2010-08-09 20:11:27 |
Gabriel Nell |
bug |
|
|
added bug |
2010-09-09 21:24:26 |
Scott Moser |
affects |
linux-ec2 (Ubuntu) |
cloud-init (Ubuntu) |
|
2010-09-09 21:24:26 |
Scott Moser |
cloud-init (Ubuntu): importance |
Undecided |
Medium |
|
2010-09-09 21:24:26 |
Scott Moser |
cloud-init (Ubuntu): status |
New |
Confirmed |
|
2010-09-16 08:52:17 |
Scott Moser |
attachment added |
|
test debian package with proposed fix https://bugs.edge.launchpad.net/ubuntu/+source/cloud-init/+bug/615545/+attachment/1592507/+files/cloud-init_0.5.15-0ubuntu3%7Eppa1_all.deb |
|
2010-09-16 16:17:30 |
Launchpad Janitor |
branch linked |
|
lp:~cloud-init-dev/cloud-init/maverick |
|
2010-09-16 16:17:32 |
Launchpad Janitor |
branch linked |
|
lp:cloud-init |
|
2010-09-16 16:20:14 |
Launchpad Janitor |
cloud-init (Ubuntu): status |
Confirmed |
Fix Released |
|
2010-09-16 17:18:27 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/cloud-init |
|
2011-12-05 18:59:32 |
Scott Moser |
nominated for series |
|
Ubuntu Lucid |
|
2011-12-05 18:59:32 |
Scott Moser |
bug task added |
|
cloud-init (Ubuntu Lucid) |
|
2011-12-05 19:04:41 |
Launchpad Janitor |
cloud-init (Ubuntu Lucid): status |
New |
Confirmed |
|
2011-12-05 19:25:33 |
Scott Moser |
description |
sources.list is helpfully configured to us-east-1.ec2.archive.ubuntu.com for instances that I launch in US-EAST-1 on EC2. However, instances launched in a Virtual Private Cloud (VPC) can only access machines in their local subnet, private machines on the connected LAN, and the Internet via the VPC tunnel.
Because us-east-1.ec2.archive.ubuntu.com resolves to an internal EC2 10.0.0.0/8 address, instances launched in a VPC will be unable to perform any apt operations. The user must update sources.list to point to us.archive.ubuntu.com to use apt.
Proposed solution:
1) Detect that the machine was launched in a VPC. I'm not sure what the ideal way to determine this is without doing a DescribeInstances. But I did notice that when in a VPC, curl http://169.254.169.254/latest/meta-data/ does not have public-ipv4 and public-hostname listed as a possibility. So perhaps the absence of these could be used to determine it was in a VPC.
2) Fallback to the public us.archive.ubuntu.com (or whatever region appropriate) if us-east-1.ec2.archive.ubuntu.com cannot be reached. |
sources.list is helpfully configured to us-east-1.ec2.archive.ubuntu.com for instances that I launch in US-EAST-1 on EC2. However, instances launched in a Virtual Private Cloud (VPC) can only access machines in their local subnet, private machines on the connected LAN, and the Internet via the VPC tunnel.
Because us-east-1.ec2.archive.ubuntu.com resolves to an internal EC2 10.0.0.0/8 address, instances launched in a VPC will be unable to perform any apt operations. The user must update sources.list to point to us.archive.ubuntu.com to use apt.
Proposed solution:
1) Detect that the machine was launched in a VPC. I'm not sure what the ideal way to determine this is without doing a DescribeInstances. But I did notice that when in a VPC, curl http://169.254.169.254/latest/meta-data/ does not have public-ipv4 and public-hostname listed as a possibility. So perhaps the absence of these could be used to determine it was in a VPC.
2) Fallback to the public us.archive.ubuntu.com (or whatever region appropriate) if us-east-1.ec2.archive.ubuntu.com cannot be reached.
=== SRU Information ===
[Impact]
After launch of an instance in a VPC (virtual private cloud) of EC2, the user must update /etc/apt/sources.list, as cloud-init has selected a mirror that is not available to the instance.
[Development Fix] The simple fix is to query the EC2 metadata service and determine if the instance has booted inside VPC (is_vpc). If so, use the fallback apt source rather than the EC2 specific region source. This was added to in the 10.10 cycle.
[Stable Fix]
Same as development fix.
[Test Case]
* a.) Boot instance in EC2 in a VPC
* b.) Boot instance in EC2 not in a VPC
* Instance 'a' should have 'archive.ubuntu.com' in /etc/apt/sources.list
* grep "http://archive.ubuntu.com" /etc/apt/sources.list
* Instance 'b' should have '<region>.ec2.archive.ubuntu.com' in /etc/apt/sources.list
* az=$(wget http://instance-data/latest/meta-data/placement/availability-zone -O - -q)
* region=${az%?} ; # az="us-east-1a", region="us-east-1"
* grep "http://$region.ec2.archive.ubuntu.com" /etc/apt/sources.list
[Regression Potential]
Inside of EC2, the regression potential is almost non-existant. This exact same fix has been in since 10.10.
Outside of EC2, the potential for regression would be in EC2-like clouds that have a metadata service that looks similar to EC2's. Since the fix has been in for > 18 months, the chance of this scenario causing failure is very low. |
|
2011-12-05 19:37:43 |
Scott Moser |
cloud-init (Ubuntu Lucid): status |
Confirmed |
In Progress |
|
2011-12-09 00:20:17 |
Andy Brody |
bug |
|
|
added subscriber Andy Brody |
2011-12-19 15:08:42 |
Martin Pitt |
cloud-init (Ubuntu Lucid): status |
In Progress |
Fix Committed |
|
2011-12-19 15:08:44 |
Martin Pitt |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2011-12-19 15:08:46 |
Martin Pitt |
bug |
|
|
added subscriber SRU Verification |
2011-12-19 15:08:48 |
Martin Pitt |
tags |
|
verification-needed |
|
2012-01-12 23:28:20 |
Jack Murgia |
bug |
|
|
added subscriber cloudcontrol |
2012-03-22 20:52:51 |
Steve Langasek |
cloud-init (Ubuntu Lucid): status |
Fix Committed |
Won't Fix |
|
2012-03-22 20:53:02 |
Steve Langasek |
tags |
verification-needed |
verification-failed |
|
2012-04-18 04:55:04 |
Paul Paradise |
bug |
|
|
added subscriber Paul Paradise |
2013-08-01 22:10:19 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/lucid-proposed/cloud-init |
|
2013-08-30 14:53:41 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/natty/cloud-init |
|
2020-04-27 05:37:49 |
Ian Gibbs |
bug |
|
|
added subscriber Ian Gibbs |