#919508 RFP: warewulf -- systems management suite for Linux

#919508#5
Date:
2019-01-16 18:42:30 UTC
From:
To:
* Package name    : warewulf
  Version         : 3.8.1
  Upstream Author : Gregory M. Kurtzer <gmkurtzer@gmail.com>
* URL             : https://warewulf.lbl.gov/
* License         : BSD-3-Clause-like
  Programming Lang: Perl, Bourne, Bash
  Description     : Systems management suite for Linux clusters

Warewulf is an operating system management toolkit designed to
facilitate large scale deployments of systems on physical,
virtual and cloud-based infrastructures. It facilitates elastic
and large deployments consisting of groups of homogenous systems.

Compute nodes are managed via the warewulf suite that is installed
to a head node. The head node executes services used to provision
the operating system to compute nodes, which execute an iPXE agent.
The essential services are tftpd, dhcpd, httpd and nfsd.
Warewulf consists of a set of scripts which automate configuration
of these services via a command-line interface.

The upstream Warewulf source package includes embedded source
tarballs for parted, ipxe, e2fsprogs, busybox, libarchive and
unionfs. Thus, the upstream builds include binary code for
these packages that are already available for Debian. A goal
of this project is to remove these embedded packages from
the build and ship packages that target the "all" architecture.

Warewulf's upstream build also includes packaging of a compute
node initrd image, created from the embedded packages. The
Debian package will not include an initrd image. Rather, a
script to create the initrd image via mkinitramfs and custom
hooks will be used by the administrator to build the compute
node initrd image after installing warewulf to the head node.
This technique has the benefit of easing an administrator's
task of updating the initrd image, when necessary.

Warewulf is used by administrators who need to manage clusters
of linux computers, and also by those who need to deploy
operating system images over a LAN. I use it in my development
environment for these purposes.

I plan to maintain Warewulf within the debian-hpc team, of
which I am a member. As my role is Debian Maintainer, the initial
upload will require assistance from a sponsor.

#919508#12
Date:
2019-01-31 09:09:59 UTC
From:
To:
Hi Brian,

while I appreciate your initiative, I'm a bit skeptical about the
inclusion of warewulf in Debian for the following reasons:

a) Development in the project has stalled for quite a while. It used to
be basically a one-man show driven by Gregory M. Kurtzer who now runs a
startup (https://www.sylabs.io/) pushing the singularity container
software.

b) The software is quite complex and involves system components which
are rather security critical. Given that we cannot count on upstream
concerning fixing security issues, I consider it a substantial risk that
we might have a hard time struggling with critical security bugs.

c) Given its complexity, the software is also rather involved
concerning its packaging process. Hence, I believe it only makes sense to
include it in Debian if there is a strong commitment from you and at
least one other DD for the long-term maintenance.

Because of these points I wouldn't be in favor of including warewulf in
Debian. I looked at it myself about a possible inclusion in our own
cluster OS Qlustar for a while, but didn't find it suitable for
basically the above reasons.

Please note, this is only my personal opinion and if the majority of the
Debian HPC team thinks otherwise, I have no problem with it. I just
think it's better to have this discussion now, rather than after you have
done all the work and it possibly would have been in vain ...

Cheers,

Roland

    BS> Package: wnpp Severity: wishlist Owner: "Brian T. Smith"
    BS> <bsmith@systemfabricworks.com> X-Debbugs-CC:
    BS> debian-devel@lists.debian.org, debian-hpc@lists.debian.org

    BS> * Package name : warewulf
    BS>   Version : 3.8.1 Upstream Author : Gregory M. Kurtzer
    BS>   <gmkurtzer@gmail.com>
    BS> * URL : https://warewulf.lbl.gov/
    BS> * License : BSD-3-Clause-like
    BS>   Programming Lang: Perl, Bourne, Bash Description : Systems
    BS>   management suite for Linux clusters

    BS> Warewulf is an operating system management toolkit designed to
    BS> facilitate large scale deployments of systems on physical,
    BS> virtual and cloud-based infrastructures. It facilitates elastic
    BS> and large deployments consisting of groups of homogenous
    BS> systems.

    BS> Compute nodes are managed via the warewulf suite that is
    BS> installed to a head node. The head node executes services used
    BS> to provision the operating system to compute nodes, which
    BS> execute an iPXE agent.  The essential services are tftpd, dhcpd,
    BS> httpd and nfsd.  Warewulf consists of a set of scripts which
    BS> automate configuration of these services via a command-line
    BS> interface.

