Highlights of the week New OpenStack Foundation Gold Members: Intel, VmWare, NEC <http://lists.openstack.org/pipermail/foundation/2012-September/001091.html> Today, the OpenStack Board of Directors approved the applications of three companies wishing to become Gold Members: Intel, NEC and VMware. The factors considered by the Board included a commitment to helping achieve the OpenStack Foundation Mission through demonstrated and potential contribution to the OpenStack community in terms of code, adoption into product roadmaps, adoption as an end user, geographic and industry diversity and community development efforts. Join us to welcome them to the Foundation. Session proposals for the Design Summit now open <http://lists.openstack.org/pipermail/openstack-dev/2012-September/001059.html> Differently from previous OpenStack Design Summit and Confernece, this time the "Design Summit" is a specific track in the overall "OpenStack Summit" event. It is different from other tracks, too. Please make sure to read the full announcement <http://lists.openstack.org/pipermail/openstack-dev/2012-September/001059.html> and help make this summit the best Design Summit ever. Caimito 0.9 -- WebDAV frontend <http://markmail.org/message/hcnyvanvu6pojjxq>e <http://markmail.org/message/hcnyvanvu6pojjxq>for OpnStack Swift Cloud Storage <http://markmail.org/message/hcnyvanvu6pojjxq> Caimito is an open source (Apache Software License 2.0) WebDAV,caching, and content management and delivery server frontend for cloud storage. Caimito supports Openstack Swift Storage <http://openstack.org/projects/storage/> (Rackspace, Softlayer, etc.), and Amazon S3 <http://aws.amazon.com/s3/>. Caimito also features a REST API in addition to the Web interface for configuring user access. Caimito is designed with an event-driven and non-blocking architecture for Scalability. Caimito is ideal for Hosting and Reseller environments. Quantum vs. Nova-network in Folsom <http://markmail.org/message/kg3arb4gn57cm4rl> tl;dr both Quantum and nova-network will be core and fully supported in Folsom. More details from Quantum and Nova PTLs on Quantum vs. Nova-network in Folsom <http://markmail.org/message/yvkaq7jubab6vkjh>. OpenStack, Xen and XenServer: a match made in Heaven! <http://blogs.citrix.com/2012/09/06/openstack-xen-and-xenserver-a-match-made-in-heaven/> A report from John Garbutt, back from XenSummit in San Diego. There was lots of OpenStack related news in many of the CloudOpen sessions, including the announcement from SUSE that they have an OpenStack distribution that supports Xen. XCP-XAPI on Precise <http://blogs.citrix.com/2012/09/03/xcp-xapi-on-precise-2/> The Citrix-Openstack team is already running automated OpenStack tests against the stable, and the latest XenServer. As the XCP-XAPI is already available for Ubuntu systems, the team plans to run the tests against that platform as well. Register now for OpenStack Summit in San Diego <http://www.openstack.org/summit/san-diego-2012/> The OpenStack room rate is now sold out at the Grand Hyatt. We've set up another room block at the Embassy Suites located across the street. Reserve a room <http://embassysuites.hilton.com/en/es/groups/personalized/S/SANDNES-OPE-20121014/index.jhtml?WT.mc_id=POG> at the OpenStack rate. Security announcements * Horizon, Open redirect through 'next' parameter (CVE-2012-3540) <http://lists.openstack.org/pipermail/openstack-announce/2012-August/000026.html> * Keystone, Lack of authorization for adding users to tenants (CVE-2012-3542) <http://lists.openstack.org/pipermail/openstack-announce/2012-August/000025.html> Tips and tricks * By Mirantis: Using Software Load Balancing in High Availability (HA) for OpenStack Cloud API Services <http://www.mirantis.com/blog/software-high-availability-load-balancing-openstack-cloud-api-servic/> * By Mate Lakat: VHD to OpenStack using a XAPI host plugin <http://blogs.citrix.com/2012/09/06/vhd-to-openstack-using-a-xapi-host-plugin/> * By Brian Waldon: Upgrading OpenStack Glance -- Essex to Folsom <http://bcwaldon.cc/2012/09/05/glance-essex-to-folsom-upgrade.html> * A paper on handling compromised components of IaaS with a specific use case in OpenStack. Definitely worth a read: Aryan TaheriMonfared / Martin G Jaatun -- Handling Compromised Components in an IaaS Cloud Installation <http://secstack.org/2012/09/aryan-taherimonfared-martin-g-jaatun-handling-compromised-components-in-an-iaas-cloud-installation/> * By Everett Toews: Getting jclouds and OpenStack work together <http://blog.phymata.com/2012/09/04/jclouds-and-openstack/> Upcoming Events * OpenStack Summit <http://openstack.org/> Oct 15 -- 18, 2012 -- San Diego, CA Other news * OpenStack election of Project Tech Leads is ongoing. Results will be announced on September 13th http://wiki.openstack.org/Governance/TCElectionsFall2012 * OpenStack Project Meeting 2012-09-04: Summary <http://eavesdrop.openstack.org/meetings/project/2012/project.2012-09-04-21.02.html> and Meeting log <http://eavesdrop.openstack.org/meetings/project/2012/project.2012-09-04-21.02.log.html> Welcome new contributors Celebrating the first patches submitted this week by: * Matthew Treinish, IBM * lrqrun * Constantine Peresypkin, Litestack * jiangwt100 * John Dunning * Duncan Thomas * Brian Rosmaita, Rackspace * Rosario Di Somma, Dreamhost * Peng Yuwei * Mathew Odden, IBM * Ian Wells, Cisco * Dermot Tynan, HP * Dongdong Zhou * Andrew James, HP /The weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment./