Pulp 2.6 Release Notes

Pulp 2.6.5

  • Pulp now connects to Qpid with the ANONYMOUS SASL authentication mechanism by default. This aligns with Qpid’s default behavior.

  • A new setting named login_method has been added to the [tasks] section of server.conf. See server.conf docs for more details.

Bug Fixes

This is a minor release which contains bug fixes for these issues.

Pulp 2.6.4

Pulp 2.6.4 is an important security update. It fixes one issue.

A security flaw (CVE-2015-5263) was discovered in Pulp’s consumer management system. When the pulp-consumer CLI is used to register to the Pulp server, it downloads a public key from the Pulp server and stores it locally. Later when the Pulp server sends messages to the client via a message broker to instruct it to perform commands, it will use the corresponding private key to sign the messages. The client checks the signatures before executing the instructions to ensure that the messages came from the Pulp server and not from an attacker.

Versions of pulp-consumer-client between 2.4.0 and 2.6.3 do not check the server’s TLS certificate signatures when retrieving the server’s public key upon registration:

https://github.com/pulp/pulp/blob/aa432bf58497b5e3682333b1d5f5ae4f45788a61/client_consumer/pulp/client/consumer/cli.py#L103

This allows a man in the middle to inject their own message signing key and to then perform administrative actions on the machine, if they are able to send messages through the message broker.

Austin Macdonald fixed this issue in this commit by using our pulp.bindings library as the rest of our CLI does:

https://github.com/pulp/pulp/commit/b542d7465f7e6e02e1ea1aec059ac607a65cefe7#diff-17110211f89c042a9267e2167dedd754

Users who do not use pulp-consumer are not affected by this issue.

Thanks to Austin Macdonald for writing the fix, to Dennis Kliban for making our beta and release build, and to Preethi Thomas for testing our releases!

Pulp 2.6.3

Pulp 2.6.3 is released with packages for Fedora 22 and Fedora 21. Support for Fedora 20 has been dropped. Please see the Fedora lifecycle for more detail.

Bug Fixes

This is a minor release which contains bug fixes for these issues.

Pulp 2.6.2

Bug Fixes

This is a minor release which contains bug fixes for these issues.

Pulp 2.6.1

Bug Fixes

This is a minor release which contains bug fixes for these issues.

Improvements

  • Pulp has been fully tested in a clustered configuration. A new section of documentation titled Clustering Pulp is available with more detail on configuring this type of Pulp deployment.

  • One area of improvement relates to upgrades. Starting with 2.6.1, Pulp processes pulp_workers, pulp_celerybeat, and pulp_resource_manager are stopped on upgrade or removal of the pulp-server package. After upgrading, you must restart all Pulp related services.

Pulp 2.6.0

New Features

  • Pulp now supports RabbitMQ as its task message broker. See the inline comments in /etc/pulp/server.conf for instruction on configuring Pulp to use RabbitMQ.

  • Pulp now allows user credentials to be read from user’s ~/.pulp/admin.conf. This should allow pulp-admin to be automated more easily and more securely. Please see our Authentication documentation for details.

  • Pulp no longer requires additional configuration of Qpid after installation. It now works with the ANONYMOUS authentication mechanism. Users can still use a username/password however if they set up a SASL database as described in the installation document.

  • Additional status information is available via the status API. More information is available in the status API document.

Deprecation

  • The cancel_publish_repo method provided by the Distributor base plugin class is deprecated and will be removed in a future release. Read more about the plugin cancellation changes.

  • The cancel_publish_group method provided by the GroupDistributor base plugin class is deprecated and will be removed in a future release. Read more about the plugin cancellation changes.

  • The cancel_sync_repo method provided by the Importer base plugin class is deprecated and will be removed in a future release. Read more about the plugin cancellation changes.

  • The api_version field that is returned by the /status API is deprecated and will be removed in a future release.

  • The python-gofer-amqplib package was discontinued in gofer 2.4. Installations must replace python-gofer-amqplib with python-gofer-amqp if installed.

Upgrade Instructions for 2.5.x –> 2.6.0

Prior to upgrading, all tasks must be stopped. One way to accomplish this is to stop all pulp_workers, pulp_celerybeat, and pulp_resource_manager processes and then list the current tasks using:

pulp-admin tasks list

Any task that is in the “Running” or “Waiting” state should be canceled by its <uuid> using:

pulp-admin tasks cancel --task-id <uuid>

After all tasks have been canceled upgrade the packages using:

sudo yum update

After yum completes you should migrate the database using:

sudo -u apache pulp-manage-db

After the database migrations finish, restart httpd, pulp_workers, pulp_celerybeat, and pulp_resource_manager.

Bugs

This release has fixes for these issues.

Known Issues

  • An issue in the pulp (gofer) agent plugin can cause in-progress RMI requests to be discarded when goferd is restarted. Should this occur, an entry is written to the system log on the consumer. On the Pulp server, the associated task will appear to never complete. This has been fixed in Pulp 2.6.1.

  • Version 2.5 of the python-gofer-amqp messaging adapter, which is used to support RabbitMQ, contains a regression. It pertains to the reconnect logic. Depending on how a connection error manifests itself, it can result in a traceback during reconnect. Should this occur, The logged traceback would contain: RuntimeError: maximum recursion depth exceeded. This issue has already been fixed in Gofer upstream and will be included with Pulp 2.6.1.

Client Changes

Agent Changes

Rest API Changes

  • A new Task Report attribute named worker_name is introduced that holds the name of the worker a task is associated with. Previously the worker name was stored in a Task Report attribute named queue. The queue attribute now correctly records the queue a task is put in. The queue attribute is deprecated and will be removed from the Task Report in a future Pulp version.

  • The URL for the content catalog entries /v2/content/catalog/<source-id> is missing the trailing ‘/’ and has been deprecated. Support for the URL /v2/content/catalog/<source-id>/ has been added.

  • A new API call is added to search profile attributes for all consumer profiles using the Search API. /pulp/api/v2/consumers/profile/search/. With this API call all the unit profiles can be retrieved at one time instead of querying each consumer through /v2/consumers/<consumer_id>/profiles/. It is also possible to query for a single package across all consumers.

Binding API Changes

Plugin API Changes

Plugin Cancellation Changes

Cancel now exits immediately by default. The cancel_publish_repo, cancel_publish_group, and cancel_sync_repo methods provided by the Distributor, GroupDistributor, and Importer base plugin classes now provide a behavior that exits immediately by default. Previously these methods raised a NotImplementedError() which required plugin authors to provide an implementation for these methods. These methods will be removed in a future version of Pulp, and all plugins will be required to adopt the exit-immediately behavior.

A cancel can occur at any time, which mean that in a future version of Pulp any part of plugin code can have its execution interrupted at any time. For this reason, the following recommendations should be adopted by plugin authors going forward in preparation for this future change:

  • Group together multiple database calls that need to occur together for database consistency.

  • Do not use subprocess. If your plugin code process gets cancelled it could leave orphaned processes.

  • Assume that plugin code which is supposed to run later may not run.

  • Assume that the previous executions of plugin code may not have run to completion.

Thank You

Thank you to all of Pulp’s contributors, especially these new ones!

  • Adam D.

  • Andrea Giardini

  • Andreas Schieb

  • Ina Panova

  • Michael Moll

  • Patrick Creech

  • Vijaykumar Jain