OpenStack status report 2012-04-24
From FedoraProject
m (formatting) |
m (→Heat Project) |
||
| (4 intermediate revisions by 2 users not shown) | |||
| Line 38: | Line 38: | ||
== OpenStack database fixes == | == OpenStack database fixes == | ||
| − | There were a couple of issues fixed with the interaction of the OpenStack services with MySQL | + | There were a couple of issues fixed with the interaction of the OpenStack services with MySQL: |
| + | |||
* There was an issue with the db-setup script where it created [https://bugzilla.redhat.com/811130 root-owned log files], thus interfering with nova service startup. | * There was an issue with the db-setup script where it created [https://bugzilla.redhat.com/811130 root-owned log files], thus interfering with nova service startup. | ||
| − | + | : This was fixed, and the db-setup script refactored from each OpenStack service and incorporated in a new [https://admin.fedoraproject.org/pkgdb/acls/name/openstack-utils openstack-utils package] with other support utilities for OpenStack in Fedora/EPEL. | |
| − | This was fixed, and the db-setup script refactored from each OpenStack service and | + | * Derek higgins identified an [https://bugzilla.redhat.com/815812 issue with MySQL on F16] which was resolved by updating systemd. |
| − | incorporated in a new [https://admin.fedoraproject.org/pkgdb/acls/name/openstack-utils openstack-utils package] with other support utilities for OpenStack in Fedora/EPEL | + | |
| − | + | ||
| − | * | + | |
| − | by updating systemd. | + | |
== Security updates == | == Security updates == | ||
There were two security updates applied: | There were two security updates applied: | ||
| − | * Apr 17: XSS vulnerability in Horizon log viewer - CVE-2012-2094 | + | * Apr 17: XSS vulnerability in Horizon log viewer - [http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2012-2094 CVE-2012-2094] |
| − | * Apr 19: No quota enforced on Nova security group rules - CVE-2012-2101 | + | * Apr 19: No quota enforced on Nova security group rules - [http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2012-2101 CVE-2012-2101] |
= EPEL = | = EPEL = | ||
| Line 69: | Line 66: | ||
== Centos chinese notes == | == Centos chinese notes == | ||
"DarkFlower" posted to the openstack dev list with a document detailing | "DarkFlower" posted to the openstack dev list with a document detailing | ||
| − | [https://lists.launchpad.net/openstack/ | + | [https://lists.launchpad.net/openstack/msg10518.html pip installing Essex packages on Centos 6.2] |
= Misc = | = Misc = | ||
Latest revision as of 02:46, 14 July 2012
Contents |
[edit] OpenStack Upstream
[edit] NEWS
There were significant upstream OpenStack news items since the last summary.
- Apr 5th: The Essex release was completed
- Apr 16-18: The Folsom design summit took place
- Apr 12th: An OpenStack Foundation announcement was made, listing companies who have signed the framework acknowledgement letter, including Red Hat who have signed at the platinum level.
- This generated significant interest in the media
[edit] Essex contribution stats
Mark McLoughlin used gitdm to analyze who contributed to Essex which was widely reported both before and during the OpenStack Folsom design summit.
- http://www.readwriteweb.com/cloud/2012/04/who-wrote-openstack-essex-a-de.php
- http://www.internetnews.com/blog/skerner/red-hat-contributes-more-to-openstack-than-canonical-ubuntu.html
[edit] Stable branches
There was some discussion about OpenStack stable branches which are the basis of Fedora OpenStack packages, before and at the summit.
The thought was that there could be 2 stable branches maintained, one actively and one passively (only NB fixes and no point releases):
[edit] Fedora OpenStack Packages
[edit] Essex package status
As of April 10th, Essex final was available from the Fedora 17 updates-testing repo:
These will be pushed to stable before it closes on May 7th (F17 final change deadline)
[edit] Essex for Fedora 16
Alan Pevec continues to update the Fedora 16 preview repo with the latest Essex packages as they're released for Fedora 17.
[edit] OpenStack database fixes
There were a couple of issues fixed with the interaction of the OpenStack services with MySQL:
- There was an issue with the db-setup script where it created root-owned log files, thus interfering with nova service startup.
- This was fixed, and the db-setup script refactored from each OpenStack service and incorporated in a new openstack-utils package with other support utilities for OpenStack in Fedora/EPEL.
- Derek higgins identified an issue with MySQL on F16 which was resolved by updating systemd.
[edit] Security updates
There were two security updates applied:
- Apr 17: XSS vulnerability in Horizon log viewer - CVE-2012-2094
- Apr 19: No quota enforced on Nova security group rules - CVE-2012-2101
[edit] EPEL
[edit] Preview Repository
Work on Essex for EPEL6 continues with new OpenStack services horizon and quantum added.
A preview repo is available, and many users have tested that, reporting both success and any issues they had.
[edit] Setup Guide
Adam Young prepared detailed setup notes for installing those preview packages.
Derek Higgins amended the above with swift and keystone configuration details.
[edit] Centos chinese notes
"DarkFlower" posted to the openstack dev list with a document detailing pip installing Essex packages on Centos 6.2
[edit] Misc
[edit] Keystone in httpd
Adam Young implemented a proof of concept for keystone using a more standard web server, rather than being eventlet based.
[edit] SELinux improvements
Adam also identified some SELinux issues with the OpenStack (and base python) packages, and is looking into addressing those.
[edit] DevStack
Some users are reporting success with devstack on Fedora
[edit] Heat Project
The Heat project, which is a AWS CloudForm API implementation for OpenStack was announced.
It's progressing quickly with API v2 released.
Also Openstack floating IP setup details were documented by the Heat project
