| Age | Commit message (Collapse) | Author |
|---|
|
Make test_net.TestGenerateFallbackConfig.test_unstable_names mock
the value of /proc/cmdline in the same way as the existing
test_unstable_names_disabled test.
LP: #1769952
|
|
When attempting to apply network configuration for SmartOS's container
platform, cloud-init would not identify nics. The nics on provided
in this container service do not have 'addr_assign_type'. That
was being interpreted as being a "stolen" mac, and would be filtered
out by get_interfaces.
|
|
The cloud-init-local.service expects that any network device name changes
have already been completed by the kernel or udev daemon.
In some situations we've found that the renaming of interfaces from kernel
names (eth0, eth1, etc) to their persistent names (eno1, ens3, enp0s1,
etc) may happen after cloud-init-local has started where it reads values
from sysfs about what network devices are present, and which device to use
as a fallback nic.
Subsequently, cloud-init-local would write out network configuration for a
kernel device name which would no longer be present by the time that
networking services start to bring up the devices. The result is that the
instance does not get networking configured. Prior to use of
systemd-networkd, the Ubuntu 'networking.service' unit included a call to
udevadm settle which is why this race is not seen on a Xenial system.
This change adds the ability to detect if an interface has a stable name,
if if we find one without stable names and stable names have not been
disabled (net.ifnames=0 in /proc/cmdline), then cloud-init will invoke
udevadm settle.
LP: #1766287
|
|
BOOTPROTO=dhcp in sysconfig enables DHCPv4 and we should not do this
implicitly when 'dhcp6' subnet is specified. In case both dhcpv4 and
dhcpv6 are needed users should specify both:
subnets:
- type: dhcp6
- type: dhcp
Fix the current code and add a dhcpv6 only test.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
In network config v1 format, there are dns values which are not bound to a
specific interface and do not map to the per-interface format in netplan.
To handle this case we render netplan configuration that duplicates the
DNS configuration on any interface that has a static network config. We
avoiding interfaces which have DHCP configuration which may provide
conflicting DNS values.
LP: #1750884
|
|
When 'ip=' or 'ip6=' is found on the kernel command line,
cloud-init will consider read network config from /run/net-*.conf files.
There are some iscsi-root scenarios where initramfs configures networking
but the ip= parameter is not present. 2 such cases are:
a.) static config in /etc/iscsi/iscsi.initramfs (copied into the
initramfs)
b.) iBft
This changes cloud-init to consider initramfs provided networking
information if:
* there are /run/net-* files and
* (ip= or ip6 is on the command line) or open-iscsi.interface file
exists.
LP: #1752391
|
|
Update netplan renderer to write out bridge port-priority values
now that netplan supports the feature.
LP: #1735821
|
|
This change will enable azure vms to report provisioning has completed
twice, first to tell the fabric it has completed then a second time to
enable customer settings. The datasource for the second provisioning is
the Instance Metadata Service (IMDS),and the VM will poll indefinitely for
the new ovf-env.xml from IMDS.
This branch introduces EphemeralDHCPv4 which encapsulates common logic
used by both DataSourceEc2 an DataSourceAzure for temporary DHCP
interactions without side-effects.
LP: #1734991
|
|
Network configuration in OpenNebula would only work if the host correctly
guessed the names of the devices in the guest. OpenNebula provided data
in its context.sh like 'ETH0_NETWORK', but if the guest named devices
differently then results were not predictable. This would occur with
Predictable Network Interface Names. To address this,
newer versions (of OpenNebula provide the mac address ETH0_MAC.
This function is present in 4.14 and documented officially in 5.0 docs.
This provides support for reading the mac addresses from the context.sh.
It also fixes cases where context.sh provided a field (ETH0_NETWORK
or ETH0_MASK) with a empty string. Previously the empty string would
be used rather than falling back to the default.
LP: #1719157, #1716397, #1736750
|
|
Currently when dns and dns search info is provided, it is not rendered
when outputting to sysconfig format.
This patch causes the DNS and DOMAIN lines to be written out rendering
sysconfig.
LP: #1705804
|
|
Update unit tests to pass a 0 instead of 'off' to validate that network
state is properly written.
|
|
Update network_state to store the bridge_stp value as a boolean.
The various renderers then can map the boolean value to the correct
output as needed; eni uses 'on/off', sysconfig uses 'yes/no' and
netplan will use the boolean directly.
Update unittest values for sysconfig and netplan. Both contained the
network_state string value which resulted in not correctly enable/disable
STP in the target system.
Update network_state comment (fd -> forward-delay, add stp as boolean) on
bridge commands to match the expected format of a netplan bridge command.
LP: #1721157
|
|
During boot, the usage of /tmp is not safe. In systemd systems,
systemd-tmpfiles-clean may run at any point and clear out a temp file
while cloud-init is using it. The solution here is to use
/run/cloud-init/tmp.
LP: #1707222
|
|
This moves the base test case classes into into cloudinit/tests and
updates all the corresponding imports.
|
|
If the network-config sent to cloud-init is in version: 2 format then
when rendering netplan, we can pass the content through and avoid
consuming network_state elements. This removes the need for trying to
map many v2 features onto network state where other renderers won't be
able to use anyhow (for example match parameters for multi-interface
configuration and wifi configuration support).
Additionally ensure we retain bond/bridge v2 configuration in network
state so when rendering to eni or sysconfig we don't lose the configuration
- Drop the NotImplemented wifi exception, log a warning that it works for
netplan only
- Adjust unittests to new code path and output
- Fix issue with v2 macaddress values getting dropped
- Add unittests for consuming/validating v2 configurations
LP: #1709180
|
|
The sysconfig renderer duplicates the cloud-init header string
when rendering resolv.conf file. This leads to resolv.conf file
growing with every reboot of a system. Fix this by checking for
the header when loading content from existing file.
Update one of the sysconfig unittests with multiple render calls
to simulate the reboot to check that we don't repeat the header.
LP: #1701420
|
|
The subnet type 'manual' was used as a way to declare a device
and set an MTU for it but not assign network addresses.
This updates the manual example config to handle that case and
provides expected rendered output for sysconfig, eni, and netplan.
|
|
Previously, sysconfig rendered HWADDR for all interface types, but
that value is only used to identify physical devices. Instead use
MACADDR to configure the MAC on virtual devices, like bonds and
bridges.
- Sort bond slave list to ensure consistent ordering in sysconfig
rendered files.
- Add unittests for sysconfig rendering of bonds/bridges with
mac_address
LP: #1701417
|
|
In some network configurations a network value of '::' and a
netmask value of '::' were used to indicate a default IPV6 gateway.
Commit d00da2d5 removed ipv6 'netmask' attributes and calculate
a prefix length value instead. The eni route rendering failed to update
the check to use prefix value of 0 to indicate the presence of an IPV6
default route.
A broken ipv6 default route rendered like:
post-up route add -net :: netmask :: gw 2001:4800:78ff:1b::1 || true
And with this patch, it now renders like:
post-up route add -A inet6 default gw 2001:4800:78ff:1b::1 || true
LP: #1701097
|
|
Render MTU values if present in subnet and route configurations
for v4 and v6.
LP: #1702513
|
|
Implement manual control for sysconfig by using ONBOOT=N. This
allows an interface to be configured but not brought up.
Note that ONBOOT is per-interface not per address.
LP: #1687725
|
|
Currently only the subnet is checked for 'ipv6' setting, however, the
routes array may include a mix of v4 or v6 configurations, in particular,
the gateway in a route may be ipv6, and if so, should export the value via
IPV6_DEFAULTGW in the ifcfg-XXXX file.
Additionally, if the route is v6, it should rendering a routes6-XXXX file;
this is present but missing the 'dev <interface>' scoping.
LP: #1694801
|
|
Previously, virtual types (bond, bridge, vlan) were almost completely
broken. They would not get any network configuration (ip addresses or
dhcp config) and or routes rendered. This fixes those issues.
For bonds we now correctly render BONDING_SLAVE entries.
Also add tests for simple bond, bridge and vlan.
LP: #1695092
|
|
With this change, entries in IPV6ADDR and IPV6ADDR_SECONDARIES will now
always be in format addr/prefix. When a subnet has a gateway will be
written. If the gateway is ipv6, use the key IPV6_DEFAULTGW rather than
GATEWAY.
LP: #1704872
|
|
The network device renaming code previously required the case of
the mac address input to match that of the data read from the system.
For example, if user provided network config with mac address
in upper case, then cloud-init would not rename the device correctly
as /sys/class/net/address stores lower case values.
The fix here is to always compare lower case mac addresses.
LP: #1705147
|
|
Render the GATEWAY= value in interface files which have a gateway in the
subnet configuration.
LP: #1686856
|
|
On systems with network devices with duplicate mac addresses, cloud-init
will fail to rename the devices according to the specified network
configuration. Refactor net layer to search by device driver and device
id if available. Azure systems may have duplicate mac addresses by
design.
Update Azure datasource to run at init-local time and let Azure datasource
generate a fallback networking config to handle advanced networking
configurations.
Lastly, add a 'setup' method to the datasources that is called before
userdata/vendordata is processed but after networking is up. That is
used here on Azure to interact with the 'fabric'.
|
|
In cases where the config json specifies nameserver entries,
if there are interfaces configured to use dhcp, NetworkManager,
if enabled, will clobber the /etc/resolv.conf that cloud-init
has produced, which can break dns. If there are no interfaces
configured to use dhcp, NetworkManager could clobber
/etc/resolv.conf with an empty file.
This patch adds a mechanism for dropping additional configuration
into /etc/NetworkManager/conf.d/ and disables management of
/etc/resolv.conf by NetworkManager when nameserver information is
provided in the config.
LP: #1693251
Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
|
|
The network_state object's network and route keys would have different
information depending upon how the network_state object was populated.
This change cleans that up. Now:
* address will always contain an IP address.
* prefix will always include an integer value that is the
network_prefix for the address.
* netmask will be present only if the address is ipv4, and its
value will always correlate to the 'prefix'.
|
|
Since f38fa413176, default routes get added to both ifcfg-* and route-*
and route6-* files. Default routes should only go to ifcfg-* files,
otherwise the information is redundant.
LP: #1696176
|
|
The code deciding which interface to choose as the default to request the
IP address through DHCP does not sort the interfaces correctly. On Ubuntu
Xenial images for example, the interfaces are named ens1, ens2, ens3...,
ens11, ... depending on the pci bus address. The python sorting will list
'ens11' before 'ens3' for example despite the fact that 'ens3' should be
before 'ens11'.
This patch address this issue and sort the interface names according to a
human sorting.
Signed-off-by: Marc-Aurèle Brothier <m@brothier.org>
|
|
There are a few bridge parameters which require repeating the key with each
value in the list when rendering eni. Extend the network unittests to cover
all of the known bridge parameters and check we render eni and netplan
correctly.
|
|
During the network v2 merge, we inadvertently re-enabled rendering systemd
.link files. This files are not required as cloud-init already has to do
interface renaming due to issues with udevd which may refuse to rename
certain interfaces (such as veth devices in a LXD container). As such,
removing the code altogether.
|
|
Input (specifically OpenStack) that had:
"ip_address" : "104.130.20.155",
"netmask" : "255.255.255.0"
Was being rendered to netplan as '104.130.20.155/255.255.255.0'.
That is now fixed to '104.130.20.155/24'
Also fixed is reading of a route that had a network prefix integer
in the 'netmask' rather than a netmask.
LP: #1689346
LP: #1684349
|
|
As some of the bond paramemters are passed in as dashed, or
underscored, depending on the input source.
Also correct transmit-hash-policy netplan target key.
LP: #1690480
|
|
This just moves flake8 and related tools up to newer versions and fixes
the complaints associated with that.
We added to the list of flake8 ignores:
H102: do not put vim info in source files
H304: no relative imports
Also updates and pins the following in the flake8 environment:
pep8: 1.7.0 => drop (although hacking still pulls it in).
pyflakes 1.1.0 => 1.5.0
hacking 0.10.2 => 0.13.0
flake8 2.5.4 => 3.3.0
pycodestyle none => 2.3.1
|
|
Dual stack IPv4/IPv6 configuration via config drive is broken for RHEL7.
This patch fixes several scenarios for IPv4/IPv6/dual-stack with multiple
IP assignment.
Removes usage of unpopular IPv4 alias files and invalid IPv6 alias files.
Also fix associated unit tests.
LP: #1679817
LP: #1685534
LP: #1685532
|
|
Some interfaces (greptap0 in the bug) have a mac address of
'00:00:00:00:00:00'. That was causing a duplicate mac detection
as the 'lo' device also has that mac.
The change here is to just ignore macs other than 'lo' that have that.
LP: #1692028
|
|
When vlan mac address is specified in config, render it for
netplan and for ENI.
LP: #1690388
|
|
tools/net-convert fails to output netplan config, because the
positional arguments of render_network_state are the wrong way around
for that function w.r.t. other renders.
Fix the netplan renderer to have the correct signature.
LP: #1685944
|
|
If /run/net-<name>.cfg contains an IPV4ADDR or an IPV6ADDR, the config
file generated by _klibc_to_config_entry now contains the "address".
LP: #1691135
|
|
Fixed setting Route.has_set_default_ipv6 or *_ipv4 to track whether a
route already has a default gateway defined. The code was setting
Route.has_set_default which wasn't checked when raising "duplicate
gateway" ValueErrors. Added unit tests to exercise this expected raised
ValueError. Also moved is_ipv6 = subnet.get('ipv6') logic out of a for
loop because we don't need to recalculate the same value every route
iteration.
LP: #1687485
|
|
This patch targets to make FreeBSD 10.3 or 11 work on Azure. The
modifications abide by the rule of:
* making as less modification as possible
* delegate to the distro or datasource where possible.
The main modifications are:
1. network configuration improvements, and movement into distro path.
2. Fix setting of password.
Password setting through "pw" can only work through pipe.
3. Add 'root:wheel' to syslog_fix_perms field.
4. Support resizing default file system (ufs)
5. copy cloud.cfg for freebsd to /etc/cloud/cloud.cfg rather than
/usr/local/etc/cloud/cloud.cfg.
6. Azure specific changes:
a. When reading the azure endpoint, search in a different path
and read a different option name (option-245 vs. unknown-245).
so, the lease file path should be generated according to platform.
b. adjust the handling of ephemeral mounts for ufs filesystem and
for finding the ephemeral device.
c. fix mounting of cdrom
LP: #1636345
|
|
Introduce is_vlan function and call that when building dictionary of
interfaces by mac address.
LP: #1682871
|
|
When cloud-init ran in the init stage (after networking had come up).
A bug could occur where cloud-init would attempt and fail to rename
network devices that had "inherited" mac addresses.
The intent of apply_network_config_names was always to rename only
the devices that were "physical" per the network config. (This would
include veth devices in a container). The bug was in creating
the dictionary of interfaces by mac address. If there were multiple
interfaces with the same mac address then renames could fail.
This situation was guaranteed to occur with bonds or vlans or other
devices that inherit their mac.
The solution is to change get_interfaces_by_mac to skip interfaces
that have an inherited mac.
Also drop the 'devs' argument to get_interfaces_by_mac. It was
non-obvious what the result should be if a device in the input
list was filtered out. ie should the following have an entry for
bond0 or not. get_interfaces_by_mac(devs=['bond0'])
LP: #1669860
|
|
When rendering network configuration to netplan, remove known
"builtin" configurations. The specific example here is Ubuntu Core
that has netplan configuration in etc/netplan/00-snapd-config.yaml.
We also delete the derived files since netplan will have created
these derived files in its generator that runs well before cloud-init.
LP: #1675576
|
|
Network configuration version 2 format is implemented in a package
called netplan (nplan)[1] which allows consolidated network config
for multiple network controllers.
- Add a new netplan renderer
- Update default policy, placing eni and sysconfig first
This requires explicit policy to enable netplan over eni
on systems which have both (Yakkety, Zesty, UC16)
- Allow any network state (parsed from any format cloud-init supports) to
render to v2 if system supports netplan.
- Move eni's _subnet_is_ipv6 to common code for use by other renderers
- Make sysconfig renderer always emit /etc/syconfig/network configuration
- Update cloud-init.service systemd unit to also wait on
systemd-networkd-wait-online.service
1. https://lists.ubuntu.com/archives/ubuntu-devel/2016-July/039464.html
|
|
Previously, the distro had hard coded which network renderer it would
use. This adds support for just picking the right renderer based
on what is available.
Now, that can be set via a priority in system_info, but should
generally work. That config looks like:
system_info:
network:
renderers: ["eni", "sysconfig"]
When no renderers are found, a specific RendererNotFoundError is raised.
stages.py is modified to catch that and log it at error level. This
path should not really be exercised, but could occur if for example an
Ubuntu system did not have ifupdown, or a rhel system did not have
sysconfig. In such a system previously we would have quietly rendered
ENI configuration but that would have been ignored. This is one step
better in that we at least log the error.
|
|
render_network_state should default to rendering on /.
The changes here just make it so render_network_state does not
require a target, but defaults to None, and uses target_path
to handle that.
|
|
As reported in bug 1671927, sysconfig had an issue with rendering
a loopback device. The problem was that some as yet unknown issue was
causing the openstack config drive to parse the provided ENI file rather
than reading the network_data.json. Parsing an ENI file would add a
a 'lo' device of type 'physical', and sysconfig was failing to render
that.
The change here is:
a.) add a 'loopback' type rather than 'physical' for network config.
{'name': 'lo', 'type': 'loopback', 'subnets': ['type': 'loopback']}
b.) support skipping that type in the eni and sysconfig renderers.
c.) make network_state just piggy back on 'physical' renderer for
loopback (this was what was happening before).
Tests are added for eni and sysconfig renderer.
|
