Entries tagged [cloudstack]
Announcing Apache CloudStack® 220.127.116.11
The Apache® CloudStack® project is pleased to announce the release of the CloudStack 18.104.22.168. The CloudStack version 22.214.171.124 is a 4.12 non-LTS release, adding multiple features for those who want to access a fresh CloudStack prior to the next LTS. The release 126.96.36.199 combines 12 months of work and adds +200 commits, with multiple new features and fixes.
Apache CloudStack is an integrated Infrastructure-as-a-Service (IaaS) software platform that allows users to build feature-rich public and private cloud environments. CloudStack includes an intuitive user interface and rich API for managing the compute, networking, software, and storage resources. The project became an Apache top level project in March, 2013.
More information about Apache CloudStack can be found at http://cloudstack.apache.org/
What's new in CloudStack 188.8.131.52 http://docs.cloudstack.apache.org/en/184.108.40.206/releasenotes/about.html
The 220.127.116.11 release notes include a full list of corrected issues, as well as upgrade instructions from previous versions of Apache CloudStack, and can be found at http://docs.cloudstack.apache.org/en/18.104.22.168/upgrading/index.html
The official installation, administration and API documentation for each release are available on our Documentation Page http://docs.cloudstack.apache.org/en/22.214.171.124/
The official source code for the 126.96.36.199 release can be downloaded from our downloads page http://cloudstack.apache.org/downloads.html
The official source code release can be downloaded from http://cloudstack.apache.org/downloads.html
In addition to the official source code release, individual contributors have also made convenience binaries available on the Apache CloudStack download page, and can be found at https://download.cloudstack.org/
### END ###
What's coming in CloudMonkey v6.0.0
The original CloudMonkey was contributed to the Apache CloudStack project on 31 Oct 2012 under the Apache License 2.0. It is written in Python and shipped using the Python CheeseShop, and since its inception has gone through several refactors and rewrites. While this has worked well over the years, the installation and usage have been limited to just a few modern platforms due to the dependency on Python 2.7, meaning it is hard to install on older distributions such as CentOS6.
Over the past two years, several attempts have been made to make the code compatible across Python 2.6, 2.7 and 3.x. However, it proved to be a maintenance and release challenge – making it code compatible across all the platforms, all the Python versions and the varied dependency versions; whilst also keeping it easy to install and use. During late 2017, an experimental CloudMonkey rewrite called cmk was written in Go, a modern, statically typed and compiled programming language which could produce cross-platforms standalone binaries. Finally, in early 2018, after reaching a promising state the results of the experiment were shared with the community, to build support and gather feedback for moving the CloudMonkey codebase to Go and deprecate the Python version.
During 2018, two Go-based ports were written using two different readline and prompt libraries. The alpha / beta builds were shared with the community who tested them, reported bugs and provided valuable feedback (especially around tab-completion) which drove the final implementation. With the new rewrite CloudMonkey (for the first time) ships as a single executable file for Windows which can be easily installed and used having mostly the same user experience one would get on Linux or Mac OSX. The rewrite aims to maintain command-line tool backward compatibility as a drop-in replacement for the legacy Python-based CloudMonkey (i.e. shell scripts using legacy CloudMonkey can also use the modern CloudMonkey cmk). Legacy Python-based CloudMonkey will continue to be available for installation via pip but it will not be maintained moving forward.
CloudMonkey 6.0 requires a final round of testing and bug-fixing before the release process will commence. The beta binaries are available for testing here.
# Major changes in CloudMonkey 6.0
- Ships as standalone 32-bit and 64-bit binaries targeting Windows, Linux and Mac including ARM support (for example, to run on Raspberry Pi)
- Drop-in replacement for legacy Python-based CloudMonkey as a command line tool
- Interactive selection of API commands, arguments, and argument options
- JSON is the default API response output format
- Improved help docs output when ‘-h’ is passed to an API command
- Added new output format ‘column’ that outputs API response in a new columnar way like modern CLIs such as kubectl and docker
- Added new set option ‘debug’ to enable debug mode, set option ‘display’ renamed as ‘output’
- New CloudMonkey configuration file locking mechanism to avoid file corruption when multiple cmk instances run
- New configuration folder ~/.cmk to avoid conflict with legacy Python-based version
# Features removed in CloudMonkey 6.0:
- Removed XML output format.
- Removed CloudMonkey logging API requests and responses to a file.
- Coloured output removed.
- Removed set options: color (for coloured output), signatureversion and expires (no longer acceptable API parameters), paramcompletion (API parameter completion is not enabled by default), cache_file (the default cache file, now at ~/.cmk/cache ), history_file (the history file), log_file (API log file).
Posted at 05:22PM Mar 19, 2019 by Rohit Yadav in Status | |
Apache CloudStack registerUserKeys authorization vulnerability
The CloudStack security team recently received notice of a significant vulnerability in a CloudStack API call - registerUserKeys. The original intention for this call was for it to only be exposed for integration work - eg not to the public network in general. A weakness in the API call's implementation allows a malicious user to reset the API keys for other users on the system, thus accessing resources and services available to that user. We have released CloudStack versions 188.8.131.52 and 184.108.40.206 with patches for this issue. More details about the release can be read on the official announcement post.
Some users may be protected from this weakness already, if they have configured their commands.properties file to limit access to this api call from the integration API port, instead of general API port. This can be accomplished by setting registerUserKeys to 1.
