- OpenStack-announce - lists.openstack.org

OpenStack Community Weekly Newsletter (Sep 6-13)
by Stefano Maffulli 14 Sep '13

14 Sep '13

Register Now For The Summit in Hong Kong <http://www.openstack.org/summit/openstack-summit-hong-kong-2013/?source=o12> ? ??????????????????? ???????, ???????? <https://www.eventbrite.com/event/6786581849/o12> The last batch of invites to the Summit for OpenStack Active Technical Contributors will be send in the next 10 days. If you have committed code or documentation before September 6 expect official communication soon. Participate in the OpenStack User Survey by September 30! <http://www.openstack.org/blog/2013/09/participate-in-the-openstack-user-sur…> We're kicking off the second round of the OpenStack User Survey this month! You may remember before the April Summit we helped the User Committee run a survey to aggregate OpenStack deployments and share the results. OpenStack Docs Boot Camp Wrap Up <http://justwriteclick.com/2013/09/13/openstack-docs-boot-camp-wrap-up/> We gathered about 20 writers and developers who wanted to learn about OpenStack documentation in the Mirantis training room for two days this week in Mountain View, California. The idea for a docs boot camp came from the OpenStack Infrastructure team who held one back in June <http://www.openstack.org/blog/2013/07/infrastructure-bootcamp/>. We wanted to enable more people to contribute to OpenStack documentation through in-person training and team building. It's not like a book sprint, with the goal of a book in five days, but rather a training session, with questions and answers in real time. Read the full report from Anne Gentle <http://justwriteclick.com/>. Contributing To OpenStack Even If You Are Not A Developer <http://cloudarchitectmusings.com/2013/09/08/contributing-to-openstack-even-…> Kenneth Hui <http://cloudarchitectmusings.com/> outlines some ways for community members to become contributors to OpenStack without having to write a line of Python code. Tips 'n Tricks * By The Official Rackspace Blog <http://www.rackspace.com/blog>: Installing Rackspace Private Cloud In 20 Minutes Or Less <http://www.rackspace.com/blog/installing-rackspace-private-cloud-in-20-minu…> * By Xlcloud <http://blog.xlcloud.me/>: Baremetal Driver and the Devstack. <http://blog.xlcloud.me/post/2013/09/11/Baremetal-Driver-and-the-Devstack> * By eNovance Engineering Teams <http://techs.enovance.com/>: A gentle introduction to DRBD <http://techs.enovance.com/6177/drbd> * By TelekomCloud DevOps team <http://telekomcloud.github.io/>: New Ways of Tempest Stress Testing <http://telekomcloud.github.io/2013/09/11/new-ways-of-tempest-stress-testing…> * By Zane Bitter <http://www.zerobanana.com/tags/OpenStack>: Application Definition with Heat <http://www.zerobanana.com/archive/2013/09/10#heat-application-definition-ta…> * By eNovance Engineering Teams <http://techs.enovance.com/>: Adding new 3rd party tools in Fio <http://techs.enovance.com/6110/adding-new-3rd-party-tools-in-fio> * By Flavio Percoco <http://blog.flaper87.com/>: Test strategies for your Python projects <http://blog.flaper87.com/post/522b9e560f06d32542ede77f/> Upcoming Events * OpenStack In Action -- Powering IaaS Cloud <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…> Sep 14, 2013 - SAP Labs Whitefield, Bangalore Details <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…> * Cloud Connect China <http://www.cloudconnectevent.cn/> Sep 15 - 17, 2013 - Shanghai, China Details <http://www.cloudconnectevent.cn/> * LinuxCon/Cloud Open North America <http://events.linuxfoundation.org/events/cloudopen-north-america> Sep 16 - 18, 2013 - New Orleans Details <http://events.linuxfoundation.org/events/cloudopen-north-america> * GigaOM Structure UK <http://event.gigaom.com/structure> Sep 18 - 19, 2013 - London, UK Details <http://event.gigaom.com/structure> * OpenStack India Day <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> Sep 21, 2013 -- Bangalore Details <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> * CodeChix OpenStack Workshop <http://codechix-openstack1-rss.eventbrite.com/> Sep 22, 2013 - Palo Alto, CA Details <http://codechix-openstack1-rss.eventbrite.com/> * Hosting & Cloud Transformation Summit <http://na.hostingtransformation.com/>Sep 23 - 25, 2013 - Las Vegas, USA Details <http://na.hostingtransformation.com/> * OpenStack on Ales <http://openstack.onales.com/> Sep 30 - Oct 01, 2013 - Bend, OR Details <http://openstack.onales.com/> * Open World Forum (Paris) <http://www.openworldforum.com/> Oct 03 - 05, 2013 - Paris, France Details <http://www.openworldforum.com/> * Gartner Symposium/IT Expo North America <http://www.gartner.com/technology/symposium/orlando/> Oct 06 - 10, 2013 - Orlando, FL, USA Details <http://www.gartner.com/technology/symposium/orlando/> * OpenStack in action ! - The Canadian Chapter <https://openstackinactioncanada.eventbrite.com/> Oct 08, 2013 - Montreal, Canada Details <https://openstackinactioncanada.eventbrite.com/> * Swift Hackathon <http://swifthackathon.eventbrite.com/> Oct 15 - 17, 2013 - Austin, TX Details <http://swifthackathon.eventbrite.com/> * LinuxCon/Cloud Open Europe <http://events.linuxfoundation.org/events/cloudopen-europe> Oct 21 - 23, 2013 - Edinburgh, Scotland, UK Details <http://events.linuxfoundation.org/events/cloudopen-europe> * Cloud Connect <http://www.cloudconnectevent.com/chicago> Oct 21 - 17, 2013 - Chicago, IL, USA Details <http://www.cloudconnectevent.com/chicago> Reports from Previous Events * Meetup @ CISCO, Bangalore <http://openstackindia.wordpress.com/2013/09/12/meetup-cisco-bangalore/> * OpenStack Object Storage at Intel Developers Forum <http://swiftstack.com/blog/2013/09/11/openstack-object-storage-at-intel-dev…> Other News * Introducing BasicDB <http://blog.linux2go.dk/2013/09/07/introducing-basicdb/> * OpenStack Ceilometer Havana-3 milestone released <http://julien.danjou.info/blog/2013/openstack-ceilometer-havana-3-milestone…> * Murano 0.2 is here! <http://www.mirantis.com/blog/murano-0-2-is-here/> * The Fanatical Faces Of Rackspace Private Cloud: Bryan Thompson <http://www.rackspace.com/blog/the-fanatical-faces-of-rackspace-private-clou…> * Open Mic Spotlight: Flavio Percoco <http://www.openstack.org/blog/2013/09/open-mic-spotlight-flavio-percoco/> * What does an NFV application owner require from PaaS? <http://orenscloudplatformthoughts.tumblr.com/post/61015756554> * You Can't Collapse Tiered Storage in Private Clouds Built on OpenStack: Whitepaper <http://www.cloudscaling.com/blog/company/you-cant-collapse-tiered-storage-i…> * OpenStack Project Meeting: Summary <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-09-10-21.…> and full logs <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-09-10-21.…> Security Advisories * Token revocation failure using Keystone memcache/KVS backends (CVE-2013-4294) <http://lists.openstack.org/pipermail/openstack-announce/2013-September/0001…> * Potential denial of service on Nova when using Qpid (CVE-2013-4261) <http://lists.openstack.org/pipermail/openstack-announce/2013-September/0001…> /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./

