[GitHub] cloudstack pull request: CLOUDSTACK-8715: Add VirtIO channel to al...

[wido]

Github user wido commented on the pull request:

https://github.com/apache/cloudstack/pull/985#issuecomment-156360759
  
@ustcweizhou Yes, it does. See the patches I posted above.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] cloudstack pull request: CLOUDSTACK-9057 remove old system vm upgr...

[wilderrodrigues]

Github user wilderrodrigues commented on the pull request:

https://github.com/apache/cloudstack/pull/1061#issuecomment-156365263
  
I will test the upgrade, @DaanHoogland and LGTM afterwards.

Cheers,
Wilder


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] cloudstack pull request: CLOUDSTACK-9050 Virtual router should onl...

[wilderrodrigues]

Github user wilderrodrigues commented on the pull request:

https://github.com/apache/cloudstack/pull/1063#issuecomment-156368254
  
@ustcweizhou @dsclose 

Dude, this script is not used anymore! Please test it with maven, or 
manually, and you will see that it doesn't apply.

The only place the file is reference is here ==>


![image](https://cloud.githubusercontent.com/assets/5129209/11142458/ac9693fc-89ed-11e5-9746-e2bc063d08eb.png)

It should have been removed with the Routers Persistent Configuration / 
Redundant VPCs.

I'm glad to help to get the fix in the right place, but please test against 
4.6.0/master using a 4.6.0 SystemVM.

Cheers,
Wilder


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] cloudstack pull request: CLOUDSTACK-9050 Virtual router should onl...

[wilderrodrigues]

Github user wilderrodrigues commented on the pull request:

https://github.com/apache/cloudstack/pull/1063#issuecomment-156379177
  
@dsclose, please have a look at:

```
./cloud-systemvm/patches/debian/config/opt/cloud/bin/configure.py
```

Cheers,
Wilder


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] cloudstack pull request: CLOUDSTACK-9050 Virtual router should onl...

[wilderrodrigues]

Github user wilderrodrigues commented on the pull request:

https://github.com/apache/cloudstack/pull/1063#issuecomment-156382390
  
@dsclose 

Scripts not in use since 4.6.0:

```
public static final String FIREWALL_EGRESS = "firewall_egress.sh";
public static final String IPASSOC = "ipassoc.sh";
public static final String VMDATA = "vmdata.py";
public static final String VPC_ACL = "vpc_acl.sh";
public static final String VPC_GUEST_NETWORK = "vpc_guestnw.sh";
public static final String VPC_PRIVATEGW_ACL = "vpc_privategw_acl.sh";
public static final String VPC_STATIC_NAT = "vpc_staticnat.sh";
public static final String VPC_STATIC_ROUTE = "vpc_staticroute.sh";
public static final String S2SVPN_IPSEC = "ipsectunnel.sh";
public static final String DHCP = "edithosts.sh";
public static final String DNSMASQ_CONFIG = "dnsmasq.sh";
public static final String FIREWALL_INGRESS = "firewall_ingress.sh";
public static final String FIREWALL_NAT = "firewall_nat.sh";
public static final String IPALIAS_CREATE = "createipAlias.sh";
public static final String IPALIAS_DELETE = "deleteipAlias.sh";
public static final String LB = "loadbalancer.sh";
public static final String MONITOR_SERVICE = "monitor_service.sh";
public static final String PASSWORD = "savepassword.sh";
public static final String VPC_IPASSOC = "vpc_ipassoc.sh";
public static final String VPC_LB = "vpc_loadbalancer.sh";
public static final String VPC_PRIVATEGW = "vpc_privateGateway.sh";
public static final String VPC_PORTFORWARDING = "vpc_portforwarding.sh";
public static final String VPC_SOURCE_NAT = "vpc_snat.sh";
public static final String VPN_L2TP = "vpn_l2tp.sh";
```

I will remove all of them from the project to avoid misunderstands.

Cheers,
Wilder


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] cloudstack pull request: CLOUDSTACK-9050 Virtual router should onl...

[borisroman]

Github user borisroman commented on the pull request:

https://github.com/apache/cloudstack/pull/1063#issuecomment-156384240
  
@dsclose Thanks for your PR, it shows support! As the script is not in use 
anymore, would you close the PR?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] cloudstack pull request: update for comment in cancelMaintin on st...

[wenwenxiong]

GitHub user wenwenxiong opened a pull request:

https://github.com/apache/cloudstack/pull/1065

update for comment in cancelMaintin on start VR

change comment 
//if the instance is of type ssvm, call the ssvm manager
to
//if the instance is of type domain router vm, call the network manager

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/wenwenxiong/cloudstack patch-1

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/cloudstack/pull/1065.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #1065


commit 3fb23012f81a492c0fb599d71d3f23849b493ec7
Author: wenwenxiong 
Date:   2015-11-13T10:10:14Z

update for comment in cancelMaintin on start VR

change comment 
//if the instance is of type ssvm, call the ssvm manager
to
//if the instance is of type domain router vm, call the network manager




---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] cloudstack pull request: update for comment in cancelMaintin on st...

[wilderrodrigues]

Github user wilderrodrigues commented on the pull request:

https://github.com/apache/cloudstack/pull/1065#issuecomment-156388025
  
Harmless commit, LGTM.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] cloudstack pull request: update for comment in cancelMaintin on st...

[borisroman]

Github user borisroman commented on the pull request:

https://github.com/apache/cloudstack/pull/1065#issuecomment-156394882
  
LGTM :+1: 

Improving comments, always :+1: 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Re: [DISCUSS] Shared Networks on Nicira NVP Plugin

[Rajani Karuturi]

Hi Nicolas,
Right now master is frozen and RC2 is in progress (welcome to test and got :)). 
Once RC2 is voted, 4.6 branch would be created and master would become 4.7
At this point, schema-460to470.sql will also be created on master. Your changes 
should go in this file.
4.6.* will only be a bug fix releases(preferably no sql changes).

Thanks,
~ Rajani







On 11/11/15, 12:58 AM, "Nicolás Vázquez"  wrote:

>Hi all,
>
>I'm working on supporting Shared Networks on the Nicira NVP Plugin.
>
>I see *nicira_nvp_router_map* table has a unique index on
>*logicalrouter_uuid*, but changes I'm working on will allow shared networks
>to connect to the same router, so I'll need to remove that index. (ALTER
>TABLE `cloud`.`nicira_nvp_router_map` drop index `logicalrouter_uuid`;)
>
>I saw on the docs that there are upgrading schema scripts on *setup/db/db*,
>but I would like to ask you if it is ok to include alter table line on
>*setup/db/db/schema-452to460.sql
>*or would it be better to create a new file including it? In this case,
>which will be the next CS version: 4.6.1 or 4.7.0? (just for naming it
>*schema-460to461.sql* or *schema-460to470.sql*)
>
>Thanks,
>Nicolas

[GitHub] cloudstack pull request: CLOUDSTACK-9050 Virtual router should onl...

[DaanHoogland]

Github user DaanHoogland commented on the pull request:

https://github.com/apache/cloudstack/pull/1063#issuecomment-15648
  
@borisroman @dsclose how about changing it to a pr that removes the script 
;)


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] cloudstack pull request: update for comment in cancelMaintin on st...

[DaanHoogland]

Github user DaanHoogland commented on the pull request:

https://github.com/apache/cloudstack/pull/1065#issuecomment-156400401
  
Not sure if we need this comment but the old version was a harmfull 
misqguidance, the new one is correct. LGTM


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Re: [VOTE] Apache CloudStack 4.6.0 (round 2)

[Rajani Karuturi]

+1 (Binding)

setup: RHEL 6.5 Management server, xen 6.5 Hypervisor, NFS storage, Advanced 
zone without sg
(Manual testing)
Rpm creation, install worked fine 
Was able to succesfully launch a vm, destroy etc. 
Upload template worked fine
LDAP new as well existing integration worked fine
RabbitMQ integration and publishing of events worked fine
Creation of isolated networks, acquiring Ips, egress rules, firewalls etc, all 
worked fine.


Thanks,
~ Rajani








On 13/11/15, 12:27 PM, "Raja Pullela"  wrote:

>+1
>
>BVTs shown consistent passrates and the failures are all test cases issues.
>Here is the latest update on the BVT side:
>KVM Basic  98.6% - 1 test failed/test case issue
>Xen Basic 96.9% - 2 tests failed/test case issue
>KVM Adv 96.3 % - 4 tests failed/test case issues
>Xen Adv 93.4% - 7 tests failed/test case issues
>Hyperv Adv 93.3% - 7 tests failed/test case issues
>
>Failed Tests:
>- 
>integration.smoke.test_vpc_vpn.TestVpcRemoteAccessVpn.test_vpc_remote_access_vpn
>- integration.smoke.test_vpc_vpn.TestVpcSite2SiteVpn.test_vpc_site2site_vpn
>- 
>integration.smoke.test_internal_lb.TestInternalLb.test02_internallb_haproxy_stats_on_all_interfaces
>- 
>integration.smoke.test_internal_lb.TestInternalLb.test_01_internallb_roundrobin_1VPC_3VM_HTTP_port80
>- 
>integration.smoke.test_over_provisioning.TestUpdateOverProvision.test_UpdateStorageOverProvisioningFactor
>- integration.smoke.test_iso.TestISO.test_07_list_default_iso
>- :setup
>- 
>integration.smoke.test_vm_snapshots.TestSnapshots.test_01_test_vm_volume_snapshot
>
>-Original Message-
>From: Nux! [mailto:n...@li.nux.ro] 
>Sent: Wednesday, November 11, 2015 8:43 PM
>To: dev@cloudstack.apache.org
>Subject: Re: [VOTE] Apache CloudStack 4.6.0 (round 2)
>
>Ok, I'm changing my vote to:
>
>+1 (binding)
>
>The upgrade issue I had was a known one, easily fixed thanks to Wilder, should 
>be mentioned in the upgrade docs though.
>
>I tested KVM with CentOS 6 HVs and Adv+SG zone. Security groups work, basic 
>functions works, restore from snapshot works, create volume/template from 
>snapshot works etc.
>
>Looks good!
>
>Lucian
>
>--
>Sent from the Delta quadrant using Borg technology!
>
>Nux!
>www.nux.ro
>
>- Original Message -
>> From: "Nux!" 
>> To: dev@cloudstack.apache.org
>> Sent: Wednesday, 11 November, 2015 12:11:37
>> Subject: Re: [VOTE] Apache CloudStack 4.6.0 (round 2)
>
>> -1
>> 
>> I'm testing upgrade from 4.4.1 (what we run in production) to 4.6.0 
>> and have hit
>> 2 issues.
>> 
>> 1 - minor packaging issue, upgrading to 4.6.0 makes 
>> cloudstack-awsapi-4.4.1 complain about missing deps; rpm -e --nodeps 
>> cloudstack-awsapi gets rid of the problem, perhaps there's a better 
>> way to obsolete this package
>> 
>> 2 - after upgrading the packages to 4.6.0, the mgmt server complains 
>> the 4.5 systemvm is missing - wtf?
>> opened https://issues.apache.org/jira/browse/CLOUDSTACK-9056 for this 
>> with more info
>> 
>> Lucian
>> 
>> --
>> Sent from the Delta quadrant using Borg technology!
>> 
>> Nux!
>> www.nux.ro
>> 
>> - Original Message -
>>> From: "Remi Bergsma" 
>>> To: dev@cloudstack.apache.org
>>> Sent: Tuesday, 10 November, 2015 15:03:03
>>> Subject: [VOTE] Apache CloudStack 4.6.0 (round 2)
>> 
>>> Hi all,
>>> 
>>> I've created a 4.6.0 release candidate, with the following artifacts 
>>> up for a
>>> vote:
>>> 
>>> Git Branch and Commit SH:
>>> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h
>>> =4.6.0-RC20151110T1545
>>> 
>>> Commit: e31ade03c66368c64f0cd66cb7b0b754cddfb79d
>>> 
>>> Source release (checksums and signatures are available at the same
>>> location):
>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.6.0/
>>> 
>>> PGP release keys (signed using A47DDC4F):
>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>> 
>>> Vote will be open for at least 72 hours.
>>> 
>>> For sanity in tallying the vote, can PMC members please be sure to 
>>> indicate "(binding)" with their vote?
>>> 
>>> [ ] +1  approve
>>> [ ] +0  no opinion
>> > [ ] -1  disapprove (and reason why)

Re: [VOTE] Apache CloudStack 4.6.0 (round 2)

[Daan Hoogland]

+1 (binding) tentative, all my reasons to vote in the previous rc still
stand and the improvements on centos7 packaging are fine. I wanted to do
extra tests on upgrades hence tentative but it seems I wont make the
deadline.

On Fri, Nov 13, 2015 at 12:40 PM, Rajani Karuturi <
rajani.karut...@citrix.com> wrote:

> +1 (Binding)
>
> setup: RHEL 6.5 Management server, xen 6.5 Hypervisor, NFS storage,
> Advanced zone without sg
> (Manual testing)
> Rpm creation, install worked fine
> Was able to succesfully launch a vm, destroy etc.
> Upload template worked fine
> LDAP new as well existing integration worked fine
> RabbitMQ integration and publishing of events worked fine
> Creation of isolated networks, acquiring Ips, egress rules, firewalls etc,
> all worked fine.
>
>
> Thanks,
> ~ Rajani
>
>
>
>
>
>
>
>
> On 13/11/15, 12:27 PM, "Raja Pullela"  wrote:
>
> >+1
> >
> >BVTs shown consistent passrates and the failures are all test cases
> issues.
> >Here is the latest update on the BVT side:
> >KVM Basic  98.6% - 1 test failed/test case issue
> >Xen Basic 96.9% - 2 tests failed/test case issue
> >KVM Adv 96.3 % - 4 tests failed/test case issues
> >Xen Adv 93.4% - 7 tests failed/test case issues
> >Hyperv Adv 93.3% - 7 tests failed/test case issues
> >
> >Failed Tests:
> >-
> integration.smoke.test_vpc_vpn.TestVpcRemoteAccessVpn.test_vpc_remote_access_vpn
> >-
> integration.smoke.test_vpc_vpn.TestVpcSite2SiteVpn.test_vpc_site2site_vpn
> >-
> integration.smoke.test_internal_lb.TestInternalLb.test02_internallb_haproxy_stats_on_all_interfaces
> >-
> integration.smoke.test_internal_lb.TestInternalLb.test_01_internallb_roundrobin_1VPC_3VM_HTTP_port80
> >-
> integration.smoke.test_over_provisioning.TestUpdateOverProvision.test_UpdateStorageOverProvisioningFactor
> >- integration.smoke.test_iso.TestISO.test_07_list_default_iso
> >- :setup
> >-
> integration.smoke.test_vm_snapshots.TestSnapshots.test_01_test_vm_volume_snapshot
> >
> >-Original Message-
> >From: Nux! [mailto:n...@li.nux.ro]
> >Sent: Wednesday, November 11, 2015 8:43 PM
> >To: dev@cloudstack.apache.org
> >Subject: Re: [VOTE] Apache CloudStack 4.6.0 (round 2)
> >
> >Ok, I'm changing my vote to:
> >
> >+1 (binding)
> >
> >The upgrade issue I had was a known one, easily fixed thanks to Wilder,
> should be mentioned in the upgrade docs though.
> >
> >I tested KVM with CentOS 6 HVs and Adv+SG zone. Security groups work,
> basic functions works, restore from snapshot works, create volume/template
> from snapshot works etc.
> >
> >Looks good!
> >
> >Lucian
> >
> >--
> >Sent from the Delta quadrant using Borg technology!
> >
> >Nux!
> >www.nux.ro
> >
> >- Original Message -
> >> From: "Nux!" 
> >> To: dev@cloudstack.apache.org
> >> Sent: Wednesday, 11 November, 2015 12:11:37
> >> Subject: Re: [VOTE] Apache CloudStack 4.6.0 (round 2)
> >
> >> -1
> >>
> >> I'm testing upgrade from 4.4.1 (what we run in production) to 4.6.0
> >> and have hit
> >> 2 issues.
> >>
> >> 1 - minor packaging issue, upgrading to 4.6.0 makes
> >> cloudstack-awsapi-4.4.1 complain about missing deps; rpm -e --nodeps
> >> cloudstack-awsapi gets rid of the problem, perhaps there's a better
> >> way to obsolete this package
> >>
> >> 2 - after upgrading the packages to 4.6.0, the mgmt server complains
> >> the 4.5 systemvm is missing - wtf?
> >> opened https://issues.apache.org/jira/browse/CLOUDSTACK-9056 for this
> >> with more info
> >>
> >> Lucian
> >>
> >> --
> >> Sent from the Delta quadrant using Borg technology!
> >>
> >> Nux!
> >> www.nux.ro
> >>
> >> - Original Message -
> >>> From: "Remi Bergsma" 
> >>> To: dev@cloudstack.apache.org
> >>> Sent: Tuesday, 10 November, 2015 15:03:03
> >>> Subject: [VOTE] Apache CloudStack 4.6.0 (round 2)
> >>
> >>> Hi all,
> >>>
> >>> I've created a 4.6.0 release candidate, with the following artifacts
> >>> up for a
> >>> vote:
> >>>
> >>> Git Branch and Commit SH:
> >>> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h
> >>> =4.6.0-RC20151110T1545
> >>>
> >>> Commit: e31ade03c66368c64f0cd66cb7b0b754cddfb79d
> >>>
> >>> Source release (checksums and signatures are available at the same
> >>> location):
> >>> https://dist.apache.org/repos/dist/dev/cloudstack/4.6.0/
> >>>
> >>> PGP release keys (signed using A47DDC4F):
> >>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
> >>>
> >>> Vote will be open for at least 72 hours.
> >>>
> >>> For sanity in tallying the vote, can PMC members please be sure to
> >>> indicate "(binding)" with their vote?
> >>>
> >>> [ ] +1  approve
> >>> [ ] +0  no opinion
> >> > [ ] -1  disapprove (and reason why)
>



-- 
Daan

[GitHub] cloudstack pull request: CLOUDSTACK-9050 Virtual router should onl...

[borisroman]

Github user borisroman commented on the pull request:

https://github.com/apache/cloudstack/pull/1063#issuecomment-156414832
  
@DaanHoogland That's already being done by @wilderrodrigues. Therefore this 
one is obsolete.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Re: [VOTE] Apache CloudStack 4.6.0 (round 2)

[Milamber]

Hello,

My vote : +1 (binding)

Tests on Ubuntu 14.04 / KVM / Adv Network without SG

Some tests (register template, create vm, create network, etc) with the 
ansible cloudstack module : ok
Manual tests (register template, create vm, migration, start/stop vm, 
user mgt, snapshot volume, view stats) with French UI : OK


Checking if the localization of all languages displays correctly : OK 
(without Javascript errors).
Just note: with Spanish and Arabic, some strings have some corrupted 
characters, needs to be fixed by the translators on Transifex (I follow 
this issue with translators)


Thanks to the RM team.

Milamber

On 10/11/2015 15:03, Remi Bergsma wrote:

Hi all,

I've created a 4.6.0 release candidate, with the following artifacts up for a 
vote:

Git Branch and Commit SH:
https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=4.6.0-RC20151110T1545

Commit: e31ade03c66368c64f0cd66cb7b0b754cddfb79d

Source release (checksums and signatures are available at the same
location):
https://dist.apache.org/repos/dist/dev/cloudstack/4.6.0/

PGP release keys (signed using A47DDC4F):
https://dist.apache.org/repos/dist/release/cloudstack/KEYS

Vote will be open for at least 72 hours.

For sanity in tallying the vote, can PMC members please be sure to indicate 
"(binding)" with their vote?

[ ] +1  approve
[ ] +0  no opinion
[ ] -1  disapprove (and reason why)

Build failed in Jenkins: build-4.6-api-docs #1

[jenkins]

See 

--
[...truncated 34 lines...]
[INFO] Apache CloudStack Utils
[INFO] Apache CloudStack Framework
[INFO] Apache CloudStack Framework - Event Notification
[INFO] Apache CloudStack Framework - Configuration
[INFO] Apache CloudStack API
[INFO] Apache CloudStack Framework - REST
[INFO] Apache CloudStack Framework - IPC
[INFO] Apache CloudStack Cloud Engine
[INFO] Apache CloudStack Cloud Engine API
[INFO] Apache CloudStack Framework - Security
[INFO] Apache CloudStack Core
[INFO] Apache CloudStack Agents
[INFO] Apache CloudStack Framework - Clustering
[INFO] Apache CloudStack Framework - Event Notification
[INFO] Apache CloudStack Cloud Engine Schema Component
[INFO] Apache CloudStack Framework - Jobs
[INFO] Apache CloudStack Cloud Engine Internal Components API
[INFO] Apache CloudStack Server
[INFO] Apache CloudStack Usage Server
[INFO] Apache CloudStack Cloud Engine Orchestration Component
[INFO] Apache CloudStack Cloud Services
[INFO] Apache CloudStack Secondary Storage
[INFO] Apache CloudStack Secondary Storage Service
[INFO] Apache CloudStack Engine Storage Component
[INFO] Apache CloudStack Engine Storage Volume Component
[INFO] Apache CloudStack Engine Storage Image Component
[INFO] Apache CloudStack Engine Storage Data Motion Component
[INFO] Apache CloudStack Engine Storage Cache Component
[INFO] Apache CloudStack Engine Storage Snapshot Component
[INFO] Apache CloudStack Cloud Engine API
[INFO] Apache CloudStack Cloud Engine Service
[INFO] Apache CloudStack Plugin POM
[INFO] Apache CloudStack Plugin - API Rate Limit
[INFO] Apache CloudStack Plugin - Storage Volume default provider
[INFO] Apache CloudStack Plugin - Storage Volume SolidFire Provider
[INFO] Apache CloudStack Plugin - API SolidFire
[INFO] Apache CloudStack Plugin - API Discovery
[INFO] Apache CloudStack Plugin - ACL Static Role Based
[INFO] Apache CloudStack Plugin - Host Anti-Affinity Processor
[INFO] Apache CloudStack Plugin - Explicit Dedication Processor
[INFO] Apache CloudStack Plugin - User Concentrated Pod Deployment Planner
[INFO] Apache CloudStack Plugin - User Dispersing Deployment Planner
[INFO] Apache CloudStack Plugin - Implicit Dedication Planner
[INFO] Apache CloudStack Plugin - Skip Heurestics Planner
[INFO] Apache CloudStack Plugin - Host Allocator Random
[INFO] Apache CloudStack Plugin - Dedicated Resources
[INFO] Apache CloudStack Plugin - Hypervisor OracleVM
[INFO] Apache CloudStack Plugin - Open vSwitch
[INFO] Apache CloudStack Plugin - Hypervisor XenServer
[INFO] Apache CloudStack Plugin - Hypervisor KVM
[INFO] Apache CloudStack Plugin - RabbitMQ Event Bus
[INFO] Apache CloudStack Plugin - In Memory Event Bus
[INFO] Apache CloudStack Plugin - Kafka Event Bus
[INFO] Apache CloudStack Plugin - Hypervisor Baremetal
[INFO] Apache CloudStack Plugin - Hypervisor UCS
[INFO] Apache CloudStack Plugin - Hypervisor Hyper-V
[INFO] Apache CloudStack Plugin - Hypervisor OracleVM3
[INFO] Apache CloudStack Plugin - Network Elastic Load Balancer
[INFO] Apache CloudStack Plugin - Network Internal Load Balancer
[INFO] Apache CloudStack Framework - Spring Life Cycle
[INFO] Apache CloudStack Plugin - Network Juniper Contrail
[INFO] Apache CloudStack Plugin - Palo Alto
[INFO] Apache CloudStack Plugin - Network Netscaler
[INFO] Apache CloudStack Plugin - Network Nicira NVP
[INFO] Apache CloudStack Plugin - BigSwitch Virtual Network Segment
[INFO] Apache CloudStack Plugin - Network Brocade VCS
[INFO] Apache CloudStack Plugin - Midokura Midonet
[INFO] Apache CloudStack Plugin - Stratosphere SSP
[INFO] Apache CloudStack Plugin - Network Opendaylight
[INFO] Apache CloudStack Plugin - Storage Allocator Random
[INFO] Apache CloudStack Plugin - User Authenticator LDAP
[INFO] Apache CloudStack Plugin - User Authenticator MD5
[INFO] Apache CloudStack Plugin - User Authenticator PBKDF2-SHA-256
[INFO] Apache CloudStack Plugin - User Authenticator Plain Text
[INFO] Apache CloudStack Plugin - User Authenticator SAML2
[INFO] Apache CloudStack Plugin - User Authenticator SHA256 Salted
[INFO] Apache CloudStack Plugin - Dns Notifier Example
[INFO] Apache CloudStack Plugin - Storage Image S3
[INFO] Apache CloudStack Plugin - Storage Image Swift provider
[INFO] Apache CloudStack Plugin - Storage Image default provider
[INFO] Apache CloudStack Plugin - Storage Image sample provider
[INFO] Apache CloudStack Plugin - Storage Volume Nexenta Provider
[INFO] Apache CloudStack Plugin - Storage Volume CloudByte Provider
[INFO] Apache CloudStack Plugin - Storage Volume sample provider
[INFO] Apache CloudStack Plugin - SNMP Alerts
[INFO] Apache CloudStack Plugin - Syslog Alerts
[INFO] Apache CloudStack Plugin - Network VXLAN
[INFO] Apache CloudStack Plugin - GloboDNS
[INFO] Apache CloudStack Plugin - NetApp File System
[INFO] Apache CloudStack Plugin - F5
[INFO] Apache CloudStack Plugin - Juniper SRX
[INFO] Apache CloudStack Plugin - Nuage VSP
[INFO] Apache CloudStack

Build failed in Jenkins: build-4.6-api-docs #2

[jenkins]

See 

--
[...truncated 29 lines...]
[INFO] Apache CloudStack Utils
[INFO] Apache CloudStack Framework
[INFO] Apache CloudStack Framework - Event Notification
[INFO] Apache CloudStack Framework - Configuration
[INFO] Apache CloudStack API
[INFO] Apache CloudStack Framework - REST
[INFO] Apache CloudStack Framework - IPC
[INFO] Apache CloudStack Cloud Engine
[INFO] Apache CloudStack Cloud Engine API
[INFO] Apache CloudStack Framework - Security
[INFO] Apache CloudStack Core
[INFO] Apache CloudStack Agents
[INFO] Apache CloudStack Framework - Clustering
[INFO] Apache CloudStack Framework - Event Notification
[INFO] Apache CloudStack Cloud Engine Schema Component
[INFO] Apache CloudStack Framework - Jobs
[INFO] Apache CloudStack Cloud Engine Internal Components API
[INFO] Apache CloudStack Server
[INFO] Apache CloudStack Usage Server
[INFO] Apache CloudStack Cloud Engine Orchestration Component
[INFO] Apache CloudStack Cloud Services
[INFO] Apache CloudStack Secondary Storage
[INFO] Apache CloudStack Secondary Storage Service
[INFO] Apache CloudStack Engine Storage Component
[INFO] Apache CloudStack Engine Storage Volume Component
[INFO] Apache CloudStack Engine Storage Image Component
[INFO] Apache CloudStack Engine Storage Data Motion Component
[INFO] Apache CloudStack Engine Storage Cache Component
[INFO] Apache CloudStack Engine Storage Snapshot Component
[INFO] Apache CloudStack Cloud Engine API
[INFO] Apache CloudStack Cloud Engine Service
[INFO] Apache CloudStack Plugin POM
[INFO] Apache CloudStack Plugin - API Rate Limit
[INFO] Apache CloudStack Plugin - Storage Volume default provider
[INFO] Apache CloudStack Plugin - Storage Volume SolidFire Provider
[INFO] Apache CloudStack Plugin - API SolidFire
[INFO] Apache CloudStack Plugin - API Discovery
[INFO] Apache CloudStack Plugin - ACL Static Role Based
[INFO] Apache CloudStack Plugin - Host Anti-Affinity Processor
[INFO] Apache CloudStack Plugin - Explicit Dedication Processor
[INFO] Apache CloudStack Plugin - User Concentrated Pod Deployment Planner
[INFO] Apache CloudStack Plugin - User Dispersing Deployment Planner
[INFO] Apache CloudStack Plugin - Implicit Dedication Planner
[INFO] Apache CloudStack Plugin - Skip Heurestics Planner
[INFO] Apache CloudStack Plugin - Host Allocator Random
[INFO] Apache CloudStack Plugin - Dedicated Resources
[INFO] Apache CloudStack Plugin - Hypervisor OracleVM
[INFO] Apache CloudStack Plugin - Open vSwitch
[INFO] Apache CloudStack Plugin - Hypervisor XenServer
[INFO] Apache CloudStack Plugin - Hypervisor KVM
[INFO] Apache CloudStack Plugin - RabbitMQ Event Bus
[INFO] Apache CloudStack Plugin - In Memory Event Bus
[INFO] Apache CloudStack Plugin - Kafka Event Bus
[INFO] Apache CloudStack Plugin - Hypervisor Baremetal
[INFO] Apache CloudStack Plugin - Hypervisor UCS
[INFO] Apache CloudStack Plugin - Hypervisor Hyper-V
[INFO] Apache CloudStack Plugin - Hypervisor OracleVM3
[INFO] Apache CloudStack Plugin - Network Elastic Load Balancer
[INFO] Apache CloudStack Plugin - Network Internal Load Balancer
[INFO] Apache CloudStack Framework - Spring Life Cycle
[INFO] Apache CloudStack Plugin - Network Juniper Contrail
[INFO] Apache CloudStack Plugin - Palo Alto
[INFO] Apache CloudStack Plugin - Network Netscaler
[INFO] Apache CloudStack Plugin - Network Nicira NVP
[INFO] Apache CloudStack Plugin - BigSwitch Virtual Network Segment
[INFO] Apache CloudStack Plugin - Network Brocade VCS
[INFO] Apache CloudStack Plugin - Midokura Midonet
[INFO] Apache CloudStack Plugin - Stratosphere SSP
[INFO] Apache CloudStack Plugin - Network Opendaylight
[INFO] Apache CloudStack Plugin - Storage Allocator Random
[INFO] Apache CloudStack Plugin - User Authenticator LDAP
[INFO] Apache CloudStack Plugin - User Authenticator MD5
[INFO] Apache CloudStack Plugin - User Authenticator PBKDF2-SHA-256
[INFO] Apache CloudStack Plugin - User Authenticator Plain Text
[INFO] Apache CloudStack Plugin - User Authenticator SAML2
[INFO] Apache CloudStack Plugin - User Authenticator SHA256 Salted
[INFO] Apache CloudStack Plugin - Dns Notifier Example
[INFO] Apache CloudStack Plugin - Storage Image S3
[INFO] Apache CloudStack Plugin - Storage Image Swift provider
[INFO] Apache CloudStack Plugin - Storage Image default provider
[INFO] Apache CloudStack Plugin - Storage Image sample provider
[INFO] Apache CloudStack Plugin - Storage Volume Nexenta Provider
[INFO] Apache CloudStack Plugin - Storage Volume CloudByte Provider
[INFO] Apache CloudStack Plugin - Storage Volume sample provider
[INFO] Apache CloudStack Plugin - SNMP Alerts
[INFO] Apache CloudStack Plugin - Syslog Alerts
[INFO] Apache CloudStack Plugin - Network VXLAN
[INFO] Apache CloudStack Plugin - GloboDNS
[INFO] Apache CloudStack Plugin - NetApp File System
[INFO] Apache CloudStack Plugin - F5
[INFO] Apache CloudStack Plugin - Juniper SRX
[INFO] Apache CloudStack Plugin - Nuage VSP
[INFO] Apache CloudStack

Build failed in Jenkins: build-4.6-api-docs #3

[jenkins]

See 

--
[...truncated 28 lines...]
[INFO] Apache CloudStack Utils
[INFO] Apache CloudStack Framework
[INFO] Apache CloudStack Framework - Event Notification
[INFO] Apache CloudStack Framework - Configuration
[INFO] Apache CloudStack API
[INFO] Apache CloudStack Framework - REST
[INFO] Apache CloudStack Framework - IPC
[INFO] Apache CloudStack Cloud Engine
[INFO] Apache CloudStack Cloud Engine API
[INFO] Apache CloudStack Framework - Security
[INFO] Apache CloudStack Core
[INFO] Apache CloudStack Agents
[INFO] Apache CloudStack Framework - Clustering
[INFO] Apache CloudStack Framework - Event Notification
[INFO] Apache CloudStack Cloud Engine Schema Component
[INFO] Apache CloudStack Framework - Jobs
[INFO] Apache CloudStack Cloud Engine Internal Components API
[INFO] Apache CloudStack Server
[INFO] Apache CloudStack Usage Server
[INFO] Apache CloudStack Cloud Engine Orchestration Component
[INFO] Apache CloudStack Cloud Services
[INFO] Apache CloudStack Secondary Storage
[INFO] Apache CloudStack Secondary Storage Service
[INFO] Apache CloudStack Engine Storage Component
[INFO] Apache CloudStack Engine Storage Volume Component
[INFO] Apache CloudStack Engine Storage Image Component
[INFO] Apache CloudStack Engine Storage Data Motion Component
[INFO] Apache CloudStack Engine Storage Cache Component
[INFO] Apache CloudStack Engine Storage Snapshot Component
[INFO] Apache CloudStack Cloud Engine API
[INFO] Apache CloudStack Cloud Engine Service
[INFO] Apache CloudStack Plugin POM
[INFO] Apache CloudStack Plugin - API Rate Limit
[INFO] Apache CloudStack Plugin - Storage Volume default provider
[INFO] Apache CloudStack Plugin - Storage Volume SolidFire Provider
[INFO] Apache CloudStack Plugin - API SolidFire
[INFO] Apache CloudStack Plugin - API Discovery
[INFO] Apache CloudStack Plugin - ACL Static Role Based
[INFO] Apache CloudStack Plugin - Host Anti-Affinity Processor
[INFO] Apache CloudStack Plugin - Explicit Dedication Processor
[INFO] Apache CloudStack Plugin - User Concentrated Pod Deployment Planner
[INFO] Apache CloudStack Plugin - User Dispersing Deployment Planner
[INFO] Apache CloudStack Plugin - Implicit Dedication Planner
[INFO] Apache CloudStack Plugin - Skip Heurestics Planner
[INFO] Apache CloudStack Plugin - Host Allocator Random
[INFO] Apache CloudStack Plugin - Dedicated Resources
[INFO] Apache CloudStack Plugin - Hypervisor OracleVM
[INFO] Apache CloudStack Plugin - Open vSwitch
[INFO] Apache CloudStack Plugin - Hypervisor XenServer
[INFO] Apache CloudStack Plugin - Hypervisor KVM
[INFO] Apache CloudStack Plugin - RabbitMQ Event Bus
[INFO] Apache CloudStack Plugin - In Memory Event Bus
[INFO] Apache CloudStack Plugin - Kafka Event Bus
[INFO] Apache CloudStack Plugin - Hypervisor Baremetal
[INFO] Apache CloudStack Plugin - Hypervisor UCS
[INFO] Apache CloudStack Plugin - Hypervisor Hyper-V
[INFO] Apache CloudStack Plugin - Hypervisor OracleVM3
[INFO] Apache CloudStack Plugin - Network Elastic Load Balancer
[INFO] Apache CloudStack Plugin - Network Internal Load Balancer
[INFO] Apache CloudStack Framework - Spring Life Cycle
[INFO] Apache CloudStack Plugin - Network Juniper Contrail
[INFO] Apache CloudStack Plugin - Palo Alto
[INFO] Apache CloudStack Plugin - Network Netscaler
[INFO] Apache CloudStack Plugin - Network Nicira NVP
[INFO] Apache CloudStack Plugin - BigSwitch Virtual Network Segment
[INFO] Apache CloudStack Plugin - Network Brocade VCS
[INFO] Apache CloudStack Plugin - Midokura Midonet
[INFO] Apache CloudStack Plugin - Stratosphere SSP
[INFO] Apache CloudStack Plugin - Network Opendaylight
[INFO] Apache CloudStack Plugin - Storage Allocator Random
[INFO] Apache CloudStack Plugin - User Authenticator LDAP
[INFO] Apache CloudStack Plugin - User Authenticator MD5
[INFO] Apache CloudStack Plugin - User Authenticator PBKDF2-SHA-256
[INFO] Apache CloudStack Plugin - User Authenticator Plain Text
[INFO] Apache CloudStack Plugin - User Authenticator SAML2
[INFO] Apache CloudStack Plugin - User Authenticator SHA256 Salted
[INFO] Apache CloudStack Plugin - Dns Notifier Example
[INFO] Apache CloudStack Plugin - Storage Image S3
[INFO] Apache CloudStack Plugin - Storage Image Swift provider
[INFO] Apache CloudStack Plugin - Storage Image default provider
[INFO] Apache CloudStack Plugin - Storage Image sample provider
[INFO] Apache CloudStack Plugin - Storage Volume Nexenta Provider
[INFO] Apache CloudStack Plugin - Storage Volume CloudByte Provider
[INFO] Apache CloudStack Plugin - Storage Volume sample provider
[INFO] Apache CloudStack Plugin - SNMP Alerts
[INFO] Apache CloudStack Plugin - Syslog Alerts
[INFO] Apache CloudStack Plugin - Network VXLAN
[INFO] Apache CloudStack Plugin - GloboDNS
[INFO] Apache CloudStack Plugin - NetApp File System
[INFO] Apache CloudStack Plugin - F5
[INFO] Apache CloudStack Plugin - Juniper SRX
[INFO] Apache CloudStack Plugin - Nuage VSP
[INFO] Apache CloudStack

Re: [VOTE] Apache CloudStack 4.6.0 (round 2)

[Boris Schrijver]

Hi all,

Hereby my vote for ACS 4.6.0 based on branch 4.6.0-RC20151110T1545.

+1

Based on testing with:
 - KVM Ubuntu 14.04.3
 - Basic networking
 - Ceph (Primary storage)
 - S3 (Secondary storage)
 - NFS (Secondary storage / Staging store)

Tested the following:
 - Template Uploading / Downloading
 - VM Creation / Starting / Stopping / Destroying
 - VM Migration
 - Volume creation / attaching / detaching
 - Snapshot creation / restoring
 - DHCP
 - Metadata server / Password server / SSH keys
 - Security groups ingress- / egress-rules.

Known issues:
 - The folder /var/lib/cloudstack is owned by root, if the install is done by
root. Therefore, when ACS tries to create a directory within it, it will fail.
Setting correct permissions fixes it. chown cloud:cloud /var/lib/cloudstack/
 - Scripts inside
/usr/share/cloudstack-management/webapps/client/WEB-INF/classes/scripts/storage/secondary/
don't have execute permission. Set correct permission using: chmod + x
/usr/share/cloudstack-management/webapps/client/WEB-INF/classes/scripts/storage/secondary/*

Known issues are packaging related and not blocking. They will be fixed in ACS
4.6.1.

-- 

Met vriendelijke groet / Kind regards,

Boris Schrijver

PCextreme B.V.

http://www.pcextreme.nl/contact
Tel direct: +31 6 33784542

> On November 10, 2015 at 4:03 PM Remi Bergsma 
> wrote:
> 
> 
> Hi all,
> 
> I've created a 4.6.0 release candidate, with the following artifacts up for a
> vote:
> 
> Git Branch and Commit SH:
> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=4.6.0-RC20151110T1545
> 
> Commit: e31ade03c66368c64f0cd66cb7b0b754cddfb79d
> 
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.6.0/
> 
> PGP release keys (signed using A47DDC4F):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
> 
> Vote will be open for at least 72 hours.
> 
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
> 
> [ ] +1  approve
> [ ] +0  no opinion
> [ ] -1  disapprove (and reason why)
>

[GitHub] cloudstack pull request: CID-1338387: remove logicless execution c...

[DaanHoogland]

Github user DaanHoogland commented on the pull request:

https://github.com/apache/cloudstack/pull/1056#issuecomment-156430873
  
did the sbp regression tests on this:
```
nosetests --with-marvin --marvin-config=${marvinCfg} -s -a 
tags=advanced,required_hardware=false \
smoke/test_routers.py \
smoke/test_network_acl.py \
smoke/test_privategw_acl.py \
smoke/test_reset_vm_on_reboot.py \
smoke/test_vm_life_cycle.py \
smoke/test_service_offerings.py \
smoke/test_network.py \
component/test_vpc_offerings.py \
component/test_vpc_routers.py
```
```
--
Ran 42 tests in 9311.074s

OK
```
and
```
nosetests --with-marvin --marvin-config=${marvinCfg} -s -a 
tags=advanced,required_hardware=true \
component/test_vpc_redundant.py \
component/test_routers_iptables_default_policy.py \
component/test_routers_network_ops.py \
component/test_vpc_router_nics.py \
component/test_password_server.py \
component/test_router_dhcphosts.py \
smoke/test_loadbalance.py \
smoke/test_internal_lb.py \
smoke/test_ssvm.py \
smoke/test_vpc_vpn.py \
smoke/test_network.py
```
```
--
Ran 33 tests in 17445.193s

OK
```

these do not include ovm tests however and were only run with a 2 kvm host 
config. will run with a 2 xen host config, now


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] cloudstack pull request: CID-1338387: remove logicless execution c...

[rafaelweingartner]

Github user rafaelweingartner commented on the pull request:

https://github.com/apache/cloudstack/pull/1056#issuecomment-156434491
  
Before you run the Xen tests, I think you should apply the changes in 
"XenServerGuru.java" and remove the method "EndPoint selectHypervisorHost(Scope 
scope);" from "EndPointSelector.java"


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Re: [VOTE] Apache CloudStack 4.6.0 (round 2)

[Wido den Hollander]

+1 (binding) from me.

I've verified that 4.6.0 works and I tested ACS 4.6.0 with Boris as he
described below.

Our tests were all with Basic Networking and KVM.

Wido

On 13-11-15 14:10, Boris Schrijver wrote:
> Hi all,
> 
> Hereby my vote for ACS 4.6.0 based on branch 4.6.0-RC20151110T1545.
> 
> +1
> 
> Based on testing with:
>  - KVM Ubuntu 14.04.3
>  - Basic networking
>  - Ceph (Primary storage)
>  - S3 (Secondary storage)
>  - NFS (Secondary storage / Staging store)
> 
> Tested the following:
>  - Template Uploading / Downloading
>  - VM Creation / Starting / Stopping / Destroying
>  - VM Migration
>  - Volume creation / attaching / detaching
>  - Snapshot creation / restoring
>  - DHCP
>  - Metadata server / Password server / SSH keys
>  - Security groups ingress- / egress-rules.
> 
> Known issues:
>  - The folder /var/lib/cloudstack is owned by root, if the install is done by
> root. Therefore, when ACS tries to create a directory within it, it will fail.
> Setting correct permissions fixes it. chown cloud:cloud /var/lib/cloudstack/
>  - Scripts inside
> /usr/share/cloudstack-management/webapps/client/WEB-INF/classes/scripts/storage/secondary/
> don't have execute permission. Set correct permission using: chmod + x
> /usr/share/cloudstack-management/webapps/client/WEB-INF/classes/scripts/storage/secondary/*
> 
> Known issues are packaging related and not blocking. They will be fixed in ACS
> 4.6.1.
> 
> -- 
> 
> Met vriendelijke groet / Kind regards,
> 
> Boris Schrijver
> 
> PCextreme B.V.
> 
> http://www.pcextreme.nl/contact
> Tel direct: +31 6 33784542
> 
>> On November 10, 2015 at 4:03 PM Remi Bergsma 
>> wrote:
>>
>>
>> Hi all,
>>
>> I've created a 4.6.0 release candidate, with the following artifacts up for a
>> vote:
>>
>> Git Branch and Commit SH:
>> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=4.6.0-RC20151110T1545
>>
>> Commit: e31ade03c66368c64f0cd66cb7b0b754cddfb79d
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.6.0/
>>
>> PGP release keys (signed using A47DDC4F):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> Vote will be open for at least 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1  approve
>> [ ] +0  no opinion
>> [ ] -1  disapprove (and reason why)
>>

[GitHub] cloudstack pull request: CID-1338387: remove logicless execution c...

[DaanHoogland]

Github user DaanHoogland commented on the pull request:

https://github.com/apache/cloudstack/pull/1056#issuecomment-156434822
  
@rafaelweingartner too late :cry: is running, next spin.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Re: [VOTE] Apache CloudStack 4.6.0 (round 2)

[Daan Hoogland]

The upgrade test I am planning is not going to happen today. The db is to
big so I'll test in the weekend and report the unlikely event of problems
after the release to be fixed in 4.6.1:

+1 (binding)

On Fri, Nov 13, 2015 at 2:46 PM, Wido den Hollander  wrote:

> +1 (binding) from me.
>
> I've verified that 4.6.0 works and I tested ACS 4.6.0 with Boris as he
> described below.
>
> Our tests were all with Basic Networking and KVM.
>
> Wido
>
> On 13-11-15 14:10, Boris Schrijver wrote:
> > Hi all,
> >
> > Hereby my vote for ACS 4.6.0 based on branch 4.6.0-RC20151110T1545.
> >
> > +1
> >
> > Based on testing with:
> >  - KVM Ubuntu 14.04.3
> >  - Basic networking
> >  - Ceph (Primary storage)
> >  - S3 (Secondary storage)
> >  - NFS (Secondary storage / Staging store)
> >
> > Tested the following:
> >  - Template Uploading / Downloading
> >  - VM Creation / Starting / Stopping / Destroying
> >  - VM Migration
> >  - Volume creation / attaching / detaching
> >  - Snapshot creation / restoring
> >  - DHCP
> >  - Metadata server / Password server / SSH keys
> >  - Security groups ingress- / egress-rules.
> >
> > Known issues:
> >  - The folder /var/lib/cloudstack is owned by root, if the install is
> done by
> > root. Therefore, when ACS tries to create a directory within it, it will
> fail.
> > Setting correct permissions fixes it. chown cloud:cloud
> /var/lib/cloudstack/
> >  - Scripts inside
> >
> /usr/share/cloudstack-management/webapps/client/WEB-INF/classes/scripts/storage/secondary/
> > don't have execute permission. Set correct permission using: chmod + x
> >
> /usr/share/cloudstack-management/webapps/client/WEB-INF/classes/scripts/storage/secondary/*
> >
> > Known issues are packaging related and not blocking. They will be fixed
> in ACS
> > 4.6.1.
> >
> > --
> >
> > Met vriendelijke groet / Kind regards,
> >
> > Boris Schrijver
> >
> > PCextreme B.V.
> >
> > http://www.pcextreme.nl/contact
> > Tel direct: +31 6 33784542
> >
> >> On November 10, 2015 at 4:03 PM Remi Bergsma <
> rberg...@schubergphilis.com>
> >> wrote:
> >>
> >>
> >> Hi all,
> >>
> >> I've created a 4.6.0 release candidate, with the following artifacts up
> for a
> >> vote:
> >>
> >> Git Branch and Commit SH:
> >>
> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=4.6.0-RC20151110T1545
> >>
> >> Commit: e31ade03c66368c64f0cd66cb7b0b754cddfb79d
> >>
> >> Source release (checksums and signatures are available at the same
> >> location):
> >> https://dist.apache.org/repos/dist/dev/cloudstack/4.6.0/
> >>
> >> PGP release keys (signed using A47DDC4F):
> >> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
> >>
> >> Vote will be open for at least 72 hours.
> >>
> >> For sanity in tallying the vote, can PMC members please be sure to
> indicate
> >> "(binding)" with their vote?
> >>
> >> [ ] +1  approve
> >> [ ] +0  no opinion
> >> [ ] -1  disapprove (and reason why)
> >>
>



-- 
Daan

Re: [VOTE] Apache CloudStack 4.6.0 (round 2)

[Remi Bergsma]

Hi all,

I've run the, by now, famous set of tests we've executed on the last ~100 or so 
PRs that we merged into master aka 4.6. It's all looking good.

Apart from that, I worked with Wilder and we did many tests. 

Proud to be voting +1 (binding) as well!

Regards,
Remi


Environment:
KVM on CentOS 7 Advanced zone.

```
nosetests --with-marvin --marvin-config=${marvinCfg} -s -a 
tags=advanced,required_hardware=true \
component/test_vpc_redundant.py \
component/test_routers_iptables_default_policy.py \
component/test_routers_network_ops.py \
component/test_vpc_router_nics.py \
smoke/test_loadbalance.py \
smoke/test_internal_lb.py \
smoke/test_ssvm.py \
smoke/test_network.py

```

Result:

```
Create a redundant VPC with two networks with two VMs in each network ... === 
TestName: test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | Status : 
SUCCESS ===
ok
Create a redundant VPC with two networks with two VMs in each network and check 
default routes ... === TestName: test_02_redundant_VPC_default_routes | Status 
: SUCCESS ===
ok
Test iptables default INPUT/FORWARD policy on RouterVM ... === TestName: 
test_02_routervm_iptables_policies | Status : SUCCESS ===
ok
Test iptables default INPUT/FORWARD policies on VPC router ... === TestName: 
test_01_single_VPC_iptables_policies | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName: 
test_01_isolate_network_FW_PF_default_routes_egress_true | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName: 
test_02_isolate_network_FW_PF_default_routes_egress_false | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName: 
test_01_RVR_Network_FW_PF_SSH_default_routes_egress_true | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName: 
test_02_RVR_Network_FW_PF_SSH_default_routes_egress_false | Status : SUCCESS ===
ok
Create a VPC with two networks with one VM in each network and test nics after 
destroy ... === TestName: test_01_VPC_nics_after_destroy | Status : SUCCESS ===
ok
Create a VPC with two networks with one VM in each network and test default 
routes ... === TestName: test_02_VPC_default_routes | Status : SUCCESS ===
ok
Check the password file in the Router VM ... === TestName: 
test_isolate_network_password_server | Status : SUCCESS ===
ok
Check that the /etc/dhcphosts.txt doesn't contain duplicate IPs ... === 
TestName: test_router_dhcphosts | Status : SUCCESS ===
ok
Test to create Load balancing rule with source NAT ... === TestName: 
test_01_create_lb_rule_src_nat | Status : SUCCESS ===
ok
Test to create Load balancing rule with non source NAT ... === TestName: 
test_02_create_lb_rule_non_nat | Status : SUCCESS ===
ok
Test for assign & removing load balancing rule ... === TestName: 
test_assign_and_removal_lb | Status : SUCCESS ===
ok
Test to verify access to loadbalancer haproxy admin stats page ... === 
TestName: test02_internallb_haproxy_stats_on_all_interfaces | Status : SUCCESS 
===
ok
Test create, assign, remove of an Internal LB with roundrobin http traffic to 3 
vm's ... === TestName: test_01_internallb_roundrobin_1VPC_3VM_HTTP_port80 | 
Status : SUCCESS ===
ok
Test SSVM Internals ... === TestName: test_03_ssvm_internals | Status : SUCCESS 
===
ok
Test CPVM Internals ... === TestName: test_04_cpvm_internals | Status : SUCCESS 
===
ok
Test stop SSVM ... === TestName: test_05_stop_ssvm | Status : SUCCESS ===
ok
Test stop CPVM ... === TestName: test_06_stop_cpvm | Status : SUCCESS ===
ok
Test reboot SSVM ... === TestName: test_07_reboot_ssvm | Status : SUCCESS ===
ok
Test reboot CPVM ... === TestName: test_08_reboot_cpvm | Status : SUCCESS ===
ok
Test destroy SSVM ... === TestName: test_09_destroy_ssvm | Status : SUCCESS ===
ok
Test destroy CPVM ... === TestName: test_10_destroy_cpvm | Status : SUCCESS ===
ok
Test Remote Access VPN in VPC ... === TestName: test_vpc_remote_access_vpn | 
Status : SUCCESS ===
ok
Test VPN in VPC ... === TestName: test_vpc_site2site_vpn | Status : SUCCESS ===
ok
Test for port forwarding on source NAT ... === TestName: 
test_01_port_fwd_on_src_nat | Status : SUCCESS ===
ok
Test for port forwarding on non source NAT ... === TestName: 
test_02_port_fwd_on_non_src_nat | Status : SUCCESS ===
ok
Test for reboot router ... === TestName: test_reboot_router | Status : SUCCESS 
===
ok
Test for Router rules for network rules on acquired public IP ... === TestName: 
test_network_rules_acquired_public_ip_1_static_nat_rule | Status : SUCCESS ===
ok
Test for Router rules for network rules on acquired public IP ... === TestName: 
test_network_rules_acquired_public_ip_2_nat_rule | Status : SUCCESS ===
ok
Test for Router rules for network rules on acquired public IP ... === TestName: 
test_network_rules_acquired_public_ip_3_Load_Balancer_Rule | Status : SUCCESS 
===
ok

--
Ran 33 tests in 14711.458s

OK
```


And:

```
nosetests --with-marvin --marvin-config=${marvinCfg} -s -a 
tags=advanced,req

[RESULT] [VOTE] Apache CloudStack 4.6.0

[Remi Bergsma]

Hi all,

After 72 hours, the vote for CloudStack 4.6.0 [1] *passes* with 7 PMC + 2 
non-PMC votes.

+1 (PMC / binding)
* Wilder
* Nux (Lucian)
* Rajani
* Daan
* Milamber (Bruno)
* Wido
* Remi

+1 (non binding)
* Raja
* Boris

0
none

-1
none

A huge Thank You to everyone participating! :-)

I will now prepare the release announcement to go out after the weekend. In the 
mean time the mirrors have time to catch up and we have time to update the 
documentation and put everything in place.


[1] http://cloudstack.markmail.org/message/pah6mhj7qgxewvx2

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[Daan Hoogland]

thanks all, great. let's improve even further, after we had a great party
to celebrate our selves.

On Fri, Nov 13, 2015 at 4:16 PM, Remi Bergsma 
wrote:

> Hi all,
>
> After 72 hours, the vote for CloudStack 4.6.0 [1] *passes* with 7 PMC + 2
> non-PMC votes.
>
> +1 (PMC / binding)
> * Wilder
> * Nux (Lucian)
> * Rajani
> * Daan
> * Milamber (Bruno)
> * Wido
> * Remi
>
> +1 (non binding)
> * Raja
> * Boris
>
> 0
> none
>
> -1
> none
>
> A huge Thank You to everyone participating! :-)
>
> I will now prepare the release announcement to go out after the weekend.
> In the mean time the mirrors have time to catch up and we have time to
> update the documentation and put everything in place.
>
>
> [1] http://cloudstack.markmail.org/message/pah6mhj7qgxewvx2
>
>


-- 
Daan

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[Sebastien Goasguen]

Congratulations to all, this could be our strongest release to date.

Sorry I could not vote, I have been traveling.

> On Nov 13, 2015, at 4:23 PM, Daan Hoogland  wrote:
> 
> thanks all, great. let's improve even further, after we had a great party
> to celebrate our selves.
> 
> On Fri, Nov 13, 2015 at 4:16 PM, Remi Bergsma 
> wrote:
> 
>> Hi all,
>> 
>> After 72 hours, the vote for CloudStack 4.6.0 [1] *passes* with 7 PMC + 2
>> non-PMC votes.
>> 
>> +1 (PMC / binding)
>> * Wilder
>> * Nux (Lucian)
>> * Rajani
>> * Daan
>> * Milamber (Bruno)
>> * Wido
>> * Remi
>> 
>> +1 (non binding)
>> * Raja
>> * Boris
>> 
>> 0
>> none
>> 
>> -1
>> none
>> 
>> A huge Thank You to everyone participating! :-)
>> 
>> I will now prepare the release announcement to go out after the weekend.
>> In the mean time the mirrors have time to catch up and we have time to
>> update the documentation and put everything in place.
>> 
>> 
>> [1] http://cloudstack.markmail.org/message/pah6mhj7qgxewvx2
>> 
>> 
> 
> 
> -- 
> Daan

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[Nux!]

Good job, everyone! :-)

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -
> From: "Remi Bergsma" 
> To: dev@cloudstack.apache.org
> Sent: Friday, 13 November, 2015 15:16:33
> Subject: [RESULT] [VOTE] Apache CloudStack 4.6.0

> Hi all,
> 
> After 72 hours, the vote for CloudStack 4.6.0 [1] *passes* with 7 PMC + 2
> non-PMC votes.
> 
> +1 (PMC / binding)
> * Wilder
> * Nux (Lucian)
> * Rajani
> * Daan
> * Milamber (Bruno)
> * Wido
> * Remi
> 
> +1 (non binding)
> * Raja
> * Boris
> 
> 0
> none
> 
> -1
> none
> 
> A huge Thank You to everyone participating! :-)
> 
> I will now prepare the release announcement to go out after the weekend. In 
> the
> mean time the mirrors have time to catch up and we have time to update the
> documentation and put everything in place.
> 
> 
> [1] http://cloudstack.markmail.org/message/pah6mhj7qgxewvx2

RE: [VOTE] Apache CloudStack 4.6.0 (round 2)

[Suresh Sadhu]

+1(binding)

Performed basic sanity using xenserver hypervisor   as of now not found any 
major issue  but noticed an exception while ms start initially 

Noticed below exception  during upgrade times. If its  known issue ,please 
ignore or else will raise a bug for tracking purpose.

(main:null) migrateDatafromIsoIdInVolumesTable:Exception:Unknown column 
'iso_id1' in 'field list'
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Unknown column 
'iso_id1' in 'field list'
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at 
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at 
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:411)
at com.mysql.jdbc.Util.getInstance(Util.java:386)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1052)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3597)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3529)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1990)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2151)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2625)
at 
com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:2119)
at 
com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:2283)
at 
org.apache.commons.dbcp.DelegatingPreparedStatement.executeQuery(DelegatingPreparedStatement.java:96)
at 
org.apache.commons.dbcp.DelegatingPreparedStatement.executeQuery(DelegatingPreparedStatement.java:96)
at 
com.cloud.upgrade.dao.Upgrade410to420.migrateDatafromIsoIdInVolumesTable(Upgrade410to420.java:2378)
at 
com.cloud.upgrade.dao.Upgrade410to420.performDataMigration(Upgrade410to420.java:110)
at 
com.cloud.upgrade.DatabaseUpgradeChecker.upgrade(DatabaseUpgradeChecker.java:345)
at 
com.cloud.upgrade.DatabaseUpgradeChecker.check(DatabaseUpgradeChecker.java:468)
at 
org.apache.cloudstack.spring.lifecycle.CloudStackExtendedLifeCycle.checkIntegrity(CloudStackExtendedLifeCycle.java:65)
at 
org.apache.cloudstack.spring.lifecycle.CloudStackExtendedLifeCycle.start(CloudStackExtendedLifeCycle.java:55)
at 
org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:167)
at 
org.springframework.context.support.DefaultLifecycleProcessor.access$200(DefaultLifecycleProcessor.java:51)
at 
org.springframework.context.support.DefaultLifecycleProcessor$LifecycleGroup.start(DefaultLifecycleProcessor.java:339)
at 
org.springframework.context.support.DefaultLifecycleProcessor.startBeans(DefaultLifecycleProcessor.java:143)
at 
org.springframework.context.support.DefaultLifecycleProcessor.onRefresh(DefaultLifecycleProcessor.java:108)
at 
org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:947)
at 
org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:482)
at 
org.apache.cloudstack.spring.module.model.impl.DefaultModuleDefinitionSet.loadContext(DefaultModuleDefinitionSet.java:145)
at 
org.apache.cloudstack.spring.module.model.impl.DefaultModuleDefinitionSet$2.with(DefaultModuleDefinitionSet.java:122)
at 
org.apache.cloudstack.spring.module.model.impl.DefaultModuleDefinitionSet.withModule(DefaultModuleDefinitionSet.java:245)
at 
org.apache.cloudstack.spring.module.model.impl.DefaultModuleDefinitionSet.withModule(DefaultModuleDefinitionSet.java:250)
at 
org.apache.cloudstack.spring.module.model.impl.DefaultModuleDefinitionSet.withModule(DefaultModuleDefinitionSet.java:233)
at 
org.apache.cloudstack.spring.module.model.impl.DefaultModuleDefinitionSet.loadContexts(DefaultModuleDefinitionSet.java:117)
at 
org.apache.cloudstack.spring.module.model.impl.DefaultModuleDefinitionSet.load(DefaultModuleDefinitionSet.java:79)
at 
org.apache.cloudstack.spring.module.factory.ModuleBasedContextFactory.loadModules(ModuleBasedContextFactory.java:37)
at 
org.apache.cloudstack.spring.module.factory.CloudStackSpringContext.init(CloudStackSpringContext.java:70)
at 
org.apache.cloudstack.spring.module.factory.CloudStackSpringContext.(CloudStackSpringContext.java:57)
at 
org.apache.cloudstack.spring.module.factory.CloudStackSpringContext.(CloudStackSpringContext.java:61)
at 
org.apache.cloudstack.spring.module.web.CloudStackContextLoaderListener.contextInitialized(CloudStackContextLoaderListener.java:52)
at 
org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4210)
at 
org.apache.catalina.core.Standa

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[John Burwell]

All,

I realize my vote is coming in after the vote has closed.  However, I found 
that a fix [1] for at least one CVE that shipped in 4.5.2, CVE 2015-3251, is 
not present in 4.6.0.  I just happened to notice because someone asked me 
within the last half hour about the availability of that fix.  I apologize for 
the late -1 (binding), but, in my opinion, we should never knowingly ship a 
regression of a CVE fix.  There were other CVEs addressed in 4.5.2, and I am 
concerned they also may be missing from 4.6.0.

Thanks,
-John

[1]: https://github.com/apache/cloudstack/commit/3a48171b

---
John Burwell (@john_burwell)
VP of Software Engineering, ShapeBlue
(571) 403-2411 | +44 20 3603 0542
http://www.shapeblue.com | @ShapeBlue
53 Chandos Place, Covent Garden, London, WC2N 4HS



> On Nov 13, 2015, at 11:11 AM, Nux!  wrote:
>
> Good job, everyone! :-)
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> - Original Message -
>> From: "Remi Bergsma" 
>> To: dev@cloudstack.apache.org
>> Sent: Friday, 13 November, 2015 15:16:33
>> Subject: [RESULT] [VOTE] Apache CloudStack 4.6.0
>
>> Hi all,
>>
>> After 72 hours, the vote for CloudStack 4.6.0 [1] *passes* with 7 PMC + 2
>> non-PMC votes.
>>
>> +1 (PMC / binding)
>> * Wilder
>> * Nux (Lucian)
>> * Rajani
>> * Daan
>> * Milamber (Bruno)
>> * Wido
>> * Remi
>>
>> +1 (non binding)
>> * Raja
>> * Boris
>>
>> 0
>> none
>>
>> -1
>> none
>>
>> A huge Thank You to everyone participating! :-)
>>
>> I will now prepare the release announcement to go out after the weekend. In 
>> the
>> mean time the mirrors have time to catch up and we have time to update the
>> documentation and put everything in place.
>>
>>
>> [1] http://cloudstack.markmail.org/message/pah6mhj7qgxewvx2

Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: [VOTE] Apache CloudStack 4.6.0 (round 2)

[John Burwell]

All,

I just noticed that the fix for CVE 2015-3251 [1] which shipped in 4.5.2 was 
not merged to master.  Therefore, 4.6.0 contains a security regression.  For 
this reason, I am -1 (binding) on RC2 due to the lack of this fix.  There were 
also other CVE’s addressed in 4.5.2 which we need to audit and ensure they were 
also forward merged.

Thanks,
-John

[1]: https://github.com/apache/cloudstack/commit/3a48171b

---
John Burwell (@john_burwell)
VP of Software Engineering, ShapeBlue
(571) 403-2411 | +44 20 3603 0542
http://www.shapeblue.com | @ShapeBlue
53 Chandos Place, Covent Garden, London, WC2N 4HS



> On Nov 10, 2015, at 10:16 AM, Remi Bergsma  
> wrote:
>
> FYI: Jenkins was so kind to build us some packages, should we want to use 
> them:
>
> CentOS 7 packages
> http://jenkins.buildacloud.org/view/parameterized/job/cloudstack-rpm-packages-with-branch-parameter-centos7/3/
>
> CentOS 6 packages
> http://jenkins.buildacloud.org/view/parameterized/job/cloudstack-rpm-packages-with-branch-parameter/22/
>
> Maybe Boris can build some Ubuntu packages, please?
>
>
> Regards,
> Remi
>
>
>
>
> On 10/11/15 16:03, "Remi Bergsma"  wrote:
>
>> Hi all,
>>
>> I've created a 4.6.0 release candidate, with the following artifacts up for 
>> a vote:
>>
>> Git Branch and Commit SH:
>> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=4.6.0-RC20151110T1545
>>
>> Commit: e31ade03c66368c64f0cd66cb7b0b754cddfb79d
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.6.0/
>>
>> PGP release keys (signed using A47DDC4F):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> Vote will be open for at least 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate 
>> "(binding)" with their vote?
>>
>> [ ] +1  approve
>> [ ] +0  no opinion
>> [ ] -1  disapprove (and reason why)
>>

Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[Wilder Rodrigues]

:( 

Sad to hear that just that late in the release process, John. Even worse to 
hear that it was already happening in 4.5.2 - released some months ago. But no 
worries! With our new release process, we can do things, in a proper way, 
quicker than before. The ACS 4.6.1 RC1 will be out within 2 weeks from now, 
fully tested and with the fixes - Redundant VPC split-brain, S3 and you sec 
issue - included. We will increase the release cycle, not because we release 
broken stuff, but because we want to decrease the number of open issues.

Our goal is to make ACS better than any cloud platform in the market!

Cheers,
Wilder


> On 13 Nov 2015, at 18:45, John Burwell  wrote:
> 
> All,
> 
> I realize my vote is coming in after the vote has closed.  However, I found 
> that a fix [1] for at least one CVE that shipped in 4.5.2, CVE 2015-3251, is 
> not present in 4.6.0.  I just happened to notice because someone asked me 
> within the last half hour about the availability of that fix.  I apologize 
> for the late -1 (binding), but, in my opinion, we should never knowingly ship 
> a regression of a CVE fix.  There were other CVEs addressed in 4.5.2, and I 
> am concerned they also may be missing from 4.6.0.
> 
> Thanks,
> -John
> 
> [1]: https://github.com/apache/cloudstack/commit/3a48171b
> 
> ---
> John Burwell (@john_burwell)
> VP of Software Engineering, ShapeBlue
> (571) 403-2411 | +44 20 3603 0542
> http://www.shapeblue.com | @ShapeBlue
> 53 Chandos Place, Covent Garden, London, WC2N 4HS
> 
> 
> 
>> On Nov 13, 2015, at 11:11 AM, Nux!  wrote:
>> 
>> Good job, everyone! :-)
>> 
>> --
>> Sent from the Delta quadrant using Borg technology!
>> 
>> Nux!
>> www.nux.ro
>> 
>> - Original Message -
>>> From: "Remi Bergsma" 
>>> To: dev@cloudstack.apache.org
>>> Sent: Friday, 13 November, 2015 15:16:33
>>> Subject: [RESULT] [VOTE] Apache CloudStack 4.6.0
>> 
>>> Hi all,
>>> 
>>> After 72 hours, the vote for CloudStack 4.6.0 [1] *passes* with 7 PMC + 2
>>> non-PMC votes.
>>> 
>>> +1 (PMC / binding)
>>> * Wilder
>>> * Nux (Lucian)
>>> * Rajani
>>> * Daan
>>> * Milamber (Bruno)
>>> * Wido
>>> * Remi
>>> 
>>> +1 (non binding)
>>> * Raja
>>> * Boris
>>> 
>>> 0
>>> none
>>> 
>>> -1
>>> none
>>> 
>>> A huge Thank You to everyone participating! :-)
>>> 
>>> I will now prepare the release announcement to go out after the weekend. In 
>>> the
>>> mean time the mirrors have time to catch up and we have time to update the
>>> documentation and put everything in place.
>>> 
>>> 
>>> [1] http://cloudstack.markmail.org/message/pah6mhj7qgxewvx2
> 
> Find out more about ShapeBlue and our range of CloudStack related services
> 
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software 
> Engineering
> CloudStack Infrastructure 
> Support
> CloudStack Bootcamp Training 
> Courses
> 
> This email and any attachments to it may be confidential and are intended 
> solely for the use of the individual to whom it is addressed. Any views or 
> opinions expressed are solely those of the author and do not necessarily 
> represent those of Shape Blue Ltd or related companies. If you are not the 
> intended recipient of this email, you must neither take any action based upon 
> its contents, nor copy or show it to anyone. Please contact the sender if you 
> believe you have received this email in error. Shape Blue Ltd is a company 
> incorporated in England & Wales. ShapeBlue Services India LLP is a company 
> incorporated in India and is operated under license from Shape Blue Ltd. 
> Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
> operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
> registered by The Republic of South Africa and is traded under license from 
> Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[John Burwell]

Wilder,

As a community, we cannot knowingly ship a release containing a CVE regression. 
 The industry best practice in this circumstance would be pull the release and 
notify users not to use it.  Luckily, the release hasn’t shipped yet, we can 
simply abort and create a new RC with CVE fix(es) included.

Thanks,
-John

---
John Burwell (@john_burwell)
VP of Software Engineering, ShapeBlue
(571) 403-2411 | +44 20 3603 0542
http://www.shapeblue.com | @ShapeBlue
53 Chandos Place, Covent Garden, London, WC2N 4HS



> On Nov 13, 2015, at 1:11 PM, Wilder Rodrigues  
> wrote:
>
> :(
>
> Sad to hear that just that late in the release process, John. Even worse to 
> hear that it was already happening in 4.5.2 - released some months ago. But 
> no worries! With our new release process, we can do things, in a proper way, 
> quicker than before. The ACS 4.6.1 RC1 will be out within 2 weeks from now, 
> fully tested and with the fixes - Redundant VPC split-brain, S3 and you sec 
> issue - included. We will increase the release cycle, not because we release 
> broken stuff, but because we want to decrease the number of open issues.
>
> Our goal is to make ACS better than any cloud platform in the market!
>
> Cheers,
> Wilder
>
>
>> On 13 Nov 2015, at 18:45, John Burwell  wrote:
>>
>> All,
>>
>> I realize my vote is coming in after the vote has closed.  However, I found 
>> that a fix [1] for at least one CVE that shipped in 4.5.2, CVE 2015-3251, is 
>> not present in 4.6.0.  I just happened to notice because someone asked me 
>> within the last half hour about the availability of that fix.  I apologize 
>> for the late -1 (binding), but, in my opinion, we should never knowingly 
>> ship a regression of a CVE fix.  There were other CVEs addressed in 4.5.2, 
>> and I am concerned they also may be missing from 4.6.0.
>>
>> Thanks,
>> -John
>>
>> [1]: https://github.com/apache/cloudstack/commit/3a48171b
>>
>> ---
>> John Burwell (@john_burwell)
>> VP of Software Engineering, ShapeBlue
>> (571) 403-2411 | +44 20 3603 0542
>> http://www.shapeblue.com | @ShapeBlue
>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>
>>
>>
>>> On Nov 13, 2015, at 11:11 AM, Nux!  wrote:
>>>
>>> Good job, everyone! :-)
>>>
>>> --
>>> Sent from the Delta quadrant using Borg technology!
>>>
>>> Nux!
>>> www.nux.ro
>>>
>>> - Original Message -
 From: "Remi Bergsma" 
 To: dev@cloudstack.apache.org
 Sent: Friday, 13 November, 2015 15:16:33
 Subject: [RESULT] [VOTE] Apache CloudStack 4.6.0
>>>
 Hi all,

 After 72 hours, the vote for CloudStack 4.6.0 [1] *passes* with 7 PMC + 2
 non-PMC votes.

 +1 (PMC / binding)
 * Wilder
 * Nux (Lucian)
 * Rajani
 * Daan
 * Milamber (Bruno)
 * Wido
 * Remi

 +1 (non binding)
 * Raja
 * Boris

 0
 none

 -1
 none

 A huge Thank You to everyone participating! :-)

