Spinal Stack I-1.3.0¶
OpenStack version and supported distros¶
- Red Hat Enterprise Linux 7: OSP5 - Icehouse 2014.1.3
- Debian Wheezy: Icehouse 2014.1.2
Note: this is the last version supporting Icehouse.
New features¶
- SElinux is now supported and can be “enforced” on Red Hat platform
- Firewalling is now supported and automatically configured if needed
- PuppetDB and Puppet Master (running Passenger) are now provisionned by Puppet manifests and not config-tools anymore
- Linuxbridge ML2 plugin support in Neutron
- Swift backend support in Glance
- Dell EQLX Backend support in Cinder
- Sanity job is now part of Spinal-Stack and has left CI scripts to be included in config-tools, so sanity can be run out of the box
- Environment YAML file now supports host ranges
- Ansible configuration is now automatically generated so upgrade is easier
Bugs fixed since I.1.2.1¶
Redhat¶
- Fix openstack-ceilometer-central with Pacemaker/Systemd
Debian¶
- None
Security fixes¶
- Redhat
- CVE-2014-9322: privilege escalation through #SS segment
- CVE-2014-9295: ntp remote code execution
- CVE-2014-3566: nss fixes for POODLE
- CVE-2014-7821: Neutron DoS through invalid DNS configuration
- Still vulnerable to
- CVE-2014-8124: Horizon denial of service attack through login page
- No CVE yet (OSSA 2014-041): Glance v2 API unrestricted path traversal: fixed in Puppet by changing policy.json by default. It may affect some Glance features.
- Debian
- CVE-2014-9295: ntp remote code execution
Components in this release¶
- edeploy-roles-I.1.3.0.tar.gz source code of the eDeploy roles built in this release.
- install-server-D7-I.1.3.0.edeploy binary eDeploy role for the installation server (puppet master, logging server, monitoring server, edeploy server, dnsmasq, serverspec).
- openstack-full-{D7;RH7.0}-I.1.3.0.edeploy binaries eDeploy roles for OpenStack and Ceph nodes.
- puppet-openstack-cloud-I.1.3.0.tgz puppet modules used to configure the OpenStack and Ceph nodes.
- serverspec-I.1.3.0.tgz serverspec tests to validate deployments.
All the sources have been tagged with the tag I.1.3.0 in their respective repositories. Upgrade is supported from I.1.2.0 or I.1.2.1 to I.1.3.0 on Debian and Red Hat systems.
Documentation can be found on http://spinalstack.enovance.com/en/latest/, fixes are welcome at https://github.com/enovance/spinalstack-doc
Packages¶
- Red Hat 7.0
- Debian 7