On 11/30/2016 10:23 AM, William L. Thomson Jr. wrote:
A couple more links, I should have provided initially as they better support
the argument.
First from Debian, I cannot find a list, but it is clearly mentioned.
"0-99:
Globally allocated by the Debian project, the same on every Debian system"
https://www.debian.org/doc/debian-policy/ch-opersys.html#s9.2.2
This is even better, what Gentoo lacks, and could build upon.
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/
Deployment_Guide/s1-users-groups-standard-users.html
Also carries to CentOS of course
https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-users-groups-standard-users.html
Per previous links installing some RPMs that have fixed UID/GID will result in
problems of other things are using it
"The vdsm user however is fixed to a UID of 36 and the kvm group is fixed to a
GID of 36.
If UID 36 or GID 36 is already used by another account on the system then a
conflict will arise during installation of the vdsm and qemu-kvm-rhev
packages."
https://access.redhat.com/documentation/en-US/
Red_Hat_Enterprise_Virtualization/3.5/html/Installation_Guide/sect-
System_Accounts.html
I appreciate all the discussion on uid-gid as it is central to cluster
provisioning work.
Some Background::
My specific area of development is heterogeneous (hardware) gentoo
clusters with a specific focus on "uni-kernels' (UK). I define UK as a
minimized, optimized hardened kernel that are specifically tuned to a
minimized and optimize framework for a specific problem or specific
category of problem for High Performance Computing (HPC) needs. In fact
the need to benchmark and compare a myriad of codes, such as openstack
on RHEL vs a skinny gentoo solution, on the exact same hardware will
necessitate provisioning from bare metal up to full stack online and
thus require numerous boot cycles. uid/gid symmetry would be a keen
component of to my solutions. One of the challenges I have not worked on
yet, is a systematic and automated solution for a variety of uid-gid
differences between the systems I need to test and compare.
I am not certain that an ebuild or PMS level solution will work for
comparing images(canned solutions from various sources) to a minimized
and optimized gentoo solution. Furthermore, I'd definitely appreciated
any advice and templates/profiles/scripts/etc that facilitate the
automation of uid/gid compatibility for as wide a variety of
kernels+OS+framework at least within gentoo. Note: for me a 'framework'
is vary similar to the world-file. On other distros, a framework is the
sum of additional codes on top of a basic installation of that distro.
Applicability to other major distros, such as *bunu, RH, debian, and
arch derivatives would be keenly useful for my research and development
needs. Furthermore, I believe that docker is just killing the cluster
competition with uni-kernels and a minimized distro such as Alpine. This
is an embarrassment to Gentoo that docker+alpine is 'killing it' in a
space that is natural for Gentoo to dominate, imho.
This is a complex issue, as most of what has already been posted to this
thread are all impactfully true. So flexibility is paramount, imho. In
fact if there is a way, I'd suggest that a multitude of scenarios are
supported to the point that for my work there could easily be hundreds
of variants. The keyword, 'profiles' comes to mind, but that has
additional connotations within gentoo. Surely a robust and automated way
to deal with differences in uid/gid between differing systems (same
distro or not) would be an excellent project. If this is or is not
possible, regardless of whether other distros use this capability, it
would certainly aid folks in migrating other systems
from different distros to gentoo; so that bring enormous value to gentoo
as a distro.
More specifically::
One thing is for sure, uni-kernels are just killing 'canned cluster'
solutions for specific types of problems, particular defined by HPC. I
strongly believe that all of that pioneering work on HPC clustering will
definitely impact routine web/admin/processing venues, eventually.
A given organization will be able to find the optimal images for their
needs and then easily migrate their needs to a wide variety of
datacenters for peak or scale-up. Unikernels in a wide variety of forms,
will enable hybrid clusters and ease the migration of business, web and
other needs between clusters, in a seamless fashion.
A robust and flexible way to automate, orchestrate (overused term I
know) and provision thousands of systems is desperately needed, imo,
and a tool to transparently handle uid/gid differences would be keen.
I want to thank you, for introducing this topic and I tremendously
appreciate all of the comments folks are interjecting, even the terse
comments from admins that need a way to 'turn off' these features.
Ultimately, CoreOS has an automated provisioning system which when
combined with a robust and flexible uid/gid solution would be a
fantastic pathway to enabling gentoo to once again dominate the
clustering world (like it did over a decade ago), via optimized
uni-kernels::
https://blog.docker.com/2016/01/unikernel/
Additionally, for a deeper dive::
BGO: 5932218
or these links::
https://github.com/coreos/coreos-baremetal
https://coreos.com/blog/introducing-ignition.htm
https://github.com/coreos/ignition/blob/master/doc/getting-started.md
https://github.com/coreos/ignition/blob/master/doc/supported-platforms.md
Thanks,
James