| 2016-05-12 20:09:14 |
Max Illfelder |
bug |
|
|
added bug |
| 2016-05-16 07:21:55 |
Dan Watkins |
summary |
Ubuntu cloud-init expects trailing dot on metadata FQDN |
Ubuntu cloud-init expects trailing dot on GCE metadata FQDN |
|
| 2016-05-16 07:21:58 |
Dan Watkins |
cloud-init (Ubuntu): assignee |
|
Dan Watkins (daniel-thewatkins) |
|
| 2016-05-23 14:14:34 |
Patricia Gaughen |
cloud-init (Ubuntu): assignee |
Dan Watkins (daniel-thewatkins) |
Philip Roche (philroche) |
|
| 2016-06-03 03:32:01 |
Scott Moser |
cloud-init (Ubuntu): status |
New |
Confirmed |
|
| 2016-06-03 03:32:04 |
Scott Moser |
cloud-init (Ubuntu): importance |
Undecided |
Medium |
|
| 2016-06-03 09:18:54 |
Launchpad Janitor |
branch linked |
|
lp:~philroche/cloud-init/trunk |
|
| 2016-06-03 09:23:26 |
Philip Roche |
branch unlinked |
lp:~philroche/cloud-init/trunk |
|
|
| 2016-06-03 09:24:32 |
Launchpad Janitor |
branch linked |
|
lp:~philroche/cloud-init/trunk |
|
| 2016-06-13 08:25:52 |
Philip Roche |
branch unlinked |
lp:~philroche/cloud-init/trunk |
|
|
| 2016-06-13 08:33:17 |
Launchpad Janitor |
branch linked |
|
lp:~philroche/cloud-init/trunk |
|
| 2016-06-13 08:38:01 |
Philip Roche |
cloud-init (Ubuntu): status |
Confirmed |
Fix Committed |
|
| 2016-06-13 09:08:13 |
Launchpad Janitor |
branch linked |
|
lp:cloud-init |
|
| 2016-06-13 09:34:05 |
Robie Basak |
nominated for series |
|
Ubuntu Trusty |
|
| 2016-06-13 09:34:05 |
Robie Basak |
bug task added |
|
cloud-init (Ubuntu Trusty) |
|
| 2016-06-14 19:20:00 |
Scott Moser |
cloud-init (Ubuntu): status |
Fix Committed |
Confirmed |
|
| 2016-06-16 04:07:24 |
Launchpad Janitor |
branch linked |
|
lp:~smoser/ubuntu/yakkety/cloud-init/pkg |
|
| 2016-06-16 05:37:13 |
Launchpad Janitor |
cloud-init (Ubuntu): status |
Confirmed |
Fix Released |
|
| 2016-06-22 14:25:08 |
Philip Roche |
cloud-init (Ubuntu Trusty): assignee |
|
Philip Roche (philroche) |
|
| 2016-06-22 20:09:16 |
Launchpad Janitor |
branch linked |
|
lp:~smoser/ubuntu/xenial/cloud-init/pkg |
|
| 2016-06-30 10:09:09 |
Robie Basak |
nominated for series |
|
Ubuntu Xenial |
|
| 2016-06-30 10:09:09 |
Robie Basak |
bug task added |
|
cloud-init (Ubuntu Xenial) |
|
| 2016-06-30 11:09:26 |
Philip Roche |
description |
cloud-init hostname breaks because /etc/hosts does not have the trailing dot on metadata FQDN.
Background:
On Ubuntu, cloud-init sets the hostname using our metadata service. To do this, it hits "metadata.google.internal." (note trailing dot) via HTTP.
We have entries in /etc/hosts for the metadata service to ensure that we can access it at boot time (if DNS is not yet up) as we have other init scripts which block bootup when metadata cannot be reached. However, these /etc/hosts entries only have "metadata.google.internal" (no trailing dot) entries.
When a customer runs their own bind9 daemon, it starts *after* cloud-init, meaning that cloud-init must use /etc/hosts to find the metadata service. When it cannot, it incorrectly sets the hostname to "$hostname.localdomain" instead of just $hostname.
Proposed fix:
Update:
http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/cloudinit/sources/DataSourceGCE.py
Line 28 should read:
'metadata_url': 'http://metadata.google.internal/computeMetadata/v1/' |
[Impact]
* If bind9 is installed and configured as a local DNS server on an ubuntu instance on GCE then on every reboot cloud-init will fail to retrieve instance metadata from GCE due to the lookup hostname not resolving.
* Backporting of this is necessary as instances with bind9 installed can no longer take advantage of cloud-init
* The patch fixes this bug by updating the hostname used in the metadata lookup to one that is included in /etc/hosts. As such it will resolve, even if bind9 hasn't started yet.
[Test Case]
#launch an instance of ubuntu 14.04 on GCE
sudo apt-get update
sudo apt-get install -y bind9
#Add the Google DNS servers as global forwarders and configure bind9 for the GCE environment
cat << EOF | sudo tee /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
forwarders {
169.254.169.254;
};
recursion yes;
dnssec-validation no;
dnssec-enable no;
auth-nxdomain no;
listen-on { 127.0.0.1; };
};
EOF
sudo service bind9 restart
#setup your instance to use bind9 instead of the Google server
echo "supersede domain-name-servers 127.0.0.1;" | sudo tee -a /etc/dhcp/dhclient.conf
sudo dhclient -pf /run/dhclient.eth0.pid -x
sudo dhclient -1 -v -pf /run/dhclient.eth0.pid -lf /var/lib/dhcp/dhclient.eth0.leases eth0
if grep -q "nameserver 127.0.0.1" "/etc/resolv.conf"; then echo "resolv.conf has been updated"; fi
if host -t A metadata.google.internal | grep '169.254.169.254' > /dev/null; then echo "host lookup succeeded as expected"; fi
sudo service bind9 stop
if host -t A metadata.google.internal | grep 'connection timed out' > /dev/null; then echo "host lookup failed as expected"; fi
#Now reboot the instance
sudo reboot
#Once rebooted run the following
if grep -q "http://metadata.google.internal./computeMetadata/v1/ is not resolvable" "/var/log/cloud-init.log"; then echo "cloud-init failed to lookup metadata as expected"; else echo "cloud-init did _not_ fail to lookup metadata as expected"; fi
A patched ubuntu14.04 has been built. To test the patch run the above but after reboot run
#launch a patched instance
gcloud compute instances create ubuntu1404-patched-cloudinit --image daily-ubuntu-proche-cloudinit-1404-trusty-v20160627 --image-project ubuntu-os-cloud-devel
#on a patched instance run the following after reboot
if grep -q "http://metadata.google.internal/computeMetadata/v1/ is not resolvable" "/var/log/cloud-init.log"; then echo "cloud-init failed to retrieve metadata"; else echo "cloud-init did successfully retrieve metadata as expected"; fi
[Regression Potential]
* GCE are questing this change.
* The reported issue only affects GCE users and only a small set of those users will be using a local DNS server.
* The change is a single character change and has been tested and as such has limited regression potential.
[Original Bug Report]
cloud-init hostname breaks because /etc/hosts does not have the trailing dot on metadata FQDN.
Background:
On Ubuntu, cloud-init sets the hostname using our metadata service. To do this, it hits "metadata.google.internal." (note trailing dot) via HTTP.
We have entries in /etc/hosts for the metadata service to ensure that we can access it at boot time (if DNS is not yet up) as we have other init scripts which block bootup when metadata cannot be reached. However, these /etc/hosts entries only have "metadata.google.internal" (no trailing dot) entries.
When a customer runs their own bind9 daemon, it starts *after* cloud-init, meaning that cloud-init must use /etc/hosts to find the metadata service. When it cannot, it incorrectly sets the hostname to "$hostname.localdomain" instead of just $hostname.
Proposed fix:
Update:
http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/cloudinit/sources/DataSourceGCE.py
Line 28 should read:
'metadata_url': 'http://metadata.google.internal/computeMetadata/v1/' |
|
| 2016-06-30 11:11:16 |
Philip Roche |
attachment added |
|
lp-1581200-gce-metadatafqdn.debdiff https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1581200/+attachment/4692729/+files/lp-1581200-gce-metadatafqdn.debdiff |
|
| 2016-06-30 14:54:05 |
Philip Roche |
bug |
|
|
added subscriber Ubuntu Sponsors Team |
| 2016-06-30 14:54:24 |
Philip Roche |
cloud-init (Ubuntu Trusty): status |
New |
In Progress |
|
| 2016-07-03 10:46:55 |
Mathew Hodson |
cloud-init (Ubuntu Trusty): importance |
Undecided |
Medium |
|
| 2016-07-03 10:46:58 |
Mathew Hodson |
cloud-init (Ubuntu Xenial): importance |
Undecided |
Medium |
|
| 2016-07-11 15:57:25 |
Scott Moser |
cloud-init (Ubuntu Xenial): status |
New |
Fix Released |
|
| 2016-07-11 15:57:25 |
Scott Moser |
cloud-init (Ubuntu Xenial): assignee |
|
Scott Moser (smoser) |
|
| 2016-08-17 14:25:19 |
Chris J Arges |
cloud-init (Ubuntu Trusty): status |
In Progress |
Fix Committed |
|
| 2016-08-17 14:25:22 |
Chris J Arges |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2016-08-17 14:25:24 |
Chris J Arges |
bug |
|
|
added subscriber SRU Verification |
| 2016-08-17 14:25:27 |
Chris J Arges |
tags |
|
verification-needed |
|
| 2016-08-17 14:25:44 |
Chris J Arges |
removed subscriber Ubuntu Sponsors Team |
|
|
|
| 2016-09-07 11:11:23 |
Philip Roche |
tags |
verification-needed |
verification-done |
|
| 2016-09-07 13:01:08 |
Launchpad Janitor |
cloud-init (Ubuntu Trusty): status |
Fix Committed |
Fix Released |
|
| 2016-09-07 13:01:15 |
Chris J Arges |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
