Ubuntu
cloud-init package

transient network/keyscan issues

Bug #656646 reported by Scott Moser
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cloud-init (Ubuntu)
Won't Fix
Low
Scott Moser
Nominated for Precise by Chuck Short
Maverick
Invalid
Undecided
Unassigned
Natty
Invalid
Low
Scott Moser

Bug Description

Binary package hint: cloud-init

In maverick release testing (20101007.1) I found a transient-ish network failure.

Here, out of 18 instances in this test 4 of them did not have ssh keys per keyscan. Subsequently those 4 failed the ssh connection test.

Then, one instance that *passed* the connection test failed the root connection test.

I also saw a similar issue, again x86_64 and us-west-1, when testing maverick RC. There, I 7 keys out of 36 found. Again, very strange, all but one of the ssh connections passed after ssh keyscan had major issues.

I think part of this might be an issue with ssh-keyscan, where failure of one host in the arguments causes failure of others.

ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: cloud-init 0.5.15-0ubuntu3
ProcVersionSignature: User Name 2.6.35-22.33-virtual 2.6.35.4
Uname: Linux 2.6.35-22-virtual x86_64
Architecture: amd64
Date: Fri Oct 8 03:03:39 2010
Ec2AMI: ami-681f4f2d
Ec2AMIManifest: ubuntu-images-testing-us-west-1/ubuntu-maverick-daily-amd64-server-20101007.1.manifest.xml
Ec2AvailabilityZone: us-west-1a
Ec2InstanceType: m1.large
Ec2Kernel: aki-9ba0f1de
Ec2Ramdisk: unavailable
PackageArchitecture: all
ProcEnviron:
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: cloud-init

Revision history for this message
Scott Moser (smoser) wrote :
Revision history for this message
Scott Moser (smoser) wrote :

Note, only a cloud-init bug because I have no better location.

Changed in cloud-init (Ubuntu):
importance: Undecided → Low
status: New → Confirmed
Ubuntu QA Website (ubuntuqa)
tags: added: iso-testing
Scott Moser (smoser)
Changed in cloud-init (Ubuntu Natty):
assignee: nobody → Scott Moser (smoser)
Revision history for this message
Scott Moser (smoser) wrote :

I've had som emore experience with this, and it is definitely true that running
ssh-keyscan host1 host2 host3 host4 ....

can end up giving output only for a small number of hosts because a single host fails.
During one case where this was failing, i did (manually)

$ ssh-keyscan -t rsa,dsa ec2-67-202-18-160.compute-1.amazonaws.com ec2-184-72-94-230.compute-1.amazonaws.com ec2-75-101-179-107.compute-1.amazonaws.com ...
# ec2-67-202-18-160.compute-1.amazonaws.com SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu1
ec2-67-202-18-160.compute-1.amazonaws.com ssh-dss AAAAB3N...
# ec2-67-202-18-160.compute-1.amazonaws.com SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu1
ec2-67-202-18-160.compute-1.amazonaws.com ssh-rsa AAAAB3NzaC1y...
# ec2-184-72-94-230.compute-1.amazonaws.com SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu1
Connection closed by 184.72.94.230

There were several other hosts to scan (13), but the failure of 'Connection closed' on the third host ends up failing.

I had assumed from the man page of ssh-keyscan:
  "ssh-keyscan uses non-blocking socket I/O to contact as many hosts as
   possible in parallel, so it is very efficient. The keys from a domain
   of 1,000 hosts can be collected in tens of seconds, even when some of
   those hosts are down or do not run ssh."

that a failure on one host would not indicate the others, but it appears
that is not the case.

So, in the case where I saw large number of ssh-keyscan failures, they
are in fact linked to 2 failure.

Revision history for this message
dino99 (9d9) wrote :

https://wiki.ubuntu.com/Releases

time have elapsed since that latest comment; is it still an issue ?

Changed in cloud-init (Ubuntu Natty):
status: Confirmed → Invalid
Changed in cloud-init (Ubuntu Maverick):
status: New → Invalid
tags: removed: maverick
Changed in cloud-init (Ubuntu):
status: Confirmed → Incomplete
Revision history for this message
Scott Moser (smoser) wrote :

Gonna mark this 'Wont fix'. Generally I think its a bug in ssh-keyscan.

Changed in cloud-init (Ubuntu):
status: Incomplete → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.