    BS> The upstream Warewulf source package includes embedded source
    BS> tarballs for parted, ipxe, e2fsprogs, busybox, libarchive and
    BS> unionfs. Thus, the upstream builds include binary code for these
    BS> packages that are already available for Debian. A goal of this
    BS> project is to remove these embedded packages from the build and
    BS> ship packages that target the "all" architecture.

    BS> Warewulf's upstream build also includes packaging of a compute
    BS> node initrd image, created from the embedded packages. The
    BS> Debian package will not include an initrd image. Rather, a
    BS> script to create the initrd image via mkinitramfs and custom
    BS> hooks will be used by the administrator to build the compute
    BS> node initrd image after installing warewulf to the head node.
    BS> This technique has the benefit of easing an administrator's task
    BS> of updating the initrd image, when necessary.

    BS> Warewulf is used by administrators who need to manage clusters
    BS> of linux computers, and also by those who need to deploy
    BS> operating system images over a LAN. I use it in my development
    BS> environment for these purposes.

    BS> I plan to maintain Warewulf within the debian-hpc team, of which
    BS> I am a member. As my role is Debian Maintainer, the initial
    BS> upload will require assistance from a sponsor.

#919508#17
Date:
2019-02-01 19:29:39 UTC
From:
To:
Hi Roland,

Agreed that the github repository is not seeing a lot of new development work.
They are responding to issues and incorporating pull requests. The warewulf
project doesn't look dead.

The major security problem I found is the use of embedded software tarballs
that would not be receiving any security updates unless addressed specifically
by warewulf developers. The work I have done removes the warewulf dependency
upon the embedded tarballs and uses the binaries delivered by the
standard Debian
packages.

I'm still going through the scripts, so there my be glaring issues
that I'm not aware of.
Searching the web hasn't revealed any major security discussions
regarding warewulf.
If there is a link to such an article or you wish to specify what you
found, please let me
know.

I had hoped to share my work with the Debian community. If there is
little support
for including the package, then I agree that the ITP is a wasted effort.

Thanks for responding and bringing up your concerns. I'm having to do the
packaging and fixes already for my own project. Getting it fully vetted and
suitable for upload is, obviously, a much bigger effort.

#919508#22
Date:
2021-01-02 10:33:49 UTC
From:
To:
Hello Brian,
I wonder what's the status of the work in progress packaging of
warewulf.

I would be very happy to see it properly packaged and included in the
official Debian main archive.

Please let me know.
Thank you for what you have done so far and for what you are doing!

#919508#29
Date:
2021-01-02 20:08:45 UTC
From:
To:
Hi Francesco,

This fell by the wayside due to the reasons discussed in this bug.
Changing to RFP.

#919508#34
Date:
2021-01-03 11:53:47 UTC
From:
To:
On Sat, 2 Jan 2021 14:08:45 -0600 Brian Smith <bsmith@systemfabricworks.com> wrote:

[...]

That's very sad.
Thanks anyway for starting the packaging effort.

Is your incomplete work in progress stored somewhere (for instance in a
public version control repository), so that other people interested can
take advantage of what you have already done?

Is there a better alternative to warewulf?
[Perceus] seems to be a basically dead project.
I am not aware of any other similar systems...
What are you currently using to manage an HPC cluster, if I may ask?

[Perceus]: see <http://moo.nac.uci.edu/~hjm/Perceus-Report.html>

#919508#39
Date:
2021-01-03 20:00:59 UTC
From:
To:
Hi Francesco,

https://github.com/SystemFabricWorks/debian-warewulf3

The following build command works on stretch:

$ gbp buildpackage

I had intended to clean this up before publishing it. As far as the
current state is concerned, I believe it does provision debian stretch
-- to some degree.

For Debian, not that I am aware of. xCat seems to get a lot of
attention. I haven't used it, and the documentation says "Ubuntu".
"managed" through manual configuration of dhcpd, etc.

This begs the question : "Why don't I use my own packaging of
warewulf?" The packaging wasn't completed and the requirements for
this cluster change on a regular basis. The lack of interest in
warewulf discouraged me from going further down that road.

Wish i had a better answer for you.