- OpenStack-announce - lists.openstack.org

[OSSA 2013-030] XenAPI security groups not kept through migrate or resize (CVE-2013-4497)
by Jeremy Stanley 14 Nov '13

14 Nov '13

OpenStack Security Advisory: 2013-030 CVE: CVE-2013-4497 Date: November 14, 2013 Title: XenAPI security groups not kept through migrate or resize Reporter: Chris Behrens (Rackspace) and Vangelis Tasoulas Products: Nova Affects: All supported versions prior to Havana Description: Chris Behrens with Rackspace and Vangelis Tasoulas reported a set of vulnerabilities in OpenStack Nova's XenAPI hypervisor backend. When migrating or resizing an instance, including live migration, existing security groups may not be reapplied after the operation completes. This can lead to unintentional network exposure for virtual machines. Only setups using the XenAPI backend are affected. The Havana release (2013.2) is not affected. Grizzly fixes (will be included in a future stable point release): https://review.openstack.org/52987 https://review.openstack.org/52991 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4497 https://launchpad.net/bugs/1073306 https://launchpad.net/bugs/1202266 -- Jeremy Stanley OpenStack Vulnerability Management Team

1 0

OpenStack Community Weekly Newsletter (Oct 25 – Nov 1)
by Stefano Maffulli 01 Nov '13

01 Nov '13

1 0

[OSSA 2013-029] Potential Nova denial of service through compressed disk images (CVE-2013-4463, CVE-2013-4469)
by Thierry Carrez 31 Oct '13

31 Oct '13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenStack Security Advisory: 2013-029 CVE: CVE-2013-4463, CVE-2013-4469 Date: October 31, 2013 Title: Potential Nova denial of service through compressed disk images Reporter: Bernhard M. Wiedemann (SUSE) & Pádraig Brady (Red Hat) Products: Nova Affects: All versions Description: Bernhard M. Wiedemann from SUSE reported a vulnerability in Nova's control of the size of disk images. By using malicious compressed qcow2 disk images, an authenticated user may consume large amounts of disk space for each image, potentially resulting in a Denial of Service attack on Nova compute nodes (CVE-2013-4463). While fixing this issue, Pádraig Brady from Red Hat additionally discovered that OSSA 2013-012 did not fully address CVE-2013-2096 in the non-default case where use_cow_images=False, and malicious qcow images are being transferred from Glance. In that specific case, an authenticated user could still consume large amounts of disk space for each instance using the malicious image, potentially also resulting in a Denial of Service attack on Nova compute nodes (CVE-2013-4469). The provided fixes address both issues. Icehouse (development branch) fix: https://review.openstack.org/54765 Havana fix: https://review.openstack.org/54767 Grizzly fix: https://review.openstack.org/54768 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4469 https://bugs.launchpad.net/nova/+bug/1206081 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJScomUAAoJEFB6+JAlsQQjKf8QALc4olBe4QHSUg+1Zxa2vPSI +w8Mn6g3rU1CgDRnTmIeGMJaDy3ph7yyKbAiEWkv4wa4/HzJ4/fh79fu6C5kl9WN A5wJUyhb1G2lMb1gMylnMoF4G/ei//dplnAqtht+kbiuqmbwhAs+MqMnOVqJwdrJ QJIV7d9wNUD2SVDPMc1GEN9AFKHncuSHmI1UF5JQ1T8t5lhp8lo//0Vh8YiG6bCu l9vvU4jJhuyfY7ehneMt4aLS6rLEMKg0o//yZ48+mBv8/i7WWSn2k+O3o7k3uv5r AOfT7Q9fliQEjnuGvJdQieyGpCWJRvxWUZtApmjnt+yK/QW4w8OvP1S7grrA/hmN HDewR4UVORDCTw1rU9inHu0tWUQ63T1JSdj7jqLfZLuYZXcILn0qS6Wm7yeZqEit SRsA0wbEz22ArfFhJW1FvC80dpeue8KyeKPfsAM5tX70Fa3GubgTf88dXjc8Dpgv xAmbvoF/1c3PmxsBiWG0sj44Sai82C/7YNedIyPdipGx9sX9rLHr1e9ZXmsNHED6 IT468mBedxcal8gNafHRJ/fr1OHVNCkapSOtIzZbHilYkwIFSFbT4VN2cgGstDfw p60O59nc8jzl03vXtJ8Sata567VsxEM3b2g619hJDz8XLBqhmqoQKESqRS/b7veV fP0hzFkhlAIwib9Ybb47 =s1nm -----END PGP SIGNATURE-----

1 0

[OSSA 2013-028] Unintentional role granting with Keystone LDAP backend (CVE-2013-4477)
by Thierry Carrez 30 Oct '13

30 Oct '13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenStack Security Advisory: 2013-028 CVE: CVE-2013-4477 Date: October 30, 2013 Title: Unintentional role granting with Keystone LDAP backend Reporter: The IBM OpenStack test team Products: Keystone Affects: All supported versions Description: The IBM OpenStack test team reported a vulnerability in role change code within the Keystone LDAP backend. When a role on a tenant is removed from a user, and that user doesn't have that role on the tenant, then the user may actually be granted the role on the tenant. A user could use social engineering and leverage that vulnerability to get extra roles granted, or may accidentally be granted extra roles. Only Keystone setups using a LDAP backend are affected. Icehouse (development branch) fix: https://review.openstack.org/53012 Havana fix: https://review.openstack.org/53146 Grizzly fix: https://review.openstack.org/53154 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4477 https://bugs.launchpad.net/keystone/+bug/1242855 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJScTVeAAoJEFB6+JAlsQQjJYkP/Aw7sQEKwKSLPbB/XO03TebK xPiZrBEa4ayO1StiFkVgsWEFYltFpRlq6FwNePenSpT5yb6GzbYaV/AL2UbZYL3N Zs+vVikk5nZENNd0HW5auywVcyC61IjjAVSOdZDrq6tLR3gheBm57TLZeAtmGv1r EHc0SlRiuFlnnFN5Drvcfk3Y0MhcbvGE/wor+vfEXn96/3mqmuA2AZ9i7KpOsZnV pGJMzd/d73JAW/SubhgBfLHmXqlcAhfU3jD9NRwW1wEHBQk/W+D4iZhtqSmSnpjI htcAel/gv85pjmsTH5Cm8jXgEgHye3/B8uKIStzSIAW6hyv5amxTdpPchafqIyLl xDivYmh5p+eZVh13sh6tWw12CIJz5784m5fiqyPh9bZYBZ60CXScO1P/LVb7RN+m dVh7wfQg/kUWH0bj1TX3c8ntcU0+9ve4nVEse0D0X8g9UF8Xp4UJQnMi1DBpHPj1 CcdlAO780ftvmRjn84Zf1CDSNcdesD3e/tpxp+eJJ3fVev10Ga2E6AUVnolm/Pvs a5tLe5gUpsEWVCx++cm8Lb+8ifzIJ55c05fOfvF23AHJ397fiwkZbhSHKj+Lwapt XZIYR0ENw2Xc4m+AMjSXOZuFwOkZ5+C5ZlFVT5L2nezyl1vbg/Mx5w6XWzywBEo9 hmS58i+92JQMbV93nTLH =rkrZ -----END PGP SIGNATURE-----

1 0

OpenStack Community Weekly Newsletter (Oct 18 - 25)
by Stefano Maffulli 26 Oct '13

26 Oct '13

Register Now For The Summit in Hong Kong <http://www.openstack.org/summit/hk?source=o12> ???? ???????????????? ???????, ???????? <http://www.openstack.org/summit/hkc?source=o12> Solum: Open Development From Day One <http://www.rackspace.com/blog/solum-open-development-from-day-one/> Solum is a project designed to make cloud services easier to consume and integrate into your application development process. Solum begins as a shared vision, not a complete product. It's a vision that a coalition of contributors believes in and wants to contribute to. For this to work, everything has to be designed and developed in the open from the very beginning. We're taking the OpenStack commitment to core values of open development, open design and open community right to heart. Kudos to Rackspace, eBay, RedHat, Ubuntu/Canonical, dotCloud/Docker, Cloudsoft and Cumulogic for spearheading this effort. An analysis of the Technical Committee election <http://fnords.wordpress.com/2013/10/23/an-analysis-of-the-technical-committ…> Thierry Carrez <http://fnords.wordpress.com/> played around with the ballots from the election of the Technical Committee. Since detailed ballot reporting was enabled in the past elections, it is possible to test alternative algorithms and run various analysis over the data set. As an official for this election, Thierry published his analysis of the results <http://www.cs.cornell.edu/w8/%7Eandru/cgi-perl/civs/results.pl?id=E_5ef3f04…>, hoping it will help in the current discussion on a potential evolution of the Foundation individual members voting system. OpenStack Havana -- the Quality Perspective <http://dague.net/2013/10/21/openstack-havana-the-quality-perspective/> With Havana out in the wild, Sean Dague <http://dague.net/> reviews the improvements made to the gating infrastructure during this release cycle. Beyond just increasing the number of tests we run, we made some changes in the nature of what we do in the gate. These changes are easy to overlook: Sean's post gives a perspective in everything that's going on behind the scenes when you try to land code in OpenStack. Tips 'n Tricks * By Mirantis <http://www.mirantis.com/>: How to Migrate an Instance with Zero Downtime: OpenStack Live Migration with KVM Hypervisor and NFS Shared Storage <http://www.mirantis.com/blog/tutorial-openstack-live-migration-with-kvm-hyp…> * By Adam Young <http://adam.younglogic.com/>: Linking Launchpad and Bugzilla <http://adam.younglogic.com/2013/10/linking-launchpad-and-bugzilla/> * By The Official Rackspace Blog <http://www.rackspace.com/blog>: High Availability (HA) With Galera For Rackspace Private Cloud <http://www.rackspace.com/blog/high-availability-ha-with-galera-for-rackspac…> * By Jamie Lennox <http://www.jamielennox.net/>: Keystone Token Binding <http://www.jamielennox.net/blog/2013/10/22/keystone-token-binding/> Upcoming Events * OpenStack-käyttäjäyhteisön tapaaminen Tampereella <https://openstackfi301013.eventbrite.com/> Oct 30, 2013 -- Tampere, Finland Details <https://openstackfi301013.eventbrite.com/> * OpenStack Havana: So many changes, so little time <http://www.mirantis.com/blog/openstack-havana-so-many-changes-so-little-tim…>, Oct 29, 2013, online webinar * USENIX LISA <https://www.usenix.org/conference/lisa13> Nov 03 -- 08, 2013 -- Washington DC, USA Details <https://www.usenix.org/conference/lisa13> * OpenStack User Group Meet-up: Cloud Technology Sharing by Technology Pioneer <http://osug.cyberport.hk/>Nov 04, 2013 -- Hong Kong Cyberport Details <http://osug.cyberport.hk/> * China & Hong Kong User Group Meeting <http://osug.cyberport.hk/?section=Home> Nov 04, 2013 -- Hong Kong, China Details <http://osug.cyberport.hk/?section=Home> * OpenStack Summit <http://www.openstack.org/summit/openstack-summit-hong-kong-2013/> Nov 05 -- 08, 2013 -- Hong Kong, China Details <http://www.openstack.org/summit/openstack-summit-hong-kong-2013/> * OpenStack Mini-Conference at OSI Days 2013 <http://www.meetup.com/Indian-OpenStack-User-Group/events/146361392/> Nov 11, 2013 -- Bangalore, India Details <http://www.meetup.com/Indian-OpenStack-User-Group/events/146361392/> * OW2 Annual Conference <http://www.ow2.org/view/OW2con-2013/> Nov 13 -- 14, 2013 -- Paris, France Details <http://www.ow2.org/view/OW2con-2013/> * Openstack Hands on Lab <http://www.meetup.com/Philly-OpenStack-Meetup-Group/events/144907072/> Nov 19, 2013 -- Philadelphia, PA Details <http://www.meetup.com/Philly-OpenStack-Meetup-Group/events/144907072/> * INTEROP <http://www.interop.in/> Nov 20 -- 22, 2013 -- Mumbai, India Details <http://www.interop.in/> * Openstack Hands on Lab <http://www.meetup.com/Openstack-Connecticut/events/143713952/> Nov 20, 2013 -- Rocky Hill, CT Details <http://www.meetup.com/Openstack-Connecticut/events/143713952/> * Openstack Hands on Lab <http://www.meetup.com/OpenStack-New-York-Meetup/events/144883832/>Nov 21, 2013 -- New York, NY Details <http://www.meetup.com/OpenStack-New-York-Meetup/events/144883832/> * OpenStack Pune Meetup <http://www.meetup.com/Indian-OpenStack-User-Group/events/135676552/> Nov 23, 2013 -- Pune, India Details <http://www.meetup.com/Indian-OpenStack-User-Group/events/135676552/> * OpenStack in action 4 <https://openstackinaction4.eventbrite.com/> Dec 05, 2013 -- Paris, France Details <https://openstackinaction4.eventbrite.com/> * Gartner Data Center Conference <http://www.gartner.com/technology/summits/na/data-center/> Dec 09 -- 12, 2013 -- Las Vegas, NV, USA Details <http://www.gartner.com/technology/summits/na/data-center/> * OpenStack Israel <http://www.openstack-israel.org/> Dec 09, 2013 -- Tel-Aviv, Israel Details <http://www.openstack-israel.org/> Reports from Previous Events * Create-Net visiting ICCLab 24/10/2013 <http://www.cloudcomp.ch/2013/10/federico-facca-create-net-visiting-icclab-2…> * Swift Hackathon in Austin <http://swiftstack.com/blog/2013/10/24/swift-hackathon-wrapup/> * Cloud Connect Chicago: OpenStack Roundup <http://www.cloudscaling.com/blog/cloud-computing/video-cloud-connect-chicag…> * Code Review for Sysadmins talk at BALUG <http://princessleia.com/journal/?p=8596> * We Are Making a Difference: OpenStack in China <http://www.unitedstack.com/news/we-are-making-a-change-openstack-in-china/> Other News * RDO Grizzly 2013.1.4 packages released <http://openstack.redhat.com/forum/discussion/790/rdo-grizzly-2013-1-4-packa…> * A Game Changer for Cloud Storage Hardware Architectures <http://www.buildcloudstorage.com/2013/10/seagate-kinetic-game-changer-for-c…> * OpenStack + Ceph on junk hardware and hazardous hosting <http://dachary.org/?p=2441> * Open Mic Spotlight: Alex Meade <http://www.openstack.org/blog/2013/10/open-mic-spotlight-alex-meade/> * One week left for linux.conf.au 2014 OpenStack proposals <http://sites.rcbops.com/lca2014_openstack/?p=20> * BasicDB -- API completeness <http://blog.linux2go.dk/2013/10/23/basicdb-api-completeness/> * Kinetic Motion with Seagate and OpenStack Swift <http://swiftstack.com/blog/2013/10/22/kinetic-for-openstack-swift-with-seag…> * Savanna 0.3 Targets Havana Release, Supports Elastic Data Processing <http://www.mirantis.com/blog/savanna-0-3-targets-havana-release-supports-el…> * OpenStack Project Meeting: Summary <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-10-22-21.