date:20140409


On 09.04.2014 06:55, John Kinsella wrote:

Just put up a blog post with mitigation instructions [1]. If anybody
has any issues with this, please let us know and we’ll help/update as
appropriate.

We’re working on new SystemVM images, but that’s going to take us a 
few days.


For those who run 4.3 aren't these good enough?
http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/

Also, what is the procedure of replacing the System VMs and templates 
where there's no actual "upgrade" involved?


Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

Re: Review Request 19399: CLOUDSTACK-6257: Resolving issue in template creation from user VM volume, added method to check the state of VM before template creation

2014-04-09 Thread Ashutosh Kelkar


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19399/#review39871
---


Santhosh, can you please review this? Review changes have been incorporated.

- Ashutosh Kelkar


On March 21, 2014, 2:28 p.m., Ashutosh Kelkar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19399/
> ---
> 
> (Updated March 21, 2014, 2:28 p.m.)
> 
> 
> Review request for cloudstack and Santhosh Edukulla.
> 
> 
> Bugs: CLOUDSTACK-6257
> https://issues.apache.org/jira/browse/CLOUDSTACK-6257
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> As suggested, added getState method for VirtualMachine class, and it is 
> called before template creation. If VM fails to go into desired state, it 
> returns failure.
> 
> 
> Diffs
> -
> 
>   test/integration/component/test_project_usage.py ba0a63c 
>   test/integration/component/test_resource_limits.py f0d558e 
>   test/integration/component/test_tags.py 2a6e076 
>   test/integration/component/test_templates.py 3e83615 
>   test/integration/component/test_usage.py 5979a0a 
>   tools/marvin/marvin/codes.py e4a0f6a 
>   tools/marvin/marvin/integration/lib/base.py 775b289 
> 
> Diff: https://reviews.apache.org/r/19399/diff/
> 
> 
> Testing
> ---
> 
> Yes.
> 
> 
> Thanks,
> 
> Ashutosh Kelkar
> 
>

Re: Review Request 19399: CLOUDSTACK-6257: Resolving issue in template creation from user VM volume, added method to check the state of VM before template creation

2014-04-09 Thread Ashutosh Kelkar


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19399/#review39872
---


Santhosh, can you please review this? Review changes have been incorporated.

- Ashutosh Kelkar


On March 21, 2014, 2:28 p.m., Ashutosh Kelkar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19399/
> ---
> 
> (Updated March 21, 2014, 2:28 p.m.)
> 
> 
> Review request for cloudstack and Santhosh Edukulla.
> 
> 
> Bugs: CLOUDSTACK-6257
> https://issues.apache.org/jira/browse/CLOUDSTACK-6257
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> As suggested, added getState method for VirtualMachine class, and it is 
> called before template creation. If VM fails to go into desired state, it 
> returns failure.
> 
> 
> Diffs
> -
> 
>   test/integration/component/test_project_usage.py ba0a63c 
>   test/integration/component/test_resource_limits.py f0d558e 
>   test/integration/component/test_tags.py 2a6e076 
>   test/integration/component/test_templates.py 3e83615 
>   test/integration/component/test_usage.py 5979a0a 
>   tools/marvin/marvin/codes.py e4a0f6a 
>   tools/marvin/marvin/integration/lib/base.py 775b289 
> 
> Diff: https://reviews.apache.org/r/19399/diff/
> 
> 
> Testing
> ---
> 
> Yes.
> 
> 
> Thanks,
> 
> Ashutosh Kelkar
> 
>

Review Request 20150: Marvin: minor fix to exception handling in cloudstackConnection.py


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/20150/
---

Review request for cloudstack.


Repository: cloudstack-git


Description
---

Minor fix to the exception handling - string conversion on generic error thrown


Diffs
-

  tools/marvin/marvin/cloudstackConnection.py fb03e3b 

Diff: https://reviews.apache.org/r/20150/diff/


Testing
---


Thanks,

Chris Harding

Re: Review Request 18956: CLOUDSTACK-6147: Adding next set of tests for Dynamic Compute Offering


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/18956/#review39873
---


Commit b5a93751e24564d660ed36efd5f0f1774896162f in cloudstack's branch 
refs/heads/master from Ashutosh K
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=b5a9375 ]

CLOUDSTACK-6147: Adding automation tests for Dynamic Compute
 Offering


- ASF Subversion and Git Services


On March 13, 2014, 3:35 p.m., Ashutosh Kelkar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/18956/
> ---
> 
> (Updated March 13, 2014, 3:35 p.m.)
> 
> 
> Review request for cloudstack, Santhosh Edukulla and SrikanteswaraRao Talluri.
> 
> 
> Bugs: CLOUDSTACK-6147
> https://issues.apache.org/jira/browse/CLOUDSTACK-6147
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> These are next set of test cases for dynamic compute offering feature.
> 
> 
> Diffs
> -
> 
>   test/integration/component/test_dynamic_compute_offering.py 75cf0d6 
>   tools/marvin/marvin/config/config.cfg 356a291 
> 
> Diff: https://reviews.apache.org/r/18956/diff/
> 
> 
> Testing
> ---
> 
> Test log below.
> 
> Test scale running VM from dynamic offering to dynamic offering ... ok
> Test scale running VM from dynamic offering to dynamic offering ... ok
> Test scale running VM from dynamic offering to static offering ... ok
> Test scale running VM from dynamic offering to static offering ... ok
> Test scale running VM from static offering to dynamic offering ... ok
> Test scale running VM from static offering to dynamic offering ... ok
> Test scale running VM from static offering to static offering ... ok
> Test scale running VM from static offering to static offering ... ok
> Test scale stopped VM from dynamic offering to dynamic offering ... ok
> Test scale stopped VM from dynamic offering to dynamic offering ... ok
> Test scale stopped VM from dynamic offering to static offering ... ok
> Test scale stopped VM from dynamic offering to static offering ... ok
> Test scale stopped VM from static offering to dynamic offering ... ok
> Test scale stopped VM from static offering to dynamic offering ... ok
> Test scale stopped VM from static offering to static offering ... ok
> Test scale stopped VM from static offering to static offering ... ok
> 
> --
> Ran 16 tests in 1150.677s
> 
> OK
> 
> 
> Thanks,
> 
> Ashutosh Kelkar
> 
>

Re: Review Request 18956: CLOUDSTACK-6147: Adding next set of tests for Dynamic Compute Offering


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/18956/#review39874
---


Commit 35b2bd50e010578544dc8301129d7611fc184fed in cloudstack's branch 
refs/heads/4.4 from Ashutosh K
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=35b2bd5 ]

CLOUDSTACK-6147: Adding automation tests for Dynamic Compute
 Offering


- ASF Subversion and Git Services


On March 13, 2014, 3:35 p.m., Ashutosh Kelkar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/18956/
> ---
> 
> (Updated March 13, 2014, 3:35 p.m.)
> 
> 
> Review request for cloudstack, Santhosh Edukulla and SrikanteswaraRao Talluri.
> 
> 
> Bugs: CLOUDSTACK-6147
> https://issues.apache.org/jira/browse/CLOUDSTACK-6147
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> These are next set of test cases for dynamic compute offering feature.
> 
> 
> Diffs
> -
> 
>   test/integration/component/test_dynamic_compute_offering.py 75cf0d6 
>   tools/marvin/marvin/config/config.cfg 356a291 
> 
> Diff: https://reviews.apache.org/r/18956/diff/
> 
> 
> Testing
> ---
> 
> Test log below.
> 
> Test scale running VM from dynamic offering to dynamic offering ... ok
> Test scale running VM from dynamic offering to dynamic offering ... ok
> Test scale running VM from dynamic offering to static offering ... ok
> Test scale running VM from dynamic offering to static offering ... ok
> Test scale running VM from static offering to dynamic offering ... ok
> Test scale running VM from static offering to dynamic offering ... ok
> Test scale running VM from static offering to static offering ... ok
> Test scale running VM from static offering to static offering ... ok
> Test scale stopped VM from dynamic offering to dynamic offering ... ok
> Test scale stopped VM from dynamic offering to dynamic offering ... ok
> Test scale stopped VM from dynamic offering to static offering ... ok
> Test scale stopped VM from dynamic offering to static offering ... ok
> Test scale stopped VM from static offering to dynamic offering ... ok
> Test scale stopped VM from static offering to dynamic offering ... ok
> Test scale stopped VM from static offering to static offering ... ok
> Test scale stopped VM from static offering to static offering ... ok
> 
> --
> Ran 16 tests in 1150.677s
> 
> OK
> 
> 
> Thanks,
> 
> Ashutosh Kelkar
> 
>

Re: Review Request 19399: CLOUDSTACK-6257: Resolving issue in template creation from user VM volume, added method to check the state of VM before template creation

2014-04-09 Thread Santhosh Edukulla


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19399/#review39875
---

Ship it!


Ship It!

- Santhosh Edukulla


On March 21, 2014, 2:28 p.m., Ashutosh Kelkar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19399/
> ---
> 
> (Updated March 21, 2014, 2:28 p.m.)
> 
> 
> Review request for cloudstack and Santhosh Edukulla.
> 
> 
> Bugs: CLOUDSTACK-6257
> https://issues.apache.org/jira/browse/CLOUDSTACK-6257
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> As suggested, added getState method for VirtualMachine class, and it is 
> called before template creation. If VM fails to go into desired state, it 
> returns failure.
> 
> 
> Diffs
> -
> 
>   test/integration/component/test_project_usage.py ba0a63c 
>   test/integration/component/test_resource_limits.py f0d558e 
>   test/integration/component/test_tags.py 2a6e076 
>   test/integration/component/test_templates.py 3e83615 
>   test/integration/component/test_usage.py 5979a0a 
>   tools/marvin/marvin/codes.py e4a0f6a 
>   tools/marvin/marvin/integration/lib/base.py 775b289 
> 
> Diff: https://reviews.apache.org/r/19399/diff/
> 
> 
> Testing
> ---
> 
> Yes.
> 
> 
> Thanks,
> 
> Ashutosh Kelkar
> 
>

Build failed in Jenkins: cloudstack-4.4-maven-build-noredist #97

See 

--
Started by upstream project "cloudstack-4.4-maven-build" build number 148
originally caused by:
 Started by an SCM change
[EnvInject] - Loading node environment variables.
Building remotely on rpmbuilder in workspace 

java.io.IOException: Failed to mkdirs: 

at hudson.FilePath.mkdirs(FilePath.java:1069)
at hudson.model.AbstractProject.checkout(AbstractProject.java:1313)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:609)
at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:88)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:518)
at hudson.model.Run.execute(Run.java:1688)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:231)
Archiving artifacts
ERROR: Publisher hudson.tasks.ArtifactArchiver aborted due to exception
 
does not exist.
at 
org.apache.tools.ant.types.AbstractFileSet.getDirectoryScanner(AbstractFileSet.java:483)
at 
org.apache.tools.ant.types.AbstractFileSet.getDirectoryScanner(AbstractFileSet.java:460)
at 
hudson.tasks.ArtifactArchiver$ListFiles.invoke(ArtifactArchiver.java:181)
at 
hudson.tasks.ArtifactArchiver$ListFiles.invoke(ArtifactArchiver.java:172)
at hudson.FilePath$FileCallableWrapper.call(FilePath.java:2462)
at hudson.remoting.UserRequest.perform(UserRequest.java:118)
at hudson.remoting.UserRequest.perform(UserRequest.java:48)
at hudson.remoting.Request$2.run(Request.java:326)
at 
hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at hudson.remoting.Engine$1$1.run(Engine.java:63)
at java.lang.Thread.run(Thread.java:744)

Re: Review Request 19922: CLOUDSTACK-6251: Removed XenServer stub code and used xapi.jar from the central repository instead.

2014-04-09 Thread Konstantina Chremmou


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19922/
---

(Updated April 9, 2014, 10:20 a.m.)


Review request for cloudstack and Alex Huang.


Changes
---

I have uploaded a new version of the xapi jar to the central repository with 
corrected dependency on xmlrpc 3.1.3 and here is the patch for it. I expect 
this to fix the errors caused by the previous patch.

Perhaps it would be safer to leave the whole thing out of 4.4 since we're past 
code complete, but please apply on master (where the previous patch has not 
been reverted) and retest. Thanks.


Repository: cloudstack-git


Description
---

CLOUDSTACK-6251: Removed XenServer stub code and used xapi.jar from the central 
repository instead. Also: fixed typo; ignored file.


Diffs (updated)
-

  pom.xml c608c4b 

Diff: https://reviews.apache.org/r/19922/diff/


Testing
---


Thanks,

Konstantina Chremmou

Re: OpenSSL vunerability (bleedheart)

2014-04-09 Thread Abhinandan Prateek

Latest jenkins build template have openSSL version 1.0.1e, the version
that is compromised.

On 09/04/14 2:30 pm, "Nux!"  wrote:

>On 09.04.2014 06:55, John Kinsella wrote:
>> Just put up a blog post with mitigation instructions [1]. If anybody
>> has any issues with this, please let us know and we¹ll help/update as
>> appropriate.
>> 
>> We¹re working on new SystemVM images, but that¹s going to take us a
>> few days.
>
>For those who run 4.3 aren't these good enough?
>http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/
>
>Also, what is the procedure of replacing the System VMs and templates
>where there's no actual "upgrade" involved?
>
>Lucian
>
>-- 
>Sent from the Delta quadrant using Borg technology!
>
>Nux!
>www.nux.ro

Re: OpenSSL vunerability (bleedheart)

Hi,

I have tried upgrading openssl on our system vms(deployed using latest 
template), the version is still OpenSSL 1.0.1e 

Seems like apt does not have the binary of latest OpenSSL, may be we need to 
compile the library from latest OpenSSL source(OpenSSL 1.0.1g) and use that 
build in our systemvm template.

root@v-2-VM:~# apt-get update
...

root@v-2-VM:~# apt-get install openssl
Reading package lists... Done
Building dependency tree   
Reading state information... Done
The following packages will be upgraded:
  openssl
1 upgraded, 0 newly installed, 0 to remove and 4 not upgraded.
Need to get 700 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://security.debian.org/ wheezy/updates/main openssl amd64 
1.0.1e-2+deb7u6 [700 kB]
Fetched 700 kB in 0s (1,559 kB/s)
(Reading database ... 26260 files and directories currently installed.)
Preparing to replace openssl 1.0.1e-2+deb7u4 (using 
.../openssl_1.0.1e-2+deb7u6_amd64.deb) ...
Unpacking replacement openssl ...
Processing triggers for man-db ...
Setting up openssl (1.0.1e-2+deb7u6) ...

root@v-2-VM:~# openssl version
OpenSSL 1.0.1e 11 Feb 2013

-Harikrishna

On 09-Apr-2014, at 4:34 pm, Abhinandan Prateek  
wrote:

> Latest jenkins build template have openSSL version 1.0.1e, the version
> that is compromised.
> 
> On 09/04/14 2:30 pm, "Nux!"  wrote:
> 
>> On 09.04.2014 06:55, John Kinsella wrote:
>>> Just put up a blog post with mitigation instructions [1]. If anybody
>>> has any issues with this, please let us know and we¹ll help/update as
>>> appropriate.
>>> 
>>> We¹re working on new SystemVM images, but that¹s going to take us a
>>> few days.
>> 
>> For those who run 4.3 aren't these good enough?
>> http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/
>> 
>> Also, what is the procedure of replacing the System VMs and templates
>> where there's no actual "upgrade" involved?
>> 
>> Lucian
>> 
>> -- 
>> Sent from the Delta quadrant using Borg technology!
>> 
>> Nux!
>> www.nux.ro
>

Re: OpenSSL vunerability (bleedheart)


On 09.04.2014 12:04, Abhinandan Prateek wrote:

Latest jenkins build template have openSSL version 1.0.1e, the version
that is compromised.


Guys, do not panic.
It is my understanding that in Debian, just like in RHEL, major 
versions will not change, i.e. Debian GNU/Linux 7.0 will EOL with 
openssl 1.0.1e, but they will backport stuff.


After I did an "apt-get update && apt-get install openssl" I got 
package version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package 
is ok according to the changelog:


"aptitude changelog openssl" says:

openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Enable checking for services that may need to be restarted
  * Update list of services to possibly restart

 -- Salvatore Bonaccorso   Tue, 08 Apr 2014 10:44:53 
+0200


openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Add CVE-2014-0160.patch patch.
CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
A missing bounds check in the handling of the TLS heartbeat 
extension

can be used to reveal up to 64k of memory to a connected client or
server.

 -- Salvatore Bonaccorso   Mon, 07 Apr 2014 22:26:55 
+0200


In conclusion, if System VMs have openssl 1.0.1e-2+deb7u5 or higher, 
then they are OK. Can anyone confirm they have 1.0.1e-2+deb7u5+ ?


Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

interactions Cloudstack Vmware

2014-04-09 Thread Mohamed Ali Saidi

Hello,

I'm searching in the internet for interaction issues (Ports, protocol ,...
) between cloudstack and vmware (vcenter,..) but i can't find any helpful
docs.

Can any one help me to understand interactions or send me some architecture
docs explaining interactions.

Best Regards,

Re: interactions Cloudstack Vmware

2014-04-09 Thread Erik Weber

On Wed, Apr 9, 2014 at 1:44 PM, Mohamed Ali Saidi <
saidi.mohamed.ali...@gmail.com> wrote:

> Hello,
>
> I'm searching in the internet for interaction issues (Ports, protocol ,...
> ) between cloudstack and vmware (vcenter,..) but i can't find any helpful
> docs.
>
>

I believe most of the traffic happens on HTTPS to vcenter.
we put the vcenter in our management network, so didn't really have to
puzzle with openings.

-- 
Erik Weber

Re: interactions Cloudstack Vmware

2014-04-09 Thread Mohamed Ali Saidi

Thanks for your response.
To configure vcenter on cloudstack we don't need  to know interactions
between them , but i need informations for research issues.


2014-04-09 13:48 GMT+02:00 Erik Weber :

> On Wed, Apr 9, 2014 at 1:44 PM, Mohamed Ali Saidi <
> saidi.mohamed.ali...@gmail.com> wrote:
>
> > Hello,
> >
> > I'm searching in the internet for interaction issues (Ports, protocol
> ,...
> > ) between cloudstack and vmware (vcenter,..) but i can't find any helpful
> > docs.
> >
> >
>
> I believe most of the traffic happens on HTTPS to vcenter.
> we put the vcenter in our management network, so didn't really have to
> puzzle with openings.
>
>
> --
> Erik Weber
>

Re: tiny Linux build scripts

2014-04-09 Thread Rohit Yadav

Chris, you explore http://ttylinux.net or ask Edison since he had
originally added ttylinux to the original DevCloud.

Hope this helps.


On Wed, Apr 9, 2014 at 2:44 AM, Sebastien Goasguen  wrote:

> Chris, let me cc Rohit.
>
> On Apr 6, 2014, at 2:48 PM, chris snow  wrote:
>
> > Ah, tiny Linux looks like it is downloaded by devcloud from
> > http://people.apache.org/~bhaisaab/vms/ttylinux_pv.vhd
> >
> > If anyone has any scripts/instructions for building ttylinux - that
> > would be appreciated!
> >
> >
> > On Sun, Apr 6, 2014 at 7:30 PM, chris snow  wrote:
> >> Where can I find the build scripts for the "tiny Linux" template?
> >>
> >> Is the 'builtin' appliance ( /tools/appliance/definitions/builtin)
> "tiny Linux"?
> >>
> >> Many thanks,
> >>
> >> Chris
> >
> >
> >
> > --
> > Check out my professional profile and connect with me on LinkedIn.
> > http://lnkd.in/cw5k69
>
>

Re: OpenSSL vunerability (bleedheart)

Latest System VMs have openssl 1.0.1e-2+deb7u4. We need to update openssl to 
get 1.0.1e-2+deb7u6.

It will be great if some one can update openssl to 1.0.1e-2+deb7u6 and test 
OpenSSL HeartBleed Vulnerability. Right now I could not do it from our network. 

-Harikrishna

On 09-Apr-2014, at 5:00 pm, Nux!  wrote:

> On 09.04.2014 12:04, Abhinandan Prateek wrote:
>> Latest jenkins build template have openSSL version 1.0.1e, the version
>> that is compromised.
> 
> Guys, do not panic.
> It is my understanding that in Debian, just like in RHEL, major versions will 
> not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but they 
> will backport stuff.
> 
> After I did an "apt-get update && apt-get install openssl" I got package 
> version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok 
> according to the changelog:
> 
> "aptitude changelog openssl" says:
> 
> openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high
> 
>  * Non-maintainer upload by the Security Team.
>  * Enable checking for services that may need to be restarted
>  * Update list of services to possibly restart
> 
> -- Salvatore Bonaccorso   Tue, 08 Apr 2014 10:44:53 +0200
> 
> openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high
> 
>  * Non-maintainer upload by the Security Team.
>  * Add CVE-2014-0160.patch patch.
>CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
>A missing bounds check in the handling of the TLS heartbeat extension
>can be used to reveal up to 64k of memory to a connected client or
>server.
> 
> -- Salvatore Bonaccorso   Mon, 07 Apr 2014 22:26:55 +0200
> 
> In conclusion, if System VMs have openssl 1.0.1e-2+deb7u5 or higher, then 
> they are OK. Can anyone confirm they have 1.0.1e-2+deb7u5+ ?
> 
> Lucian
> 
> -- 
> Sent from the Delta quadrant using Borg technology!
> 
> Nux!
> www.nux.ro

Build failed in Jenkins: cloudstack-4.4-maven-build-noredist #98

See 

--
Started by upstream project "cloudstack-4.4-maven-build" build number 149
originally caused by:
 Started by an SCM change
[EnvInject] - Loading node environment variables.
Building remotely on rpmbuilder in workspace 

java.io.IOException: Failed to mkdirs: 

at hudson.FilePath.mkdirs(FilePath.java:1069)
at hudson.model.AbstractProject.checkout(AbstractProject.java:1313)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:609)
at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:88)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:518)
at hudson.model.Run.execute(Run.java:1688)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:231)
Archiving artifacts
ERROR: Publisher hudson.tasks.ArtifactArchiver aborted due to exception
 
does not exist.
at 
org.apache.tools.ant.types.AbstractFileSet.getDirectoryScanner(AbstractFileSet.java:483)
at 
org.apache.tools.ant.types.AbstractFileSet.getDirectoryScanner(AbstractFileSet.java:460)
at 
hudson.tasks.ArtifactArchiver$ListFiles.invoke(ArtifactArchiver.java:181)
at 
hudson.tasks.ArtifactArchiver$ListFiles.invoke(ArtifactArchiver.java:172)
at hudson.FilePath$FileCallableWrapper.call(FilePath.java:2462)
at hudson.remoting.UserRequest.perform(UserRequest.java:118)
at hudson.remoting.UserRequest.perform(UserRequest.java:48)
at hudson.remoting.Request$2.run(Request.java:326)
at 
hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at hudson.remoting.Engine$1$1.run(Engine.java:63)
at java.lang.Thread.run(Thread.java:744)

Re: Review Request 19578: CLOUDSTACK-6253: Optimizing VR alerts getting algorithm


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19578/
---

(Updated April 9, 2014, 12:28 p.m.)


Review request for cloudstack, Jayapal Reddy, Murali Reddy, and Sheng Yang.


Bugs: CLOUDSTACK-6253
https://issues.apache.org/jira/browse/CLOUDSTACK-6253


Repository: cloudstack-git


Description
---

CLOUDSTACK-6253: Optimizing VR alerts getting algorithm 
In addition to this a new configuration parameter is added 
router.alerts.check.interval defaulted to 30minutes to check for alerts in 
Virtual Router


Diffs (updated)
-

  core/src/com/cloud/agent/api/GetRouterAlertsAnswer.java 06a7a7a 
  core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java 
df4ed2c 
  engine/schema/src/com/cloud/vm/dao/DomainRouterDao.java e3f75fa 
  engine/schema/src/com/cloud/vm/dao/DomainRouterDaoImpl.java 6b62f56 
  
plugins/hypervisors/simulator/src/com/cloud/agent/manager/SimulatorManagerImpl.java
 23979c0 
  server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java 
e3597ac 
  server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java 
0899f42 
  systemvm/patches/debian/config/opt/cloud/bin/getRouterAlerts.sh e5e8abe 
  test/integration/component/test_VirtualRouter_alerts.py PRE-CREATION 
  test/integration/smoke/test_VirtualRouter_alerts.py caa9fc5 

Diff: https://reviews.apache.org/r/19578/diff/


Testing
---


Thanks,

Harikrishna Patnala

Re: Review Request 19578: CLOUDSTACK-6253: Optimizing VR alerts getting algorithm


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19578/
---

(Updated April 9, 2014, 12:28 p.m.)


Review request for cloudstack, Jayapal Reddy, Murali Reddy, and Sheng Yang.


Bugs: CLOUDSTACK-6253
https://issues.apache.org/jira/browse/CLOUDSTACK-6253


Repository: cloudstack-git


Description
---

CLOUDSTACK-6253: Optimizing VR alerts getting algorithm 
In addition to this a new configuration parameter is added 
router.alerts.check.interval defaulted to 30minutes to check for alerts in 
Virtual Router


Diffs
-

  core/src/com/cloud/agent/api/GetRouterAlertsAnswer.java 06a7a7a 
  core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java 
df4ed2c 
  engine/schema/src/com/cloud/vm/dao/DomainRouterDao.java e3f75fa 
  engine/schema/src/com/cloud/vm/dao/DomainRouterDaoImpl.java 6b62f56 
  
plugins/hypervisors/simulator/src/com/cloud/agent/manager/SimulatorManagerImpl.java
 23979c0 
  server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java 
e3597ac 
  server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java 
0899f42 
  systemvm/patches/debian/config/opt/cloud/bin/getRouterAlerts.sh e5e8abe 
  test/integration/component/test_VirtualRouter_alerts.py PRE-CREATION 
  test/integration/smoke/test_VirtualRouter_alerts.py caa9fc5 

Diff: https://reviews.apache.org/r/19578/diff/


Testing
---


Thanks,

Harikrishna Patnala

Review Request 20152: In com.cloud.utils.crypt.EncryptionSecretKeyChecker the key file paths are hard coded

2014-04-09 Thread Damodar Reddy Talakanti


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/20152/
---

Review request for cloudstack, Abhinandan Prateek and Kishan Kavala.


Bugs: https://issues.apache.org/jira/browse/CLOUDSTACK-6354

https://issues.apache.org/jira/browse/https://issues.apache.org/jira/browse/CLOUDSTACK-6354


Repository: cloudstack-git


Description
---

In com.cloud.utils.crypt.EncryptionSecretKeyChecker the key file paths are hard 
coded to "/etc/cloudstack/management/key" which will cause issue if key 
generation path gets changes during installation time.


Diffs
-

  utils/src/com/cloud/utils/crypt/EncryptionSecretKeyChecker.java 0e995c4 
  utils/test/com/cloud/utils/crypto/EncryptionSecretKeyCheckerTest.java 
PRE-CREATION 

Diff: https://reviews.apache.org/r/20152/diff/


Testing
---

Tested with enabling ecnryption.


Thanks,

Damodar Reddy Talakanti

Support pure Xen as a hypervisor follow-up

2014-04-09 Thread Dave Scott

Hi,

Following up from Tim's "Support pure Xen as a hypervisor" proposal last
month[1] I'd like to start working on this and maybe even make a little bit of
progress while I'm at CCC in Denver.

Helpfully James Bulpin managed to get CS + libvirt + xen to start an instance
in a simple configuration. Although the patches[2] are not intended to be
production-ready :) they help highlight some of the areas we need to change.

Some of the areas are:

1. hypervisor detection

Where we currently look for KVM specifically ("lsmod | grep kvm") we could
switch to either detecting any Linux hypervisor (by reading
/sys/hypervisor/type) and assuming if a hypervisor is present then we can use
libvirt on it (is this a fair assumption?) Or we could white-list “kvm” or
“xen”. Or we could query libvirt directly (perhaps via 'virsh capabilities'?)

2. fiddling with the domain.xml

When starting a domain via libvirt the XML configuration has
hypervisor-specific stuff in it. Some of this is easy to change like:

obviously becomes

and

/usr/libexec/qemu-kvm

should probably be

/some/other/path/qemu-dm

Some is a bit more invasive (to the VM) such as the virtual hardware type
should be switched from "virtio" to "xen" (and the block device in Linux will
change from /dev/vd* to /dev/xvd*) and we'll have to either implement or work
around the lack of

...

-- I presume this is a control channel into the system VM. Perhaps we could
implement this in libvirt/libxl using vchan?

3. system VMs?

It would be very convenient if the system VM images could work on both xen and
KVM. This is probably doable as long as we don't bake in virtual hardware
specific information (such as /dev/vda) in the image. We could use the qcow2
format in both cases. What do you think?

… and I’m sure there’s more.

Anyway, feedback would be welcome. If anyone else in Denver wants to chat, then
come grab me later!

Cheers,
Dave Scott

[1]
http://mail-archives.apache.org/mod_mbox/cloudstack-users/201403.mbox/%3ccajgxtbnbmqtq81ralgh2kma7v5wjyzkr3xnyasmkc_br+uk...@mail.gmail.com%3e

[2] https://github.com/jamesbulpin/cloudstack/commits/jamesb_xen_exploratory

Re: Review Request 19578: CLOUDSTACK-6253: Optimizing VR alerts getting algorithm


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19578/#review39880
---


Commit 68c80e28c09a9459e3cf1c79f45718fb3b3678c7 in cloudstack's branch 
refs/heads/4.4 from Harikrishna Patnala
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=68c80e2 ]

CLOUDSTACK-6253: Optimizing VR alerts getting algorithm In addition to this a 
new configuration parameter is added router.alerts.check.interval defaulted to 
30minutes to check for alerts in Virtual Router


- ASF Subversion and Git Services


On April 9, 2014, 12:28 p.m., Harikrishna Patnala wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19578/
> ---
> 
> (Updated April 9, 2014, 12:28 p.m.)
> 
> 
> Review request for cloudstack, Jayapal Reddy, Murali Reddy, and Sheng Yang.
> 
> 
> Bugs: CLOUDSTACK-6253
> https://issues.apache.org/jira/browse/CLOUDSTACK-6253
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> CLOUDSTACK-6253: Optimizing VR alerts getting algorithm 
> In addition to this a new configuration parameter is added 
> router.alerts.check.interval defaulted to 30minutes to check for alerts in 
> Virtual Router
> 
> 
> Diffs
> -
> 
>   core/src/com/cloud/agent/api/GetRouterAlertsAnswer.java 06a7a7a 
>   
> core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java 
> df4ed2c 
>   engine/schema/src/com/cloud/vm/dao/DomainRouterDao.java e3f75fa 
>   engine/schema/src/com/cloud/vm/dao/DomainRouterDaoImpl.java 6b62f56 
>   
> plugins/hypervisors/simulator/src/com/cloud/agent/manager/SimulatorManagerImpl.java
>  23979c0 
>   server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java 
> e3597ac 
>   server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java 
> 0899f42 
>   systemvm/patches/debian/config/opt/cloud/bin/getRouterAlerts.sh e5e8abe 
>   test/integration/component/test_VirtualRouter_alerts.py PRE-CREATION 
>   test/integration/smoke/test_VirtualRouter_alerts.py caa9fc5 
> 
> Diff: https://reviews.apache.org/r/19578/diff/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Harikrishna Patnala
> 
>

Re: Review Request 19578: CLOUDSTACK-6253: Optimizing VR alerts getting algorithm


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19578/#review39881
---


Commit ecc71518a9a9fe1d7078a90dcbb4bbcc9bc2ca61 in cloudstack's branch 
refs/heads/master from Harikrishna Patnala
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=ecc7151 ]

CLOUDSTACK-6253: Optimizing VR alerts getting algorithm In addition to this a 
new configuration parameter is added router.alerts.check.interval defaulted to 
30minutes to check for alerts in Virtual Router


- ASF Subversion and Git Services


On April 9, 2014, 12:28 p.m., Harikrishna Patnala wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19578/
> ---
> 
> (Updated April 9, 2014, 12:28 p.m.)
> 
> 
> Review request for cloudstack, Jayapal Reddy, Murali Reddy, and Sheng Yang.
> 
> 
> Bugs: CLOUDSTACK-6253
> https://issues.apache.org/jira/browse/CLOUDSTACK-6253
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> CLOUDSTACK-6253: Optimizing VR alerts getting algorithm 
> In addition to this a new configuration parameter is added 
> router.alerts.check.interval defaulted to 30minutes to check for alerts in 
> Virtual Router
> 
> 
> Diffs
> -
> 
>   core/src/com/cloud/agent/api/GetRouterAlertsAnswer.java 06a7a7a 
>   
> core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java 
> df4ed2c 
>   engine/schema/src/com/cloud/vm/dao/DomainRouterDao.java e3f75fa 
>   engine/schema/src/com/cloud/vm/dao/DomainRouterDaoImpl.java 6b62f56 
>   
> plugins/hypervisors/simulator/src/com/cloud/agent/manager/SimulatorManagerImpl.java
>  23979c0 
>   server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java 
> e3597ac 
>   server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java 
> 0899f42 
>   systemvm/patches/debian/config/opt/cloud/bin/getRouterAlerts.sh e5e8abe 
>   test/integration/component/test_VirtualRouter_alerts.py PRE-CREATION 
>   test/integration/smoke/test_VirtualRouter_alerts.py caa9fc5 
> 
> Diff: https://reviews.apache.org/r/19578/diff/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Harikrishna Patnala
> 
>

Re: Review Request 19578: CLOUDSTACK-6253: Optimizing VR alerts getting algorithm

2014-04-09 Thread Murali Reddy


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19578/#review39882
---

Ship it!


master ecc71518a9a9fe1d7078a90dcbb4bbcc9bc2ca61
4.4 68c80e28c09a9459e3cf1c79f45718fb3b3678c7

- Murali Reddy


On April 9, 2014, 12:28 p.m., Harikrishna Patnala wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19578/
> ---
> 
> (Updated April 9, 2014, 12:28 p.m.)
> 
> 
> Review request for cloudstack, Jayapal Reddy, Murali Reddy, and Sheng Yang.
> 
> 
> Bugs: CLOUDSTACK-6253
> https://issues.apache.org/jira/browse/CLOUDSTACK-6253
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> CLOUDSTACK-6253: Optimizing VR alerts getting algorithm 
> In addition to this a new configuration parameter is added 
> router.alerts.check.interval defaulted to 30minutes to check for alerts in 
> Virtual Router
> 
> 
> Diffs
> -
> 
>   core/src/com/cloud/agent/api/GetRouterAlertsAnswer.java 06a7a7a 
>   
> core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java 
> df4ed2c 
>   engine/schema/src/com/cloud/vm/dao/DomainRouterDao.java e3f75fa 
>   engine/schema/src/com/cloud/vm/dao/DomainRouterDaoImpl.java 6b62f56 
>   
> plugins/hypervisors/simulator/src/com/cloud/agent/manager/SimulatorManagerImpl.java
>  23979c0 
>   server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java 
> e3597ac 
>   server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java 
> 0899f42 
>   systemvm/patches/debian/config/opt/cloud/bin/getRouterAlerts.sh e5e8abe 
>   test/integration/component/test_VirtualRouter_alerts.py PRE-CREATION 
>   test/integration/smoke/test_VirtualRouter_alerts.py caa9fc5 
> 
> Diff: https://reviews.apache.org/r/19578/diff/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Harikrishna Patnala
> 
>

Build failed in Jenkins: cloudstack-4.4-maven-build-noredist #99

See 

--
Started by upstream project "cloudstack-4.4-maven-build" build number 150
originally caused by:
 Started by an SCM change
[EnvInject] - Loading node environment variables.
Building remotely on rpmbuilder in workspace 

java.io.IOException: Failed to mkdirs: 

at hudson.FilePath.mkdirs(FilePath.java:1069)
at hudson.model.AbstractProject.checkout(AbstractProject.java:1313)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:609)
at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:88)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:518)
at hudson.model.Run.execute(Run.java:1688)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:231)
Archiving artifacts
ERROR: Publisher hudson.tasks.ArtifactArchiver aborted due to exception
 
does not exist.
at 
org.apache.tools.ant.types.AbstractFileSet.getDirectoryScanner(AbstractFileSet.java:483)
at 
org.apache.tools.ant.types.AbstractFileSet.getDirectoryScanner(AbstractFileSet.java:460)
at 
hudson.tasks.ArtifactArchiver$ListFiles.invoke(ArtifactArchiver.java:181)
at 
hudson.tasks.ArtifactArchiver$ListFiles.invoke(ArtifactArchiver.java:172)
at hudson.FilePath$FileCallableWrapper.call(FilePath.java:2462)
at hudson.remoting.UserRequest.perform(UserRequest.java:118)
at hudson.remoting.UserRequest.perform(UserRequest.java:48)
at hudson.remoting.Request$2.run(Request.java:326)
at 
hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at hudson.remoting.Engine$1$1.run(Engine.java:63)
at java.lang.Thread.run(Thread.java:744)

Build failed in Jenkins: cloudstack-4.4-maven-build #151

See 

Changes:

[muralimmreddy] CLOUDSTACK-6253: Optimizing VR alerts getting algorithm In 
addition to this a new configuration parameter is added 
router.alerts.check.interval defaulted to 30minutes to check for alerts in 
Virtual Router

[sanjay.tripathi] CLOUDSTACK-6366: add vgpuTypes details  in vgpu_types table.

--
[...truncated 1000 lines...]
[INFO] Apache CloudStack Framework - QuickCloud .. SKIPPED
[INFO] 
[INFO] BUILD FAILURE
[INFO] 
[INFO] Total time: 2:34.295s
[INFO] Finished at: Wed Apr 09 08:45:02 EDT 2014
[INFO] Final Memory: 42M/173M
[INFO] 
[ERROR] Failed to execute goal 
org.apache.maven.plugins:maven-compiler-plugin:2.5.1:compile (default-compile) 
on project cloud-api: Compilation failure: Compilation failure:
[ERROR] 
:[17,7]
 error: duplicate class: VgpuTypesInfo
[ERROR] 
:[21,26]
 error: cannot access VgpuTypesInfo
[ERROR] bad source file: 

[ERROR] file does not contain class com.cloud.agent.api.VgpuTypesInfo
[ERROR] Please remove or make sure it appears in the correct subdirectory of 
the sourcepath.
[ERROR] 
:[29,11]
 error: cannot find symbol
[ERROR] symbol:   method description()
[ERROR] location: @interface Param
[ERROR] 
:[33,11]
 error: cannot find symbol
[ERROR] symbol:   method description()
[ERROR] location: @interface Param
[ERROR] 
:[37,11]
 error: cannot find symbol
[ERROR] symbol:   method description()
[ERROR] location: @interface Param
[ERROR] 
:[53,11]
 error: cannot find symbol
[ERROR] symbol:   method description()
[ERROR] location: @interface Param
[ERROR] 
:[57,11]
 error: cannot find symbol
[ERROR] symbol:   method description()
[ERROR] location: @interface Param
[ERROR] 
:[55,9]
 error: cannot find symbol
[ERROR] symbol:   method accessType()
[ERROR] location: @interface ACL
[ERROR] 
:[55,32]
 error: attribute value must be constant
[ERROR] 
:[53,9]
 error: cannot find symbol
[ERROR] symbol:   method accessType()
[ERROR] location: @interface ACL
[ERROR] 
:[53,32]
 error: attribute value must be constant
[ERROR] 
:[56,9]
 error: cannot find symbol
[ERROR] symbol:   method accessType()
[ERROR] location: @interface ACL
[ERROR] 
:[56,32]
 error: attribute value must be constant
[ERROR] 
:[58,9]
 error: cannot find symbol
[ERROR] symbol:   method accessType()
[ERROR] location: @interface ACL
[ERROR] 
:[58,32]
 error: attribute value must be constant
[ERROR] 
:[50,9]
 error: cannot find symbol
[ERROR] symbol:   method accessType()
[ERROR] location: @interface ACL
[ERROR]

Build failed in Jenkins: build-master-noredist #2586

See 

Changes:

[muralimmreddy] CLOUDSTACK-6253: Optimizing VR alerts getting algorithm In 
addition to this a new configuration parameter is added 
router.alerts.check.interval defaulted to 30minutes to check for alerts in 
Virtual Router

[sanjay.tripathi] CLOUDSTACK-6366: add vgpuTypes details  in vgpu_types table.

--
[...truncated 767 lines...]
Tests run: 15, Failures: 0, Errors: 0, Skipped: 2

[INFO] 
[INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ cloud-framework-db ---
[INFO] Building jar: 

[INFO] 
[INFO] --- maven-site-plugin:3.3:attach-descriptor (attach-descriptor) @ 
cloud-framework-db ---
[INFO] 
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ 
cloud-framework-db ---
[INFO] Installing 

 to 
/jenkins/.m2/repository/org/apache/cloudstack/cloud-framework-db/4.5.0-SNAPSHOT/cloud-framework-db-4.5.0-SNAPSHOT.jar
[INFO] Installing 

 to 
/jenkins/.m2/repository/org/apache/cloudstack/cloud-framework-db/4.5.0-SNAPSHOT/cloud-framework-db-4.5.0-SNAPSHOT.pom
[INFO] 
[INFO] 
[INFO] Building Apache CloudStack Framework - Configuration 4.5.0-SNAPSHOT
[INFO] 
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ 
cloud-framework-config ---
[INFO] Deleting 

 (includes = [**/*], excludes = [])
[INFO] Deleting 
 
(includes = [target, dist], excludes = [])
[INFO] 
[INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ 
cloud-framework-config ---
[INFO] Starting audit...
Audit done.

[INFO] 
[INFO] --- maven-remote-resources-plugin:1.3:process (default) @ 
cloud-framework-config ---
[INFO] 
[INFO] --- maven-resources-plugin:2.5:resources (default-resources) @ 
cloud-framework-config ---
[debug] execute contextualize
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 2 resources
[INFO] Copying 3 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.5.1:compile (default-compile) @ 
cloud-framework-config ---
[INFO] Compiling 10 source files to 

[INFO] 
[INFO] --- maven-resources-plugin:2.5:testResources (default-testResources) @ 
cloud-framework-config ---
[debug] execute contextualize
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory 

[INFO] Copying 3 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.5.1:testCompile (default-testCompile) @ 
cloud-framework-config ---
[INFO] Compiling 1 source file to 

[INFO] 
[INFO] --- maven-surefire-plugin:2.12:test (default-test) @ 
cloud-framework-config ---
[INFO] Surefire report directory: 


---
 T E S T S
---
Running org.apache.cloudstack.framework.config.impl.ConfigDepotAdminTest
log4j:WARN No appenders could be found for logger 
(org.apache.cloudstack.framework.config.impl.ConfigDepotImpl).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more 
info.
Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.42 sec

Results :

Tests run: 1, Failures: 0, Errors: 0, Skipped: 0

[INFO] 
[INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ cloud-framework-config ---
[INFO] Building jar: 

[INFO] 
[INFO] --- maven-site-plugin:3.3:attach-descriptor (attach-descriptor) @ 
cloud-framework-config ---
[INFO] 
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ 
cloud-framework-config ---
[INFO] Installing 

 to 
/jenkins/.m2/repository/org/apache/cloudstack/cloud-framework-config/4.5.0-SNAPSHOT/cloud-framework-config-4.5.0-SNAPSHO

Build failed in Jenkins: build-master #600

See 

Changes:

[sanjay.tripathi] CLOUDSTACK-6366: add vgpuTypes details  in vgpu_types table.

--
[...truncated 614 lines...]
[INFO] 
[INFO] --- maven-compiler-plugin:2.5.1:testCompile (default-testCompile) @ 
cloud-framework-db ---
[INFO] Compiling 15 source files to 

[INFO] 
[INFO] --- maven-surefire-plugin:2.12:test (default-test) @ cloud-framework-db 
---
[INFO] Surefire report directory: 


---
 T E S T S
---
Running com.cloud.utils.DbUtilTest
Failed to find db.properties
log4j:WARN No appenders could be found for logger 
(com.cloud.utils.db.DbProperties).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more 
info.
Tests run: 15, Failures: 0, Errors: 0, Skipped: 2, Time elapsed: 0.702 sec

Results :

Tests run: 15, Failures: 0, Errors: 0, Skipped: 2

[INFO] 
[INFO] 
[INFO] Building Apache CloudStack Framework - Configuration 4.5.0-SNAPSHOT
[INFO] 
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ 
cloud-framework-config ---
[INFO] Deleting 
 
(includes = [**/*], excludes = [])
[INFO] Deleting 
 (includes 
= [target, dist], excludes = [])
[INFO] 
[INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ 
cloud-framework-config ---
[INFO] Starting audit...
Audit done.

[INFO] 
[INFO] --- maven-remote-resources-plugin:1.3:process (default) @ 
cloud-framework-config ---
[INFO] 
[INFO] --- maven-resources-plugin:2.5:resources (default-resources) @ 
cloud-framework-config ---
[debug] execute contextualize
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 2 resources
[INFO] Copying 3 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.5.1:compile (default-compile) @ 
cloud-framework-config ---
[INFO] Compiling 10 source files to 

[INFO] 
[INFO] --- maven-resources-plugin:2.5:testResources (default-testResources) @ 
cloud-framework-config ---
[debug] execute contextualize
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory 

[INFO] Copying 3 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.5.1:testCompile (default-testCompile) @ 
cloud-framework-config ---
[INFO] Compiling 1 source file to 

[INFO] 
[INFO] --- maven-surefire-plugin:2.12:test (default-test) @ 
cloud-framework-config ---
[INFO] Surefire report directory: 


---
 T E S T S
---
Running org.apache.cloudstack.framework.config.impl.ConfigDepotAdminTest
log4j:WARN No appenders could be found for logger 
(org.apache.cloudstack.framework.config.impl.ConfigDepotImpl).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more 
info.
Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.443 sec

Results :

Tests run: 1, Failures: 0, Errors: 0, Skipped: 0

[INFO] 
[INFO] 
[INFO] Building Apache CloudStack API 4.5.0-SNAPSHOT
[INFO] 
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ cloud-api ---
[INFO] Deleting  
(includes = [**/*], excludes = [])
[INFO] Deleting  
(includes = [target, dist], excludes = [])
[INFO] 
[INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ 
cloud-api ---
[INFO] Starting audit...
Audit done.

[INFO] 
[INFO] --- maven-remote-resources-plugin:1.3:process (default) @ cloud-api ---
[INFO] 
[INFO] --- maven-resources-plugin:2.5:resources (default-resources) @ cloud-api 
---
[debug] execute contextualize
[INFO] Using 'UTF-8' enco

Re: tiny Linux build scripts

2014-04-09 Thread chris snow

Thanks Rohit!

Edison - do you have any documentation on how the vhd was created for ttylinux?

On Wed, Apr 9, 2014 at 1:05 PM, Rohit Yadav  wrote:
> Chris, you explore http://ttylinux.net or ask Edison since he had
> originally added ttylinux to the original DevCloud.
>
> Hope this helps.
>
>
> On Wed, Apr 9, 2014 at 2:44 AM, Sebastien Goasguen  wrote:
>
>> Chris, let me cc Rohit.
>>
>> On Apr 6, 2014, at 2:48 PM, chris snow  wrote:
>>
>> > Ah, tiny Linux looks like it is downloaded by devcloud from
>> > http://people.apache.org/~bhaisaab/vms/ttylinux_pv.vhd
>> >
>> > If anyone has any scripts/instructions for building ttylinux - that
>> > would be appreciated!
>> >
>> >
>> > On Sun, Apr 6, 2014 at 7:30 PM, chris snow  wrote:
>> >> Where can I find the build scripts for the "tiny Linux" template?
>> >>
>> >> Is the 'builtin' appliance ( /tools/appliance/definitions/builtin)
>> "tiny Linux"?
>> >>
>> >> Many thanks,
>> >>
>> >> Chris
>> >
>> >
>> >
>> > --
>> > Check out my professional profile and connect with me on LinkedIn.
>> > http://lnkd.in/cw5k69
>>
>>



-- 
Check out my professional profile and connect with me on LinkedIn.
http://lnkd.in/cw5k69

RE: [Announce] New Committer: Lucian Paul (Nux)


On 09.04.2014 01:58, Paul Angus wrote:

Congratulations Nux!


Thanks everyone :)

Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

Build failed in Jenkins: build-master-slowbuild #561

See 

Changes:

[muralimmreddy] CLOUDSTACK-6365: support virtual host and ssl in rabbitMQ event 
bus

[muralimmreddy] CLOUDSTACK-6253: Optimizing VR alerts getting algorithm In 
addition to this a new configuration parameter is added 
router.alerts.check.interval defaulted to 30minutes to check for alerts in 
Virtual Router

[sanjay.tripathi] CLOUDSTACK-6366: add vgpuTypes details  in vgpu_types table.

--
[...truncated 1839 lines...]
[INFO] Fork Value is true
 [java] Warnings generated: 1
[INFO] Done FindBugs Analysis
[INFO] 
[INFO] <<< findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @ 
cloud-framework-config <<<
[INFO] 
[INFO] --- findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @ 
cloud-framework-config ---
[INFO] BugInstance size is 1
[INFO] Error size is 0
[INFO] Total bugs: 1
[INFO] org.apache.cloudstack.framework.config.ConfigKey.equals(Object) checks 
for operand being a String ["org.apache.cloudstack.framework.config.ConfigKey"] 
At ConfigKey.java:[lines 40-183]
[INFO] 
[INFO] --- cobertura-maven-plugin:2.6:instrument (default-cli) @ 
cloud-framework-config ---
[INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT file

[ERROR] Apr 09, 2014 3:09:03 PM 
net.sourceforge.cobertura.coveragedata.CoverageDataFileHandler saveCoverageData
INFO: Cobertura: Saved information on 11 classes.

[INFO] Instrumentation was successful.
[INFO] NOT adding cobertura ser file to attached artifacts list.
[INFO] 
[INFO] --- maven-resources-plugin:2.5:testResources (default-testResources) @ 
cloud-framework-config ---
[debug] execute contextualize
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory 

[INFO] Copying 3 resources
[INFO] Copying 3 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.5.1:testCompile (default-testCompile) @ 
cloud-framework-config ---
[INFO] Nothing to compile - all classes are up to date
[INFO] 
[INFO] --- maven-surefire-plugin:2.12:test (default-test) @ 
cloud-framework-config ---
[INFO] Surefire report directory: 


---
 T E S T S
---
Running org.apache.cloudstack.framework.config.impl.ConfigDepotAdminTest
Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.467 sec

Results :

Tests run: 1, Failures: 0, Errors: 0, Skipped: 0

[INFO] 
[INFO] <<< cobertura-maven-plugin:2.6:cobertura (default-cli) @ 
cloud-framework-config <<<
[INFO] 
[INFO] --- cobertura-maven-plugin:2.6:cobertura (default-cli) @ 
cloud-framework-config ---
[INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT file
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/config/Configuration.java.  Ensure this class was 
instrumented, and this data file contains the instrumentation information.
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/framework/config/ConfigDepot.java.  Ensure this class was 
instrumented, and this data file contains the instrumentation information.
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/framework/config/ConfigDepotAdmin.java.  Ensure this 
class was instrumented, and this data file contains the instrumentation 
information.
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/framework/config/Configurable.java.  Ensure this class 
was instrumented, and this data file contains the instrumentation information.
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/framework/config/ScopedConfigStorage.java.  Ensure this 
class was instrumented, and this data file contains the instrumentation 
information.
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/framework/config/dao/ConfigurationDao.java.  Ensure this 
class was instrumented, and this data file contains the instrumentation 
information.
Report time: 358ms

[ERROR] Apr 09, 2014 3:09:05 PM 
net.sourceforge.cobertura.coveragedata.CoverageDataFileHandler loadCoverageData
INFO: Cobertura: Loaded information on 11 class

Review Request 20154: Fix: ParamGenericValidationWorker shouldn't be case sensitive

2014-04-09 Thread Antonio Fornie


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/20154/
---

Review request for cloudstack, Alena Prokharchyk and Hugo Trippaers.


Repository: cloudstack-git


Description
---

Fix: ParamGenericValidationWorker shouldn't be case sensitive


Diffs
-

  server/src/com/cloud/api/dispatch/ParamGenericValidationWorker.java 7a73b8a 
  server/test/com/cloud/api/dispatch/ParamGenericValidationWorkerTest.java 
8f9709c 

Diff: https://reviews.apache.org/r/20154/diff/


Testing
---

Maven build, normal execution of the case and Unit Test


Thanks,

Antonio Fornie

Re: Review Request 16688: console-proxy add support of AltGr key and FR azerty keyboard

2014-04-09 Thread daan Hoogland


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/16688/#review39885
---


Axel,

4.2 will not be worked on anymore. You can create a patched version for 
yourself if you need to. Next release will be either 4.3.1, 4.4.0 or 5.0.0

Also please submit a seperate review request for another branch if you need to 
have a patch ported.

- daan Hoogland


On April 3, 2014, 4:51 p.m., Axel Delahaye wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/16688/
> ---
> 
> (Updated April 3, 2014, 4:51 p.m.)
> 
> 
> Review request for cloudstack.
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> Firstly, I add a match condition 'altgr' for "Conditional mapping entry" in 
> ajaxviwer.js.
> altgr : , -- match on altgr state
> 
> It works like the shift match condition.
> shift : , -- match on shift state
> 
> Browser can't detect difference between AltGr and Ctrl+Alt pressed at the 
> same time.
> So when the modifier is 896, (Alt(512) + Ctrl(384)) I assume it is the AltGr 
> key and 'altgr' condition will be true.
> 
> In the ajaxkey.js file you got for example:
> {type: KEY_DOWN, code: 0x32, modifiers: 0, altgr: true}
> to send the spécified key to vnc if user pressed the AltGr (or Ctrl+Alt) key
> 
> Secondly,
> I wrote the French AZERTY translation table in ajaxkeys.js with the support 
> of AltGr character (like #{}[]|,etc.)
> 
> For example the '#':
> 
> {keycode: 51, entry: [ //User type the "3# key and each condition 
> match 'altgr'
> {type: KEY_DOWN, code: 0xffea, modifiers: 0, altgr: true}, //press the VNC 
> AltGR key
> {type: KEY_DOWN, code: 0x33, modifiers: 0, altgr: true},   //press the 3 key
> {type: KEY_UP, code: 0x33, modifiers: 0, altgr: true}, //release it
> {type: KEY_UP, code: 0xffea, modifiers: 0, altgr: true}//release the 
> AltGr key
> ]},
> 
> I replace the Standard (US) keyboard translation table because I can't add an 
> entry in the console proxy keyboard menu.
> 
> Thanks for watching my work
> 
> Axel Delahaye
> 
> 
> Diffs
> -
> 
>   services/console-proxy/server/js/ajaxkeys.js abe6f13 
> 
> Diff: https://reviews.apache.org/r/16688/diff/
> 
> 
> Testing
> ---
> 
> Tested with
> Hardware : French AZERTY keyboard
> Software : Configured in windows as FR keyboard
> Console-proxy : Customized Standard (US) keyboard
> Guest : CentOS 6.5 , Debian 7 and FreeBSD 8
> Guest keymap : fr, fr-pc
> 
> Only the "<" ">" key doesn't work
> 
> 
> Thanks,
> 
> Axel Delahaye
> 
>

Re: Review Request 16688: console-proxy add support of AltGr key and FR azerty keyboard

2014-04-09 Thread Axel Delahaye



> On April 9, 2014, 1:54 p.m., daan Hoogland wrote:
> > Axel,
> > 
> > 4.2 will not be worked on anymore. You can create a patched version for 
> > yourself if you need to. Next release will be either 4.3.1, 4.4.0 or 5.0.0
> > 
> > Also please submit a seperate review request for another branch if you need 
> > to have a patch ported.

Done : https://reviews.apache.org/r/20078/

Thank you for feedback


- Axel


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/16688/#review39885
---


On April 3, 2014, 4:51 p.m., Axel Delahaye wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/16688/
> ---
> 
> (Updated April 3, 2014, 4:51 p.m.)
> 
> 
> Review request for cloudstack.
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> Firstly, I add a match condition 'altgr' for "Conditional mapping entry" in 
> ajaxviwer.js.
> altgr : , -- match on altgr state
> 
> It works like the shift match condition.
> shift : , -- match on shift state
> 
> Browser can't detect difference between AltGr and Ctrl+Alt pressed at the 
> same time.
> So when the modifier is 896, (Alt(512) + Ctrl(384)) I assume it is the AltGr 
> key and 'altgr' condition will be true.
> 
> In the ajaxkey.js file you got for example:
> {type: KEY_DOWN, code: 0x32, modifiers: 0, altgr: true}
> to send the spécified key to vnc if user pressed the AltGr (or Ctrl+Alt) key
> 
> Secondly,
> I wrote the French AZERTY translation table in ajaxkeys.js with the support 
> of AltGr character (like #{}[]|,etc.)
> 
> For example the '#':
> 
> {keycode: 51, entry: [ //User type the "3# key and each condition 
> match 'altgr'
> {type: KEY_DOWN, code: 0xffea, modifiers: 0, altgr: true}, //press the VNC 
> AltGR key
> {type: KEY_DOWN, code: 0x33, modifiers: 0, altgr: true},   //press the 3 key
> {type: KEY_UP, code: 0x33, modifiers: 0, altgr: true}, //release it
> {type: KEY_UP, code: 0xffea, modifiers: 0, altgr: true}//release the 
> AltGr key
> ]},
> 
> I replace the Standard (US) keyboard translation table because I can't add an 
> entry in the console proxy keyboard menu.
> 
> Thanks for watching my work
> 
> Axel Delahaye
> 
> 
> Diffs
> -
> 
>   services/console-proxy/server/js/ajaxkeys.js abe6f13 
> 
> Diff: https://reviews.apache.org/r/16688/diff/
> 
> 
> Testing
> ---
> 
> Tested with
> Hardware : French AZERTY keyboard
> Software : Configured in windows as FR keyboard
> Console-proxy : Customized Standard (US) keyboard
> Guest : CentOS 6.5 , Debian 7 and FreeBSD 8
> Guest keymap : fr, fr-pc
> 
> Only the "<" ">" key doesn't work
> 
> 
> Thanks,
> 
> Axel Delahaye
> 
>

Re: Review Request 19875: Fixed few issues for CLOUDSTACK-5674, CLOUDSTACK-6316


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19875/#review39889
---


Commit b83407fca3b1c60c7c8abffe1a20ed1f43605adf in cloudstack's branch 
refs/heads/marvin from SrikanteswaraRao Talluri
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=b83407f ]

CLOUDSTACK-6316: Fixed component and smoke test failures-second pass


- ASF Subversion and Git Services


On April 1, 2014, 6:05 p.m., Santhosh Edukulla wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19875/
> ---
> 
> (Updated April 1, 2014, 6:05 p.m.)
> 
> 
> Review request for cloudstack and SrikanteswaraRao Talluri.
> 
> 
> Bugs: CLOUDSTACK-5674 and CLOUDSTACK-6316
> https://issues.apache.org/jira/browse/CLOUDSTACK-5674
> https://issues.apache.org/jira/browse/CLOUDSTACK-6316
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> While running tests, there were few issues observed. 
> Fixed those issues mentioned for CLOUDSTACK-5674,CLOUDSTACK-6316
> 
> 
> Diffs
> -
> 
>   test/integration/smoke/test_deploy_vm_with_userdata.py c1410fb 
>   test/integration/smoke/test_iso.py b3c3181 
>   test/integration/smoke/test_public_ip_range.py 50b0c9b 
>   test/integration/smoke/test_templates.py b25359b 
>   test/integration/smoke/test_vm_snapshots.py 4317d4d 
>   tools/marvin/marvin/lib/base.py a2f9a8b 
>   tools/marvin/marvin/lib/common.py 71fc274 
> 
> Diff: https://reviews.apache.org/r/19875/diff/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Santhosh Edukulla
> 
>

Re: Review Request 20150: Marvin: minor fix to exception handling in cloudstackConnection.py


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/20150/
---

(Updated April 9, 2014, 2:29 p.m.)


Review request for cloudstack.


Changes
---

Modified exception string as per review request


Repository: cloudstack-git


Description
---

Minor fix to the exception handling - string conversion on generic error thrown


Diffs (updated)
-

  tools/marvin/marvin/cloudstackConnection.py fb03e3b 
  tools/marvin/marvin/cloudstackConnection.py fb03e3b 

Diff: https://reviews.apache.org/r/20150/diff/


Testing
---


Thanks,

Chris Harding

Jenkins build is back to normal : build-systemvm64-4.2 #227

See

Re: Review Request 19875: Fixed few issues for CLOUDSTACK-5674, CLOUDSTACK-6316


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19875/#review39893
---


Commit 8df1c71b6d1869ad6d7f90c3074009c2a666034a in cloudstack's branch 
refs/heads/marvin from Girish Shilamkar
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=8df1c71 ]

CLOUDSTACK-5674: Fix issues with BVT


- ASF Subversion and Git Services


On April 1, 2014, 6:05 p.m., Santhosh Edukulla wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19875/
> ---
> 
> (Updated April 1, 2014, 6:05 p.m.)
> 
> 
> Review request for cloudstack and SrikanteswaraRao Talluri.
> 
> 
> Bugs: CLOUDSTACK-5674 and CLOUDSTACK-6316
> https://issues.apache.org/jira/browse/CLOUDSTACK-5674
> https://issues.apache.org/jira/browse/CLOUDSTACK-6316
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> While running tests, there were few issues observed. 
> Fixed those issues mentioned for CLOUDSTACK-5674,CLOUDSTACK-6316
> 
> 
> Diffs
> -
> 
>   test/integration/smoke/test_deploy_vm_with_userdata.py c1410fb 
>   test/integration/smoke/test_iso.py b3c3181 
>   test/integration/smoke/test_public_ip_range.py 50b0c9b 
>   test/integration/smoke/test_templates.py b25359b 
>   test/integration/smoke/test_vm_snapshots.py 4317d4d 
>   tools/marvin/marvin/lib/base.py a2f9a8b 
>   tools/marvin/marvin/lib/common.py 71fc274 
> 
> Diff: https://reviews.apache.org/r/19875/diff/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Santhosh Edukulla
> 
>

Review Request 20158: Marvin: Fix local referenced before definition in exception handling


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/20158/
---

Review request for cloudstack.


Repository: cloudstack-git


Description
---

The exception handling references a local which was undefined


Diffs
-

  tools/marvin/marvin/cloudstackConnection.py fb03e3b 

Diff: https://reviews.apache.org/r/20158/diff/


Testing
---


Thanks,

Chris Harding

Build failed in Jenkins: build-master-slowbuild #562

See 

--
[...truncated 1839 lines...]
[INFO] Fork Value is true
 [java] Warnings generated: 1
[INFO] Done FindBugs Analysis
[INFO] 
[INFO] <<< findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @ 
cloud-framework-config <<<
[INFO] 
[INFO] --- findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @ 
cloud-framework-config ---
[INFO] BugInstance size is 1
[INFO] Error size is 0
[INFO] Total bugs: 1
[INFO] org.apache.cloudstack.framework.config.ConfigKey.equals(Object) checks 
for operand being a String ["org.apache.cloudstack.framework.config.ConfigKey"] 
At ConfigKey.java:[lines 40-183]
[INFO] 
[INFO] --- cobertura-maven-plugin:2.6:instrument (default-cli) @ 
cloud-framework-config ---
[INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT file

[ERROR] Apr 09, 2014 6:09:22 PM 
net.sourceforge.cobertura.coveragedata.CoverageDataFileHandler saveCoverageData
INFO: Cobertura: Saved information on 11 classes.

[INFO] Instrumentation was successful.
[INFO] NOT adding cobertura ser file to attached artifacts list.
[INFO] 
[INFO] --- maven-resources-plugin:2.5:testResources (default-testResources) @ 
cloud-framework-config ---
[debug] execute contextualize
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory 

[INFO] Copying 3 resources
[INFO] Copying 3 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.5.1:testCompile (default-testCompile) @ 
cloud-framework-config ---
[INFO] Nothing to compile - all classes are up to date
[INFO] 
[INFO] --- maven-surefire-plugin:2.12:test (default-test) @ 
cloud-framework-config ---
[INFO] Surefire report directory: 


---
 T E S T S
---
Running org.apache.cloudstack.framework.config.impl.ConfigDepotAdminTest
Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.461 sec

Results :

Tests run: 1, Failures: 0, Errors: 0, Skipped: 0

[INFO] 
[INFO] <<< cobertura-maven-plugin:2.6:cobertura (default-cli) @ 
cloud-framework-config <<<
[INFO] 
[INFO] --- cobertura-maven-plugin:2.6:cobertura (default-cli) @ 
cloud-framework-config ---
[INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT file
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/config/Configuration.java.  Ensure this class was 
instrumented, and this data file contains the instrumentation information.
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/framework/config/ConfigDepot.java.  Ensure this class was 
instrumented, and this data file contains the instrumentation information.
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/framework/config/ConfigDepotAdmin.java.  Ensure this 
class was instrumented, and this data file contains the instrumentation 
information.
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/framework/config/Configurable.java.  Ensure this class 
was instrumented, and this data file contains the instrumentation information.
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/framework/config/ScopedConfigStorage.java.  Ensure this 
class was instrumented, and this data file contains the instrumentation 
information.
[cobertura] INFO  [main] net.sourceforge.cobertura.reporting.html.HTMLReport - 
Data file does not contain instrumentation information for the file 
org/apache/cloudstack/framework/config/dao/ConfigurationDao.java.  Ensure this 
class was instrumented, and this data file contains the instrumentation 
information.
Report time: 391ms

[ERROR] Apr 09, 2014 6:09:24 PM 
net.sourceforge.cobertura.coveragedata.CoverageDataFileHandler loadCoverageData
INFO: Cobertura: Loaded information on 11 classes.

[INFO] Cobertura Report generation was successful.
[INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT file
Report time: 307ms

[ERROR] Apr 09, 2014 6:09:25 PM 
net.sourceforge.cobertura.coveragedata.CoverageDataFileHandler loadCoverageData
INFO: Cobertura: Loaded information on 11 classes.

[INFO] Cobertura Report generation was successful.
[INFO]

RE: OpenSSL vunerability (bleedheart)

2014-04-09 Thread Rayees Namathponnan

Even if we get latest systemvm template from 
http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/ . , it has 
openssl 1.0.1e-2+deb7u4 ?

Is there any code change required to create system template with openssl  
1.0.1e-2+deb7u6  ?

Regards,
Rayees 

-Original Message-
From: Harikrishna Patnala [mailto:harikrishna.patn...@citrix.com] 
Sent: Wednesday, April 09, 2014 5:15 AM
To: 
Subject: Re: OpenSSL vunerability (bleedheart)

Latest System VMs have openssl 1.0.1e-2+deb7u4. We need to update openssl to 
get 1.0.1e-2+deb7u6.

It will be great if some one can update openssl to 1.0.1e-2+deb7u6 and test 
OpenSSL HeartBleed Vulnerability. Right now I could not do it from our network. 

-Harikrishna

On 09-Apr-2014, at 5:00 pm, Nux!  wrote:

> On 09.04.2014 12:04, Abhinandan Prateek wrote:
>> Latest jenkins build template have openSSL version 1.0.1e, the 
>> version that is compromised.
> 
> Guys, do not panic.
> It is my understanding that in Debian, just like in RHEL, major versions will 
> not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but they 
> will backport stuff.
> 
> After I did an "apt-get update && apt-get install openssl" I got package 
> version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok 
> according to the changelog:
> 
> "aptitude changelog openssl" says:
> 
> openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high
> 
>  * Non-maintainer upload by the Security Team.
>  * Enable checking for services that may need to be restarted
>  * Update list of services to possibly restart
> 
> -- Salvatore Bonaccorso   Tue, 08 Apr 2014 10:44:53 
> +0200
> 
> openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high
> 
>  * Non-maintainer upload by the Security Team.
>  * Add CVE-2014-0160.patch patch.
>CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
>A missing bounds check in the handling of the TLS heartbeat extension
>can be used to reveal up to 64k of memory to a connected client or
>server.
> 
> -- Salvatore Bonaccorso   Mon, 07 Apr 2014 22:26:55 
> +0200
> 
> In conclusion, if System VMs have openssl 1.0.1e-2+deb7u5 or higher, then 
> they are OK. Can anyone confirm they have 1.0.1e-2+deb7u5+ ?
> 
> Lucian
> 
> --
> Sent from the Delta quadrant using Borg technology!
> 
> Nux!
> www.nux.ro

Re: OpenSSL vunerability (bleedheart)

To my knowledge, no code change is necessary just a rebuild.  - j

Please excuse typos - sent from mobile device.

- Reply message -
From: "Rayees Namathponnan" 
To: "dev@cloudstack.apache.org" 
Subject: OpenSSL vunerability (bleedheart)
Date: Wed, Apr 9, 2014 10:13 AM

Even if we get latest systemvm template from 
http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/ . , it has 
openssl 1.0.1e-2+deb7u4 ?

Is there any code change required to create system template with openssl  
1.0.1e-2+deb7u6  ?

Regards,
Rayees

-Original Message-
From: Harikrishna Patnala [mailto:harikrishna.patn...@citrix.com]
Sent: Wednesday, April 09, 2014 5:15 AM
To: 
Subject: Re: OpenSSL vunerability (bleedheart)

Latest System VMs have openssl 1.0.1e-2+deb7u4. We need to update openssl to 
get 1.0.1e-2+deb7u6.

It will be great if some one can update openssl to 1.0.1e-2+deb7u6 and test 
OpenSSL HeartBleed Vulnerability. Right now I could not do it from our network.

-Harikrishna

On 09-Apr-2014, at 5:00 pm, Nux!  wrote:

> On 09.04.2014 12:04, Abhinandan Prateek wrote:
>> Latest jenkins build template have openSSL version 1.0.1e, the
>> version that is compromised.
>
> Guys, do not panic.
> It is my understanding that in Debian, just like in RHEL, major versions will 
> not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but they 
> will backport stuff.
>
> After I did an "apt-get update && apt-get install openssl" I got package 
> version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok 
> according to the changelog:
>
> "aptitude changelog openssl" says:
>
> openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high
>
>  * Non-maintainer upload by the Security Team.
>  * Enable checking for services that may need to be restarted
>  * Update list of services to possibly restart
>
> -- Salvatore Bonaccorso   Tue, 08 Apr 2014 10:44:53
> +0200
>
> openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high
>
>  * Non-maintainer upload by the Security Team.
>  * Add CVE-2014-0160.patch patch.
>CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
>A missing bounds check in the handling of the TLS heartbeat extension
>can be used to reveal up to 64k of memory to a connected client or
>server.
>
> -- Salvatore Bonaccorso   Mon, 07 Apr 2014 22:26:55
> +0200
>
> In conclusion, if System VMs have openssl 1.0.1e-2+deb7u5 or higher, then 
> they are OK. Can anyone confirm they have 1.0.1e-2+deb7u5+ ?
>
> Lucian
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro

Re: OpenSSL vunerability (bleedheart)

Should just pull in the latest and work, if we're talking about
building a fresh system vm.

Do we even have any services running in the system vm that require an
update?  We don't do SSL termination with haproxy for load balancers
(yet), and I don't think that the apache web stuff for
userdata/passwords is ssl, is it? From what I've seen, SSH doesn't
even use the OpenSSL libs... I'm trying to think of a service that
would be affected. We definitely want to push the latest, but I'm just
wondering what actual urgency there should be for users to update
their system vms.

On Wed, Apr 9, 2014 at 10:12 AM, Rayees Namathponnan
 wrote:
> Even if we get latest systemvm template from 
> http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/ . , it 
> has openssl 1.0.1e-2+deb7u4 ?
>
> Is there any code change required to create system template with openssl  
> 1.0.1e-2+deb7u6  ?
>
> Regards,
> Rayees
>
> -Original Message-
> From: Harikrishna Patnala [mailto:harikrishna.patn...@citrix.com]
> Sent: Wednesday, April 09, 2014 5:15 AM
> To: 
> Subject: Re: OpenSSL vunerability (bleedheart)
>
> Latest System VMs have openssl 1.0.1e-2+deb7u4. We need to update openssl to 
> get 1.0.1e-2+deb7u6.
>
> It will be great if some one can update openssl to 1.0.1e-2+deb7u6 and test 
> OpenSSL HeartBleed Vulnerability. Right now I could not do it from our 
> network.
>
> -Harikrishna
>
> On 09-Apr-2014, at 5:00 pm, Nux!  wrote:
>
>> On 09.04.2014 12:04, Abhinandan Prateek wrote:
>>> Latest jenkins build template have openSSL version 1.0.1e, the
>>> version that is compromised.
>>
>> Guys, do not panic.
>> It is my understanding that in Debian, just like in RHEL, major versions 
>> will not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but 
>> they will backport stuff.
>>
>> After I did an "apt-get update && apt-get install openssl" I got package 
>> version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok 
>> according to the changelog:
>>
>> "aptitude changelog openssl" says:
>>
>> openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high
>>
>>  * Non-maintainer upload by the Security Team.
>>  * Enable checking for services that may need to be restarted
>>  * Update list of services to possibly restart
>>
>> -- Salvatore Bonaccorso   Tue, 08 Apr 2014 10:44:53
>> +0200
>>
>> openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high
>>
>>  * Non-maintainer upload by the Security Team.
>>  * Add CVE-2014-0160.patch patch.
>>CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
>>A missing bounds check in the handling of the TLS heartbeat extension
>>can be used to reveal up to 64k of memory to a connected client or
>>server.
>>
>> -- Salvatore Bonaccorso   Mon, 07 Apr 2014 22:26:55
>> +0200
>>
>> In conclusion, if System VMs have openssl 1.0.1e-2+deb7u5 or higher, then 
>> they are OK. Can anyone confirm they have 1.0.1e-2+deb7u5+ ?
>>
>> Lucian
>>
>> --
>> Sent from the Delta quadrant using Borg technology!
>>
>> Nux!
>> www.nux.ro
>

[GitHub] cloudstack-docs-admin pull request: move ssh key gen from ui and m...

2014-04-09 Thread pdion891

GitHub user pdion891 opened a pull request:

https://github.com/apache/cloudstack-docs-admin/pull/8

move ssh key gen from ui and move it to virtual-machines



You can merge this pull request into a Git repository by running:

$ git pull https://github.com/cloudops/cloudstack-docs-admin ui

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/cloudstack-docs-admin/pull/8.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #8


commit 168c26155c01e142bc06fe49c66a6786810557bb
Author: Pierre-Luc Dion 
Date:   2014-04-09T16:28:57Z

move ssh key gen from ui and move it to virtual-machines




---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Re: OpenSSL vunerability (bleedheart)


On 09.04.2014 17:21, Marcus wrote:

Should just pull in the latest and work, if we're talking about
building a fresh system vm.

Do we even have any services running in the system vm that require an
update?  We don't do SSL termination with haproxy for load balancers
(yet), and I don't think that the apache web stuff for
userdata/passwords is ssl, is it? From what I've seen, SSH doesn't
even use the OpenSSL libs... I'm trying to think of a service that
would be affected. We definitely want to push the latest, but I'm just
wondering what actual urgency there should be for users to update
their system vms.


Yes, that is actually a good point. I thought by the panic of the devs 
that there is obviously stuff running there that is exposed to the 
interwebs.

It'd be nice if there wasn't any. :)

Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

Jenkins build is back to normal : cloudstack-4.4-maven-build #152

See

Re: OpenSSL vunerability (bleedheart)

Maybe the console? I haven't used that in forever, does it do SSL?

On Wed, Apr 9, 2014 at 10:31 AM, Nux!  wrote:
> On 09.04.2014 17:21, Marcus wrote:
>>
>> Should just pull in the latest and work, if we're talking about
>> building a fresh system vm.
>>
>> Do we even have any services running in the system vm that require an
>> update?  We don't do SSL termination with haproxy for load balancers
>> (yet), and I don't think that the apache web stuff for
>> userdata/passwords is ssl, is it? From what I've seen, SSH doesn't
>> even use the OpenSSL libs... I'm trying to think of a service that
>> would be affected. We definitely want to push the latest, but I'm just
>> wondering what actual urgency there should be for users to update
>> their system vms.
>
>
> Yes, that is actually a good point. I thought by the panic of the devs that
> there is obviously stuff running there that is exposed to the interwebs.
> It'd be nice if there wasn't any. :)
>
>
> Lucian
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro

[GitHub] cloudstack-docs-admin pull request: move ssh key gen from ui and m...

2014-04-09 Thread asfgit

Github user asfgit closed the pull request at:

https://github.com/apache/cloudstack-docs-admin/pull/8


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Jenkins build is back to normal : build-master #601

See

Jenkins build is back to normal : build-master-noredist #2587

See

Re: docs-install: hyper-V installation

2014-04-09 Thread Sebastien Goasguen

Pierre-Luc and I fixed that during the hackathon:

f44f69507568664d5c719ce521d7be0dc5b26ea5



On Mar 27, 2014, at 2:04 PM, Pierre-Luc Dion  wrote:

> I was reviewing doc formating last night and I can't figure out this
> section:
> 
> http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/latest/hypervisor_installation.html#preparation-checklist-for-hyper-v
> 
> it seams to be a table  but I can't figure out what go where.
> 
> Should I fill out a bug for this ? of if someone can show me what it should
> look like I will fix it.
> 
> Thanks.
> 
> Pierre-Luc Dion
> Architecte de Solution Cloud | Cloud Solutions Architect
> 514-447-3456, 1101
> - - -
> 
> *CloudOps*420 rue Guy
> Montréal QC  H3J 1S6
> www.cloudops.com
> @CloudOps_

Re: OpenSSL vunerability (bleedheart)

2014-04-09 Thread Erik Weber

Shouldn't the parts using realhostip.com be using ssl? Atleast pre 4.3?

Erik
9. apr. 2014 18:47 skrev "Marcus"  følgende:

> Maybe the console? I haven't used that in forever, does it do SSL?
>
> On Wed, Apr 9, 2014 at 10:31 AM, Nux!  wrote:
> > On 09.04.2014 17:21, Marcus wrote:
> >>
> >> Should just pull in the latest and work, if we're talking about
> >> building a fresh system vm.
> >>
> >> Do we even have any services running in the system vm that require an
> >> update?  We don't do SSL termination with haproxy for load balancers
> >> (yet), and I don't think that the apache web stuff for
> >> userdata/passwords is ssl, is it? From what I've seen, SSH doesn't
> >> even use the OpenSSL libs... I'm trying to think of a service that
> >> would be affected. We definitely want to push the latest, but I'm just
> >> wondering what actual urgency there should be for users to update
> >> their system vms.
> >
> >
> > Yes, that is actually a good point. I thought by the panic of the devs
> that
> > there is obviously stuff running there that is exposed to the interwebs.
> > It'd be nice if there wasn't any. :)
> >
> >
> > Lucian
> >
> > --
> > Sent from the Delta quadrant using Borg technology!
> >
> > Nux!
> > www.nux.ro
>

Re: OpenSSL vunerability (bleedheart)

Folks - unfortunately there’s an error in my blog post last night. On Debian, 
you need to update both openssl and libssl, updating openssl by itself is not 
good enough. I knew this, had it in a draft but somehow that didn’t make it 
into the post. I’ll blame lack of sleep.

Blog post has been updated, and I’ve also added instructions for VMWare shops, 
thanks to Geoff Higginbottom.

I can guarantee that current ACS is vulnerable, and I can attest that with our 
config (KVM) the notes in the blog post [1] will mitigate the vulnerability.

1: https://blogs.apache.org/cloudstack/entry/how_to_mitigate_openssl_heartbleed

On Apr 9, 2014, at 5:30 AM, Nux! mailto:n...@li.nux.ro>> wrote:

On 09.04.2014 12:04, Abhinandan Prateek wrote:
Latest jenkins build template have openSSL version 1.0.1e, the version
that is compromised.

Guys, do not panic.
It is my understanding that in Debian, just like in RHEL, major versions will 
not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but they 
will backport stuff.

After I did an "apt-get update && apt-get install openssl" I got package 
version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok according 
to the changelog:

"aptitude changelog openssl" says:

openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high

 * Non-maintainer upload by the Security Team.
 * Enable checking for services that may need to be restarted
 * Update list of services to possibly restart

-- Salvatore Bonaccorso mailto:car...@debian.org>>  Tue, 08 
Apr 2014 10:44:53 +0200

openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high

 * Non-maintainer upload by the Security Team.
 * Add CVE-2014-0160.patch patch.
   CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
   A missing bounds check in the handling of the TLS heartbeat extension
   can be used to reveal up to 64k of memory to a connected client or
   server.

-- Salvatore Bonaccorso mailto:car...@debian.org>>  Mon, 07 
Apr 2014 22:26:55 +0200

In conclusion, if System VMs have openssl 1.0.1e-2+deb7u5 or higher, then they 
are OK. Can anyone confirm they have 1.0.1e-2+deb7u5+ ?

Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

Stratosec - Compliance as a Service
o: 415.315.9385
@johnlkinsella

Re: OpenSSL vunerability (bleedheart)

It might be good to add the particulars of what in the system VMs have
problems, so people know what urgency there is. For example, if the
only system vm that has an SSL service running on it is console proxy,
then an immediate mitigation is to focus on updating that (or shut it
down).  It doesn't do much good to have people go to the trouble of
updating all of their routers if the routers aren't running any
affected services. Certainly the instructions are helpful to be safe,
but if we can give people the info about the exposure then they can
decide.

On Wed, Apr 9, 2014 at 11:34 AM, John Kinsella  wrote:
> Folks - unfortunately there’s an error in my blog post last night. On Debian, 
> you need to update both openssl and libssl, updating openssl by itself is not 
> good enough. I knew this, had it in a draft but somehow that didn’t make it 
> into the post. I’ll blame lack of sleep.
>
> Blog post has been updated, and I’ve also added instructions for VMWare 
> shops, thanks to Geoff Higginbottom.
>
> I can guarantee that current ACS is vulnerable, and I can attest that with 
> our config (KVM) the notes in the blog post [1] will mitigate the 
> vulnerability.
>
> 1: 
> https://blogs.apache.org/cloudstack/entry/how_to_mitigate_openssl_heartbleed
>
> On Apr 9, 2014, at 5:30 AM, Nux! mailto:n...@li.nux.ro>> 
> wrote:
>
> On 09.04.2014 12:04, Abhinandan Prateek wrote:
> Latest jenkins build template have openSSL version 1.0.1e, the version
> that is compromised.
>
> Guys, do not panic.
> It is my understanding that in Debian, just like in RHEL, major versions will 
> not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but they 
> will backport stuff.
>
> After I did an "apt-get update && apt-get install openssl" I got package 
> version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok 
> according to the changelog:
>
> "aptitude changelog openssl" says:
>
> openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high
>
>  * Non-maintainer upload by the Security Team.
>  * Enable checking for services that may need to be restarted
>  * Update list of services to possibly restart
>
> -- Salvatore Bonaccorso mailto:car...@debian.org>>  Tue, 
> 08 Apr 2014 10:44:53 +0200
>
> openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high
>
>  * Non-maintainer upload by the Security Team.
>  * Add CVE-2014-0160.patch patch.
>CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
>A missing bounds check in the handling of the TLS heartbeat extension
>can be used to reveal up to 64k of memory to a connected client or
>server.
>
> -- Salvatore Bonaccorso mailto:car...@debian.org>>  Mon, 
> 07 Apr 2014 22:26:55 +0200
>
> In conclusion, if System VMs have openssl 1.0.1e-2+deb7u5 or higher, then 
> they are OK. Can anyone confirm they have 1.0.1e-2+deb7u5+ ?
>
> Lucian
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> Stratosec - Compliance as a Service
> o: 415.315.9385
> @johnlkinsella
>

Re: Build failed in Jenkins: build-master-slowbuild #562

2014-04-09 Thread Will Stevens

Anyone working on this in the hackathon?  :)

I am trying to get dev envs up on master for some people in the hackathon
and I currently am not able to build master because of this.


On Wed, Apr 9, 2014 at 12:09 PM,  wrote:

> See 
>
> --
> [...truncated 1839 lines...]
> [INFO] Fork Value is true
>  [java] Warnings generated: 1
> [INFO] Done FindBugs Analysis
> [INFO]
> [INFO] <<< findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @
> cloud-framework-config <<<
> [INFO]
> [INFO] --- findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @
> cloud-framework-config ---
> [INFO] BugInstance size is 1
> [INFO] Error size is 0
> [INFO] Total bugs: 1
> [INFO] org.apache.cloudstack.framework.config.ConfigKey.equals(Object)
> checks for operand being a String
> ["org.apache.cloudstack.framework.config.ConfigKey"] At
> ConfigKey.java:[lines 40-183]
> [INFO]
> [INFO] --- cobertura-maven-plugin:2.6:instrument (default-cli) @
> cloud-framework-config ---
> [INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT file
>
> [ERROR] Apr 09, 2014 6:09:22 PM
> net.sourceforge.cobertura.coveragedata.CoverageDataFileHandler
> saveCoverageData
> INFO: Cobertura: Saved information on 11 classes.
>
> [INFO] Instrumentation was successful.
> [INFO] NOT adding cobertura ser file to attached artifacts list.
> [INFO]
> [INFO] --- maven-resources-plugin:2.5:testResources
> (default-testResources) @ cloud-framework-config ---
> [debug] execute contextualize
> [INFO] Using 'UTF-8' encoding to copy filtered resources.
> [INFO] skip non existing resourceDirectory <
> http://jenkins.buildacloud.org/job/build-master-slowbuild/ws/framework/config/test/resources
> >
> [INFO] Copying 3 resources
> [INFO] Copying 3 resources
> [INFO]
> [INFO] --- maven-compiler-plugin:2.5.1:testCompile (default-testCompile) @
> cloud-framework-config ---
> [INFO] Nothing to compile - all classes are up to date
> [INFO]
> [INFO] --- maven-surefire-plugin:2.12:test (default-test) @
> cloud-framework-config ---
> [INFO] Surefire report directory: <
> http://jenkins.buildacloud.org/job/build-master-slowbuild/ws/framework/config/target/surefire-reports
> >
>
> ---
>  T E S T S
> ---
> Running org.apache.cloudstack.framework.config.impl.ConfigDepotAdminTest
> Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.461 sec
>
> Results :
>
> Tests run: 1, Failures: 0, Errors: 0, Skipped: 0
>
> [INFO]
> [INFO] <<< cobertura-maven-plugin:2.6:cobertura (default-cli) @
> cloud-framework-config <<<
> [INFO]
> [INFO] --- cobertura-maven-plugin:2.6:cobertura (default-cli) @
> cloud-framework-config ---
> [INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT file
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
> contain instrumentation information for the file
> org/apache/cloudstack/config/Configuration.java.  Ensure this class was
> instrumented, and this data file contains the instrumentation information.
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
> contain instrumentation information for the file
> org/apache/cloudstack/framework/config/ConfigDepot.java.  Ensure this class
> was instrumented, and this data file contains the instrumentation
> information.
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
> contain instrumentation information for the file
> org/apache/cloudstack/framework/config/ConfigDepotAdmin.java.  Ensure this
> class was instrumented, and this data file contains the instrumentation
> information.
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
> contain instrumentation information for the file
> org/apache/cloudstack/framework/config/Configurable.java.  Ensure this
> class was instrumented, and this data file contains the instrumentation
> information.
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
> contain instrumentation information for the file
> org/apache/cloudstack/framework/config/ScopedConfigStorage.java.  Ensure
> this class was instrumented, and this data file contains the
> instrumentation information.
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
> contain instrumentation information for the file
> org/apache/cloudstack/framework/config/dao/ConfigurationDao.java.  Ensure
> this class was instrumented, and this data file contains the
> instrumentation information.
> Report time: 391ms
>
> [ERROR] Apr 09, 2014 6:09:24 PM
> net.sourceforge.cobertura.coveragedata.CoverageDataFileHandler
> loadCoverageData
> INFO: Cobertura: Loaded information on 11 classes.
>
>

Re: Build failed in Jenkins: build-master-slowbuild #562

2014-04-09 Thread Syed Ahmed

So I just asked pierre-luc to build a simple cloudkstack without 
advanced networking. I will try to build master on that setup.


This means I cannot add the LB specific part but I could still 
something done


Thanks for your help.

Thanks,
-Syed


On Wed 09 Apr 2014 01:58:18 PM EDT, Will Stevens wrote:

Anyone working on this in the hackathon?  :)

I am trying to get dev envs up on master for some people in the hackathon
and I currently am not able to build master because of this.


On Wed, Apr 9, 2014 at 12:09 PM,  wrote:


See 

--
[...truncated 1839 lines...]
[INFO] Fork Value is true
  [java] Warnings generated: 1
[INFO] Done FindBugs Analysis
[INFO]
[INFO] <<< findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @
cloud-framework-config <<<
[INFO]
[INFO] --- findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @
cloud-framework-config ---
[INFO] BugInstance size is 1
[INFO] Error size is 0
[INFO] Total bugs: 1
[INFO] org.apache.cloudstack.framework.config.ConfigKey.equals(Object)
checks for operand being a String
["org.apache.cloudstack.framework.config.ConfigKey"] At
ConfigKey.java:[lines 40-183]
[INFO]
[INFO] --- cobertura-maven-plugin:2.6:instrument (default-cli) @
cloud-framework-config ---
[INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT file

[ERROR] Apr 09, 2014 6:09:22 PM
net.sourceforge.cobertura.coveragedata.CoverageDataFileHandler
saveCoverageData
INFO: Cobertura: Saved information on 11 classes.

[INFO] Instrumentation was successful.
[INFO] NOT adding cobertura ser file to attached artifacts list.
[INFO]
[INFO] --- maven-resources-plugin:2.5:testResources
(default-testResources) @ cloud-framework-config ---
[debug] execute contextualize
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory <
http://jenkins.buildacloud.org/job/build-master-slowbuild/ws/framework/config/test/resources



[INFO] Copying 3 resources
[INFO] Copying 3 resources
[INFO]
[INFO] --- maven-compiler-plugin:2.5.1:testCompile (default-testCompile) @
cloud-framework-config ---
[INFO] Nothing to compile - all classes are up to date
[INFO]
[INFO] --- maven-surefire-plugin:2.12:test (default-test) @
cloud-framework-config ---
[INFO] Surefire report directory: <
http://jenkins.buildacloud.org/job/build-master-slowbuild/ws/framework/config/target/surefire-reports




---
  T E S T S
---
Running org.apache.cloudstack.framework.config.impl.ConfigDepotAdminTest
Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.461 sec

Results :

Tests run: 1, Failures: 0, Errors: 0, Skipped: 0

[INFO]
[INFO] <<< cobertura-maven-plugin:2.6:cobertura (default-cli) @
cloud-framework-config <<<
[INFO]
[INFO] --- cobertura-maven-plugin:2.6:cobertura (default-cli) @
cloud-framework-config ---
[INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT file
[cobertura] INFO  [main]
net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
contain instrumentation information for the file
org/apache/cloudstack/config/Configuration.java.  Ensure this class was
instrumented, and this data file contains the instrumentation information.
[cobertura] INFO  [main]
net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
contain instrumentation information for the file
org/apache/cloudstack/framework/config/ConfigDepot.java.  Ensure this class
was instrumented, and this data file contains the instrumentation
information.
[cobertura] INFO  [main]
net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
contain instrumentation information for the file
org/apache/cloudstack/framework/config/ConfigDepotAdmin.java.  Ensure this
class was instrumented, and this data file contains the instrumentation
information.
[cobertura] INFO  [main]
net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
contain instrumentation information for the file
org/apache/cloudstack/framework/config/Configurable.java.  Ensure this
class was instrumented, and this data file contains the instrumentation
information.
[cobertura] INFO  [main]
net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
contain instrumentation information for the file
org/apache/cloudstack/framework/config/ScopedConfigStorage.java.  Ensure
this class was instrumented, and this data file contains the
instrumentation information.
[cobertura] INFO  [main]
net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
contain instrumentation information for the file
org/apache/cloudstack/framework/config/dao/ConfigurationDao.java.  Ensure
this class was instrumented, and this data file contains the
instrumentation information.
Report time: 391ms

[ERROR] Apr 09, 2014 6:09:24 PM
net.sourceforge.cobertura.coverageda

Re: OpenSSL vunerability (bleedheart)

I want to address a few things here directly (I think these are covered in the 
blog post, if not ping me)

* Current SSVM from 4.3 is not good enough.
* Yes, each SystemVM runs software that needs OpenSSL. For the curious, see 
"lsof|grep -i ssl”
* I’m not sure if the current SystemVM template on Jenkins is secure, we’re 
testing that currently and will update once confirmed.
* Assume if you see us releasing a blog post about a security issue, there’s a 
security issue (QED HTH HAND)
* Realhostip uses SSL, but not on the SystemVMs. If you’re using realhostIP, it 
doesn’t matter what version of OSSL you use, you’re still insecure. Horse: 
beaten.
* Chiradeep’s correct, 4.1 and older are not vulnerable. Post updated again.

I think that covers the questions…running around doing a few things but this is 
very high on our priority list.

(snarky comments are meant to be funny not insulting/condescending)

On Apr 9, 2014, at 10:19 AM, John Kinsella 
mailto:j...@stratosec.co>> wrote:

To my knowledge, no code change is necessary just a rebuild.  - j

Please excuse typos - sent from mobile device.

- Reply message -
From: "Rayees Namathponnan" 
mailto:rayees.namathpon...@citrix.com>>
To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Subject: OpenSSL vunerability (bleedheart)
Date: Wed, Apr 9, 2014 10:13 AM

Even if we get latest systemvm template from 
http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/ . , it has 
openssl 1.0.1e-2+deb7u4 ?

Is there any code change required to create system template with openssl  
1.0.1e-2+deb7u6  ?

Regards,
Rayees

-Original Message-
From: Harikrishna Patnala [mailto:harikrishna.patn...@citrix.com]
Sent: Wednesday, April 09, 2014 5:15 AM
To: mailto:dev@cloudstack.apache.org>>
Subject: Re: OpenSSL vunerability (bleedheart)

Latest System VMs have openssl 1.0.1e-2+deb7u4. We need to update openssl to 
get 1.0.1e-2+deb7u6.

It will be great if some one can update openssl to 1.0.1e-2+deb7u6 and test 
OpenSSL HeartBleed Vulnerability. Right now I could not do it from our network.

-Harikrishna

On 09-Apr-2014, at 5:00 pm, Nux! mailto:n...@li.nux.ro>> wrote:

On 09.04.2014 12:04, Abhinandan Prateek wrote:
Latest jenkins build template have openSSL version 1.0.1e, the
version that is compromised.

Guys, do not panic.
It is my understanding that in Debian, just like in RHEL, major versions will 
not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but they 
will backport stuff.

After I did an "apt-get update && apt-get install openssl" I got package 
version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok according 
to the changelog:

"aptitude changelog openssl" says:

openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high

* Non-maintainer upload by the Security Team.
* Enable checking for services that may need to be restarted
* Update list of services to possibly restart

-- Salvatore Bonaccorso mailto:car...@debian.org>>  Tue, 08 
Apr 2014 10:44:53
+0200

openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high

* Non-maintainer upload by the Security Team.
* Add CVE-2014-0160.patch patch.
  CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
  A missing bounds check in the handling of the TLS heartbeat extension
  can be used to reveal up to 64k of memory to a connected client or
  server.

-- Salvatore Bonaccorso mailto:car...@debian.org>>  Mon, 07 
Apr 2014 22:26:55
+0200

In conclusion, if System VMs have openssl 1.0.1e-2+deb7u5 or higher, then they 
are OK. Can anyone confirm they have 1.0.1e-2+deb7u5+ ?

Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro


Stratosec - Compliance as a Service
o: 415.315.9385
@johnlkinsella

Re: Build failed in Jenkins: build-master-slowbuild #562

2014-04-09 Thread Will Stevens

Master does not compile right now so I don't think that will help.

Ws

On Wednesday, April 9, 2014, Syed Ahmed  wrote:
> So I just asked pierre-luc to build a simple cloudkstack without advanced
networking. I will try to build master on that setup.
>
> This means I cannot add the LB specific part but I could still something
done
>
> Thanks for your help.
>
> Thanks,
> -Syed
>
>
> On Wed 09 Apr 2014 01:58:18 PM EDT, Will Stevens wrote:
>
> Anyone working on this in the hackathon?  :)
>
> I am trying to get dev envs up on master for some people in the hackathon
> and I currently am not able to build master because of this.
>
>
> On Wed, Apr 9, 2014 at 12:09 PM,  wrote:
>
> See 
>
> --
> [...truncated 1839 lines...]
> [INFO] Fork Value is true
>   [java] Warnings generated: 1
> [INFO] Done FindBugs Analysis
> [INFO]
> [INFO] <<< findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @
> cloud-framework-config <<<
> [INFO]
> [INFO] --- findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @
> cloud-framework-config ---
> [INFO] BugInstance size is 1
> [INFO] Error size is 0
> [INFO] Total bugs: 1
> [INFO] org.apache.cloudstack.framework.config.ConfigKey.equals(Object)
> checks for operand being a String
> ["org.apache.cloudstack.framework.config.ConfigKey"] At
> ConfigKey.java:[lines 40-183]
> [INFO]
> [INFO] --- cobertura-maven-plugin:2.6:instrument (default-cli) @
> cloud-framework-config ---
> [INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT
file
>
> [ERROR] Apr 09, 2014 6:09:22 PM
> net.sourceforge.cobertura.coveragedata.CoverageDataFileHandler
> saveCoverageData
> INFO: Cobertura: Saved information on 11 classes.
>
> [INFO] Instrumentation was successful.
> [INFO] NOT adding cobertura ser file to attached artifacts list.
> [INFO]
> [INFO] --- maven-resources-plugin:2.5:testResources
> (default-testResources) @ cloud-framework-config ---
> [debug] execute contextualize
> [INFO] Using 'UTF-8' encoding to copy filtered resources.
> [INFO] skip non existing resourceDirectory <
>
http://jenkins.buildacloud.org/job/build-master-slowbuild/ws/framework/config/test/resources
>
> [INFO] Copying 3 resources
> [INFO] Copying 3 resources
> [INFO]
> [INFO] --- maven-compiler-plugin:2.5.1:testCompile (default-testCompile) @
> cloud-framework-config ---
> [INFO] Nothing to compile - all classes are up to date
> [INFO]
> [INFO] --- maven-surefire-plugin:2.12:test (default-test) @
> cloud-framework-config ---
> [INFO] Surefire report directory: <
>
http://jenkins.buildacloud.org/job/build-master-slowbuild/ws/framework/config/target/surefire-reports
>
>
> ---
>   T E S T S
> ---
> Running org.apache.cloudstack.framework.config.impl.ConfigDepotAdminTest
> Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.461 sec
>
> Results :
>
> Tests run: 1, Failures: 0, Errors: 0, Skipped: 0
>
> [INFO]
> [INFO] <<< cobertura-maven-plugin:2.6:cobertura (default-cli) @
> cloud-framework-config <<<
> [INFO]
> [INFO] --- cobertura-maven-plugin:2.6:cobertura (default-cli) @
> cloud-framework-config ---
> [INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT
file
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
> contain instrumentation information for the file
> org/apache/cloudstack/config/Configuration.java.  Ensure this class was
> instrumented, and this data file contains the instrumentation information.
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
> contain instrumentation information for the file
> org/apache/cloudstack/framework/config/ConfigDepot.java.  Ensure this
class
> was instrumented, and this data file contains the instrumentation
> information.
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.re

RE: OpenSSL vunerability (bleedheart)

2014-04-09 Thread Animesh Chaturvedi

Courtesy Chiradeep


- CPVM uses JSSE so that should not be affected
- VR is not affected since it does not offer any HTTPS/TLS service. The RA VPN 
and S2S VPN use the OpenSSL lib only for crypto and not for any transport
- The only vulnerable service is the volume upload service and template copy. 
The latter is between 2 trusted IPs
- Also this should only affect SSVM template from 4.2 onwards as only wheezy is 
affected

Thanks
Animesh
> -Original Message-
> From: John Kinsella [mailto:j...@stratosec.co]
> Sent: Wednesday, April 09, 2014 11:07 AM
> To: dev@cloudstack.apache.org
> Subject: Re: OpenSSL vunerability (bleedheart)
> 
> I want to address a few things here directly (I think these are covered in the
> blog post, if not ping me)
> 
> * Current SSVM from 4.3 is not good enough.
> * Yes, each SystemVM runs software that needs OpenSSL. For the curious,
> see "lsof|grep -i ssl"
> * I'm not sure if the current SystemVM template on Jenkins is secure, we're
> testing that currently and will update once confirmed.
> * Assume if you see us releasing a blog post about a security issue, there's a
> security issue (QED HTH HAND)
> * Realhostip uses SSL, but not on the SystemVMs. If you're using realhostIP,
> it doesn't matter what version of OSSL you use, you're still insecure. Horse:
> beaten.
> * Chiradeep's correct, 4.1 and older are not vulnerable. Post updated again.
> 
> I think that covers the questions...running around doing a few things but this
> is very high on our priority list.
> 
> (snarky comments are meant to be funny not insulting/condescending)
> 
> On Apr 9, 2014, at 10:19 AM, John Kinsella
> mailto:j...@stratosec.co>> wrote:
> 
> To my knowledge, no code change is necessary just a rebuild.  - j
> 
> Please excuse typos - sent from mobile device.
> 
> - Reply message -
> From: "Rayees Namathponnan"
> mailto:rayees.namathpon...@citrix.co
> m>>
> To: "dev@cloudstack.apache.org"
> mailto:dev@cloudstack.apache.org>>
> Subject: OpenSSL vunerability (bleedheart)
> Date: Wed, Apr 9, 2014 10:13 AM
> 
> Even if we get latest systemvm template from
> http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/ . , it
> has openssl 1.0.1e-2+deb7u4 ?
> 
> Is there any code change required to create system template with openssl
> 1.0.1e-2+deb7u6  ?
> 
> Regards,
> Rayees
> 
> -Original Message-
> From: Harikrishna Patnala [mailto:harikrishna.patn...@citrix.com]
> Sent: Wednesday, April 09, 2014 5:15 AM
> To: mailto:dev@cloudstack.apache.org>>
> Subject: Re: OpenSSL vunerability (bleedheart)
> 
> Latest System VMs have openssl 1.0.1e-2+deb7u4. We need to update
> openssl to get 1.0.1e-2+deb7u6.
> 
> It will be great if some one can update openssl to 1.0.1e-2+deb7u6 and test
> OpenSSL HeartBleed Vulnerability. Right now I could not do it from our
> network.
> 
> -Harikrishna
> 
> On 09-Apr-2014, at 5:00 pm, Nux! mailto:n...@li.nux.ro>>
> wrote:
> 
> On 09.04.2014 12:04, Abhinandan Prateek wrote:
> Latest jenkins build template have openSSL version 1.0.1e, the version that is
> compromised.
> 
> Guys, do not panic.
> It is my understanding that in Debian, just like in RHEL, major versions will
> not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but they
> will backport stuff.
> 
> After I did an "apt-get update && apt-get install openssl" I got package
> version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok
> according to the changelog:
> 
> "aptitude changelog openssl" says:
> 
> openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high
> 
> * Non-maintainer upload by the Security Team.
> * Enable checking for services that may need to be restarted
> * Update list of services to possibly restart
> 
> -- Salvatore Bonaccorso mailto:car...@debian.org>>
> Tue, 08 Apr 2014 10:44:53
> +0200
> 
> openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high
> 
> * Non-maintainer upload by the Security Team.
> * Add CVE-2014-0160.patch patch.
>   CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
>   A missing bounds check in the handling of the TLS heartbeat extension
>   can be used to reveal up to 64k of memory to a connected client or
>   server.
> 
> -- Salvatore Bonaccorso mailto:car...@debian.org>>
> Mon, 07 Apr 2014 22:26:55
> +0200
> 
> In conclusion, if System VMs have openssl 1.0.1e-2+deb7u5 or higher, then
> they are OK. Can anyone confirm they have 1.0.1e-2+deb7u5+ ?
> 
> Lucian
> 
> --
> Sent from the Delta quadrant using Borg technology!
> 
> Nux!
> www.nux.ro
> 
> 
> Stratosec - Compliance as a Service
> o: 415.315.9385
> @johnlkinsella

Re: Review Request 20158: Marvin: Fix local referenced before definition in exception handling


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/20158/
---

(Updated April 9, 2014, 6:17 p.m.)


Review request for cloudstack and Santhosh Edukulla.


Repository: cloudstack-git


Description
---

The exception handling references a local which was undefined


Diffs
-

  tools/marvin/marvin/cloudstackConnection.py fb03e3b 

Diff: https://reviews.apache.org/r/20158/diff/


Testing
---


Thanks,

Chris Harding

Re: OpenSSL vunerability (bleedheart)

Thanks, that's great clarification.

On Wed, Apr 9, 2014 at 12:15 PM, Animesh Chaturvedi
 wrote:
> Courtesy Chiradeep
>
>
> - CPVM uses JSSE so that should not be affected
> - VR is not affected since it does not offer any HTTPS/TLS service. The RA 
> VPN and S2S VPN use the OpenSSL lib only for crypto and not for any transport
> - The only vulnerable service is the volume upload service and template copy. 
> The latter is between 2 trusted IPs
> - Also this should only affect SSVM template from 4.2 onwards as only wheezy 
> is affected
>
> Thanks
> Animesh
>> -Original Message-
>> From: John Kinsella [mailto:j...@stratosec.co]
>> Sent: Wednesday, April 09, 2014 11:07 AM
>> To: dev@cloudstack.apache.org
>> Subject: Re: OpenSSL vunerability (bleedheart)
>>
>> I want to address a few things here directly (I think these are covered in 
>> the
>> blog post, if not ping me)
>>
>> * Current SSVM from 4.3 is not good enough.
>> * Yes, each SystemVM runs software that needs OpenSSL. For the curious,
>> see "lsof|grep -i ssl"
>> * I'm not sure if the current SystemVM template on Jenkins is secure, we're
>> testing that currently and will update once confirmed.
>> * Assume if you see us releasing a blog post about a security issue, there's 
>> a
>> security issue (QED HTH HAND)
>> * Realhostip uses SSL, but not on the SystemVMs. If you're using realhostIP,
>> it doesn't matter what version of OSSL you use, you're still insecure. Horse:
>> beaten.
>> * Chiradeep's correct, 4.1 and older are not vulnerable. Post updated again.
>>
>> I think that covers the questions...running around doing a few things but 
>> this
>> is very high on our priority list.
>>
>> (snarky comments are meant to be funny not insulting/condescending)
>>
>> On Apr 9, 2014, at 10:19 AM, John Kinsella
>> mailto:j...@stratosec.co>> wrote:
>>
>> To my knowledge, no code change is necessary just a rebuild.  - j
>>
>> Please excuse typos - sent from mobile device.
>>
>> - Reply message -
>> From: "Rayees Namathponnan"
>> mailto:rayees.namathpon...@citrix.co
>> m>>
>> To: "dev@cloudstack.apache.org"
>> mailto:dev@cloudstack.apache.org>>
>> Subject: OpenSSL vunerability (bleedheart)
>> Date: Wed, Apr 9, 2014 10:13 AM
>>
>> Even if we get latest systemvm template from
>> http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/ . , it
>> has openssl 1.0.1e-2+deb7u4 ?
>>
>> Is there any code change required to create system template with openssl
>> 1.0.1e-2+deb7u6  ?
>>
>> Regards,
>> Rayees
>>
>> -Original Message-
>> From: Harikrishna Patnala [mailto:harikrishna.patn...@citrix.com]
>> Sent: Wednesday, April 09, 2014 5:15 AM
>> To: mailto:dev@cloudstack.apache.org>>
>> Subject: Re: OpenSSL vunerability (bleedheart)
>>
>> Latest System VMs have openssl 1.0.1e-2+deb7u4. We need to update
>> openssl to get 1.0.1e-2+deb7u6.
>>
>> It will be great if some one can update openssl to 1.0.1e-2+deb7u6 and test
>> OpenSSL HeartBleed Vulnerability. Right now I could not do it from our
>> network.
>>
>> -Harikrishna
>>
>> On 09-Apr-2014, at 5:00 pm, Nux! mailto:n...@li.nux.ro>>
>> wrote:
>>
>> On 09.04.2014 12:04, Abhinandan Prateek wrote:
>> Latest jenkins build template have openSSL version 1.0.1e, the version that 
>> is
>> compromised.
>>
>> Guys, do not panic.
>> It is my understanding that in Debian, just like in RHEL, major versions will
>> not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but they
>> will backport stuff.
>>
>> After I did an "apt-get update && apt-get install openssl" I got package
>> version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok
>> according to the changelog:
>>
>> "aptitude changelog openssl" says:
>>
>> openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high
>>
>> * Non-maintainer upload by the Security Team.
>> * Enable checking for services that may need to be restarted
>> * Update list of services to possibly restart
>>
>> -- Salvatore Bonaccorso mailto:car...@debian.org>>
>> Tue, 08 Apr 2014 10:44:53
>> +0200
>>
>> openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high
>>
>> * Non-maintainer upload by the Security Team.
>> * Add CVE-2014-0160.patch patch.
>>   CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
>>   A missing bounds check in the handling of the TLS heartbeat extension
>>   can be used to reveal up to 64k of memory to a connected client or
>>   server.
>>
>> -- Salvatore Bonaccorso mailto:car...@debian.org>>
>> Mon, 07 Apr 2014 22:26:55
>> +0200
>>
>> In conclusion, if System VMs have openssl 1.0.1e-2+deb7u5 or higher, then
>> they are OK. Can anyone confirm they have 1.0.1e-2+deb7u5+ ?
>>
>> Lucian
>>
>> --
>> Sent from the Delta quadrant using Borg technology!
>>
>> Nux!
>> www.nux.ro
>>
>>
>> Stratosec - Compliance as a Service
>> o: 415.315.9385
>> @johnlkinsella
>

RE: OpenSSL vunerability (bleedheart)

2014-04-09 Thread Santhosh Edukulla

Also, If any of our mysql code base is using encryption\decryption\hash  
functionalities, which mysql libraries are linked and in turn relies on 
openssl\libssl, then we may wanted to mention a note to update to fixed version 
of openssl and recreate new cert keys, and restart mysql to use the new ones. 
In such cases, does not devel packages also needs to be updated say 
openssl-devel?

Santhosh

From: John Kinsella [j...@stratosec.co]
Sent: Wednesday, April 09, 2014 2:06 PM
To: dev@cloudstack.apache.org
Subject: Re: OpenSSL vunerability (bleedheart)

I want to address a few things here directly (I think these are covered in the 
blog post, if not ping me)

* Current SSVM from 4.3 is not good enough.
* Yes, each SystemVM runs software that needs OpenSSL. For the curious, see 
"lsof|grep -i ssl”
* I’m not sure if the current SystemVM template on Jenkins is secure, we’re 
testing that currently and will update once confirmed.
* Assume if you see us releasing a blog post about a security issue, there’s a 
security issue (QED HTH HAND)
* Realhostip uses SSL, but not on the SystemVMs. If you’re using realhostIP, it 
doesn’t matter what version of OSSL you use, you’re still insecure. Horse: 
beaten.
* Chiradeep’s correct, 4.1 and older are not vulnerable. Post updated again.

I think that covers the questions…running around doing a few things but this is 
very high on our priority list.

(snarky comments are meant to be funny not insulting/condescending)

On Apr 9, 2014, at 10:19 AM, John Kinsella 
mailto:j...@stratosec.co>> wrote:

To my knowledge, no code change is necessary just a rebuild.  - j

Please excuse typos - sent from mobile device.

- Reply message -
From: "Rayees Namathponnan" 
mailto:rayees.namathpon...@citrix.com>>
To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Subject: OpenSSL vunerability (bleedheart)
Date: Wed, Apr 9, 2014 10:13 AM

Even if we get latest systemvm template from 
http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/ . , it has 
openssl 1.0.1e-2+deb7u4 ?

Is there any code change required to create system template with openssl  
1.0.1e-2+deb7u6  ?

Regards,
Rayees

-Original Message-
From: Harikrishna Patnala [mailto:harikrishna.patn...@citrix.com]
Sent: Wednesday, April 09, 2014 5:15 AM
To: mailto:dev@cloudstack.apache.org>>
Subject: Re: OpenSSL vunerability (bleedheart)

Latest System VMs have openssl 1.0.1e-2+deb7u4. We need to update openssl to 
get 1.0.1e-2+deb7u6.

It will be great if some one can update openssl to 1.0.1e-2+deb7u6 and test 
OpenSSL HeartBleed Vulnerability. Right now I could not do it from our network.

-Harikrishna

On 09-Apr-2014, at 5:00 pm, Nux! mailto:n...@li.nux.ro>> wrote:

On 09.04.2014 12:04, Abhinandan Prateek wrote:
Latest jenkins build template have openSSL version 1.0.1e, the
version that is compromised.

Guys, do not panic.
It is my understanding that in Debian, just like in RHEL, major versions will 
not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but they 
will backport stuff.

After I did an "apt-get update && apt-get install openssl" I got package 
version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok according 
to the changelog:

"aptitude changelog openssl" says:

openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high

* Non-maintainer upload by the Security Team.
* Enable checking for services that may need to be restarted
* Update list of services to possibly restart

-- Salvatore Bonaccorso mailto:car...@debian.org>>  Tue, 08 
Apr 2014 10:44:53
+0200

openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high

* Non-maintainer upload by the Security Team.
* Add CVE-2014-0160.patch patch.
  CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
  A missing bounds check in the handling of the TLS heartbeat extension
  can be used to reveal up to 64k of memory to a connected client or
  server.

-- Salvatore Bonaccorso mailto:car...@debian.org>>  Mon, 07 
Apr 2014 22:26:55
+0200

In conclusion, if System VMs have openssl 1.0.1e-2+deb7u5 or higher, then they 
are OK. Can anyone confirm they have 1.0.1e-2+deb7u5+ ?

Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro


Stratosec - Compliance as a Service
o: 415.315.9385
@johnlkinsella

RE: Build failed in Jenkins: build-master-slowbuild #562

2014-04-09 Thread Sanjay Tripathi

Hi,

Can you guys pull the latest code. Its working now.

--Sanjay

From: williamstev...@gmail.com [mailto:williamstev...@gmail.com] On Behalf Of 
Will Stevens
Sent: Wednesday, April 9, 2014 11:38 PM
To: Syed Ahmed
Cc: dev@cloudstack.apache.org; h...@apache.org; muralimmre...@gmail.com; Sanjay 
Tripathi
Subject: Re: Build failed in Jenkins: build-master-slowbuild #562

Master does not compile right now so I don't think that will help.

Ws

On Wednesday, April 9, 2014, Syed Ahmed 
mailto:sah...@cloudops.com>> wrote:
> So I just asked pierre-luc to build a simple cloudkstack without advanced 
> networking. I will try to build master on that setup.
>
> This means I cannot add the LB specific part but I could still something done
>
> Thanks for your help.
>
> Thanks,
> -Syed
>
>
> On Wed 09 Apr 2014 01:58:18 PM EDT, Will Stevens wrote:
>
> Anyone working on this in the hackathon?  :)
>
> I am trying to get dev envs up on master for some people in the hackathon
> and I currently am not able to build master because of this.
>
>
> On Wed, Apr 9, 2014 at 12:09 PM, 
> mailto:jenk...@cloudstack.org>> wrote:
>
> See 
>
> --
> [...truncated 1839 lines...]
> [INFO] Fork Value is true
>   [java] Warnings generated: 1
> [INFO] Done FindBugs Analysis
> [INFO]
> [INFO] <<< findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @
> cloud-framework-config <<<
> [INFO]
> [INFO] --- findbugs-maven-plugin:2.5.3:check (cloudstack-findbugs) @
> cloud-framework-config ---
> [INFO] BugInstance size is 1
> [INFO] Error size is 0
> [INFO] Total bugs: 1
> [INFO] org.apache.cloudstack.framework.config.ConfigKey.equals(Object)
> checks for operand being a String
> ["org.apache.cloudstack.framework.config.ConfigKey"] At
> ConfigKey.java:[lines 40-183]
> [INFO]
> [INFO] --- cobertura-maven-plugin:2.6:instrument (default-cli) @
> cloud-framework-config ---
> [INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT file
>
> [ERROR] Apr 09, 2014 6:09:22 PM
> net.sourceforge.cobertura.coveragedata.CoverageDataFileHandler
> saveCoverageData
> INFO: Cobertura: Saved information on 11 classes.
>
> [INFO] Instrumentation was successful.
> [INFO] NOT adding cobertura ser file to attached artifacts list.
> [INFO]
> [INFO] --- maven-resources-plugin:2.5:testResources
> (default-testResources) @ cloud-framework-config ---
> [debug] execute contextualize
> [INFO] Using 'UTF-8' encoding to copy filtered resources.
> [INFO] skip non existing resourceDirectory <
> http://jenkins.buildacloud.org/job/build-master-slowbuild/ws/framework/config/test/resources
>
> [INFO] Copying 3 resources
> [INFO] Copying 3 resources
> [INFO]
> [INFO] --- maven-compiler-plugin:2.5.1:testCompile (default-testCompile) @
> cloud-framework-config ---
> [INFO] Nothing to compile - all classes are up to date
> [INFO]
> [INFO] --- maven-surefire-plugin:2.12:test (default-test) @
> cloud-framework-config ---
> [INFO] Surefire report directory: <
> http://jenkins.buildacloud.org/job/build-master-slowbuild/ws/framework/config/target/surefire-reports
>
>
> ---
>   T E S T S
> ---
> Running org.apache.cloudstack.framework.config.impl.ConfigDepotAdminTest
> Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.461 sec
>
> Results :
>
> Tests run: 1, Failures: 0, Errors: 0, Skipped: 0
>
> [INFO]
> [INFO] <<< cobertura-maven-plugin:2.6:cobertura (default-cli) @
> cloud-framework-config <<<
> [INFO]
> [INFO] --- cobertura-maven-plugin:2.6:cobertura (default-cli) @
> cloud-framework-config ---
> [INFO] Cobertura 2.0.3 - GNU GPL License (NO WARRANTY) - See COPYRIGHT file
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
> contain instrumentation information for the file
> org/apache/cloudstack/config/Configuration.java.  Ensure this class was
> instrumented, and this data file contains the instrumentation information.
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.reporting.html.HTMLReport - Data file does not
> contain instrumentation information for the file
> org/apache/cloudstack/framework/config/ConfigDepot.java.  Ensure this class
> was instrumented, and this data file contains the instrumentation
> information.
> [cobertura] INFO  [main]
> net.sourceforge.cobertura.re

Re: OpenSSL vunerability (bleedheart)

CPVM runs a monit daemon which is at least linked to libssl. I haven’t taken 
more than peek at that yet - I think SSL is configured off by default but…yeah 
sorry will have to look at that closer.

Regarding the trusted IPs - I only attempted to test one SSVM from 
http://filippo.io/Heartbleed/ and it was a) publicly accessible and b) 
vulnerable, so trust didn’t really enter into the equation.

I already adjusted the blog post re: VR and earlier versions of ACS.

John

On Apr 9, 2014, at 12:15 PM, Animesh Chaturvedi 
mailto:animesh.chaturv...@citrix.com>> wrote:

Courtesy Chiradeep


- CPVM uses JSSE so that should not be affected
- VR is not affected since it does not offer any HTTPS/TLS service. The RA VPN 
and S2S VPN use the OpenSSL lib only for crypto and not for any transport
- The only vulnerable service is the volume upload service and template copy. 
The latter is between 2 trusted IPs
- Also this should only affect SSVM template from 4.2 onwards as only wheezy is 
affected

Thanks
Animesh
-Original Message-
From: John Kinsella [mailto:j...@stratosec.co]
Sent: Wednesday, April 09, 2014 11:07 AM
To: dev@cloudstack.apache.org
Subject: Re: OpenSSL vunerability (bleedheart)

I want to address a few things here directly (I think these are covered in the
blog post, if not ping me)

* Current SSVM from 4.3 is not good enough.
* Yes, each SystemVM runs software that needs OpenSSL. For the curious,
see "lsof|grep -i ssl"
* I'm not sure if the current SystemVM template on Jenkins is secure, we're
testing that currently and will update once confirmed.
* Assume if you see us releasing a blog post about a security issue, there's a
security issue (QED HTH HAND)
* Realhostip uses SSL, but not on the SystemVMs. If you're using realhostIP,
it doesn't matter what version of OSSL you use, you're still insecure. Horse:
beaten.
* Chiradeep's correct, 4.1 and older are not vulnerable. Post updated again.

I think that covers the questions...running around doing a few things but this
is very high on our priority list.

(snarky comments are meant to be funny not insulting/condescending)

On Apr 9, 2014, at 10:19 AM, John Kinsella
mailto:j...@stratosec.co>> wrote:

To my knowledge, no code change is necessary just a rebuild.  - j

Please excuse typos - sent from mobile device.

- Reply message -
From: "Rayees Namathponnan"
mailto:rayees.namathpon...@citrix.com>>
To: 
"dev@cloudstack.apache.org"
mailto:dev@cloudstack.apache.org>>
Subject: OpenSSL vunerability (bleedheart)
Date: Wed, Apr 9, 2014 10:13 AM

Even if we get latest systemvm template from
http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/ . , it
has openssl 1.0.1e-2+deb7u4 ?

Is there any code change required to create system template with openssl
1.0.1e-2+deb7u6  ?

Regards,
Rayees

-Original Message-
From: Harikrishna Patnala [mailto:harikrishna.patn...@citrix.com]
Sent: Wednesday, April 09, 2014 5:15 AM
To: 
mailto:dev@cloudstack.apache.org>>
Subject: Re: OpenSSL vunerability (bleedheart)

Latest System VMs have openssl 1.0.1e-2+deb7u4. We need to update
openssl to get 1.0.1e-2+deb7u6.

It will be great if some one can update openssl to 1.0.1e-2+deb7u6 and test
OpenSSL HeartBleed Vulnerability. Right now I could not do it from our
network.

-Harikrishna

On 09-Apr-2014, at 5:00 pm, Nux! 
mailto:n...@li.nux.ro>>
wrote:

On 09.04.2014 12:04, Abhinandan Prateek wrote:
Latest jenkins build template have openSSL version 1.0.1e, the version that is
compromised.

Guys, do not panic.
It is my understanding that in Debian, just like in RHEL, major versions will
not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but they
will backport stuff.

After I did an "apt-get update && apt-get install openssl" I got package
version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok
according to the changelog:

"aptitude changelog openssl" says:

openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high

* Non-maintainer upload by the Security Team.
* Enable checking for services that may need to be restarted
* Update list of services to possibly restart

-- Salvatore Bonaccorso 
mailto:car...@debian.org>>
Tue, 08 Apr 2014 10:44:53
+0200

openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high

* Non-maintainer upload by the Security Team.
* Add CVE-2014-0160.patch patch.
 CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
 A missing bounds check in the handling of the TLS heartbeat extension
 can be used to reveal up to 64k of memory to a connected client or
 server.

-- Salvatore Bonaccorso 
mailto:car...@debian.org>>
Mon, 07 Apr 2014 22:26:55
+0200

In conclusion, if System VMs have openssl 1.0

Jenkins build is back to normal : build-master-slowbuild #563

See

Re: OpenSSL vunerability (bleedheart)

2014-04-09 Thread Chiradeep Vittal

Yeah, SSVM is definitely vulnerable since it now provides a volume download 
service.

From: John Kinsella mailto:j...@stratosec.co>>
Reply-To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Date: Wednesday, April 9, 2014 at 1:38 PM
To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Subject: Re: OpenSSL vunerability (bleedheart)

CPVM runs a monit daemon which is at least linked to libssl. I haven’t taken 
more than peek at that yet - I think SSL is configured off by default but…yeah 
sorry will have to look at that closer.

Regarding the trusted IPs - I only attempted to test one SSVM from 
http://filippo.io/Heartbleed/ and it was a) publicly accessible and b) 
vulnerable, so trust didn’t really enter into the equation.

I already adjusted the blog post re: VR and earlier versions of ACS.

John

On Apr 9, 2014, at 12:15 PM, Animesh Chaturvedi 
mailto:animesh.chaturv...@citrix.com>>
 wrote:

Courtesy Chiradeep

- CPVM uses JSSE so that should not be affected
- VR is not affected since it does not offer any HTTPS/TLS service. The RA VPN 
and S2S VPN use the OpenSSL lib only for crypto and not for any transport
- The only vulnerable service is the volume upload service and template copy. 
The latter is between 2 trusted IPs
- Also this should only affect SSVM template from 4.2 onwards as only wheezy is 
affected

Thanks
Animesh
-Original Message-
From: John Kinsella [mailto:j...@stratosec.co]
Sent: Wednesday, April 09, 2014 11:07 AM
To: 
dev@cloudstack.apache.org
Subject: Re: OpenSSL vunerability (bleedheart)

I want to address a few things here directly (I think these are covered in the
blog post, if not ping me)

* Current SSVM from 4.3 is not good enough.
* Yes, each SystemVM runs software that needs OpenSSL. For the curious,
see "lsof|grep -i ssl"
* I'm not sure if the current SystemVM template on Jenkins is secure, we're
testing that currently and will update once confirmed.
* Assume if you see us releasing a blog post about a security issue, there's a
security issue (QED HTH HAND)
* Realhostip uses SSL, but not on the SystemVMs. If you're using realhostIP,
it doesn't matter what version of OSSL you use, you're still insecure. Horse:
beaten.
* Chiradeep's correct, 4.1 and older are not vulnerable. Post updated again.

I think that covers the questions...running around doing a few things but this
is very high on our priority list.

(snarky comments are meant to be funny not insulting/condescending)

On Apr 9, 2014, at 10:19 AM, John Kinsella
mailto:j...@stratosec.co>>
 wrote:

To my knowledge, no code change is necessary just a rebuild.  - j

Please excuse typos - sent from mobile device.

- Reply message -
From: "Rayees Namathponnan"
mailto:rayees.namathpon...@citrix.com>>
To: 
"dev@cloudstack.apache.org"
mailto:dev@cloudstack.apache.org>>
Subject: OpenSSL vunerability (bleedheart)
Date: Wed, Apr 9, 2014 10:13 AM

Even if we get latest systemvm template from
http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/ . , it
has openssl 1.0.1e-2+deb7u4 ?

Is there any code change required to create system template with openssl
1.0.1e-2+deb7u6  ?

Regards,
Rayees

-Original Message-
From: Harikrishna Patnala [mailto:harikrishna.patn...@citrix.com]
Sent: Wednesday, April 09, 2014 5:15 AM
To: 
mailto:dev@cloudstack.apache.org>>
Subject: Re: OpenSSL vunerability (bleedheart)

Latest System VMs have openssl 1.0.1e-2+deb7u4. We need to update
openssl to get 1.0.1e-2+deb7u6.

It will be great if some one can update openssl to 1.0.1e-2+deb7u6 and test
OpenSSL HeartBleed Vulnerability. Right now I could not do it from our
network.

-Harikrishna

On 09-Apr-2014, at 5:00 pm, Nux! 
mailto:n...@li.nux.ro>>
wrote:

On 09.04.2014 12:04, Abhinandan Prateek wrote:
Latest jenkins build template have openSSL version 1.0.1e, the version that is
compromised.

Guys, do not panic.
It is my understanding that in Debian, just like in RHEL, major versions will
not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but they
will backport stuff.

After I did an "apt-get update && apt-get install openssl" I got package
version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok
according to the changelog:

"aptitude changelog openssl" says:

openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high

* Non-maintainer upload by the Security Team.
* Enable checking for s

4.3 system vm template job failing in jenkins

2014-04-09 Thread Rayees Namathponnan

Hi All,

4.3 system vm template job failing;   looks like build falling after the 
getting updated openssl 1.0.1e-2+deb7u6.

http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm64/140/console


(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 24061 files and directories currently installed.)
Preparing to replace libssl1.0.0:amd64 1.0.1e-2 (using 
.../libssl1.0.0_1.0.1e-2+deb7u6_amd64.deb) ...
Unpacking replacement libssl1.0.0:amd64 ...
Selecting previously unselected package libc-dev-bin.
Unpacking libc-dev-bin (from .../libc-dev-bin_2.13-38+deb7u1_amd64.deb) ...
Selecting previously unselected package linux-libc-dev:amd64.
Unpacking linux-libc-dev:amd64 (from .../linux-libc-dev_3.2.54-2_amd64.deb) ...
Selecting previously unselected package libc6-dev:amd64.
Unpacking libc6-dev:amd64 (from .../libc6-dev_2.13-38+deb7u1_amd64.deb) ...
Selecting previously unselected package uuid-dev.
Unpacking uuid-dev (from .../uuid-dev_2.20.1-5.3_amd64.deb) ...
Selecting previously unselected package libapr1-dev.
Unpacking libapr1-dev (from .../libapr1-dev_1.4.6-3+deb7u1_amd64.deb) ...
Selecting previously unselected package zlib1g-dev:amd64.
Unpacking zlib1g-dev:amd64 (from .../zlib1g-dev_1%3a1.2.7.dfsg-13_amd64.deb) ...
Selecting previously unselected package libssl-dev.
Unpacking libssl-dev (from .../libssl-dev_1.0.1e-2+deb7u6_amd64.deb) ...
Selecting previously unselected package libtcnative-1.
Unpacking libtcnative-1 (from .../libtcnative-1_1.1.24-1_amd64.deb) ...
Processing triggers for man-db ...
Setting up libssl1.0.0:amd64 (1.0.1e-2+deb7u6) ...
Checking for services that may need to be restarted...done.
Checking init scripts...
[?1049h[1;24r[4l[?25l(B[m[37m[40m[1;24r[H[2J[1;1H[1m[37m[44m
[2;1H   
 [3;1H  
  [4;1H 
   
[5;1H   
 [6;1H  
  [7;1H 
   [8;1H
[9;1H   
 [10;1H 
   [11;1H   
 [12;1H 
   [13;1H   
 [14;1H 
   [15;1H   
 [16;1H 
   [17;1H   
 [18;1H 
   
[19;1H  
  [20;1H
[21;1H  
  [22;1H
[23;1H  
  [24;1H
   [24;79H [4h [4l[1;1H(B[m[37m[44mPackage 
configuration[4;2H(0[30m[47mlqu(B[m(B[30m[47m 
[31mConfiguring libssl1.0.0:amd64[30m 
(0[30m[47mtqk[5;2Hx(B[m(B[30m[47m   
(0[30m[47mx(B[m(B[1m[37m[40m 
[6;2H(B[m(0[30m[47mx(B[m(B[30m[47m This release of OpenSSL fixes some security 
issues. Services will not (0[30m[47mx(B[m(B[1m[37m[40m 
[7;2H(B[m(0[30m[47mx(B[m(B[30m[47m use these fixes until they are restarted. 
Please note that restarting (0[30m[47mx(B[m(B[1m[37m[40m 
[8;2H(B[m(0[30m[47mx(B[m(B[30m[47m the SSH server (sshd) should not affect any 
existing connections. (0[30m[47mx(B[m(B[1m[37m[40m 
[9;2H(B[m(0[30m[47mx(B[m(B[30m[47m  
 (0[30m[47mx(B[m(B[1m[37m[40m 
[10;2H(B[m(0[30m[47mx(B[m(B[30m[47m Please check the list of detected services 
that need to be restarted and  (0[30m[47mx(B[m(B[1m[37m[40m 
[11;2H(B[m(0[30m[47mx(B[m(B[30m[47m c

Re: Build failed in Jenkins: build-master-slowbuild #562

2014-04-09 Thread Will Stevens

Well it gets farther, but I still can't get it to compile.

ws

[INFO] Apache CloudStack Developer Tools - Checkstyle Configuration
 SUCCESS [1.857s]
[INFO] Apache CloudStack . SUCCESS [2.453s]
[INFO] Apache CloudStack Maven Conventions Parent  SUCCESS [1.401s]
[INFO] Apache CloudStack Framework - Managed Context . SUCCESS [2.377s]
[INFO] Apache CloudStack Utils ... SUCCESS [11.159s]
[INFO] Apache CloudStack Framework ... SUCCESS [0.058s]
[INFO] Apache CloudStack Framework - Event Notification .. SUCCESS [7.464s]
[INFO] Apache CloudStack Framework - Configuration ... SUCCESS [2.454s]
[INFO] Apache CloudStack API . SUCCESS [17.792s]
[INFO] Apache CloudStack Framework - REST  SUCCESS [1.613s]
[INFO] Apache CloudStack Framework - IPC . SUCCESS [3.399s]
[INFO] Apache CloudStack Cloud Engine  SUCCESS [0.053s]
[INFO] Apache CloudStack Cloud Engine API  SUCCESS [3.471s]
[INFO] Apache CloudStack Framework - Security  SUCCESS [2.335s]
[INFO] Apache CloudStack Core  SUCCESS [9.078s]
[INFO] Apache CloudStack Agents .. SUCCESS [5.875s]
[INFO] Apache CloudStack Framework - Clustering .. SUCCESS [3.626s]
[INFO] Apache CloudStack Framework - Jobs  SUCCESS [4.541s]
[INFO] Apache CloudStack Cloud Engine Schema Component ... SUCCESS [19.174s]
[INFO] Apache CloudStack Framework - Event Notification .. SUCCESS [1.702s]
[INFO] Apache CloudStack Cloud Engine Internal Components API  SUCCESS
[3.096s]
[INFO] Apache CloudStack Server .. SUCCESS [24.304s]
[INFO] Apache CloudStack Usage Server  SUCCESS [5.008s]
[INFO] Apache CloudStack Cloud Engine Orchestration Component  SUCCESS
[11.558s]
[INFO] Apache CloudStack Cloud Services .. SUCCESS [0.051s]
[INFO] Apache CloudStack Secondary Storage ... SUCCESS [0.345s]
[INFO] Apache CloudStack Secondary Storage Service ... SUCCESS [4.336s]
[INFO] Apache CloudStack Engine Storage Component  SUCCESS [6.676s]
[INFO] Apache CloudStack Engine Storage Volume Component . SUCCESS [3.794s]
[INFO] Apache CloudStack Engine Storage Image Component .. SUCCESS [2.927s]
[INFO] Apache CloudStack Engine Storage Data Motion Component  SUCCESS
[2.491s]
[INFO] Apache CloudStack Engine Storage Cache Component .. SUCCESS [2.455s]
[INFO] Apache CloudStack Engine Storage Snapshot Component  SUCCESS [3.139s]
[INFO] Apache CloudStack Cloud Engine API  SUCCESS [1.855s]
[INFO] Apache CloudStack Cloud Engine Service  SUCCESS [3.750s]
[INFO] Apache CloudStack Plugin POM .. SUCCESS [0.563s]
[INFO] Apache CloudStack Plugin - API Rate Limit . SUCCESS [2.300s]
[INFO] Apache CloudStack Plugin - API Discovery .. SUCCESS [2.432s]
[INFO] Apache CloudStack Plugin - ACL Static Role Based .. SUCCESS [2.077s]
[INFO] Apache CloudStack Plugin - Host Anti-Affinity Processor  SUCCESS
[2.684s]
[INFO] Apache CloudStack Plugin - Explicit Dedication Processor  SUCCESS
[2.379s]
[INFO] Apache CloudStack Plugin - User Concentrated Pod Deployment Planner
 SUCCESS [2.230s]
[INFO] Apache CloudStack Plugin - User Dispersing Deployment Planner
 SUCCESS [2.613s]
[INFO] Apache CloudStack Plugin - Implicit Dedication Planner  SUCCESS
[2.341s]
[INFO] Apache CloudStack Plugin - Skip Heurestics Planner  SUCCESS [1.959s]
[INFO] Apache CloudStack Plugin - Host Allocator Random .. SUCCESS [2.126s]
[INFO] Apache CloudStack Plugin - Dedicated Resources  SUCCESS [3.420s]
[INFO] Apache CloudStack Plugin - Hypervisor OracleVM  SUCCESS [3.971s]
[INFO] Apache CloudStack Plugin - Open vSwitch ... SUCCESS [4.475s]
[INFO] Apache CloudStack Plugin - Hypervisor Xen . SUCCESS [9.794s]
[INFO] Apache CloudStack Plugin - Hypervisor KVM . FAILURE [6.517s]
[INFO] Apache CloudStack Plugin - RabbitMQ Event Bus . SKIPPED
[INFO] Apache CloudStack Plugin - In Memory Event Bus  SKIPPED
[INFO] Apache CloudStack Plugin - Hypervisor Baremetal ... SKIPPED
[INFO] Apache CloudStack Plugin - Hypervisor UCS . SKIPPED
[INFO] Apache CloudStack Plugin - Hypervisor Hyper-V . SKIPPED
[INFO] Apache CloudStack Plugin - Network Elastic Load Balancer  SKIPPED
[INFO] Apache CloudStack Plugin - Network Internal Load Balancer  SKIPPED
[INFO] Apache CloudStack Framework - Spring Life Cycle ... SKIPPED
[INFO] Apache CloudStack Plugin - Network Juniper Contrail  SKIPPED
[INFO] Apache CloudStack Plugin - Palo Alto .. SKIPPED
[INFO] Apache CloudStack Plugin - Network Netscaler .. SKIPPED
[INFO] Apache CloudStack Plugin - Network Nicira NVP . SKIPPED
[INFO] Apache CloudStack Plugin - BigSwitch Virtual Network Segment  SKIPPED
[INFO] Apache CloudStack Plugin - Midokura Midonet ... SKIPPED
[INFO] Apache CloudStack P

Build failed in Jenkins: cloudstack-4.4-maven-build #154

See 

--
Started by an SCM change
[EnvInject] - Loading node environment variables.
Building remotely on rpmbuilder in workspace 

java.io.IOException: Failed to mkdirs: 

at hudson.FilePath.mkdirs(FilePath.java:1069)
at hudson.model.AbstractProject.checkout(AbstractProject.java:1313)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:609)
at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:88)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:518)
at hudson.model.Run.execute(Run.java:1688)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:231)

Build failed in Jenkins: cloudstack-4.4-maven-build-noredist #101

See 


--
Started by upstream project "cloudstack-4.4-maven-build" build number 153
originally caused by:
 Started by an SCM change
[EnvInject] - Loading node environment variables.
Building remotely on rpmbuilder in workspace 

java.io.IOException: Failed to mkdirs: 

at hudson.FilePath.mkdirs(FilePath.java:1069)
at hudson.model.AbstractProject.checkout(AbstractProject.java:1313)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:609)
at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:88)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:518)
at hudson.model.Run.execute(Run.java:1688)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:231)
Archiving artifacts
ERROR: Publisher hudson.tasks.ArtifactArchiver aborted due to exception
 
does not exist.
at 
org.apache.tools.ant.types.AbstractFileSet.getDirectoryScanner(AbstractFileSet.java:483)
at 
org.apache.tools.ant.types.AbstractFileSet.getDirectoryScanner(AbstractFileSet.java:460)
at 
hudson.tasks.ArtifactArchiver$ListFiles.invoke(ArtifactArchiver.java:181)
at 
hudson.tasks.ArtifactArchiver$ListFiles.invoke(ArtifactArchiver.java:172)
at hudson.FilePath$FileCallableWrapper.call(FilePath.java:2462)
at hudson.remoting.UserRequest.perform(UserRequest.java:118)
at hudson.remoting.UserRequest.perform(UserRequest.java:48)
at hudson.remoting.Request$2.run(Request.java:326)
at 
hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at hudson.remoting.Engine$1$1.run(Engine.java:63)
at java.lang.Thread.run(Thread.java:744)

Jenkins build is back to normal : cloudstack-4.4-maven-build #155

See

Jenkins build is back to normal : cloudstack-4.4-maven-build-noredist #102

See

Re: OpenSSL vunerability (bleedheart)


On 09.04.2014 18:34, John Kinsella wrote:

Folks - unfortunately there’s an error in my blog post last night. On
Debian, you need to update both openssl and libssl, updating openssl
by itself is not good enough. I knew this, had it in a draft but
somehow that didn’t make it into the post. I’ll blame lack of sleep.


The package name is libssl1.0.0 actually, so `apt-get install 
libssl1.0.0`
It will also offer to restart some services that depend on it which is 
handy (though the list is not exhaustive), I chose to reboot all my 
system VMs, just to be sure.


Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

Re: 4.3 system vm template job failing in jenkins


On 09.04.2014 21:44, Rayees Namathponnan wrote:

Hi All,

4.3 system vm template job failing;   looks like build falling after
the getting updated openssl 1.0.1e-2+deb7u6.

http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm64/140/console
  [24;79H
[4h [4l[1;1H(B[m[37m[44mPackage
configuration[4;2H(0[30m[47mlqu(B[m(B[30m[47m
[31mConfiguring libssl1.0.0:amd64[30m
(0[30m[47mtqk[5;2Hx(B[m(B[30m[47m


Yeah, apt-get has this annoying feature where it asks you all sorts of 
things during package installation. In this very case the libssl package 
is causing the head aches, probably as a result of the latest security 
issues with OpenSSL.


Not sure if it would break anything, but this env var should be present 
during the build and apt/dpkg should stay silent:

export DEBIAN_FRONTEND=noninteractive

HTH
Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

Re: Review Request 19446: CLOUDSTACK-6191: Volume provisioning type option

2014-04-09 Thread Yoshikazu Nojima


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19446/
---

(Updated April 9, 2014, 10:58 p.m.)


Review request for cloudstack, Mike Tutkowski, Marcus Sorensen, and Wido den 
Hollander.


Changes
---

Now it works with local storage (confirmed).
I suppose it works with CLVM too (preallocation option will be discarded).


Bugs: CLOUDSTACK-6191
https://issues.apache.org/jira/browse/CLOUDSTACK-6191


Repository: cloudstack-git


Description
---

purpose:
Thin provisioning of a volume saves consumption of a storage, and fat 
provisioning minimizes IOPS performance overhead.
This feature adds a disk offering parameter to provide users an option to 
select how to provision volumes.
Especially, qcow2 format is known that its performance can be improved by 
deploying a volume as a sparse file.[1] This feature also supports sparse 
provisioning.


http://itscblog.tamu.edu/improve-disk-io-performance-in-kvm/#.232---preallocation

Scope:
First, start with KVM+NFS installation.
Leave rooms to support other hypervisors.

For more details please refer fs: 
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Volume+provisioning+type+option


Diffs (updated)
-

  api/src/com/cloud/offering/DiskOffering.java 4641b9a 
  api/src/com/cloud/storage/Storage.java 8ab2463 
  api/src/com/cloud/storage/Volume.java 304dbcf 
  api/src/com/cloud/vm/DiskProfile.java 5fdacf2 
  api/src/org/apache/cloudstack/api/ApiConstants.java c7d6da1 
  
api/src/org/apache/cloudstack/api/command/admin/offering/CreateDiskOfferingCmd.java
 67c9792 
  
api/src/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java
 6cd5d84 
  api/src/org/apache/cloudstack/api/response/DiskOfferingResponse.java 91bd441 
  api/src/org/apache/cloudstack/api/response/ServiceOfferingResponse.java 
764ade5 
  api/src/org/apache/cloudstack/api/response/VolumeResponse.java 45c15da 
  client/WEB-INF/classes/resources/messages.properties 8abe874 
  core/src/org/apache/cloudstack/storage/to/VolumeObjectTO.java 11a3324 
  
engine/orchestration/src/org/apache/cloudstack/engine/orchestration/VolumeOrchestrator.java
 c5e0983 
  engine/orchestration/test/com/cloud/vm/VirtualMachineManagerImplTest.java 
49b2fc5 
  engine/schema/src/com/cloud/service/ServiceOfferingVO.java 3be0aaa 
  engine/schema/src/com/cloud/storage/DiskOfferingVO.java 99214b2 
  engine/schema/src/com/cloud/storage/VolumeVO.java 9f27c23 
  
engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeObject.java
 385f8e6 
  
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
 beb5e10 
  
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtStorageVolumeDef.java
 35777cf 
  
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/IscsiAdmStorageAdaptor.java
 761bb37 
  
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/IscsiAdmStoragePool.java
 2cecfa3 
  
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePool.java
 ca3d32f 
  
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java
 583d48a 
  
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java
 604bdae 
  
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
 61d90e9 
  
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStoragePool.java
 605d154 
  
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/StorageAdaptor.java
 c751aab 
  plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/qemu/QemuImg.java 
4bec375 
  
plugins/hypervisors/kvm/test/org/apache/cloudstack/utils/qemu/QemuImgTest.java 
8bdff4d 
  
plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
 2a7bcac 
  
plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java
 89707c9 
  
plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java
 f418586 
  
plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMServiceTest.java
 62ca09b 
  server/src/com/cloud/api/query/dao/DiskOfferingJoinDaoImpl.java bf28c03 
  server/src/com/cloud/api/query/dao/ServiceOfferingJoinDaoImpl.java 7fcc5c6 
  server/src/com/cloud/api/query/dao/VolumeJoinDaoImpl.java 8a0431b 
  server/src/com/cloud/api/query/vo/DiskOfferingJoinVO.java e3e0a9e 
  server/src/com/cloud/api/query/vo/ServiceOfferingJoinVO.java dbeb530 
  server/src/com/cloud/api/query/vo/VolumeJoinVO.java 8165d68 
  server/src/com/cloud/configuration/ConfigurationManagerImpl.java 30afd7b 
  server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java 0512096 
  server/src/com/cloud/network/router/VirtualNetworkApplianc

Review Request 20184: CLOUDSTACK-6369: Qcow2's cluster_size option support

2014-04-09 Thread Yoshikazu Nojima


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/20184/
---

Review request for cloudstack, Mike Tutkowski, Marcus Sorensen, and Wido den 
Hollander.


Bugs: CLOUDSTACK-6369
https://issues.apache.org/jira/browse/CLOUDSTACK-6369


Repository: cloudstack-git


Description
---

To improve the qcow2 performance, it is important to tune parameters of 
"qemu-img create" command.
preallocation=metadata option, which I am working on in CLOUDSTACK-6191 
improves randam IOPS well, but the qcow2 image created with 
preallocation=metadata option cannot be used as a differential image.
This "cluster_size" option improves IOPS of a differential qcow2 image which is 
created with preallocation=off.

https://issues.apache.org/jira/browse/CLOUDSTACK-6369

This patch is written on the top of https://reviews.apache.org/r/19446/ . This 
patch cannot be applied before 19446 is merged.


Diffs
-

  agent/conf/agent.properties b8b7a7c 
  core/src/com/cloud/storage/JavaStorageLayer.java e8c4053 
  
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
 61d90e9 

Diff: https://reviews.apache.org/r/20184/diff/


Testing
---

Case1 (without this option)
1. Ensure "storage.qcow2.cluster_size" is not written in "agent.properties" 
file.
2. Create and attach a volume.
3. Confirm the created volume is provisioned with cluster_size=65536, which is 
a default value.

Case2 (with this option)
1. Ensure "storage.qcow2.cluster_size=2097152" is written in "agent.properties" 
file.
2. Create and attache a volume.
3. Confirm the created volume is provisioned with cluster_size=2097152.


Thanks,

Yoshikazu Nojima

Re: Build failed in Jenkins: build-master-slowbuild #562

Since it complains about rados jar, do you think it's related to this?

commit 09f83e48eb28ebd879f5431ec6e84c3ff26acfd9
Author: Wido den Hollander 
Date:   Tue Apr 8 17:43:50 2014 +0200

CLOUDSTACK-4665: Depend on rados-java 0.1.4

This fixes the ArrayIndexOutOfBounds exception during the
removal of a RBD based volume

On Wed, Apr 9, 2014 at 2:47 PM, Will Stevens  wrote:
> Well it gets farther, but I still can't get it to compile.
>
> ws
>
> [INFO] Apache CloudStack Developer Tools - Checkstyle Configuration
>  SUCCESS [1.857s]
> [INFO] Apache CloudStack . SUCCESS [2.453s]
> [INFO] Apache CloudStack Maven Conventions Parent  SUCCESS [1.401s]
> [INFO] Apache CloudStack Framework - Managed Context . SUCCESS [2.377s]
> [INFO] Apache CloudStack Utils ... SUCCESS [11.159s]
> [INFO] Apache CloudStack Framework ... SUCCESS [0.058s]
> [INFO] Apache CloudStack Framework - Event Notification .. SUCCESS [7.464s]
> [INFO] Apache CloudStack Framework - Configuration ... SUCCESS [2.454s]
> [INFO] Apache CloudStack API . SUCCESS [17.792s]
> [INFO] Apache CloudStack Framework - REST  SUCCESS [1.613s]
> [INFO] Apache CloudStack Framework - IPC . SUCCESS [3.399s]
> [INFO] Apache CloudStack Cloud Engine  SUCCESS [0.053s]
> [INFO] Apache CloudStack Cloud Engine API  SUCCESS [3.471s]
> [INFO] Apache CloudStack Framework - Security  SUCCESS [2.335s]
> [INFO] Apache CloudStack Core  SUCCESS [9.078s]
> [INFO] Apache CloudStack Agents .. SUCCESS [5.875s]
> [INFO] Apache CloudStack Framework - Clustering .. SUCCESS [3.626s]
> [INFO] Apache CloudStack Framework - Jobs  SUCCESS [4.541s]
> [INFO] Apache CloudStack Cloud Engine Schema Component ... SUCCESS [19.174s]
> [INFO] Apache CloudStack Framework - Event Notification .. SUCCESS [1.702s]
> [INFO] Apache CloudStack Cloud Engine Internal Components API  SUCCESS
> [3.096s]
> [INFO] Apache CloudStack Server .. SUCCESS [24.304s]
> [INFO] Apache CloudStack Usage Server  SUCCESS [5.008s]
> [INFO] Apache CloudStack Cloud Engine Orchestration Component  SUCCESS
> [11.558s]
> [INFO] Apache CloudStack Cloud Services .. SUCCESS [0.051s]
> [INFO] Apache CloudStack Secondary Storage ... SUCCESS [0.345s]
> [INFO] Apache CloudStack Secondary Storage Service ... SUCCESS [4.336s]
> [INFO] Apache CloudStack Engine Storage Component  SUCCESS [6.676s]
> [INFO] Apache CloudStack Engine Storage Volume Component . SUCCESS [3.794s]
> [INFO] Apache CloudStack Engine Storage Image Component .. SUCCESS [2.927s]
> [INFO] Apache CloudStack Engine Storage Data Motion Component  SUCCESS
> [2.491s]
> [INFO] Apache CloudStack Engine Storage Cache Component .. SUCCESS [2.455s]
> [INFO] Apache CloudStack Engine Storage Snapshot Component  SUCCESS [3.139s]
> [INFO] Apache CloudStack Cloud Engine API  SUCCESS [1.855s]
> [INFO] Apache CloudStack Cloud Engine Service  SUCCESS [3.750s]
> [INFO] Apache CloudStack Plugin POM .. SUCCESS [0.563s]
> [INFO] Apache CloudStack Plugin - API Rate Limit . SUCCESS [2.300s]
> [INFO] Apache CloudStack Plugin - API Discovery .. SUCCESS [2.432s]
> [INFO] Apache CloudStack Plugin - ACL Static Role Based .. SUCCESS [2.077s]
> [INFO] Apache CloudStack Plugin - Host Anti-Affinity Processor  SUCCESS
> [2.684s]
> [INFO] Apache CloudStack Plugin - Explicit Dedication Processor  SUCCESS
> [2.379s]
> [INFO] Apache CloudStack Plugin - User Concentrated Pod Deployment Planner
>  SUCCESS [2.230s]
> [INFO] Apache CloudStack Plugin - User Dispersing Deployment Planner
>  SUCCESS [2.613s]
> [INFO] Apache CloudStack Plugin - Implicit Dedication Planner  SUCCESS
> [2.341s]
> [INFO] Apache CloudStack Plugin - Skip Heurestics Planner  SUCCESS [1.959s]
> [INFO] Apache CloudStack Plugin - Host Allocator Random .. SUCCESS [2.126s]
> [INFO] Apache CloudStack Plugin - Dedicated Resources  SUCCESS [3.420s]
> [INFO] Apache CloudStack Plugin - Hypervisor OracleVM  SUCCESS [3.971s]
> [INFO] Apache CloudStack Plugin - Open vSwitch ... SUCCESS [4.475s]
> [INFO] Apache CloudStack Plugin - Hypervisor Xen . SUCCESS [9.794s]
> [INFO] Apache CloudStack Plugin - Hypervisor KVM . FAILURE [6.517s]
> [INFO] Apache CloudStack Plugin - RabbitMQ Event Bus . SKIPPED
> [INFO] Apache CloudStack Plugin - In Memory Event Bus  SKIPPED
> [INFO] Apache CloudStack Plugin - Hypervisor Baremetal ... SKIPPED
> [INFO] Apache CloudStack Plugin - Hypervisor UCS . SKIPPED
> [INFO] Apache CloudStack Plugin - Hypervisor Hyper-V . SKIPPED
> [INFO] Apache CloudStack Plugin - Network Elastic Load Balancer  SKIPPED
> [INFO] Apache CloudStack Plugin - Network Internal Loa

Re: Build failed in Jenkins: build-master-slowbuild #562

compile succeeded after rolling back to the commit prior that one.

On Wed, Apr 9, 2014 at 5:51 PM, Marcus  wrote:
> Since it complains about rados jar, do you think it's related to this?
>
> commit 09f83e48eb28ebd879f5431ec6e84c3ff26acfd9
> Author: Wido den Hollander 
> Date:   Tue Apr 8 17:43:50 2014 +0200
>
> CLOUDSTACK-4665: Depend on rados-java 0.1.4
>
> This fixes the ArrayIndexOutOfBounds exception during the
> removal of a RBD based volume
>
> On Wed, Apr 9, 2014 at 2:47 PM, Will Stevens  wrote:
>> Well it gets farther, but I still can't get it to compile.
>>
>> ws
>>
>> [INFO] Apache CloudStack Developer Tools - Checkstyle Configuration
>>  SUCCESS [1.857s]
>> [INFO] Apache CloudStack . SUCCESS [2.453s]
>> [INFO] Apache CloudStack Maven Conventions Parent  SUCCESS [1.401s]
>> [INFO] Apache CloudStack Framework - Managed Context . SUCCESS [2.377s]
>> [INFO] Apache CloudStack Utils ... SUCCESS [11.159s]
>> [INFO] Apache CloudStack Framework ... SUCCESS [0.058s]
>> [INFO] Apache CloudStack Framework - Event Notification .. SUCCESS [7.464s]
>> [INFO] Apache CloudStack Framework - Configuration ... SUCCESS [2.454s]
>> [INFO] Apache CloudStack API . SUCCESS [17.792s]
>> [INFO] Apache CloudStack Framework - REST  SUCCESS [1.613s]
>> [INFO] Apache CloudStack Framework - IPC . SUCCESS [3.399s]
>> [INFO] Apache CloudStack Cloud Engine  SUCCESS [0.053s]
>> [INFO] Apache CloudStack Cloud Engine API  SUCCESS [3.471s]
>> [INFO] Apache CloudStack Framework - Security  SUCCESS [2.335s]
>> [INFO] Apache CloudStack Core  SUCCESS [9.078s]
>> [INFO] Apache CloudStack Agents .. SUCCESS [5.875s]
>> [INFO] Apache CloudStack Framework - Clustering .. SUCCESS [3.626s]
>> [INFO] Apache CloudStack Framework - Jobs  SUCCESS [4.541s]
>> [INFO] Apache CloudStack Cloud Engine Schema Component ... SUCCESS [19.174s]
>> [INFO] Apache CloudStack Framework - Event Notification .. SUCCESS [1.702s]
>> [INFO] Apache CloudStack Cloud Engine Internal Components API  SUCCESS
>> [3.096s]
>> [INFO] Apache CloudStack Server .. SUCCESS [24.304s]
>> [INFO] Apache CloudStack Usage Server  SUCCESS [5.008s]
>> [INFO] Apache CloudStack Cloud Engine Orchestration Component  SUCCESS
>> [11.558s]
>> [INFO] Apache CloudStack Cloud Services .. SUCCESS [0.051s]
>> [INFO] Apache CloudStack Secondary Storage ... SUCCESS [0.345s]
>> [INFO] Apache CloudStack Secondary Storage Service ... SUCCESS [4.336s]
>> [INFO] Apache CloudStack Engine Storage Component  SUCCESS [6.676s]
>> [INFO] Apache CloudStack Engine Storage Volume Component . SUCCESS [3.794s]
>> [INFO] Apache CloudStack Engine Storage Image Component .. SUCCESS [2.927s]
>> [INFO] Apache CloudStack Engine Storage Data Motion Component  SUCCESS
>> [2.491s]
>> [INFO] Apache CloudStack Engine Storage Cache Component .. SUCCESS [2.455s]
>> [INFO] Apache CloudStack Engine Storage Snapshot Component  SUCCESS [3.139s]
>> [INFO] Apache CloudStack Cloud Engine API  SUCCESS [1.855s]
>> [INFO] Apache CloudStack Cloud Engine Service  SUCCESS [3.750s]
>> [INFO] Apache CloudStack Plugin POM .. SUCCESS [0.563s]
>> [INFO] Apache CloudStack Plugin - API Rate Limit . SUCCESS [2.300s]
>> [INFO] Apache CloudStack Plugin - API Discovery .. SUCCESS [2.432s]
>> [INFO] Apache CloudStack Plugin - ACL Static Role Based .. SUCCESS [2.077s]
>> [INFO] Apache CloudStack Plugin - Host Anti-Affinity Processor  SUCCESS
>> [2.684s]
>> [INFO] Apache CloudStack Plugin - Explicit Dedication Processor  SUCCESS
>> [2.379s]
>> [INFO] Apache CloudStack Plugin - User Concentrated Pod Deployment Planner
>>  SUCCESS [2.230s]
>> [INFO] Apache CloudStack Plugin - User Dispersing Deployment Planner
>>  SUCCESS [2.613s]
>> [INFO] Apache CloudStack Plugin - Implicit Dedication Planner  SUCCESS
>> [2.341s]
>> [INFO] Apache CloudStack Plugin - Skip Heurestics Planner  SUCCESS [1.959s]
>> [INFO] Apache CloudStack Plugin - Host Allocator Random .. SUCCESS [2.126s]
>> [INFO] Apache CloudStack Plugin - Dedicated Resources  SUCCESS [3.420s]
>> [INFO] Apache CloudStack Plugin - Hypervisor OracleVM  SUCCESS [3.971s]
>> [INFO] Apache CloudStack Plugin - Open vSwitch ... SUCCESS [4.475s]
>> [INFO] Apache CloudStack Plugin - Hypervisor Xen . SUCCESS [9.794s]
>> [INFO] Apache CloudStack Plugin - Hypervisor KVM . FAILURE [6.517s]
>> [INFO] Apache CloudStack Plugin - RabbitMQ Event Bus . SKIPPED
>> [INFO] Apache CloudStack Plugin - In Memory Event Bus  SKIPPED
>> [INFO] Apache CloudStack Plugin - Hypervisor Baremetal ... SKIPPED
>> [INFO] Apache CloudStack Plugin - Hypervisor UCS . SKIPP

Re: Review Request 19446: CLOUDSTACK-6191: Volume provisioning type option

2014-04-09 Thread Marcus Sorensen


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19446/#review39968
---



engine/orchestration/src/org/apache/cloudstack/engine/orchestration/VolumeOrchestrator.java


Building to test now.

Does this patch contain changes that are unrelated to the feature? Or are 
changes such as this integral to the function of the feature?


- Marcus Sorensen


On April 9, 2014, 10:58 p.m., Yoshikazu Nojima wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19446/
> ---
> 
> (Updated April 9, 2014, 10:58 p.m.)
> 
> 
> Review request for cloudstack, Mike Tutkowski, Marcus Sorensen, and Wido den 
> Hollander.
> 
> 
> Bugs: CLOUDSTACK-6191
> https://issues.apache.org/jira/browse/CLOUDSTACK-6191
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> purpose:
> Thin provisioning of a volume saves consumption of a storage, and fat 
> provisioning minimizes IOPS performance overhead.
> This feature adds a disk offering parameter to provide users an option to 
> select how to provision volumes.
> Especially, qcow2 format is known that its performance can be improved by 
> deploying a volume as a sparse file.[1] This feature also supports sparse 
> provisioning.
> 
> 
> http://itscblog.tamu.edu/improve-disk-io-performance-in-kvm/#.232---preallocation
> 
> Scope:
> First, start with KVM+NFS installation.
> Leave rooms to support other hypervisors.
> 
> For more details please refer fs: 
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Volume+provisioning+type+option
> 
> 
> Diffs
> -
> 
>   api/src/com/cloud/offering/DiskOffering.java 4641b9a 
>   api/src/com/cloud/storage/Storage.java 8ab2463 
>   api/src/com/cloud/storage/Volume.java 304dbcf 
>   api/src/com/cloud/vm/DiskProfile.java 5fdacf2 
>   api/src/org/apache/cloudstack/api/ApiConstants.java c7d6da1 
>   
> api/src/org/apache/cloudstack/api/command/admin/offering/CreateDiskOfferingCmd.java
>  67c9792 
>   
> api/src/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java
>  6cd5d84 
>   api/src/org/apache/cloudstack/api/response/DiskOfferingResponse.java 
> 91bd441 
>   api/src/org/apache/cloudstack/api/response/ServiceOfferingResponse.java 
> 764ade5 
>   api/src/org/apache/cloudstack/api/response/VolumeResponse.java 45c15da 
>   client/WEB-INF/classes/resources/messages.properties 8abe874 
>   core/src/org/apache/cloudstack/storage/to/VolumeObjectTO.java 11a3324 
>   
> engine/orchestration/src/org/apache/cloudstack/engine/orchestration/VolumeOrchestrator.java
>  c5e0983 
>   engine/orchestration/test/com/cloud/vm/VirtualMachineManagerImplTest.java 
> 49b2fc5 
>   engine/schema/src/com/cloud/service/ServiceOfferingVO.java 3be0aaa 
>   engine/schema/src/com/cloud/storage/DiskOfferingVO.java 99214b2 
>   engine/schema/src/com/cloud/storage/VolumeVO.java 9f27c23 
>   
> engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeObject.java
>  385f8e6 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
>  beb5e10 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtStorageVolumeDef.java
>  35777cf 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/IscsiAdmStorageAdaptor.java
>  761bb37 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/IscsiAdmStoragePool.java
>  2cecfa3 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePool.java
>  ca3d32f 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java
>  583d48a 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java
>  604bdae 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
>  61d90e9 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStoragePool.java
>  605d154 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/StorageAdaptor.java
>  c751aab 
>   plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/qemu/QemuImg.java 
> 4bec375 
>   
> plugins/hypervisors/kvm/test/org/apache/cloudstack/utils/qemu/QemuImgTest.java
>  8bdff4d 
>   
> plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
>  2a7bcac 
>   
> plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java
>  89707c9 
>   
> plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java
>  f418586 
>   
> plugins/network-elements/internal-loadbalancer/

Re: Review Request 19446: CLOUDSTACK-6191: Volume provisioning type option

2014-04-09 Thread Marcus Sorensen



> On April 10, 2014, 12:16 a.m., Marcus Sorensen wrote:
> > engine/orchestration/src/org/apache/cloudstack/engine/orchestration/VolumeOrchestrator.java,
> >  line 1270
> > 
> >
> > Building to test now.
> > 
> > Does this patch contain changes that are unrelated to the feature? Or 
> > are changes such as this integral to the function of the feature?

Sorry, I don't see this in the final patch. I think I clicked on the diff 
between r3 and r4.


- Marcus


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19446/#review39968
---


On April 9, 2014, 10:58 p.m., Yoshikazu Nojima wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19446/
> ---
> 
> (Updated April 9, 2014, 10:58 p.m.)
> 
> 
> Review request for cloudstack, Mike Tutkowski, Marcus Sorensen, and Wido den 
> Hollander.
> 
> 
> Bugs: CLOUDSTACK-6191
> https://issues.apache.org/jira/browse/CLOUDSTACK-6191
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> purpose:
> Thin provisioning of a volume saves consumption of a storage, and fat 
> provisioning minimizes IOPS performance overhead.
> This feature adds a disk offering parameter to provide users an option to 
> select how to provision volumes.
> Especially, qcow2 format is known that its performance can be improved by 
> deploying a volume as a sparse file.[1] This feature also supports sparse 
> provisioning.
> 
> 
> http://itscblog.tamu.edu/improve-disk-io-performance-in-kvm/#.232---preallocation
> 
> Scope:
> First, start with KVM+NFS installation.
> Leave rooms to support other hypervisors.
> 
> For more details please refer fs: 
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Volume+provisioning+type+option
> 
> 
> Diffs
> -
> 
>   api/src/com/cloud/offering/DiskOffering.java 4641b9a 
>   api/src/com/cloud/storage/Storage.java 8ab2463 
>   api/src/com/cloud/storage/Volume.java 304dbcf 
>   api/src/com/cloud/vm/DiskProfile.java 5fdacf2 
>   api/src/org/apache/cloudstack/api/ApiConstants.java c7d6da1 
>   
> api/src/org/apache/cloudstack/api/command/admin/offering/CreateDiskOfferingCmd.java
>  67c9792 
>   
> api/src/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java
>  6cd5d84 
>   api/src/org/apache/cloudstack/api/response/DiskOfferingResponse.java 
> 91bd441 
>   api/src/org/apache/cloudstack/api/response/ServiceOfferingResponse.java 
> 764ade5 
>   api/src/org/apache/cloudstack/api/response/VolumeResponse.java 45c15da 
>   client/WEB-INF/classes/resources/messages.properties 8abe874 
>   core/src/org/apache/cloudstack/storage/to/VolumeObjectTO.java 11a3324 
>   
> engine/orchestration/src/org/apache/cloudstack/engine/orchestration/VolumeOrchestrator.java
>  c5e0983 
>   engine/orchestration/test/com/cloud/vm/VirtualMachineManagerImplTest.java 
> 49b2fc5 
>   engine/schema/src/com/cloud/service/ServiceOfferingVO.java 3be0aaa 
>   engine/schema/src/com/cloud/storage/DiskOfferingVO.java 99214b2 
>   engine/schema/src/com/cloud/storage/VolumeVO.java 9f27c23 
>   
> engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeObject.java
>  385f8e6 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
>  beb5e10 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtStorageVolumeDef.java
>  35777cf 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/IscsiAdmStorageAdaptor.java
>  761bb37 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/IscsiAdmStoragePool.java
>  2cecfa3 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePool.java
>  ca3d32f 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java
>  583d48a 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java
>  604bdae 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
>  61d90e9 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStoragePool.java
>  605d154 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/StorageAdaptor.java
>  c751aab 
>   plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/qemu/QemuImg.java 
> 4bec375 
>   
> plugins/hypervisors/kvm/test/org/apache/cloudstack/utils/qemu/QemuImgTest.java
>  8bdff4d 
>   
> plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
>  2a7bcac 
>   
> plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerIm

Re: OpenSSL vunerability (bleedheart)

2014-04-09 Thread Kelven Yang

What is the process name of that daemon in CPVM? I remember that we only
have SSH and HTTPS port open in console proxy, and the later one is
running Java based SSL engine.

Kelven

On 4/9/14, 1:38 PM, "John Kinsella"  wrote:

>CPVM runs a monit daemon which is at least linked to libssl. I haven¹t
>taken more than peek at that yet - I think SSL is configured off by
>default butŠyeah sorry will have to look at that closer.
>
>Regarding the trusted IPs - I only attempted to test one SSVM from
>http://filippo.io/Heartbleed/ and it was a) publicly accessible and b)
>vulnerable, so trust didn¹t really enter into the equation.
>
>I already adjusted the blog post re: VR and earlier versions of ACS.
>
>John
>
>On Apr 9, 2014, at 12:15 PM, Animesh Chaturvedi
>mailto:animesh.chaturv...@citrix.com>>
>wrote:
>
>Courtesy Chiradeep
>
>
>- CPVM uses JSSE so that should not be affected
>- VR is not affected since it does not offer any HTTPS/TLS service. The
>RA VPN and S2S VPN use the OpenSSL lib only for crypto and not for any
>transport
>- The only vulnerable service is the volume upload service and template
>copy. The latter is between 2 trusted IPs
>- Also this should only affect SSVM template from 4.2 onwards as only
>wheezy is affected
>
>Thanks
>Animesh
>-Original Message-
>From: John Kinsella [mailto:j...@stratosec.co]
>Sent: Wednesday, April 09, 2014 11:07 AM
>To: dev@cloudstack.apache.org
>Subject: Re: OpenSSL vunerability (bleedheart)
>
>I want to address a few things here directly (I think these are covered
>in the
>blog post, if not ping me)
>
>* Current SSVM from 4.3 is not good enough.
>* Yes, each SystemVM runs software that needs OpenSSL. For the curious,
>see "lsof|grep -i ssl"
>* I'm not sure if the current SystemVM template on Jenkins is secure,
>we're
>testing that currently and will update once confirmed.
>* Assume if you see us releasing a blog post about a security issue,
>there's a
>security issue (QED HTH HAND)
>* Realhostip uses SSL, but not on the SystemVMs. If you're using
>realhostIP,
>it doesn't matter what version of OSSL you use, you're still insecure.
>Horse:
>beaten.
>* Chiradeep's correct, 4.1 and older are not vulnerable. Post updated
>again.
>
>I think that covers the questions...running around doing a few things but
>this
>is very high on our priority list.
>
>(snarky comments are meant to be funny not insulting/condescending)
>
>On Apr 9, 2014, at 10:19 AM, John Kinsella
>mailto:j...@stratosec.co>>
>wrote:
>
>To my knowledge, no code change is necessary just a rebuild.  - j
>
>Please excuse typos - sent from mobile device.
>
>- Reply message -
>From: "Rayees Namathponnan"
>mailto:rayees.namathpon...@citrix.com>lto:rayees.namathpon...@citrix.co
>m>>
>To: 
>"dev@cloudstack.apache.orgoudstack.apache.org>"
>mailto:dev@cloudstack.apache.org>oudstack.apache.org>>
>Subject: OpenSSL vunerability (bleedheart)
>Date: Wed, Apr 9, 2014 10:13 AM
>
>Even if we get latest systemvm template from
>http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-systemvm/ . ,
>it
>has openssl 1.0.1e-2+deb7u4 ?
>
>Is there any code change required to create system template with openssl
>1.0.1e-2+deb7u6  ?
>
>Regards,
>Rayees
>
>-Original Message-
>From: Harikrishna Patnala [mailto:harikrishna.patn...@citrix.com]
>Sent: Wednesday, April 09, 2014 5:15 AM
>To: 
>mailto:dev@cloudstack.apache.org>oudstack.apache.org>>
>Subject: Re: OpenSSL vunerability (bleedheart)
>
>Latest System VMs have openssl 1.0.1e-2+deb7u4. We need to update
>openssl to get 1.0.1e-2+deb7u6.
>
>It will be great if some one can update openssl to 1.0.1e-2+deb7u6 and
>test
>OpenSSL HeartBleed Vulnerability. Right now I could not do it from our
>network.
>
>-Harikrishna
>
>On 09-Apr-2014, at 5:00 pm, Nux!
>mailto:n...@li.nux.ro>>
>wrote:
>
>On 09.04.2014 12:04, Abhinandan Prateek wrote:
>Latest jenkins build template have openSSL version 1.0.1e, the version
>that is
>compromised.
>
>Guys, do not panic.
>It is my understanding that in Debian, just like in RHEL, major versions
>will
>not change, i.e. Debian GNU/Linux 7.0 will EOL with openssl 1.0.1e, but
>they
>will backport stuff.
>
>After I did an "apt-get update && apt-get install openssl" I got package
>version 1.0.1e-2+deb7u6 (dpkg -l|grep openssl) and this package is ok
>according to the changelog:
>
>"aptitude changelog openssl" says:
>
>openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high
>
>* Non-maintainer upload by the Security Team.
>* Enable checking for services that may need to be restarted
>* Update list of services to possibly restart
>
>-- Salvatore Bonaccorso
>mailto:car...@debian.org>>
>Tue, 08 Apr 2014 10:44:53
>+0200
>
>openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high
>
>* Non-maintainer upload by the Security Team.
>* Add CVE-2014-0160.patch patch.
> C

DevCloud with OpenContrail

2014-04-09 Thread Ranjeet R

Hello all

The instructions to download, build from source, install and provision 
OpenContrail Network offering with DevCloud is posted here.

https://github.com/Juniper/contrail-controller/wiki/DevCloud-with-Contrail-setup-instructions

More information about OpenContrail can be found at 
http://opencontrail.org/about/

Please revert back if you have any clarifications with the instructions.

-Ranjeet

RE: Changing Template Ownership

2014-04-09 Thread Likitha Shetty

Donal, today I don't think we can change the ownership of any resource besides 
Virtual Machine. And the FS for that can be found at  
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Change+VM+ownership .

Thanks,
Likitha

-Original Message-
From: Donal Lafferty [mailto:donal.laffe...@citrix.com] 
Sent: Tuesday, April 8, 2014 4:06 PM
To: dev@cloudstack.apache.org
Subject: Changing Template Ownership

The FS for changing ownership suggests it works with templates (see 
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Change+account+membership).

In that case, what is the template equivalent of 
https://cloudstack.apache.org/docs/api/apidocs-4.3/root_admin/assignVirtualMachine.html
 ?

DL

Build failed in Jenkins: build-master-noredist #2589

See 

Changes:

[wido] rbd: Check if a snapshot is protected before trying to unprotect

--
[...truncated 26680 lines...]
[ERROR] 
:[21,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[22,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[23,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[24,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[50,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[51,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[52,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[53,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[54,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[55,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[34,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[35,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[36,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[37,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[38,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[39,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[40,23]
 error: package com.ceph.rbd.jna does not exist
[ERROR] 
:[2372,24]
 error: cannot find symbol
[ERROR] symbol:   class Rados
[ERROR] location: class LibvirtComputingResource
[ERROR] 
:[2372,38]
 error: cannot find symbol
[ERROR] symbol:   class Rados
[ERROR] location: class LibvirtComputingResource
[ERROR] 
:[2379,24]
 error: cannot find symbol
[ERROR] symbol:   class IoCTX
[ERROR] location: class LibvirtComputingResource
[ERROR] 
:[2380,24]
 error: cannot find symbol
[ERROR] symbol:   class Rbd
[ERROR] location: class LibvirtComputingResource
[ERROR]

Re: Review Request 19446: CLOUDSTACK-6191: Volume provisioning type option

2014-04-09 Thread Marcus Sorensen


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19446/#review39986
---


I verified that CLVM, Local, and NFS storage all work. From the agent side the 
code looks fine. I'll defer to Mike regarding the offering changes since he's 
done some work there before.

- Marcus Sorensen


On April 9, 2014, 10:58 p.m., Yoshikazu Nojima wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19446/
> ---
> 
> (Updated April 9, 2014, 10:58 p.m.)
> 
> 
> Review request for cloudstack, Mike Tutkowski, Marcus Sorensen, and Wido den 
> Hollander.
> 
> 
> Bugs: CLOUDSTACK-6191
> https://issues.apache.org/jira/browse/CLOUDSTACK-6191
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> purpose:
> Thin provisioning of a volume saves consumption of a storage, and fat 
> provisioning minimizes IOPS performance overhead.
> This feature adds a disk offering parameter to provide users an option to 
> select how to provision volumes.
> Especially, qcow2 format is known that its performance can be improved by 
> deploying a volume as a sparse file.[1] This feature also supports sparse 
> provisioning.
> 
> 
> http://itscblog.tamu.edu/improve-disk-io-performance-in-kvm/#.232---preallocation
> 
> Scope:
> First, start with KVM+NFS installation.
> Leave rooms to support other hypervisors.
> 
> For more details please refer fs: 
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Volume+provisioning+type+option
> 
> 
> Diffs
> -
> 
>   api/src/com/cloud/offering/DiskOffering.java 4641b9a 
>   api/src/com/cloud/storage/Storage.java 8ab2463 
>   api/src/com/cloud/storage/Volume.java 304dbcf 
>   api/src/com/cloud/vm/DiskProfile.java 5fdacf2 
>   api/src/org/apache/cloudstack/api/ApiConstants.java c7d6da1 
>   
> api/src/org/apache/cloudstack/api/command/admin/offering/CreateDiskOfferingCmd.java
>  67c9792 
>   
> api/src/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java
>  6cd5d84 
>   api/src/org/apache/cloudstack/api/response/DiskOfferingResponse.java 
> 91bd441 
>   api/src/org/apache/cloudstack/api/response/ServiceOfferingResponse.java 
> 764ade5 
>   api/src/org/apache/cloudstack/api/response/VolumeResponse.java 45c15da 
>   client/WEB-INF/classes/resources/messages.properties 8abe874 
>   core/src/org/apache/cloudstack/storage/to/VolumeObjectTO.java 11a3324 
>   
> engine/orchestration/src/org/apache/cloudstack/engine/orchestration/VolumeOrchestrator.java
>  c5e0983 
>   engine/orchestration/test/com/cloud/vm/VirtualMachineManagerImplTest.java 
> 49b2fc5 
>   engine/schema/src/com/cloud/service/ServiceOfferingVO.java 3be0aaa 
>   engine/schema/src/com/cloud/storage/DiskOfferingVO.java 99214b2 
>   engine/schema/src/com/cloud/storage/VolumeVO.java 9f27c23 
>   
> engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeObject.java
>  385f8e6 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
>  beb5e10 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtStorageVolumeDef.java
>  35777cf 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/IscsiAdmStorageAdaptor.java
>  761bb37 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/IscsiAdmStoragePool.java
>  2cecfa3 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePool.java
>  ca3d32f 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java
>  583d48a 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java
>  604bdae 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
>  61d90e9 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStoragePool.java
>  605d154 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/StorageAdaptor.java
>  c751aab 
>   plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/qemu/QemuImg.java 
> 4bec375 
>   
> plugins/hypervisors/kvm/test/org/apache/cloudstack/utils/qemu/QemuImgTest.java
>  8bdff4d 
>   
> plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
>  2a7bcac 
>   
> plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java
>  89707c9 
>   
> plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java
>  f418586 
>   
> plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMServiceTest.java
>  62ca09b 
>   server/src/com/cloud/api/query/dao/DiskOff

Re: Review Request 19446: CLOUDSTACK-6191: Volume provisioning type option

2014-04-09 Thread Mike Tutkowski



> On April 10, 2014, 5:55 a.m., Marcus Sorensen wrote:
> > I verified that CLVM, Local, and NFS storage all work. From the agent side 
> > the code looks fine. I'll defer to Mike regarding the offering changes 
> > since he's done some work there before.

The Disk Offering logic seems to follow our standard patterns.

I know at one point I suggested we might take advantage of a new 
generic-properties concept (like passing key/value pairs around instead of 
putting new columns in DB tables).

As it turns out, though, the person who was working on that feature has 
recently changed companies and no longer has the time to pursue that 
development work.

I expect to pick up that work, but it won't be in place for a least a release 
or two, so we should just go forward (as this code does) with following our 
standard patterns for adding such a property.

Unless anyone else has any comments regarding this review, I am OK with it 
going into master.


- Mike


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/19446/#review39986
---


On April 9, 2014, 10:58 p.m., Yoshikazu Nojima wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/19446/
> ---
> 
> (Updated April 9, 2014, 10:58 p.m.)
> 
> 
> Review request for cloudstack, Mike Tutkowski, Marcus Sorensen, and Wido den 
> Hollander.
> 
> 
> Bugs: CLOUDSTACK-6191
> https://issues.apache.org/jira/browse/CLOUDSTACK-6191
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> purpose:
> Thin provisioning of a volume saves consumption of a storage, and fat 
> provisioning minimizes IOPS performance overhead.
> This feature adds a disk offering parameter to provide users an option to 
> select how to provision volumes.
> Especially, qcow2 format is known that its performance can be improved by 
> deploying a volume as a sparse file.[1] This feature also supports sparse 
> provisioning.
> 
> 
> http://itscblog.tamu.edu/improve-disk-io-performance-in-kvm/#.232---preallocation
> 
> Scope:
> First, start with KVM+NFS installation.
> Leave rooms to support other hypervisors.
> 
> For more details please refer fs: 
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Volume+provisioning+type+option
> 
> 
> Diffs
> -
> 
>   api/src/com/cloud/offering/DiskOffering.java 4641b9a 
>   api/src/com/cloud/storage/Storage.java 8ab2463 
>   api/src/com/cloud/storage/Volume.java 304dbcf 
>   api/src/com/cloud/vm/DiskProfile.java 5fdacf2 
>   api/src/org/apache/cloudstack/api/ApiConstants.java c7d6da1 
>   
> api/src/org/apache/cloudstack/api/command/admin/offering/CreateDiskOfferingCmd.java
>  67c9792 
>   
> api/src/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java
>  6cd5d84 
>   api/src/org/apache/cloudstack/api/response/DiskOfferingResponse.java 
> 91bd441 
>   api/src/org/apache/cloudstack/api/response/ServiceOfferingResponse.java 
> 764ade5 
>   api/src/org/apache/cloudstack/api/response/VolumeResponse.java 45c15da 
>   client/WEB-INF/classes/resources/messages.properties 8abe874 
>   core/src/org/apache/cloudstack/storage/to/VolumeObjectTO.java 11a3324 
>   
> engine/orchestration/src/org/apache/cloudstack/engine/orchestration/VolumeOrchestrator.java
>  c5e0983 
>   engine/orchestration/test/com/cloud/vm/VirtualMachineManagerImplTest.java 
> 49b2fc5 
>   engine/schema/src/com/cloud/service/ServiceOfferingVO.java 3be0aaa 
>   engine/schema/src/com/cloud/storage/DiskOfferingVO.java 99214b2 
>   engine/schema/src/com/cloud/storage/VolumeVO.java 9f27c23 
>   
> engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeObject.java
>  385f8e6 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
>  beb5e10 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtStorageVolumeDef.java
>  35777cf 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/IscsiAdmStorageAdaptor.java
>  761bb37 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/IscsiAdmStoragePool.java
>  2cecfa3 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePool.java
>  ca3d32f 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java
>  583d48a 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java
>  604bdae 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
>  61d90e9 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStoragePool.java
>  605d154 
>   
> plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/StorageAdaptor.java
>  c751aab 
>   plugins/hyper

Re: Review Request 20152: In com.cloud.utils.crypt.EncryptionSecretKeyChecker the key file paths are hard coded

2014-04-09 Thread Kishan Kavala


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/20152/#review39991
---

Ship it!


commit 1d0b14673da2b877112a4030c17496e26cf3f531
Please file a ticket to change key name cloudstack specific like.. 
cloudstack.key

- Kishan Kavala


On April 9, 2014, 6:01 p.m., Damodar Reddy Talakanti wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/20152/
> ---
> 
> (Updated April 9, 2014, 6:01 p.m.)
> 
> 
> Review request for cloudstack, Abhinandan Prateek and Kishan Kavala.
> 
> 
> Bugs: https://issues.apache.org/jira/browse/CLOUDSTACK-6354
> 
> https://issues.apache.org/jira/browse/https://issues.apache.org/jira/browse/CLOUDSTACK-6354
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> In com.cloud.utils.crypt.EncryptionSecretKeyChecker the key file paths are 
> hard coded to "/etc/cloudstack/management/key" which will cause issue if key 
> generation path gets changes during installation time.
> 
> 
> Diffs
> -
> 
>   utils/src/com/cloud/utils/crypt/EncryptionSecretKeyChecker.java 0e995c4 
>   utils/test/com/cloud/utils/crypto/EncryptionSecretKeyCheckerTest.java 
> PRE-CREATION 
> 
> Diff: https://reviews.apache.org/r/20152/diff/
> 
> 
> Testing
> ---
> 
> Tested with enabling ecnryption.
> 
> 
> Thanks,
> 
> Damodar Reddy Talakanti
> 
>

Build failed in Jenkins: build-master #604

See 

Changes:

[kishan] CLOUDSTACK-6354 : removing the hard coding of key path in 
EncryptionSecretKeyChecker

--
[...truncated 3017 lines...]
[ERROR] 
:[20,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[21,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[22,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[23,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[24,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[50,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[51,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[52,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[53,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[54,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[55,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[34,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[35,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[36,21]
 error: package com.ceph.rados does not exist
[ERROR] 
:[37,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[38,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[39,19]
 error: package com.ceph.rbd does not exist
[ERROR] 
:[40,23]
 error: package com.ceph.rbd.jna does not exist
[ERROR] 
:[2372,24]
 error: cannot find symbol
[ERROR] symbol:   class Rados
[ERROR] location: class LibvirtComputingResource
[ERROR] 
:[2372,38]
 error: cannot find symbol
[ERROR] symbol:   class Rados
[ERROR] location: class LibvirtComputingResource
[ERROR] 
:[2379,24]
 error: cannot find symbol
[ERROR] symbol:   class IoCTX
[ERROR] location: class LibvirtComputingResource
[ERROR] 
:[2380,24]
 error: cannot find symbol
[ERROR] symbol:   class Rbd
[ERROR] location: class LibvirtComputingResource
[ERROR]

Build failed in Jenkins: build-master #605