| 2019-09-11 19:04:15 |
Moustafa Moustafa |
description |
I reproduced the issue on an Azure VM with SLES12 SP4 and cloud-init 19.1.
The DNS is unreachable when cloud-init takes the responsibility of configuring the network. No nameservers or search domains are added to the /etc/resolv.conf as following:
; Created by cloud-init on instance boot automatically, do not edit.
;
### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
Here is also the contents of /etc/sysconfig/network/config for your reference:
## Type: integer
## Default: ""
#
# How log to wait for IPv6 autoconfig in ifup when requested with
# the auto6 or +auto6 tag in BOOTPROTO variable.
# When unset, a wicked built-in default defer time (10sec) is used.
#
AUTO6_WAIT_AT_BOOT=""
## Type: list(all,dns,none,"")
## Default: ""
#
# Whether to update system (DNS) settings from IPv6 RA when requested
# with the auto6 or +auto6 tag in BOOTPROTO variable.
# Defaults to update if autoconf sysctl (address autoconf) is enabled.
#
AUTO6_UPDATE=""
## Type: list(auto,yes,no)
## Default: "auto"
#
# Permits to specify/modify a global ifcfg default. Use with care!
#
# This settings breaks rules for many things, which require carrier
# before they can start, e.g. L2 link protocols, link authentication,
# ipv4 duplicate address detection, ipv6 duplicate detection will
# happen "post-mortem" and maybe even cause to disable ipv6 at all.
# See also "man ifcfg" for further informations.
#
LINK_REQUIRED="auto"
## Type: string
## Default: ""
#
# Allows to specify a comma separated list of debug facilities used
# by wicked. Negated facility names can be prepended by a "-", e.g.:
# "all,-events,-socket,-objectmodel,xpath,xml,dbus"
#
# When set, wicked debug level is automatically enabled.
# For a complete list of facility names, see: "wicked --debug help".
#
WICKED_DEBUG=""
## Type: list("",error,warning,notice,info,debug,debug1,debug2,debug3)
## Default: ""
#
# Allows to specify wicked debug level. Default level is "notice".
#
WICKED_LOG_LEVEL=""
## Path: Network/General
## Description: Global network configuration
#
# Note:
# Most of the options can and should be overridden by per-interface
# settings in the ifcfg-* files.
#
# Note: The ISC dhclient started by the NetworkManager is not using any
# of these options -- NetworkManager is not using any sysconfig settings.
#
## Type: yesno
## Default: yes
# If ifup should check if an IPv4 address is already in use, set this to yes.
#
# Make sure that packet sockets (CONFIG_PACKET) are supported in the kernel,
# since this feature uses arp, which depends on that.
# Also be aware that this takes one second per interface; consider that when
# setting up a lot of interfaces.
CHECK_DUPLICATE_IP="yes"
## Type: list(auto,yes,no)
## Default: auto
# If ifup should send a gratuitous ARP to inform the receivers about its
# IPv4 addresses. Default is to send gratuitous ARP, when duplicate IPv4
# address check is enabled and the check were sucessful.
#
# Make sure that packet sockets (CONFIG_PACKET) are supported in the kernel,
# since this feature uses arp, which depends on that.
SEND_GRATUITOUS_ARP="auto"
## Type: yesno
## Default: no
# Switch on/off debug messages for all network configuration stuff. If set to no
# most scripts can enable it locally with "-o debug".
DEBUG="no"
## Type: integer
## Default: 30
#
# Some interfaces need some time to come up or come asynchronously via hotplug.
# WAIT_FOR_INTERFACES is a global wait for all mandatory interfaces in
# seconds. If empty no wait occurs.
#
WAIT_FOR_INTERFACES="30"
## Type: yesno
## Default: yes
#
# With this variable you can determine if the SuSEfirewall when enabled
# should get started when network interfaces are started.
FIREWALL="yes"
## Type: int
## Default: 30
#
# When using NetworkManager you may define a timeout to wait for NetworkManager
# to connect in NetworkManager-wait-online.service. Other network services
# may require the system to have a valid network setup in order to succeed.
#
# This variable has no effect if NetworkManager is disabled.
#
NM_ONLINE_TIMEOUT="30"
## Type: string
## Default: "dns-resolver dns-bind ntp-runtime nis"
#
# This variable defines the start order of netconfig modules installed
# in the /etc/netconfig.d/ directory.
#
# To disable the execution of a module, don't remove it from the list
# but prepend it with a minus sign, "-ntp-runtime".
#
NETCONFIG_MODULES_ORDER="cloud-netconfig dns-resolver dns-bind dns-dnsmasq nis ntp-runtime"
## Type: yesno
## Default: no
#
# Enable netconfig verbose reporting.
#
NETCONFIG_VERBOSE="no"
## Type: yesno
## Default: no
#
# This variable enables netconfig to always force a replace of modified
# files and automatically enables the -f | --force-replace parameter.
#
# The purpose is to use it as workaround, when some other tool trashes
# the files, e.g. /etc/resolv.conf and you observe messages like this
# in your logs on in "netconfig update" output:
# ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched.
#
# Please do not forget to also report a bug as we have a system policy
# to use netconfig.
#
NETCONFIG_FORCE_REPLACE="no"
## Type: string
## Default: "auto"
#
# Defines the DNS merge policy as documented in netconfig(8) manual page.
# Set to "" to disable DNS configuration.
#
NETCONFIG_DNS_POLICY="auto"
## Type: string(resolver,bind,dnsmasq,)
## Default: "resolver"
#
# Defines the name of the DNS forwarder that has to be configured.
# Currently implemented are "bind", "dnsmasq" and "resolver", that
# causes to write the name server IP addresses to /etc/resolv.conf
# only (no forwarder). Empty string defaults to "resolver".
#
NETCONFIG_DNS_FORWARDER="resolver"
## Type: yesno
## Default: yes
#
# When enabled (default) in forwarder mode ("bind", "dnsmasq"),
# netconfig writes an explicit localhost nameserver address to the
# /etc/resolv.conf, followed by the policy resolved name server list
# as fallback for the moments, when the local forwarder is stopped.
#
NETCONFIG_DNS_FORWARDER_FALLBACK="yes"
## Type: string
## Default: ""
#
# List of DNS domain names used for host-name lookup.
# It is written as search list into the /etc/resolv.conf file.
#
NETCONFIG_DNS_STATIC_SEARCHLIST=""
## Type: string
## Default: ""
#
# List of DNS nameserver IP addresses to use for host-name lookup.
# When the NETCONFIG_DNS_FORWARDER variable is set to "resolver",
# the name servers are written directly to /etc/resolv.conf.
# Otherwise, the nameserver are written into a forwarder specific
# configuration file and the /etc/resolv.conf does not contain any
# nameservers causing the glibc to use the name server on the local
# machine (the forwarder). See also netconfig(8) manual page.
#
NETCONFIG_DNS_STATIC_SERVERS=""
## Type: string
## Default: "auto"
#
# Allows to specify a custom DNS service ranking list, that is which
# services provide preferred (e.g. vpn services), and which services
# fallback settings (e.g. avahi).
# Preferred service names have to be prepended with a "+", fallback
# service names with a "-" character. The special default value
# "auto" enables the current build-in service ranking list -- see the
# netconfig(8) manual page -- "none" or "" disables the ranking.
#
NETCONFIG_DNS_RANKING="auto"
## Type: string
## Default: ""
#
# Allows to specify options to use when writting the /etc/resolv.conf,
# for example:
# "debug attempts:1 timeout:10"
# See resolv.conf(5) manual page for details.
#
NETCONFIG_DNS_RESOLVER_OPTIONS=""
## Type: string
## Default: ""
#
# Allows to specify a sortlist to use when writting the /etc/resolv.conf,
# for example:
# 130.155.160.0/255.255.240.0 130.155.0.0"
# See resolv.conf(5) manual page for details.
#
NETCONFIG_DNS_RESOLVER_SORTLIST=""
## Type: string
## Default: "auto"
#
# Defines the NTP merge policy as documented in netconfig(8) manual page.
# Set to "" to disable NTP configuration.
#
NETCONFIG_NTP_POLICY="auto"
## Type: string
## Default: ""
#
# List of NTP servers.
#
NETCONFIG_NTP_STATIC_SERVERS=""
## Type: string
## Default: "auto"
#
# Defines the NIS merge policy as documented in netconfig(8) manual page.
# Set to "" to disable NIS configuration.
#
NETCONFIG_NIS_POLICY="auto"
