v4.6.0rc2

Warewulf v4.6.0rc2 is the second release candidate for the upcoming v4.6.0. Warewulf v4.6.0 is a major release that includes many significant enhancements, fixes, and changes.

This second release candidate fixes many additional bugs and makes additional expected changes. The full changelog is included below.

For more information regarding changes in v4.6.0, see the v4.6.0rc1 release.

Added

• Document defining kernel args that include commas. #1679
• Recommend installing ipmitool with Warewulf package. #970
• Add completion for profile list. #1695
• Add OPTIONS argument for warewulfd.service. #1707
• Document warewulf.conf:dhcp.template. #1701
• New template field IpCIDR. #1700
• wwctl configure persists auto-detected server network settings to warewulf.conf. #1700
• Run staticcheck as part of GitHub CI. #1657

Changed

• wwctl node list <--yaml|--json> outputs a map keyed by node name. #1667
• Don't mount /run during wwinit. #1566
• Simpler permissions in official RPM packages. #1696
• Only calculate image chroot size when requested. #1504
• Create temporary files in overlay directory during wwctl overlay edit. #1473
• Re-order SSH key types to make ed25519 default. #981
• Don't assume default values for warewulf.conf network settings. #1700
• Omit DHCP pool from dhcpd.conf if any required fields are missing. #1700
• warewulf.conf:ipaddr6 is no longer required to be a /64 or smaller. #1700

Fixed

• Fix default nodes.conf to use the new kernel command line list format. #1670
• Fix make install when sudo does not set $PWD. #1660
• Use sh to parse and exec IPMI command. #1663
• Use configured warewulf.conf path in wwctl upgrade. #1658
• Fixed negation for slice field elements during profile/node merge. #1677
• Show each overlay only once, even when both site and distribution versions exist. #1675
• Remove a redundant "Building image" log message after image exec. #1694
• Don't populate NetDevs[].Type or NetDevs[].Netmask during upgrade. #1661
• Prefer parent profile values over child profile values. #1672
• Don't attempt to back-up an output file that doesn't exist during upgrade. #1671
• Specify init=/init when booting with Grub+dracut. #1573
• Fix a warewulfd panic when no kernel fields are specified. #1689
• Create site overlay directory. #1690
• Urlencode asset keys during dracut boot. #1610
• Set execute permissions for intermediate directories during wwctl overlay import --parents. #1655
• Fix log output formatting during overlay build.
• Prevent merging of zero-value net.IP fields. #1710
• Properly handle parsing of server network and netmask from CIDR warewulf.conf:ipaddr. #1541, #1594
• Populate template field NetworkCIDR. #1700

Removed

• Remove warewulf.conf:syslog. #1606

v4.6.0rc1

Warewulf v4.6.0rc1 is the first release candidate for the upcoming v4.6.0. Warewulf v4.6.0 is a major release that includes many significant enhancements, fixes, and changes.

• rename "containers" to "images"
• "sprig" functions in overlay templates
• support for yaml and json formatted output
• wwctl upgrade to automatically update nodes.conf and warewulf.conf
• completely re-designed kernel selection support
• nested profiles
• arbitrary node and profile data in new "resources" structure
• moved NFS mount options to resources / fstab overlay
• split overlays by function
• split overlays, site vs distribution
• replaced defaults.conf with settings on default profile
• improved tabular output
• parallel overlay build
• improved networking functionality (static route, vlans, and bonds)
• kernel arguments as a list
• non-zero exit codes on wwctl errors
• fixed argument parsing for wwctl image exec

This release also includes numerous additional bug fixes and other.

Contributors for this release:

• Adam Michel
• Arian
• Benedikt Braunger
• Beni
• Brandon Biggs
• Brian Clemens (CIQ)
• Christian Goll (Suse)
• Daniele Colombo
• David McFarlane
• Dietmar Rieder
• Elmar Pruesse
• John "griznog" Hanks
• Howard Van Der Wal (CIQ)
• Ian Kaufman
• Josh Burks (ASU)
• Jonathon Anderson (CIQ)
• Nicholas Porter
• Shane Nehring (Iowa State University)
• Stephen Simpson (CIQ)
• Timothy Middelkoop (internet2)
• Tobias Poschwatta
• Tobias Ribizel
• "Jason" Xu Yang
• Yong Qin (Nividia)

The full changelog is included below.

Added

• Added Netplan NIC support for Debian/Ubuntu #1463
• Added documentation on ensuring systemctl restart warewulfd is ran when editing nodes.conf or warewulf.conf
• Add the ability to boot nodes with wwid=[interface], which replaces
  interface with the interface MAC address
• Added https://github.com/Masterminds/sprig functions to templates #1030
• Add multiple output formats (yaml & json) support. #447
• More aliases for many wwctl commands
• Add support to render template using host or $(uname -n) as the value of overlay show --render. #623
• Added command line parameters for credentials of a container registry
• Add flag --build to wwctl container copy. #1378
• Add wwctl clean to remove OCI cache and overlays from deleted nodes
• Add wwctl container import --platform. #1381
• Read environment variables from /etc/default/warewulfd #725
• Add support for VLANs to NetworkManager, wicked, ifcfg, debian.network_interfaces overlays. #1257
• Add support for static routes to NetworkManager, wicked, ifcfg, debian.network_interfaces overlays. #1257
• Add wwctl upgrade <config|nodes>. #230, #517
• Better handling of InfiniBand udev net naming. #1227
• use templating mechanism for power commands. #1004
• Document "known issues."
• Add wwctl <node|profile> <add|set> --kernelversion to specify the desired kernel version or path. #1556
• Add wwctl container kernels to list discovered kernels from containers. #1556
• Add possibility to define a softlink target with an overlay template
• Support defining a symlink with an overlay template. #1303
• New "localtime" overlay to define the system time zone. #1303
• Add support for nested profiles. #1572, #1598
• Adds wwctl container <exec|shell> --build=false to prevent automatically (re)building the container. #1490, #1489
• Added resources as generic, arbitrary YAML data for nodes and profiles. #1568
• New fstab resource configures mounts in fstab overlay, including NFS mounts. #515
• Add Dev Container support #1653
• Add man pages and command reference to userdocs. #1488
• Document building images from scratch with Apptainer. #1485
• Added warewulfd:/overlay-file/{overlay}/{path...}?render={id}

Changed

• Renamed "container" to "image" throughout wwctl and overlay templates. #1385
• Locally defined tr has been dropped, templates updated to use Sprig replace.
• Bump github.com/opencontainers/image-spec to 1.1.0
• Bump google.golang.org/grpc 1.62.1
• Bump google.golang.org/protobuf to 1.33.0
• Bump github.com/containers/image/v5 to 5.30.0
• Bump github.com/docker/docker to 25.0.5+incompatible
• Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.18.0 to 2.19.1 #1165
• Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 #1166
• Bump github.com/fatih/color from 1.15.0 to 1.17.0 #1224
• Bump github.com/coreos/ignition/v2 from 2.15.0 to 2.19.0 #1239
• Bump github.com/spf13/cobra from 1.8.0 to 1.8.1 #1481
• Bump google.golang.org/protobuf from 1.34.1 to 1.35.1 #1480
• Bump golang.org/x/term from 0.20.0 to 0.25.0 #1476
• Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.19.1 to 2.23.0 #1513
• Bump github.com/containers/image/v5 from 5.30.1 to 5.32.2 #1366
• Bump github.com/fatih/color from 1.17.0 to 1.18.0 #1523
• Disable building containers by default when calling wwctl container copy. #1378
• Split wwinit and generic overlays into discrete functionality. #987
• Updated IgnitionJson to sort filesystems. #1433
• wwctl node set requires mandatory pattern input. #502
• Remove NodeInfo (in-memory-only) data structure, consolidating onto NodeConf. #916
• Replace defaults.conf with settings on the default profile. #917
• Switched from yaml.v2 to yaml.v3 #1462
• Make OCIBlobCache a seperate path and point it to /var/cache #1459
• Updated various shell scripts for POSIX compatibility. #1464
• Update wwctl server to always run in the foreground #508
• Update wwctl server to log to stdout rather than a file #503
• Changed wwctl server to use "INFO" for send and receive logs #725
• Remove a 3-second sleep during iPXE boot. #1500
• Don't package the API in RPM packages by default. #1493
• Update default warewulfd port to match shipped configuration. #1448
• Replace olekukonko/tablewriter with cheynewallace/tabby. #1497, #1498
• replaced deprecated errors.Wrapf with fmr.Errorf. #1534
• Rename udev net naming file to 70-persistent-net.rules. #1227
• Manage warewulfd template data as a pointer. #1548
• Added test for sending grub.cfg.ww. #1548
• Use a sentinel file to determine container readonly state. #1447
• Bump github.com/Masterminds/sprig/v3 from 3.2.3 to 3.3.0 #1553
• Bump github.com/golang/glog from 1.2.0 to 1.2.3 #1527
• Bump github.com/opencontainers/runc from 1.1.12 to 1.1.14
• Repurpose Kernel.Override to specify the path to the desired kernel within the container. #1556
• Merge Kernel.Override into Kernel.Version to specify the desired kernel version or path. #1556
• Provide detected kernel version to overlay templates. #1556
• Bump github.com/containers/storage from 1.53.0 to 1.55.2 #1316, #892
• Process nodes.conf path dynamically from config. #1595, #1596, #1569
• Split overlays into distribution and site overlays. #831
• Added note to booting userdoc for removing machine-id. #1609
• Log cpio errors more prominently. #1615
• Improved syncuser conflict help text. #1614
• Parallelized overlay build. #1018
• Parallelized and optimized overlay build. #1018
• Added note about dnsmasq interface options in Rocky 9.
• Added retries to curl in wwinit dracut module. #1631
• Added ip= argument to dracut ipxe script. #1630
• Updated network interface bonding configuration and documentation. #1482, #1280
• Refactor Kernel arguments as a slice (list) rather than a single string. #1656

Removed

• wwctl node list --fullall has been removed
• wwctl profile list --fullall has been removed
• Remove wwctl server <start,stop,status,restart,reload> #508
• Remove wwctl overlay build --host #1419
• Remove wwctl overlay build --nodes #1419
• Remove wwctl kernel #1556
• Remove wwctl <node|profile> <add|set> --kerneloverride #1556
• Remove wwctl container <build|import> --setdefault #1335
• Remove NFS mount options from warewulf.conf. #515

Fixed

• Update links on contributing page to point to warewulf repo.
• Prevent Networkmanager from trying to optain IP address via DHCP
  on unused/unmanaged network interfaces.
• Systems with no SMBIOS (Raspberry Pi) will create a UUID from
  /sys/firmware/devicetree/base/serial-number
• Replace slice in templates with sprig substr. #1093
• Fix an invalid format issue for the GitHub nightly build action. #1258
• Return non-zero exit code on overlay build failure #1393
• Return non-zero exit code on container copy failure #1377
• Return non-zero exit code on container sub-commands #1414
• Fix excessive line spacing issue when listing nodes. #1241
• Return non-zero exit code on node sub-commands #1421
• Fix panic when getting a long container list before building the container. #1391
• Return non-zero exit code on power sub-commands #1439
• Fix issue that pattern matching broken on node set #964
• Fix issue that domain globs not supported during wwctl node delete. #1449
• Fix overlay permissions in /root/ and /root/.ssh/. #1452
• Return non-zero exit code on container sub-commands #1437
• Return non-zero exit code on profile sub-commands #1435
• Fix issue that NetworkManager marks managed interfaces "unmanaged" if they do
  not have a device specified. #1154
• Return non-zero exit code on overlay sub-commands #1423
• Simplify passing of arguments to commands through wwctl container exec. #253
• Don't update IPMI if password isn't set. #638
• Fix issue that --nettagdel does not work properly. #1503
• Fix test for dhcp static configuration #1536 #1537
• Fix issue that initrd fails at downloading runtime overlay with permission denied error,
  when warewulf secure option in warewulf.conf is enabled. #806
• Allow iPXE to continue booting without runtime overlay. #806
• Format errors in logs as strings. #1563
• Fix display of profiles during node list. #1496
• Fix internal DelProfile function to correctly operate on profiles rather than nodes. #1622
• Fix parsing of bool co...

v4.5.8

Warewulf v4.5.8 simplifies the "wwinit" boot process for SELinux and configures tmpfs to spread the node image across all available NUMA nodes. It also improves the detection of kernels in the container image to more reliably detect the newest available kernel and to avoid debug / rescue kernels.

This release also includes additional bug fixes and documentation improvements.

Contributors for this release:

• "Jason" Xu Yang (CIQ)
• Elmar Pruesse (National Jewish Health)
• Tobias Ribizel
• Jonathon Anderson (CIQ)
• Christian Goll (Suse)
• Brandon Biggs (INL)

The full changelog is included below.

Known issues

• wwctl container import behaves differently for directories than for images

Added

• Added --syncuser flag to wwctl container shell. #1358
• Added a troubleshooting guide. #1234
• Added documentation about rootfstype=ramfs for SELinux support. #1001
• Added workaround documentation for importing containers with sockets. #892
• Added documentation for building iPXE locally. #1114
• Documented that ignition is not available for Rocky Linux 8. #1373, #1272
• Additional help text when container RunDir already exists. #1389

Changed

• Interleave tmpfs across all available NUMA nodes. #1347, #1348
• Syncuser watches for changes in mtime rather than ctime. #1358
• Change the default permissions for provisioned overlay images to 0750 (dirs) and 0660 (files). #1388

Fixed

• Return an error during wwctl container import if the archive filename includes a colon. #1371
• Correctly extract smbios asset key during GRUB boot. #1291
• Refactor of wwinit/init to more properly address rootfs options. #1098
• Fix autodetected kernel sorting and filtering. #1332
• Avoid a panic during container import. #1244
• Make sure that tftp files have unmasked permissions at creation time. #674
• Fix "onboot" behavior for NetworkManager, Debian networking, and Suse wicked. #1278
• Clarified missing steps in Enterprise Linux quickstart. #1179

v4.5.7

Warewulf v4.5.7 fixes the ability to override overlay files configured in profiles with overlays configured per-node; fixes a template processing bug bug in development-time overlay rendering; and improves the preview dracut-based boot process to better support a "secure" boot process.

It also adds the ability to temporarily copy files into containers for possible modification during wwctl container exec and wwctl container shell.

Dracut booting in v4.5.7 breaks compatibility with earlier versions of warewulf-dracut. To continue using dracut booting with Warewulf v4.5.7, update warewulf-dracut in the container image and re-build an initramfs inside the container. (docs)

Contributors:

• Josh Burks (Arizona State University)
• Jonathon Anderson (CIQ)
• Elmar Pruessee (National Jewish Health)
• Christian Goll (Suse)
• "Jason" Xu Yang (CIQ)
• Tobias Poschwatta (Zuse Institute Berlin)

The full changelog is below:

Added

• Added option for wwclient port number. #1349
• Additional helper directions during syncuser conflict. #1359
• Add :copy suffix to wwctl container exec --bind to temporarily copy files into the node image. #1365

Changed

• Added a link to an example SELinux-enabled node image in documentation. #1305
• Refine error handling for wwctl configure. #1273
• Updated dracut guidance for building initramfs. #1369

Fixed

• Fixed application of node overlays such that they override overlapping files from profile overlays. #1259
• Prevent overlays from being improperly used as format strings during wwctl overlay show --render. #1363
• Fix dracut booting with secure mode. #1261

v4.5.6

Warewulf v4.5.6 includes a significant fix for overlay autobuild, resolving a bug in v4.5.5 that caused autobuilt overlays to be empty. We've also added tab completion for the remaining subcommands of wwctl overlay, and simplified the wwctl container list command to break-out size calculations as optional and only report one type of size at a time. (Previously, container size was reported as the sum of the chroot, the uncompressed archive, and the compressed archive.)

The full changelog is below:

Added

• Show more information during wwctl container <shell|exec> about when and if the container image will be rebuilt. #1302
• Command-line completion for wwctl overlay <edit|delete|chmod|chown>. #1298
• Display an error during boot if no container is defined. #1295
• wwctl conatiner list --kernel shows the kernel detected for each container. #1283
• wwctl container list --size shows the uncompressed size of each container. --compressed shows the compressed size, and --chroot shows the size of the container source on the server. #954, #1117
• Add a logrotate config for warewulfd.log. #1311

Fixed

• Ensure autobuilt overlays include contextual overlay contents. #1296
• Fix the failure when updating overlay files existing on different partitions. #1312
• Escape asset tag for wwclient query strings when pulling runtime overlays. #1310

Changed

• wwctl container list only lists names by default. (--long shows all attributes.) #1117

v4.5.5

Warewulf v4.5.5 includes usability improvements and bugfixes for the v4.5.x line. This includes the restoration of previous behavior when running DHCP in "static" mode, reliability improvements for wwctl overlay edit, and fixes for overlay autobuild.

Known issues

• The fix for overlay autobuild mistakenly autobuilds empty overlays. We recommend manually disabling autobuild in warewulf.conf in v4.5.5. Fixed in #1301.

Fixed

• Support leading and trailing slashes in /etc/warewulf/excludes. #1266
• Fix a regression in overlay autobuild. #1216
• Fix wwclient not reading asset-tag. #1110
• Fix dhcp not passing asset tag or uuid to iPXE. #1110
• Restored previous static dhcp behavior. #1263
• Capture "broken" symlinks during container build. #1267
• Fix the issue that removing lines during wwctl overlay edit didn't work. #1235
• Fix the issue that new files created with wwctl overlay edit have 755 permissions. #1236
• Fix tab-completion for wwctl overlay list. #1260

Changed

• Explicitly ignore compat-style NIS lines in passwd/group during syncuser. #1286
• Accept + within kernel version. #1268
• Mount /sys and /run during wwctl container exec. #1287

v4.5.4

Warewulf v4.5.4 fixes a regression that was introduced in v4.5.3 that broke argument parsing for wwctl container shell and wwctl container exec.

Fixed

• Fix a regression that caused an error when passing flags to wwctl container exec and wwctl container shell. #1250

v4.5.3

Warewulf v4.5.3 includes additional functionality, documentation, usability improvements, and bugfixes. This includes an initial preview of 2-stage boot support based on dracut; significant efficiency improvements for "syncuser"; a remedy for a regression that affected the generation of ssh host keys during initial configuration; and improved handling of temporary files generated during container shell and exec commands.

Added

• Initial support for dracut-based 2-stage boot. See https://warewulf.org/docs/v4.5.x/contents/boot-management.html#booting-with-dracut for more information.
  • Add stage=initramfs to warewulfd provision to serve initramfs from container image. #1115
  • Add warewulf-dracut package to support building Warewulf-compatible initramfs images with dracut. #1115
  • Add iPXE template dracut.ipxe to boot a dracut initramfs. #1115
  • Add dracut menuentry to grub.cfg.ww to boot a dracut initramfs. #1115
  • Add .NetDevs variable to iPXE and GRUB templates, similar to overlay templates. #1115
  • Add .Tags variable to iPXE and GRUB templates, similar to overlay templates. #1115

Changed

• wwctl container import now only runs syncuser if explicitly requested. #1212
• Improved detection of SELinux capable root fs #1093

Fixed

• Block unprivileged requests for arbitrary overlays in secure mode. #1215
• Fix the issue that warewulf.conf parse does not support CIDR format. #1130
• Reduce the number of times syncuser walks the container file system. #1209
• Create ssh keys when calling wwctl configure --all #1250
• Create temporary overlayfs directories alongside container rootfs and remove them after use #1180

Documentation

• Add examples for building overlays in parallel to documentation. (https://warewulf.org/docs/v4.5.x/contents/overlays.html#build)
• Replace reference to docusaurus with Sphinx (https://warewulf.org/docs/v4.5.x/contributing/documentation.html#documentation)
• Fix installation docs to use github.com/warewulf instead of github.com/hpcng. #1219 (https://warewulf.org/docs/v4.5.x/contents/installation.html)

Dependencies

• Bump golang.org/x/net from 0.22.0 to 0.23.0. #1223

v4.5.2

Warewulf v4.5.2 is primarily a security fix release to address CVE-2024-3727.

Other fixes and changes already staged for v4.5.x are also included. The full changelog is below.

Added

• Allow specification of the ssh-keys to be to be created. #1185

Fixed

• Fix nightly release build failure issue. #1195
• Reorder dnsmasq config to put iPXE last. #1146
• Update a reference to --addprofile to be --profile. #1085
• Update a dependency to address CVE-2024-3727. #1221

v4.5.1

Warewulf v4.5.1 is primarily a bugfix and dependency update release.

Updates to dependencies broke compatibility with CentOS 7, so we have also dropped support for CentOS 7 (which, itself, goes EOL at the end of June) in this release. (This only affects the ability to run the Warewulf server on CentOS 7: Warewulf can still provision compute node images running CentOS 7.)

Added

• Document warewulf.conf:paths. #635
• New "Overlay" template variable contains the name of the overlay being built. #1052

Changed

• Update the glossary. #819
• Upgrade the golang version to 1.20.
• Bump github.com/opencontainers/umoci to 0.4.7
• Bump github.com/containers/image/v5 to 5.30.0
• Bump github.com/docker/docker to 25.0.5+incompatible
• Bump github.com/go-jose/go-jose/v3 to 3.0.3
• Bump gopkg.in/go-jose/go-jose.v2 to 2.6.3
• Bump github.com/opencontainers/runc to 1.1.12
• Dynamically calculate version and release from Git. #1162
• Update quickstarts to configure firewalld for dhcp. #1133
• Omit building the API on EL7. #1171
• Syncuser only walks the file system if it is going to write. #1207

Fixed

• Fix wwctl profile list -a format when kernerargs are set.
• Don't attempt to rebuild protocol buffers in offline mode. #1155
• Fix Suse package by moving yq command to %install section. #1169
• Fix a rendering bug in the documentation for GRUB boot support. #1132
• Fix a locking issue with concurrent read/writes for node status. #1174
• Fix shim and grub detection for aarch64. #1145
• wwctl [profile|node] list -a now handles slices correclty. #1113
• Fix parsing of /etc/group during syncuser. #1202