1 0

[OSSA 2013-026] Potential denial of service on Nova when using Qpid (CVE-2013-4261)
by Thierry Carrez 13 Sep '13

13 Sep '13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenStack Security Advisory: 2013-026 CVE: CVE-2013-4261 Date: September 12, 2013 Title: Potential denial of service on Nova when using Qpid Reporter: Jaroslav Henner (Red Hat) Products: Nova Affects: Folsom, Grizzly Description: Jaroslav Henner from Red Hat reported a vulnerability in Nova when using Apache Qpid as the RPC backend. By sending any random text longer than 65K characters to an instance console and requesting the console log contents through the API, an authenticated user may disrupt the nova-compute node his instance is running on. This vulnerability could be leveraged in a Denial of Service attack against the cloud provider. Only Folsom and Grizzly setups using Qpid as their RPC backend are affected. Havana setups, or setups using other RPC backends (like RabbitMQ), are all unaffected. Grizzly fix: https://review.openstack.org/#/c/43303/ Folsom fix: https://review.openstack.org/#/c/45426/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4261 https://bugs.launchpad.net/nova/+bug/1215091 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCAAGBQJSMducAAoJEFB6+JAlsQQjYqUP/1ebNaaz+k3DxiRfoNpsbRkV EKJtD/W/6/UkCYUzPNGGZSl1ijp9CEQXh6IL82lTBw82nTbsHc3mt22FgusdU6WZ JH6PevC95PlyNWQYsUGO5GzQ6lb28VjzgYUt36Z2ZatQ4lUGJHv9iZcsIBVYayJy OKPnnt2ztiG62B88Ka1GQx4iyEtU50QCcpZEbWHcX5dIXWfWWfYNEMVU+gIfaxlo sVZH+up2ERKVDH7l/JzhvD4ut1zAoM0sp29/GROJLmzh1dqd9P+QIh5WO4e6VLZp 5y90uMZ03O1lN16IZE0B3r9JBc9ekn7JhJ5YXBvwM+Z3Am1ZlDjUL1ojiZ2aBT9B RnPF/oz4CsuGXjghg0mzPrjJuwR/Z46pg1t92FbVXW94Fxx7VfORLF6ELaDoqoiu nmRUpDQxpg+dYw7OS9lQF10eC2M6S0EwKWzlQlloZGR5/kG9VR4fyhLE1w8+YrRF Gr8pDaF6MJoxZxxb4rRhaDsPaXuUX/QPr0GsMeCy6vfV+yX/Yk99YJoNtar7Z7I+ llslcbaet3C2sONR2EbCD2J03E8/3VztdkG32iVGwxn0LHh2K1o+wfno73w1PW4u DV4LIvbypZgmMEbVzHDkDGs1jOfSzFzDhIsCtgEih53rr2HIsd8AmkWeTPirpXN6 EOmohe9HXVlvPUPcVJNd =zUsw -----END PGP SIGNATURE-----

1 0

[OSSA 2013-025] Token revocation failure using Keystone memcache/KVS backends (CVE-2013-4294)
by Thierry Carrez 12 Sep '13

12 Sep '13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenStack Security Advisory: 2013-025 CVE: CVE-2013-4294 Date: September 11, 2013 Title: Token revocation failure using Keystone memcache/KVS backends Reporter: Kieran Spear (University of Melbourne) Products: Keystone Affects: Folsom, Grizzly Description: Kieran Spear from the University of Melbourne reported a vulnerability in Keystone memcache and KVS token backends. The PKI token revocation lists stored the entire token instead of the token ID, triggering comparison failures, ultimately resulting in revoked PKI tokens still being considered valid. Only Folsom and Grizzly Keystone setups making use of PKI tokens with the memcache or KVS token backends are affected. Havana setups, setups using UUID tokens, or setups using PKI tokens with the SQL token backend are all unaffected. Grizzly fix: https://review.openstack.org/#/c/46080/ Folsom fix: https://review.openstack.org/#/c/46079/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4294 https://bugs.launchpad.net/keystone/+bug/1202952 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCAAGBQJSMI+5AAoJEFB6+JAlsQQj2hAQAI/S5bAv+XrYUaXRBgJxvBz4 xVXdrXl/iA7R9iDIlmaFThOCvw4SCsWB7jBYRv8wAk3V3HZw9jEmC3OoebpCFWNb 1q3an25kroviy8rfZyQIqe9KTrwXRa/jDVlun2EEiw7KyUty/HIAjUCVUXVKBhyh 8Bctn90A/Nt2D5Am3hyofsS5fOjmzwW6b73RCY7CDntduxUtPn6lbUthFESXTCwv lojClZ5X78XnCh2/WJuxKkAEm8EujlNqkIHziGgc3HrForxSc2GKSPzgFbg5eBbt BaDTxFkDHW3EwSK/69b+699e9BvN/vuBxbNa7YW2ANiM1IJ34QHouPk4XULMZIeH cZ4QOBX7MtUhvD1htfTlHQfvb1syqlvul49WVmmsk48CMVW6hArSMQvTVbArUqD0 fN2INqfghZMQCkQIlXE+38J88OOL/S+sq6p8dIn96JxP2tnw4rIs9YclSa9E1Ub0 SIDaWPu7NN+wuY1WN+EzHV0zHI8HYs2HkOlrRW3E02JEm3xcEEmYLCwf+c2mwOee Grick3VlxNuQNBP6bls+NtxCzhUzLVI7nOfaxZyzQtOMLjJPKpip4QKMjzotO3nf +6JNk5766T2f63fsNtw0kltbtm4R+RzKzv29vVsaOh+ba57w7xnpEkAA1oaYyFa+ IHvUVYkOhX3quLUgBkCR =pm0d -----END PGP SIGNATURE-----

1 0

OpenStack Community Weekly Newsletter (Aug 30 – Sep 6)
by Stefano Maffulli 07 Sep '13

07 Sep '13

Register Now For The Summit in Hong Kong <http://www.openstack.org/summit/openstack-summit-hong-kong-2013Register> ?????? ?????????????? ???????, ???????? <http://openstacksummitnovember2013.eventbrite.com/> OpenStack Heat and Ceilometer got their dashboard panel <http://sebastien-han.fr/blog/2013/09/06/openstack-heat-and-ceilometer-got-t…> The Havana milestone release of the Horizon dashboard brought an absolutely wonderful panel for Heat, the orchestration service and Ceilometer, the metering service. Enjoy a preview before the Havana’s official release. OpenStack Icehouse Incubation Roundup <http://www.zerobanana.com/archive/2013/09/04#icehouse-incubation> The OpenStack Technical Committee met this week <http://eavesdrop.openstack.org/meetings/tc/2013/tc.2013-09-03-20.01.html> to consider the status of incubated projects for the upcoming Icehouse cycle. As a result, database provisioning (codename Trove <https://wiki.openstack.org/wiki/Trove>) will be an official part of the Icehouse (2014.1) release, while message queues (codename Marconi <https://wiki.openstack.org/wiki/Marconi>) and bare-metal server provisioning (codename Ironic <https://wiki.openstack.org/wiki/Ironic>) will be in incubation with a view to becoming official in the as-yet-unnamed J (2014.2) release. Bringing Go To The Cloud With The Gophercloud SDK <http://www.rackspace.com/blog/bringing-go-to-the-cloud-with-the-gophercloud…> Go is a rapidly emerging programming language created out of Google by Rob Pike and Ken Thompson. Rackspace is investing in Go by creating a multi-cloud software development kit (SDK) for the Go programming community called Gophercloud <https://github.com/rackspace/gophercloud>. It will support OpenStack <http://www.openstack.org/> first, Rackspace Cloud <http://www.rackspace.com/cloud/> second. Scaling the OpenStack Test Environment <http://amo-probos.org/post/15> A year ago James Blair <http://amo-probos.org/> introduced Zuul <https://launchpad.net/zuul>, a program he developed to drive the OpenStack <http://www.openstack.org/> project’s gating system. In short, each change to an OpenStack project must pass unit and integration tests before it is merged. Over the past year, the OpenStack project has grown tremendously, with 62 git repositories related to OpenStack, 30 for the project infrastructure, and an additional 75 unofficial projects that share the same testing infrastructure. In all, the development infrastructure currently serves 167 repositories. They run up to *720 test jobs per hour*, and our dynamic provisioning system has pushed our test node count up to 328 nodes online and running tests simultaneously. Over the past year, the OpenStack Infra team made a large number of changes to prepare for this load. This blog post by jeblair has some of the key innovations that help us test at scale. For VIM users out there: <https://github.com/ameade/qtpy-vim>qtpy.vim <https://github.com/ameade/qtpy-vim> A simple way of running python unit tests from within VIM based on the cursor location. Useful for receiving immediate feedback as you write tests, despite what test runner or framework your project uses to run its tests. Tips ‘n Tricks * By Lorin Hochstein <http://lorinhochstein.wordpress.com/>: Up and running on Rackspace <http://lorinhochstein.wordpress.com/2013/09/04/up-and-running-on-rackspace/> * By Anita Kuno <http://anteaya.info/>: Installing Devstack with Vagrant <http://anteaya.info/blog/2013/09/01/installing-devstack-with-vagrant/> Upcoming Events * 2nd OpenStack User Group Nordics meetup <https://plus.google.com/u/0/106856980692854321746/posts/bFpvMPqffp9>Sep 11, 2013 – Kista, Stockholm Details <http://www.meetup.com/OpenStack-User-Group-Nordics/> * OpenStack In Action – Powering IaaS Cloud <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…>Sep 14, 2013 – SAP Labs Whitefield, Bangalore Details <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…> * Cloud Connect China <http://www.cloudconnectevent.cn/>, September 15-17 2013, Shanghai, China * LinuxCon/Cloud Open North America <http://events.linuxfoundation.org/events/cloudopen-north-america>, September 16-18 2013, New Orleans, LA, USA, * GigaOM Structure UK <http://event.gigaom.com/structure>, September 18-19 2013, London, England, UK * OpenStack India Day <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> Sep 21, 2013 – Bangalore Details <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> * Hosting & Cloud Transformation Summit <http://na.hostingtransformation.com/>Sep 23 – 25, 2013 – Las Vegas, USA Details <http://na.hostingtransformation.com/> * OpenStack on Ales <http://openstack.onales.com/> Sep 30 – Oct 01, 2013 – Bend, OR Details <http://openstack.onales.com/> * Open World Forum (Paris) <http://www.openworldforum.com/>,October 3-5 2013, Paris, France * Gartner Symposium/IT Expo North America <http://www.gartner.com/technology/symposium/orlando/>, October 6-10 2013, Orlando, FL, USA, * OpenStack in action! – The Canadian Chapter <https://openstackinactioncanada.eventbrite.com/> Oct 08, 2013 – Montreal, Canada Details <https://openstackinactioncanada.eventbrite.com/> * Swift Hackathon <http://swifthackathon.eventbrite.com/> Oct 15 – 17, 2013 – Aust, TX Details <http://swifthackathon.eventbrite.com/> * LinuxCon/Cloud Open Europe <http://events.linuxfoundation.org/events/cloudopen-europe>, October 21-23 2013, Edinburgh, Scotland, UK * Cloud Connect <http://www.cloudconnectevent.com/chicago>, October 21-24 2013, Chicago, IL, USA Reports from Previous Events * First meeting of OpenStack Venezuela <http://www.openstack.org/blog/2013/09/first-meeting-of-openstack-venezuela/> Other News * Accelerate Your Career With OpenStack: Upcoming LPI Webinar <http://www.rackspace.com/blog/accelerate-your-career-with-openstack-upcomin…> * OpenStacking your Apps <http://cloudifysource.tumblr.com/post/60199054506> * History, objectives and limits of the Ceilometer project <http://techs.enovance.com/6051/objectives-of-ceilometer> * The Fanatical Faces Of Rackspace Private Cloud: Justin Shepherd <http://www.rackspace.com/blog/the-fanatical-faces-of-rackspace-private-clou…> * Open Mic Spotlight: Julien Danjou <http://www.openstack.org/blog/2013/09/open-mic-spotlight-julien-danjou/> * OpenStack Community Meeting: Summary <http://eavesdrop.openstack.org/meetings/openstack_community/2013/openstack_…> and full logs <http://eavesdrop.openstack.org/meetings/openstack_community/2013/openstack_…> * OpenStack Project Meeting: Summary <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-09-03-21.…> and full logs <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-09-03-21.…> Welcome New Developers Is your affiliation correct? Check your profile in the OpenStack Foundation Members Database! * Subashini Soundararajan, Rightscale * Sam Alba, dotCloud Inc * Itzik Brown, None * William Van Hevelingen, Portland State University * Brianna Poulos, JHU/APL * ?ukasz Jernas', Allegro Group * Yangyang Zheng, CIeNET Technologies * Valerii Zhelezniakov, None (Mirantis?) * Rob Raymond, HP * Daniel Izquierdo, Bitergia * Swapnil Kulkarni, None * Robert Tingirica, Cloudbase Solutions * Shaun McCance, Cisco * nancykyo, ? * Abishek Subramanian, Cisco * Zhengguang Ou, None * Simon, Unitedstack /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./

1 0

Havana-3 development milestone available
by Thierry Carrez 07 Sep '13

07 Sep '13

Hi everyone, The last milestone in the Havana development cycle, "havana-3" is now available for Keystone, Glance, Nova, Horizon, Neutron, Cinder, Ceilometer, and Heat. In the last 7 weeks, more than 200 features were added and more than 750 bugs fixed (!). You can see the full list of new features and fixed bugs, as well as tarball downloads, at: https://launchpad.net/keystone/havana/havana-3 https://launchpad.net/glance/havana/havana-3 https://launchpad.net/nova/havana/havana-3 https://launchpad.net/horizon/havana/havana-3 https://launchpad.net/neutron/havana/havana-3 https://launchpad.net/cinder/havana/havana-3 https://launchpad.net/ceilometer/havana/havana-3 https://launchpad.net/heat/havana/havana-3 This milestone is nearly feature-complete. A few exceptions should land next week, but those projects are otherwise feature-frozen in preparation of the first Havana release candidate. We should now all switch to testing and bugfixing mode for the next weeks, and make Havana as bug-free as we can. The release-critical bugs will be tracked on the havana-rc1 milestone pages. Once all those bugs are fixed and the first release candidates are out, the next development cycle (Icehouse) will start. Final coordinated release is expected on October 17th. More information on the OpenStack development cycle can be found at: https://wiki.openstack.org/wiki/Release_Cycle Regards, -- Thierry Carrez (ttx)

1 0

OpenStack Community Weekly Newsletter (Aug 23-30)
by Stefano Maffulli 31 Aug '13

31 Aug '13

Register Now For The Summit in Hong Kong <http://www.openstack.org/summit/openstack-summit-hong-kong-2013Register> <???????????????????? ???????, ???????? <http://openstacksummitnovember2013.eventbrite.com/> Ambassador Program -- Specifics <http://www.openstack.org/blog/2013/08/ambassador-program-specifics/> Following from the previous post <http://www.openstack.org/blog/2013/08/ambassador-program/>, we've had a range of people express their support for the program and quite a number already looking for the application form! So, some more details about the Ambassador Program. Ambassadors will be recognised on the OpenStack website for their efforts, and provided with support from foundation staff to conduct their duties. They will also get access to a funding program -- allowing them to request funds for activities of impact in their region. We'd also expect ambassadors to attend the summits, and the Foundation would likely assist if it wasn't possible for them to be there using their own methods. How Heat Orchestrates your OpenStack Resources <http://www.zerobanana.com/archive/2013/08/29#heat-dependencies> One of the great things about orchestration <http://www.zerobanana.com/archive/2013/07/30#openstack-orchestration-introd…> is that it automatically figures out the operations it needs to perform. So whenever you deploy (or modify) your infrastructure you need not write a script to do so; you simply describe the infrastructure you want and the orchestration engine does the rest. Zane Bitter <http://www.zerobanana.com/tags/OpenStack> describes how this works in Heat <https://wiki.openstack.org/wiki/Heat>. Autoscaling with Heat and Ceilometer <http://techs.enovance.com/5991/autoscaling-with-heat-and-ceilometer> Like AWS CloudFormation, Heat allows to create auto scaling stacks. In order to do this, some metrics need to be retrieved from your VM and some actions need to be triggered when a specified event occurs on these metrics. These actions are usually upscaling (create some new VMs) or downscaling (destroy some Vms). Starting with the Havana version (currently trunk), Ceilometer can now trigger actions when something happens to these metrics by creating alarms. The Heat agent inside the VM is no more needed. Taking OpenStack Core discussions to community <http://robhirschfeld.com/2013/08/27/taking-openstack-core-discussions-to-co…> We've been building up to a broad discussion about the OpenStack Core <http://robhirschfeld.com/2013/07/22/kicking-off-core/> and I'd like to invite everyone in the OpenStack community to participate (review latest <http://robhirschfeld.com/2013/08/13/openstack-core-positions/>). Alan Clark (Board Chairman) officially kicked off this open discussion with his post on the OpenStack blog <http://www.openstack.org/blog/2013/08/addressing-the-topic-of-core-through-…> last week. And we're trying to have face-to-face events for dialog like the Core meetup tonight in San Francisco <http://www.meetup.com/openstack/events/134495312/>. Look for more to come! Of course, this will also be a topic at the summit <https://www.openstack.org/blog/2013/08/voting-is-open-help-choose-who-will-…>. The Board needs to move this forward in the November meeting, so NOW is the time to review and give us input. The OpenStack T-Shirt Design Contest Winner is... <http://www.openstack.org/blog/2013/08/the-openstack-t-shirt-design-contest-…> Raul Chan's design. Check it out on OpenStack's blog. OpenStack in Production OpenStack Swift & many small files <http://engineering.spilgames.com/openstack-swift-lots-small-files/?utm_sour…> Spil Games has been running Swift for more than two years now, hosting over 400 million files with an average file size of about 50 KB per object. They have a replica count of three so there are*1.2 billion* files to be stored on the object servers. Generally speaking, Swift has turned out to be a solid object storage system. They however run into some performance issues and in a blog post they describe how they analyzed and solved them. Tips 'n Tricks * By eNovance Engineering Teams <http://techs.enovance.com/>: Manage Jenkins Jobs with YAML <http://techs.enovance.com/6006/manage-jenkins-jobs-with-yaml> * By Sébastien Han <http://sebastien-han.fr/>: Want to save money in the Cloud? OpenStack CoreOS image is there <http://sebastien-han.fr/blog/2013/08/30/want-to-save-money-in-the-cloud-cor…> * By The Official Rackspace Blog <http://www.rackspace.com/blog>: A .NET Developer's Guide To The World Of Open Source <http://www.rackspace.com/blog/a-net-developers-guide-to-the-world-of-open-s…> * By HTTP GET-outta here! <https://tropicaldevel.wordpress.com/2013/08/26/http-get-outta-here/> Setup Nova to get images from local disks instead of HTTP * By Lorin Hochstein <http://lorinhochstein.wordpress.com/>: Automated DevStack install inside of VirtualBox with Vagrant <http://lorinhochstein.wordpress.com/2013/08/17/automated-devstack-install-i…> Upcoming Events * 2nd Openstack Athens User Group meeting <http://www.meetup.com/Athens-OpenStack-User-Group/events/131129272/> Sep 06, 2013 - Athens, Greece Details <http://www.meetup.com/Athens-OpenStack-User-Group/events/131129272/> * 2nd OpenStack User Group Nordics meetup <http://www.meetup.com/OpenStack-User-Group-Nordics/>Sep 11, 2013 -- Kista, Stockholm Details <http://www.meetup.com/OpenStack-User-Group-Nordics/> * OpenStack In Action -- Powering IaaS Cloud <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…>Sep 14, 2013 -- SAP Labs Whitefield, Bangalore Details <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…> * Cloud Connect China <http://www.cloudconnectevent.cn/>, September 15-17 2013, Shanghai, China * LinuxCon/Cloud Open North America <http://events.linuxfoundation.org/events/cloudopen-north-america>, September 16-18 2013, New Orleans, LA, USA, * GigaOM Structure UK <http://event.gigaom.com/structure>, September 18-19 2013, London, England, UK * OpenStack India Day <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> Sep 21, 2013 -- Bangalore Details <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> * Hosting & Cloud Transformation Summit <http://na.hostingtransformation.com/>Sep 23 -- 25, 2013 -- Las Vegas, USA Details <http://na.hostingtransformation.com/> * OpenStack on Ales <http://openstack.onales.com/> Sep 30 -- Oct 01, 2013 -- Bend, OR Details <http://openstack.onales.com/> * Open World Forum (Paris) <http://www.openworldforum.com/>,October 3-5 2013, Paris, France * Gartner Symposium/IT Expo North America <http://www.gartner.com/technology/symposium/orlando/>, October 6-10 2013, Orlando, FL, USA, * OpenStack in action! -- The Canadian Chapter <https://openstackinactioncanada.eventbrite.com/> Oct 08, 2013 -- Montreal, Canada Details <https://openstackinactioncanada.eventbrite.com/> * Swift Hackathon <http://swifthackathon.eventbrite.com/> Oct 15 -- 17, 2013 -- Aust, TX Details <http://swifthackathon.eventbrite.com/> * LinuxCon/Cloud Open Europe <http://events.linuxfoundation.org/events/cloudopen-europe>, October 21-23 2013, Edinburgh, Scotland, UK * Cloud Connect <http://www.cloudconnectevent.com/chicago>, October 21-24 2013, Chicago, IL, USA * USENIX LISA <https://www.usenix.org/conference/lisa13>, November 3-8 2013, Washington DC, USA * OW2 Annual Conference <http://www.ow2.org/view/OW2con-2013/>, November 13-14 2013, Paris, France * INTEROP <http://www.interop.in/> Nov 20 -- 22, 2013 -- Mumbai, India Details <http://www.interop.in/> * Gartner Data Center Conference <http://www.gartner.com/technology/summits/na/data-center/>, December 9-12 2013, Las Vegas, NV, USA Reports from Previous Events * Slides from OpenStack in production <http://sebastien-han.fr/blog/2013/08/15/openstack-in-production-slides/> * OpenStack in Debian <http://www.enovance.com/fr/blog/5900/openstack-in-debian> * Wrap Up: Google+ Hangout with Puppet Labs <http://rafstack.tumblr.com/post/58158674229> Other News * Open Mic Spotlight: Julie Pichon <http://www.openstack.org/blog/2013/08/open-mic-spotlight-julie-pichon/> * The Fanatical Faces of Rackspace Private Cloud: Anne Gentle <http://www.rackspace.com/blog/the-fanatical-faces-of-rackspace-private-clou…> * Brian Aker Talks to Linux.com <https://blog.hpcloud.com/brian-aker-talks-linuxcom> * Hadoop on OpenStack: Elastic Data Processing (EDP) with Savanna 0.3 <http://www.mirantis.com/blog/savannah-0-3-edp-analytics-as-a-service/> * OpenStack Community Meeting: Summary <http://eavesdrop.openstack.org/meetings/openstack_community/2013/openstack_…> and full logs <http://eavesdrop.openstack.org/meetings/openstack_community/2013/openstack_…> * OpenStack Project Meeting: Summary <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-08-27-21.…> and full logs <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-08-27-21.…> Security Advisories * Resource limit circumvention in Nova private flavors (CVE-2013-4278) <http://lists.openstack.org/pipermail/openstack-announce/2013-August/000138.…> Got answers? Ask OpenStack <https://ask.openstack.org/> is the go-to destination for OpenStack users. Interesting questions waiting for answers: * Is there a way of passing the language header to openstack REST API calls so that the message returned by openstack is localized? <https://ask.openstack.org/en/question/4346/is-there-a-way-of-passing-the-la…> * No symmetric pinging connectivity between VMs and routers/DHCP servers <https://ask.openstack.org/en/question/4673/no-symmetric-pinging-connectivit…> * How to integrate anti virus / anti malware for vm's? <https://ask.openstack.org/en/question/4654/how-to-integrate-anti-virus-anti…> * Nova security group not working properly <https://ask.openstack.org/en/question/4613/nova-security-group-not-working-…> * How to upgrade from grizzly to havana? <https://ask.openstack.org/en/question/4576/how-to-upgrade-from-grizzly-to-h…> * How to create a baremetal virtual machine provisioned by openstack grizzly? <https://ask.openstack.org/en/question/4568/how-to-create-a-baremetal-virtua…> * How to setup image metadata with python API 0.11.0? <https://ask.openstack.org/en/question/4502/how-to-setup-image-metadata-with…> Welcome New Developers Is your affiliation correct? Check your profile in the OpenStack Foundation Members Database! * Jakub Krajcovic, Rackspace * Michal Jura, Suse * Maris Fogels, None * Tim Smith, Gridcentric * Claudiu Belu, Cloudbase Solutions * David Stanek, AG Interactive * John Dennis, Red Hat * Mikhail Dubov, Mirantis * Scott Radvan, Red Hat * Michael Solberg, Red Hat * Auston McReynolds, eBay * Ilya Sviridov, Mirantis * Chris Johnson, Rackspace /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./

