EC2 IPv4 and IPv6 Dual Stack Does Not work when instance is not assigned public IPv4 address

Bug #1728152 reported by Sargun
14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cloud-init
Fix Released
High
Chad Smith
cloud-init (Ubuntu)
Fix Released
High
Chad Smith
Xenial
Fix Released
High
Chad Smith
Zesty
Fix Released
High
Chad Smith
Artful
Fix Released
High
Chad Smith
Bionic
Fix Released
High
Chad Smith

Bug Description

=== Begin SRU Template ===
[Impact]
Support for configuration of IPV6 addresses on the primary network
interface in EC2 changed behavior of the automatic network configuration.
This changed behavior in 2 ways:
a.) Instances with only a private ipv4 address would not get *any* ipv4
address.

b.) Instances with multiple NICs attached at boot would get all NICs
configured. Previously only the primary network interface would be
configured by cloud-init.

'b' is not necessarily a bug for Artful. A new release can bring new
behavior. However, the change of behavior was not intended and not desired
for an SRU. In an effort to keep this behavior consistent across 16.04+
we will be changing the behavior of Artful to only configure the primary
network interface.

[Test Case]
To verify this code is fixed for all cases involved:

1. Verify that instances without public ipv4 get an ipv4 address.
 * Launch an instance on EC2 without a public IPV4 address.
 * Verify the instance has its Ipv4 address configured via ssh and
   checking 'ip' output.

2. Verify no regression is done to public systems.
 * Launch an instance on EC2 with a public IPV4 address.
 * Verify the instance has its ipv4 address configured.

3. Verify only the primary NIC is configured (17.10 only)
 * Launch an instance on EC2 with multiple nics configured.
 * Verify that only the primary nic has configuration by default.

For each of the above, verification entails inspection of
network config (/etc/network/interfaces.d/* or /etc/netplan/)
and also network state ('ip a' output).

[Regression Potential]
Regression in this area of code is certainly limited to EC2,
and most likely limited to network configuration.

Complete failure would show itself as no networking at all and
a WARNING or stack trace on the console logs.

[Other Info]
Upstream commit at
  https://git.launchpad.net/cloud-init/commit/?id=XXXXXXXXXX

=== End SRU Template ===

With the following cloud-init configuration:
system_info:
  network:
    renderers: ['netplan', 'eni', 'sysconfig']

network:
  version: 2
  ethernets:
    id0:
        match:
            name: e*
        dhcp4: true
        dhcp6: true

with version 17.1-18-gd4f70470-0ubuntu1 on ami-36a8754c, it writes out the following network configuration:
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    version: 2
    ethernets:
        ens3:
            dhcp6: true
            match:
                macaddress: 02:14:13:66:8a:66
            set-name: ens3

----

This instance is in a (default) VPC with a private IPv4 address and no public IPv4 addresses.

Related branches

Chad Smith (chad.smith)
Changed in cloud-init:
importance: Undecided → High
assignee: nobody → Chad Smith (chad.smith)
Joshua Powers (powersj)
Changed in cloud-init:
status: New → Confirmed
Chad Smith (chad.smith)
Changed in cloud-init:
status: Confirmed → In Progress
Scott Moser (smoser)
summary: - IPv4 and IPv6 Dual Stack Does Not work when instance is not assigned
+ EC2 IPv4 and IPv6 Dual Stack Does Not work when instance is not assigned
public IPv4 address
Changed in cloud-init (Ubuntu Xenial):
status: New → Confirmed
Changed in cloud-init (Ubuntu Zesty):
status: New → Confirmed
Changed in cloud-init (Ubuntu Artful):
status: New → Confirmed
Changed in cloud-init (Ubuntu Bionic):
status: New → Confirmed
Changed in cloud-init (Ubuntu Xenial):
importance: Undecided → High
Changed in cloud-init (Ubuntu Zesty):
importance: Undecided → High
Changed in cloud-init (Ubuntu Artful):
importance: Undecided → High
Changed in cloud-init (Ubuntu Bionic):
importance: Undecided → High
Scott Moser (smoser)
description: updated
Chad Smith (chad.smith)
Changed in cloud-init:
status: In Progress → Fix Committed
Changed in cloud-init (Ubuntu Xenial):
assignee: nobody → Chad Smith (chad.smith)
Changed in cloud-init (Ubuntu Zesty):
assignee: nobody → Chad Smith (chad.smith)
Changed in cloud-init (Ubuntu Artful):
assignee: nobody → Chad Smith (chad.smith)
Changed in cloud-init (Ubuntu Bionic):
assignee: nobody → Chad Smith (chad.smith)
Changed in cloud-init (Ubuntu Xenial):
status: Confirmed → In Progress
Changed in cloud-init (Ubuntu Zesty):
status: Confirmed → In Progress
Changed in cloud-init (Ubuntu Artful):
status: Confirmed → In Progress
Changed in cloud-init (Ubuntu Bionic):
status: Confirmed → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 17.1-27-geb292c18-0ubuntu1

---------------
cloud-init (17.1-27-geb292c18-0ubuntu1) bionic; urgency=medium

  * New upstream snapshot.
    - EC2: Limit network config to fallback nic, fix local-ipv4 only
      instances. (LP: #1728152)
    - Gentoo: Use "rc-service" rather than "service".
      [ckonstanski] (LP: #1727121)

 -- Chad Smith <email address hidden> Tue, 31 Oct 2017 12:51:10 -0600

Changed in cloud-init (Ubuntu Bionic):
status: In Progress → Fix Released
Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Accepted the artful version - please test.

Changed in cloud-init (Ubuntu Artful):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-artful
Changed in cloud-init (Ubuntu Zesty):
status: In Progress → Fix Committed
tags: added: verification-needed-zesty
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Please test proposed package

Hello Sargun, or anyone else affected,

Accepted cloud-init into zesty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/17.1-27-geb292c18-0ubuntu1~17.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-zesty to verification-done-zesty. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-zesty. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Hello Sargun, or anyone else affected,

Accepted cloud-init into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/17.1-27-geb292c18-0ubuntu1~16.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in cloud-init (Ubuntu Xenial):
status: In Progress → Fix Committed
tags: added: verification-needed-xenial
Revision history for this message
Chad Smith (chad.smith) wrote :
Download full text (15.1 KiB)

Manual Verification performed on Xenial Zesty and artful in the following 3 scenarios:
 1. ipv4 public only
 2. public ipv4 & ipv6 addresses configured
 3. private ipv4 only addresses
All results passed and properly configured interfaces

=== SRU verification output ===

---- xenial

---- xenial public-ipv4-only
# Get launch-ec2 script
# Setup ec2 credentials obtained from aws ui
cat ~/.aws/credentials
[default]
aws_access_key_id = <REDACTED>
aws_secret_access_key = <REDACTED>

$ git clone <email address hidden>:cloud-init/qa-scripts.git
$ git clone https://github.com/smoser/talk-simplestreams.git
$ export PATH=$PATH:./qa-scripts/scripts:./talk-simplestreams/bin
$ launch-ec2 --pubkey-file ~/.ssh/id_rsa.pub --series xenial --proposed --keep-alive --clean

# default xenial instance with public ipv4 configuration

$ ssh -i ~/.ssh/id_rsa.pub <email address hidden> -- dpkg-query --show cloud-init
cloud-init 17.1-27-geb292c18-0ubuntu1~16.04.1

$ ssh -i ~/.ssh/id_rsa.pub <email address hidden> -- cat /etc/network/interfaces.d/50-cloud-init.cfg
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

---- xenial public-ipv4-and-ipv6 instance manually created through ec2 UI
# Test before cloud-init upgrade to 17.1.27
$ cat /etc/network/interfaces.d/50-cloud-init.cfg
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

$ sudo sed -i 's/ xenial / xenial-proposed /' /etc/apt/sources.list;
$ sudo apt-get update;
$ sudo apt-get install cloud-init;
$ sudo rm -rf /var/lib/cloud /var/log/cloud-init*; sudo reboot;

# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

# control-alias eth0
iface eth0 inet6 dhcp

$ dpkg-query --show cloud-init
cloud-init 17.1-27-geb292c18-0ubuntu1~16.04.1
$ grep Trace /var/log/cloud-init.log
$

$ ip address

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 06:e5:24:b6:f6:0...

tags: added: verification-done verification-done-artful verification-done-xenial verification-done-zesty
removed: verification-needed verification-needed-artful verification-needed-xenial verification-needed-zesty
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 17.1-27-geb292c18-0ubuntu1~17.10.1

---------------
cloud-init (17.1-27-geb292c18-0ubuntu1~17.10.1) artful-proposed; urgency=medium

  * New upstream snapshot.
    - EC2: Limit network config to fallback nic, fix local-ipv4 only
      instances. (LP: #1728152)
    - Gentoo: Use "rc-service" rather than "service". [Carlos Konstanski]

cloud-init (17.1-25-g17a15f9e-0ubuntu1~17.10.1) artful-proposed; urgency=medium

  * New upstream snapshot.
    - resizefs: Fix regression when system booted with root=PARTUUID=
      (LP: #1725067)
    - tools: make yum package installation more reliable
    - citest: fix remaining warnings raised by integration tests.
    - citest: show the class actual class name in results.
    - ntp: fix config module schema to allow empty ntp config
      (LP: #1724951)
    - tools: disable fastestmirror if using proxy [Joshua Powers]
    - schema: Log debug instead of warning when jsonschema is not available.
      (LP: #1724354)

 -- Chad Smith <email address hidden> Tue, 31 Oct 2017 12:56:34 -0600

Changed in cloud-init (Ubuntu Artful):
status: Fix Committed → Fix Released
Revision history for this message
Brian Murray (brian-murray) wrote : Update Released

The verification of the Stable Release Update for cloud-init has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (7.3 KiB)

This bug was fixed in the package cloud-init - 17.1-27-geb292c18-0ubuntu1~17.04.1

---------------
cloud-init (17.1-27-geb292c18-0ubuntu1~17.04.1) zesty-proposed; urgency=medium

  * New upstream snapshot.
    - EC2: Limit network config to fallback nic, fix local-ipv4 only
      instances. (LP: #1728152)
    - Gentoo: Use "rc-service" rather than "service". [Carlos Konstanski]

cloud-init (17.1-25-g17a15f9e-0ubuntu1~17.04.1) zesty-proposed; urgency=medium

  * New upstream snapshot.
    - resizefs: Fix regression when system booted with root=PARTUUID=
      (LP: #1725067)
    - tools: make yum package installation more reliable
    - citest: fix remaining warnings raised by integration tests.
    - citest: show the class actual class name in results.
    - ntp: fix config module schema to allow empty ntp config
      (LP: #1724951)
    - tools: disable fastestmirror if using proxy [Joshua Powers]

cloud-init (17.1-18-gd4f70470-0ubuntu1~17.04.2) zesty-proposed; urgency=medium

  * cherry-pick 41152f1: schema: Log debug instead of warning when
    jsonschema is absent (LP: #1724354)

cloud-init (17.1-18-gd4f70470-0ubuntu1~17.04.1) zesty-proposed; urgency=medium

  * drop the following cherry picks, now incorporated in snapshot.
    + debian/patches/cpick-a2f8ce9c-Do-not-provide-systemd-fsck-drop...
  * debian/copyright: dep5 updates, reorganize, add Apache 2.0 license.
    (LP: #1718681)
  * debian/control: drop dependency on python3-prettytable
  * debian/rules: install rsyslog file with 0644 mode instead of 0755.
  * debian/rules, debian/apport-launcher.py: add an apport hook. (LP: #1607345)
  * New upstream snapshot (LP: #1721847)
    - simpletable: Fix get_string method to return table-formatted string
    - net: Handle bridge stp values of 0 and convert to boolean type
      [Chad Smith]
    - tools: Give specific --abbrev=8 to "git describe"
    - network: bridge_stp value not always correct [Ryan Harper]
    - tests: re-enable tox with nocloud-kvm support [Joshua Powers]
    - systemd: remove limit on tasks created by cloud-init-final.service.
      [Robert Schweikert]
    - suse: Support addition of zypper repos via cloud-config.
      [Robert Schweikert]
    - tests: Combine integration configs and testcases [Joshua Powers]
    - Azure, CloudStack: Support reading dhcp options from systemd-networkd.
      [Dimitri John Ledkov]
    - packages/debian/copyright: remove mention of boto and MIT license
    - systemd: only mention Before=apt-daily.service on debian based distros.
      [Robert Schweikert]
    - Add missing simpletable and simpletable tests for failed merge
      [Chad Smith]
    - Remove prettytable dependency, introduce simpletable [Andrew Jorgensen]
    - debian/copyright: dep5 updates, reorganize, add Apache 2.0 license.
      [Joshua Powers]
    - tests: remove dependency on shlex [Joshua Powers]
    - AltCloud: Trust PATH for udevadm and modprobe.
    - DataSourceOVF: use util.find_devs_with(TYPE=iso9660)
      [Ryan Harper]
    - tests: remove a temp file used in bootcmd tests.
    - release 17.1
    - doc: document GCE datasource. [Arnd Hannemann]
    - suse: updates to templates to support openSUSE and SLES.
      [...

Read more...

Changed in cloud-init (Ubuntu Zesty):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (7.3 KiB)

This bug was fixed in the package cloud-init - 17.1-27-geb292c18-0ubuntu1~16.04.1

---------------
cloud-init (17.1-27-geb292c18-0ubuntu1~16.04.1) xenial-proposed; urgency=medium

  * New upstream snapshot.
    - EC2: Limit network config to fallback nic, fix local-ipv4 only
      instances. (LP: #1728152)
    - Gentoo: Use "rc-service" rather than "service". [Carlos Konstanski]

cloud-init (17.1-25-g17a15f9e-0ubuntu1~16.04.1) xenial-proposed; urgency=medium

  * New upstream snapshot.
    - resizefs: Fix regression when system booted with root=PARTUUID=
      (LP: #1725067)
    - tools: make yum package installation more reliable
    - citest: fix remaining warnings raised by integration tests.
    - citest: show the class actual class name in results.
    - ntp: fix config module schema to allow empty ntp config
      (LP: #1724951)
    - tools: disable fastestmirror if using proxy [Joshua Powers]

cloud-init (17.1-18-gd4f70470-0ubuntu1~16.04.2) xenial-proposed; urgency=medium

  * cherry-pick 41152f1: schema: Log debug instead of warning when
    jsonschema is absent (LP: #1724354)

cloud-init (17.1-18-gd4f70470-0ubuntu1~16.04.1) xenial-proposed; urgency=medium

  * drop the following cherry picks, now incorporated in snapshot.
    + debian/patches/cpick-a2f8ce9c-Do-not-provide-systemd-fsck-drop...
  * debian/copyright: dep5 updates, reorganize, add Apache 2.0 license.
    (LP: #1718681)
  * debian/control: drop dependency on python3-prettytable
  * debian/rules: install rsyslog file with 0644 mode instead of 0755.
  * debian/rules, debian/apport-launcher.py: add an apport hook. (LP: #1607345)
  * New upstream snapshot. (LP: #1721847)
    - simpletable: Fix get_string method to return table-formatted string
    - net: Handle bridge stp values of 0 and convert to boolean type
      [Chad Smith]
    - tools: Give specific --abbrev=8 to "git describe"
    - network: bridge_stp value not always correct [Ryan Harper]
    - tests: re-enable tox with nocloud-kvm support [Joshua Powers]
    - systemd: remove limit on tasks created by cloud-init-final.service.
      [Robert Schweikert]
    - suse: Support addition of zypper repos via cloud-config.
      [Robert Schweikert]
    - tests: Combine integration configs and testcases [Joshua Powers]
    - Azure, CloudStack: Support reading dhcp options from systemd-networkd.
      [Dimitri John Ledkov]
    - packages/debian/copyright: remove mention of boto and MIT license
    - systemd: only mention Before=apt-daily.service on debian based distros.
      [Robert Schweikert]
    - Add missing simpletable and simpletable tests for failed merge
      [Chad Smith]
    - Remove prettytable dependency, introduce simpletable [Andrew Jorgensen]
    - debian/copyright: dep5 updates, reorganize, add Apache 2.0 license.
      [Joshua Powers]
    - tests: remove dependency on shlex [Joshua Powers]
    - AltCloud: Trust PATH for udevadm and modprobe.
    - DataSourceOVF: use util.find_devs_with(TYPE=iso9660)
      [Ryan Harper]
    - tests: remove a temp file used in bootcmd tests.
    - release 17.1
    - doc: document GCE datasource. [Arnd Hannemann]
    - suse: updates to templates to support openSUSE and SLES.
  ...

Read more...

Changed in cloud-init (Ubuntu Xenial):
status: Fix Committed → Fix Released
Revision history for this message
Scott Moser (smoser) wrote : Fixed in Cloud-init 1705804

This bug is believed to be fixed in cloud-init in 1705804. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Changed in cloud-init:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers