EC2 IPv4 and IPv6 Dual Stack Does Not work when instance is not assigned public IPv4 address

Bug #1728152 reported by Sargun on 2017-10-27
14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cloud-init
High
Chad Smith
cloud-init (Ubuntu)
High
Chad Smith
Xenial
High
Chad Smith
Zesty
High
Chad Smith
Artful
High
Chad Smith
Bionic
High
Chad Smith

Bug Description

=== Begin SRU Template ===
[Impact]
Support for configuration of IPV6 addresses on the primary network
interface in EC2 changed behavior of the automatic network configuration.
This changed behavior in 2 ways:
a.) Instances with only a private ipv4 address would not get *any* ipv4
address.

b.) Instances with multiple NICs attached at boot would get all NICs
configured. Previously only the primary network interface would be
configured by cloud-init.

'b' is not necessarily a bug for Artful. A new release can bring new
behavior. However, the change of behavior was not intended and not desired
for an SRU. In an effort to keep this behavior consistent across 16.04+
we will be changing the behavior of Artful to only configure the primary
network interface.

[Test Case]
To verify this code is fixed for all cases involved:

1. Verify that instances without public ipv4 get an ipv4 address.
 * Launch an instance on EC2 without a public IPV4 address.
 * Verify the instance has its Ipv4 address configured via ssh and
   checking 'ip' output.

2. Verify no regression is done to public systems.
 * Launch an instance on EC2 with a public IPV4 address.
 * Verify the instance has its ipv4 address configured.

3. Verify only the primary NIC is configured (17.10 only)
 * Launch an instance on EC2 with multiple nics configured.
 * Verify that only the primary nic has configuration by default.

For each of the above, verification entails inspection of
network config (/etc/network/interfaces.d/* or /etc/netplan/)
and also network state ('ip a' output).

[Regression Potential]
Regression in this area of code is certainly limited to EC2,
and most likely limited to network configuration.

Complete failure would show itself as no networking at all and
a WARNING or stack trace on the console logs.

[Other Info]
Upstream commit at
  https://git.launchpad.net/cloud-init/commit/?id=XXXXXXXXXX

=== End SRU Template ===

With the following cloud-init configuration:
system_info:
  network:
    renderers: ['netplan', 'eni', 'sysconfig']

network:
  version: 2
  ethernets:
    id0:
        match:
            name: e*
        dhcp4: true
        dhcp6: true

with version 17.1-18-gd4f70470-0ubuntu1 on ami-36a8754c, it writes out the following network configuration:
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    version: 2
    ethernets:
        ens3:
            dhcp6: true
            match:
                macaddress: 02:14:13:66:8a:66
            set-name: ens3

----

This instance is in a (default) VPC with a private IPv4 address and no public IPv4 addresses.

Related branches

Chad Smith (chad.smith) on 2017-10-27
Changed in cloud-init:
importance: Undecided → High
assignee: nobody → Chad Smith (chad.smith)
Joshua Powers (powersj) on 2017-10-27
Changed in cloud-init:
status: New → Confirmed
Chad Smith (chad.smith) on 2017-10-27
Changed in cloud-init:
status: Confirmed → In Progress
Scott Moser (smoser) on 2017-10-30
summary: - IPv4 and IPv6 Dual Stack Does Not work when instance is not assigned
+ EC2 IPv4 and IPv6 Dual Stack Does Not work when instance is not assigned
public IPv4 address
Changed in cloud-init (Ubuntu Xenial):
status: New → Confirmed
Changed in cloud-init (Ubuntu Zesty):
status: New → Confirmed
Changed in cloud-init (Ubuntu Artful):
status: New → Confirmed
Changed in cloud-init (Ubuntu Bionic):
status: New → Confirmed
Changed in cloud-init (Ubuntu Xenial):
importance: Undecided → High
Changed in cloud-init (Ubuntu Zesty):
importance: Undecided → High
Changed in cloud-init (Ubuntu Artful):
importance: Undecided → High
Changed in cloud-init (Ubuntu Bionic):
importance: Undecided → High
Scott Moser (smoser) on 2017-10-30
description: updated
Chad Smith (chad.smith) on 2017-10-31
Changed in cloud-init:
status: In Progress → Fix Committed
Changed in cloud-init (Ubuntu Xenial):
assignee: nobody → Chad Smith (chad.smith)
Changed in cloud-init (Ubuntu Zesty):
assignee: nobody → Chad Smith (chad.smith)
Changed in cloud-init (Ubuntu Artful):
assignee: nobody → Chad Smith (chad.smith)
Changed in cloud-init (Ubuntu Bionic):
assignee: nobody → Chad Smith (chad.smith)
Changed in cloud-init (Ubuntu Xenial):
status: Confirmed → In Progress
Changed in cloud-init (Ubuntu Zesty):
status: Confirmed → In Progress
Changed in cloud-init (Ubuntu Artful):
status: Confirmed → In Progress
Changed in cloud-init (Ubuntu Bionic):
status: Confirmed → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 17.1-27-geb292c18-0ubuntu1

---------------
cloud-init (17.1-27-geb292c18-0ubuntu1) bionic; urgency=medium

  * New upstream snapshot.
    - EC2: Limit network config to fallback nic, fix local-ipv4 only
      instances. (LP: #1728152)
    - Gentoo: Use "rc-service" rather than "service".
      [ckonstanski] (LP: #1727121)

 -- Chad Smith <email address hidden> Tue, 31 Oct 2017 12:51:10 -0600

Changed in cloud-init (Ubuntu Bionic):
status: In Progress → Fix Released
Łukasz Zemczak (sil2100) wrote :

Accepted the artful version - please test.

Changed in cloud-init (Ubuntu Artful):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-artful
Changed in cloud-init (Ubuntu Zesty):
status: In Progress → Fix Committed
tags: added: verification-needed-zesty

Hello Sargun, or anyone else affected,

Accepted cloud-init into zesty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/17.1-27-geb292c18-0ubuntu1~17.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-zesty to verification-done-zesty. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-zesty. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Łukasz Zemczak (sil2100) wrote :

Hello Sargun, or anyone else affected,

Accepted cloud-init into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/17.1-27-geb292c18-0ubuntu1~16.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in cloud-init (Ubuntu Xenial):
status: In Progress → Fix Committed
tags: added: verification-needed-xenial
Chad Smith (chad.smith) wrote :
Download full text (15.1 KiB)

Manual Verification performed on Xenial Zesty and artful in the following 3 scenarios:
 1. ipv4 public only
 2. public ipv4 & ipv6 addresses configured
 3. private ipv4 only addresses
All results passed and properly configured interfaces

=== SRU verification output ===

---- xenial

---- xenial public-ipv4-only
# Get launch-ec2 script
# Setup ec2 credentials obtained from aws ui
cat ~/.aws/credentials
[default]
aws_access_key_id = <REDACTED>
aws_secret_access_key = <REDACTED>

$ git clone <email address hidden>:cloud-init/qa-scripts.git
$ git clone https://github.com/smoser/talk-simplestreams.git
$ export PATH=$PATH:./qa-scripts/scripts:./talk-simplestreams/bin
$ launch-ec2 --pubkey-file ~/.ssh/id_rsa.pub --series xenial --proposed --keep-alive --clean

# default xenial instance with public ipv4 configuration

$ ssh -i ~/.ssh/id_rsa.pub <email address hidden> -- dpkg-query --show cloud-init
cloud-init 17.1-27-geb292c18-0ubuntu1~16.04.1

$ ssh -i ~/.ssh/id_rsa.pub <email address hidden> -- cat /etc/network/interfaces.d/50-cloud-init.cfg
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

---- xenial public-ipv4-and-ipv6 instance manually created through ec2 UI
# Test before cloud-init upgrade to 17.1.27
$ cat /etc/network/interfaces.d/50-cloud-init.cfg
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

$ sudo sed -i 's/ xenial / xenial-proposed /' /etc/apt/sources.list;
$ sudo apt-get update;
$ sudo apt-get install cloud-init;
$ sudo rm -rf /var/lib/cloud /var/log/cloud-init*; sudo reboot;

# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

# control-alias eth0
iface eth0 inet6 dhcp

$ dpkg-query --show cloud-init
cloud-init 17.1-27-geb292c18-0ubuntu1~16.04.1
$ grep Trace /var/log/cloud-init.log
$

$ ip address

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 06:e5:24:b6:f6:0...

