -- Chicago, IL, USA Details <http://www.cloudconnectevent.com/chicago> Reports from Previous Events * VTC Fall 2013: The future of Cloud Operating Systems <http://www.cloudcomp.ch/2013/09/cleen-2013-the-future-of-cloud-operating-sy…> Other News * Open Mic Spotlight: Christopher Armstrong <http://www.openstack.org/blog/2013/09/open-mic-spotlight-christopher-armstr…> * OpenStack Documentation: RTFM is A Good Thing <http://www.mirantis.com/blog/openstack-documentation-rtfm-is-a-good-thing/> * OpenStack Project Meeting: skipped this week Welcome New Developers Is your affiliation correct? Check your profile in the OpenStack Foundation Members Database! * Thomas Maddox, Rackspace * Vitaliy Kolosov, Yahoo! * Chen Xiao, China * Chengli XU, Netease * Vitaly Kostenko, None * David Xie, Platform Computing * Keith Burns, Nexus IS * Dazhao Yu, IBM * Yves-Gwenael Bourhis, Cloudwatt * Sahid Orentino Ferdjaoui, Cloudwatt * Noboru Arai, NEC * Yair Fried, Red Hat * Kiyohiro Adachi, NEC * Ling Gao, IBM * Leonard Packham, Rackspace * Jason Smith, Rackspace * Hart Hoover, Rackspace * Abhishek Lahiri, Symantec Corporation * Evgeny Fedoruk, Radware * Denny Zhang, Unitedstack * Harri Hämäläinen, CSC -- IT Center for Science Ltd. * Victor Morales, Intel * Sam Harwell, Rackspace * Bo Lin, Vmware * Joe Cropper, IBM Got answers? Ask OpenStack <https://ask.openstack.org/> is the go-to destination for OpenStack users. Interesting questions waiting for answers: * What causes "versioning for this project requires either an sdist or an access to an upstream git repository" Exception when running stack.sh? <https://ask.openstack.org/en/question/530/what-causes-versioning-for-this-p…> * How do I enable an instance to access the OpenStack and EC2 APIs on the controller? <https://ask.openstack.org/en/question/5182/how-do-i-enable-an-instance-to-a…> * Is Network as a Service completely customizable? <https://ask.openstack.org/en/question/5180/is-network-as-a-service-complete…> * What items to backup? <https://ask.openstack.org/en/question/5174/what-items-to-backup/> * can i use gre tunneling with provider network on quantum ? <https://ask.openstack.org/en/question/5124/can-i-use-gre-tunneling-with-pro…> * Is there a reason why cinder throws an error on one compute node, but not others? <https://ask.openstack.org/en/question/5114/is-there-a-reason-why-cinder-thr…> * An instance couldn't release its resource(vcpu, rom, etc.) only if it is terminated, and what's the reason? Could somebody tell me? <https://ask.openstack.org/en/question/5089/an-instance-couldnt-release-its-…> * RDO: how to disable remote vnc? <https://ask.openstack.org/en/question/5084/rdo-how-to-disable-remote-vnc/> * Why the LXC throughput is so low <https://ask.openstack.org/en/question/5064/why-the-lxc-throughput-is-so-low/> /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./

1 0

OpenStack Community Weekly Newsletter (Sep 6-13)
by Stefano Maffulli 14 Sep '13

14 Sep '13

Register Now For The Summit in Hong Kong <http://www.openstack.org/summit/openstack-summit-hong-kong-2013/?source=o12> ? ??????????????????? ???????, ???????? <https://www.eventbrite.com/event/6786581849/o12> The last batch of invites to the Summit for OpenStack Active Technical Contributors will be send in the next 10 days. If you have committed code or documentation before September 6 expect official communication soon. Participate in the OpenStack User Survey by September 30! <http://www.openstack.org/blog/2013/09/participate-in-the-openstack-user-sur…> We're kicking off the second round of the OpenStack User Survey this month! You may remember before the April Summit we helped the User Committee run a survey to aggregate OpenStack deployments and share the results. OpenStack Docs Boot Camp Wrap Up <http://justwriteclick.com/2013/09/13/openstack-docs-boot-camp-wrap-up/> We gathered about 20 writers and developers who wanted to learn about OpenStack documentation in the Mirantis training room for two days this week in Mountain View, California. The idea for a docs boot camp came from the OpenStack Infrastructure team who held one back in June <http://www.openstack.org/blog/2013/07/infrastructure-bootcamp/>. We wanted to enable more people to contribute to OpenStack documentation through in-person training and team building. It's not like a book sprint, with the goal of a book in five days, but rather a training session, with questions and answers in real time. Read the full report from Anne Gentle <http://justwriteclick.com/>. Contributing To OpenStack Even If You Are Not A Developer <http://cloudarchitectmusings.com/2013/09/08/contributing-to-openstack-even-…> Kenneth Hui <http://cloudarchitectmusings.com/> outlines some ways for community members to become contributors to OpenStack without having to write a line of Python code. Tips 'n Tricks * By The Official Rackspace Blog <http://www.rackspace.com/blog>: Installing Rackspace Private Cloud In 20 Minutes Or Less <http://www.rackspace.com/blog/installing-rackspace-private-cloud-in-20-minu…> * By Xlcloud <http://blog.xlcloud.me/>: Baremetal Driver and the Devstack. <http://blog.xlcloud.me/post/2013/09/11/Baremetal-Driver-and-the-Devstack> * By eNovance Engineering Teams <http://techs.enovance.com/>: A gentle introduction to DRBD <http://techs.enovance.com/6177/drbd> * By TelekomCloud DevOps team <http://telekomcloud.github.io/>: New Ways of Tempest Stress Testing <http://telekomcloud.github.io/2013/09/11/new-ways-of-tempest-stress-testing…> * By Zane Bitter <http://www.zerobanana.com/tags/OpenStack>: Application Definition with Heat <http://www.zerobanana.com/archive/2013/09/10#heat-application-definition-ta…> * By eNovance Engineering Teams <http://techs.enovance.com/>: Adding new 3rd party tools in Fio <http://techs.enovance.com/6110/adding-new-3rd-party-tools-in-fio> * By Flavio Percoco <http://blog.flaper87.com/>: Test strategies for your Python projects <http://blog.flaper87.com/post/522b9e560f06d32542ede77f/> Upcoming Events * OpenStack In Action -- Powering IaaS Cloud <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…> Sep 14, 2013 - SAP Labs Whitefield, Bangalore Details <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…> * Cloud Connect China <http://www.cloudconnectevent.cn/> Sep 15 - 17, 2013 - Shanghai, China Details <http://www.cloudconnectevent.cn/> * LinuxCon/Cloud Open North America <http://events.linuxfoundation.org/events/cloudopen-north-america> Sep 16 - 18, 2013 - New Orleans Details <http://events.linuxfoundation.org/events/cloudopen-north-america> * GigaOM Structure UK <http://event.gigaom.com/structure> Sep 18 - 19, 2013 - London, UK Details <http://event.gigaom.com/structure> * OpenStack India Day <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> Sep 21, 2013 -- Bangalore Details <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> * CodeChix OpenStack Workshop <http://codechix-openstack1-rss.eventbrite.com/> Sep 22, 2013 - Palo Alto, CA Details <http://codechix-openstack1-rss.eventbrite.com/> * Hosting & Cloud Transformation Summit <http://na.hostingtransformation.com/>Sep 23 - 25, 2013 - Las Vegas, USA Details <http://na.hostingtransformation.com/> * OpenStack on Ales <http://openstack.onales.com/> Sep 30 - Oct 01, 2013 - Bend, OR Details <http://openstack.onales.com/> * Open World Forum (Paris) <http://www.openworldforum.com/> Oct 03 - 05, 2013 - Paris, France Details <http://www.openworldforum.com/> * Gartner Symposium/IT Expo North America <http://www.gartner.com/technology/symposium/orlando/> Oct 06 - 10, 2013 - Orlando, FL, USA Details <http://www.gartner.com/technology/symposium/orlando/> * OpenStack in action ! - The Canadian Chapter <https://openstackinactioncanada.eventbrite.com/> Oct 08, 2013 - Montreal, Canada Details <https://openstackinactioncanada.eventbrite.com/> * Swift Hackathon <http://swifthackathon.eventbrite.com/> Oct 15 - 17, 2013 - Austin, TX Details <http://swifthackathon.eventbrite.com/> * LinuxCon/Cloud Open Europe <http://events.linuxfoundation.org/events/cloudopen-europe> Oct 21 - 23, 2013 - Edinburgh, Scotland, UK Details <http://events.linuxfoundation.org/events/cloudopen-europe> * Cloud Connect <http://www.cloudconnectevent.com/chicago> Oct 21 - 17, 2013 - Chicago, IL, USA Details <http://www.cloudconnectevent.com/chicago> Reports from Previous Events * Meetup @ CISCO, Bangalore <http://openstackindia.wordpress.com/2013/09/12/meetup-cisco-bangalore/> * OpenStack Object Storage at Intel Developers Forum <http://swiftstack.com/blog/2013/09/11/openstack-object-storage-at-intel-dev…> Other News * Introducing BasicDB <http://blog.linux2go.dk/2013/09/07/introducing-basicdb/> * OpenStack Ceilometer Havana-3 milestone released <http://julien.danjou.info/blog/2013/openstack-ceilometer-havana-3-milestone…> * Murano 0.2 is here! <http://www.mirantis.com/blog/murano-0-2-is-here/> * The Fanatical Faces Of Rackspace Private Cloud: Bryan Thompson <http://www.rackspace.com/blog/the-fanatical-faces-of-rackspace-private-clou…> * Open Mic Spotlight: Flavio Percoco <http://www.openstack.org/blog/2013/09/open-mic-spotlight-flavio-percoco/> * What does an NFV application owner require from PaaS? <http://orenscloudplatformthoughts.tumblr.com/post/61015756554> * You Can't Collapse Tiered Storage in Private Clouds Built on OpenStack: Whitepaper <http://www.cloudscaling.com/blog/company/you-cant-collapse-tiered-storage-i…> * OpenStack Project Meeting: Summary <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-09-10-21.…> and full logs <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-09-10-21.…> Security Advisories * Token revocation failure using Keystone memcache/KVS backends (CVE-2013-4294) <http://lists.openstack.org/pipermail/openstack-announce/2013-September/0001…> * Potential denial of service on Nova when using Qpid (CVE-2013-4261) <http://lists.openstack.org/pipermail/openstack-announce/2013-September/0001…> /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./

1 0

[OSSA 2013-026] Potential denial of service on Nova when using Qpid (CVE-2013-4261)
by Thierry Carrez 13 Sep '13

13 Sep '13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenStack Security Advisory: 2013-026 CVE: CVE-2013-4261 Date: September 12, 2013 Title: Potential denial of service on Nova when using Qpid Reporter: Jaroslav Henner (Red Hat) Products: Nova Affects: Folsom, Grizzly Description: Jaroslav Henner from Red Hat reported a vulnerability in Nova when using Apache Qpid as the RPC backend. By sending any random text longer than 65K characters to an instance console and requesting the console log contents through the API, an authenticated user may disrupt the nova-compute node his instance is running on. This vulnerability could be leveraged in a Denial of Service attack against the cloud provider. Only Folsom and Grizzly setups using Qpid as their RPC backend are affected. Havana setups, or setups using other RPC backends (like RabbitMQ), are all unaffected. Grizzly fix: https://review.openstack.org/#/c/43303/ Folsom fix: https://review.openstack.org/#/c/45426/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4261 https://bugs.launchpad.net/nova/+bug/1215091 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCAAGBQJSMducAAoJEFB6+JAlsQQjYqUP/1ebNaaz+k3DxiRfoNpsbRkV EKJtD/W/6/UkCYUzPNGGZSl1ijp9CEQXh6IL82lTBw82nTbsHc3mt22FgusdU6WZ JH6PevC95PlyNWQYsUGO5GzQ6lb28VjzgYUt36Z2ZatQ4lUGJHv9iZcsIBVYayJy OKPnnt2ztiG62B88Ka1GQx4iyEtU50QCcpZEbWHcX5dIXWfWWfYNEMVU+gIfaxlo sVZH+up2ERKVDH7l/JzhvD4ut1zAoM0sp29/GROJLmzh1dqd9P+QIh5WO4e6VLZp 5y90uMZ03O1lN16IZE0B3r9JBc9ekn7JhJ5YXBvwM+Z3Am1ZlDjUL1ojiZ2aBT9B RnPF/oz4CsuGXjghg0mzPrjJuwR/Z46pg1t92FbVXW94Fxx7VfORLF6ELaDoqoiu nmRUpDQxpg+dYw7OS9lQF10eC2M6S0EwKWzlQlloZGR5/kG9VR4fyhLE1w8+YrRF Gr8pDaF6MJoxZxxb4rRhaDsPaXuUX/QPr0GsMeCy6vfV+yX/Yk99YJoNtar7Z7I+ llslcbaet3C2sONR2EbCD2J03E8/3VztdkG32iVGwxn0LHh2K1o+wfno73w1PW4u DV4LIvbypZgmMEbVzHDkDGs1jOfSzFzDhIsCtgEih53rr2HIsd8AmkWeTPirpXN6 EOmohe9HXVlvPUPcVJNd =zUsw -----END PGP SIGNATURE-----

1 0

[OSSA 2013-025] Token revocation failure using Keystone memcache/KVS backends (CVE-2013-4294)
by Thierry Carrez 12 Sep '13

12 Sep '13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenStack Security Advisory: 2013-025 CVE: CVE-2013-4294 Date: September 11, 2013 Title: Token revocation failure using Keystone memcache/KVS backends Reporter: Kieran Spear (University of Melbourne) Products: Keystone Affects: Folsom, Grizzly Description: Kieran Spear from the University of Melbourne reported a vulnerability in Keystone memcache and KVS token backends. The PKI token revocation lists stored the entire token instead of the token ID, triggering comparison failures, ultimately resulting in revoked PKI tokens still being considered valid. Only Folsom and Grizzly Keystone setups making use of PKI tokens with the memcache or KVS token backends are affected. Havana setups, setups using UUID tokens, or setups using PKI tokens with the SQL token backend are all unaffected. Grizzly fix: https://review.openstack.org/#/c/46080/ Folsom fix: https://review.openstack.org/#/c/46079/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4294 https://bugs.launchpad.net/keystone/+bug/1202952 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCAAGBQJSMI+5AAoJEFB6+JAlsQQj2hAQAI/S5bAv+XrYUaXRBgJxvBz4 xVXdrXl/iA7R9iDIlmaFThOCvw4SCsWB7jBYRv8wAk3V3HZw9jEmC3OoebpCFWNb 1q3an25kroviy8rfZyQIqe9KTrwXRa/jDVlun2EEiw7KyUty/HIAjUCVUXVKBhyh 8Bctn90A/Nt2D5Am3hyofsS5fOjmzwW6b73RCY7CDntduxUtPn6lbUthFESXTCwv lojClZ5X78XnCh2/WJuxKkAEm8EujlNqkIHziGgc3HrForxSc2GKSPzgFbg5eBbt BaDTxFkDHW3EwSK/69b+699e9BvN/vuBxbNa7YW2ANiM1IJ34QHouPk4XULMZIeH cZ4QOBX7MtUhvD1htfTlHQfvb1syqlvul49WVmmsk48CMVW6hArSMQvTVbArUqD0 fN2INqfghZMQCkQIlXE+38J88OOL/S+sq6p8dIn96JxP2tnw4rIs9YclSa9E1Ub0 SIDaWPu7NN+wuY1WN+EzHV0zHI8HYs2HkOlrRW3E02JEm3xcEEmYLCwf+c2mwOee Grick3VlxNuQNBP6bls+NtxCzhUzLVI7nOfaxZyzQtOMLjJPKpip4QKMjzotO3nf +6JNk5766T2f63fsNtw0kltbtm4R+RzKzv29vVsaOh+ba57w7xnpEkAA1oaYyFa+ IHvUVYkOhX3quLUgBkCR =pm0d -----END PGP SIGNATURE-----

1 0

OpenStack Community Weekly Newsletter (Aug 30 – Sep 6)
by Stefano Maffulli 07 Sep '13

07 Sep '13

Register Now For The Summit in Hong Kong <http://www.openstack.org/summit/openstack-summit-hong-kong-2013Register> ?????? ?????????????? ???????, ???????? <http://openstacksummitnovember2013.eventbrite.com/> OpenStack Heat and Ceilometer got their dashboard panel <http://sebastien-han.fr/blog/2013/09/06/openstack-heat-and-ceilometer-got-t…> The Havana milestone release of the Horizon dashboard brought an absolutely wonderful panel for Heat, the orchestration service and Ceilometer, the metering service. Enjoy a preview before the Havana’s official release. OpenStack Icehouse Incubation Roundup <http://www.zerobanana.com/archive/2013/09/04#icehouse-incubation> The OpenStack Technical Committee met this week <http://eavesdrop.openstack.org/meetings/tc/2013/tc.2013-09-03-20.01.html> to consider the status of incubated projects for the upcoming Icehouse cycle. As a result, database provisioning (codename Trove <https://wiki.openstack.org/wiki/Trove>) will be an official part of the Icehouse (2014.1) release, while message queues (codename Marconi <https://wiki.openstack.org/wiki/Marconi>) and bare-metal server provisioning (codename Ironic <https://wiki.openstack.org/wiki/Ironic>) will be in incubation with a view to becoming official in the as-yet-unnamed J (2014.2) release. Bringing Go To The Cloud With The Gophercloud SDK <http://www.rackspace.com/blog/bringing-go-to-the-cloud-with-the-gophercloud…> Go is a rapidly emerging programming language created out of Google by Rob Pike and Ken Thompson. Rackspace is investing in Go by creating a multi-cloud software development kit (SDK) for the Go programming community called Gophercloud <https://github.com/rackspace/gophercloud>. It will support OpenStack <http://www.openstack.org/> first, Rackspace Cloud <http://www.rackspace.com/cloud/> second. Scaling the OpenStack Test Environment <http://amo-probos.org/post/15> A year ago James Blair <http://amo-probos.org/> introduced Zuul <https://launchpad.net/zuul>, a program he developed to drive the OpenStack <http://www.openstack.org/> project’s gating system. In short, each change to an OpenStack project must pass unit and integration tests before it is merged. Over the past year, the OpenStack project has grown tremendously, with 62 git repositories related to OpenStack, 30 for the project infrastructure, and an additional 75 unofficial projects that share the same testing infrastructure. In all, the development infrastructure currently serves 167 repositories. They run up to *720 test jobs per hour*, and our dynamic provisioning system has pushed our test node count up to 328 nodes online and running tests simultaneously. Over the past year, the OpenStack Infra team made a large number of changes to prepare for this load. This blog post by jeblair has some of the key innovations that help us test at scale. For VIM users out there: <https://github.com/ameade/qtpy-vim>qtpy.vim <https://github.com/ameade/qtpy-vim> A simple way of running python unit tests from within VIM based on the cursor location. Useful for receiving immediate feedback as you write tests, despite what test runner or framework your project uses to run its tests. Tips ‘n Tricks * By Lorin Hochstein <http://lorinhochstein.wordpress.com/>: Up and running on Rackspace <http://lorinhochstein.wordpress.com/2013/09/04/up-and-running-on-rackspace/> * By Anita Kuno <http://anteaya.info/>: Installing Devstack with Vagrant <http://anteaya.info/blog/2013/09/01/installing-devstack-with-vagrant/> Upcoming Events * 2nd OpenStack User Group Nordics meetup <https://plus.google.com/u/0/106856980692854321746/posts/bFpvMPqffp9>Sep 11, 2013 – Kista, Stockholm Details <http://www.meetup.com/OpenStack-User-Group-Nordics/> * OpenStack In Action – Powering IaaS Cloud <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…>Sep 14, 2013 – SAP Labs Whitefield, Bangalore Details <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…> * Cloud Connect China <http://www.cloudconnectevent.cn/>, September 15-17 2013, Shanghai, China * LinuxCon/Cloud Open North America <http://events.linuxfoundation.org/events/cloudopen-north-america>, September 16-18 2013, New Orleans, LA, USA, * GigaOM Structure UK <http://event.gigaom.com/structure>, September 18-19 2013, London, England, UK * OpenStack India Day <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> Sep 21, 2013 – Bangalore Details <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> * Hosting & Cloud Transformation Summit <http://na.hostingtransformation.com/>Sep 23 – 25, 2013 – Las Vegas, USA Details <http://na.hostingtransformation.com/> * OpenStack on Ales <http://openstack.onales.com/> Sep 30 – Oct 01, 2013 – Bend, OR Details <http://openstack.onales.com/> * Open World Forum (Paris) <http://www.openworldforum.com/>,October 3-5 2013, Paris, France * Gartner Symposium/IT Expo North America <http://www.gartner.com/technology/symposium/orlando/>, October 6-10 2013, Orlando, FL, USA, * OpenStack in action! – The Canadian Chapter <https://openstackinactioncanada.eventbrite.com/> Oct 08, 2013 – Montreal, Canada Details <https://openstackinactioncanada.eventbrite.com/> * Swift Hackathon <http://swifthackathon.eventbrite.com/> Oct 15 – 17, 2013 – Aust, TX Details <http://swifthackathon.eventbrite.com/> * LinuxCon/Cloud Open Europe <http://events.linuxfoundation.org/events/cloudopen-europe>, October 21-23 2013, Edinburgh, Scotland, UK * Cloud Connect <http://www.cloudconnectevent.com/chicago>, October 21-24 2013, Chicago, IL, USA Reports from Previous Events * First meeting of OpenStack Venezuela <http://www.openstack.org/blog/2013/09/first-meeting-of-openstack-venezuela/> Other News * Accelerate Your Career With OpenStack: Upcoming LPI Webinar <http://www.rackspace.com/blog/accelerate-your-career-with-openstack-upcomin…> * OpenStacking your Apps <http://cloudifysource.tumblr.com/post/60199054506> * History, objectives and limits of the Ceilometer project <http://techs.enovance.com/6051/objectives-of-ceilometer> * The Fanatical Faces Of Rackspace Private Cloud: Justin Shepherd <http://www.rackspace.com/blog/the-fanatical-faces-of-rackspace-private-clou…> * Open Mic Spotlight: Julien Danjou <http://www.openstack.org/blog/2013/09/open-mic-spotlight-julien-danjou/> * OpenStack Community Meeting: Summary <http://eavesdrop.openstack.org/meetings/openstack_community/2013/openstack_…> and full logs <http://eavesdrop.openstack.org/meetings/openstack_community/2013/openstack_…> * OpenStack Project Meeting: Summary <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-09-03-21.…> and full logs <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-09-03-21.…> Welcome New Developers Is your affiliation correct? Check your profile in the OpenStack Foundation Members Database! * Subashini Soundararajan, Rightscale * Sam Alba, dotCloud Inc * Itzik Brown, None * William Van Hevelingen, Portland State University * Brianna Poulos, JHU/APL * ?ukasz Jernas', Allegro Group * Yangyang Zheng, CIeNET Technologies * Valerii Zhelezniakov, None (Mirantis?) * Rob Raymond, HP * Daniel Izquierdo, Bitergia * Swapnil Kulkarni, None * Robert Tingirica, Cloudbase Solutions * Shaun McCance, Cisco * nancykyo, ? * Abishek Subramanian, Cisco * Zhengguang Ou, None * Simon, Unitedstack /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./