…> and full logs <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-10-22-21.…> Welcome New Developers Is your affiliation correct? Check your profile in the OpenStack Foundation Members Database! <http://www.openstack.org/profile/> * Ryan Brady <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Red Hat * Kev Bittner <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Rackspace * J M Jacob <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Dell * Chad Lung <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Rackspace * Sheldon Hearn <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Sheldon Hearn * Ignacio Barrio Santos <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, StackOps * Dong Liu <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Huawei Technologies Co, Ltd * Denis Egorenko <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Mirantis * James Page <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Canonical * Chao Chin <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, (Missing email -- fix profile) * Vladik Romanovsky <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…> (Missing email -- fix profile <http://www.openstack.org/community/members/profile/13238>) * Michael Davies <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Rackspace * James Carey <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, IBM Got answers? Ask OpenStack <https://ask.openstack.org/> is the go-to destination for OpenStack users. Interesting questions waiting for answers: * How to enable glance cache manage middleware in Grizzly? <https://ask.openstack.org/en/question/6363/how-to-enable-glance-cache-manag…> * How to setup Havana with Neutron in a multi-node scenario? <https://ask.openstack.org/en/question/6365/how-to-setup-havana-with-neutron…> * How can i integrate active directory in openstack using keystone ? <https://ask.openstack.org/en/question/6346/how-can-i-integrate-active-direc…> * How can I access usb in virtual machines? <https://ask.openstack.org/en/question/6351/how-can-i-access-usb-in-virtual-…> * OS::Ceilometer::Alarm error <https://ask.openstack.org/en/question/6362/osceilometeralarm-error/> * The dashboard crash after attaching a volume to a instance <https://ask.openstack.org/en/question/6339/the-dashboard-crash-after-attach…> * How to create it separate access logs for each account in swift? <https://ask.openstack.org/en/question/6335/how-to-create-it-separate-access…> * The VM can not setup correct DNS server <https://ask.openstack.org/en/question/6329/the-vm-can-not-setup-correct-dns…> * what is handoff node/device, where can I learn more about it? <https://ask.openstack.org/en/question/6223/what-is-handoff-nodedevice-where…> * Implementing password policy for openstack users <https://ask.openstack.org/en/question/6203/implementing-password-policy-for…> * Mapping a raw disk to guest VM? <https://ask.openstack.org/en/question/6181/mapping-a-raw-disk-to-guest-vm/> * How can I connect to the spice console with client e.g. spicy? <https://ask.openstack.org/en/question/6175/how-can-i-connect-to-the-spice-c…> * How to add more Keystone instances and deal with PKI infrastructure? <https://ask.openstack.org/en/question/6170/how-to-add-more-keystone-instanc…> * How to allow applications in VM instance to access OpenStack component API endpoint? <https://ask.openstack.org/en/question/6156/how-to-allow-applications-in-vm-…> * What is the intended use for the different endpoint URL's in keystone? <https://ask.openstack.org/en/question/6151/what-is-the-intended-use-for-the…> * How can I add attrib.py module for nose in tempest? <https://ask.openstack.org/en/question/6150/how-can-i-add-attribpy-module-fo…> * Swift Object Expirer never delets items only sends 404 <https://ask.openstack.org/en/question/6145/swift-object-expirer-never-delet…> * one user's ec2api credentials stopped working <https://ask.openstack.org/en/question/6125/one-users-ec2api-credentials-sto…> * resume_guests_state_on_host_boot failes with libvirt error <https://ask.openstack.org/en/question/6122/resume_guests_state_on_host_boot…> * "Client disconnected on read" error <https://ask.openstack.org/en/question/6102/client-disconnected-on-read-erro…> Latest Activity In Projects Do you want to see at a glance the bugs filed and solved this week? Latest patches submitted for review? Check out the individual project pages on OpenStack Activity Board -- Insights <http://activity.openstack.org/data/display/OPNSTK2/>. * Metering (Ceilometer) <http://activity.openstack.org/data/display/OPNSTK2/ceilometer> * Block Storage (Cinder) <http://activity.openstack.org/data/display/OPNSTK2/cinder> * Image Service (Glance) <http://activity.openstack.org/data/display/OPNSTK2/glance> * Orchestration API <http://activity.openstack.org/data/display/OPNSTK2/heat> (Heat) <http://activity.openstack.org/data/display/OPNSTK2/heat> * Dashboard (Horizon) <http://activity.openstack.org/data/display/OPNSTK2/horizon> * Bare Metal Provisioning (Ironic) <http://activity.openstack.org/data/display/OPNSTK2/ironic> * Identity (Keystone) <http://activity.openstack.org/data/display/OPNSTK2/keystone> * Networking (Neutron) <http://activity.openstack.org/data/display/OPNSTK2/neutron> * Compute (Nova) <http://activity.openstack.org/data/display/OPNSTK2/nova> * Database As A Service (Trove) <http://activity.openstack.org/data/display/OPNSTK2/trove> /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./

1 0

heat-cfntools 1.2.6 released
by Steve Baker 22 Oct '13

22 Oct '13

The heat development community would like to announce the release of heat-cfntools version 1.2.6. heat-cfntools contains the tools that can be installed on Heat provisioned cloud instances to implement portions of CloudFormation compatibility. This release can be installed from the following locations: http://tarballs.openstack.org/heat-cfntools/heat-cfntools-1.2.6.tar.gz <http://tarballs.openstack.org/heat-cfntools/heat-cfntools-1.2.6.tar.gz> https://pypi.python.org/pypi/heat-cfntools/1.2.6 <https://pypi.python.org/pypi/heat-cfntools/1.2.6> Bugs fixed in this release: https://launchpad.net/heat-cfntools/+milestone/v1.2.6 <https://launchpad.net/heat-cfntools/+milestone/v1.2.6>

1 0

[OSSA 2013-027] Glance image_download policy not enforced for cached images (CVE-2013-4428)
by Thierry Carrez 22 Oct '13

22 Oct '13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenStack Security Advisory: 2013-027 CVE: CVE-2013-4428 Date: October 22, 2013 Title: Glance image_download policy not enforced for cached images Reporter: Stuart McLaren (HP) Products: Glance Affects: Grizzly, Folsom (and earlier versions) Description: Stuart McLaren from HP reported a vulnerability in Glance download_image policy enforcement in the case of cached images. Deployers may opt to set a download_image policy to restrict image download to specific roles. However, when an image is previously cached by an authorized download, any authenticated user could download image contents if it can determine the image UUID, bypassing any download_image policy restrictions. This could result in disclosure of image contents that were thought to be protected by the download_image policy setting. Only setups making use of the download_image policy are affected. The Havana release (2013.2) is not affected. Grizzly fix (included in 2013.1.4 recent release): https://review.openstack.org/#/c/50103/ Folsom fix: https://review.openstack.org/#/c/50860/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4428 https://bugs.launchpad.net/glance/+bug/1235378 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSZpnsAAoJEFB6+JAlsQQjOpMQAMFKO3bARjWRONmB+MjllfYj VMouesgWTzzuak2PlPHjdfdr0HEzCSUqvaVUKaW2V2+3CogEONs/Wtlrw75WBM0p FqqkFQjlymR/CuB3GtspqkrDGerH4+zOoNE1jzwBZnmvSqunvfKz1jGKEatvMfQh 8rx7oMleUcAv/1+xrk48h+hdqwsjorIgdBkvaUwG/XbssfmYwbXeRYLDyk2zuoI5 tD0YiINQe+fe52HgZfpS9fpENteeUdTd5V2tS+ZhWNUD0b8FzxHvuiaseTSyjlNX brTcFz1ryHJT3Ki3m/lGe3Xg/ZRuN0zl1XM1Y+EJ5BXVcJV6Ee6DxdoMYaDi5Leb QSXeLchkBQxgvxs+Qn8cXlhtYKH7FWtWjsCPKvAJ5XBmtSbyVeiRd24/89PWUMZM UfZ9mBV+AXTaWcN+HyN8xdytXST6wNgPr99IA9/Pcb1dvKLQY4KbdEqnxIGtlvSQ Hh+VtIPYWsDbinpoeensYYLqpAA/e0WTnwU4PfHi/es+ezk6ZCiHbwvHaGPaKvhL uSa/053iJby/bmYu5/vEfqgGrCUOB0sSBVTed1KlF8SmiMMwT7iYgLPUC36FN+io W5CgdbqG+mYKAFpDUBbWI5Ss75QH+SkTCs2kakyybEx2X+MQ89U+X2VFcYEuoiQ6 wJ/pLl8ktLUERbo4uguT =MZ6l -----END PGP SIGNATURE-----

1 0

OpenStack Community Weekly Newsletter (Oct 11 - 18)
by Stefano Maffulli 18 Oct '13

18 Oct '13

Register Now For The Summit in Hong Kong <http://www.openstack.org/summit/hk?source=o12> ?????? ?????????????? ???????, ???????? <http://www.openstack.org/summit/hkc?source=o12> OpenStack Havana is out <http://www.openstack.org/software/havana> OpenStack Havana, the eighth release of the open source software for building public, private, and hybrid clouds, has nearly 400 new features to support software development, managing data and application infrastructure at scale. The OpenStack community continues to attract the best developers and experts in their disciplines with 910 individuals employed by 145 different organizations <http://www.openstack.org/foundation/companies> contributing to the Havana release. Learn all about Havana at the Hong Kong OpenStack Summit. <http://www.openstack.org/summit/hk> Other news related to the Havana release * OpenStack Havana: GlusterFS, and what "improved support" really means <http://www.mirantis.com/blog/openstack-havana-glusterfs-and-what-improved-s…> * Getting to Havana <http://fnords.wordpress.com/2013/10/18/getting-to-havana/> * Dell Open Source Ecosystem Digest #32. Issue Highlight: "OpenStack Havana, the 8th release, is out!" <http://rafstack.tumblr.com/post/64380532921> * OpenStack Havana's stern warning: Provide Differentiated Value or Die <http://www.mirantis.com/blog/openstack-havanas-stern-warning-open-source-or…> * OpenStack Havana provides foundation for XXaaS you need <http://robhirschfeld.com/2013/10/17/openstack-havana/> * OpenStack Object Storage in the Havana Release <http://swiftstack.com/blog/2013/10/17/swift-in-openstack-havana/> * Havana: OpenStack Continues Its March Toward Dominance <http://www.cloudscaling.com/blog/cloud-computing/havana-openstack-continues…> * OpenStack Havana 2013.2 Debian packages available in Sid <http://lists.openstack.org/pipermail/openstack-dev/2013-October/016879.html> Technical Committee -- October 2013 election results <http://lists.openstack.org/pipermail/openstack-announce/2013-October/000152…> Congratulations to the new TC. The following people are elected to one-year seats: * Monty Taylor * Russell Bryant * Anne Gentle * Mark McLoughlin * Doug Hellmann * Sean Dague The following people are elected to six-month seats: * James E. Blair * Michael Still * John Griffith * Mark McClain * Robert Collins They join Vishvananda Ishaya and Thierry Carrez in the Technical Committee that will oversee the Icehouse release cycle. Tips 'n Tricks * By Lorin Hochstein <http://lorinhochstein.wordpress.com/>: Up and running on Rackspace <http://lorinhochstein.wordpress.com/2013/09/04/up-and-running-on-rackspace/> * By OpenStack in Production <http://openstack-in-production.blogspot.com/>: Log handling and dashboards in the CERN cloud <http://openstack-in-production.blogspot.com/2013/10/log-handling-and-dashbo…> * By Mate Lakat <http://blogs.citrix.com/>: DevStack virtual appliance for XenServer <http://blogs.citrix.com/2013/10/16/devstack-virtual-appliance-for-xenserver/> * By Kenneth Hui <http://cloudarchitectmusings.com/>: Cattle Wrangling For Pet Whisperers: Building A Multi-hypervisor OpenStack Cloud <http://cloudarchitectmusings.com/2013/10/15/cattle-wrangling-for-pet-whispe…> * By Subbu Allamaraju <http://www.subbu.org/>: Monitoring and Alerting for OpenStack <http://www.subbu.org/blog/2013/10/monitoring-and-alerting-for-openstack> Upcoming Events * OpenStack in China 2013 <http://openstack-in-china-2013.eventbrite.com/> Oct 20, 2013 -- Bejing, China Details <http://openstack-in-china-2013.eventbrite.com/> * LinuxCon/Cloud Open Europe <http://events.linuxfoundation.org/events/cloudopen-europe> Oct 21 -- 23, 2013 -- Edinburgh, Scotland, UK Details <http://events.linuxfoundation.org/events/cloudopen-europe> * Cloud Connect <http://www.cloudconnectevent.com/chicago> Oct 21 -- 17, 2013 -- Chicago, IL, USA Details <http://www.cloudconnectevent.com/chicago> * OpenStack Pune Meetup <http://www.meetup.com/OpenStack-Pune/>Oct 23, 2013 -- Pune, India Details <http://www.meetup.com/OpenStack-Pune/> * Frankfurt Meetup <http://www.meetup.com/OpenStack-MeetUp-Frankfurt/> Oct 24, 2013 -- Frankfurt, Germany Details <http://www.meetup.com/OpenStack-MeetUp-Frankfurt/> * Compute Midwest: The Convergence of Tech <http://www.computemidwest.com/> Oct 25 -- 27, 2013 -- Kansas City Details <http://www.computemidwest.com/> * OpenStack-käyttäjäyhteisön tapaaminen Tampereella <https://openstackfi301013.eventbrite.com/> Oct 30, 2013 -- Tampere, Finland Details <https://openstackfi301013.eventbrite.com/> * OpenStack Havana: So many changes, so little time <http://www.mirantis.com/blog/openstack-havana-so-many-changes-so-little-tim…>, Oct 29, 2013, online webinar * USENIX LISA <https://www.usenix.org/conference/lisa13> Nov 03 -- 08, 2013 -- Washington DC, USA Details <https://www.usenix.org/conference/lisa13> * OpenStack User Group Meet-up: Cloud Technology Sharing by Technology Pioneer <http://osug.cyberport.hk/>Nov 04, 2013 -- Hong Kong Cyberport Details <http://osug.cyberport.hk/> * China & Hong Kong User Group Meeting <http://osug.cyberport.hk/?section=Home> Nov 04, 2013 -- Hong Kong, China Details <http://osug.cyberport.hk/?section=Home> * OpenStack Summit <http://www.openstack.org/summit/openstack-summit-hong-kong-2013/> Nov 05 -- 08, 2013 -- Hong Kong, China Details <http://www.openstack.org/summit/openstack-summit-hong-kong-2013/> * OW2 Annual Conference <http://www.ow2.org/view/OW2con-2013/> Nov 13 -- 14, 2013 -- Paris, France Details <http://www.ow2.org/view/OW2con-2013/> * INTEROP <http://www.interop.in/> Nov 20 -- 22, 2013 -- Mumbai, India Details <http://www.interop.in/> * OpenStack Pune Meetup <http://www.meetup.com/Indian-OpenStack-User-Group/events/135676552/> Nov 23, 2013 -- Pune, India Details <http://www.meetup.com/Indian-OpenStack-User-Group/events/135676552/> * Gartner Data Center Conference <http://www.gartner.com/technology/summits/na/data-center/> Dec 09 -- 12, 2013 -- Las Vegas, NV, USA Details <http://www.gartner.com/technology/summits/na/data-center/> * OpenStack Israel <http://www.openstack-israel.org/> Dec 09, 2013 -- Tel-Aviv, Israel Details <http://www.openstack-israel.org/> Reports from Previous Events * Report: OpenStack Meetup, Ahmedabad, India <http://openstackindia.wordpress.com/2013/10/16/report-openstack-meetup-ahme…> * OpenStack Networking w/ VMware -- Theory Session, Part 2 <http://rafstack.tumblr.com/post/64218916465> * OpenStack "What is Core" online meetup 16 10 2014 <https://www.youtube.com/watch?v=Hu8BeZkQJQ0> Other News * Stackforge Libra -- Balance your life! <http://www.linuxjedi.co.uk/2013/10/stackforge-libra-balance-your-life.html> * Announcing Mistral --- Task Flow as a Service <http://www.mirantis.com/blog/announcing-mistral-task-flow-as-a-service/> * Open Mic Spotlight: Dan Smith <http://www.openstack.org/blog/2013/10/open-mic-spotlight-dan-smith/> * What's Up Doc? Oct 2 2013 <http://lists.openstack.org/pipermail/openstack-dev/2013-October/015913.html> * Rally Combines the Power of Many Tools to Deliver One Powerful Benchmarking Wizard <http://www.mirantis.com/blog/rally-combines-the-power-of-many-tools-to-deli…> * linux.conf.au 2014 OpenStack miniconf <http://sites.rcbops.com/lca2014_openstack> * OpenStack Project Meeting: Summary <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-10-15-21.…> and full logs <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-10-15-21.…>. Welcome New Developers Is your affiliation correct? Check your profile in the OpenStack Foundation Members Database! <http://www.openstack.org/profile/> * Erik Redding <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Rackspace * paul luse <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Intel (guessed, not declared) * keshava <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, None * Olivier Pilotte <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, IWeb * Pavel Sviderski <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Belkasoft --no email match with profile <http://www.openstack.org/community/members/profile/13553> * Jakub Libosvar <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Red Hat * Subbu <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, VMware * Chris Hoge <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Puppet Labs * Mitsuru Kanabuchi <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, NTT (guessed, not declared) * Jason Derrett <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, HP --no email match with profile <http://www.openstack.org/community/members/profile/13248> * Florent Flament <http://activity.openstack.org/data/plugins/zfacts/view.action?viewpropertie…>, Cloudwatt Got answers? Ask OpenStack <https://ask.openstack.org/> is the go-to destination for OpenStack users. Interesting questions waiting for answers: * Is there a Nicira NVP plugin available for Havana? <https://ask.openstack.org/en/question/6112/is-there-a-nicira-nvp-plugin-ava…> * How to Upgrade OpenStack from "Grizzly" to "Havana" ? <https://ask.openstack.org/en/question/6103/how-to-upgrade-openstack-from-gr…> * Attach volume to instance running on different compute node <https://ask.openstack.org/en/question/6070/attach-volume-to-instance-runnin…> * is there any way to register multiple host in a single go? <https://ask.openstack.org/en/question/6021/is-there-any-way-to-register-mul…> * Openstack seems to not map internal IPs to local network properly <https://ask.openstack.org/en/question/5951/openstack-seems-to-not-map-inter…> * avoiding sensitive info in config files <https://ask.openstack.org/en/question/5947/avoiding-sensitive-info-in-confi…> * How to set ssh key during rebuild? <https://ask.openstack.org/en/question/5909/how-to-set-ssh-key-during-rebuil…> * How to create multiple Instances across multiple Availability Zones <https://ask.openstack.org/en/question/5895/how-to-create-multiple-instances…> * Where is the documentation for blueprint shelve-instance? <https://ask.openstack.org/en/question/6115/where-is-the-documentation-for-b…> /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./

1 0

Technical Committee - October 2013 election results
by Thierry Carrez 18 Oct '13

18 Oct '13

Hello everyone, Voting is complete and the results are in: The following people are elected to one-year seats: * Monty Taylor * Russell Bryant * Anne Gentle * Mark McLoughlin * Doug Hellmann * Sean Dague The following people are elected to six-month seats: * James E. Blair * Michael Still * John Griffith * Mark McClain * Robert Collins They join Vish and myself (elected six months ago to one-year seats) to form the 13-member Technical Committee for the Icehouse cycle. Detailed results: http://www.cs.cornell.edu/w8/~andru/cgi-perl/civs/results.pl?id=E_5ef3f04b3… More information about this election: https://wiki.openstack.org/wiki/TC_Elections_Fall_2013 Congratulations to the new members, and thanks to everyone who participated. -- Thierry Carrez (ttx) Election official

1 0

OpenStack 2013.1.4 released
by Adam Gandelman 17 Oct '13

17 Oct '13

Hello everyone, The OpenStack Stable Maintenance team is happy to announce the release of the 2013.1.4 stable Grizzly release. We have been busy reviewing and accepting backported bugfixes to the stable/grizzly branches according to the criteria set at: https://wiki.openstack.org/wiki/StableBranch A total of 68 bugs have been fixed across all projects. These updates to Grizzly are intended to be relatively risk free with no intentional regressions or API changes. The list of bugs, tarballs and other milestone information for each project may be found on Launchpad: https://launchpad.net/cinder/grizzly/2013.1.4 https://launchpad.net/glance/grizzly/2013.1.4 https://launchpad.net/horizon/grizzly/2013.1.4 https://launchpad.net/keystone/grizzly/2013.1.4 https://launchpad.net/nova/grizzly/2013.1.4 https://launchpad.net/neutron/grizzly/2013.1.4 Release notes may be found on the wiki: https://wiki.openstack.org/wiki/ReleaseNotes/2013.1.4 The freeze on the stable/grizzly branches will be lifted today as we begin working toward the 2013.1.5 release, to be releasd on a TBD date and managed by Alan Pevec. Thanks, Adam

1 0