OpenStack status report 2012-04-04

From FedoraProject

Revision as of 11:59, 4 April 2012 by Pbrady (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Contents

Fedora OpenStack projects

First of all, a handy link worth bookmarking is from the preview "Fedora Packages" service, which gives a handy way to drill down to details and status of all the Fedora OpenStack projects

OpenStack Folsom Design Summit

Fedora Presence

The OpenStack Folsom design summit is taking place April 16-20 and Fedora will have a presence, details of which are maintained at:

 https://fedoraproject.org/wiki/OpenStackSummitConf_April2012
   https://fedoraproject.org/wiki/Cloud_Marketing_Collateral/OpenStack_in_Fedora
     Includes details of what's new in OpenStack in Fedora 17

Session proposals for the Folsom design summit are still open, and the current list is available at http://summit.openstack.org/

Proposals from Fedora contributors

 Dependency management design: http://summit.openstack.org/sessions/view/46
 Common configuration patterns: http://summit.openstack.org/sessions/view/56
 Stable branch maintenance: http://summit.openstack.org/sessions/view/29
 openstack-common library: http://summit.openstack.org/sessions/view/28
 glance backend storage capabilities: http://summit.openstack.org/sessions/view/78
 Smoke testing realistic deployment:  http://summit.openstack.org/sessions/view/66
 Versioning the Nova RPC APIs: http://summit.openstack.org/sessions/view/95
 Resource rationing in Glance: http://summit.openstack.org/sessions/view/113

OpenStack Security Issues

Dan Prince identified two security issues:

 CVE-2012-1585 Long server names grow nova-api log files significantly (public Thursday, March 29th, 1500UTC)
 CVE-2012-1572 Extremely long passwords can crash Keystone (public Tuesday, March 27th, 1500UTC)

These were promptly addressed through Russell Bryant on the http://openstack.org/projects/openstack-security/ team.

The process for handling and releasing security updates for OpenStack in Fedora is now documented at https://fedoraproject.org/wiki/OpenStack_vulnerability_management

Fedora 17 Updates

Getting Started guide

Testing OpenStack Essex on Fedora 17 continues, with the setup instructions being kept up to date, and improved.

For example Cole Robinson updated the instructions to use OpenStack commands rather than euca2ools: http://fedoraproject.org/wiki/Getting_started_with_OpenStack_on_Fedora_17

Release Candidate packages

Alan Pevec made a Fedora 17 preview repo available for providing the latest openstack packages irrespective of release freeze scheduling: http://repos.fedorapeople.org/repos/apevec/openstack-preview/fedora-17/

Fedora 17 has currently got Essex RC1 releases of nova, glance, keystone, quantum, and swift 1.4.8 available.With the emphasis on testing and fixing before the final release there have been subsequent upstream fixes:

 https://review.openstack.org/#q,project:openstack/nova+branch:milestone-proposed,n,z
 https://review.openstack.org/#q,project:openstack/glance+branch:milestone-proposed,n,z
 https://review.openstack.org/#q,project:openstack/keystone+branch:milestone-proposed,n,z
 https://review.openstack.org/#q,project:openstack/quantum+branch:milestone-proposed,n,z

Other updates not included in the above lists are for example

 support libvirt images on GlusterFS https://review.openstack.org/5606

The final Essex releases with the above fixes are being prepared and tested. Subsequent updates may also be included in the Fedora packages like:

 Eoghan Glynn's quota headroom reporting - https://review.openstack.org/5910
 Fix nova issue with --libvirt_nonblocking: https://review.openstack.org/#change,6164

Alan Pevec has been polishing Swift packages, in conjunction with testing from Derek Higgins:

- support for multiple swift instances: http://pkgs.fedoraproject.org/gitweb/?p=openstack-swift.git;a=commitdiff;h=6a53f5b1
 - add man pages: http://pkgs.fedoraproject.org/gitweb/?p=openstack-swift.git;a=commitdiff;h=dae45a61
 - additional init scripts: https://bugzilla.redhat.com/807170
 - include default configs: https://bugzilla.redhat.com/807179
 - SELinux issues: https://bugzilla.redhat.com/809198

Other updates

The python-eventlet package used by OpenStack was updated to fix resource leaks: http://pkgs.fedoraproject.org/gitweb/?p=python-eventlet.git;a=blob;f=dummythread_leak.patch;hb=HEAD

Fedora specific changes have been made too, including:

 - Fix process restarting with systemd and KillMode=process:
     https://bugzilla.redhat.com/805942
     https://bugzilla.redhat.com/805947
 - glance switched to MySQL by default rather than sqlite

Following on from OpenStack test day observations, SELinux fixes have been included to support new OpenStack services:

 - policy for quantum: https://bugzilla.redhat.com/760054
 - policy for nova-cert: https://bugzilla.redhat.com/801352

Misc News

Russell Bryant has continued to work on Fedora support in devstack, which is a script to setup openstack services for development on a single node

 - https://fedoraproject.org/wiki/OpenStack_devstack

Adam Young then used and documented that to setup his environment

 - http://adam.younglogic.com/2012/03/fedora-16-devstack/

New Fedora OpenStack packagers have joined: Joe Breu (rackerjoe) and Garry Kotton (gkotton)

Lorin Hochstein updated the upstream OpenStack manuals to include information on Fedora "Virtual Machine" images

There were a couple of blogs relating to OpenStack and Fedora:

http://adam.younglogic.com/2012/03/shared-nothing-diskless-boot/

http://saiweb.co.uk/openstack/rhel-6-openstack-via-epel-nova-and-glance-on-kvm/