| 2023-11-23 17:31:25 |
Nobuto Murata |
bug |
|
|
added bug |
| 2023-11-23 17:31:25 |
Nobuto Murata |
attachment added |
|
Screenshot from 2023-11-24 02-31-09.png https://bugs.launchpad.net/bugs/2044403/+attachment/5722769/+files/Screenshot%20from%202023-11-24%2002-31-09.png |
|
| 2023-11-23 17:31:54 |
Nobuto Murata |
bug |
|
|
added subscriber Canonical Field High |
| 2023-11-23 17:35:43 |
Nobuto Murata |
attachment added |
|
maas_machine_read.json https://bugs.launchpad.net/maas/+bug/2044403/+attachment/5722770/+files/maas_machine_read.json |
|
| 2023-11-23 17:37:20 |
Nobuto Murata |
attachment added |
|
maas_machine_get-curtin-config.yaml https://bugs.launchpad.net/maas/+bug/2044403/+attachment/5722771/+files/maas_machine_get-curtin-config.yaml |
|
| 2023-11-24 05:55:36 |
Nobuto Murata |
description |
maas - 1:3.4.0-14318-g.3234f5e2a-0ubuntu1~22.04.1
I think this is a regression since the test case in the following bug described the expected status.
https://bugs.launchpad.net/maas/+bug/1847537
There is a flaky DNS resolution issue observed and it boiled down to unexpected curtin/netplan config generated by MAAS.
Let's say a machine has two (or more) interfaces and one is connected to the main MAAS PXE network and the other is connected to an isolated network (no reachability to MAAS). DNS traffic should be sent from the first interface to MAAS DNS.
However, generated curtin/netplan adds MAAS DNS to the NIC with the isolated network and the DNS traffic goes no where since the isolated network do not have connectivity to MAAS nor any gateway.
[deployed node]
$ ip -br a
lo UNKNOWN 127.0.0.1/8 ::1/128
ens4 UP 192.168.151.116/24 fe80::5054:ff:fe78:ba0d/64
ens8 UP fe80::5054:ff:febf:8f7/64
ens9 UP 192.168.152.101/24 fe80::5054:ff:fea9:2e4/64
$ resolvectl
Global
Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Link 2 (ens4)
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.151.1
DNS Servers: 192.168.151.1
DNS Domain: maas
Link 3 (ens8)
Current Scopes: none
Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Link 4 (ens9)
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.151.1
DNS Servers: 192.168.151.1
DNS Domain: maas
^^^ MAAS DNS (192.168.151.1) should be only added to the main NIC en4.
[isolated subnet definition]
maas admin spaces create name=space-isolated
maas admin vlans create "$fabric_id" vid=152 space=space-isolated
maas admin subnets create cidr='192.168.152.0/24' \
fabric="$fabric_id" vid=152 \
allow_dns=false
maas admin ipranges create type=reserved \
start_ip=192.168.152.1 end_ip=192.168.152.100
maas admin ipranges create type=dynamic \
start_ip=192.168.152.201 end_ip=192.168.152.254
[associating the isolated subnet to a second or third NIC]
vlan_id=$(maas admin vlan read "$fabric_id" 152 | jq -r '.id')
subnet_id=$(maas admin subnets read | jq -r '.[] | select(.cidr=="192.168.152.0/24").id')
for system_id in $(maas admin machines read | jq -r '.[].system_id'); do
maas admin interface update "$system_id" ens9 vlan="$vlan_id"
maas admin interface link-subnet "$system_id" ens9 mode='AUTO' subnet="$subnet_id"
done |
maas - 1:3.4.0-14318-g.3234f5e2a-0ubuntu1~22.04.1
I think this is a regression since the test case in the following bug described the expected status.
https://bugs.launchpad.net/maas/+bug/1847537
There is a flaky DNS resolution issue observed and it boiled down to unexpected curtin/netplan config generated by MAAS.
Let's say a machine has two (or more) interfaces and one is connected to the main MAAS PXE network and the other is connected to an isolated network (no reachability to MAAS). DNS traffic should be sent from the first interface to MAAS DNS.
However, generated curtin/netplan adds MAAS DNS to the NIC with the isolated network and the DNS traffic goes no where since the isolated network do not have connectivity to MAAS nor any gateway.
[flaky DNS behavior due to the issue]
$ resolvectl dns
Global:
Link 2 (ens4): 192.168.151.1
Link 3 (ens8):
Link 4 (ens9): 192.168.151.1
$ resolvectl reset-server-features
$ for _ in {1..6}; do time resolvectl query --cache=false --interface=ens9 example.com; done
example.com: resolve call failed: Lookup failed due to system error: No route to host
real 0m3.072s
user 0m0.000s
sys 0m0.007s
example.com: resolve call failed: Lookup failed due to system error: No route to host
real 0m3.072s
user 0m0.000s
sys 0m0.006s
example.com: resolve call failed: Lookup failed due to system error: No route to host
real 0m3.072s
user 0m0.000s
sys 0m0.006s
example.com: resolve call failed: Lookup failed due to system error: No route to host
real 0m3.072s
user 0m0.000s
sys 0m0.007s
example.com: 2606:2800:220:1:248:1893:25c8:1946 -- link: ens9
93.184.216.34 -- link: ens9
-- Information acquired via protocol DNS in 3.9ms.
-- Data is authenticated: no; Data was acquired via local or encrypted transport: no
-- Data from: network
real 0m0.010s
user 0m0.006s
sys 0m0.000s
example.com: 2606:2800:220:1:248:1893:25c8:1946 -- link: ens9
93.184.216.34 -- link: ens9
-- Information acquired via protocol DNS in 44.0ms.
-- Data is authenticated: no; Data was acquired via local or encrypted transport: no
-- Data from: network
real 0m0.050s
user 0m0.000s
sys 0m0.006s
[deployed node]
$ ip -br a
lo UNKNOWN 127.0.0.1/8 ::1/128
ens4 UP 192.168.151.116/24 fe80::5054:ff:fe78:ba0d/64
ens8 UP fe80::5054:ff:febf:8f7/64
ens9 UP 192.168.152.101/24 fe80::5054:ff:fea9:2e4/64
$ resolvectl
Global
Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Link 2 (ens4)
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.151.1
DNS Servers: 192.168.151.1
DNS Domain: maas
Link 3 (ens8)
Current Scopes: none
Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Link 4 (ens9)
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.151.1
DNS Servers: 192.168.151.1
DNS Domain: maas
^^^ MAAS DNS (192.168.151.1) should be only added to the main NIC en4.
[isolated subnet definition]
maas admin spaces create name=space-isolated
maas admin vlans create "$fabric_id" vid=152 space=space-isolated
maas admin subnets create cidr='192.168.152.0/24' \
fabric="$fabric_id" vid=152 \
allow_dns=false
maas admin ipranges create type=reserved \
start_ip=192.168.152.1 end_ip=192.168.152.100
maas admin ipranges create type=dynamic \
start_ip=192.168.152.201 end_ip=192.168.152.254
[associating the isolated subnet to a second or third NIC]
vlan_id=$(maas admin vlan read "$fabric_id" 152 | jq -r '.id')
subnet_id=$(maas admin subnets read | jq -r '.[] | select(.cidr=="192.168.152.0/24").id')
for system_id in $(maas admin machines read | jq -r '.[].system_id'); do
maas admin interface update "$system_id" ens9 vlan="$vlan_id"
maas admin interface link-subnet "$system_id" ens9 mode='AUTO' subnet="$subnet_id"
done |
|
| 2023-11-24 08:14:42 |
Alberto Donato |
maas: milestone |
|
3.5.0 |
|
| 2023-11-24 08:14:48 |
Alberto Donato |
maas: status |
New |
Triaged |
|
| 2023-11-24 08:14:51 |
Alberto Donato |
maas: importance |
Undecided |
High |
|
| 2023-12-04 10:39:33 |
Jerzy Husakowski |
maas: assignee |
|
Christian Grabowski (cgrabowski) |
|
| 2024-01-18 02:46:58 |
Christian Grabowski |
maas: status |
Triaged |
In Progress |
|
| 2024-01-18 02:47:12 |
Christian Grabowski |
merge proposal linked |
|
https://code.launchpad.net/~cgrabowski/maas/+git/maas/+merge/458864 |
|
| 2024-01-22 15:26:37 |
MAAS Lander |
maas: status |
In Progress |
Fix Committed |
|
| 2024-02-28 13:50:49 |
Jerzy Husakowski |
nominated for series |
|
maas/3.4 |
|
| 2024-02-28 13:50:49 |
Jerzy Husakowski |
bug task added |
|
maas/3.4 |
|
| 2024-02-28 13:50:57 |
Jerzy Husakowski |
maas/3.4: milestone |
|
3.4.x |
|
| 2024-02-28 13:51:04 |
Jerzy Husakowski |
maas/3.4: importance |
Undecided |
High |
|
| 2024-02-28 13:51:08 |
Jerzy Husakowski |
maas/3.4: status |
New |
Triaged |
|
| 2024-02-28 14:08:25 |
Peter Makowski |
merge proposal linked |
|
https://code.launchpad.net/~petermakowski/maas/+git/maas/+merge/461447 |
|
| 2024-02-28 14:08:35 |
Peter Makowski |
maas/3.4: assignee |
|
Peter Makowski (petermakowski) |
|
| 2024-02-28 14:10:01 |
Peter Makowski |
maas/3.4: status |
Triaged |
In Progress |
|
| 2024-02-28 15:46:30 |
MAAS Lander |
maas/3.4: status |
In Progress |
Fix Committed |
|
| 2024-03-05 12:19:57 |
Anton Troyanov |
maas: milestone |
3.5.0 |
3.5.0-beta1 |
|
| 2024-03-05 12:25:05 |
Anton Troyanov |
maas: status |
Fix Committed |
Fix Released |
|
| 2024-03-18 13:32:09 |
Alexsander de Souza |
maas/3.4: milestone |
3.4.x |
3.4.1 |
|
| 2024-03-18 13:37:07 |
Alexsander de Souza |
maas/3.4: status |
Fix Committed |
Fix Released |
|
