StarlingX

Ansible does not support IPV6 addresses for docker_http_proxy

Bug #1833710 reported by Brent Rowsell on 2019-06-21

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	StarlingX	Fix Released	High	Tee Ngo

Bug Description

Brief Description
-----------------
Ansible does not support an ipv6 address in the url only hostname. Support is missing in the utility function used by ansible to validate the url.

Severity
--------
Major

Steps to Reproduce
------------------
Use a ipv6 address in url

Expected Behavior
------------------
Should validate and pass

Actual Behavior
----------------
Fails

Reproducibility
---------------
100%

System Configuration
--------------------
All

Branch/Pull Time/Commit
-----------------------
Any recent load

Last Pass
---------
Never

Timestamp/Logs
--------------
N/A

Test Activity
-------------
Other

Tags:

Brent Rowsell (brent-rowsell) on 2019-06-21

Changed in starlingx:
assignee:	nobody → Tee Ngo (teewrs)
importance:	Undecided → High
status:	New → Triaged
tags:	added: stx.2.0 stx.containers

Ghada Khalil (gkhalil) on 2019-06-21

tags:

added: stx.config

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-06-21: Fix proposed to ansible-playbooks (master)

Fix proposed to branch: master
Review: https://review.opendev.org/666860

Changed in starlingx:
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-06-21: Fix merged to ansible-playbooks (master)

Reviewed: https://review.opendev.org/666860
Committed: https://git.openstack.org/cgit/starlingx/ansible-playbooks/commit/?id=8fa6359ba047fd8ea55706d47133390fb54d18cb
Submitter: Zuul
Branch: master

commit 8fa6359ba047fd8ea55706d47133390fb54d18cb
Author: Tee Ngo <email address hidden>
Date: Fri Jun 21 11:00:24 2019 -0400

Fix URL and IP address validators

The current URL and IP address validators ported from
config controller have some defficiencies.

    This commit leverages django URLValidator for URL validation
    and supplements the existing domain name/ip address validation
    with Ansible ipaddr filter test to catch missing/future formats.

    Verify the validation tasks with the following input
      - http://[2001:db8::1]:3128
      - https://test.abc.com
      - ::1
      - localhost
      - 127.0.0.1
      - fe80::100/10
      - 2001:db8:1::/64
      - "[2001:db8::1]:8080"
      - 128.224.150.0/23
      - test.abc.com
      - test.abc.com:3000
      - 2001:db8:?::/32 (failed case)

    Closes-Bug: 1833710
    Change-Id: Ib3345b41ab932cd434906725f709a8b9a0195e3f
    Signed-off-by: Tee Ngo <email address hidden>

Changed in starlingx:
status:	In Progress → Fix Released

Revision history for this message

Tee Ngo (teewrs) wrote on 2019-06-24:

It turned out that the validation fix in Ansible bootstrap is not enough. The validation in sysinv must also be fixed. In addition, CIDR notation in NO_PROXY list is not supported until Docker engine is upversioned to 19.03

https://github.com/docker/docker.github.io/issues/8191

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-06-24: Fix proposed to config (master)

Fix proposed to branch: master
Review: https://review.opendev.org/667073

Ghada Khalil (gkhalil) on 2019-06-24

Changed in starlingx:
status:	Fix Released → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-06-24: Fix proposed to ansible-playbooks (master)

Fix proposed to branch: master
Review: https://review.opendev.org/667126

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-06-25: Fix merged to config (master)

Reviewed: https://review.opendev.org/667073
Committed: https://git.openstack.org/cgit/starlingx/config/commit/?id=04a07648b4a42c5b29d1443b695aa2bbcb5156ba
Submitter: Zuul
Branch: master

commit 04a07648b4a42c5b29d1443b695aa2bbcb5156ba
Author: Tee Ngo <email address hidden>
Date: Mon Jun 24 08:23:11 2019 -0400

Beef up sysinv URL validator

The current sysinv URL validator does not handle URLs
containing IPv6 address correctly. This commit fixes that.

    Closes-Bug: 1833710
    Change-Id: Ic5a450ede0390529e795ca0120200a0f7bbf52ce
    Signed-off-by: Tee Ngo <email address hidden>

Changed in starlingx:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-06-25: Fix merged to ansible-playbooks (master)

Reviewed: https://review.opendev.org/667126
Committed: https://git.openstack.org/cgit/starlingx/ansible-playbooks/commit/?id=7c719262b6be5736dfc6089b59ac02770770404e
Submitter: Zuul
Branch: master

commit 7c719262b6be5736dfc6089b59ac02770770404e
Author: Tee Ngo <email address hidden>
Date: Mon Jun 24 10:46:18 2019 -0400

Switch to using sysinv URL and Address validators

    In this commit the bootstrap playbook is updated to make use of
    sysinv URL and Address validators to ensure a) consistent user
    experience and b) future validation updates will be done in one
    spot.

    Note: Currently, sysinv Address validator does not accept CIDR notation
    as the current docker engine does not support CIDR in NO_PROXY list.
    Ref: https://github.com/docker/docker.github.io/issues/8191.

    Change-Id: I433303dde93801f3e45cd7d10935eb1de28b9090
    Closes-Bug: 1833710
    Depends-On: Ic5a450ede0390529e795ca0120200a0f7bbf52ce
    Signed-off-by: Tee Ngo <email address hidden>

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

auto-github-docker-docker.github.io #8191
[closed] Edit

Bug watches keep track of this bug in other bug trackers.