OpenStack Upstream

NEWS

There were significant upstream OpenStack news items since the last summary.

• Apr 5th: The Essex release was completed
• Apr 16-18: The Folsom design summit took place
• Apr 12th: An OpenStack Foundation announcement was made, listing companies who have signed the framework acknowledgement letter, including Red Hat who have signed at the platinum level.

• http://gb.redhat.com/about/news/archive/2012/4/red-hat-openstack-and-open-clouds
• http://gb.redhat.com/about/news/archive/2012/4/Red-Hat-and-OpenStack-Announcement-FAQ

This generated significant interest in the media

• http://www.huffingtonpost.com/arnal-dayaratna/openstack-foundation-sets_b_1427373.html
• http://gigaom.com/cloud/its-official-ibm-and-red-hat-are-onboard-with-openstack/

Essex contribution stats

Mark McLoughlin used gitdm to analyze who contributed to Essex which was widely reported both before and during the OpenStack Folsom design summit.

• http://www.readwriteweb.com/cloud/2012/04/who-wrote-openstack-essex-a-de.php
• http://www.internetnews.com/blog/skerner/red-hat-contributes-more-to-openstack-than-canonical-ubuntu.html

Stable branches

There was some discussion about OpenStack stable branches which are the basis of Fedora OpenStack packages, before and at the summit.

The thought was that there could be 2 stable branches maintained, one actively and one passively (only NB fixes and no point releases):

• http://openstack.markmail.org/thread/5en25luqxahzah4n

Fedora OpenStack Packages

Essex package status

As of April 10th, Essex final was available from the Fedora 17 updates-testing repo:

• http://lists.fedoraproject.org/pipermail/cloud/2012-April/001365.html

These will be pushed to stable before it closes on May 7th (F17 final change deadline)

Essex for Fedora 16

Alan Pevec continues to update the Fedora 16 preview repo with the latest Essex packages as they're released for Fedora 17.

OpenStack database fixes

There were a couple of issues fixed with the interaction of the OpenStack services with MySQL:

• There was an issue with the db-setup script where it created root-owned log files, thus interfering with nova service startup.

This was fixed, and the db-setup script refactored from each OpenStack service and incorporated in a new openstack-utils package with other support utilities for OpenStack in Fedora/EPEL.

• Derek higgins identified an issue with MySQL on F16 which was resolved by updating systemd.

Security updates

There were two security updates applied:

• Apr 17: XSS vulnerability in Horizon log viewer - CVE-2012-2094
• Apr 19: No quota enforced on Nova security group rules - CVE-2012-2101

EPEL

Preview Repository

Work on Essex for EPEL6 continues with new OpenStack services horizon and quantum added.

A preview repo is available, and many users have tested that, reporting both success and any issues they had.

Setup Guide

Adam Young prepared detailed setup notes for installing those preview packages.

Derek Higgins amended the above with swift and keystone configuration details.

Centos chinese notes

"DarkFlower" posted to the openstack dev list with a document detailing pip installing Essex packages on Centos 6.2

Misc

Keystone in httpd

Adam Young implemented a proof of concept for keystone using a more standard web server, rather than being eventlet based.

SELinux improvements

Adam also identified some SELinux issues with the OpenStack (and base python) packages, and is looking into addressing those.

DevStack

Some users are reporting success with devstack on Fedora

Heat Project

The Heat project, which is a AWS CloudForm API implementation for OpenStack was announced.

It's progressing quickly with API v2 released.

Also Openstack floating IP setup details were documented by the Heat project