"testNumJobsEqToNumVms3" unit test failed when Num Vms=1000000 on MacOS

Hi all, I kept getting the following unit test failure. Is there any OS/DB parameter I need to set on MacOS? Thanks. ---

RE: Make the authenticator responsible for encoding the password and add a SHA256 salted authenticator

I agree. UI should send passwords in clear text and it should rely on the underlying network transport (e.g, SSL) for security. There is a bug for hashing user password with salt in the old bugs.cloudstack.org (http://bugs.cloudstack.org/browse/CS-13902). Not sure whether it has been migrated t

[jira] [Created] (CLOUDSTACK-418) Separate API endpoints for Admin/End user APIs

Clement Chen created CLOUDSTACK-418: --- Summary: Separate API endpoints for Admin/End user APIs Key: CLOUDSTACK-418 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-418 Project: CloudStack

Is there anyway to block root admin APIs on WAF?

I am wondering whether there is an easy way to block high privilege APIs on WAF. For example, for security reasons customers might want to block remote access to root admin APIs or limit access to domain admin APIs to certain IP addresses. It can be easily done on WAF if we have separate API en

What Gartner can't - or won't - tell you about OpenStack Cloud

A little bit background: Gartner published a research report - "Don't Let OpenStack Hype Distort Your Selection of a Cloud Management Platform in 2012 " on OpenStack in mid-September, which makes the OpenStack community ve

[jira] [Created] (CLOUDSTACK-244) RPC port on SSVM is open on all interfaces

Clement Chen created CLOUDSTACK-244: --- Summary: RPC port on SSVM is open on all interfaces Key: CLOUDSTACK-244 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-244 Project: CloudStack

[jira] [Created] (CLOUDSTACK-243) Management Server starts with JMX port open and without authentication

Clement Chen created CLOUDSTACK-243: --- Summary: Management Server starts with JMX port open and without authentication Key: CLOUDSTACK-243 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-243

[jira] [Created] (CLOUDSTACK-242) haproxy listens on all interfaces on VR

Clement Chen created CLOUDSTACK-242: --- Summary: haproxy listens on all interfaces on VR Key: CLOUDSTACK-242 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-242 Project: CloudStack

Self introduction -- RE: CloudStack Security Team

Hi all, I'd like to use this opportunity to introduce myself: My name is Clement Chen and I am a member of Citrix's Central Security Team. I work on the security of CloudStack (CloudPlatform) as well as other cloud related products here at Citrix. I started working on CloudStack w

RE: CloudStack Security Team

Hi John, Thanks for bring this topic up. I think you lay out the scope of the security team very well. Just want to comment a little bit on the current status of security work on CloudStack: 1. On the source code review front, Fortify has been run on CloudStack code since 3.x. Currently licens

RE: site-to-site VPN review

Regarding performance, is there a plan to incorporate Netscaler's CloudBridge feature (basically a site-to-site VPN) ? -Original Message- From: Chiradeep Vittal [mailto:chiradeep.vit...@citrix.com] Sent: Monday, July 02, 2012 3:09 PM To: CloudStack DeveloperList Subject: Re: site-to-site

RE: Security Policy was: Query regarding where to store encryption keys

dated. > > Any other feedback/thoughts are welcome. > > John > > On Jun 22, 2012, at 4:21 PM, Clement Chen wrote: > >> Hi John, >> >> It looks nice. Two comments: >> >> 1. Regarding risk rating, it seems to me that CVSS >> (http://www.first.org/cvs

RE: Query regarding where to store encryption keys

d seeing a twitter feed specifically for security announcements, as well... John On Jun 20, 2012, at 1:21 PM, Clement Chen wrote: > We should set up a dedicated channel for security issues and handle security > bugs carefully. > > Below are some of the examples: > &

RE: Query regarding where to store encryption keys

We should set up a dedicated channel for security issues and handle security bugs carefully. Below are some of the examples: Apache HTTP Server Project: http://httpd.apache.org/security_report.html OpenStack: http://openstack.org/projects/openstack-security/ Eucalyptus: http://www.eucalyptus.com