date:20170828

[New Feature] noVNC console in Cloudstack

2017-08-28 Thread sachin patil

Hello,

I have integrated noVNC to cloudstack as my gsoc project for this year,
under the guidance of my mentors @Syed Ahmed and @Rohit Yadav.

The features that have been added are :

1. noVNC support added and tested for KVM / Xenservers
2. SSL/TLS security.
3. Tested for RFB versions 3.8 and below.

I have created a design doc that will help you understand the working.
https://cwiki.apache.org/confluence/display/CLOUDSTACK/noVNC+support+for+Cloudstack

PR for the same : https://github.com/apache/cloudstack/pull/2204

Please let us know your views for this feature we have built.


regards,
Sachin Patil

Re: one question network survey

2017-08-28 Thread Daan Hoogland

H Imran,
I am not sure I can get from your reply whether you configured anything for 
those vxlans inside cloudstack. It sounds like your just trunking upstream.
If I am wrong (not uncommon), you are probably talking about the guestnetwork 
as it ties your hosts together, right?

My question is mainly to what did you configure in cloudstack to use vxlans in 
your cloud.

Thanks,

On 2017/08/28 11:29, "Imran Ahmed"  wrote:

Hi Daan,

I use a separate trunk  (OVS or non OVS bonded with LACP ) connected to 
multiple switches (which are already configured into a switch stack). There can 
be multiple case scenarios but I am mentioning the most generic one .

Hope that answers your question if I have correctly understood your 
question.


Regards,



-Original Message-
From: Daan Hoogland [mailto:daan.hoogl...@shapeblue.com] 
Sent: Monday, August 28, 2017 12:20 PM
To: dev@cloudstack.apache.org; us...@cloudstack.apache.org
Subject: one question network survey

Devs and users,

Can you all please tell me how you are using VxLan in your cloudstack 
environments?

The reason behind this is that I am planning some refactoring in the 
networkgurus and I don’t want to break any running installations on upgrade. If 
you are not using vxlan but know of people that might not react, using it, 
please point me to them.

Thanks,

daan.hoogl...@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue
  
 





daan.hoogl...@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

2017-08-28 Thread Rohit Yadav

Thanks Bobby, I've just started the RC1 voting thread.

- Rohit

From: Boris Stoyanov 
Sent: Monday, August 28, 2017 2:57:06 PM
To: dev@cloudstack.apache.org
Subject: Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

Hi Rohit, I don’t think we need to include any other blocker at this point, 
smoketests are passing and it’s looking good.
I’ll be happy to help you out with upgrade testing from 4.9.2

Thanks,
Bobby.

boris.stoya...@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

rohit.ya...@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

On Aug 28, 2017, at 3:22 PM, Rohit Yadav 
> wrote:

All,

I'll cut 4.9.3.0 RC1 before end of tomorrow, seeking any comments and blockers 
from the community. Thank you.

- Rohit

From: Rohit Yadav >
Sent: Wednesday, August 23, 2017 9:49:02 PM
To: dev@cloudstack.apache.org
Subject: Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

All,

Over the past couple of weeks, we've reviewed, tested and merge several PRs. In 
the recent Trillian test run against latest 4.9 branch, against KVM, VMware and 
XenServer all smoke tests passed except for rVR and rVPC related failures which 
are same as the failures in 4.9.2.0. The most common failure in the rVR setup 
is that the MASTER VR does not work properly, however a workaround is to reboot 
it, which causes BACKUP VR to takeover as MASTER and routes, private gateways 
and other issues resolve themselves.

During this effort, we've also tried to stabilize master branch and currently, 
most smoke tests are passing on master for KVM, XenServer, VMware except for 
rVR, rVPC tests, and some intermittent failures seen for some volume, vpn, 
snapshot related tests.

With this, we'll be running component tests and hopefully cut 4.9.3.0 RC1 for 
voting soon.