tags: added: verification-done verification-done-artful verification-done-xenial verification-done-zesty
removed: verification-needed verification-needed-artful verification-needed-xenial verification-needed-zesty
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 17.1-27-geb292c18-0ubuntu1~17.10.1

---------------
cloud-init (17.1-27-geb292c18-0ubuntu1~17.10.1) artful-proposed; urgency=medium

  * New upstream snapshot.
    - EC2: Limit network config to fallback nic, fix local-ipv4 only
      instances. (LP: #1728152)
    - Gentoo: Use "rc-service" rather than "service". [Carlos Konstanski]

cloud-init (17.1-25-g17a15f9e-0ubuntu1~17.10.1) artful-proposed; urgency=medium

  * New upstream snapshot.
    - resizefs: Fix regression when system booted with root=PARTUUID=
      (LP: #1725067)
    - tools: make yum package installation more reliable
    - citest: fix remaining warnings raised by integration tests.
    - citest: show the class actual class name in results.
    - ntp: fix config module schema to allow empty ntp config
      (LP: #1724951)
    - tools: disable fastestmirror if using proxy [Joshua Powers]
    - schema: Log debug instead of warning when jsonschema is not available.
      (LP: #1724354)

 -- Chad Smith <email address hidden> Tue, 31 Oct 2017 12:56:34 -0600

Changed in cloud-init (Ubuntu Artful):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for cloud-init has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :
Download full text (7.3 KiB)

This bug was fixed in the package cloud-init - 17.1-27-geb292c18-0ubuntu1~17.04.1

---------------
cloud-init (17.1-27-geb292c18-0ubuntu1~17.04.1) zesty-proposed; urgency=medium

  * New upstream snapshot.
    - EC2: Limit network config to fallback nic, fix local-ipv4 only
      instances. (LP: #1728152)
    - Gentoo: Use "rc-service" rather than "service". [Carlos Konstanski]

cloud-init (17.1-25-g17a15f9e-0ubuntu1~17.04.1) zesty-proposed; urgency=medium

  * New upstream snapshot.
    - resizefs: Fix regression when system booted with root=PARTUUID=
      (LP: #1725067)
    - tools: make yum package installation more reliable
    - citest: fix remaining warnings raised by integration tests.
    - citest: show the class actual class name in results.
    - ntp: fix config module schema to allow empty ntp config
      (LP: #1724951)
    - tools: disable fastestmirror if using proxy [Joshua Powers]

cloud-init (17.1-18-gd4f70470-0ubuntu1~17.04.2) zesty-proposed; urgency=medium

  * cherry-pick 41152f1: schema: Log debug instead of warning when
    jsonschema is absent (LP: #1724354)

cloud-init (17.1-18-gd4f70470-0ubuntu1~17.04.1) zesty-proposed; urgency=medium

  * drop the following cherry picks, now incorporated in snapshot.
    + debian/patches/cpick-a2f8ce9c-Do-not-provide-systemd-fsck-drop...
  * debian/copyright: dep5 updates, reorganize, add Apache 2.0 license.
    (LP: #1718681)
  * debian/control: drop dependency on python3-prettytable
  * debian/rules: install rsyslog file with 0644 mode instead of 0755.
  * debian/rules, debian/apport-launcher.py: add an apport hook. (LP: #1607345)
  * New upstream snapshot (LP: #1721847)
    - simpletable: Fix get_string method to return table-formatted string
    - net: Handle bridge stp values of 0 and convert to boolean type
      [Chad Smith]
    - tools: Give specific --abbrev=8 to "git describe"
    - network: bridge_stp value not always correct [Ryan Harper]
    - tests: re-enable tox with nocloud-kvm support [Joshua Powers]
    - systemd: remove limit on tasks created by cloud-init-final.service.
      [Robert Schweikert]
    - suse: Support addition of zypper repos via cloud-config.
      [Robert Schweikert]
    - tests: Combine integration configs and testcases [Joshua Powers]
    - Azure, CloudStack: Support reading dhcp options from systemd-networkd.
      [Dimitri John Ledkov]
    - packages/debian/copyright: remove mention of boto and MIT license
    - systemd: only mention Before=apt-daily.service on debian based distros.
      [Robert Schweikert]
    - Add missing simpletable and simpletable tests for failed merge
      [Chad Smith]
    - Remove prettytable dependency, introduce simpletable [Andrew Jorgensen]
    - debian/copyright: dep5 updates, reorganize, add Apache 2.0 license.
      [Joshua Powers]
    - tests: remove dependency on shlex [Joshua Powers]
    - AltCloud: Trust PATH for udevadm and modprobe.
    - DataSourceOVF: use util.find_devs_with(TYPE=iso9660)
      [Ryan Harper]
    - tests: remove a temp file used in bootcmd tests.
    - release 17.1
    - doc: document GCE datasource. [Arnd Hannemann]
    - suse: updates to templates to support openSUSE and SLES.
      [...

Read more...

Changed in cloud-init (Ubuntu Zesty):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (7.3 KiB)

This bug was fixed in the package cloud-init - 17.1-27-geb292c18-0ubuntu1~16.04.1

---------------
cloud-init (17.1-27-geb292c18-0ubuntu1~16.04.1) xenial-proposed; urgency=medium

  * New upstream snapshot.
    - EC2: Limit network config to fallback nic, fix local-ipv4 only
      instances. (LP: #1728152)
    - Gentoo: Use "rc-service" rather than "service". [Carlos Konstanski]

cloud-init (17.1-25-g17a15f9e-0ubuntu1~16.04.1) xenial-proposed; urgency=medium

  * New upstream snapshot.
    - resizefs: Fix regression when system booted with root=PARTUUID=
      (LP: #1725067)
    - tools: make yum package installation more reliable
    - citest: fix remaining warnings raised by integration tests.
    - citest: show the class actual class name in results.
    - ntp: fix config module schema to allow empty ntp config
      (LP: #1724951)
    - tools: disable fastestmirror if using proxy [Joshua Powers]

cloud-init (17.1-18-gd4f70470-0ubuntu1~16.04.2) xenial-proposed; urgency=medium

  * cherry-pick 41152f1: schema: Log debug instead of warning when
    jsonschema is absent (LP: #1724354)

cloud-init (17.1-18-gd4f70470-0ubuntu1~16.04.1) xenial-proposed; urgency=medium

  * drop the following cherry picks, now incorporated in snapshot.
    + debian/patches/cpick-a2f8ce9c-Do-not-provide-systemd-fsck-drop...
  * debian/copyright: dep5 updates, reorganize, add Apache 2.0 license.
    (LP: #1718681)
  * debian/control: drop dependency on python3-prettytable
  * debian/rules: install rsyslog file with 0644 mode instead of 0755.
  * debian/rules, debian/apport-launcher.py: add an apport hook. (LP: #1607345)
  * New upstream snapshot. (LP: #1721847)
    - simpletable: Fix get_string method to return table-formatted string
    - net: Handle bridge stp values of 0 and convert to boolean type
      [Chad Smith]
    - tools: Give specific --abbrev=8 to "git describe"
    - network: bridge_stp value not always correct [Ryan Harper]
    - tests: re-enable tox with nocloud-kvm support [Joshua Powers]
    - systemd: remove limit on tasks created by cloud-init-final.service.
      [Robert Schweikert]
    - suse: Support addition of zypper repos via cloud-config.
      [Robert Schweikert]
    - tests: Combine integration configs and testcases [Joshua Powers]
    - Azure, CloudStack: Support reading dhcp options from systemd-networkd.
      [Dimitri John Ledkov]
    - packages/debian/copyright: remove mention of boto and MIT license
    - systemd: only mention Before=apt-daily.service on debian based distros.
      [Robert Schweikert]
    - Add missing simpletable and simpletable tests for failed merge
      [Chad Smith]
    - Remove prettytable dependency, introduce simpletable [Andrew Jorgensen]
    - debian/copyright: dep5 updates, reorganize, add Apache 2.0 license.
      [Joshua Powers]
    - tests: remove dependency on shlex [Joshua Powers]
    - AltCloud: Trust PATH for udevadm and modprobe.
    - DataSourceOVF: use util.find_devs_with(TYPE=iso9660)
      [Ryan Harper]
    - tests: remove a temp file used in bootcmd tests.
    - release 17.1
    - doc: document GCE datasource. [Arnd Hannemann]
    - suse: updates to templates to support openSUSE and SLES.
  ...

Read more...

Changed in cloud-init (Ubuntu Xenial):
status: Fix Committed → Fix Released

This bug is believed to be fixed in cloud-init in 1705804. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Changed in cloud-init:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers