Re: [PR] chore(deps): bump golang.org/x/net from 0.23.0 to 0.38.0 [cloudstack-terraform-provider]

2025-06-10 Thread via GitHub 


CodeBleu commented on PR #171:
URL: 
https://github.com/apache/cloudstack-terraform-provider/pull/171#issuecomment-2960650343

   @dependabot rebase


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [ANNOUNCE] CloudStack 4.19.3.0 and 4.20.1.0 Release

2025-06-10 Thread Rohit Yadav 
Great to have the new releases!

Thanks Pearl, Daan and everyone who's contributed to the releases.

Regards.
 



From: Nicolas Vazquez 
Sent: Tuesday, June 10, 2025 23:06
To: dev@cloudstack.apache.org 
Subject: Re: [ANNOUNCE] CloudStack 4.19.3.0 and 4.20.1.0 Release

Congratulations all and thanks Pearl and Daan for the releases work!

Regards,
Nicolas Vazquez





From: Pearl Dsilva 
Date: Tuesday, 10 June 2025 at 10:56
To: dev 
Subject: [ANNOUNCE] CloudStack 4.19.3.0 and 4.20.1.0 Release
# Apache CloudStack LTS Maintenance Releases 4.19.3.0 and 4.20.1.0

The Apache CloudStack project is pleased to announce the release of
CloudStack 4.19.3.0 and 4.20.1.0. The CloudStack releases 4.19.3.0 and
4.20.1.0 are maintenance releases as part of their 4.19.x and 4.20.x LTS
branches respectively. CloudStack release 4.19.3.0 contains more than 120
fixes and improvements since CloudStack 4.19.2.0 and CloudStack 4.20.1.0
contains more than 150 fixes and improvements since CloudStack 4.20.0.0
release.

Highlights of 4.19.3.0 include:

* Fixes broken console access after upgrade to 4.19.2.0 on VMware
* Improve listing of VMware Datacenter VMs for migration to KVM
* Infinite scroll UI component to retrieve more items on reaching end of
list
* Prevention of duplication HA jobs and alerts
* Fix SAML2 plugin limitations and SAML multi-account selector in the UI
* Improvements to Linstor

Highlights of 4.20.1.0 include:

CloudStack 4.20.1.0 includes all the fixes from the 4.19.3.0 release.
* Improvements to multi-architecture support in CloudStack
* vTPM support for KVM and VMware
* Support for XenServer 8.4 / XCP-ng 8.3
* Added support for VMware 80u2 and 80u3
* Updated System VM template to Debian 12.11
* NAS B&R improvements
* Experimental Support of EL10 as Management Server and KVM host

CloudStack LTS branches are supported for 18 months and will receive
updates for the first 12 months and only security updates in the last 6
months.

Apache CloudStack is an integrated Infrastructure-as-a-Service (IaaS)
software platform that allows users to build feature-rich public and
private cloud environments. CloudStack includes an intuitive user interface
and rich API for managing the compute, networking, software, and storage
resources. The project became an Apache top-level project in March, 2013.

More information about Apache CloudStack can be found at:
https://cloudstack.apache.org/

# Documentation

What's new in  CloudStack 4.19.3.0:
https://docs.cloudstack.apache.org/en/4.19.3.0/releasenotes/about.html

What's new in  CloudStack 4.20.1.0:
https://docs.cloudstack.apache.org/en/4.20.1.0/releasenotes/about.html


The 4.19.3.0 release notes include a full list of issues fixed, as well as
upgrade instructions from previous versions of Apache CloudStack, and can
be found at:
https://docs.cloudstack.apache.org/en/4.19.3.0/releasenotes/

The 4.20.1.0 release notes include a full list of issues fixed, as well as
upgrade instructions from previous versions of Apache CloudStack, and can
be found at:
https://docs.cloudstack.apache.org/en/4.20.1.0/releasenotes/

The official installation, administration, and API documentation for each
of the releases are available on our documentation page:
https://docs.cloudstack.apache.org/

# Downloads

The official source code for the 4.19.3.0 and 4.20.1.0 releases can be
downloaded from our downloads page:
https://cloudstack.apache.org/downloads

In addition to the official source code release, individual contributors
have also made convenience binaries available on the Apache CloudStack
download page, and can be found at:

https://download.cloudstack.org/el/7/
https://download.cloudstack.org/el/8/
https://download.cloudstack.org/el/9/

https://download.cloudstack.org/suse/15
https://download.cloudstack.org/ubuntu/dists/
https://www.shapeblue.com/packages/

Regards,
Pearl & Daan

Re: [PR] service offering. sdk framework rewrite [cloudstack-terraform-provider]

2025-06-10 Thread via GitHub 


CodeBleu commented on PR #138:
URL: 
https://github.com/apache/cloudstack-terraform-provider/pull/138#issuecomment-2960471367

   @poddm Reviewing this PR again, I believe the only issue remaining ( that I 
had) was the `root_disk_size` needing to work if not specified or set to `0`  
You can see above where I was able to resolve that issue.  Is this something 
you can add to your PR and hopefully we can get this across the line? CC: 
@vishesh92 
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] chore(deps): bump github.com/cloudflare/circl from 1.3.7 to 1.6.1 [cloudstack-terraform-provider]

2025-06-10 Thread via GitHub 


dependabot[bot] opened a new pull request, #188:
URL: https://github.com/apache/cloudstack-terraform-provider/pull/188

   Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) 
from 1.3.7 to 1.6.1.
   
   Release notes
   Sourced from https://github.com/cloudflare/circl/releases";>github.com/cloudflare/circl's
 releases.
   
   CIRCL v1.6.1
   
   Fixes some point checks on the FourQ curve.
   Hybrid KEM fails on low-order points.
   
   What's Changed
   
   kem/hybrid: ensure X25519 hybrids fails with low order points by https://github.com/Lekensteyn";>@​Lekensteyn in https://redirect.github.com/cloudflare/circl/pull/541";>cloudflare/circl#541
   .github: Use native ARM64 builders instead of QEMU by https://github.com/Lekensteyn";>@​Lekensteyn in https://redirect.github.com/cloudflare/circl/pull/542";>cloudflare/circl#542
   Fixes several errors on twisted Edwards curves. by https://github.com/armfazh";>@​armfazh in https://redirect.github.com/cloudflare/circl/pull/545";>cloudflare/circl#545
   Release v1.6.1 by https://github.com/armfazh";>@​armfazh in https://redirect.github.com/cloudflare/circl/pull/546";>cloudflare/circl#546
   
   Full Changelog: https://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1";>https://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1
   CIRCL v1.6.0
   New!
   
   https://github.com/cloudflare/circl/blob/main/vdaf/prio3";>Prio3 
Verifiable Distributed Aggregation Function (https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/";>draft-irtf-cfrg-vdaf).
   https://github.com/cloudflare/circl/blob/main/kem/xwing";>X-Wing: 
general-purpose hybrid post-quantum KEM (https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/";>draft-connolly-cfrg-xwing-kem)
   
   What's Changed
   
   Add OIDs to ML-DSA by https://github.com/bwesterb";>@​bwesterb in https://redirect.github.com/cloudflare/circl/pull/519";>cloudflare/circl#519
   Adds Prio3 a set of verifiable distributed aggregation functions. by https://github.com/armfazh";>@​armfazh in https://redirect.github.com/cloudflare/circl/pull/522";>cloudflare/circl#522
   Run semgrep cronjob only in upstream repository. by https://github.com/armfazh";>@​armfazh in https://redirect.github.com/cloudflare/circl/pull/526";>cloudflare/circl#526
   X-Wing PQ/T hybrid by https://github.com/bwesterb";>@​bwesterb in https://redirect.github.com/cloudflare/circl/pull/471";>cloudflare/circl#471
   ckem: move crypto/elliptic to crypto/ecdh by https://github.com/MingLLuo";>@​MingLLuo in https://redirect.github.com/cloudflare/circl/pull/529";>cloudflare/circl#529
   hpke: Update HPKE code to use ecdh stdlib package. by https://github.com/armfazh";>@​armfazh in https://redirect.github.com/cloudflare/circl/pull/530";>cloudflare/circl#530
   prio3: Adds polynomial multiplication using NTT by https://github.com/armfazh";>@​armfazh in https://redirect.github.com/cloudflare/circl/pull/532";>cloudflare/circl#532
   Add Prio3 in readme. by https://github.com/armfazh";>@​armfazh in https://redirect.github.com/cloudflare/circl/pull/527";>cloudflare/circl#527
   
   New Contributors
   
   https://github.com/MingLLuo";>@​MingLLuo made 
their first contribution in https://redirect.github.com/cloudflare/circl/pull/529";>cloudflare/circl#529
   
   Full Changelog: https://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0";>https://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0
   CIRCL v1.5.0
   New: ML-DSA, Module-Lattice-based Digital Signature 
Algorithm.
   What's Changed
   
   kem: add X25519MLKEM768 TLS hybrid KEM by https://github.com/bwesterb";>@​bwesterb in https://redirect.github.com/cloudflare/circl/pull/510";>cloudflare/circl#510
   Create semgrep.yml by https://github.com/hrushikeshdeshpande";>@​hrushikeshdeshpande
 in https://redirect.github.com/cloudflare/circl/pull/514";>cloudflare/circl#514
   repo: Some fixes reported by CodeQL by https://github.com/armfazh";>@​armfazh in https://redirect.github.com/cloudflare/circl/pull/515";>cloudflare/circl#515
   Add ML-DSA (FIPS204) by https://github.com/bwesterb";>@​bwesterb in https://redirect.github.com/cloudflare/circl/pull/480";>cloudflare/circl#480
   sign/mldsa: Add test for ML-DSA signature verification. by https://github.com/armfazh";>@​armfazh in https://redirect.github.com/cloudflare/circl/pull/517";>cloudflare/circl#517
   Release v1.5.0 by https://github.com/armfazh";>@​armfazh in https://redirect.github.com/cloudflare/circl/pull/518";>cloudflare/circl#518
   
   New Contributors
   
   https://github.com/hrushikeshdeshpande";>@​hrushikeshdeshpande
 made their first contribution in https://redirect.github.com/cloudflare/circl/pull/514";>cloudflare/circl#514
   
   Full Changelog: https://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0";>https://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0
   
   
   ... (truncated)
   
   
   Commits
   
   https://github.com/cloudflare/circl/commit/c6d33e35234ebf5c4319d12ae7d77d7d17053e56";>c6d33e3
 Release v1

Re: [PROPOSE] RM for 4.21.0

2025-06-10 Thread Harikrishna Patnala 
Plan and timelines look good to me, Suresh. thanks for volunteering. I’ll be 
happy to get more involved with the next 4.22 release once we see some progress 
on this one.

Regards,
Harikrishna



 

From: Suresh Kumar Anaparti 
Date: Thursday, 5 June 2025 at 6:17 PM
To: dev , users 
Subject: Re: [PROPOSE] RM for 4.21.0
Hi All,

It's been a few months since the proposal, and we've so far closed 62
issues and PRs in the 4.21.0 milestone [1]. Currently, we've 208 open items
in the 4.21.0 milestone, tracked/triaged through the GitHub project 'Apache
CloudStack 4.21.0' [2]. Ping me (@sureshanaparti) on your issues and PRs
that are to be included in 4.21.0, if these are not in the milestone /
project.

4.21.0 release is proposed as a Regular (non-LTS) [3] release with the
following timelines, aiming to start the RC/vote by the end of Jul 2025:

- Now until mid-July 2025: Accept all PRs for the bug fixes, improvements,
features
- Until last week of Jul 2025: Accept any fixes and stabilise main/4.21
branch
- Last week of Jul 2025: Cut 4.21.0 RC1 (and further RCs if necessary),
start & conclude vote, and finish release work

Please let me know if you have any feedback, thoughts. Looking forward to
your support on bug fixes, reviews, and tests. Thanks.

[1] https://github.com/apache/cloudstack/milestone/35
[2] https://github.com/orgs/apache/projects/503
[3] https://cwiki.apache.org/confluence/display/CLOUDSTACK/LTS

Regards,
Suresh

On Mon, Feb 3, 2025 at 6:48 PM Suresh Kumar Anaparti <
sureshanapa...@apache.org> wrote:

> Hi All,
>
> I want to propose and put myself forward as the release manager for 4.21.0
> if there are no objections. I've previously RM'd 4.16.1.0 & 4.19.1.0
> releases, and co-RM'd some releases before that. I hope that experiences
> will help me here, for a successful release.
>
> I think, for 4.21.0, we can accept any features, improvements and bug
> fixes in the next few months until May-2025, and aim to cut RC in Q2 2025
> (sometime in Jun-2025). Please ping me (@sureshanaparti) on GitHub, in case
> you want to include any Issues/PRs in 4.21.0. I'll propose the timeline
> details soon.
>
> I hope to have your support. Please let me know if you have any
> thoughts/comments.
>
> Regards,
> Suresh
>

Re: [PR] Added health checks and monitoring to optional installation [cloudstack-documentation]

2025-06-10 Thread via GitHub 


DaanHoogland commented on PR #496:
URL: 
https://github.com/apache/cloudstack-documentation/pull/496#issuecomment-2957919582

   @daviftorres , I think @Pearl1594 is just suggesting. 21 should come out in 
september or so, so it is not vital.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] revert removal of ubunut EOL version [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 merged PR #522:
URL: https://github.com/apache/cloudstack-documentation/pull/522


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[ANNOUNCE] CloudStack 4.19.3.0 and 4.20.1.0 Release

2025-06-10 Thread Pearl Dsilva 
# Apache CloudStack LTS Maintenance Releases 4.19.3.0 and 4.20.1.0

The Apache CloudStack project is pleased to announce the release of
CloudStack 4.19.3.0 and 4.20.1.0. The CloudStack releases 4.19.3.0 and
4.20.1.0 are maintenance releases as part of their 4.19.x and 4.20.x LTS
branches respectively. CloudStack release 4.19.3.0 contains more than 120
fixes and improvements since CloudStack 4.19.2.0 and CloudStack 4.20.1.0
contains more than 150 fixes and improvements since CloudStack 4.20.0.0
release.

Highlights of 4.19.3.0 include:

* Fixes broken console access after upgrade to 4.19.2.0 on VMware
* Improve listing of VMware Datacenter VMs for migration to KVM
* Infinite scroll UI component to retrieve more items on reaching end of
list
* Prevention of duplication HA jobs and alerts
* Fix SAML2 plugin limitations and SAML multi-account selector in the UI
* Improvements to Linstor

Highlights of 4.20.1.0 include:

CloudStack 4.20.1.0 includes all the fixes from the 4.19.3.0 release.
* Improvements to multi-architecture support in CloudStack
* vTPM support for KVM and VMware
* Support for XenServer 8.4 / XCP-ng 8.3
* Added support for VMware 80u2 and 80u3
* Updated System VM template to Debian 12.11
* NAS B&R improvements
* Experimental Support of EL10 as Management Server and KVM host

CloudStack LTS branches are supported for 18 months and will receive
updates for the first 12 months and only security updates in the last 6
months.

Apache CloudStack is an integrated Infrastructure-as-a-Service (IaaS)
software platform that allows users to build feature-rich public and
private cloud environments. CloudStack includes an intuitive user interface
and rich API for managing the compute, networking, software, and storage
resources. The project became an Apache top-level project in March, 2013.

More information about Apache CloudStack can be found at:
https://cloudstack.apache.org/

# Documentation

What's new in  CloudStack 4.19.3.0:
https://docs.cloudstack.apache.org/en/4.19.3.0/releasenotes/about.html

What's new in  CloudStack 4.20.1.0:
https://docs.cloudstack.apache.org/en/4.20.1.0/releasenotes/about.html


The 4.19.3.0 release notes include a full list of issues fixed, as well as
upgrade instructions from previous versions of Apache CloudStack, and can
be found at:
https://docs.cloudstack.apache.org/en/4.19.3.0/releasenotes/

The 4.20.1.0 release notes include a full list of issues fixed, as well as
upgrade instructions from previous versions of Apache CloudStack, and can
be found at:
https://docs.cloudstack.apache.org/en/4.20.1.0/releasenotes/

The official installation, administration, and API documentation for each
of the releases are available on our documentation page:
https://docs.cloudstack.apache.org/

# Downloads

The official source code for the 4.19.3.0 and 4.20.1.0 releases can be
downloaded from our downloads page:
https://cloudstack.apache.org/downloads

In addition to the official source code release, individual contributors
have also made convenience binaries available on the Apache CloudStack
download page, and can be found at:

https://download.cloudstack.org/el/7/
https://download.cloudstack.org/el/8/
https://download.cloudstack.org/el/9/

https://download.cloudstack.org/suse/15
https://download.cloudstack.org/ubuntu/dists/
https://www.shapeblue.com/packages/

Regards,
Pearl & Daan

[PR] revert removal of ubunut EOL version [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 opened a new pull request, #522:
URL: https://github.com/apache/cloudstack-documentation/pull/522

   (no comment)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] notes on guest os category changes and modern image selection [cloudstack-documentation]

2025-06-10 Thread via GitHub 


rohityadavcloud merged PR #500:
URL: https://github.com/apache/cloudstack-documentation/pull/500


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Update 4.20.1 release notes [cloudstack-documentation]

2025-06-10 Thread via GitHub 


rohityadavcloud commented on code in PR #520:
URL: 
https://github.com/apache/cloudstack-documentation/pull/520#discussion_r2137590567


##
source/releasenotes/compat.rst:
##
@@ -45,11 +45,12 @@ Supported Hypervisor Versions
 CloudStack supports three hypervisor families, KVM, XenServer/XCP-ng with XAPI,
 and VMware with vSphere.
 
--  Ubuntu 20.04 LTS, 22.04 LTS, 24.04 LTS with KVM
+-  22.04 LTS, 24.04 LTS with KVM

Review Comment:
   ```suggestion
   -  Ubuntu 22.04 LTS, 24.04 LTS with KVM
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Revert "notes on guest os category changes and modern image selection" [cloudstack-documentation]

2025-06-10 Thread via GitHub 


shwstppr opened a new pull request, #518:
URL: https://github.com/apache/cloudstack-documentation/pull/518

   Reverts apache/cloudstack-documentation#500
   
   This should be merged in main.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] CKS Enhancements docs [cloudstack-documentation]

2025-06-10 Thread via GitHub 


sureshanaparti commented on code in PR #458:
URL: 
https://github.com/apache/cloudstack-documentation/pull/458#discussion_r2137438274


##
source/plugins/cloudstack-kubernetes-service.rst:
##
@@ -405,6 +450,266 @@ To remove an Instance from an ExternalManaged Kubernetes 
cluster:
These operations are only supported for an ExternalManaged Kubernetes 
Cluster
 
 
+.. _flexible-kubernetes-clusters:
+
+Flexible Kubernetes Clusters
+
+
+From 4.21.0, many enhancements have been added to CloudStack Kubernetes 
Service that allows users to:
+
+- Select the Hypervisor type for the Kubernetes Cluster nodes
+- Specify different templates and/or service offerings for different types of 
Kubernetes Clusters nodes
+- Use CKS-ready custom templates for Kubernetes cluster nodes marked as 'For 
CKS'
+- Separate etcd nodes from control nodes of the Kubernetes clusters
+- Add and remove a pre-created instance as a worker node to an existing 
Kubernetes cluster
+- Mark Kubernetes cluster nodes for manual-only upgrade
+- Dedicate specific hosts/clusters to a specific domain for CKS cluster 
deployment
+- Use diverse CNI plugins (Calico, Cilium, etc)
+
+Build a custom template to use for Kubernetes clusters nodes
+
+
+CloudStack provides a custom CKS-ready template based on Ubuntu 22.04 to be 
used for Kubernetes clusters nodes: 
https://download.cloudstack.org/testing/custom_templates/ubuntu/22.04/.
+
+This template contains all the required packages to be used as a Kubernetes 
cluster node. The default login credentials are: cloud:cloud.
+
+A user may decide not to use the provided CKS-ready template and build their 
own template. The following needs to be made sure is present on the template:
+
+- The following packages or the equivalent ones for the specific OS need to be 
installed:
+
+   .. code-block:: bash
+  
+  cloud-init cloud-guest-utils conntrack apt-transport-https 
ca-certificates curl gnupg gnupg-agent software-properties-common gnupg 
lsb-release python3-json-pointer python3-jsonschema containerd.io
+   
+- A user named `cloud` needs to be created and added to the sudoers list:
+   
+   .. code-block:: bash
+
+ sudo useradd -m -s /bin/bash cloud
+ echo "cloud:" | sudo chpasswd
+ 
+ # Edit /etc/sudoers file with:
+ cloud ALL=(ALL) NOPASSWD:ALL
+
+- Create the necessary directory /opt/bin:
+   
+   .. code-block:: bash
+
+ sudo mkdir -p /opt/bin
+
+- Once the VM is deployed, place the Management Server’s SSH Public key at the 
cloud user’s authorized_keys file at ~/.ssh/authorized_keys
+
+
+Registering a custom template for Kubernetes cluster nodes
+~~
+
+By default, the Kubernetes clusters nodes are deployed from the System VM 
template. On the Advanced Settings for Kubernetes clusters creation, CloudStack 
allows selecting templates for different types of nodes.
+
+To register a template that will be listed as an option for Kubernetes cluster 
nodes:
+
+- Set URL to the provided CKS-ready template at: 
https://download.cloudstack.org/testing/custom_templates/ubuntu/22.04/ or a 
custom template built from the section above.
+
+- Set the template specific values as usual for template registration.
+
+- Mark the option 'For CKS'. This ensures the template is considered as an 
option for Kubernetes cluster nodes on the Advanced Settings section for 
clusters creation.
+
+|cks-custom-template-registration.png|
+
+Separate etcd nodes from control nodes
+~~
+
+By default, a CKS cluster has 0 dedicated etcd nodes, and the etcd service 
runs on the control nodes. If etcd node count is set to a value greater than or 
equal to 1 during cluster creation, CloudStack will provision separate nodes 
exclusively for the etcd service, isolating them from the control nodes with 
the desired template and service offering if specified.
+
+To use separate etcd nodes, it is required to build and register a CKS ISO 
version containing the etcd binaries as explained in: 
:ref:`kubernetes-supported-versions`
+
+For convenience, some CKS ISOs are uploaded to: 
https://download.cloudstack.org/testing/cks/custom_templates/iso-etcd/
+
+Add an external VM Instance as a worker node to a Kubernetes cluster
+
+
+Requirements for a VM Instance to be added as worker node to a Kubernetes 
cluster:
+
+- At least 8GB ROOT disk size, 2 CPU cores and 2GB RAM
+
+- The VM Instance must have a NIC on the Kubernetes cluster network
+
+- **The Management Server’s SSH Public key must be added at the cloud user’s 
authorized_keys file at `~/.ssh/authorized_keys`**.
+
+The VM Instances meeting the requirements above can be added to the Kubernetes 
cluster by the `addNodesToKubernetesCluster` API specifying:
+
+- **id** (UUID of the Kuberne

[ADVISORY] Security Improvements in Apache CloudStack Releases 4.19.3.0 and 4.20.1.0

2025-06-10 Thread Pearl Dsilva 
 The Apache CloudStack project announces the LTS release of 4.19.3.0
and 4.20.1.0 that includes fixes that address the following security
issues:

 - CVE-2025-26521 (severity 'Critical')
 - CVE-2025-30675 (severity 'Low')
 - CVE-2025-47713 (severity 'Critical')
 - CVE-2025-47849 (severity 'Moderate')
 - CVE-2025-22829 (severity 'Low')

# CVE-2025-26521: CKS cluster in Project Exposes User API Keys

When an Apache CloudStack user-account creates a CKS-based Kubernetes
cluster in a project,
the API key and the secret key of the 'kubeadmin' user of the caller
account are used to create the
secret config in the CKS-based Kubernetes cluster. A member of the
project who can access the
CKS-based Kubernetes cluster, can also access the API key and secret
key of the 'kubeadmin'
user of the CKS cluster's creator's account. An attacker who's a
member of the project can exploit
this to impersonate and perform privileged actions that can result in
complete compromise of the
confidentiality, integrity, and availability of resources owned by the
creator's account.

CKS users are recommended to upgrade to version 4.19.3.0 or 4.20.1.0,
which fixes this issue.

Updating Existing Kubernetes Clusters in Projects

A service account should be created for each project to provide
limited access specifically for Kubernetes cluster providers and
autoscaling. Follow the steps below to create a new service account,
update the secret inside the cluster, and regenerate existing API and
service keys:

1. Create a New Service Account
Create a new account using the role "Project Kubernetes Service Role"
with the following details:

Account Name: kubeadmin-
First Name: Kubernetes
Last Name: Service User
Account Type: 0 (Normal User)
Role ID: 

2. Add the Service Account to the Project
Add this account to the project where the Kubernetes cluster(s) are hosted.

3. Generate API and Secret Keys
Generate API Key and Secret Key for the default user of this account.

4. Update the CloudStack Secret in the Kubernetes Cluster
Create a temporary file /tmp/cloud-config with the following data:

api-url =# For example: /client/api
api-key = 
secret-key = 
project-id = 

Delete the existing secret using kubectl and Kubernetes cluster config:

   ./kubectl --kubeconfig kube.conf -n kube-system delete secret
cloudstack-secret

Create a new secret using kubectl and Kubernetes cluster config:

./kubectl --kubeconfig kube.conf -n kube-system create secret
generic cloudstack-secret --from-file=/tmp/cloud-config

Remove the temporary file:

rm /tmp/cloud-config

5. Regenerate API and Secret Keys
Regenerate the API and secret keys for the original user account that
was used to create the Kubernetes cluster.


# CVE-2025-30675: Unauthorised template/ISO list access to the
domain/resource admins

In Apache CloudStack, a flaw in access control affects the
listTemplates and listIsos APIs.
A malicious Domain Admin or Resource Admin can exploit this issue by
intentionally specifying
the 'domainid' parameter along with the 'filter=self' or
'filter=selfexecutable' values.
This allows the attacker to gain unauthorized visibility into
templates and ISOs under the ROOT domain.
A malicious admin can enumerate and extract metadata of templates and
ISOs that belong to unrelated
domains, violating isolation boundaries and potentially exposing
sensitive or internal configuration details.

This vulnerability has been fixed by ensuring the domain resolution
strictly adheres to the caller's scope
rather than defaulting to the ROOT domain.

Affected users are recommended to upgrade to Apache CloudStack
4.19.3.0 or 4.20.1.0.

# CVE-2025-47713: Domain Admin can reset Admin password in Root Domain

A privilege escalation vulnerability exists in Apache CloudStack
versions 4.10.0.0 through 4.20.0.0
where a malicious Domain Admin user in the ROOT domain can reset the
password of user-accounts
of Admin role type. This operation is not appropriately restricted and
allows the attacker to assume control
over higher-privileged user-accounts. A malicious Domain Admin
attacker can impersonate an Admin
user-account and gain access to sensitive APIs and resources that
could result in the compromise of
resource integrity and confidentiality, data loss, denial of service,
and availability of infrastructure
managed by CloudStack.

Users are recommended to upgrade to Apache CloudStack 4.19.3.0 or
4.20.1.0, which fixes the issue with the following:

Strict validation on Role Type hierarchy: the caller's user-account
role must be equal to or higher than the target user-account's role.
API privilege comparison: the caller must possess all privileges of
the user they are operating on.
Two new domain-level settings (restricted to the default Admin):
 - role.types.allowed.for.operations.on.accounts.of.same.role.type:
Defines which role types are allowed to act on users of the same role
type. Default: "Admin, DomainAdmin, ResourceAdmin".
   - allow.operations.on.users.in.same.account: All

[PR] Update 4.20.1 release notes [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 opened a new pull request, #520:
URL: https://github.com/apache/cloudstack-documentation/pull/520

   (no comment)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] CKS Enhancements docs [cloudstack-documentation]

2025-06-10 Thread via GitHub 


sureshanaparti commented on code in PR #458:
URL: 
https://github.com/apache/cloudstack-documentation/pull/458#discussion_r2137438833


##
source/plugins/cloudstack-kubernetes-service.rst:
##
@@ -405,6 +450,266 @@ To remove an Instance from an ExternalManaged Kubernetes 
cluster:
These operations are only supported for an ExternalManaged Kubernetes 
Cluster
 
 
+.. _flexible-kubernetes-clusters:
+
+Flexible Kubernetes Clusters
+
+
+From 4.21.0, many enhancements have been added to CloudStack Kubernetes 
Service that allows users to:
+
+- Select the Hypervisor type for the Kubernetes Cluster nodes
+- Specify different templates and/or service offerings for different types of 
Kubernetes Clusters nodes
+- Use CKS-ready custom templates for Kubernetes cluster nodes marked as 'For 
CKS'
+- Separate etcd nodes from control nodes of the Kubernetes clusters
+- Add and remove a pre-created instance as a worker node to an existing 
Kubernetes cluster
+- Mark Kubernetes cluster nodes for manual-only upgrade
+- Dedicate specific hosts/clusters to a specific domain for CKS cluster 
deployment
+- Use diverse CNI plugins (Calico, Cilium, etc)
+
+Build a custom template to use for Kubernetes clusters nodes
+
+
+CloudStack provides a custom CKS-ready template based on Ubuntu 22.04 to be 
used for Kubernetes clusters nodes: 
https://download.cloudstack.org/testing/custom_templates/ubuntu/22.04/.
+
+This template contains all the required packages to be used as a Kubernetes 
cluster node. The default login credentials are: cloud:cloud.
+
+A user may decide not to use the provided CKS-ready template and build their 
own template. The following needs to be made sure is present on the template:
+
+- The following packages or the equivalent ones for the specific OS need to be 
installed:
+
+   .. code-block:: bash
+  
+  cloud-init cloud-guest-utils conntrack apt-transport-https 
ca-certificates curl gnupg gnupg-agent software-properties-common gnupg 
lsb-release python3-json-pointer python3-jsonschema containerd.io
+   
+- A user named `cloud` needs to be created and added to the sudoers list:
+   
+   .. code-block:: bash
+
+ sudo useradd -m -s /bin/bash cloud
+ echo "cloud:" | sudo chpasswd
+ 
+ # Edit /etc/sudoers file with:
+ cloud ALL=(ALL) NOPASSWD:ALL
+
+- Create the necessary directory /opt/bin:
+   
+   .. code-block:: bash
+
+ sudo mkdir -p /opt/bin
+
+- Once the VM is deployed, place the Management Server’s SSH Public key at the 
cloud user’s authorized_keys file at ~/.ssh/authorized_keys
+
+
+Registering a custom template for Kubernetes cluster nodes
+~~
+
+By default, the Kubernetes clusters nodes are deployed from the System VM 
template. On the Advanced Settings for Kubernetes clusters creation, CloudStack 
allows selecting templates for different types of nodes.
+
+To register a template that will be listed as an option for Kubernetes cluster 
nodes:
+
+- Set URL to the provided CKS-ready template at: 
https://download.cloudstack.org/testing/custom_templates/ubuntu/22.04/ or a 
custom template built from the section above.
+
+- Set the template specific values as usual for template registration.
+
+- Mark the option 'For CKS'. This ensures the template is considered as an 
option for Kubernetes cluster nodes on the Advanced Settings section for 
clusters creation.
+
+|cks-custom-template-registration.png|
+
+Separate etcd nodes from control nodes
+~~
+
+By default, a CKS cluster has 0 dedicated etcd nodes, and the etcd service 
runs on the control nodes. If etcd node count is set to a value greater than or 
equal to 1 during cluster creation, CloudStack will provision separate nodes 
exclusively for the etcd service, isolating them from the control nodes with 
the desired template and service offering if specified.
+
+To use separate etcd nodes, it is required to build and register a CKS ISO 
version containing the etcd binaries as explained in: 
:ref:`kubernetes-supported-versions`
+
+For convenience, some CKS ISOs are uploaded to: 
https://download.cloudstack.org/testing/cks/custom_templates/iso-etcd/
+
+Add an external VM Instance as a worker node to a Kubernetes cluster
+
+
+Requirements for a VM Instance to be added as worker node to a Kubernetes 
cluster:
+
+- At least 8GB ROOT disk size, 2 CPU cores and 2GB RAM
+
+- The VM Instance must have a NIC on the Kubernetes cluster network
+
+- **The Management Server’s SSH Public key must be added at the cloud user’s 
authorized_keys file at `~/.ssh/authorized_keys`**.
+
+The VM Instances meeting the requirements above can be added to the Kubernetes 
cluster by the `addNodesToKubernetesCluster` API specifying:
+
+- **id** (UUID of the Kuberne

[PR] notes on guest os category changes and modern image selection [cloudstack-documentation]

2025-06-10 Thread via GitHub 


shwstppr opened a new pull request, #519:
URL: https://github.com/apache/cloudstack-documentation/pull/519

   Related #10773
   
   About changes should be moved to 4.21 about when released


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Update 4.20.1 release notes [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 merged PR #520:
URL: https://github.com/apache/cloudstack-documentation/pull/520


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Remove EOL Ubuntu version [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 merged PR #521:
URL: https://github.com/apache/cloudstack-documentation/pull/521


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Remove EOL Ubuntu version [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 opened a new pull request, #521:
URL: https://github.com/apache/cloudstack-documentation/pull/521

   (no comment)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [ANNOUNCE] CloudStack 4.19.3.0 and 4.20.1.0 Release

2025-06-10 Thread Nicolas Vazquez 
Congratulations all and thanks Pearl and Daan for the releases work!

Regards,
Nicolas Vazquez



 

From: Pearl Dsilva 
Date: Tuesday, 10 June 2025 at 10:56
To: dev 
Subject: [ANNOUNCE] CloudStack 4.19.3.0 and 4.20.1.0 Release
# Apache CloudStack LTS Maintenance Releases 4.19.3.0 and 4.20.1.0

The Apache CloudStack project is pleased to announce the release of
CloudStack 4.19.3.0 and 4.20.1.0. The CloudStack releases 4.19.3.0 and
4.20.1.0 are maintenance releases as part of their 4.19.x and 4.20.x LTS
branches respectively. CloudStack release 4.19.3.0 contains more than 120
fixes and improvements since CloudStack 4.19.2.0 and CloudStack 4.20.1.0
contains more than 150 fixes and improvements since CloudStack 4.20.0.0
release.

Highlights of 4.19.3.0 include:

* Fixes broken console access after upgrade to 4.19.2.0 on VMware
* Improve listing of VMware Datacenter VMs for migration to KVM
* Infinite scroll UI component to retrieve more items on reaching end of
list
* Prevention of duplication HA jobs and alerts
* Fix SAML2 plugin limitations and SAML multi-account selector in the UI
* Improvements to Linstor

Highlights of 4.20.1.0 include:

CloudStack 4.20.1.0 includes all the fixes from the 4.19.3.0 release.
* Improvements to multi-architecture support in CloudStack
* vTPM support for KVM and VMware
* Support for XenServer 8.4 / XCP-ng 8.3
* Added support for VMware 80u2 and 80u3
* Updated System VM template to Debian 12.11
* NAS B&R improvements
* Experimental Support of EL10 as Management Server and KVM host

CloudStack LTS branches are supported for 18 months and will receive
updates for the first 12 months and only security updates in the last 6
months.

Apache CloudStack is an integrated Infrastructure-as-a-Service (IaaS)
software platform that allows users to build feature-rich public and
private cloud environments. CloudStack includes an intuitive user interface
and rich API for managing the compute, networking, software, and storage
resources. The project became an Apache top-level project in March, 2013.

More information about Apache CloudStack can be found at:
https://cloudstack.apache.org/

# Documentation

What's new in  CloudStack 4.19.3.0:
https://docs.cloudstack.apache.org/en/4.19.3.0/releasenotes/about.html

What's new in  CloudStack 4.20.1.0:
https://docs.cloudstack.apache.org/en/4.20.1.0/releasenotes/about.html


The 4.19.3.0 release notes include a full list of issues fixed, as well as
upgrade instructions from previous versions of Apache CloudStack, and can
be found at:
https://docs.cloudstack.apache.org/en/4.19.3.0/releasenotes/

The 4.20.1.0 release notes include a full list of issues fixed, as well as
upgrade instructions from previous versions of Apache CloudStack, and can
be found at:
https://docs.cloudstack.apache.org/en/4.20.1.0/releasenotes/

The official installation, administration, and API documentation for each
of the releases are available on our documentation page:
https://docs.cloudstack.apache.org/

# Downloads

The official source code for the 4.19.3.0 and 4.20.1.0 releases can be
downloaded from our downloads page:
https://cloudstack.apache.org/downloads

In addition to the official source code release, individual contributors
have also made convenience binaries available on the Apache CloudStack
download page, and can be found at:

https://download.cloudstack.org/el/7/
https://download.cloudstack.org/el/8/
https://download.cloudstack.org/el/9/

https://download.cloudstack.org/suse/15
https://download.cloudstack.org/ubuntu/dists/
https://www.shapeblue.com/packages/

Regards,
Pearl & Daan

Re: [PR] Release notes for 4.20.1 [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 commented on PR #509:
URL: 
https://github.com/apache/cloudstack-documentation/pull/509#issuecomment-2957989574

   @blueorangutan docbuild


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Release notes for 4.20.1 [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 merged PR #509:
URL: https://github.com/apache/cloudstack-documentation/pull/509


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Release notes for 4.20.1 [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 commented on PR #509:
URL: 
https://github.com/apache/cloudstack-documentation/pull/509#issuecomment-2958035049

   @blueorangutan docbuild


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] 4.19.3 release notes [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 commented on code in PR #508:
URL: 
https://github.com/apache/cloudstack-documentation/pull/508#discussion_r2137127917


##
source/releasenotes/about.rst:
##
@@ -17,7 +17,20 @@
 What's New in |release|
 ===
 
-Apache CloudStack |release| is a 4.19 LTS minor release with over 170 fixes
+Apache CloudStack 4.19.3 is a minor release with a limited number of
+assorted fixes.
+
+* Fixes broken console access after upgrade to 4.19.2.0
+* Improve listing of Vmware Datacenter VMs for migration to KVM
+* Infinite scroll UI component to retrieve more items on reaching end of list
+* Prevention of duplication HA jobs and alerts
+* Fix SAML2 plugin limitations and SAML multi-account selector in the UI
+* Improvements to Linstor
+
+What's New in 4.19.2
+
+
+Apache CloudStack 4.19.2 is a 4.19 LTS minor release with over 170 fixes

Review Comment:
   ```suggestion
   Apache CloudStack 4.19.3 is a 4.19 LTS minor release with over 170 fixes
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] 4.19.3 release notes [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 merged PR #508:
URL: https://github.com/apache/cloudstack-documentation/pull/508


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Release notes for 4.20.1 [cloudstack-documentation]

2025-06-10 Thread via GitHub 


blueorangutan commented on PR #509:
URL: 
https://github.com/apache/cloudstack-documentation/pull/509#issuecomment-2958037715

   @Pearl1594 a Jenkins job has been kicked to build the document. I'll keep 
you posted as I make progress.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Release notes for 4.20.1 [cloudstack-documentation]

2025-06-10 Thread via GitHub 


blueorangutan commented on PR #509:
URL: 
https://github.com/apache/cloudstack-documentation/pull/509#issuecomment-2958040793

   QA-Doc build preview: https://qa.cloudstack.cloud/builds/docs-build/pr/509. 
(QA-JID 363)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] 4.19.3 release notes [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 commented on code in PR #508:
URL: 
https://github.com/apache/cloudstack-documentation/pull/508#discussion_r2137128762


##
source/releasenotes/about.rst:
##
@@ -17,7 +17,20 @@
 What's New in |release|
 ===
 
-Apache CloudStack |release| is a 4.19 LTS minor release with over 170 fixes
+Apache CloudStack 4.19.3 is a minor release with a limited number of
+assorted fixes.
+
+* Fixes broken console access after upgrade to 4.19.2.0
+* Improve listing of Vmware Datacenter VMs for migration to KVM
+* Infinite scroll UI component to retrieve more items on reaching end of list
+* Prevention of duplication HA jobs and alerts
+* Fix SAML2 plugin limitations and SAML multi-account selector in the UI
+* Improvements to Linstor
+
+What's New in 4.19.2
+
+
+Apache CloudStack 4.19.2 is a 4.19 LTS minor release with over 170 fixes

Review Comment:
   the count of fixes needs to be verified.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] 4.19.3 release notes [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 commented on code in PR #508:
URL: 
https://github.com/apache/cloudstack-documentation/pull/508#discussion_r2137128762


##
source/releasenotes/about.rst:
##
@@ -17,7 +17,20 @@
 What's New in |release|
 ===
 
-Apache CloudStack |release| is a 4.19 LTS minor release with over 170 fixes
+Apache CloudStack 4.19.3 is a minor release with a limited number of
+assorted fixes.
+
+* Fixes broken console access after upgrade to 4.19.2.0
+* Improve listing of Vmware Datacenter VMs for migration to KVM
+* Infinite scroll UI component to retrieve more items on reaching end of list
+* Prevention of duplication HA jobs and alerts
+* Fix SAML2 plugin limitations and SAML multi-account selector in the UI
+* Improvements to Linstor
+
+What's New in 4.19.2
+
+
+Apache CloudStack 4.19.2 is a 4.19 LTS minor release with over 170 fixes

Review Comment:
   the count of fixes needs to be verified.



##
source/releasenotes/about.rst:
##
@@ -17,7 +17,20 @@
 What's New in |release|
 ===
 
-Apache CloudStack |release| is a 4.19 LTS minor release with over 170 fixes
+Apache CloudStack 4.19.3 is a minor release with a limited number of
+assorted fixes.
+
+* Fixes broken console access after upgrade to 4.19.2.0
+* Improve listing of Vmware Datacenter VMs for migration to KVM
+* Infinite scroll UI component to retrieve more items on reaching end of list
+* Prevention of duplication HA jobs and alerts
+* Fix SAML2 plugin limitations and SAML multi-account selector in the UI
+* Improvements to Linstor
+
+What's New in 4.19.2
+
+
+Apache CloudStack 4.19.2 is a 4.19 LTS minor release with over 170 fixes

Review Comment:
   ```suggestion
   Apache CloudStack 4.19.3 is a 4.19 LTS minor release with over 170 fixes
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Release notes for 4.20.1 [cloudstack-documentation]

2025-06-10 Thread via GitHub 


blueorangutan commented on PR #509:
URL: 
https://github.com/apache/cloudstack-documentation/pull/509#issuecomment-2957991667

   @Pearl1594 a Jenkins job has been kicked to build the document. I'll keep 
you posted as I make progress.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Release notes for 4.20.1 [cloudstack-documentation]

2025-06-10 Thread via GitHub 


blueorangutan commented on PR #509:
URL: 
https://github.com/apache/cloudstack-documentation/pull/509#issuecomment-2957994417

   QA-Doc build preview: https://qa.cloudstack.cloud/builds/docs-build/pr/509. 
(QA-JID 362)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Release notes for 4.20.1 [cloudstack-documentation]

2025-06-10 Thread via GitHub 


blueorangutan commented on PR #509:
URL: 
https://github.com/apache/cloudstack-documentation/pull/509#issuecomment-2957744607

   QA-Doc build preview: https://qa.cloudstack.cloud/builds/docs-build/pr/509. 
(QA-JID 361)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Release notes for 4.20.1 [cloudstack-documentation]

2025-06-10 Thread via GitHub 


Pearl1594 commented on PR #509:
URL: 
https://github.com/apache/cloudstack-documentation/pull/509#issuecomment-2958092178

   Thanks @shwstppr - Xenserver details were updated, I've updated details 
pertaining to VMware as well.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] 4.19.3 release notes [cloudstack-documentation]

2025-06-10 Thread via GitHub 


DaanHoogland commented on code in PR #508:
URL: 
https://github.com/apache/cloudstack-documentation/pull/508#discussion_r2137137917


##
source/releasenotes/about.rst:
##
@@ -17,7 +17,20 @@
 What's New in |release|
 ===
 
-Apache CloudStack |release| is a 4.19 LTS minor release with over 170 fixes
+Apache CloudStack 4.19.3 is a minor release with a limited number of
+assorted fixes.
+
+* Fixes broken console access after upgrade to 4.19.2.0
+* Improve listing of Vmware Datacenter VMs for migration to KVM
+* Infinite scroll UI component to retrieve more items on reaching end of list
+* Prevention of duplication HA jobs and alerts
+* Fix SAML2 plugin limitations and SAML multi-account selector in the UI
+* Improvements to Linstor
+
+What's New in 4.19.2
+
+
+Apache CloudStack 4.19.2 is a 4.19 LTS minor release with over 170 fixes

Review Comment:
   this count hasn’t changed. it is for 4.19.2. 4.19.3 is above and has no count



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Release notes for 4.20.1 [cloudstack-documentation]

2025-06-10 Thread via GitHub 


blueorangutan commented on PR #509:
URL: 
https://github.com/apache/cloudstack-documentation/pull/509#issuecomment-2957742863

   @Pearl1594 a Jenkins job has been kicked to build the document. I'll keep 
you posted as I make progress.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] CKS Enhancements docs [cloudstack-documentation]

2025-06-10 Thread via GitHub 


sureshanaparti commented on code in PR #458:
URL: 
https://github.com/apache/cloudstack-documentation/pull/458#discussion_r2137439436


##
source/plugins/cloudstack-kubernetes-service.rst:
##
@@ -405,6 +450,266 @@ To remove an Instance from an ExternalManaged Kubernetes 
cluster:
These operations are only supported for an ExternalManaged Kubernetes 
Cluster
 
 
+.. _flexible-kubernetes-clusters:
+
+Flexible Kubernetes Clusters
+
+
+From 4.21.0, many enhancements have been added to CloudStack Kubernetes 
Service that allows users to:
+
+- Select the Hypervisor type for the Kubernetes Cluster nodes
+- Specify different templates and/or service offerings for different types of 
Kubernetes Clusters nodes
+- Use CKS-ready custom templates for Kubernetes cluster nodes marked as 'For 
CKS'
+- Separate etcd nodes from control nodes of the Kubernetes clusters
+- Add and remove a pre-created instance as a worker node to an existing 
Kubernetes cluster
+- Mark Kubernetes cluster nodes for manual-only upgrade
+- Dedicate specific hosts/clusters to a specific domain for CKS cluster 
deployment
+- Use diverse CNI plugins (Calico, Cilium, etc)
+
+Build a custom template to use for Kubernetes clusters nodes
+
+
+CloudStack provides a custom CKS-ready template based on Ubuntu 22.04 to be 
used for Kubernetes clusters nodes: 
https://download.cloudstack.org/testing/custom_templates/ubuntu/22.04/.
+
+This template contains all the required packages to be used as a Kubernetes 
cluster node. The default login credentials are: cloud:cloud.
+
+A user may decide not to use the provided CKS-ready template and build their 
own template. The following needs to be made sure is present on the template:
+
+- The following packages or the equivalent ones for the specific OS need to be 
installed:
+
+   .. code-block:: bash
+  
+  cloud-init cloud-guest-utils conntrack apt-transport-https 
ca-certificates curl gnupg gnupg-agent software-properties-common gnupg 
lsb-release python3-json-pointer python3-jsonschema containerd.io
+   
+- A user named `cloud` needs to be created and added to the sudoers list:
+   
+   .. code-block:: bash
+
+ sudo useradd -m -s /bin/bash cloud
+ echo "cloud:" | sudo chpasswd
+ 
+ # Edit /etc/sudoers file with:
+ cloud ALL=(ALL) NOPASSWD:ALL
+
+- Create the necessary directory /opt/bin:
+   
+   .. code-block:: bash
+
+ sudo mkdir -p /opt/bin
+
+- Once the VM is deployed, place the Management Server’s SSH Public key at the 
cloud user’s authorized_keys file at ~/.ssh/authorized_keys
+
+
+Registering a custom template for Kubernetes cluster nodes
+~~
+
+By default, the Kubernetes clusters nodes are deployed from the System VM 
template. On the Advanced Settings for Kubernetes clusters creation, CloudStack 
allows selecting templates for different types of nodes.
+
+To register a template that will be listed as an option for Kubernetes cluster 
nodes:
+
+- Set URL to the provided CKS-ready template at: 
https://download.cloudstack.org/testing/custom_templates/ubuntu/22.04/ or a 
custom template built from the section above.
+
+- Set the template specific values as usual for template registration.
+
+- Mark the option 'For CKS'. This ensures the template is considered as an 
option for Kubernetes cluster nodes on the Advanced Settings section for 
clusters creation.
+
+|cks-custom-template-registration.png|
+
+Separate etcd nodes from control nodes
+~~
+
+By default, a CKS cluster has 0 dedicated etcd nodes, and the etcd service 
runs on the control nodes. If etcd node count is set to a value greater than or 
equal to 1 during cluster creation, CloudStack will provision separate nodes 
exclusively for the etcd service, isolating them from the control nodes with 
the desired template and service offering if specified.
+
+To use separate etcd nodes, it is required to build and register a CKS ISO 
version containing the etcd binaries as explained in: 
:ref:`kubernetes-supported-versions`
+
+For convenience, some CKS ISOs are uploaded to: 
https://download.cloudstack.org/testing/cks/custom_templates/iso-etcd/
+
+Add an external VM Instance as a worker node to a Kubernetes cluster
+
+
+Requirements for a VM Instance to be added as worker node to a Kubernetes 
cluster:
+
+- At least 8GB ROOT disk size, 2 CPU cores and 2GB RAM
+
+- The VM Instance must have a NIC on the Kubernetes cluster network
+
+- **The Management Server’s SSH Public key must be added at the cloud user’s 
authorized_keys file at `~/.ssh/authorized_keys`**.
+
+The VM Instances meeting the requirements above can be added to the Kubernetes 
cluster by the `addNodesToKubernetesCluster` API specifying:
+
+- **id** (UUID of the Kuberne

Re: [PR] Revert "notes on guest os category changes and modern image selection" [cloudstack-documentation]

2025-06-10 Thread via GitHub 


shwstppr merged PR #518:
URL: https://github.com/apache/cloudstack-documentation/pull/518


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] notes on guest os category changes and modern image selection [cloudstack-documentation]

2025-06-10 Thread via GitHub 


shwstppr commented on PR #519:
URL: 
https://github.com/apache/cloudstack-documentation/pull/519#issuecomment-2958510747

   @blueorangutan docbuild


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] notes on guest os category changes and modern image selection [cloudstack-documentation]

2025-06-10 Thread via GitHub 


blueorangutan commented on PR #519:
URL: 
https://github.com/apache/cloudstack-documentation/pull/519#issuecomment-2958513401

   @shwstppr a Jenkins job has been kicked to build the document. I'll keep you 
posted as I make progress.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] notes on guest os category changes and modern image selection [cloudstack-documentation]

2025-06-10 Thread via GitHub 


blueorangutan commented on PR #519:
URL: 
https://github.com/apache/cloudstack-documentation/pull/519#issuecomment-2958518560

   QA-Doc build preview: https://qa.cloudstack.cloud/builds/docs-build/pr/519. 
(QA-JID 364)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] notes on guest os category changes and modern image selection [cloudstack-documentation]

2025-06-10 Thread via GitHub 


shwstppr commented on PR #500:
URL: 
https://github.com/apache/cloudstack-documentation/pull/500#issuecomment-2958533280

   I didn't change the base branch here, and this got merged into 4.20 branch 
instead of main. I've reverted it and created a new PR for main 
https://github.com/apache/cloudstack-documentation/pull/519
   
   @rohityadavcloud @kiranchavala please review that :pray: 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] notes on guest os category changes and modern image selection [cloudstack-documentation]

2025-06-10 Thread via GitHub 


rohityadavcloud merged PR #519:
URL: https://github.com/apache/cloudstack-documentation/pull/519


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org