1 0

[OSSA 2013-024] Resource limit circumvention in Nova private flavors (CVE-2013-4278)
by Thierry Carrez 28 Aug '13

28 Aug '13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenStack Security Advisory: 2013-024 CVE: CVE-2013-4278 Date: August 28, 2013 Title: Resource limit circumvention in Nova private flavors Reporter: Ken'ichi Ohmichi (NEC) Products: Nova Affects: All versions Description: Ken'ichi Ohmichi from NEC reported that the fix for OSSA 2013-019 (CVE-2013-2256) was incomplete. Any tenant was still able to boot any other tenant's private flavors by guessing a flavor ID. This potentially allowed circumvention of any resource limits enforced through the os-flavor-access:is_public property. Havana (development branch) fix: https://review.openstack.org/#/c/42922/ Grizzly fix: https://review.openstack.org/#/c/43281/ Folsom fix: https://review.openstack.org/#/c/43296/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4278 https://bugs.launchpad.net/nova/+bug/1212179 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIbBAEBCAAGBQJSHfbsAAoJEFB6+JAlsQQjPUkP9i/41IQPecZ/1V7nsQLPWssp AUgP5tEwEUGVNGaMM6ptaQtQxrLD+aACi7z8zRZgJopHrDptbIckbRikeSxrzsLB eWQxynkFPhcjRQTFZOuoEwDdqYUFCr614uGUmCFomYTBIWEZS3ea5aN7PAO4fd62 6hsOHr6xcj7JcZY1GlVNZBcpWel9rvxcXroPrPqmecyDdSPCuiWj8QNiWQ8Y62Vy ZSOzHjyAWe32sqMSYp3zygdhpX1yacTVf76jDNw+FcLHkqFf4kRX7uJCCPFKNpIk 2nngSjWZEizIkinIc+mzt2vFKt7JMjCJsy7uLKIp9HsJzVN8qH0x6axe3nuMoliC xdzybOzlCfEOU+L1q0fVVAiuTnXqE562mnm7HchHiUpKHJRv+4hWwukOsy2Wv+aD TweNziKwmxYdakhEduql4BJ1/6Mqk+1014Q/uOAyO8iKra8JO9i/ZULvuJgQNIao oXdFCJoKItP+UouaZ4PrRwilwWgVu4rsRWL1STcHgnHorFrCJQ0iO/W9ofn+ft4z R2q3tBpJDaeorM2D/Q2VkzYvUzAEAa+BCh1CRxMCVIMh6VmSv40TzczmgrdSRUVj 7cKaxc0xiLiPOoYorWuL0A7RPkadOMk9SihmakX70UR5NyfoqdOoAYnl8xcKNaD8 MlxVcQfdPQMWbw6UltQ= =DGPB -----END PGP SIGNATURE-----

1 0

OpenStack Community Weekly Newsletter (Aug 10-23)
by Stefano Maffulli 24 Aug '13

24 Aug '13

Cast your vote for the presentation to be presented at OpenStack Summit, November 5-8, in Hong Kong <http://www.openstack.org/rate/> ???????????????????? ???????, ???????? <http://openstacksummitnovember2013.eventbrite.com/> Introducing the OpenStack Ambassador Program <http://www.openstack.org/blog/2013/08/ambassador-program/> OpenStack Community Manager Tom Fifield started the discussion on the formation of an OpenStack Ambassador Program, which aims to create a framework of community leaders to sustainably expand the reach of OpenStack around the world. We would like to recognize and further empower these community members to achieve the OpenStack mission, as well as provide more structure and resources to the growing community and user groups. Your feedback would be excellent! For more specifics on the program, and information about becoming an ambassador, stay tuned for the next post. Managing identities in the cloud <http://openstack-in-production.blogspot.com/2013/08/managing-identities-in-…> CERN has 11,000 physicists who use the lab's facilities including the central IT department resources. As with any research environment, there are many students, PhDs and other project members who join one of the experiments at CERN. They need to have computing accounts to access CERN's cloud but we also need to make sure these resources are handled correctly when they are no longer affiliated with the organisation. Why OpenStack Puppet modules did not have vacation <http://my1.fr/blog/why-openstack-puppet-modules-did-not-have-vacation/?utm_…> A lot of work has been done on Puppet modules lately. There is no doubt to say that puppet modules are designed for high-quality and best-practices configurations around an important community who takes care of those concepts. Yet another way to monitor OpenStack <http://my1.fr/blog/yet-another-way-to-monitor-openstack/?utm_source=rss&utm…> Emilien Macchi <http://my1.fr/blog> decided to write some useful scripts to check if every OpenStack service are running. He was not fully satisfied with current methods because he feels they lack some deepness. refined: 10 OpenStack Core Positions <http://robhirschfeld.com/2013/08/13/openstack-core-positions/> OpenStack Foundation Board member Rob Hirschfeld <http://robhirschfeld.com/> keeps iterating looking for a proposal to define "what is core" <http://robhirschfeld.com/2013/07/22/kicking-off-core/> in the context of OpenStack. This is a must-read for anybody interested in joining the meeting in San Francisco on Aug 27 <http://www.meetup.com/openstack/events/134495312/>. Tips 'n Tricks * By Adam Young <http://adam.younglogic.com/>: Deploying Keystone via Puppet on Fedora 19 <http://adam.younglogic.com/2013/08/deploying-keystone-via-puppet-on-f19/> * By Sébastien Han <http://sebastien-han.fr/>: Configure Ceph RBD caching on OpenStack Nova <http://sebastien-han.fr/blog/2013/08/22/configure-rbd-caching-on-nova/> * By Sébastien Han <http://sebastien-han.fr/>: Best localrc for DevStack <http://sebastien-han.fr/blog/2013/08/16/best-localrc-for-devstack/> * By Kenneth Hui <http://cloudarchitectmusings.com/>: OpenStack Compute For vSphere Admins, Part 5: Designing A Multi-hypervisor Cloud <http://cloudarchitectmusings.com/2013/08/22/openstack-compute-for-vsphere-a…> * By Sandro Mathys <http://www.blog.sandro-mathys.ch/search/label/OpenStack>: Install OpenStack Havana-2 from RDO on Fedora 19 and avoid the pitfalls <http://www.blog.sandro-mathys.ch/2013/08/install-rdo-havana-2-on-fedora-19-…> * By Lorin Hochstein <http://lorinhochstein.wordpress.com/>: Automated DevStack install inside of VirtualBox with Vagrant <http://lorinhochstein.wordpress.com/2013/08/17/automated-devstack-install-i…> * By John Bresnahan <https://tropicaldevel.wordpress.com/>: Preparing Fedora 19 for OpenStack Glance Development <https://tropicaldevel.wordpress.com/2013/08/14/preparing-fedora-19-for-open…> * By Mehdi Abaakouk <http://blog.sileht.net/>: Using a sharding/replicaSet mongodb with ceilometer <http://blog.sileht.net/using-a-shardingreplicaset-mongodb-with-ceilometer> * By Flavio Percoco <http://blog.flaper87.org/>: Using libgfapi to access Glusterfs Volumes in Nova <http://blog.flaper87.org/post/520b7ff00f06d37b7a766dc0/> * By Loïc Dachary <http://dachary.org/>: HOWTO install Ceph teuthology on OpenStack <http://dachary.org/?p=2204> * By ICCLab <http://www.cloudcomp.ch/>: OpenStack HA: why is Pacemaker such a slow recovery tool? <http://www.cloudcomp.ch/2013/08/openstack-ha-why-is-pacemaker-such-a-slow-r…> * By Mirantis <http://www.mirantis.com/>: Demo Video: Using Heat for Auto-scaling with OpenStack cloud <http://www.mirantis.com/blog/heat-autoscaling-in-action/> * By The Official Rackspace Blog <http://www.rackspace.com/blog>: OpenStack Nova-Scheduler And vSphere DRS <http://www.rackspace.com/blog/openstack-nova-scheduler-and-vsphere-drs/> * By Daniel P. Berrangé <https://www.berrange.com/>: Fine grained access control in libvirt using polkit <https://www.berrange.com/posts/2013/08/12/fine-grained-access-control-in-li…> Upcoming Events * Bangalore Meetup <http://www.meetup.com/Indian-OpenStack-User-Group/events/132218642/> Aug 24, 2013 -- Bangalore, India Details <http://www.meetup.com/Indian-OpenStack-User-Group/events/132218642/> * Primer Evento Grupo Venezolano OpenStack <https://plus.google.com/u/0/106856980692854321746/posts/bFpvMPqffp9> Aug 24, 2013 -- Caracas, Venezuela Details <https://plus.google.com/u/0/106856980692854321746/posts/bFpvMPqffp9> * 2nd OpenStack User Group Nordics meetup <http://www.meetup.com/OpenStack-User-Group-Nordics/>Sep 11, 2013 -- Kista, Stockholm Details <http://www.meetup.com/OpenStack-User-Group-Nordics/> * OpenStack In Action -- Powering IaaS Cloud <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…>Sep 14, 2013 -- SAP Labs Whitefield, Bangalore Details <http://barcampbangalore.org/bcb/bcb14/openstack-in-action-powering-iaas-clo…> * Cloud Connect China <http://www.cloudconnectevent.cn/>, September 15-17 2013, Shanghai, China * LinuxCon/Cloud Open North America <http://events.linuxfoundation.org/events/cloudopen-north-america>, September 16-18 2013, New Orleans, LA, USA, * GigaOM Structure UK <http://event.gigaom.com/structure>, September 18-19 2013, London, England, UK * OpenStack India Day <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> Sep 21, 2013 -- Bangalore Details <http://openstackindia.wordpress.com/2013/08/14/openstack-india-day-2013-ann…> * Hosting & Cloud Transformation Summit <http://na.hostingtransformation.com/>Sep 23 -- 25, 2013 -- Las Vegas, USA Details <http://na.hostingtransformation.com/> * OpenStack on Ales <http://openstack.onales.com/> Sep 30 -- Oct 01, 2013 -- Bend, OR Details <http://openstack.onales.com/> * Open World Forum (Paris) <http://www.openworldforum.com/>,October 3-5 2013, Paris, France * Gartner Symposium/IT Expo North America <http://www.gartner.com/technology/symposium/orlando/>, October 6-10 2013, Orlando, FL, USA, * OpenStack in action! -- The Canadian Chapter <https://openstackinactioncanada.eventbrite.com/> Oct 08, 2013 -- Montreal, Canada Details <https://openstackinactioncanada.eventbrite.com/> * Swift Hackathon <http://swifthackathon.eventbrite.com/> Oct 15 -- 17, 2013 -- Aust, TX Details <http://swifthackathon.eventbrite.com/> * LinuxCon/Cloud Open Europe <http://events.linuxfoundation.org/events/cloudopen-europe>, October 21-23 2013, Edinburgh, Scotland, UK * Cloud Connect <http://www.cloudconnectevent.com/chicago>, October 21-24 2013, Chicago, IL, USA * USENIX LISA <https://www.usenix.org/conference/lisa13>, November 3-8 2013, Washington DC, USA * OW2 Annual Conference <http://www.ow2.org/view/OW2con-2013/>, November 13-14 2013, Paris, France * INTEROP <http://www.interop.in/> Nov 20 -- 22, 2013 -- Mumbai, India Details <http://www.interop.in/> * Gartner Data Center Conference <http://www.gartner.com/technology/summits/na/data-center/>, December 9-12 2013, Las Vegas, NV, USA Reports from Previous Events * Slides from OpenStack in production <http://sebastien-han.fr/blog/2013/08/15/openstack-in-production-slides/> * OpenStack in Debian <http://www.enovance.com/fr/blog/5900/openstack-in-debian> * Wrap Up: Google+ Hangout with Puppet Labs <http://rafstack.tumblr.com/post/58158674229> Other News * Benchmark OpenStack Swift <http://www.enovance.com/fr/blog/5893/benchmark-openstack-swift> * OpenMic Spotlight: Gabriel Hurley <http://www.openstack.org/blog/2013/08/openmic-spotlight-gabriel-hurley/> * OpenMic Spotlight: Kyle Mestery <http://www.openstack.org/blog/2013/08/openmic-spotlight-kyle-mestery/> * The Fanatical Faces Of Rackspace Private Cloud: Joe Burke <http://www.rackspace.com/blog/the-fanatical-faces-of-rackspace-private-clou…> * The Fanatical Faces Of Rackspace Private Cloud: Tech Writer Karin Levenstein <http://www.rackspace.com/blog/the-fanatical-faces-of-rackspace-private-clou…> * OpenStack Community Meeting: Summary <http://eavesdrop.openstack.org/meetings/openstack_community/2013/openstack_…> and full logs <http://eavesdrop.openstack.org/meetings/openstack_community/2013/openstack_…> * OpenStack Project Meeting: Summary <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-08-20-21.…> and full logs <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-08-20-21.…> Got answers? Ask OpenStack <https://ask.openstack.org/> is the go-to destination for OpenStack users. Interesting questions waiting for answers: previous week's: * How to troubleshoot a Swift Container running with a high CPU amount? <https://ask.openstack.org/en/question/4431/how-to-troubleshoot-a-swift-cont…> * Failed to mount filesystem: no operating system was found on this disk <https://ask.openstack.org/en/question/4409/failed-to-mount-filesystem-no-op…> * Is there a way of passing the language header to openstack REST API calls so that the message returned by openstack is localized? <https://ask.openstack.org/en/question/4346/is-there-a-way-of-passing-the-la…> * How to create the connection between OVS bridge and the linux bridge? <https://ask.openstack.org/en/question/4293/how-to-create-the-connection-bet…> * Realm Value need to be passed from horizon to get the complete list of available Idp's in Keystone ? <https://ask.openstack.org/en/question/4280/realm-value-need-to-be-passed-fr…> * Slow virtio network performance <https://ask.openstack.org/en/question/4240/slow-virtio-network-performance/> * Unable to configure baremetal for grizzly: DatabaseNotControlledError <https://ask.openstack.org/en/question/4237/unable-to-configure-baremetal-fo…> Welcome New Developers Is your affiliation correct? Check your profile in the OpenStack Foundation Members Database! * Jaime Gil de Sagredo Luna, StackOps * Joshua Hesketh * Oleg Gelbukh, Mirantis * Jiri Stransky, Red Hat * Steffen Gebert, None * Trevor Robert, Jr, Cisco * Pei Zhen, None * Sabari Kumar Murugesan, Vmware * Ignacio Barrio, Stackops * Charles V Bock, Intel * Jordan OMara, Red Hat * Sarah Novotny, Meteor Entertainment * Maksym Iarmak, Mirantis * Marton Kiss, Fremont Ltd * Petr Blaho, Red Hat * Ryan Hsu, Vmware * Alan Jiang, IBM * Zhang Guoqing, None * Hwbi * Abhijeet Malawade, NTT Data * Shuangtai Tian, Intel * Jake Liu, None * Vladislav Kuzmin, Mirantis * Nejc Saje, Xlab d.o.o. * Peter Mooshammer, None * Floren Llanos, None /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./

1 0

[Swift] Swift 1.9.9 RC available
by John Dickinson 13 Aug '13

13 Aug '13

Today we have released Swift 1.9.1 (RC1). The tarball for the RC is at http://tarballs.openstack.org/swift/swift-milestone-proposed.tar.gz This release was initially prompted by a bug found by Peter Portante (https://bugs.launchpad.net/swift/+bug/1196932) and includes a patch for it. All clusters are recommended to upgrade to this new release. As always, you can upgrade to this version of Swift with no end-user downtime. In addition to the patch mentioned above, this release contains a few other important features: * The default worker count has changed from 1 to auto. The new default value will for workers in the proxy, container, account & object wsgi servers will spawn as many workers per process as you have cpu cores. * A "reveal_sensitive_prefix" config parameter was added to the proxy_logging config. This value allows the auth token to be obscured in the logs. * The Keystone middleware will now enforce that the reseller_prefix ends in an underscore. Previously, this was a recommendation, and now it is enforced. There are several other changes in this release. I'd encourage you to read the full changelog at https://github.com/openstack/swift/blob/master/CHANGELOG. On the community side, this release includes the work of 7 new contributors. They are: Alistair Coles (alistair.coles(a)hp.com) Thomas Leaman (thomas.leaman(a)hp.com) Dirk Mueller (dirk(a)dmllr.de) Newptone (xingchao(a)unitedstack.com) Jon Snitow (otherjon(a)swiftstack.com) TheSriram (sriram(a)klusterkloud.com) Koert van der Veer (koert(a)cloudvps.com) Thanks to everyone for your hard work. I'm very happy with where Swift is and where we are going together. --John

1 1

OpenStack Community Weekly Newsletter (Aug 2-9)
by Stefano Maffulli 10 Aug '13

10 Aug '13

Hong Kong Summit -- Registration, Call for Sponsors Now Open! <http://www.openstack.org/blog/2013/06/hong-kong-summit-registration-call-fo…> ???????????????????? ???????, ???????? <http://openstacksummitnovember2013.eventbrite.com/> DevStack in 1 minute <http://sebastien-han.fr/blog/2013/08/08/devstack-in-1-minute/> It can be as easy as it looks: step by step instructions by Sébastien Han <http://sebastien-han.fr/>. *OpenStack Compute For vSphere Admins <http://cloudarchitectmusings.com/2013/08/05/openstack-compute-for-vsphere-a…>* An ongoing series of posts by Kenneth Hui <http://cloudarchitectmusings.com/> about OpenStack for vSphere Admins. You can catch up on previous posts by following the links here for part 1 <http://cloudarchitectmusings.com/2013/06/24/openstack-for-vmware-admins-nov…>, part 2 <http://cloudarchitectmusings.com/2013/06/26/openstack-for-vmware-admins-nov…>, part 3 <http://cloudarchitectmusings.com/2013/07/09/openstack-compute-for-vsphere-a…> and part 4 <http://cloudarchitectmusings.com/2013/08/05/openstack-compute-for-vsphere-a…>. OpenStack's Test Driven Core <http://robhirschfeld.com/2013/08/08/openstacks-test-driven-core-its-where-i…> In helping drive OpenStack's "what is core" dialog <http://robhirschfeld.com/2013/08/06/core-community-dialogue/>, board member Rob Hirschfeld <http://robhirschfeld.com/> has reported a lot of viewpoints about what OpenStack is and what it should be <http://robhirschfeld.com/2013/07/22/making-openstack-meaningful/>. As a good steward of this process he has successfully managed to be an objective listener <http://web.missouri.edu/%7Ecampbellr/Leadership/chapter6.htm>. In the recent post in the series, he expresses his point of view. This is one of the most important conversations for the OpenStack Foundation and it's happening now. Flavors -- An English perspective <http://openstack-in-production.blogspot.com/2013/08/flavors-english-perspec…> OpenStack has the capability to define flavors of virtual machines, how many cores, swap, disk and memory. As a native UK English speaker, Tim Bell finds the term /flavor/ to already be a problem. In his post describing how flavors are used at CERN he appeals to the OpenStack technical committee to not accept any term which is not the same in US and UK English or to allow an alias. His post has lots of other interesting information, too. Non-Relational Database-as-a-Service in OpenStack <http://www.zerobanana.com/archive/2013/08/07#non-relational-trove> The OpenStack Technical Committee voted this week <http://eavesdrop.openstack.org/meetings/tc/2013/tc.2013-08-06-20.01.html> to expand the scope of the Trove <https://wiki.openstack.org/wiki/Trove> program, which is currently in incubation, to encompass non-relational as well as relational databases. Tips 'n Tricks * By John Bresnahan <https://tropicaldevel.wordpress.com/>: Download Modules In Nova <https://tropicaldevel.wordpress.com/2013/08/07/download-modules-in-nova/> * By Marconi's mongodb driver improvements <http://blog.flaper87.org/post/520172de0f06d356d434d61d/> * By Emilien Macchi <http://my1.fr/blog>: Yet another way to monitor OpenStack <http://my1.fr/blog/yet-another-way-to-monitor-openstack/?utm_source=rss&utm…> * By Steve Hardy <http://hardysteven.blogspot.com/search/label/openstack>: Heat Nested Resource Introspection <http://hardysteven.blogspot.com/2013/08/heat-nested-resource-introspection.…> * By The Official Rackspace Blog <http://www.rackspace.com/blog>: Architecting VMware vSphere For OpenStack <http://www.rackspace.com/blog/architecting-vmware-vsphere-for-openstack/> * By Christian Berendt <http://www.cberendt.de/>: Using Redis with Horizon <http://www.cberendt.de/2013/08/using-redis-with-horizon/?utm_source=rss&utm…> * By Michael Still <http://www.stillhq.com/>: Exploring a single database migration <http://www.stillhq.com/openstack/tips/000002.html> Upcoming Events * Openstack Bucharest Meeting <http://www.meetup.com/Openstack-Bucharest/events/123884092/> Aug 12, 2013 -- Bucharest, Romania Details <http://www.meetup.com/Openstack-Bucharest/events/123884092/> * Bangalore Meetup <http://www.meetup.com/Indian-OpenStack-User-Group/events/132218642/> Aug 24, 2013 -- Bangalore, India Details <http://www.meetup.com/Indian-OpenStack-User-Group/events/132218642/> * Primer Evento Grupo Venezolano OpenStack <https://plus.google.com/u/0/106856980692854321746/posts/bFpvMPqffp9> Aug 24, 2013 -- Caracas, Venezuela Details <https://plus.google.com/u/0/106856980692854321746/posts/bFpvMPqffp9> * 2nd OpenStack User Group Nordics meetup <http://www.meetup.com/OpenStack-User-Group-Nordics/>Sep 11, 2013 -- Kista, Stockholm Details <http://www.meetup.com/OpenStack-User-Group-Nordics/> * OpenStack on Ales <http://openstack.onales.com/> Sep 30 -- Oct 01, 2013 -- Bend, OR Details <http://openstack.onales.com/> * Swift Hackathon <http://swifthackathon.eventbrite.com/> Oct 15 -- 17, 2013 -- Aust, TX Details <http://swifthackathon.eventbrite.com/> * INTEROP <http://www.interop.in/> Nov 20 -- 22, 2013 -- Mumbai, India Details <http://www.interop.in/> Reports from Previous Events * HP Public Cloud OSCON Sessions -- Videos <https://blog.hpcloud.com/hp-public-cloud-oscon-sessions-videos> * Aug 6th OpenStack Foundation Board Meeting <http://blogs.gnome.org/markmc/2013/08/08/aug-6th-openstack-foundation-board…> * Google+ Hangout with Puppet Labs <http://rafstack.tumblr.com/post/57600686980/august-8-google-hangout-with-pu…> Other News * python-heatclient 0.2.4 released <http://lists.openstack.org/pipermail/openstack-announce/2013-August/000128.…> * heat-cfntools 1.2.5 released <http://lists.openstack.org/pipermail/openstack-announce/2013-August/000129.…> * python-novaclient 2.14.0 released <http://lists.openstack.org/pipermail/openstack-announce/2013-August/000125.…> * Open Mic Spotlight: Brad Topol <http://www.openstack.org/blog/2013/08/open-mic-spotlight-brad-topol/> * The Fanatical Faces Of Rackspace Private Cloud: Ryan Yard <http://www.rackspace.com/blog/the-fanatical-faces-of-rackspace-private-clou…> * Marconi's mongodb driver improvements <http://blog.flaper87.org/post/520172de0f06d356d434d61d/> * OpenStack Project Technical Lead Interview Series #7: Gabriel Hurley, OpenStack Horizon Project <http://www.mirantis.com/blog/openstack-project-technical-lead-interview-ser…> * OpenStack Project Meeting: Summary <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-08-06-21.…> and full logs <http://eavesdrop.openstack.org/meetings/project/2013/project.2013-08-06-21.…> * OpenStack Foundation Board official meeting minutes June 27 2013 <https://wiki.openstack.org/wiki/Governance/Foundation/27June2013BoardMinutes> * OpenStack Foundation Board meeting official summary <http://lists.openstack.org/pipermail/foundation/2013-August/001454.html> and Mark McLoughlin's notes <http://blogs.gnome.org/markmc/2013/08/08/aug-6th-openstack-foundation-board…> Security Advisories * Denial of Service using XML entities in Nova/Cinder extensions (CVE-2013-4179, CVE-2013-4202) <http://lists.openstack.org/pipermail/openstack-announce/2013-August/000133.…> * Denial of Service in Nova network source security groups (CVE-2013-4185) <http://lists.openstack.org/pipermail/openstack-announce/2013-August/000127.…> * Resource limit circumvention in Nova private flavors (CVE-2013-2256) <http://lists.openstack.org/pipermail/openstack-announce/2013-August/000126.…> * Swift Denial of Service using superfluous object tombstones (CVE-2013-4155) <http://lists.openstack.org/pipermail/openstack-announce/2013-August/000131.…> * Cinder LVM volume driver does not support secure deletion (CVE-2013-4183) <http://lists.openstack.org/pipermail/openstack-announce/2013-August/000130.…> Got answers? Ask OpenStack <https://ask.openstack.org/> is the go-to destination for OpenStack users. Interesting questions waiting for answers: * How Do I allow IP protocols other than TCP, UDP, or ICMP (such as GRE)through my security group? <https://ask.openstack.org/en/question/3888/how-do-i-allow-ip-protocols-othe…> * How should I use the VIF Isolation Rules with XenServer 6.2 and OpenStack? <https://ask.openstack.org/en/question/3869/how-should-i-use-the-vif-isolati…> * Adding Ubuntu Image to XenServer Powered Openstack filesystem already mounted <https://ask.openstack.org/en/question/3766/adding-ubuntu-image-to-xenserver…> * What other steps should I take with networking after adding a compute node? <https://ask.openstack.org/en/question/3703/what-other-steps-should-i-take-w…> * glance-api failed to start up with latest devstack <https://ask.openstack.org/en/question/3839/glance-api-failed-to-start-up-wi…> Welcome New Developers Is your affiliation correct? Check your profile in the OpenStack Foundation Members Database! * Jing Sun, IBM * Zhi kun Liu, IBM * ZhiQiang Fan, None * raiesmh08, ? * Toni Zehnder, ZHAW ICCLab * Yijing Zhang, None * Roman Verchikov, Mirantis * Noorul Islam K M, None * Teran McKinney, Rackspace * Mark Collier, OpenStack Foundation * Deepti Navale, Red Hat * Tracy Jones, VMware * Joe H. Rahme, Enovance /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./

1 0