 I will now prepare the release announcement to go out after the weekend. 
 In the
 mean time the mirrors have time to catch up and we have time to update the
 documentation and put everything in place.


 [1] http://cloudstack.markmail.org/message/pah6mhj7qgxewvx2
>>
>> Find out more about ShapeBlue and our range of CloudStack related services
>>
>> IaaS Cloud Design & Build
>> CSForge – rapid IaaS deployment framework
>> CloudStack Consulting
>> CloudStack Software 
>> Engineering
>> CloudStack Infrastructure 
>> Support
>> CloudStack Bootcamp Training 
>> Courses
>>
>> This email and any attachments to it may be confidential and are intended 
>> solely for the use of the individual to whom it is addressed. Any views or 
>> opinions expressed are solely those of the author and do not necessarily 
>> represent those of Shape Blue Ltd or related companies. If you are not the 
>> intended recipient of this email, you must neither take any action based 
>> upon its contents, nor copy or show it to anyone. Please contact the sender 
>> if you believe you have received this email in error. Shape Blue Ltd is a 
>> company incorporated in England & Wales. ShapeBlue Services India LLP is a 
>> company incorporated in India and is operated under license from Shape Blue 
>> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil 
>> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a 
>> company registered by The Republic of South Africa and is traded under 
>> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>

Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForg

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[Wilder Rodrigues]

Hi John,

If that actually goes agains a community/industry standard, I will support you. 
It is not in my bucket list to be part of a group that released something that 
was already destined to fail.

However, I would like to make 2 points in this whole thing:

1.  it’s a big shame to see that it was only fixed on the 4.5.x and not pushed 
towards master. We have to stop this.
2. Would be nice to dedicate some time to check the emails around a release 
cycle to avoid things like that. Cancelling it now means that many people will 
have to go and redo many tests to make sure everything is fine! Nobody wants a 
release that was half test only because a few lines of code changed.

If you agree with me, we can cancel it and start the RC3 cycle on the 23rd 
November. We just need to get the other member of the community to agree on 
that as well.

We just ask Shape Blue to run some tests on the 23rd, that’s all.

Cheers,
Wilder


> On 13 Nov 2015, at 19:25, John Burwell  wrote:
> 
> Wilder,
> 
> As a community, we cannot knowingly ship a release containing a CVE 
> regression.  The industry best practice in this circumstance would be pull 
> the release and notify users not to use it.  Luckily, the release hasn’t 
> shipped yet, we can simply abort and create a new RC with CVE fix(es) 
> included.
> 
> Thanks,
> -John
> 
> ---
> John Burwell (@john_burwell)
> VP of Software Engineering, ShapeBlue
> (571) 403-2411 | +44 20 3603 0542
> http://www.shapeblue.com | @ShapeBlue
> 53 Chandos Place, Covent Garden, London, WC2N 4HS
> 
> 
> 
>> On Nov 13, 2015, at 1:11 PM, Wilder Rodrigues 
>>  wrote:
>> 
>> :(
>> 
>> Sad to hear that just that late in the release process, John. Even worse to 
>> hear that it was already happening in 4.5.2 - released some months ago. But 
>> no worries! With our new release process, we can do things, in a proper way, 
>> quicker than before. The ACS 4.6.1 RC1 will be out within 2 weeks from now, 
>> fully tested and with the fixes - Redundant VPC split-brain, S3 and you sec 
>> issue - included. We will increase the release cycle, not because we release 
>> broken stuff, but because we want to decrease the number of open issues.
>> 
>> Our goal is to make ACS better than any cloud platform in the market!
>> 
>> Cheers,
>> Wilder
>> 
>> 
>>> On 13 Nov 2015, at 18:45, John Burwell  wrote:
>>> 
>>> All,
>>> 
>>> I realize my vote is coming in after the vote has closed.  However, I found 
>>> that a fix [1] for at least one CVE that shipped in 4.5.2, CVE 2015-3251, 
>>> is not present in 4.6.0.  I just happened to notice because someone asked 
>>> me within the last half hour about the availability of that fix.  I 
>>> apologize for the late -1 (binding), but, in my opinion, we should never 
>>> knowingly ship a regression of a CVE fix.  There were other CVEs addressed 
>>> in 4.5.2, and I am concerned they also may be missing from 4.6.0.
>>> 
>>> Thanks,
>>> -John
>>> 
>>> [1]: https://github.com/apache/cloudstack/commit/3a48171b
>>> 
>>> ---
>>> John Burwell (@john_burwell)
>>> VP of Software Engineering, ShapeBlue
>>> (571) 403-2411 | +44 20 3603 0542
>>> http://www.shapeblue.com | @ShapeBlue
>>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>> 
>>> 
>>> 
 On Nov 13, 2015, at 11:11 AM, Nux!  wrote:
 
 Good job, everyone! :-)
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro
 
 - Original Message -
> From: "Remi Bergsma" 
> To: dev@cloudstack.apache.org
> Sent: Friday, 13 November, 2015 15:16:33
> Subject: [RESULT] [VOTE] Apache CloudStack 4.6.0
 
> Hi all,
> 
> After 72 hours, the vote for CloudStack 4.6.0 [1] *passes* with 7 PMC + 2
> non-PMC votes.
> 
> +1 (PMC / binding)
> * Wilder
> * Nux (Lucian)
> * Rajani
> * Daan
> * Milamber (Bruno)
> * Wido
> * Remi
> 
> +1 (non binding)
> * Raja
> * Boris
> 
> 0
> none
> 
> -1
> none
> 
> A huge Thank You to everyone participating! :-)
> 
> I will now prepare the release announcement to go out after the weekend. 
> In the
> mean time the mirrors have time to catch up and we have time to update the
> documentation and put everything in place.
> 
> 
> [1] http://cloudstack.markmail.org/message/pah6mhj7qgxewvx2
>>> 
>>> Find out more about ShapeBlue and our range of CloudStack related services
>>> 
>>> IaaS Cloud Design & 
>>> Build
>>> CSForge – rapid IaaS deployment framework
>>> CloudStack Consulting
>>> CloudStack Software 
>>> Engineering
>>> CloudStack Infrastructure 
>>> Support
>>> CloudStack Bootcamp Training 
>>> Courses
>>> 

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[John Burwell]

Wilder,

For now, I am just concerned with averting the security nightmare of shipping a 
CVE regression.  In terms of process, I don’t know how we proceed.  Were the 
vote still open, a single binding -1 would abort the RC.  We can either all 
decide by consensus not to pull back the RC or I can open a vote thread.  
Personally, I would prefer consensus.

After 4.6.0, there is no doubt we need to assess how this CVE (and potentially 
others) were not merged forward.  I am thinking we shift back through the git 
log to find all known CVE fixes and add each hash to a file representing the 
commits that must be present.  Our release tests then perform a git tag 
—contains for each has to ensure that no CVE fixes have been missed.

Thanks,
-John

---
John Burwell (@john_burwell)
VP of Software Engineering, ShapeBlue
(571) 403-2411 | +44 20 3603 0542
http://www.shapeblue.com | @ShapeBlue
53 Chandos Place, Covent Garden, London, WC2N 4HS



> On Nov 13, 2015, at 1:58 PM, Wilder Rodrigues  
> wrote:
>
> Hi John,
>
> If that actually goes agains a community/industry standard, I will support 
> you. It is not in my bucket list to be part of a group that released 
> something that was already destined to fail.
>
> However, I would like to make 2 points in this whole thing:
>
> 1.  it’s a big shame to see that it was only fixed on the 4.5.x and not 
> pushed towards master. We have to stop this.
> 2. Would be nice to dedicate some time to check the emails around a release 
> cycle to avoid things like that. Cancelling it now means that many people 
> will have to go and redo many tests to make sure everything is fine! Nobody 
> wants a release that was half test only because a few lines of code changed.
>
> If you agree with me, we can cancel it and start the RC3 cycle on the 23rd 
> November. We just need to get the other member of the community to agree on 
> that as well.
>
> We just ask Shape Blue to run some tests on the 23rd, that’s all.
>
> Cheers,
> Wilder
>
>
>> On 13 Nov 2015, at 19:25, John Burwell  wrote:
>>
>> Wilder,
>>
>> As a community, we cannot knowingly ship a release containing a CVE 
>> regression.  The industry best practice in this circumstance would be pull 
>> the release and notify users not to use it.  Luckily, the release hasn’t 
>> shipped yet, we can simply abort and create a new RC with CVE fix(es) 
>> included.
>>
>> Thanks,
>> -John
>>
>> ---
>> John Burwell (@john_burwell)
>> VP of Software Engineering, ShapeBlue
>> (571) 403-2411 | +44 20 3603 0542
>> http://www.shapeblue.com | @ShapeBlue
>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>
>>
>>
>>> On Nov 13, 2015, at 1:11 PM, Wilder Rodrigues 
>>>  wrote:
>>>
>>> :(
>>>
>>> Sad to hear that just that late in the release process, John. Even worse to 
>>> hear that it was already happening in 4.5.2 - released some months ago. But 
>>> no worries! With our new release process, we can do things, in a proper 
>>> way, quicker than before. The ACS 4.6.1 RC1 will be out within 2 weeks from 
>>> now, fully tested and with the fixes - Redundant VPC split-brain, S3 and 
>>> you sec issue - included. We will increase the release cycle, not because 
>>> we release broken stuff, but because we want to decrease the number of open 
>>> issues.
>>>
>>> Our goal is to make ACS better than any cloud platform in the market!
>>>
>>> Cheers,
>>> Wilder
>>>
>>>
 On 13 Nov 2015, at 18:45, John Burwell  wrote:

 All,

 I realize my vote is coming in after the vote has closed.  However, I 
 found that a fix [1] for at least one CVE that shipped in 4.5.2, CVE 
 2015-3251, is not present in 4.6.0.  I just happened to notice because 
 someone asked me within the last half hour about the availability of that 
 fix.  I apologize for the late -1 (binding), but, in my opinion, we should 
 never knowingly ship a regression of a CVE fix.  There were other CVEs 
 addressed in 4.5.2, and I am concerned they also may be missing from 4.6.0.

 Thanks,
 -John

 [1]: https://github.com/apache/cloudstack/commit/3a48171b

 ---
 John Burwell (@john_burwell)
 VP of Software Engineering, ShapeBlue
 (571) 403-2411 | +44 20 3603 0542
 http://www.shapeblue.com | @ShapeBlue
 53 Chandos Place, Covent Garden, London, WC2N 4HS



> On Nov 13, 2015, at 11:11 AM, Nux!  wrote:
>
> Good job, everyone! :-)
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> - Original Message -
>> From: "Remi Bergsma" 
>> To: dev@cloudstack.apache.org
>> Sent: Friday, 13 November, 2015 15:16:33
>> Subject: [RESULT] [VOTE] Apache CloudStack 4.6.0
>
>> Hi all,
>>
>> After 72 hours, the vote for CloudStack 4.6.0 [1] *passes* with 7 PMC + 2
>> non-PMC votes.
>>
>> +1 (PMC / binding)
>> * Wilder
>> * Nux (Lucian)
>> * Rajani
>> * Daan
>> * Milamber (Brun

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[John Burwell]

All,

I realize when I reported my issue, I failed to state my methodology for 
determining the fix was not present in RC2.  I performed the following steps:

1. git fetch origin
2. git checkout master
3. git rebase origin/master
4. git tag --contains 3a48171b

Steps 2 and 3 shouldn’t be necessary, but belts and suspenders.  The result of 
these steps was that only the 4.5.2 tag came back as containing the 3a48171b 
commit.  There is always the chance that I mucked up the check, and someone 
should double check my work before we go through the effort of pulling back an 
approved RC.

Thanks,
-John

---
John Burwell (@john_burwell)
VP of Software Engineering, ShapeBlue
(571) 403-2411 | +44 20 3603 0542
http://www.shapeblue.com | @ShapeBlue
53 Chandos Place, Covent Garden, London, WC2N 4HS



> On Nov 13, 2015, at 2:07 PM, John Burwell  wrote:
>
> Wilder,
>
> For now, I am just concerned with averting the security nightmare of shipping 
> a CVE regression.  In terms of process, I don’t know how we proceed.  Were 
> the vote still open, a single binding -1 would abort the RC.  We can either 
> all decide by consensus not to pull back the RC or I can open a vote thread.  
> Personally, I would prefer consensus.
>
> After 4.6.0, there is no doubt we need to assess how this CVE (and 
> potentially others) were not merged forward.  I am thinking we shift back 
> through the git log to find all known CVE fixes and add each hash to a file 
> representing the commits that must be present.  Our release tests then 
> perform a git tag —contains for each has to ensure that no CVE fixes have 
> been missed.
>
> Thanks,
> -John
>
> ---
> John Burwell (@john_burwell)
> VP of Software Engineering, ShapeBlue
> (571) 403-2411 | +44 20 3603 0542
> http://www.shapeblue.com | @ShapeBlue
> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
>> On Nov 13, 2015, at 1:58 PM, Wilder Rodrigues 
>>  wrote:
>>
>> Hi John,
>>
>> If that actually goes agains a community/industry standard, I will support 
>> you. It is not in my bucket list to be part of a group that released 
>> something that was already destined to fail.
>>
>> However, I would like to make 2 points in this whole thing:
>>
>> 1.  it’s a big shame to see that it was only fixed on the 4.5.x and not 
>> pushed towards master. We have to stop this.
>> 2. Would be nice to dedicate some time to check the emails around a release 
>> cycle to avoid things like that. Cancelling it now means that many people 
>> will have to go and redo many tests to make sure everything is fine! Nobody 
>> wants a release that was half test only because a few lines of code changed.
>>
>> If you agree with me, we can cancel it and start the RC3 cycle on the 23rd 
>> November. We just need to get the other member of the community to agree on 
>> that as well.
>>
>> We just ask Shape Blue to run some tests on the 23rd, that’s all.
>>
>> Cheers,
>> Wilder
>>
>>
>>> On 13 Nov 2015, at 19:25, John Burwell  wrote:
>>>
>>> Wilder,
>>>
>>> As a community, we cannot knowingly ship a release containing a CVE 
>>> regression.  The industry best practice in this circumstance would be pull 
>>> the release and notify users not to use it.  Luckily, the release hasn’t 
>>> shipped yet, we can simply abort and create a new RC with CVE fix(es) 
>>> included.
>>>
>>> Thanks,
>>> -John
>>>
>>> ---
>>> John Burwell (@john_burwell)
>>> VP of Software Engineering, ShapeBlue
>>> (571) 403-2411 | +44 20 3603 0542
>>> http://www.shapeblue.com | @ShapeBlue
>>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>>
>>>
>>>
 On Nov 13, 2015, at 1:11 PM, Wilder Rodrigues 
  wrote:

 :(

 Sad to hear that just that late in the release process, John. Even worse 
 to hear that it was already happening in 4.5.2 - released some months ago. 
 But no worries! With our new release process, we can do things, in a 
 proper way, quicker than before. The ACS 4.6.1 RC1 will be out within 2 
 weeks from now, fully tested and with the fixes - Redundant VPC 
 split-brain, S3 and you sec issue - included. We will increase the release 
 cycle, not because we release broken stuff, but because we want to 
 decrease the number of open issues.

 Our goal is to make ACS better than any cloud platform in the market!

 Cheers,
 Wilder


> On 13 Nov 2015, at 18:45, John Burwell  wrote:
>
> All,
>
> I realize my vote is coming in after the vote has closed.  However, I 
> found that a fix [1] for at least one CVE that shipped in 4.5.2, CVE 
> 2015-3251, is not present in 4.6.0.  I just happened to notice because 
> someone asked me within the last half hour about the availability of that 
> fix.  I apologize for the late -1 (binding), but, in my opinion, we 
> should never knowingly ship a regression of a CVE fix.  There were other 
> CVEs addressed in 4.5.2, and I am concerned they also may be missing from 
> 4.6.0.
>

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[Remi Bergsma]

Hi John,

Thanks for your concerns. 

I believe the patch for CVE 2015-3251 is included in 4.6 aka master. See commit 
ef44c7d. 

We should always merge forward, then your method would have worked. And that's 
exactly what we'll do from now on. 

Regards, Remi 

Sent from my iPhone

> On 13 Nov 2015, at 20:23, John Burwell  wrote:
> 
> All,
> 
> I realize when I reported my issue, I failed to state my methodology for 
> determining the fix was not present in RC2.  I performed the following steps:
> 
> 1. git fetch origin
> 2. git checkout master
> 3. git rebase origin/master
> 4. git tag --contains 3a48171b
> 
> Steps 2 and 3 shouldn’t be necessary, but belts and suspenders.  The result 
> of these steps was that only the 4.5.2 tag came back as containing the 
> 3a48171b commit.  There is always the chance that I mucked up the check, and 
> someone should double check my work before we go through the effort of 
> pulling back an approved RC.
> 
> Thanks,
> -John
> 
> ---
> John Burwell (@john_burwell)
> VP of Software Engineering, ShapeBlue
> (571) 403-2411 | +44 20 3603 0542
> http://www.shapeblue.com | @ShapeBlue
> 53 Chandos Place, Covent Garden, London, WC2N 4HS
> 
> 
> 
>> On Nov 13, 2015, at 2:07 PM, John Burwell  wrote:
>> 
>> Wilder,
>> 
>> For now, I am just concerned with averting the security nightmare of 
>> shipping a CVE regression.  In terms of process, I don’t know how we 
>> proceed.  Were the vote still open, a single binding -1 would abort the RC.  
>> We can either all decide by consensus not to pull back the RC or I can open 
>> a vote thread.  Personally, I would prefer consensus.
>> 
>> After 4.6.0, there is no doubt we need to assess how this CVE (and 
>> potentially others) were not merged forward.  I am thinking we shift back 
>> through the git log to find all known CVE fixes and add each hash to a file 
>> representing the commits that must be present.  Our release tests then 
>> perform a git tag —contains for each has to ensure that no CVE fixes have 
>> been missed.
>> 
>> Thanks,
>> -John
>> 
>> ---
>> John Burwell (@john_burwell)
>> VP of Software Engineering, ShapeBlue
>> (571) 403-2411 | +44 20 3603 0542
>> http://www.shapeblue.com | @ShapeBlue
>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>> 
>> 
>> 
>>> On Nov 13, 2015, at 1:58 PM, Wilder Rodrigues 
>>>  wrote:
>>> 
>>> Hi John,
>>> 
>>> If that actually goes agains a community/industry standard, I will support 
>>> you. It is not in my bucket list to be part of a group that released 
>>> something that was already destined to fail.
>>> 
>>> However, I would like to make 2 points in this whole thing:
>>> 
>>> 1.  it’s a big shame to see that it was only fixed on the 4.5.x and not 
>>> pushed towards master. We have to stop this.
>>> 2. Would be nice to dedicate some time to check the emails around a release 
>>> cycle to avoid things like that. Cancelling it now means that many people 
>>> will have to go and redo many tests to make sure everything is fine! Nobody 
>>> wants a release that was half test only because a few lines of code changed.
>>> 
>>> If you agree with me, we can cancel it and start the RC3 cycle on the 23rd 
>>> November. We just need to get the other member of the community to agree on 
>>> that as well.
>>> 
>>> We just ask Shape Blue to run some tests on the 23rd, that’s all.
>>> 
>>> Cheers,
>>> Wilder
>>> 
>>> 
 On 13 Nov 2015, at 19:25, John Burwell  wrote:
 
 Wilder,
 
 As a community, we cannot knowingly ship a release containing a CVE 
 regression.  The industry best practice in this circumstance would be pull 
 the release and notify users not to use it.  Luckily, the release hasn’t 
 shipped yet, we can simply abort and create a new RC with CVE fix(es) 
 included.
 
 Thanks,
 -John
 
 ---
 John Burwell (@john_burwell)
 VP of Software Engineering, ShapeBlue
 (571) 403-2411 | +44 20 3603 0542
 http://www.shapeblue.com | @ShapeBlue
 53 Chandos Place, Covent Garden, London, WC2N 4HS
 
 
 
> On Nov 13, 2015, at 1:11 PM, Wilder Rodrigues 
>  wrote:
> 
> :(
> 
> Sad to hear that just that late in the release process, John. Even worse 
> to hear that it was already happening in 4.5.2 - released some months 
> ago. But no worries! With our new release process, we can do things, in a 
> proper way, quicker than before. The ACS 4.6.1 RC1 will be out within 2 
> weeks from now, fully tested and with the fixes - Redundant VPC 
> split-brain, S3 and you sec issue - included. We will increase the 
> release cycle, not because we release broken stuff, but because we want 
> to decrease the number of open issues.
> 
> Our goal is to make ACS better than any cloud platform in the market!
> 
> Cheers,
> Wilder
> 
> 
>> On 13 Nov 2015, at 18:45, John Burwell  
>> wrote:
>> 
>> All,
>> 
>> I realize my vote is comi

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[Rafael Weingärtner]

Hi John Burwell,
Did you test the RC? Or you just checked if the commit was present?

I have just checked and your changes that were introduced using the commit
"3a48171bd8a70c6012afce32c7636afffc1d2f7d" to the tag 4.5.2 are indeed in
master. The point here is that, when you do a rebase, a new commit is
created. Your changes were introduced to master using the commit
"ef44c7d305567c99eb1b0ec411a64b4d3582db75"

There is no need to stop the release process because of that.

On Fri, Nov 13, 2015 at 5:23 PM, John Burwell 
wrote:

> All,
>
> I realize when I reported my issue, I failed to state my methodology for
> determining the fix was not present in RC2.  I performed the following
> steps:
>
> 1. git fetch origin
> 2. git checkout master
> 3. git rebase origin/master
> 4. git tag --contains 3a48171b
>
> Steps 2 and 3 shouldn’t be necessary, but belts and suspenders.  The
> result of these steps was that only the 4.5.2 tag came back as containing
> the 3a48171b commit.  There is always the chance that I mucked up the
> check, and someone should double check my work before we go through the
> effort of pulling back an approved RC.
>
> Thanks,
> -John
>
> ---
> John Burwell (@john_burwell)
> VP of Software Engineering, ShapeBlue
> (571) 403-2411 | +44 20 3603 0542
> http://www.shapeblue.com | @ShapeBlue
> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> > On Nov 13, 2015, at 2:07 PM, John Burwell 
> wrote:
> >
> > Wilder,
> >
> > For now, I am just concerned with averting the security nightmare of
> shipping a CVE regression.  In terms of process, I don’t know how we
> proceed.  Were the vote still open, a single binding -1 would abort the
> RC.  We can either all decide by consensus not to pull back the RC or I can
> open a vote thread.  Personally, I would prefer consensus.
> >
> > After 4.6.0, there is no doubt we need to assess how this CVE (and
> potentially others) were not merged forward.  I am thinking we shift back
> through the git log to find all known CVE fixes and add each hash to a file
> representing the commits that must be present.  Our release tests then
> perform a git tag —contains for each has to ensure that no CVE fixes have
> been missed.
> >
> > Thanks,
> > -John
> >
> > ---
> > John Burwell (@john_burwell)
> > VP of Software Engineering, ShapeBlue
> > (571) 403-2411 | +44 20 3603 0542
> > http://www.shapeblue.com | @ShapeBlue
> > 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> >> On Nov 13, 2015, at 1:58 PM, Wilder Rodrigues <
> wrodrig...@schubergphilis.com> wrote:
> >>
> >> Hi John,
> >>
> >> If that actually goes agains a community/industry standard, I will
> support you. It is not in my bucket list to be part of a group that
> released something that was already destined to fail.
> >>
> >> However, I would like to make 2 points in this whole thing:
> >>
> >> 1.  it’s a big shame to see that it was only fixed on the 4.5.x and not
> pushed towards master. We have to stop this.
> >> 2. Would be nice to dedicate some time to check the emails around a
> release cycle to avoid things like that. Cancelling it now means that many
> people will have to go and redo many tests to make sure everything is fine!
> Nobody wants a release that was half test only because a few lines of code
> changed.
> >>
> >> If you agree with me, we can cancel it and start the RC3 cycle on the
> 23rd November. We just need to get the other member of the community to
> agree on that as well.
> >>
> >> We just ask Shape Blue to run some tests on the 23rd, that’s all.
> >>
> >> Cheers,
> >> Wilder
> >>
> >>
> >>> On 13 Nov 2015, at 19:25, John Burwell 
> wrote:
> >>>
> >>> Wilder,
> >>>
> >>> As a community, we cannot knowingly ship a release containing a CVE
> regression.  The industry best practice in this circumstance would be pull
> the release and notify users not to use it.  Luckily, the release hasn’t
> shipped yet, we can simply abort and create a new RC with CVE fix(es)
> included.
> >>>
> >>> Thanks,
> >>> -John
> >>>
> >>> ---
> >>> John Burwell (@john_burwell)
> >>> VP of Software Engineering, ShapeBlue
> >>> (571) 403-2411 | +44 20 3603 0542
> >>> http://www.shapeblue.com | @ShapeBlue
> >>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >>>
> >>>
> >>>
>  On Nov 13, 2015, at 1:11 PM, Wilder Rodrigues <
> wrodrig...@schubergphilis.com> wrote:
> 
>  :(
> 
>  Sad to hear that just that late in the release process, John. Even
> worse to hear that it was already happening in 4.5.2 - released some months
> ago. But no worries! With our new release process, we can do things, in a
> proper way, quicker than before. The ACS 4.6.1 RC1 will be out within 2
> weeks from now, fully tested and with the fixes - Redundant VPC
> split-brain, S3 and you sec issue - included. We will increase the release
> cycle, not because we release broken stuff, but because we want to decrease
> the number of open issues.
> 
>  Our goal is to make ACS better than any cloud pla

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[Remi Bergsma]

Thanks Rafael for confirming it too! I also tested it now and it really is not 
returning usernames and passwords.

@John please confirm this is what you wanted to see included.

On 13 Nov 2015, at 20:40, Rafael Weingärtner 
mailto:rafaelweingart...@gmail.com>> wrote:

Hi John Burwell,
Did you test the RC? Or you just checked if the commit was present?

I have just checked and your changes that were introduced using the commit 
"3a48171bd8a70c6012afce32c7636afffc1d2f7d" to the tag 4.5.2 are indeed in 
master. The point here is that, when you do a rebase, a new commit is created. 
Your changes were introduced to master using the commit 
"ef44c7d305567c99eb1b0ec411a64b4d3582db75"

There is no need to stop the release process because of that.

On Fri, Nov 13, 2015 at 5:23 PM, John Burwell 
mailto:john.burw...@shapeblue.com>> wrote:
All,

I realize when I reported my issue, I failed to state my methodology for 
determining the fix was not present in RC2.  I performed the following steps:

1. git fetch origin
2. git checkout master
3. git rebase origin/master
4. git tag --contains 3a48171b

Steps 2 and 3 shouldn’t be necessary, but belts and suspenders.  The result of 
these steps was that only the 4.5.2 tag came back as containing the 3a48171b 
commit.  There is always the chance that I mucked up the check, and someone 
should double check my work before we go through the effort of pulling back an 
approved RC.

Thanks,
-John

---
John Burwell (@john_burwell)
VP of Software Engineering, ShapeBlue
(571) 403-2411 | +44 20 3603 0542
http://www.shapeblue.com | @ShapeBlue
53 Chandos Place, Covent Garden, London, WC2N 4HS



> On Nov 13, 2015, at 2:07 PM, John Burwell 
> mailto:john.burw...@shapeblue.com>> wrote:
>
> Wilder,
>
> For now, I am just concerned with averting the security nightmare of shipping 
> a CVE regression.  In terms of process, I don’t know how we proceed.  Were 
> the vote still open, a single binding -1 would abort the RC.  We can either 
> all decide by consensus not to pull back the RC or I can open a vote thread.  
> Personally, I would prefer consensus.
>
> After 4.6.0, there is no doubt we need to assess how this CVE (and 
> potentially others) were not merged forward.  I am thinking we shift back 
> through the git log to find all known CVE fixes and add each hash to a file 
> representing the commits that must be present.  Our release tests then 
> perform a git tag —contains for each has to ensure that no CVE fixes have 
> been missed.
>
> Thanks,
> -John
>
> ---
> John Burwell (@john_burwell)
> VP of Software Engineering, ShapeBlue
> (571) 403-2411 | +44 20 3603 0542
> http://www.shapeblue.com | @ShapeBlue
> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
>> On Nov 13, 2015, at 1:58 PM, Wilder Rodrigues 
>> mailto:wrodrig...@schubergphilis.com>> wrote:
>>
>> Hi John,
>>
>> If that actually goes agains a community/industry standard, I will support 
>> you. It is not in my bucket list to be part of a group that released 
>> something that was already destined to fail.
>>
>> However, I would like to make 2 points in this whole thing:
>>
>> 1.  it’s a big shame to see that it was only fixed on the 4.5.x and not 
>> pushed towards master. We have to stop this.
>> 2. Would be nice to dedicate some time to check the emails around a release 
>> cycle to avoid things like that. Cancelling it now means that many people 
>> will have to go and redo many tests to make sure everything is fine! Nobody 
>> wants a release that was half test only because a few lines of code changed.
>>
>> If you agree with me, we can cancel it and start the RC3 cycle on the 23rd 
>> November. We just need to get the other member of the community to agree on 
>> that as well.
>>
>> We just ask Shape Blue to run some tests on the 23rd, that’s all.
>>
>> Cheers,
>> Wilder
>>
>>
>>> On 13 Nov 2015, at 19:25, John Burwell 
>>> mailto:john.burw...@shapeblue.com>> wrote:
>>>
>>> Wilder,
>>>
>>> As a community, we cannot knowingly ship a release containing a CVE 
>>> regression.  The industry best practice in this circumstance would be pull 
>>> the release and notify users not to use it.  Luckily, the release hasn’t 
>>> shipped yet, we can simply abort and create a new RC with CVE fix(es) 
>>> included.
>>>
>>> Thanks,
>>> -John
>>>
>>> ---
>>> John Burwell (@john_burwell)
>>> VP of Software Engineering, ShapeBlue
>>> (571) 403-2411 | +44 20 3603 0542
>>> http://www.shapeblue.com | @ShapeBlue
>>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>>
>>>
>>>
 On Nov 13, 2015, at 1:11 PM, Wilder Rodrigues 
 mailto:wrodrig...@schubergphilis.com>> 
 wrote:

 :(

 Sad to hear that just that late in the release process, John. Even worse 
 to hear that it was already happening in 4.5.2 - released some months ago. 
 But no worries! With our new release process, we can do things, in a 
 proper way, quicker than before. The ACS 4.6.1 RC1 will be out within 2 
 weeks from now, fully 

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[John Burwell]

Rafeal,

Excellent news.  Since we found the fix in master, I withdraw my -1 and any 
concerns.

Per the steps I listed, I simply checked that the commit was pulled forward.  
Since I wrote the patch, I didn’t actually apply the changes to 4.5 or master — 
the reviewer performed these actions.  I agree that those applying fixes from 
other release branches to master must properly fast forward to maintain 
traceability.

Thanks,
-John

---
John Burwell (@john_burwell)
VP of Software Engineering, ShapeBlue
(571) 403-2411 | +44 20 3603 0542
http://www.shapeblue.com | @ShapeBlue
53 Chandos Place, Covent Garden, London, WC2N 4HS



> On Nov 13, 2015, at 2:40 PM, Rafael Weingärtner  
> wrote:
>
> Hi John Burwell,
> Did you test the RC? Or you just checked if the commit was present?
>
> I have just checked and your changes that were introduced using the commit
> "3a48171bd8a70c6012afce32c7636afffc1d2f7d" to the tag 4.5.2 are indeed in
> master. The point here is that, when you do a rebase, a new commit is
> created. Your changes were introduced to master using the commit
> "ef44c7d305567c99eb1b0ec411a64b4d3582db75"
>
> There is no need to stop the release process because of that.
>
> On Fri, Nov 13, 2015 at 5:23 PM, John Burwell 
> wrote:
>
>> All,
>>
>> I realize when I reported my issue, I failed to state my methodology for
>> determining the fix was not present in RC2.  I performed the following
>> steps:
>>
>> 1. git fetch origin
>> 2. git checkout master
>> 3. git rebase origin/master
>> 4. git tag --contains 3a48171b
>>
>> Steps 2 and 3 shouldn’t be necessary, but belts and suspenders.  The
>> result of these steps was that only the 4.5.2 tag came back as containing
>> the 3a48171b commit.  There is always the chance that I mucked up the
>> check, and someone should double check my work before we go through the
>> effort of pulling back an approved RC.
>>
>> Thanks,
>> -John
>>
>> ---
>> John Burwell (@john_burwell)
>> VP of Software Engineering, ShapeBlue
>> (571) 403-2411 | +44 20 3603 0542
>> http://www.shapeblue.com | @ShapeBlue
>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>
>>
>>
>>> On Nov 13, 2015, at 2:07 PM, John Burwell 
>> wrote:
>>>
>>> Wilder,
>>>
>>> For now, I am just concerned with averting the security nightmare of
>> shipping a CVE regression.  In terms of process, I don’t know how we
>> proceed.  Were the vote still open, a single binding -1 would abort the
>> RC.  We can either all decide by consensus not to pull back the RC or I can
>> open a vote thread.  Personally, I would prefer consensus.
>>>
>>> After 4.6.0, there is no doubt we need to assess how this CVE (and
>> potentially others) were not merged forward.  I am thinking we shift back
>> through the git log to find all known CVE fixes and add each hash to a file
>> representing the commits that must be present.  Our release tests then
>> perform a git tag —contains for each has to ensure that no CVE fixes have
>> been missed.
>>>
>>> Thanks,
>>> -John
>>>
>>> ---
>>> John Burwell (@john_burwell)
>>> VP of Software Engineering, ShapeBlue
>>> (571) 403-2411 | +44 20 3603 0542
>>> http://www.shapeblue.com | @ShapeBlue
>>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>>
>>>
>>>
 On Nov 13, 2015, at 1:58 PM, Wilder Rodrigues <
>> wrodrig...@schubergphilis.com> wrote:

 Hi John,

 If that actually goes agains a community/industry standard, I will
>> support you. It is not in my bucket list to be part of a group that
>> released something that was already destined to fail.

 However, I would like to make 2 points in this whole thing:

 1.  it’s a big shame to see that it was only fixed on the 4.5.x and not
>> pushed towards master. We have to stop this.
 2. Would be nice to dedicate some time to check the emails around a
>> release cycle to avoid things like that. Cancelling it now means that many
>> people will have to go and redo many tests to make sure everything is fine!
>> Nobody wants a release that was half test only because a few lines of code
>> changed.

 If you agree with me, we can cancel it and start the RC3 cycle on the
>> 23rd November. We just need to get the other member of the community to
>> agree on that as well.

 We just ask Shape Blue to run some tests on the 23rd, that’s all.

 Cheers,
 Wilder


> On 13 Nov 2015, at 19:25, John Burwell 
>> wrote:
>
> Wilder,
>
> As a community, we cannot knowingly ship a release containing a CVE
>> regression.  The industry best practice in this circumstance would be pull
>> the release and notify users not to use it.  Luckily, the release hasn’t
>> shipped yet, we can simply abort and create a new RC with CVE fix(es)
>> included.
>
> Thanks,
> -John
>
> ---
> John Burwell (@john_burwell)
> VP of Software Engineering, ShapeBlue
> (571) 403-2411 | +44 20 3603 0542
> http://www.shapeblue.com | @ShapeBlue
> 53 Chandos Place, Covent G

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[Remi Bergsma]

Hi John,

Great news, thanks for confirming. 

Regards,
Remi


> On 13 Nov 2015, at 20:53, John Burwell  wrote:
> 
> Rafeal,
> 
> Excellent news.  Since we found the fix in master, I withdraw my -1 and any 
> concerns.
> 
> Per the steps I listed, I simply checked that the commit was pulled forward.  
> Since I wrote the patch, I didn’t actually apply the changes to 4.5 or master 
> — the reviewer performed these actions.  I agree that those applying fixes 