Users of Apache CloudStack version 4.9 whom are using the dynamic roles feature can delete the "Allow" rule for "registerUserKeys" for each non-administrator role under the Roles/Rules section of the user interface.Credit:
This vulnerability was reported by Marc-Aurèle Brothier from Exoscale.
The Apache CloudStack Project Announces Apache™ CloudMonkey™ v5.3.0
The Apache CloudStack project is pleased to announce the 5.3.0 release of CloudMonkey, the command line interface tool for Apache CloudStack configuration and management.[Read More]
Announcing Apache™ CloudStack™ v4.4.1
The Apache CloudStack project is pleased to announce the 4.4.1 release of CloudStack, turnkey Open Source cloud computing software platform used for creating private-, public-, and hybrid cloud environments.[Read More]
Announcing the CloudStack Collaboration Conference - Europe
With two very successful events in the United Stated we know it is time to bring this conference to Europe. This time we’re gathering the community in The Netherlands. More specific, right in the center of Amsterdam in one of its historical landmarks, the Beurs van Berlage.
Starting November 20th with a hack day and continuing with a two day conference, this will be your opportunity to dive into all things CloudStack. Meet the community, discuss new ideas and learn about existing and upcoming features. We have setup the conference to provide an exciting environment to participate in workshops, attend presentations or just sit back and have a drink with other CloudStack enthusiasts.
The Call for Papers is open right now, so send your abstract to firstname.lastname@example.org. If it’s relevant to Apache CloudStack development, deployment, and integration, we’re interested in what you might have to say. We can accommodate workshops, hack sessions, presentation and we want to work with you to make sure you can share what you want with the community. Check the website for more details, http://www.cloudstackcollab.org/call-for-papers
The conference website http://www.cloudstackcollab.org will be regularly updated with new content to keep you informed about the conference. Please check it regularly to be informed about the latest developments regarding the CloudStack Collaboration Conference Europe.
The Call for Papers will run from today (August 16th) to September 30th. We will send out notifications shortly after closing the the Call for Papers.
The Conference Hack Day will be November 20th
The Conference talks and planned sessions begin on November 21th
The Conference ends on November 22th
We will announce the registration in a short while, please keep an eye on the website http://www.cloudstackcollab.org/ for more details.
The conference will be at the Beurs van Berlage in Amsterdam, The Netherlands. Located in the city center it is close to quite a number of hotels and hostels in Amsterdam. We are looking at the possibility to make a deal with one of the hotels in the immediate vicinity of the conference location. We will update the conference website when we have the details.
Sponsoring opportunities are available for the CloudStack Collaboration Conference. At the conference website http://www.cloudstackcollab.org/sponsors some of our sponsors will explain you the benefits in a video message. If you’d like to see the sponsorship prospectus or ask about sponsoring, contact email@example.com.
We’re very pleased to invite the community to Amsterdam and we hope you’ll join us! See you in Amsterdam!
Apache CloudStack Weekly News - 17 June 2013
It's been another busy week for the Apache CloudStack project. This week we welcome another new committer, work continues on 4.1.1 and 4.2.0, and we have some interesting discussions on how we should release the CloudMonkey and Marvin tools used with CloudStack. We've also seen a few interesting marketing discussions, and the community is gearing up for the second CloudStack Collaboration Conference taking place 23 June through 25 June in Santa Clara, CA.[Read More]
4.1.0 VOTE in Progress: Testers Welcome!
The Apache CloudStack is very near to the 4.1.0 release, and as a result we’re conducting a vote on artifacts for the 4.1.0 release right now. Because we want to make sure we have the best possible release, we’d like to invite anyone who’s interested in CloudStack to take the current release candidate for a test drive. [Read More]
Apache CloudStack Weekly News - 4 March 2013
This week, a vote on updating the project bylaws, fixing the "Tomcat situation" after 4.1, and discussions around the support lifecycle. Some respectable progress in knocking out major and blocker bugs for 4.1.0 as well. The project also welcomes two new PPMC members and three new committers.[Read More]
Apache Cloudstack Weekly News - 25 February 2013
This week, interesting discussions on the Java version(s) to be supported by CloudStack, updates on translation, and database changes. Also discussion on the next CloudStack Collaboration Conference, and more. Work on 4.1.0 continues, and there's much to be done before it's ready to ship.[Read More]
Posted at 06:08AM Feb 26, 2013 by jzb in News | |
Apache CloudStack 4.0.1-incubating Released
The Apache CloudStack project is pleased to announce the 4.0.1-incubating release of the CloudStack Infrastructure-as-a-Service (IaaS) cloud orchestration platform. This is a minor release in the 4.0.0 branch, which contains fixes for more than 30 bugs.[Read More]
Apache CloudStack Weekly News - 11 February 2013
In the past week, the 4.0.1-incubating release passed its VOTE on the firstname.lastname@example.org list, work continued on 4.1.0, and there were active discussions on using Gerrit, cloud-init, and whether memory usage has increased following the adoption of the Spring framework.[Read More]
Posted at 11:32PM Feb 11, 2013 by jzb in News | |
Apache CloudStack Weekly News - 4 February 2013
Another busy week in Apache CloudStack land! Javelin has been merged with master, the 4.1 branch has been created, and the 4.0.1-incubating release has passed its second round vote to go on to the IPMC vote.[Read More]
Posted at 12:42AM Feb 05, 2013 by jzb in News | |