1 0

Havana-3 development milestone available
by Thierry Carrez 07 Sep '13

07 Sep '13

Hi everyone, The last milestone in the Havana development cycle, "havana-3" is now available for Keystone, Glance, Nova, Horizon, Neutron, Cinder, Ceilometer, and Heat. In the last 7 weeks, more than 200 features were added and more than 750 bugs fixed (!). You can see the full list of new features and fixed bugs, as well as tarball downloads, at: https://launchpad.net/keystone/havana/havana-3 https://launchpad.net/glance/havana/havana-3 https://launchpad.net/nova/havana/havana-3 https://launchpad.net/horizon/havana/havana-3 https://launchpad.net/neutron/havana/havana-3 https://launchpad.net/cinder/havana/havana-3 https://launchpad.net/ceilometer/havana/havana-3 https://launchpad.net/heat/havana/havana-3 This milestone is nearly feature-complete. A few exceptions should land next week, but those projects are otherwise feature-frozen in preparation of the first Havana release candidate. We should now all switch to testing and bugfixing mode for the next weeks, and make Havana as bug-free as we can. The release-critical bugs will be tracked on the havana-rc1 milestone pages. Once all those bugs are fixed and the first release candidates are out, the next development cycle (Icehouse) will start. Final coordinated release is expected on October 17th. More information on the OpenStack development cycle can be found at: https://wiki.openstack.org/wiki/Release_Cycle Regards, -- Thierry Carrez (ttx)

1 0