OpenStack status report 2012-04-04

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
(Created page with "= Fedora OpenStack projects = First of all, a handy link worth bookmarking is from the preview "Fedora Packages" service, which gives a handy way to drill down to details and sta...")
 
(Misc News)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
= Fedora OpenStack projects =
+
= Fedora OpenStack Projects =
 +
 
 
First of all, a handy link worth bookmarking is from the preview "Fedora Packages" service,
 
First of all, a handy link worth bookmarking is from the preview "Fedora Packages" service,
 
which gives a handy way to drill down to details and status of all the [https://apps.fedoraproject.org/packages/s/openstack Fedora OpenStack projects]
 
which gives a handy way to drill down to details and status of all the [https://apps.fedoraproject.org/packages/s/openstack Fedora OpenStack projects]
  
= OpenStack Folsom Design Summit =
+
= OpenStack Folsom Design Summit and Conference =
  
== Fedora Presence ==
+
== Fedora Booth ==
The OpenStack Folsom design summit is taking place April 16-20 and
+
Fedora will have a presence, details of which are maintained at:
+
  https://fedoraproject.org/wiki/OpenStackSummitConf_April2012
+
    https://fedoraproject.org/wiki/Cloud_Marketing_Collateral/OpenStack_in_Fedora
+
      Includes details of what's new in OpenStack in Fedora 17
+
Session proposals for the Folsom design summit are still open,
+
and the current list is available at http://summit.openstack.org/
+
  
== Proposals from Fedora contributors ==
+
The [[OpenStackSummitConf April2012|OpenStack Folsom Design Summit and Conference]] is taking place April 16-20 and Fedora will have a booth at the conference. We are preparing some [[Cloud_Marketing_Collateral/OpenStack_in_Fedora| Fedora marketing collateral]] for the event.
  Dependency management design: http://summit.openstack.org/sessions/view/46
+
 
  Common configuration patterns: http://summit.openstack.org/sessions/view/56
+
== Design Summit ==
  Stable branch maintenance: http://summit.openstack.org/sessions/view/29
+
 
  openstack-common library: http://summit.openstack.org/sessions/view/28
+
The schedule for the Folsom Design Summit is being prepared at [http://summit.openstack.org summit.openstack.org] and the following proposals have been submitted by Fedora contributors:
  glance backend storage capabilities: http://summit.openstack.org/sessions/view/78
+
 
  Smoke testing realistic deployment:  http://summit.openstack.org/sessions/view/66
+
* [http://summit.openstack.org/sessions/view/46 Dependency management design]
  Versioning the Nova RPC APIs: http://summit.openstack.org/sessions/view/95
+
* [http://summit.openstack.org/sessions/view/56 Common configuration patterns]
  Resource rationing in Glance: http://summit.openstack.org/sessions/view/113
+
* [http://summit.openstack.org/sessions/view/29 Stable branch maintenance]
 +
* [http://summit.openstack.org/sessions/view/28 openstack-common library]
 +
* [http://summit.openstack.org/sessions/view/78 Glance backend storage capabilities]
 +
* [http://summit.openstack.org/sessions/view/66 Smoke testing realistic deployment]
 +
* [http://summit.openstack.org/sessions/view/95 Versioning the Nova RPC APIs]
 +
* [http://summit.openstack.org/sessions/view/113 Resource rationing in Glance]
  
 
= OpenStack Security Issues =
 
= OpenStack Security Issues =
  
 
Dan Prince identified two security issues:
 
Dan Prince identified two security issues:
  CVE-2012-1585 Long server names grow nova-api log files significantly (public Thursday, March 29th, 1500UTC)
 
  CVE-2012-1572 Extremely long passwords can crash Keystone (public Tuesday, March 27th, 1500UTC)
 
These were promptly addressed through Russell Bryant
 
on the http://openstack.org/projects/openstack-security/ team.
 
  
The process for handling and releasing security updates for OpenStack in Fedora is now documented at https://fedoraproject.org/wiki/OpenStack_vulnerability_management
+
# [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1585 CVE-2012-1585 Long server names grow nova-api log files significantly] (public Thursday, March 29th, 1500UTC)
 +
# [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572 CVE-2012-1572 Extremely long passwords can crash Keystone] (public Tuesday, March 27th, 1500UTC)
 +
 
 +
These were promptly addressed through Russell Bryant on the [http://openstack.org/projects/openstack-security/ OpenStack Vulnerability Management Team].
 +
 
 +
We have now fully documented [[OpenStack vulnerability management|the process for handling and releasing security updates for OpenStack in Fedora]].
  
 
= Fedora 17 Updates =
 
= Fedora 17 Updates =
  
 
== Getting Started guide ==
 
== Getting Started guide ==
Testing OpenStack Essex on Fedora 17 continues, with the setup
 
instructions being kept up to date, and improved.
 
  
For example Cole Robinson updated the instructions to use OpenStack commands
+
[[Getting started with OpenStack on Fedora 17|Testing OpenStack Essex on Fedora 17]] continues, with the setup
rather than euca2ools:
+
instructions being kept up to date, and improved. For example, Cole Robinson updated the instructions to use OpenStack commands rather than euca2ools.
http://fedoraproject.org/wiki/Getting_started_with_OpenStack_on_Fedora_17
+
  
 
== Release Candidate packages ==
 
== Release Candidate packages ==
Alan Pevec made a Fedora 17 preview repo available for providing the latest openstack  packages irrespective of release freeze scheduling: http://repos.fedorapeople.org/repos/apevec/openstack-preview/fedora-17/
 
  
Fedora 17 has currently got Essex RC1 releases of nova, glance, keystone, quantum,
+
Alan Pevec made a [http://repos.fedorapeople.org/repos/apevec/openstack-preview/fedora-17/ Fedora 17 preview repo] available for providing the latest openstack packages irrespective of release freeze scheduling.
and swift 1.4.8 available.With the emphasis on testing and fixing before the final release there have been subsequent upstream fixes:
+
  https://review.openstack.org/#q,project:openstack/nova+branch:milestone-proposed,n,z
+
  https://review.openstack.org/#q,project:openstack/glance+branch:milestone-proposed,n,z
+
  https://review.openstack.org/#q,project:openstack/keystone+branch:milestone-proposed,n,z
+
  https://review.openstack.org/#q,project:openstack/quantum+branch:milestone-proposed,n,z
+
Other updates not included in the above lists are for example
+
  support libvirt images on GlusterFS https://review.openstack.org/5606
+
The final Essex releases with the above fixes are being prepared and tested.
+
Subsequent updates may also be included in the Fedora packages like:
+
  Eoghan Glynn's quota headroom reporting - https://review.openstack.org/5910
+
  Fix nova issue with --libvirt_nonblocking: https://review.openstack.org/#change,6164
+
  
Alan Pevec has been polishing Swift packages, in conjunction with
+
Fedora 17 has currently got Essex RC1 releases of Nova, Glance, Keystone, Quantum, and Swift 1.4.8 available. With the emphasis on testing and fixing before the final release there have been subsequent upstream fixes:
testing from Derek Higgins:
+
 
- support for multiple swift instances: http://pkgs.fedoraproject.org/gitweb/?p=openstack-swift.git;a=commitdiff;h=6a53f5b1
+
* [https://review.openstack.org/#q,project:openstack/nova+branch:milestone-proposed,n,z nova milestone-proposed changes]
  - add man pages: http://pkgs.fedoraproject.org/gitweb/?p=openstack-swift.git;a=commitdiff;h=dae45a61
+
* [https://review.openstack.org/#q,project:openstack/glance+branch:milestone-proposed,n,z glance milestone-proposed changes]
  - additional init scripts: https://bugzilla.redhat.com/807170
+
* [https://review.openstack.org/#q,project:openstack/keystone+branch:milestone-proposed,n,z keystone milestone-proposed changes]
  - include default configs: https://bugzilla.redhat.com/807179
+
* [https://review.openstack.org/#q,project:openstack/quantum+branch:milestone-proposed,n,z quantum milestone-proposed changes]
  - SELinux issues: https://bugzilla.redhat.com/809198
+
 
 +
Other updates not included in the above lists are, for example, [https://review.openstack.org/5606 a fix to support libvirt images on GlusterFS].
 +
 
 +
The final Essex releases with the above fixes are being prepared and tested. Subsequent updates may also be included in the Fedora packages like:
 +
 
 +
* [https://review.openstack.org/5910 Eoghan Glynn's quota headroom reporting]
 +
* [https://review.openstack.org/#change,6164 Fix nova issue with --libvirt_nonblocking]
 +
 
 +
Alan Pevec has been polishing Swift packages, in conjunction with testing from Derek Higgins:
 +
 
 +
* [http://pkgs.fedoraproject.org/gitweb/?p=openstack-swift.git;a=commitdiff;h=6a53f5b1 support for multiple swift instances]
 +
* [http://pkgs.fedoraproject.org/gitweb/?p=openstack-swift.git;a=commitdiff;h=dae45a61 add man pages]
 +
* [https://bugzilla.redhat.com/807170 additional init scripts]
 +
* [https://bugzilla.redhat.com/807179 include default configs]
 +
* [https://bugzilla.redhat.com/809198 SELinux issues]
  
 
== Other updates ==
 
== Other updates ==
  
The python-eventlet package used by OpenStack was updated to fix resource leaks:
+
The python-eventlet package used by OpenStack was [http://pkgs.fedoraproject.org/gitweb/?p=python-eventlet.git;a=blob;f=dummythread_leak.patch;hb=HEAD updated to fix resource leaks].
http://pkgs.fedoraproject.org/gitweb/?p=python-eventlet.git;a=blob;f=dummythread_leak.patch;hb=HEAD
+
  
 
Fedora specific changes have been made too, including:
 
Fedora specific changes have been made too, including:
  - Fix process restarting with systemd and KillMode=process:
 
      https://bugzilla.redhat.com/805942
 
      https://bugzilla.redhat.com/805947
 
  - glance switched to MySQL by default rather than sqlite
 
  
Following on from OpenStack test day observations,
+
* [https://bugzilla.redhat.com/805947 Fix process restarting with systemd and KillMode=process]
SELinux fixes have been included to support new OpenStack services:
+
* Glance switched to MySQL by default rather than sqlite
  - policy for quantum: https://bugzilla.redhat.com/760054
+
  - policy for nova-cert: https://bugzilla.redhat.com/801352
+
  
= Misc News =
+
Following on from OpenStack test day observations, SELinux fixes have been included to support new OpenStack services:
  
Russell Bryant has continued to work on Fedora support in devstack,
+
* [https://bugzilla.redhat.com/760054 policy for quantum]
which is a script to setup openstack services for development on a single node
+
* [https://bugzilla.redhat.com/801352 policy for nova-cert]
  - https://fedoraproject.org/wiki/OpenStack_devstack
+
 
Adam Young then used and documented that to setup his environment
+
= Misc News =
  - http://adam.younglogic.com/2012/03/fedora-16-devstack/
+
  
New Fedora OpenStack packagers have joined:
+
Russell Bryant has continued to [[OpenStack devstack|work on Fedora support in devstack]], which is a script to setup openstack services for development on a single node. Adam Young then [http://adam.younglogic.com/2012/03/fedora-16-devstack/ documented his use of devstack] to setup his environment.
Joe Breu (rackerjoe) and Garry Kotton (gkotton)
+
  
Lorin Hochstein [https://github.com/openstack/openstack-manuals/commit/e556012c updated the upstream OpenStack manuals] to include information on Fedora "Virtual Machine" images
+
A couple of new Fedora OpenStack packagers have joined, [https://admin.fedoraproject.org/accounts/user/view/gkotton Gary Kotton (gkotton)] and [https://admin.fedoraproject.org/accounts/user/view/rackerjoe Joe Breu (rackerjoe)].
  
There were a couple of blogs relating to OpenStack and Fedora:
+
Lorin Hochstein [https://github.com/openstack/openstack-manuals/commit/e556012c updated the upstream OpenStack manuals] to include information on Fedora "Virtual Machine" images.
  
http://adam.younglogic.com/2012/03/shared-nothing-diskless-boot/
+
Finally, There were a couple of blogs relating to OpenStack and Fedora:
  
http://saiweb.co.uk/openstack/rhel-6-openstack-via-epel-nova-and-glance-on-kvm/
+
* [http://adam.younglogic.com/2012/03/shared-nothing-diskless-boot/ Shared Nothing Diskless Boot]
 +
* [http://saiweb.co.uk/openstack/rhel-6-openstack-via-epel-nova-and-glance-on-kvm/ RHEL 6 Openstack via EPEL Nova and Glance on KVM]

Latest revision as of 02:44, 14 July 2012

Contents

[edit] Fedora OpenStack Projects

First of all, a handy link worth bookmarking is from the preview "Fedora Packages" service, which gives a handy way to drill down to details and status of all the Fedora OpenStack projects

[edit] OpenStack Folsom Design Summit and Conference

[edit] Fedora Booth

The OpenStack Folsom Design Summit and Conference is taking place April 16-20 and Fedora will have a booth at the conference. We are preparing some Fedora marketing collateral for the event.

[edit] Design Summit

The schedule for the Folsom Design Summit is being prepared at summit.openstack.org and the following proposals have been submitted by Fedora contributors:

[edit] OpenStack Security Issues

Dan Prince identified two security issues:

  1. CVE-2012-1585 Long server names grow nova-api log files significantly (public Thursday, March 29th, 1500UTC)
  2. CVE-2012-1572 Extremely long passwords can crash Keystone (public Tuesday, March 27th, 1500UTC)

These were promptly addressed through Russell Bryant on the OpenStack Vulnerability Management Team.

We have now fully documented the process for handling and releasing security updates for OpenStack in Fedora.

[edit] Fedora 17 Updates

[edit] Getting Started guide

Testing OpenStack Essex on Fedora 17 continues, with the setup instructions being kept up to date, and improved. For example, Cole Robinson updated the instructions to use OpenStack commands rather than euca2ools.

[edit] Release Candidate packages

Alan Pevec made a Fedora 17 preview repo available for providing the latest openstack packages irrespective of release freeze scheduling.

Fedora 17 has currently got Essex RC1 releases of Nova, Glance, Keystone, Quantum, and Swift 1.4.8 available. With the emphasis on testing and fixing before the final release there have been subsequent upstream fixes:

Other updates not included in the above lists are, for example, a fix to support libvirt images on GlusterFS.

The final Essex releases with the above fixes are being prepared and tested. Subsequent updates may also be included in the Fedora packages like:

Alan Pevec has been polishing Swift packages, in conjunction with testing from Derek Higgins:

[edit] Other updates

The python-eventlet package used by OpenStack was updated to fix resource leaks.

Fedora specific changes have been made too, including:

Following on from OpenStack test day observations, SELinux fixes have been included to support new OpenStack services:

[edit] Misc News

Russell Bryant has continued to work on Fedora support in devstack, which is a script to setup openstack services for development on a single node. Adam Young then documented his use of devstack to setup his environment.

A couple of new Fedora OpenStack packagers have joined, Gary Kotton (gkotton) and Joe Breu (rackerjoe).

Lorin Hochstein updated the upstream OpenStack manuals to include information on Fedora "Virtual Machine" images.

Finally, There were a couple of blogs relating to OpenStack and Fedora: