EC2 multi-nic ENI rendering fails if ENI activator not used
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
cloud-init (Ubuntu) | Status tracked in Oracular | |||||
Focal |
Fix Released
|
Undecided
|
Unassigned | |||
Jammy |
Fix Released
|
Undecided
|
Unassigned | |||
Mantic |
Fix Released
|
Undecided
|
Unassigned | |||
Noble |
Fix Released
|
Undecided
|
Unassigned | |||
Oracular |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[ Impact ]
Cloud-init recently added policy-based routing for netplan-only systems on EC2. In order to gate the netplan-specific code, it checked to see in the netplan activator was being used. However, if the datasource is fetched in init-local timeframe (such as on EC2), it is possible to specify a different renderer without also changing the activator. This means the netplan-gating no longer works, even when rendering to a non-netplan system.
The fix is to instead check if we're using the netplan renderer before rendering the netplan-specific code.
[ Test Plan ]
Launch an Ubuntu instance on EC2 having two NICs attached.
Run "apt update; apt install ifupdown"
In /etc/cloud/
`cloud-init clean --logs --reboot`
Connect to instance
Verify no networking related tracebacks exist in logs
Verify /etc/network/
Run tests/integrati
tests/integrati
to ensure no regression to existing multinic rendering behavior.
Specifically this test per series is known to assert proper behavior and show potential regressions for netplan-based environments
CLOUD_INIT_
[ Where problems could occur ]
On EC2 only, if the renderer is still somehow mis-detecting a netplan or non-netplan based system, we could still attempt to render netplan config where we shouldn't be, or instead skip rendering the config where we shouldn't be.
Problems cloud also occur on Ec2 only in netplan-based images if cloud-init incorrectly determines that netplan is not the configured renderer and skips adding supplmental policy based routes with route-metrics when rendering netplan config for secondary NIC route-metrics.
[ Other Info ]
Upstream bug: https:/
Upstream fixes:
- https:/
- https:/
description: | updated |
summary: |
- Mutli-nic ENI rendering fails if ENI activator not used + EC2 multi-nic ENI rendering fails if ENI activator not used |
Changed in cloud-init (Ubuntu Oracular): | |
status: | Fix Released → New |
status: | New → Fix Released |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
tags: |
added: verification-done verification-done-focal verification-done-jammy verification-done-mantic verification-done-noble removed: verification-needed verification-needed-focal verification-needed-jammy verification-needed-mantic verification-needed-noble |
This bug was fixed in the package cloud-init - 24.2~3ge68c8c74 -0ubuntu1
--------------- 4-0ubuntu1) oracular; urgency=medium
cloud-init (24.2~3ge68c8c7
* Upstream snapshot based on upstream/main at e68c8c74.
- Bugs fixed in this snapshot: (LP: #2066979, #2066985)
-- James Falcon <email address hidden> Fri, 24 May 2024 12:08:51 -0500