MAAS IP addr is being enforced as a DNS server for deployed machine when using v1 curtin network config

Bug #1847537 reported by Vladimir Grevtsev on 2019-10-09
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
MAAS
Undecided
Unassigned

Bug Description

One of our customers are asking for a way to completely get rid of the MAAS DNS usage, so based on that - machines should use DHCP-provided nameservers instead of having IPs of region controllers in netplan or resolv.conf (depends on target OS).

Here is a get-curtin-config output from machine, configured to be present in a single subnet without any DNS servers specified in subnet config: https://pastebin.canonical.com/p/RhmDmy5Zfp/

Subnet config: https://pastebin.canonical.com/p/fRXWh57yKm/
Machine config: https://pastebin.canonical.com/p/m9GcnvHGkb/

I can enforce required servers to be present by putting them as a "dns_servers" in subnet config, but is there an option to leave this option as "empty" and let machine gather its DNS config via DHCP, like it does already with the rest of the networking parameters?

Is this possible at all?

Vladimir Grevtsev (vlgrevtsev) wrote :

I'm not sure if this is a bug or a feature request, so I'm marking this as a ~field-high - but if I'm wrong, please let me know so I could remove a wrong tag.

tags: added: field-
tags: added: field-high
removed: field-
description: updated
description: updated
Blake Rouse (blake-rouse) wrote :

That interface on that machine is configured to "STATIC" so MAAS is assigning the IP. Please try by setting the interface to "DHCP". Or provided updated configuration information with the interface with the correct setting matching the reported bug.

Changed in maas:
status: New → Invalid
status: Invalid → Incomplete
Vladimir Grevtsev (vlgrevtsev) wrote :

Ok, I have a reproducer here:

machine read: https://pastebin.canonical.com/p/dchjXrD8BF/
curtin config: https://pastebin.canonical.com/p/SMjGY4sGNM/
subnets read: https://pastebin.canonical.com/p/DFM82PRHMb/

So in this case, interface left even in "unconfigured" state but it's pushing MAAS IPs as a DNS servers for that subnet.
Even if interface got removed manually - the previous one before just picking these IPs as a nameservers again and continues to push them.

Any ideas?

Changed in maas:
status: Incomplete → New
Vladimir Grevtsev (vlgrevtsev) wrote :

So I did some investigations and finally understood, that this is reproducible on non-Ubuntu images when using curtin network v1 config: https://github.com/maas/maas/blob/master/src/maasserver/preseed.py#L296

So steps to reproduce are:

1) maas admin maas set-config name=force_v1_network_yaml value=true
2) maas admin interfaces read 4xgsrk # get a interface ID
3) maas admin interface unlink-subnet 4xgsrk 3 id=9
4) maas admin interface link-subnet 4xgsrk 3 subnet=1 mode=dhcp # configure machine interface as a DHCP
5) maas admin machine deploy 4xgsrk
6) maas admin machine get-curtin-config 4xgsrk

So the problems is that rendered curtin-config contains MAAS rack/region controller as a DNS server, however this is an unexpected behaviour: http://paste.ubuntu.com/p/2jVDZWkvyD/
subnets read: https://pastebin.canonical.com/p/QV3kbr4Ny9/

It looks like this line of code https://github.com/maas/maas/blob/master/src/maasserver/preseed_network.py#L617 is problematic, so probably could we make this, at least, conditional?

summary: - MAAS IP addr is being enforced as a DNS server for deployed machine
+ MAAS IP addr is being enforced as a DNS server for deployed machine when
+ using v1 curtin network config
Adam Collard (adam-collard) wrote :

Digging into this, I see it was touched as part of fix for https://bugs.launchpad.net/juju/+bug/1771885/comments/26

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers