[Openstack] Horizon and Quantum Folsom RC1 available

Hello everyone, Two weeks away from 2012.2 ("Folsom") final release, we are starting to produce release candidates. The tarballs for the first release candidate for OpenStack Network service (Quantum) and Dashboard (Horizon) are now available at: https://launchpad.net/quantum/folsom/folsom-rc1 h

Re: [Openstack] Quantum -. Multi-Plugin and support for provisioning of other devices.

Tim, It's possible that SAN appliance used to provide storage to VMs under Cinder management will need to directly plug some logical port into tenant network. In this case, it seems that it should be Quantum actually performing plug, probably through some specialized agent. -- Best regards, Oleg

Re: [Openstack] Private instances can't access Internet

I've just killed dnsmasq, restarted network and services. Now everything is working! :) I'll paste my CC nova.conf and my NODE nova.conf and the interface config Thanks guy for helping me ** /etc/network/interfaces ** # The loopback network interface auto lo iface lo inet loopback # The primary n

Re: [Openstack] [ceilometer] *ALT TIME* Metering meeting agenda for Wed at 21:00 UTC (Sept 12th, 2012)

On Tue, Sep 11, 2012 at 5:22 PM, Nick Barcet wrote: > PLEASE NOTE THE ALTERNATIVE MEETING TIME WED 21:00 UTC > > The metering project team will hold its next meeting at alternate time > on *Wednesday* at 9PM UTC >

[Openstack] [OpenStack][Nova] Reuse part of Nova-API

Hello, I've been tasked with translating the OpenStack API to another provider, so that the other provider is able to handle both it's own API and requests nova's API. Is it possible to reuse most of nova-api's handling of the REST request and simply change the underlying execution? In other words

[Openstack] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenStack Security Advisory: 2012-014 CVE: CVE-2012-4413 Date: September 12, 2012 Title: Revoking a role does not affect existing tokens Impact: High Reporter: Dolph Mathews (Rackspace) Products: Keystone Affects: Essex, Folsom Description: Dolph Ma

[Openstack] [ceilometer] Release plan for 0.1

Hi all, Based on the discussion in the last Ceilometer meeting[1], here's my proposal for dates for the Ceilometer 0.1 release calendar: - Feature freeze for 0.1 QA: 2012-09-28 - Release: 2012-10-12 Arguments for / against welcome. [1] http://eavesdrop.openstack.org/meetings/ceilometer/2012

Re: [Openstack] [Openstack-announce] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)

This is not a repeat of cve-2012-3426? On Sep 12, 2012 9:37 AM, "Thierry Carrez" wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > OpenStack Security Advisory: 2012-014 > CVE: CVE-2012-4413 > Date: September 12, 2012 > Title: Revoking a role does not affect existing tokens > Impact:

Re: [Openstack] [Openstack-announce] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/12/2012 01:07 PM, Matt Joyce wrote: > This is not a repeat of cve-2012-3426? It's related, but not the same. That CVE did not include this specific issue (existing tokens including roles that may have since been revoked). It was for some other

Re: [Openstack] Fwd: Cinder PTL candidacy

Hi Rob, Thanks, initial thoughts regarding your questions are inline below. John On Wed, Sep 12, 2012 at 10:43 AM, Esker, Robert wrote: > Hi John, > > Good to see you running and thanks for your efforts thus far... I do > have a few questions about your thoughts on Cinder's future: > > • We

Re: [Openstack] [oss-security] Re: [Openstack-announce] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/12/2012 11:07 AM, Matt Joyce wrote: > This is not a repeat of cve-2012-3426? Quite different: CVE-2012-3426 OpenStack-Keystone: token expiration issues https://bugzilla.redhat.com/show_bug.cgi?id=843311 CVE-2012-4413 OpenStack-Keystone: role r

Re: [Openstack] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)

Ryan Lane deserves recognition for originally identifying this as a potential vulnerability. Thanks, Ryan! -Dolph On Wed, Sep 12, 2012 at 11:36 AM, Thierry Carrez wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > OpenStack Security Advisory: 2012-014 > CVE: CVE-2012-4413 > Date: S

Re: [Openstack] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)

hah! On Wed, Sep 12, 2012 at 10:32 AM, Soren Hansen wrote: > So if I can grant people access to a particular tenant, I can invalidate > everyone's tokens at will now? > > Best regards, Soren. > Sent from my phone. Please pardon my brevity. > On Sep 12, 2012 6:40 PM, "Thierry Carrez" wrote: > >>

Re: [Openstack] [ceilometer] Release plan for 0.1

On Wed, Sep 12, 2012 at 12:47 PM, Graham Binns wrote: > Hi all, > > Based on the discussion in the last Ceilometer meeting[1], here's my > proposal for dates for the Ceilometer 0.1 release calendar: > > - Feature freeze for 0.1 QA: 2012-09-28 > - Release: 2012-10-12 > > Arguments for / against

Re: [Openstack] [OSSA 2012-014] Revoking a role does not affect existing tokens (CVE-2012-4413)

So if I can grant people access to a particular tenant, I can invalidate everyone's tokens at will now? Best regards, Soren. Sent from my phone. Please pardon my brevity. On Sep 12, 2012 6:40 PM, "Thierry Carrez" wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > OpenStack Security A

[Openstack] instance metadata timeout

Hi All, My instances are timing out while obtaining their meta-data. They are being spawned on the same controller node in which I am running nova-network and nova-api services. The networks are being provisioned through the Quantum V2 API. I have enabled meta-data in my nova.conf. Any thoughts

[Openstack] [Doc] This week in Docs 9/12/12

Wow, we went from 34 High folsom-targeted doc bugs two weeks ago to 17 on Monday. Great work everyone. I think there might be something to this community documentation thing. :-P Tom Fifield and Ying Chun Guo (Daisy) are tearing it up with reviews and patches! Still over 100 doc bugs (some are tas

Re: [Openstack] Future of Launchpad OpenStack mailing list (this list)

On 09/04/2012 09:57 AM, Duncan McGreggor wrote: > Do we have information on the type/number of discussions that are > "user" and not "operator"? "general" and not "user" or "operator"? well, that would be good to know. Like it would be good to understand what sort of topics we get on each lists. F

Re: [Openstack] Future of Launchpad OpenStack mailing list (this list)

My two penneth worth: I'd be confused as to what the difference between "general" and "operators" would be and would result in people posting to both - so that goes for openstack@... openstack-general@... and openstack-operators@ It would seem that there is a clear distinction between development

[Openstack] [swift] 1.7.0-final pushed

I just pushed the final versioning change to Swift 1.7.0. This is our part of OpenStack Folsom. Good work everyone, and thanks the time and effort you have put into keeping Swift world-class software. I'll follow up later with more details about what is in Swift 1.7.0 and the changes since the

Re: [Openstack] [ceilometer] *ALT TIME* Metering meeting agenda for Wed at 21:00 UTC (Sept 12th, 2012)

On 09/11/2012 11:22 PM, Nick Barcet wrote: > PLEASE NOTE THE ALTERNATIVE MEETING TIME WED 21:00 UTC > > The metering project team will hold its next meeting at alternate time > on *Wednesday* at 9PM UTC > . > > Ev

Re: [Openstack] Future of Launchpad OpenStack mailing list (this list)

I like these two penneth. d On Wed, Sep 12, 2012 at 1:54 PM, Kevin Jackson wrote: > My two penneth worth: > > I'd be confused as to what the difference between "general" and "operators" > would be and would result in people posting to both - so that goes for > openstack@... openstack-general@...

Re: [Openstack] Future of Launchpad OpenStack mailing list (this list)

+ 2 shekels On Sep 12, 2012, at 3:54 PM, Kevin Jackson wrote: > My two penneth worth: > > I'd be confused as to what the difference between "general" and "operators" > would be and would result in people posting to both - so that goes for > openstack@... openstack-general@... and openstack-o

Re: [Openstack] [OpenStack][Nova] Reuse part of Nova-API

Sure, you could write a different implementation of compute.api (and network.api and volume.api if needed) to talk to the other provider. Vish On Sep 12, 2012, at 8:45 AM, Leander Bessa Beernaert wrote: > Hello, > > I've been tasked with translating the OpenStack API to another provider, so

Re: [Openstack] Future of Launchpad OpenStack mailing list (this list)

To chime in as a lurker around here, this sounds good, but why add the security list? It seems like security specific topics would interest those subscribed to the general list as well. On Wed, Sep 12, 2012 at 4:54 PM, Kevin Jackson wrote: > My two penneth worth: > > I'd be confused as to what th

Re: [Openstack] Future of Launchpad OpenStack mailing list (this list)

Guess the only advantage would be to minimize the chance of someone missing the security related messages in the noise of a heavy traffic mailing list. Even if there were a specialized list, I'd think you'd want to cross post security issues to all lists, depending on severity (and with security

[Openstack] paas in openstack and forked cloudfoindry

hi all we try to make openstack as paas using cloudfoundry. and also seeking alternative to it shocked that there are forked cloudfiundry. and got that vmware manage different way his cloudfoundry there are piston, stackato i hear appfog never hear cf manage the way people do. in this case fork

Re: [Openstack] Future of Launchpad OpenStack mailing list (this list)

On 09/12/2012 08:56 PM, Syd (Sydney) Logan wrote: > Guess the only advantage would be to minimize the chance of someone > missing the security related messages in the noise of a heavy traffic > mailing list. > > Even if there were a specialized list, I’d think you’d want to cross > post security i

Re: [Openstack] Future of Launchpad OpenStack mailing list (this list)

Sounds good to me. -Original Message- From: Russell Bryant [mailto:rbry...@redhat.com] Sent: Wednesday, September 12, 2012 6:23 PM To: Syd (Sydney) Logan Cc: Asher Newcomer; Kevin Jackson; Thierry Carrez; openstack@lists.launchpad.net Subject: Re: [Openstack] Future of Launchpad OpenStack

Re: [Openstack] [OpenStack][Nova] Reuse part of Nova-API

Hi vish- Can please outline about or point to some source where we get info on nava compute api code structure and relationship between the different classes This helps devs to understand the code orientation and request flow inside the api. - Trinaths On Sep 13, 2012 6:04 AM, "Vishvananda I

[Openstack] [heat] Meeting Minutes 2012/09/10

= #heat Meeting = Meeting started by sdake at 21:12:45 UTC. http://heat-api.org/heat-irc-meetings/heat.2012-09-10-21.12.html Meeting summary --- * rollcall (sdake, 21:14:29) * sdake, steveb_ slower shardy zaneb jpeeler present (sdake, 21:16:19) * hea

[Openstack] nova-translation-* jobs in Jenkins

Dear CI team, I'd like to understand if there are any jobs in Jenkins running to upload and download translations from Transifex. I see some nova-translation-* jobs active, but I cannot figure out which website they are connecting with, Lauchpad or Transifex. Can somebody tell me? Regards Ying

[Openstack] make swift.common.utils.streq_const_time more efficient

def streq_const_time(s1, s2): if len(s1) != len(s2): return False result = 0 for (a, b) in zip(s1, s2): result |= ord(a) ^ ord(b) return result == 0 + If s1 and s2 are of the same length, then the function will compare ever