Releases: warewulf/warewulf
v4.5.2
Warewulf v4.5.2 is primarily a security fix release to address CVE-2024-3727.
Other fixes and changes already staged for v4.5.x are also included. The full changelog is below.
Added
- Allow specification of the ssh-keys to be to be created. #1185
Fixed
- Fix nightly release build failure issue. #1195
- Reorder dnsmasq config to put iPXE last. #1146
- Update a reference to
--addprofile
to be--profile
. #1085 - Update a dependency to address CVE-2024-3727. #1221
v4.5.1
Warewulf v4.5.1 is primarily a bugfix and dependency update release.
Updates to dependencies broke compatibility with CentOS 7, so we have also dropped support for CentOS 7 (which, itself, goes EOL at the end of June) in this release. (This only affects the ability to run the Warewulf server on CentOS 7: Warewulf can still provision compute node images running CentOS 7.)
Added
- Document warewulf.conf:paths. #635
- New "Overlay" template variable contains the name of the overlay being built. #1052
Changed
- Update the glossary. #819
- Upgrade the golang version to 1.20.
- Bump github.com/opencontainers/umoci to 0.4.7
- Bump github.com/containers/image/v5 to 5.30.0
- Bump github.com/docker/docker to 25.0.5+incompatible
- Bump github.com/go-jose/go-jose/v3 to 3.0.3
- Bump gopkg.in/go-jose/go-jose.v2 to 2.6.3
- Bump github.com/opencontainers/runc to 1.1.12
- Dynamically calculate version and release from Git. #1162
- Update quickstarts to configure firewalld for dhcp. #1133
- Omit building the API on EL7. #1171
- Syncuser only walks the file system if it is going to write. #1207
Fixed
- Fix
wwctl profile list -a
format when kernerargs are set. - Don't attempt to rebuild protocol buffers in offline mode. #1155
- Fix Suse package by moving yq command to
%install
section. #1169 - Fix a rendering bug in the documentation for GRUB boot support. #1132
- Fix a locking issue with concurrent read/writes for node status. #1174
- Fix shim and grub detection for aarch64. #1145
- wwctl [profile|node] list -a now handles slices correclty. #1113
- Fix parsing of /etc/group during syncuser. #1202
v4.5.0
The Warewulf project is pleased to announce the release of v4.5.0.
There's a lot in this release! Some of the more prominent changes are described here. For a more complete list of changes, see the changelog.
Testing, linting, and code formatting
In this release we have significantly increased our focus on testing. Code changes, especially bug fixes, are increasingly accompanied by additional tests in the automated test suite, and this test suite is automatically run by GitHub against every pull request and every release.
Use the make test
target to run the test suite locally whenever you're doing development of your own.
Additional Makefile targets have also been introduced (or improved) to aid in overall maintenance of the code base:
make vet
uses standard golang heuristics to flag potential troublemake fmt
applies a uniform source code format
Documentation
Documentation continues to be an area for growth in Warewulf; but v4.5.x brings a number of improvements, some foundational:
- v4.5.x documentation is now published separately, in addition to documentation for the
main
branch. - The quickstart guides have been updated, particularly combining the guides for Enterprise Linux (e.g., Rocky Linux, CentOS, and RHEL).
- We've added a guide for using Vagrant as a development environment.
There have been a few other specific additions: for example, there is now explicit documentation for how to configure multiple networks on a cluster node, and documentation for the "hostlist" syntax used by multiple wwctl
commands.
Please reach out via Slack if you'd be interested in helping to improve the project's documentation!
Preview features
This release brings three new features in a preview status: they haven't quite had enough use, testing, integration, or documentation to be ready for production, but they represent interesting new capabilities for the project and we are eager to hear about your experiences!
Initialize storage with Ignition
You can now initialize file systems, partitions, and disks on attached storage during node boot using the Ignition utility. This does not yet support provisioning the node image to local disk; but it can be used to provision storage to be mounted into the node image; for example, to initialize a swap partition, to format a scratch disk, or to prepare local storage for system logs.
More information is available in the documentation.
Use dnsmasq for dhcp and tftp
You can now use dnsmasq as a dhcp and tftp server in place of dhcpd and tftp-server. dnsmasq may become the default implementation in the future, unifying Warewulf on a single code-base for some of its down-stream services.
More information is available in the documentation.
Use GRUB as a node bootloader
You can now use GNU GRUB as a node bootloader in place of iPXE. Using GRUB introduces support for secureboot, and may also help us to overcome some limitations on node image size that we have encountered with the available releases of iPXE.
More information is available in the documentation.
wwctl commands and arguments
This release introduces multiple improvements to the wwctl
utility.
New commands
wwctl container copy
duplicates a container image to a new name, simplifying the process of testing a change in a test image.wwctl container rename
adds support for renaming a container image in-place. (Nodes and profiles that refer to the old name must be updated separately.)
New command options and flags
wwctl container syncuser --build
automatically (re)builds a container image after syncuser.wwctl <node|profile> list --all
now only shows attributes that have a value set.wwctl <node|profile> list --fullall
shows all attributes, including those which do not have a set value.
wwctl <node|profile> set --primarynet
sets the primary network device for the node, to be used for Warewulf provisioning.wwctl <node|profile> set --ipmiescapechar
changes theipmitool
escape character.wwctl overlay import --parents
automatically creates intermediate parent directories.
Fixes and improvements
wwctl node edit
is now much more reliable, with multiple bugfixes and a general rewrite of its temporary file handling.wwctl <node|profile> set --mtu
now correctly accepts valid MTU values.wwctl container import
can now import a container archive using a relative path.wwctl container import --force
no longer fails when replacing an existing container.wwctl <node|profile> list
now supports a comma-separated list of nodes or profiles to filter the list to be displayed.wwctl overlay
tab completion now supports completing files within an overlay.
Overlays
Much of Warewulf's functionality is actually implemented using its bundled overlays.
- Nodes that use multiple profiles now include overlays from all associated profiles, applied in the order that the profiles are listed on the node (last wins). Individual overlays can be excluded using a
~
prefix. - Built overlay images are no longer erroneously / confusingly mixed with overlay sources by default. (For example, overlay sources may be included in
/var/lib/warewulf/overlays
, and overlay images will now be built in/var/lib/warewulf/provision/overlays
.) - Built overlay images are now named either
__SYSTEM__
or__RUNTIME__
by default, replacing the previous format that was a comma-separated list of the contained overlays.
wwinit
- Network configuration files now correctly configure MTU.
- Access to
/warewulf/config
is now restricted to root only. - Configuration of network device names is now more reliable, particularly for nodes with multiple interfaces.
ONBOOT
is now correctly configured when usingifcfg
.- Bonded network interfaces can now be configured via NetworkManager.
generic
- The primary interface hostname is now used as the canonical name in
/etc/hosts
. - The Warewulf server FQDN is now used as the canonical name in
/etc/hosts
.
Tags
Warewulf suports arbitrary key-value tags on nodes, network devices, and ipmi interfaces. These tags can then be used by built-in and custom overlays.
- Multiple bugs in the handling of node and profile tags have been fixed, making them a much more robust and reliable component of the Warewulf feature set.
- The
wwinit
overlay now usesDNS
network tags (includingDNS1
,DNS2
, etc.) to configure DNS resolution in network configuration files.
Configuration
Warewulf is primarily configured using two configuration files, warewulf.conf
and nodes.conf
.
warewulf.conf
ipaddr
now supports CIDR format, optionally inferring netmask and network.paths
can be used to override compiled-in paths, e.g., for overlays, containers, and provisioned images.tftp:ipxe
now supports full paths.
All available configuration options can be seen in context using wwctl genconfig warewulfconf print
.
nodes.conf
PrimaryNetDev
now defines a single network interface as primary for a node (or profile), deprecating theprimary
boolean on each individual network device.
Build and packaging
Finally, a number of improvements have been made to the Warewulf build system, including its Makefile and RPM specfile.
- Warewulf no longer bundles an iPXE binary within its source code or packages, preferring, in stead, the version of iPXE included with the host disribution.
- A local, updated build of iPXE can still be built using an updated helper script at
scripts/build-ipxe.sh
. (Usewarwulf.conf:tftp:ipxe
to configure Warewulf to use a local iPXE build.)
- A local, updated build of iPXE can still be built using an updated helper script at
- Warewulf can now be built on Fedora.
- New releases now include a build for Rocky Linux 9.
- New releases now include a build for OpenSUSE Leap 15.5 (replacing older versions of OpenSUSE Leap).
- A nightly release is now published on GitHub.
v4.5.0rc2
Second release candidate for upcoming release v4.5.0.
For a complete list of changes, see https://github.com/warewulf/warewulf/blob/v4.5.0rc2/CHANGELOG.md
v4.5.0rc1
Release candidate for upcoming release v4.5.0.
For a complete list of changes, see https://github.com/warewulf/warewulf/blob/v4.5.0rc1/CHANGELOG.md
Warewulf nightly release
THIS IS A NIGHTLY RELEASE
This release contains latest commits, which is a feature unstable version
Reflog:
08b45ed main@{0}: branch: Created from refs/remotes/origin/main
Commits:
[]
Bugfix release v4.4.1
Warewulf v4.4.1 is a bugfix release in the 4.4.x branch. This release backports certain fixes from the development branch.
Fixed
v4.4.0
Final release of 4.4.0
Changes to node and profile subcommands
Warewulf 4.4.0 unifies the underlying implementation of nodes and profiles to prevent divergence in their features and attributes going forward; but this necessitated an update to their respective command-line arguments to unify them as well. Changes to those arguments is detailed here:
wwctl node add
--discoverable
becomes--discoverable=true
wwctl node set
--addprofile
has been removed--assetkey
becomes--asset
--delprofile
has been removed--discoverable
becomes--discoverable=true
--netdeltag
becomes--nettagdel
--nettag
becomes--nettagadd
--system
becomes--wwinit
--tag
becomes--tagadd
--undiscoverable
becomes--discoverable=false
internal/app/wwctl/profile/set/root.go
--assetkey
becomes--asset
--discoverable
becomes--discoverable=true
--netdeltag
becomes--nettagdel
--nettag
becomes--nettagadd
--system
becomes--wwinit
--tag
becomes--tagadd
--undiscoverable
becomes--discoverable=false
All changes introduced since v4.3.0 are summarized below.
Added
- iPXE binaries included with Warewulf now support VLAN tagging. #563
wwctl container list
now shows the container creation date,
modification date, and size. #537wwctl node edit
supports directly editing or defining node
configuration YAML in an editor. #540wwctl node export
andwwctl node import
support importing and
exporting node definitions as YAML or (for import) CSV. The CSV file
must have a header in where the first field must always be the
nodename, and the rest of the fields are the same as the long
commandline options. Network device must have the form
net.$NETNAME.$NETOPTION
. (e.g.,net.default.ipaddr
) #540- The
warewulfd.service
systemd unit file now supportsexecreload
andexecstop
. #550 - Network interfaces now accept an
mtu
attribute. #549 - The
wwinit
overlay now supports network interface configuration
via NetworkManager for Ethernet and InfiniBand interfaces. #539 - Default node attribute values (e.g., for kernel arguments) are now
read in from adefaults.conf
configuration file. If this file
is not present, built-in default values are used. #539 - Warewulf documentation is now managed
alongside the Warewulf source code in a single code repository so
that documentation may be updated alongside code changes. - New man pages for
warewulf.conf
andnodes.conf
#510 - An initial cut of the Warewulf API #471
wwctl show --render
shows overlay templates as they would be
rendered on a given target node. #467wwctl ssh
now supports Bash completion. #466- The environment variable
WW_CONTAINER_SHELL
is defined in awwctl container shell
environment to indicate the container in use. #579 - Network interface configuration (
ifcfg
) files now include the
interface name and type. #457 - New
defaults.conf
man page. #593 - A new debug overlay includes a template which demonstrates accessing
all available variables. #599 - Distribute a README along with staticfiles. #189
- Add a
-y
flag towwctl profile add
. #610 - Distribute a source RPM with GitHub releases. #614
- New Docker container node image for CentOS 7. #621
Changed
wwctl overlay edit
no longer saves a new template to the overlay
if the template is not modified from its initial state. #522- The wwinit overlay now only sets a name for a network interface if
that interface has a MAC address defined. #553 wwctl container delete
now also deletes the built images
associated with that container. #214- Unified internal code paths for
wwctl profile
andwwctl node
commands, and between the on disk YAML format and the in memory
format, enabling the command-line options to be autogenerated from
the datastructures and ensuring that profile and node capabilities
remain in sync. Multiple command line arguments have been updated or
changed. #495, #637 wwctl power
commands no longer separates node output with
additional whitespace. #514- No longer ask for confirmation when deleting 0 nodes. #603
- Ask for confirmation during
wwctl container delete
. #606
Fixed
/etc/warewulf/excludes
(read from the node image) once again
excludes files from being included in the node image. #532wwctl ssh
always uses a node's primary interface. #544wwctl container show
now correctly shows the kernel version. #542- System users are no longer prevented from logging into compute
nodes. #538 wwctl overlay chown
now correctly handles uid and gid arguments. #530wwctl overlay chown
no longer sets gid to0
when unspecified. #531- Corrected the path for
.wwbackup
files in some situations. #524 - Bypass
imgextract
for legacy BIOS machines to avoid 32-bit memory
limitations. #497 warewulfd
no longer panics when network interface tags are
defined. #468- The wwinit overlay now configures the network device type. #465
- Minor typographical fixes. #528, #519
- Work-around for older versions of gzip that lack a
--keep
flag
duringwwctl container build
. #580 - The default ipxe template is once again specified as a built-in
default and indefaults.conf
. #581 wwctl container list
no longer segfaults when a container chroot
is present without a built image. #585wwctl configure hostfile
now correctly detects the presence of the
hostfile overlay template. #571wwctl overlay build
no longer panics when rendering an template
for a node which has tags set. #568- Minor typographical fixes. #569
- Directories within overlays no longer lose group/other write permissions #584
wwctl profile set
now indicates "profiles" in output where it
previously mistakenly indicated "nodes." #600- Set correct overlay permissions for a NetworkManager configuration
file. #591 - Replaced an invalid variable name in a NetworkManager overlay
template. #626 - The 'nodes' alias now correctly refers to 'node' rather than
'profile'. - Fixed a typo in a log message. #631
- Boolean attributes now correctly account for profile and default
values. #630 - Kernel version is shown correctly for symlink'd kernels #640
v4.4.0rc3
Second release candidate of 4.4.0
Fixes
- The
ipxe template
did not have a default value so nodes did not boot if a this value was not set. Please check yourdefaults.conf
if you installed this release - older
gzip
versions are now handled correctly - set WW_CONTAINER_SHELL to container name on
wwctl container exe