Introduction and Factory Request
Hi there, My name is Chris Rapier and I've just joined the list. I'll be honest that I'm not a long time SUSE user but I've been using OBS to build a project and I'm very impressed. I'm hoping to have that project reviewed. I'm the primary developer and maintainer of HPN-SSH (aka hpnssh) which is a fork of OpenSSH that is focused on high performance and functionality. Most of our work is centered on increasing throughput performance for bulk data transfers. We've been able to get significant improvements over OpenSSH, in the range of 10x to 100x faster, depending on the network path. The bigger the delay (RTT) the more relative improvement you tend to see. We also have done work on parallelizing the AES-CTR cipher (and soon ChaCha20), in line network telemetry, automatic resumption of failed SCP transfers, and so forth. We have more information at https://www.psc.edu/hpn-ssh-home/ We do maintain currency with OpenSSH releases and full interoperability with it as well. So hpnssh can work very effectively in mixed environments. One of the nice things about hpnssh is that you'll often see improvements even if both sides of the connection aren't running hpnssh. As long as the bulk data receiver is running hpnssh you'll get a lot of the benefits. I've doing this for about 18 years now and I've seen some success with it over that time. One of the things I'd like to do is start getting HPN-SSH into default package repositories to make it easier for users to make use of it. Which is why I'm here. I have a package at home:rapier1:hpnssh-rpms that I'm about to submit a request for. If anyone has question, comments, or critiques please let me know. Chris Rapier Sr. Research Scientist Pittsburgh Supercomputing Center Carnegie Mellon University
Am Mittwoch, dem 17.05.2023 um 15:54 -0400 schrieb Chris Rapier:
Hi there,
My name is Chris Rapier and I've just joined the list. I'll be honest that I'm not a long time SUSE user but I've been using OBS to build a project and I'm very impressed. I'm hoping to have that project reviewed.
I'm the primary developer and maintainer of HPN-SSH (aka hpnssh) which is a fork of OpenSSH that is focused on high performance and functionality. Most of our work is centered on increasing throughput performance for bulk data transfers. We've been able to get significant improvements over OpenSSH, in the range of 10x to 100x faster, depending on the network path. The bigger the delay (RTT) the more relative improvement you tend to see. We also have done work on parallelizing the AES-CTR cipher (and soon ChaCha20), in line network telemetry, automatic resumption of failed SCP transfers, and so forth. We have more information at https://www.psc.edu/hpn-ssh-home/
We do maintain currency with OpenSSH releases and full interoperability with it as well. So hpnssh can work very effectively in mixed environments. One of the nice things about hpnssh is that you'll often see improvements even if both sides of the connection aren't running hpnssh. As long as the bulk data receiver is running hpnssh you'll get a lot of the benefits.
I've doing this for about 18 years now and I've seen some success with it over that time. One of the things I'd like to do is start getting HPN-SSH into default package repositories to make it easier for users to make use of it. Which is why I'm here. I have a package at home:rapier1:hpnssh-rpms that I'm about to submit a request for.
If anyone has question, comments, or critiques please let me know.
I've taken a look at your request[0] and there are a few issues with it. If you haven't already, you should read the paragraph "How to add a new package to Factory" that is part of the "openSUSE:How to contribute to Factory" wiki article[1]. Well, my criticism mostly boiles down to three points: 1. devel:openSUSE:Factory is about the worst devel-project you could've picked. IMHO you should probably submit it to network (since openssh is already there) or maybe (depending on the intended usecase of this tool) science:HPC. 2. All sources should actually reside within the package and not downloaded at runtime by obs-service_... . You are not able to submit packages that run services on OBS to Factory anyways, as they'll get auto-declined; you'd have to at least change the service mode to localonly/manual/disabled. 3. Check the rpmlint log, there are a few errors and warnings that should be fixed before submitting. Also, given that the package does stuff with pam, you might need an additional security review (seems at least sensible to me, given the security implications of openssh). You also don't need to send an email to factory when submitting a package to a devel project. You should send one once you actually submit it from the devel project to factory. [0]:https://build.opensuse.org/request/show/1087711 [1]:https://en.opensuse.org/openSUSE:How_to_contribute_to_Factory#How_to_add_a_n...
Chris Rapier Sr. Research Scientist Pittsburgh Supercomputing Center Carnegie Mellon University
Open for any more questions (if I can answer then :)), Florian -- $\int_\text{now}^{+\infty}\text{Keep trying}$ Matrix: @sp1rit:tchncs.de <sp1rit@disroot.org> D248BF2F4C6A82A1E0569D897D8C1CD573166D09 <sp1rit@national.shitposting.agency> BBDE032EAAFBFC627FB7E635B1F4055D8460CE34
On 5/19/23 3:02 AM, Florian "sp1rit" wrote:
Am Mittwoch, dem 17.05.2023 um 15:54 -0400 schrieb Chris Rapier:
Hi there,
My name is Chris Rapier and I've just joined the list. I'll be honest that I'm not a long time SUSE user but I've been using OBS to build a project and I'm very impressed. I'm hoping to have that project reviewed.
I'm the primary developer and maintainer of HPN-SSH (aka hpnssh) which is a fork of OpenSSH that is focused on high performance and functionality. Most of our work is centered on increasing throughput performance for bulk data transfers. We've been able to get significant improvements over OpenSSH, in the range of 10x to 100x faster, depending on the network path. The bigger the delay (RTT) the more relative improvement you tend to see. We also have done work on parallelizing the AES-CTR cipher (and soon ChaCha20), in line network telemetry, automatic resumption of failed SCP transfers, and so forth. We have more information at https://www.psc.edu/hpn-ssh-home/
We do maintain currency with OpenSSH releases and full interoperability with it as well. So hpnssh can work very effectively in mixed environments. One of the nice things about hpnssh is that you'll often see improvements even if both sides of the connection aren't running hpnssh. As long as the bulk data receiver is running hpnssh you'll get a lot of the benefits.
I've doing this for about 18 years now and I've seen some success with it over that time. One of the things I'd like to do is start getting HPN-SSH into default package repositories to make it easier for users to make use of it. Which is why I'm here. I have a package at home:rapier1:hpnssh-rpms that I'm about to submit a request for.
If anyone has question, comments, or critiques please let me know.
I've taken a look at your request[0] and there are a few issues with it. If you haven't already, you should read the paragraph "How to add a new package to Factory" that is part of the "openSUSE:How to contribute to Factory" wiki article[1].
Well, my criticism mostly boiles down to three points: 1. devel:openSUSE:Factory is about the worst devel-project you could've picked. IMHO you should probably submit it to network (since openssh is already there) or maybe (depending on the intended usecase of this tool) science:HPC. 2. All sources should actually reside within the package and not downloaded at runtime by obs-service_... . You are not able to submit packages that run services on OBS to Factory anyways, as they'll get auto-declined; you'd have to at least change the service mode to localonly/manual/disabled. 3. Check the rpmlint log, there are a few errors and warnings that should be fixed before submitting.
Also, given that the package does stuff with pam, you might need an additional security review (seems at least sensible to me, given the security implications of openssh).
You also don't need to send an email to factory when submitting a package to a devel project. You should send one once you actually submit it from the devel project to factory.
[0]:https://build.opensuse.org/request/show/1087711 [1]:https://en.opensuse.org/openSUSE:How_to_contribute_to_Factory#How_to_add_a_n...
1. I had looked through the packages listed in https://build.opensuse.org/project/list_public and didn't find anything that mentioned ssh (open or otherwise). I should have looked deeper into the network project. I found openssh there and I'll resubmit, when ready, to that location. 2. Okay, I wasn't aware of that. I have an existing srpm that I was trying to get into OSB but I couldn't figure out how to get to auto extract from there. I did find out that it will do that if you use a service. So I took that route. I'm still new to Suse and osc so I must be missing something with it comes to local srpms. If you have any pointers I would be appreciate anything you care to share. 3. Thanks for the review. I'll take a look at the rpmlint log. I thought I had done that but it was probably for an earlier revision of the package. Thanks again for taking a look, Chris
Am Montag, dem 22.05.2023 um 16:21 -0400 schrieb Chris Rapier:
[...]
1. I had looked through the packages listed in https://build.opensuse.org/project/list_public and didn't find anything that mentioned ssh (open or otherwise). I should have looked deeper into the network project. I found openssh there and I'll resubmit, when ready, to that location.
2. Okay, I wasn't aware of that. I have an existing srpm that I was trying to get into OSB but I couldn't figure out how to get to auto extract from there. I did find out that it will do that if you use a service. So I took that route. I'm still new to Suse and osc so I must be missing something with it comes to local srpms. If you have any pointers I would be appreciate anything you care to share.
I don't quite know what you intend to achieve, you could just manually extract the srcrpm with cpio or add mode="manual" to the download_src_package service. This way it'll only pull and extract the srcrpm when you invoke osc service mr (it then puts the files plainly into the package dir, you might have to osc add/rm new/old files before commiting).
3. Thanks for the review. I'll take a look at the rpmlint log. I thought I had done that but it was probably for an earlier revision of the package.
Two other things I've noticed just now are, that you probably want to name the package in OBS "hpnssh" (the same as the spec) instead of "HPNSSH-RPM" and that the specfile needs a copyright and license header (I believe this is, unlike on Fedora, required). Additionally (but I assume you've seen it), coolo mentioned on the request you've sent that the changelog should be moved from the specfile to a separate .changes files.
Thanks again for taking a look,
Chris
Sure, Florian -- $\int_\text{now}^{+\infty}\text{Keep trying}$ Matrix: @sp1rit:tchncs.de <sp1rit@disroot.org> D248BF2F4C6A82A1E0569D897D8C1CD573166D09 <sp1rit@national.shitposting.agency> BBDE032EAAFBFC627FB7E635B1F4055D8460CE34
participants (2)
-
Chris Rapier
-
Florian "sp1rit"