> from other release branches to master must properly fast forward to maintain 
> traceability.
> 
> Thanks,
> -John
> 
> ---
> John Burwell (@john_burwell)
> VP of Software Engineering, ShapeBlue
> (571) 403-2411 | +44 20 3603 0542
> http://www.shapeblue.com | @ShapeBlue
> 53 Chandos Place, Covent Garden, London, WC2N 4HS
> 
> 
> 
>> On Nov 13, 2015, at 2:40 PM, Rafael Weingärtner 
>>  wrote:
>> 
>> Hi John Burwell,
>> Did you test the RC? Or you just checked if the commit was present?
>> 
>> I have just checked and your changes that were introduced using the commit
>> "3a48171bd8a70c6012afce32c7636afffc1d2f7d" to the tag 4.5.2 are indeed in
>> master. The point here is that, when you do a rebase, a new commit is
>> created. Your changes were introduced to master using the commit
>> "ef44c7d305567c99eb1b0ec411a64b4d3582db75"
>> 
>> There is no need to stop the release process because of that.
>> 
>> On Fri, Nov 13, 2015 at 5:23 PM, John Burwell 
>> wrote:
>> 
>>> All,
>>> 
>>> I realize when I reported my issue, I failed to state my methodology for
>>> determining the fix was not present in RC2.  I performed the following
>>> steps:
>>> 
>>> 1. git fetch origin
>>> 2. git checkout master
>>> 3. git rebase origin/master
>>> 4. git tag --contains 3a48171b
>>> 
>>> Steps 2 and 3 shouldn’t be necessary, but belts and suspenders.  The
>>> result of these steps was that only the 4.5.2 tag came back as containing
>>> the 3a48171b commit.  There is always the chance that I mucked up the
>>> check, and someone should double check my work before we go through the
>>> effort of pulling back an approved RC.
>>> 
>>> Thanks,
>>> -John
>>> 
>>> ---
>>> John Burwell (@john_burwell)
>>> VP of Software Engineering, ShapeBlue
>>> (571) 403-2411 | +44 20 3603 0542
>>> http://www.shapeblue.com | @ShapeBlue
>>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>> 
>>> 
>>> 
> On Nov 13, 2015, at 2:07 PM, John Burwell 
 wrote:
 
 Wilder,
 
 For now, I am just concerned with averting the security nightmare of
>>> shipping a CVE regression.  In terms of process, I don’t know how we
>>> proceed.  Were the vote still open, a single binding -1 would abort the
>>> RC.  We can either all decide by consensus not to pull back the RC or I can
>>> open a vote thread.  Personally, I would prefer consensus.
 
 After 4.6.0, there is no doubt we need to assess how this CVE (and
>>> potentially others) were not merged forward.  I am thinking we shift back
>>> through the git log to find all known CVE fixes and add each hash to a file
>>> representing the commits that must be present.  Our release tests then
>>> perform a git tag —contains for each has to ensure that no CVE fixes have
>>> been missed.
 
 Thanks,
 -John
 
 ---
 John Burwell (@john_burwell)
 VP of Software Engineering, ShapeBlue
 (571) 403-2411 | +44 20 3603 0542
 http://www.shapeblue.com | @ShapeBlue
 53 Chandos Place, Covent Garden, London, WC2N 4HS
 
 
 
> On Nov 13, 2015, at 1:58 PM, Wilder Rodrigues <
>>> wrodrig...@schubergphilis.com> wrote:
> 
> Hi John,
> 
> If that actually goes agains a community/industry standard, I will
>>> support you. It is not in my bucket list to be part of a group that
>>> released something that was already destined to fail.
> 
> However, I would like to make 2 points in this whole thing:
> 
> 1.  it’s a big shame to see that it was only fixed on the 4.5.x and not
>>> pushed towards master. We have to stop this.
> 2. Would be nice to dedicate some time to check the emails around a
>>> release cycle to avoid things like that. Cancelling it now means that many
>>> people will have to go and redo many tests to make sure everything is fine!
>>> Nobody wants a release that was half test only because a few lines of code
>>> changed.
> 
> If you agree with me, we can cancel it and start the RC3 cycle on the
>>> 23rd November. We just need to get the other member of the community to
>>> agree on that as well.
> 
> We just ask Shape Blue to run some tests on the 23rd, that’s all.
> 
> Cheers,
> Wilder
> 
> 
>> On 13 Nov 2015, at 19:25, John Burwell 
>>> wrote:
>> 
>> Wilder,
>> 
>> As a community, we cannot knowingly ship a release containing a CVE
>>> regression.  The industry best practice in this circumstance would be pull
>>> the release and notify users not to use it.  Luckily, the release hasn’t
>>> shipped yet, we c

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[Rafael Weingärtner]

Cool ;)
I agree with you that applying a patch using FF is easier to trace.

On Fri, Nov 13, 2015 at 5:53 PM, John Burwell 
wrote:

> Rafeal,
>
> Excellent news.  Since we found the fix in master, I withdraw my -1 and
> any concerns.
>
> Per the steps I listed, I simply checked that the commit was pulled
> forward.  Since I wrote the patch, I didn’t actually apply the changes to
> 4.5 or master — the reviewer performed these actions.  I agree that those
> applying fixes from other release branches to master must properly fast
> forward to maintain traceability.
>
> Thanks,
> -John
>
> ---
> John Burwell (@john_burwell)
> VP of Software Engineering, ShapeBlue
> (571) 403-2411 | +44 20 3603 0542
> http://www.shapeblue.com | @ShapeBlue
> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> > On Nov 13, 2015, at 2:40 PM, Rafael Weingärtner <
> rafaelweingart...@gmail.com> wrote:
> >
> > Hi John Burwell,
> > Did you test the RC? Or you just checked if the commit was present?
> >
> > I have just checked and your changes that were introduced using the
> commit
> > "3a48171bd8a70c6012afce32c7636afffc1d2f7d" to the tag 4.5.2 are indeed in
> > master. The point here is that, when you do a rebase, a new commit is
> > created. Your changes were introduced to master using the commit
> > "ef44c7d305567c99eb1b0ec411a64b4d3582db75"
> >
> > There is no need to stop the release process because of that.
> >
> > On Fri, Nov 13, 2015 at 5:23 PM, John Burwell <
> john.burw...@shapeblue.com>
> > wrote:
> >
> >> All,
> >>
> >> I realize when I reported my issue, I failed to state my methodology for
> >> determining the fix was not present in RC2.  I performed the following
> >> steps:
> >>
> >> 1. git fetch origin
> >> 2. git checkout master
> >> 3. git rebase origin/master
> >> 4. git tag --contains 3a48171b
> >>
> >> Steps 2 and 3 shouldn’t be necessary, but belts and suspenders.  The
> >> result of these steps was that only the 4.5.2 tag came back as
> containing
> >> the 3a48171b commit.  There is always the chance that I mucked up the
> >> check, and someone should double check my work before we go through the
> >> effort of pulling back an approved RC.
> >>
> >> Thanks,
> >> -John
> >>
> >> ---
> >> John Burwell (@john_burwell)
> >> VP of Software Engineering, ShapeBlue
> >> (571) 403-2411 | +44 20 3603 0542
> >> http://www.shapeblue.com | @ShapeBlue
> >> 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >>
> >>
> >>
> >>> On Nov 13, 2015, at 2:07 PM, John Burwell 
> >> wrote:
> >>>
> >>> Wilder,
> >>>
> >>> For now, I am just concerned with averting the security nightmare of
> >> shipping a CVE regression.  In terms of process, I don’t know how we
> >> proceed.  Were the vote still open, a single binding -1 would abort the
> >> RC.  We can either all decide by consensus not to pull back the RC or I
> can
> >> open a vote thread.  Personally, I would prefer consensus.
> >>>
> >>> After 4.6.0, there is no doubt we need to assess how this CVE (and
> >> potentially others) were not merged forward.  I am thinking we shift
> back
> >> through the git log to find all known CVE fixes and add each hash to a
> file
> >> representing the commits that must be present.  Our release tests then
> >> perform a git tag —contains for each has to ensure that no CVE fixes
> have
> >> been missed.
> >>>
> >>> Thanks,
> >>> -John
> >>>
> >>> ---
> >>> John Burwell (@john_burwell)
> >>> VP of Software Engineering, ShapeBlue
> >>> (571) 403-2411 | +44 20 3603 0542
> >>> http://www.shapeblue.com | @ShapeBlue
> >>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >>>
> >>>
> >>>
>  On Nov 13, 2015, at 1:58 PM, Wilder Rodrigues <
> >> wrodrig...@schubergphilis.com> wrote:
> 
>  Hi John,
> 
>  If that actually goes agains a community/industry standard, I will
> >> support you. It is not in my bucket list to be part of a group that
> >> released something that was already destined to fail.
> 
>  However, I would like to make 2 points in this whole thing:
> 
>  1.  it’s a big shame to see that it was only fixed on the 4.5.x and
> not
> >> pushed towards master. We have to stop this.
>  2. Would be nice to dedicate some time to check the emails around a
> >> release cycle to avoid things like that. Cancelling it now means that
> many
> >> people will have to go and redo many tests to make sure everything is
> fine!
> >> Nobody wants a release that was half test only because a few lines of
> code
> >> changed.
> 
>  If you agree with me, we can cancel it and start the RC3 cycle on the
> >> 23rd November. We just need to get the other member of the community to
> >> agree on that as well.
> 
>  We just ask Shape Blue to run some tests on the 23rd, that’s all.
> 
>  Cheers,
>  Wilder
> 
> 
> > On 13 Nov 2015, at 19:25, John Burwell 
> >> wrote:
> >
> > Wilder,
> >
> > As a community, we cannot knowingly ship a release containing a CVE
> >> regression. 

Re: [RESULT] [VOTE] Apache CloudStack 4.6.0

[Wilder Rodrigues]

Great news!

Let’s now focus on 4.6.1/4.7.0

Cheers,
Wilder


On 13 Nov 2015, at 20:57, Rafael Weingärtner 
mailto:rafaelweingart...@gmail.com>> wrote:

Cool ;)
I agree with you that applying a patch using FF is easier to trace.

On Fri, Nov 13, 2015 at 5:53 PM, John Burwell 
mailto:john.burw...@shapeblue.com>> wrote:
Rafeal,

Excellent news.  Since we found the fix in master, I withdraw my -1 and any 
concerns.

Per the steps I listed, I simply checked that the commit was pulled forward.  
Since I wrote the patch, I didn’t actually apply the changes to 4.5 or master — 
the reviewer performed these actions.  I agree that those applying fixes from 
other release branches to master must properly fast forward to maintain 
traceability.

Thanks,
-John

---
John Burwell (@john_burwell)
VP of Software Engineering, ShapeBlue
(571) 403-2411 | +44 20 3603 0542
http://www.shapeblue.com | @ShapeBlue
53 Chandos Place, Covent Garden, London, WC2N 4HS



> On Nov 13, 2015, at 2:40 PM, Rafael Weingärtner 
> mailto:rafaelweingart...@gmail.com>> wrote:
>
> Hi John Burwell,
> Did you test the RC? Or you just checked if the commit was present?
>
> I have just checked and your changes that were introduced using the commit
> "3a48171bd8a70c6012afce32c7636afffc1d2f7d" to the tag 4.5.2 are indeed in
> master. The point here is that, when you do a rebase, a new commit is
> created. Your changes were introduced to master using the commit
> "ef44c7d305567c99eb1b0ec411a64b4d3582db75"
>
> There is no need to stop the release process because of that.
>
> On Fri, Nov 13, 2015 at 5:23 PM, John Burwell 
> mailto:john.burw...@shapeblue.com>>
> wrote:
>
>> All,
>>
>> I realize when I reported my issue, I failed to state my methodology for
>> determining the fix was not present in RC2.  I performed the following
>> steps:
>>
>> 1. git fetch origin
>> 2. git checkout master
>> 3. git rebase origin/master
>> 4. git tag --contains 3a48171b
>>
>> Steps 2 and 3 shouldn’t be necessary, but belts and suspenders.  The
>> result of these steps was that only the 4.5.2 tag came back as containing
>> the 3a48171b commit.  There is always the chance that I mucked up the
>> check, and someone should double check my work before we go through the
>> effort of pulling back an approved RC.
>>
>> Thanks,
>> -John
>>
>> ---
>> John Burwell (@john_burwell)
>> VP of Software Engineering, ShapeBlue
>> (571) 403-2411 | +44 20 3603 0542
>> http://www.shapeblue.com | @ShapeBlue
>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>
>>
>>
>>> On Nov 13, 2015, at 2:07 PM, John Burwell 
>>> mailto:john.burw...@shapeblue.com>>
>> wrote:
>>>
>>> Wilder,
>>>
>>> For now, I am just concerned with averting the security nightmare of
>> shipping a CVE regression.  In terms of process, I don’t know how we
>> proceed.  Were the vote still open, a single binding -1 would abort the
>> RC.  We can either all decide by consensus not to pull back the RC or I can
>> open a vote thread.  Personally, I would prefer consensus.
>>>
>>> After 4.6.0, there is no doubt we need to assess how this CVE (and
>> potentially others) were not merged forward.  I am thinking we shift back
>> through the git log to find all known CVE fixes and add each hash to a file
>> representing the commits that must be present.  Our release tests then
>> perform a git tag —contains for each has to ensure that no CVE fixes have
>> been missed.
>>>
>>> Thanks,
>>> -John
>>>
>>> ---
>>> John Burwell (@john_burwell)
>>> VP of Software Engineering, ShapeBlue
>>> (571) 403-2411 | +44 20 3603 0542
>>> http://www.shapeblue.com | @ShapeBlue
>>> 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>>
>>>
>>>
 On Nov 13, 2015, at 1:58 PM, Wilder Rodrigues <
>> wrodrig...@schubergphilis.com> wrote:

 Hi John,

 If that actually goes agains a community/industry standard, I will
>> support you. It is not in my bucket list to be part of a group that
>> released something that was already destined to fail.

 However, I would like to make 2 points in this whole thing:

 1.  it’s a big shame to see that it was only fixed on the 4.5.x and not
>> pushed towards master. We have to stop this.
 2. Would be nice to dedicate some time to check the emails around a
>> release cycle to avoid things like that. Cancelling it now means that many
>> people will have to go and redo many tests to make sure everything is fine!
>> Nobody wants a release that was half test only because a few lines of code
>> changed.

 If you agree with me, we can cancel it and start the RC3 cycle on the
>> 23rd November. We just need to get the other member of the community to
>> agree on that as well.

 We just ask Shape Blue to run some tests on the 23rd, that’s all.

 Cheers,
 Wilder


> On 13 Nov 2015, at 19:25, John Burwell 
> mailto:john.burw...@shapeblue.com>

Preparing 4.6.0 for announce

[Remi Bergsma]

Hi all,

Now that we have a 4.6.0 GA release, we need to do some extra work to get it to 
our users. Let’s share the load and make it happen fast!

What’s on my list:

  *   Release Notes for 4.6.0 (let’s list the cool new stuff)
  *   Jira needs to be up2date (was everything tagged with fixed-version 4.6.0 
really fixed?)
  *   Documentation needs to be updated (4.6 branch / sections)
  *   API documentation needs to be published (we kicked off a Jenkins job, a 
PR needs to be sent to cloudstack-www)
  *   Packages need to be prepared on cloudstack.apt-get.eu
  *   Announcement on the website
  *   Announcement e-mail (will do this once everything is in place)

Some of us already worked on this. Please reply with an update on the current 
status so we know what is still needed. I would aim for this to be ready on 
Monday or Tuesday the latest.


Please also note:

I just pushed the 4.6.0 tag. I’m also preparing a 4.6 branch from which we can 
create 4.6.x releases and also will prepare master for 4.7. I will complete 
this work over the weekend.

  *   Update your Pull Requests where needed: Bug fixes that need to be fixed 
in 4.6.0 need a Pull Request against 4.6 and after it is merged, it will be 
forward merged to master (I’m sure John will love this!)
  *   Any Pull Request (new features for example) to master will not be 
available in 4.6.x

Do NOT merge stuff to master yet, please.

I will send another mail over the weekend on how I think we should proceed, now 
we have a stable master and a first release off of it.

Have a nice weekend!

Regards,
Remi

Re: Preparing 4.6.0 for announce

[Boris Schrijver]

Hi,

Once branched and tagged, I'll create the packages and upload them to
cloudstack.apt-get.eu!

Already busy on 4.7!!

-- 

Met vriendelijke groet / Kind regards,

Boris Schrijver

PCextreme B.V.

http://www.pcextreme.nl/contact
Tel direct: +31 6 33784542

> On November 13, 2015 at 9:44 PM Remi Bergsma 
> wrote:
> 
> 
> Hi all,
> 
> Now that we have a 4.6.0 GA release, we need to do some extra work to get it
> to our users. Let’s share the load and make it happen fast!
> 
> What’s on my list:
> 
>   *   Release Notes for 4.6.0 (let’s list the cool new stuff)
>   *   Jira needs to be up2date (was everything tagged with fixed-version 4.6.0
> really fixed?)
>   *   Documentation needs to be updated (4.6 branch / sections)
>   *   API documentation needs to be published (we kicked off a Jenkins job, a
> PR needs to be sent to cloudstack-www)
>   *   Packages need to be prepared on cloudstack.apt-get.eu
>   *   Announcement on the website
>   *   Announcement e-mail (will do this once everything is in place)
> 
> Some of us already worked on this. Please reply with an update on the current
> status so we know what is still needed. I would aim for this to be ready on
> Monday or Tuesday the latest.
> 
> 
> Please also note:
> 
> I just pushed the 4.6.0 tag. I’m also preparing a 4.6 branch from which we can
> create 4.6.x releases and also will prepare master for 4.7. I will complete
> this work over the weekend.
> 
>   *   Update your Pull Requests where needed: Bug fixes that need to be fixed
> in 4.6.0 need a Pull Request against 4.6 and after it is merged, it will be
> forward merged to master (I’m sure John will love this!)
>   *   Any Pull Request (new features for example) to master will not be
> available in 4.6.x
> 
> Do NOT merge stuff to master yet, please.
> 
> I will send another mail over the weekend on how I think we should proceed,
> now we have a stable master and a first release off of it.
> 
> Have a nice weekend!
> 
> Regards,
> Remi
>

Still no direct commit on master

[Sebastien Goasguen]

Folks just a quick note,

While 4.6.0 is out (almost) we should not direct commit on master.

Master is now our release branch fir 4.7.

Let's be patient a bit more to finish the 4.6 items remi mentioned and we will 
have a clear process for 4.7.

-Sebastien