## Type: string(yes,no,)
## Default: "yes"
#
# Defines whether to set the default NIS domain. When enabled and no domain
# is provided dynamically or in static settings, /etc/defaultdomain is used.
# Valid values are:
# - "no" or "" netconfig does not set the domainname
# - "yes" netconfig sets the domainname according to the
# NIS policy using settings provided by the first
# iterface and service that provided it.
# - "<interface name>" as yes, but only using settings from interface.
#
NETCONFIG_NIS_SETDOMAINNAME="yes"
## Type: string
## Default: ""
#
# Defines a default NIS domain.
#
# Further domain can be specified by adding a "_<number>" suffix to
# the NETCONFIG_NIS_STATIC_DOMAIN and NETCONFIG_NIS_STATIC_SERVERS
# variables, e.g.: NETCONFIG_NIS_STATIC_DOMAIN_1="second".
#
NETCONFIG_NIS_STATIC_DOMAIN=""
## Type: string
## Default: ""
#
# Defines a list of NIS servers for the default NIS domain or the
# domain specified with same "_<number>" suffix.
#
NETCONFIG_NIS_STATIC_SERVERS=""
## Type: string
## Default: ''
#
# Set this variable global variable to the ISO / IEC 3166 alpha2
# country code specifying the wireless regulatory domain to set.
# When not empty, ifup-wireless will be set in the wpa_supplicant
# config or via 'iw reg set' command.
#
# Note: This option requires a wpa driver supporting it, like
# the 'nl80211' driver used by default since openSUSE 11.3.
# When you notice problems with your hardware, please file a
# bug report and set e.g. WIRELESS_WPA_DRIVER='wext' (the old
# default driver) in the ifcfg file.
# See also "/usr/sbin/wpa_supplicant --help" for the list of
# available wpa drivers.
#
WIRELESS_REGULATORY_DOMAIN=''
When I disable the network configuration in cloud-init and leave it for netconfig, the /etc/resolv.conf is correctly populated with the search domain and the nameserver and the DNS is reachable. Here's the contents of the /etc/resolv.conf:
### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
search xkf00b0rtzgejkug4xc2pcinre.xx.internal.cloudapp.net
nameserver 168.63.129.16
When I tried to populate the network config dictionary that's built by DataSourceAzure with a default nameserver "168.63.129.16" and search domain "xkf00b0rtzgejkug4xc2pcinre.xx.internal.cloudapp.net", The DNS was reachable. But It's my understanding that cloud-init should be able to figure out this nameserver and the search domain the same way netconfig does.
Another issue is the eth0 interface is not brought up automatically even though the contents of the file "/etc/sysconfig/network/ifcfg-eth0" seems correct
# Created by cloud-init on instance boot automatically, do not edit.
#
BOOTPROTO=dhcp
DEVICE=eth0
HWADDR=00:0d:3a:06:1e:04
NM_CONTROLLED=no
ONBOOT=yes
STARTMODE=auto
TYPE=Ethernet
USERCTL=no
I had to bring it up by executing "ifup eth0" from DataSourceAzure code after the network config is applied. This way I was able to ssh into the VM.
Here's also the contents of "etc/udev/rules.d/85-persistent-net-cloud-init.rules":SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0d:3a:6d:e4:53", NAME="eth0" |
I reproduced the issue on an Azure VM with SLES12 SP4 and cloud-init 19.1.
The DNS is unreachable when cloud-init takes the responsibility of configuring the network. No nameservers or search domains are added to the /etc/resolv.conf as following:
; Created by cloud-init on instance boot automatically, do not edit.
;
### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
I also attached the "/etc/sysconfig/network/config" in the first comment for your reference:
When I disable the network configuration in cloud-init and leave it for netconfig, the /etc/resolv.conf is correctly populated with the search domain and the nameserver and the DNS is reachable. Here's the contents of the /etc/resolv.conf:
### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
search xkf00b0rtzgejkug4xc2pcinre.xx.internal.cloudapp.net
nameserver 168.63.129.16
When I tried to populate the network config dictionary that's built by DataSourceAzure with a default nameserver "168.63.129.16" and search domain "xkf00b0rtzgejkug4xc2pcinre.xx.internal.cloudapp.net", The DNS was reachable. But It's my understanding that cloud-init should be able to figure out this nameserver and the search domain the same way netconfig does.
Another issue is the eth0 interface is not brought up automatically even though the contents of the file "/etc/sysconfig/network/ifcfg-eth0" seems correct
# Created by cloud-init on instance boot automatically, do not edit.
#
BOOTPROTO=dhcp
DEVICE=eth0
HWADDR=00:0d:3a:06:1e:04
NM_CONTROLLED=no
ONBOOT=yes
STARTMODE=auto
TYPE=Ethernet
USERCTL=no
I had to bring it up by executing "ifup eth0" from Azure.py code after the network config is applied. This way I was able to ssh into the VM.
Here's also the contents of "etc/udev/rules.d/85-persistent-net-cloud-init.rules":SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0d:3a:6d:e4:53", NAME="eth0" |
|
| 2019-09-12 21:14:51 |
Ryan Harper |
description |
I reproduced the issue on an Azure VM with SLES12 SP4 and cloud-init 19.1.
The DNS is unreachable when cloud-init takes the responsibility of configuring the network. No nameservers or search domains are added to the /etc/resolv.conf as following:
; Created by cloud-init on instance boot automatically, do not edit.
;
### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
I also attached the "/etc/sysconfig/network/config" in the first comment for your reference:
When I disable the network configuration in cloud-init and leave it for netconfig, the /etc/resolv.conf is correctly populated with the search domain and the nameserver and the DNS is reachable. Here's the contents of the /etc/resolv.conf:
### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
search xkf00b0rtzgejkug4xc2pcinre.xx.internal.cloudapp.net
nameserver 168.63.129.16
When I tried to populate the network config dictionary that's built by DataSourceAzure with a default nameserver "168.63.129.16" and search domain "xkf00b0rtzgejkug4xc2pcinre.xx.internal.cloudapp.net", The DNS was reachable. But It's my understanding that cloud-init should be able to figure out this nameserver and the search domain the same way netconfig does.
Another issue is the eth0 interface is not brought up automatically even though the contents of the file "/etc/sysconfig/network/ifcfg-eth0" seems correct
# Created by cloud-init on instance boot automatically, do not edit.
#
BOOTPROTO=dhcp
DEVICE=eth0
HWADDR=00:0d:3a:06:1e:04
NM_CONTROLLED=no
ONBOOT=yes
STARTMODE=auto
TYPE=Ethernet
USERCTL=no
I had to bring it up by executing "ifup eth0" from Azure.py code after the network config is applied. This way I was able to ssh into the VM.
Here's also the contents of "etc/udev/rules.d/85-persistent-net-cloud-init.rules":SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0d:3a:6d:e4:53", NAME="eth0" |
cloud-init's sysconfig renderer injects the cloud-init header even
if no DNS configuration is provided in network-config.
cloud-init.service may need to update service file with additional
wicked service names to ensure that networking is up before starting.
[Original Description]
I reproduced the issue on an Azure VM with SLES12 SP4 and cloud-init 19.1.
The DNS is unreachable when cloud-init takes the responsibility of configuring the network. No nameservers or search domains are added to the /etc/resolv.conf as following:
; Created by cloud-init on instance boot automatically, do not edit.
;
### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
I also attached the "/etc/sysconfig/network/config" in the first comment for your reference:
When I disable the network configuration in cloud-init and leave it for netconfig, the /etc/resolv.conf is correctly populated with the search domain and the nameserver and the DNS is reachable. Here's the contents of the /etc/resolv.conf:
### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
search xkf00b0rtzgejkug4xc2pcinre.xx.internal.cloudapp.net
nameserver 168.63.129.16
When I tried to populate the network config dictionary that's built by DataSourceAzure with a default nameserver "168.63.129.16" and search domain "xkf00b0rtzgejkug4xc2pcinre.xx.internal.cloudapp.net", The DNS was reachable. But It's my understanding that cloud-init should be able to figure out this nameserver and the search domain the same way netconfig does.
Another issue is the eth0 interface is not brought up automatically even though the contents of the file "/etc/sysconfig/network/ifcfg-eth0" seems correct
# Created by cloud-init on instance boot automatically, do not edit.
#
BOOTPROTO=dhcp
DEVICE=eth0
HWADDR=00:0d:3a:06:1e:04
NM_CONTROLLED=no
ONBOOT=yes
STARTMODE=auto
TYPE=Ethernet
USERCTL=no
I had to bring it up by executing "ifup eth0" from Azure.py code after the network config is applied. This way I was able to ssh into the VM.
Here's also the contents of "etc/udev/rules.d/85-persistent-net-cloud-init.rules":SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0d:3a:6d:e4:53", NAME="eth0" |
|
