| 1 |
On 11/30/2016 10:23 AM, William L. Thomson Jr. wrote: |
| 2 |
> A couple more links, I should have provided initially as they better support |
| 3 |
> the argument. |
| 4 |
> |
| 5 |
> First from Debian, I cannot find a list, but it is clearly mentioned. |
| 6 |
> |
| 7 |
> "0-99: |
| 8 |
> Globally allocated by the Debian project, the same on every Debian system" |
| 9 |
> https://www.debian.org/doc/debian-policy/ch-opersys.html#s9.2.2 |
| 10 |
> |
| 11 |
> This is even better, what Gentoo lacks, and could build upon. |
| 12 |
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/ |
| 13 |
> Deployment_Guide/s1-users-groups-standard-users.html |
| 14 |
> |
| 15 |
> Also carries to CentOS of course |
| 16 |
> https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-users-groups-standard-users.html |
| 17 |
> |
| 18 |
> Per previous links installing some RPMs that have fixed UID/GID will result in |
| 19 |
> problems of other things are using it |
| 20 |
> |
| 21 |
> "The vdsm user however is fixed to a UID of 36 and the kvm group is fixed to a |
| 22 |
> GID of 36. |
| 23 |
> If UID 36 or GID 36 is already used by another account on the system then a |
| 24 |
> conflict will arise during installation of the vdsm and qemu-kvm-rhev |
| 25 |
> packages." |
| 26 |
> |
| 27 |
> https://access.redhat.com/documentation/en-US/ |
| 28 |
> Red_Hat_Enterprise_Virtualization/3.5/html/Installation_Guide/sect- |
| 29 |
> System_Accounts.html |
| 30 |
|
| 31 |
I appreciate all the discussion on uid-gid as it is central to cluster |
| 32 |
provisioning work. |
| 33 |
|
| 34 |
Some Background:: |
| 35 |
|
| 36 |
|
| 37 |
My specific area of development is heterogeneous (hardware) gentoo |
| 38 |
clusters with a specific focus on "uni-kernels' (UK). I define UK as a |
| 39 |
minimized, optimized hardened kernel that are specifically tuned to a |
| 40 |
minimized and optimize framework for a specific problem or specific |
| 41 |
category of problem for High Performance Computing (HPC) needs. In fact |
| 42 |
the need to benchmark and compare a myriad of codes, such as openstack |
| 43 |
on RHEL vs a skinny gentoo solution, on the exact same hardware will |
| 44 |
necessitate provisioning from bare metal up to full stack online and |
| 45 |
thus require numerous boot cycles. uid/gid symmetry would be a keen |
| 46 |
component of to my solutions. One of the challenges I have not worked on |
| 47 |
yet, is a systematic and automated solution for a variety of uid-gid |
| 48 |
differences between the systems I need to test and compare. |
| 49 |
|
| 50 |
I am not certain that an ebuild or PMS level solution will work for |
| 51 |
comparing images(canned solutions from various sources) to a minimized |
| 52 |
and optimized gentoo solution. Furthermore, I'd definitely appreciated |
| 53 |
any advice and templates/profiles/scripts/etc that facilitate the |
| 54 |
automation of uid/gid compatibility for as wide a variety of |
| 55 |
kernels+OS+framework at least within gentoo. Note: for me a 'framework' |
| 56 |
is vary similar to the world-file. On other distros, a framework is the |
| 57 |
sum of additional codes on top of a basic installation of that distro. |
| 58 |
Applicability to other major distros, such as *bunu, RH, debian, and |
| 59 |
arch derivatives would be keenly useful for my research and development |
| 60 |
needs. Furthermore, I believe that docker is just killing the cluster |
| 61 |
competition with uni-kernels and a minimized distro such as Alpine. This |
| 62 |
is an embarrassment to Gentoo that docker+alpine is 'killing it' in a |
| 63 |
space that is natural for Gentoo to dominate, imho. |
| 64 |
|
| 65 |
|
| 66 |
This is a complex issue, as most of what has already been posted to this |
| 67 |
thread are all impactfully true. So flexibility is paramount, imho. In |
| 68 |
fact if there is a way, I'd suggest that a multitude of scenarios are |
| 69 |
supported to the point that for my work there could easily be hundreds |
| 70 |
of variants. The keyword, 'profiles' comes to mind, but that has |
| 71 |
additional connotations within gentoo. Surely a robust and automated way |
| 72 |
to deal with differences in uid/gid between differing systems (same |
| 73 |
distro or not) would be an excellent project. If this is or is not |
| 74 |
possible, regardless of whether other distros use this capability, it |
| 75 |
would certainly aid folks in migrating other systems |
| 76 |
from different distros to gentoo; so that bring enormous value to gentoo |
| 77 |
as a distro. |
| 78 |
|
| 79 |
|
| 80 |
More specifically:: |
| 81 |
|
| 82 |
One thing is for sure, uni-kernels are just killing 'canned cluster' |
| 83 |
solutions for specific types of problems, particular defined by HPC. I |
| 84 |
strongly believe that all of that pioneering work on HPC clustering will |
| 85 |
definitely impact routine web/admin/processing venues, eventually. |
| 86 |
A given organization will be able to find the optimal images for their |
| 87 |
needs and then easily migrate their needs to a wide variety of |
| 88 |
datacenters for peak or scale-up. Unikernels in a wide variety of forms, |
| 89 |
will enable hybrid clusters and ease the migration of business, web and |
| 90 |
other needs between clusters, in a seamless fashion. |
| 91 |
|
| 92 |
A robust and flexible way to automate, orchestrate (overused term I |
| 93 |
know) and provision thousands of systems is desperately needed, imo, |
| 94 |
and a tool to transparently handle uid/gid differences would be keen. |
| 95 |
|
| 96 |
I want to thank you, for introducing this topic and I tremendously |
| 97 |
appreciate all of the comments folks are interjecting, even the terse |
| 98 |
comments from admins that need a way to 'turn off' these features. |
| 99 |
Ultimately, CoreOS has an automated provisioning system which when |
| 100 |
combined with a robust and flexible uid/gid solution would be a |
| 101 |
fantastic pathway to enabling gentoo to once again dominate the |
| 102 |
clustering world (like it did over a decade ago), via optimized |
| 103 |
uni-kernels:: |
| 104 |
|
| 105 |
https://blog.docker.com/2016/01/unikernel/ |
| 106 |
|
| 107 |
|
| 108 |
Additionally, for a deeper dive:: |
| 109 |
BGO: 5932218 |
| 110 |
|
| 111 |
or these links:: |
| 112 |
https://github.com/coreos/coreos-baremetal |
| 113 |
|
| 114 |
https://coreos.com/blog/introducing-ignition.htm |
| 115 |
|
| 116 |
https://github.com/coreos/ignition/blob/master/doc/getting-started.md |
| 117 |
|
| 118 |
https://github.com/coreos/ignition/blob/master/doc/supported-platforms.md |
| 119 |
|
| 120 |
|
| 121 |
Thanks, |
| 122 |
James |
Archives