v4.5.5

Warewulf v4.5.5 includes usability improvements and bugfixes for the v4.5.x line. This includes the restoration of previous behavior when running DHCP in "static" mode, reliability improvements for wwctl overlay edit, and fixes for overlay autobuild.

Known issues

• The fix for overlay autobuild mistakenly autobuilds empty overlays. We recommend manually disabling autobuild in warewulf.conf in v4.5.5. Fixed in #1301.

Fixed

• Support leading and trailing slashes in /etc/warewulf/excludes. #1266
• Fix a regression in overlay autobuild. #1216
• Fix wwclient not reading asset-tag. #1110
• Fix dhcp not passing asset tag or uuid to iPXE. #1110
• Restored previous static dhcp behavior. #1263
• Capture "broken" symlinks during container build. #1267
• Fix the issue that removing lines during wwctl overlay edit didn't work. #1235
• Fix the issue that new files created with wwctl overlay edit have 755 permissions. #1236
• Fix tab-completion for wwctl overlay list. #1260

Changed

• Explicitly ignore compat-style NIS lines in passwd/group during syncuser. #1286
• Accept + within kernel version. #1268
• Mount /sys and /run during wwctl container exec. #1287

v4.5.4

Warewulf v4.5.4 fixes a regression that was introduced in v4.5.3 that broke argument parsing for wwctl container shell and wwctl container exec.

Fixed

• Fix a regression that caused an error when passing flags to wwctl container exec and wwctl container shell. #1250

v4.5.3

Warewulf v4.5.3 includes additional functionality, documentation, usability improvements, and bugfixes. This includes an initial preview of 2-stage boot support based on dracut; significant efficiency improvements for "syncuser"; a remedy for a regression that affected the generation of ssh host keys during initial configuration; and improved handling of temporary files generated during container shell and exec commands.

Added

• Initial support for dracut-based 2-stage boot. See https://warewulf.org/docs/v4.5.x/contents/boot-management.html#booting-with-dracut for more information.
  • Add stage=initramfs to warewulfd provision to serve initramfs from container image. #1115
  • Add warewulf-dracut package to support building Warewulf-compatible initramfs images with dracut. #1115
  • Add iPXE template dracut.ipxe to boot a dracut initramfs. #1115
  • Add dracut menuentry to grub.cfg.ww to boot a dracut initramfs. #1115
  • Add .NetDevs variable to iPXE and GRUB templates, similar to overlay templates. #1115
  • Add .Tags variable to iPXE and GRUB templates, similar to overlay templates. #1115

Changed

• wwctl container import now only runs syncuser if explicitly requested. #1212
• Improved detection of SELinux capable root fs #1093

Fixed

• Block unprivileged requests for arbitrary overlays in secure mode. #1215
• Fix the issue that warewulf.conf parse does not support CIDR format. #1130
• Reduce the number of times syncuser walks the container file system. #1209
• Create ssh keys when calling wwctl configure --all #1250
• Create temporary overlayfs directories alongside container rootfs and remove them after use #1180

Documentation

• Add examples for building overlays in parallel to documentation. (https://warewulf.org/docs/v4.5.x/contents/overlays.html#build)
• Replace reference to docusaurus with Sphinx (https://warewulf.org/docs/v4.5.x/contributing/documentation.html#documentation)
• Fix installation docs to use github.com/warewulf instead of github.com/hpcng. #1219 (https://warewulf.org/docs/v4.5.x/contents/installation.html)

Dependencies

• Bump golang.org/x/net from 0.22.0 to 0.23.0. #1223

v4.5.2

Warewulf v4.5.2 is primarily a security fix release to address CVE-2024-3727.

Other fixes and changes already staged for v4.5.x are also included. The full changelog is below.

Added

• Allow specification of the ssh-keys to be to be created. #1185

Fixed

• Fix nightly release build failure issue. #1195
• Reorder dnsmasq config to put iPXE last. #1146
• Update a reference to --addprofile to be --profile. #1085
• Update a dependency to address CVE-2024-3727. #1221

v4.5.1

Warewulf v4.5.1 is primarily a bugfix and dependency update release.

Updates to dependencies broke compatibility with CentOS 7, so we have also dropped support for CentOS 7 (which, itself, goes EOL at the end of June) in this release. (This only affects the ability to run the Warewulf server on CentOS 7: Warewulf can still provision compute node images running CentOS 7.)

Added

• Document warewulf.conf:paths. #635
• New "Overlay" template variable contains the name of the overlay being built. #1052

Changed

• Update the glossary. #819
• Upgrade the golang version to 1.20.
• Bump github.com/opencontainers/umoci to 0.4.7
• Bump github.com/containers/image/v5 to 5.30.0
• Bump github.com/docker/docker to 25.0.5+incompatible
• Bump github.com/go-jose/go-jose/v3 to 3.0.3
• Bump gopkg.in/go-jose/go-jose.v2 to 2.6.3
• Bump github.com/opencontainers/runc to 1.1.12
• Dynamically calculate version and release from Git. #1162
• Update quickstarts to configure firewalld for dhcp. #1133
• Omit building the API on EL7. #1171
• Syncuser only walks the file system if it is going to write. #1207

Fixed

• Fix wwctl profile list -a format when kernerargs are set.
• Don't attempt to rebuild protocol buffers in offline mode. #1155
• Fix Suse package by moving yq command to %install section. #1169
• Fix a rendering bug in the documentation for GRUB boot support. #1132
• Fix a locking issue with concurrent read/writes for node status. #1174
• Fix shim and grub detection for aarch64. #1145
• wwctl [profile|node] list -a now handles slices correclty. #1113
• Fix parsing of /etc/group during syncuser. #1202

v4.5.0

The Warewulf project is pleased to announce the release of v4.5.0.

There's a lot in this release! Some of the more prominent changes are described here. For a more complete list of changes, see the changelog.

Testing, linting, and code formatting

In this release we have significantly increased our focus on testing. Code changes, especially bug fixes, are increasingly accompanied by additional tests in the automated test suite, and this test suite is automatically run by GitHub against every pull request and every release.

Use the make test target to run the test suite locally whenever you're doing development of your own.

Additional Makefile targets have also been introduced (or improved) to aid in overall maintenance of the code base:

• make vet uses standard golang heuristics to flag potential trouble
• make fmt applies a uniform source code format

Documentation

Documentation continues to be an area for growth in Warewulf; but v4.5.x brings a number of improvements, some foundational:

• v4.5.x documentation is now published separately, in addition to documentation for the main branch.
• The quickstart guides have been updated, particularly combining the guides for Enterprise Linux (e.g., Rocky Linux, CentOS, and RHEL).
• We've added a guide for using Vagrant as a development environment.

There have been a few other specific additions: for example, there is now explicit documentation for how to configure multiple networks on a cluster node, and documentation for the "hostlist" syntax used by multiple wwctl commands.

Please reach out via Slack if you'd be interested in helping to improve the project's documentation!

Preview features

This release brings three new features in a preview status: they haven't quite had enough use, testing, integration, or documentation to be ready for production, but they represent interesting new capabilities for the project and we are eager to hear about your experiences!

Initialize storage with Ignition

You can now initialize file systems, partitions, and disks on attached storage during node boot using the Ignition utility. This does not yet support provisioning the node image to local disk; but it can be used to provision storage to be mounted into the node image; for example, to initialize a swap partition, to format a scratch disk, or to prepare local storage for system logs.

More information is available in the documentation.

Use dnsmasq for dhcp and tftp

You can now use dnsmasq as a dhcp and tftp server in place of dhcpd and tftp-server. dnsmasq may become the default implementation in the future, unifying Warewulf on a single code-base for some of its down-stream services.

More information is available in the documentation.

Use GRUB as a node bootloader

You can now use GNU GRUB as a node bootloader in place of iPXE. Using GRUB introduces support for secureboot, and may also help us to overcome some limitations on node image size that we have encountered with the available releases of iPXE.

More information is available in the documentation.

wwctl commands and arguments

This release introduces multiple improvements to the wwctl utility.

New commands

• wwctl container copy duplicates a container image to a new name, simplifying the process of testing a change in a test image.
• wwctl container rename adds support for renaming a container image in-place. (Nodes and profiles that refer to the old name must be updated separately.)

New command options and flags

• wwctl container syncuser --build automatically (re)builds a container image after syncuser.
• wwctl <node|profile> list --all now only shows attributes that have a value set.
  • wwctl <node|profile> list --fullall shows all attributes, including those which do not have a set value.
• wwctl <node|profile> set --primarynet sets the primary network device for the node, to be used for Warewulf provisioning.
• wwctl <node|profile> set --ipmiescapechar changes the ipmitool escape character.
• wwctl overlay import --parents automatically creates intermediate parent directories.

Fixes and improvements

• wwctl node edit is now much more reliable, with multiple bugfixes and a general rewrite of its temporary file handling.
• wwctl <node|profile> set --mtu now correctly accepts valid MTU values.
• wwctl container import can now import a container archive using a relative path.
• wwctl container import --force no longer fails when replacing an existing container.
• wwctl <node|profile> list now supports a comma-separated list of nodes or profiles to filter the list to be displayed.
• wwctl overlay tab completion now supports completing files within an overlay.

Overlays

Much of Warewulf's functionality is actually implemented using its bundled overlays.

• Nodes that use multiple profiles now include overlays from all associated profiles, applied in the order that the profiles are listed on the node (last wins). Individual overlays can be excluded using a ~ prefix.
• Built overlay images are no longer erroneously / confusingly mixed with overlay sources by default. (For example, overlay sources may be included in /var/lib/warewulf/overlays, and overlay images will now be built in /var/lib/warewulf/provision/overlays.)
• Built overlay images are now named either __SYSTEM__ or __RUNTIME__ by default, replacing the previous format that was a comma-separated list of the contained overlays.

wwinit

• Network configuration files now correctly configure MTU.
• Access to /warewulf/config is now restricted to root only.
• Configuration of network device names is now more reliable, particularly for nodes with multiple interfaces.
• ONBOOT is now correctly configured when using ifcfg.
• Bonded network interfaces can now be configured via NetworkManager.

generic

• The primary interface hostname is now used as the canonical name in /etc/hosts.
• The Warewulf server FQDN is now used as the canonical name in /etc/hosts.

Tags

Warewulf suports arbitrary key-value tags on nodes, network devices, and ipmi interfaces. These tags can then be used by built-in and custom overlays.

• Multiple bugs in the handling of node and profile tags have been fixed, making them a much more robust and reliable component of the Warewulf feature set.
• The wwinit overlay now uses DNS network tags (including DNS1, DNS2, etc.) to configure DNS resolution in network configuration files.

Configuration

Warewulf is primarily configured using two configuration files, warewulf.conf and nodes.conf.

warewulf.conf

• ipaddr now supports CIDR format, optionally inferring netmask and network.
• paths can be used to override compiled-in paths, e.g., for overlays, containers, and provisioned images.
• tftp:ipxe now supports full paths.

All available configuration options can be seen in context using wwctl genconfig warewulfconf print.

nodes.conf

• PrimaryNetDev now defines a single network interface as primary for a node (or profile), deprecating the primary boolean on each individual network device.

Build and packaging

Finally, a number of improvements have been made to the Warewulf build system, including its Makefile and RPM specfile.

• Warewulf no longer bundles an iPXE binary within its source code or packages, preferring, in stead, the version of iPXE included with the host disribution.
  • A local, updated build of iPXE can still be built using an updated helper script at scripts/build-ipxe.sh. (Use warwulf.conf:tftp:ipxe to configure Warewulf to use a local iPXE build.)
• Warewulf can now be built on Fedora.
• New releases now include a build for Rocky Linux 9.
• New releases now include a build for OpenSUSE Leap 15.5 (replacing older versions of OpenSUSE Leap).
• A nightly release is now published on GitHub.

v4.5.0rc2

Second release candidate for upcoming release v4.5.0.

For a complete list of changes, see https://github.com/warewulf/warewulf/blob/v4.5.0rc2/CHANGELOG.md

v4.5.0rc1

Release candidate for upcoming release v4.5.0.

For a complete list of changes, see https://github.com/warewulf/warewulf/blob/v4.5.0rc1/CHANGELOG.md

Warewulf nightly release

THIS IS A NIGHTLY RELEASE

This release contains latest commits, which is a feature unstable version

Reflog:
b61e391 main@{0}: branch: Created from refs/remotes/origin/main

Commits:
[]

Bugfix release v4.4.1

Warewulf v4.4.1 is a bugfix release in the 4.4.x branch. This release backports certain fixes from the development branch.

Fixed

• Container file gids are now updated properly during syncuser. #840
• Added a missing .ww extension to the 70-ww4-netname.rules template in the wwinit overlay. #724
• Restrict access to /warewulf/config to root only. #728