From Fedora Project Wiki

m (formatting)
 
(4 intermediate revisions by 2 users not shown)
Line 38: Line 38:


== OpenStack database fixes ==
== OpenStack database fixes ==
There were a couple of issues fixed with the interaction of the OpenStack services with MySQL.
There were a couple of issues fixed with the interaction of the OpenStack services with MySQL:
 
* There was an issue with the db-setup script where it created [https://bugzilla.redhat.com/811130 root-owned log files], thus interfering with nova service startup.
* There was an issue with the db-setup script where it created [https://bugzilla.redhat.com/811130 root-owned log files], thus interfering with nova service startup.
 
: This was fixed, and the db-setup script refactored from each OpenStack service and incorporated in a new [https://admin.fedoraproject.org/pkgdb/acls/name/openstack-utils openstack-utils package] with other support utilities for OpenStack in Fedora/EPEL.
This was fixed, and the db-setup script refactored from each OpenStack service and
* Derek higgins identified an [https://bugzilla.redhat.com/815812 issue with MySQL on F16] which was resolved by updating systemd.
incorporated in a new [https://admin.fedoraproject.org/pkgdb/acls/name/openstack-utils openstack-utils package] with other support utilities for OpenStack in Fedora/EPEL
 
* Also Derek higgins identified an [https://bugzilla.redhat.com/815812 issue with MySQL on F16] which was resolved
by updating systemd.


== Security updates ==
== Security updates ==
There were two security updates applied:
There were two security updates applied:
* Apr 17: XSS vulnerability in Horizon log viewer - CVE-2012-2094
* Apr 17: XSS vulnerability in Horizon log viewer - [http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2012-2094 CVE-2012-2094]
* Apr 19: No quota enforced on Nova security group rules - CVE-2012-2101
* Apr 19: No quota enforced on Nova security group rules - [http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2012-2101 CVE-2012-2101]


= EPEL =
= EPEL =
Line 69: Line 66:
== Centos chinese notes ==
== Centos chinese notes ==
"DarkFlower" posted to the openstack dev list with a document detailing
"DarkFlower" posted to the openstack dev list with a document detailing
[https://lists.launchpad.net/openstack/msg10168.html pip installing Essex packages on Centos 6.2]
[https://lists.launchpad.net/openstack/msg10518.html pip installing Essex packages on Centos 6.2]


= Misc =
= Misc =

Latest revision as of 02:46, 14 July 2012

OpenStack Upstream

NEWS

There were significant upstream OpenStack news items since the last summary.

This generated significant interest in the media

Essex contribution stats

Mark McLoughlin used gitdm to analyze who contributed to Essex which was widely reported both before and during the OpenStack Folsom design summit.

Stable branches

There was some discussion about OpenStack stable branches which are the basis of Fedora OpenStack packages, before and at the summit.

The thought was that there could be 2 stable branches maintained, one actively and one passively (only NB fixes and no point releases):

Fedora OpenStack Packages

Essex package status

As of April 10th, Essex final was available from the Fedora 17 updates-testing repo:

These will be pushed to stable before it closes on May 7th (F17 final change deadline)

Essex for Fedora 16

Alan Pevec continues to update the Fedora 16 preview repo with the latest Essex packages as they're released for Fedora 17.

OpenStack database fixes

There were a couple of issues fixed with the interaction of the OpenStack services with MySQL:

  • There was an issue with the db-setup script where it created root-owned log files, thus interfering with nova service startup.
This was fixed, and the db-setup script refactored from each OpenStack service and incorporated in a new openstack-utils package with other support utilities for OpenStack in Fedora/EPEL.

Security updates

There were two security updates applied:

  • Apr 17: XSS vulnerability in Horizon log viewer - CVE-2012-2094
  • Apr 19: No quota enforced on Nova security group rules - CVE-2012-2101

EPEL

Preview Repository

Work on Essex for EPEL6 continues with new OpenStack services horizon and quantum added.

A preview repo is available, and many users have tested that, reporting both success and any issues they had.

Setup Guide

Adam Young prepared detailed setup notes for installing those preview packages.

Derek Higgins amended the above with swift and keystone configuration details.

Centos chinese notes

"DarkFlower" posted to the openstack dev list with a document detailing pip installing Essex packages on Centos 6.2

Misc

Keystone in httpd

Adam Young implemented a proof of concept for keystone using a more standard web server, rather than being eventlet based.

SELinux improvements

Adam also identified some SELinux issues with the OpenStack (and base python) packages, and is looking into addressing those.

DevStack

Some users are reporting success with devstack on Fedora

Heat Project

The Heat project, which is a AWS CloudForm API implementation for OpenStack was announced.

It's progressing quickly with API v2 released.

Also Openstack floating IP setup details were documented by the Heat project