4.9 smoketest: https://github.com/apache/cloudstack/pull/2217

Master smoketests PR: https://github.com/apache/cloudstack/pull/2225

- Rohit

From: Rohit Yadav >
Sent: Thursday, August 10, 2017 2:34:29 PM
To: dev@cloudstack.apache.org
Subject: Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

Hi Alireza,

One of the issues mentioned may have been already fixed in 4.9 branch and will 
make its way in 4.9.3.0. For the other issue, a fix/PR does not exist already. 
Given, it's not a blocker/critical issue and freeze is tomorrow, if we don't 
have a PR soon it will likely get fixed in future releases. Thanks.

- Rohit

From: Alireza Eskandari 
>
Sent: Saturday, August 5, 2017 12:53:41 PM
To: dev@cloudstack.apache.org
Subject: RE: [DISCUSS] CloudStack 4.9.3.0 (LTS)

Hi Rohit
Please consider these bugs in next release:
https://issues.apache.org/jira/browse/CLOUDSTACK-10033
https://issues.apache.org/jira/browse/CLOUDSTACK-9994

rohit.ya...@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

rohit.ya...@shapeblue.com
www.shapeblue.com>
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

rohit.ya...@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

[VOTE] Apache Cloudstack 4.9.3.0 RC1

2017-08-28 Thread Rohit Yadav

Hi All,

I've created a 4.9.3.0 RC1 release, with the following artifacts up for a
vote:

Git Branch and Commit SH:

https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.9.3.0-RC20170828T1452
https://github.com/apache/cloudstack/tree/4.9.3.0-RC20170828T1452
Commit: d145944be0d04724802ff132399514bf71c3e7b0

4.9 branch smoke test PR:
https://github.com/apache/cloudstack/pull/2217

List of commits/changes since 4.9.2.0 release:
https://github.com/apache/cloudstack/compare/4.9.2.0...4.9.3.0-RC20170828T1452

Source release (checksums and signatures are available at the same
location):
https://dist.apache.org/repos/dist/dev/cloudstack/4.9.3.0/

PGP release keys (signed using 0EE3D884):
https://dist.apache.org/repos/dist/release/cloudstack/KEYS

Vote will be open for 72 hours.

For sanity in tallying the vote, can PMC members please be sure to indicate
"(binding)" with their vote?

[ ] +1  approve
[ ] +0  no opinion
[ ] -1  disapprove (and reason why)

Regards,
Rohit Yadav

Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

2017-08-28 Thread Boris Stoyanov

Hi Rohit, I don’t think we need to include any other blocker at this point, 
smoketests are passing and it’s looking good.
I’ll be happy to help you out with upgrade testing from 4.9.2

Thanks,
Bobby.

boris.stoya...@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

On Aug 28, 2017, at 3:22 PM, Rohit Yadav 
> wrote:

All,

I'll cut 4.9.3.0 RC1 before end of tomorrow, seeking any comments and blockers 
from the community. Thank you.

- Rohit

From: Rohit Yadav >
Sent: Wednesday, August 23, 2017 9:49:02 PM
To: dev@cloudstack.apache.org
Subject: Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

All,

Over the past couple of weeks, we've reviewed, tested and merge several PRs. In 
the recent Trillian test run against latest 4.9 branch, against KVM, VMware and 
XenServer all smoke tests passed except for rVR and rVPC related failures which 
are same as the failures in 4.9.2.0. The most common failure in the rVR setup 
is that the MASTER VR does not work properly, however a workaround is to reboot 
it, which causes BACKUP VR to takeover as MASTER and routes, private gateways 
and other issues resolve themselves.

During this effort, we've also tried to stabilize master branch and currently, 
most smoke tests are passing on master for KVM, XenServer, VMware except for 
rVR, rVPC tests, and some intermittent failures seen for some volume, vpn, 
snapshot related tests.

With this, we'll be running component tests and hopefully cut 4.9.3.0 RC1 for 
voting soon.

4.9 smoketest: https://github.com/apache/cloudstack/pull/2217

Master smoketests PR: https://github.com/apache/cloudstack/pull/2225

- Rohit

From: Rohit Yadav >
Sent: Thursday, August 10, 2017 2:34:29 PM
To: dev@cloudstack.apache.org
Subject: Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

Hi Alireza,

One of the issues mentioned may have been already fixed in 4.9 branch and will 
make its way in 4.9.3.0. For the other issue, a fix/PR does not exist already. 
Given, it's not a blocker/critical issue and freeze is tomorrow, if we don't 
have a PR soon it will likely get fixed in future releases. Thanks.

- Rohit

From: Alireza Eskandari 
>
Sent: Saturday, August 5, 2017 12:53:41 PM
To: dev@cloudstack.apache.org
Subject: RE: [DISCUSS] CloudStack 4.9.3.0 (LTS)

Hi Rohit
Please consider these bugs in next release:
https://issues.apache.org/jira/browse/CLOUDSTACK-10033
https://issues.apache.org/jira/browse/CLOUDSTACK-9994

rohit.ya...@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

rohit.ya...@shapeblue.com
www.shapeblue.com>
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

rohit.ya...@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

Re: 4.10 release announcement?

2017-08-28 Thread Will Stevens

In this case it is sphinx and not middleman, but I spent a lot of time on
the README in the past to make sure the contribution details are clear, so
if anything is not clear please highlight the details.

Cheers,

Will

On Mon, Aug 28, 2017 at 8:22 AM, Rohit Yadav 
wrote:

> Rajani,
>
>
> Yes middleman is used, kindly see the build/run scripts in the repository
> for details.
>
>
> - Rohit
> --
> *From:* Rajani Karuturi 
> *Sent:* Sunday, August 20, 2017 6:47:14 AM
> *To:* Will Stevens
> *Cc:* Rohit Yadav; Wido den Hollander; dev@cloudstack.apache.org
> *Subject:* Re: 4.10 release announcement?
>
> Middleman is used only for website I think. For doc sites it's different.
>
> ~Rajani
>
> Sent from phone.
>
> On 18 Aug 2017 8:11 pm, "Will Stevens"  wrote:
>
> > The HTML is built using a build script in the repo locally by the person
> > who suggests a change. The build script actually uses middleman to
> generate
> > the html. The generated HTML is tracked in the pull requests so merges
> > result in updates to the published content.
> >
> > The readme should be up to date and the details should be clear, but I
> > have not looked in a little while.
> >
> > I am on vacation right now, but I can check the details when I am back.
> >
> > Cheers,
> >
> > Will
> >
> > On Aug 18, 2017 2:32 AM, "Rajani Karuturi"  wrote:
> >
> > Hi Wido/Will,
> >
> > Do you know how the html is generated for readthedocs? Is that through
> any
> > jenkins job? I think if atleast release notes are ready, we can make an
> > annoucement.
> >
> >
> > ~ Rajani
> >
> > http://cloudplatform.accelerite.com/
> >
> >
> > On August 14, 2017 at 12:55 PM, Rajani Karuturi (raj...@apache.org)
> wrote:
> >
> >
> > I updated the downloads section of the website.
> >
> >
> > The following items are pending:
> >
> > apidocs needs to be added at http://cloudstack.apache.org/api.html
> >
> > install docs needs a 4.10 version at http://docs.cloudstack.apache.
> > org/projects/cloudstack-installation/en/4.10/
> >
> > admin docs needs a 4.10 version at http://docs.cloudstack.apache.
> > org/projects/cloudstack-administration/en/4.10/
> >
> > release notes html needs to be updated with already updated source at
> > http://docs.cloudstack.apache.org/projects/cloudstack-releas
> > e-notes/en/4.10/
> >
> >
> > uff.. we have lots of documentation. We should club them all to one repo
> > and one url.
> >
> >
> > Thanks,
> >
> > ~ Rajani
> >
> > http://cloudplatform.accelerite.com/
> >
> >
> > On August 14, 2017 at 11:37 AM, Rajani Karuturi (raj...@apache.org)
> wrote:
> >
> >
> > I merged the release notes PR[1]. Do we need to do something else for the
> > changes to reflect on the docs site[2]?
> >
> >
> > Downloads section of the website also needs to be updated.
> >
> >
> > I am sending out a draft announcement to marketing@
> >
> >
> > [1] https://github.com/apache/cloudstack-docs-rn/tree/4.10
> >
> > [2] http://docs.cloudstack.apache.org/projects/cloudstack-releas
> > e-notes/en/4.10/
> >
> >
> > Thanks,
> >
> > ~ Rajani
> >
> > http://cloudplatform.accelerite.com/
> >
> >
> > On August 12, 2017 at 1:25 AM, Rohit Yadav (rohit.ya...@shapeblue.com)
> > wrote:
> >
> >
> > Thanks Simon,
> >
> >
> > Overall, LGTM.
> >
> >
> > - Rohit
> >
> > *From:* Simon Weller 
> > *Sent:* Friday, August 11, 2017 7:56:52 PM
> > *To:* Rajani Karuturi; dev@cloudstack.apache.org
> > *Cc:* Wido den Hollander
> > *Subject:* Re: 4.10 release announcement?
>
> >
> > Thanks Rohit.
> >
> >
> >
> > i've modified the list based on that.
> >
> >
> > - IPV6 support for basic networking
> > - Virtio-Scsi disk controller support for KVM
> > - Ability to disable primary storage to secondary storage backups for
> > snapshots
> > - VMSnapshot (including memory) support for KVM on NFS
> > - RBD snapshot backups to secondary are now QCOW2 rather than raw to save
> > space
> > - Strongwan VPN Improvements
> > - Nuage VSP SDN Plugin: Shared networks support, Guest DNS support,
> > Source- and Static-nat to Underlay and support for Nuage VSP 4.0
> > - Significant performances improvements related to Virtual Router
> > Deployment
> > - Force power off/stop support for KVM, VMware and XenServer
> > - Lots of bug fixes and performance improvements
> >
> >
> >
> > 
> > From: Rohit Yadav 
> > Sent: Friday, August 11, 2017 12:51 PM
> > To: Rajani Karuturi; dev@cloudstack.apache.org
> > Cc: Wido den Hollander
> > Subject: Re: 4.10 release announcement?
> >
> > The power off operation (or force stop flag in deployVM API) on VM is
> > supported for all KVM, VMware and XenServer.
> >
> >
> > - Rohit
> >
> > 
> > From: Simon Weller 
> > Sent: Friday, August 11, 2017 2:31:52 PM
> > To: Rajani Karuturi; dev@cloudstack.apache.org
> > Cc: Wido den Hollander

Re: 4.10 release announcement?

2017-08-28 Thread Rohit Yadav

Rajani,


Yes middleman is used, kindly see the build/run scripts in the repository for 
details.


- Rohit


From: Rajani Karuturi 
Sent: Sunday, August 20, 2017 6:47:14 AM
To: Will Stevens
Cc: Rohit Yadav; Wido den Hollander; dev@cloudstack.apache.org
Subject: Re: 4.10 release announcement?

Middleman is used only for website I think. For doc sites it's different.

~Rajani

Sent from phone.

On 18 Aug 2017 8:11 pm, "Will Stevens"  wrote:

> The HTML is built using a build script in the repo locally by the person
> who suggests a change. The build script actually uses middleman to generate
> the html. The generated HTML is tracked in the pull requests so merges
> result in updates to the published content.
>
> The readme should be up to date and the details should be clear, but I
> have not looked in a little while.
>
> I am on vacation right now, but I can check the details when I am back.
>
> Cheers,
>
> Will
>
> On Aug 18, 2017 2:32 AM, "Rajani Karuturi"  wrote:
>
> Hi Wido/Will,
>
> Do you know how the html is generated for readthedocs? Is that through any
> jenkins job? I think if atleast release notes are ready, we can make an
> annoucement.
>
>
> ~ Rajani
>
> http://cloudplatform.accelerite.com/
>
>

rohit.ya...@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue
  
 

