Lwood-20151220

Introduction

Welcome to Last week on OpenStack Dev (“Lwood”) for the week ending 20th December 2015. For more background on Lwood, please refer here.

Basic Stats for week 14th to 20th December 2015 :

  • ~610 Messages (down about 4% relative to last week)
  • ~184 Threads (down about 8% relative to last week)

All getting a little quieter as we near the end of year, a shorter Lwood as a result to the point where I’m worrying I’ve missed something!

Notable Discussions

Two new Open Stack Security Notices (OSSN 0061, 0062)

Glance image signature uses an insecure hash algorithm (MD5) (OSSN 0061)

From the summary “During the Liberty release the Glance project added a feature that supports verifying images by their signature. There is a flaw in the implementation that degrades verification by using the weak MD5 algorithm.” More discussion in the original post or OSSN 0061

Potential reuse of revoked Identity tokens (OSSN 0062)

From the summary “An authorization token issued by the Identity service can be revoked, which is designed to immediately make that token invalid for future use. When the PKI or PKIZ token providers are used, it is possible for an attacker to manipulate the token contents of a revoked token such that the token will still be considered to be valid.  This can allow unauthorized access to cloud resources if a revoked token is intercepted by an attacker.  More in the original post or OSSN 0062

Gerrit Upgrade to 2.11 Complete

Khai writes to confirm the planned upgrade to v2.11 for the main openstack Gerrit instance was completed successfully. The changes were flagged in an earlier post covered in Lwood-20151018

Smaug – a new Application Data Protection project

Eran Gampel announced a new OpenStack project “Smaug” that is aiming tp provide Disaster Recovery for all OpenStack resources.  The post includes an encouraging sounding mission statement for the project, an invitation to join in the bi-weekly meetings and review the proposed Smaug API v1.0

Naming polls for N and O are open

Monty Taylor noted early in the week that polls are open for the OpenStack “N” and “O” names.  Polls close at the end of December 22 (UTC) – a less than 24h from now.

Clarifying “elusive unicorns” – Rolling Upgrades for Cinder

Michael Dulko provided a nicely put together summary of the conversations around rolling upgrades for Cinder (including the reference to “elusive unicorns”) – well worth a read.

Upcoming OpenStack Events

A summary of OpenStack related events that cropped up on the mailing list this past week that seemed worth calling out. Don’t forget the OpenStack Foundation’s excellent Events Page for a comprehensive list though!

General Events

  • A reminder that many projects and working groups are cancelling regular IRC meetings over the last couple of weeks of December 2015 and early January 2016 – worth double checking any that you usually attend to save that unnecessary early morning start or late night :)
    • A (possibly incomplete) list: NFV, TelcoWG, Neutron, DVR, Searchlight, Horizon, Glance, Fuel, QA, Performance, Nova, Tacker, Stable, Freezer, Lbaas and Octavia

Midcycles

  • [kosmos] Midcycle 20-22 January, Seattle, WA, USA – Graham Hayes
  • [designate] Midcycle – 8-10 February, Galway, Ireland – Graham Hayes
  • [tacker] Surveying dates for midcycle – End January, San Jose, CA, USA – Sridhar Ramaswarmy
  • [ansible] Midcycle Partially co-located with Ops Midcycle 15-17 February, UK  – Jesse Pretorious

People and Projects

Further Reading

Don’t forget these excellent sources of OpenStack news :)

Miscellanea

This is the last Lwood before Christmas and so I take this opportunity to wish you and yours the very best for Christmas or your preferred observance at this time of year! :)

This edition of Lwood brought to you by Marillion (A Singles Collection, Clutching At Straws), Queen (Greatest Hits I & II), Richard Clapton (The Best Years of our Lives), Rush (Hold Your Fire) amongst other excellent tunes.

Comments are closed.