> On August 14, 2017 at 12:55 PM, Rajani Karuturi (raj...@apache.org) wrote:
>
>
> I updated the downloads section of the website.
>
>
> The following items are pending:
>
> apidocs needs to be added at http://cloudstack.apache.org/api.html
>
> install docs needs a 4.10 version at http://docs.cloudstack.apache.
> org/projects/cloudstack-installation/en/4.10/
>
> admin docs needs a 4.10 version at http://docs.cloudstack.apache.
> org/projects/cloudstack-administration/en/4.10/
>
> release notes html needs to be updated with already updated source at
> http://docs.cloudstack.apache.org/projects/cloudstack-releas
> e-notes/en/4.10/
>
>
> uff.. we have lots of documentation. We should club them all to one repo
> and one url.
>
>
> Thanks,
>
> ~ Rajani
>
> http://cloudplatform.accelerite.com/
>
>
> On August 14, 2017 at 11:37 AM, Rajani Karuturi (raj...@apache.org) wrote:
>
>
> I merged the release notes PR[1]. Do we need to do something else for the
> changes to reflect on the docs site[2]?
>
>
> Downloads section of the website also needs to be updated.
>
>
> I am sending out a draft announcement to marketing@
>
>
> [1] https://github.com/apache/cloudstack-docs-rn/tree/4.10
>
> [2] http://docs.cloudstack.apache.org/projects/cloudstack-releas
> e-notes/en/4.10/
>
>
> Thanks,
>
> ~ Rajani
>
> http://cloudplatform.accelerite.com/
>
>
> On August 12, 2017 at 1:25 AM, Rohit Yadav (rohit.ya...@shapeblue.com)
> wrote:
>
>
> Thanks Simon,
>
>
> Overall, LGTM.
>
>
> - Rohit
>
> *From:* Simon Weller 
> *Sent:* Friday, August 11, 2017 7:56:52 PM
> *To:* Rajani Karuturi; dev@cloudstack.apache.org
> *Cc:* Wido den Hollander
> *Subject:* Re: 4.10 release announcement?
>
> Thanks Rohit.
>
>
>
> i've modified the list based on that.
>
>
> - IPV6 support for basic networking
> - Virtio-Scsi disk controller support for KVM
> - Ability to disable primary storage to secondary storage backups for
> snapshots
> - VMSnapshot (including memory) support for KVM on NFS
> - RBD snapshot backups to secondary are now QCOW2 rather than raw to save
> space
> - Strongwan VPN Improvements
> - Nuage VSP SDN Plugin: Shared networks support, Guest DNS support,
> Source- and Static-nat to Underlay and support for Nuage VSP 4.0
> - Significant performances improvements related to Virtual Router
> Deployment
> - Force power off/stop support for KVM, VMware and XenServer
> - Lots of bug fixes and performance improvements
>
>
>
> 
> From: Rohit Yadav 
> Sent: Friday, August 11, 2017 12:51 PM
> To: Rajani Karuturi; dev@cloudstack.apache.org
> Cc: Wido den Hollander
> Subject: Re: 4.10 release announcement?
>
> The power off operation (or force stop flag in deployVM API) on VM is
> supported for all KVM, VMware and XenServer.
>
>
> - Rohit
>
> 
> From: Simon Weller 
> Sent: Friday, August 11, 2017 2:31:52 PM
> To: Rajani Karuturi; dev@cloudstack.apache.org
> Cc: Wido den Hollander
> Subject: Re: 4.10 release announcement?
>
> Rajani,
>
>
> Great job on this release!
>
>
> Wido,
>
>
> Here are few more items for the feature list. I've combined those already
> mentioned as well.
>
>
> - IPV6 support for basic networking
> - Virtio-Scsi disk controller support for KVM
> - Ability to disable primary storage to secondary storage backups for
> snapshots
> - VMSnapshot (including memory) support for KVM on NFS
> - RBD snapshot backups to secondary are now QCOW2 rather than raw to save
> space
> - Strongwan

Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

2017-08-28 Thread Rohit Yadav

All,


I'll cut 4.9.3.0 RC1 before end of tomorrow, seeking any comments and blockers 
from the community. Thank you.


- Rohit


From: Rohit Yadav 
Sent: Wednesday, August 23, 2017 9:49:02 PM
To: dev@cloudstack.apache.org
Subject: Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

All,


Over the past couple of weeks, we've reviewed, tested and merge several PRs. In 
the recent Trillian test run against latest 4.9 branch, against KVM, VMware and 
XenServer all smoke tests passed except for rVR and rVPC related failures which 
are same as the failures in 4.9.2.0. The most common failure in the rVR setup 
is that the MASTER VR does not work properly, however a workaround is to reboot 
it, which causes BACKUP VR to takeover as MASTER and routes, private gateways 
and other issues resolve themselves.


During this effort, we've also tried to stabilize master branch and currently, 
most smoke tests are passing on master for KVM, XenServer, VMware except for 
rVR, rVPC tests, and some intermittent failures seen for some volume, vpn, 
snapshot related tests.


With this, we'll be running component tests and hopefully cut 4.9.3.0 RC1 for 
voting soon.


4.9 smoketest: https://github.com/apache/cloudstack/pull/2217

Master smoketests PR: https://github.com/apache/cloudstack/pull/2225


- Rohit


From: Rohit Yadav 
Sent: Thursday, August 10, 2017 2:34:29 PM
To: dev@cloudstack.apache.org
Subject: Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

Hi Alireza,


One of the issues mentioned may have been already fixed in 4.9 branch and will 
make its way in 4.9.3.0. For the other issue, a fix/PR does not exist already. 
Given, it's not a blocker/critical issue and freeze is tomorrow, if we don't 
have a PR soon it will likely get fixed in future releases. Thanks.


- Rohit


From: Alireza Eskandari 
Sent: Saturday, August 5, 2017 12:53:41 PM
To: dev@cloudstack.apache.org
Subject: RE: [DISCUSS] CloudStack 4.9.3.0 (LTS)

Hi Rohit
Please consider these bugs in next release:
https://issues.apache.org/jira/browse/CLOUDSTACK-10033
https://issues.apache.org/jira/browse/CLOUDSTACK-9994

rohit.ya...@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue




rohit.ya...@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue




rohit.ya...@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

Re: [DISCUSS][SECURITY] Feature: Secure CloudStack Communications

2017-08-28 Thread Rohit Yadav

Thank you all, the feature has been merged into master with extensive testing. 
I'll now proceed with sending a doc PR to document this feature, and usage of 
scripts.


- Rohit


From: ilya 
Sent: Thursday, August 24, 2017 12:20:41 AM
To: dev@cloudstack.apache.org
Subject: Re: [DISCUSS][SECURITY] Feature: Secure CloudStack Communications

Awesome work - thank you Rohit.

On 8/23/17 12:49 PM, Rohit Yadav wrote:
> All,
>
>
> No regression is seen in the smoke test run, however, I'll leave the PR open 
> for some time to gather further feedback and reviews.
>
>
> - Rohit
>
> 
> From: Rohit Yadav 
> Sent: Friday, August 18, 2017 4:09:30 PM
> To: dev@cloudstack.apache.org
> Subject: Re: [DISCUSS][SECURITY] Feature: Secure CloudStack Communications
>
> All,
>
>
> The feature is ready for your review, please see:
>
> https://github.com/apache/cloudstack/pull/2239
>
>
> Thanks and regards.
>
> 
> From: Rohit Yadav 
> Sent: Thursday, July 13, 2017 12:59:02 PM
> To: dev@cloudstack.apache.org
> Subject: [DISCUSS][SECURITY] Feature: Secure CloudStack Communications
>
> All,
>
>
> With upcoming features such as the application service (container service), 
> and existing features such as SAML, they all need some sort of certificate 
> management and the idea with the proposed feature is to build a pluggable 
> certificate authority manager (CA Manager). I would like to kick an initial 
> discussion around how we can secure components of CloudStacks. A CA 
> service/manager that can create/provision/deploy certificates providing both 
> automated and semi-automated ways for deploying/setup of certificates using 
> in-band (ssh, command-answer pattern) and out-of-band (ssh, ansible, chef 
> etc) to CloudStack services (such as systemvm agents, KVM agents, possible 
> webservices running in systemvms, VRs etc).
>
>
> While we do have some APIs and mechanisms to secure user/external facing 
> services where we can use custom or failsafe SSL/TLS certificates, it's far 
> from a complete solution. The present communications between CloudStack 
> management server, its peers and agents (served on port 8250) is one way SSL 
> handshaked connection, is not authenticated while may be secure by insecure 
> certificates.
>
>
> As a first step, it is proposed to create a general purpose pluggable CA 
> service with a default plugin implementation where CloudStack becomes a 
> Root-CA and can issue self-signed certificates. Such certificates may be 
> consumed by CloudStack agents (CPVM/SSVM/KVM) and other components/services 
> (such as SAML, container services etc). The pluggable CA framework should 
> allow developers to extend the functionality by implementing provider plugins 
> that may work with other CA providers such as LetsEncrypt, an 
> existing/internal CA infrastructure, or other certificate vendors.
>
>
> Please see an initial FS and ideas on implementation in the following FS. 
> Looking forward to your feedback.
>
>
> FS: 
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Secure+Agent+Communications
>
> JIRA: https://issues.apache.org/jira/browse/CLOUDSTACK-9993
>
>
> Regards.
>
> rohit.ya...@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.ya...@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.ya...@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> @shapeblue
>
>
>
>

rohit.ya...@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

Re: one question network survey

2017-08-28 Thread Simon Weller

Daan,


We use vxlan via the native driver on KVM. Our use currently is within standard 
isolated networks and VPC isolated networks. We use standard VLANs on the 
private gateways, but we're currently exploring some other methods there to 
eliminate our vlan requirement.


- Si



From: Imran Ahmed 
Sent: Monday, August 28, 2017 4:29 AM
To: us...@cloudstack.apache.org; dev@cloudstack.apache.org
Subject: RE: one question network survey

Hi Daan,

I use a separate trunk  (OVS or non OVS bonded with LACP ) connected to 
multiple switches (which are already configured into a switch stack). There can 
be multiple case scenarios but I am mentioning the most generic one .

Hope that answers your question if I have correctly understood your question.


Regards,



-Original Message-
From: Daan Hoogland [mailto:daan.hoogl...@shapeblue.com]
Sent: Monday, August 28, 2017 12:20 PM
To: dev@cloudstack.apache.org; us...@cloudstack.apache.org
Subject: one question network survey

Devs and users,

Can you all please tell me how you are using VxLan in your cloudstack 
environments?

The reason behind this is that I am planning some refactoring in the 
networkgurus and I don’t want to break any running installations on upgrade. If 
you are not using vxlan but know of people that might not react, using it, 
please point me to them.

Thanks,

daan.hoogl...@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

one question network survey

2017-08-28 Thread Daan Hoogland

Devs and users,

Can you all please tell me how you are using VxLan in your cloudstack 
environments?

The reason behind this is that I am planning some refactoring in the 
networkgurus and I don’t want to break any running installations on upgrade. If 
you are not using vxlan but know of people that might not react, using it, 
please point me to them.

Thanks,

daan.hoogl...@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

[New Feature] noVNC console in Cloudstack

Re: one question network survey

Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

[VOTE] Apache Cloudstack 4.9.3.0 RC1

Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

Re: 4.10 release announcement?

Re: 4.10 release announcement?

Re: [DISCUSS] CloudStack 4.9.3.0 (LTS)

Re: [DISCUSS][SECURITY] Feature: Secure CloudStack Communications

Re: one question network survey

one question network survey

11 matches

Site Navigation

Mail list logo

Footer information