cloud-init

system_cfg not read on Oracle datasource

Bug #1956788 reported by James Falcon
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cloud-init
Fix Released
High
Alberto Contreras
cloud-init (Ubuntu)
Fix Released
Undecided
Unassigned
Focal
Fix Released
Undecided
Unassigned
Jammy
Fix Released
Undecided
Unassigned
Kinetic
Fix Released
Undecided
Unassigned

Bug Description

[ Impact ]

Prefer system_cfg for network configuration on Oracle above the dataousrce config to allow images to dictate network overrides in /etc/cloud/cloud.cfg.d when necessary. Without this configuration, certain image launches on Orale will not be able to receive correct network at VM launch time resulting in inaccessible VMs via SSH.

[ Test Plan ]

Procedure for validation (will be scripted as best we can)

1. Launch Oracle vm for focal, jammy, kinetic and lunar
2. Confirm presence of /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
3. Upgrade cloud-init to -proposed
4. confirm absence of /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
5. Reboot this VM to test default launch without 99-disable-network-config succeds on fresh launches
6. sudo cloud-init clean --logs; sudo shutdown -h now
6. Export VM to Oracle Object Storage
7. Launch from exported object storage image to trigger reading network config from IMDS instead of ISCSI
8. Assert ssh to instance works and no Tracebacks in /var/log/cloud-init.log

[ Where problems could occur ]
If this patch is unsuccessful, default new instance launches on Oracle or launches from Object storage would timeout and disallow SSH because cloud-init didn't set up network appropriately.

[ Other Info ]

[Original description]

In https://github.com/canonical/cloud-init/commit/2c52e6e88b19f5db8d55eb7280ee27703e05d75f , the order of reading network config was changed for Oracle due to initramfs needing to take lower precedence than the datasource. However, this also bumped system_cfg to a lower precedence than ds, which means that any network configuration specified in /etc/cloud will not be applied.

system_cfg should instead be moved above ds so network configuration in /etc/cloud takes precedence.

See original description
James Falcon (falcojr)
Changed in cloud-init:
importance: Undecided → High
status: New → Triaged
status: Triaged → In Progress
assignee: nobody → James Falcon (falcojr)
Revision history for this message
Brett Holman (holmanb) wrote : Fixed in cloud-init version 22.1.

This bug is believed to be fixed in cloud-init in version 22.1. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Changed in cloud-init:
status: In Progress → Fix Released
Revision history for this message
Chad Smith (chad.smith) wrote :

This fix in Jammy 22.1-14-g2e17a0d6-0ubuntu1~22.04.1 also had an unintended side-effect where network would not get rendered due and newly launched instnaces on Jammy were unreachable due to
cloud-init networking being configured as disabled in Oracle images /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg.

This commit is being reverted for this release so it can be refactored to avoid the side-effect.
https://github.com/canonical/cloud-init/pull/1326

Changed in cloud-init:
status: Fix Released → New
status: New → In Progress
Chad Smith (chad.smith)
Changed in cloud-init:
status: In Progress → Fix Committed
status: Fix Committed → Triaged
Revision history for this message
James Falcon (falcojr) wrote :

Every Oracle instance boots with /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg as it was probably intended to ensure only iSCSI configuration is used. While this seems unnecessary to me, there are currently no plans to change this, so I see no reason to keep this bug open.

Changed in cloud-init:
status: Triaged → Invalid
Revision history for this message
Fabio Augusto Miranda Martins (fabio.martins) wrote (last edit ):

CPC has worked on removing /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg from Oracle images and this is completed started with Images with build >=20221123

I just used our daily images to create 3 custom images with:

- Jammy: 20221214
- Focal: 20221214
- Bionic: 20221205

And launched J/F/B bare-metal instances and I can validate this doesn't cause any issues and the networking is working well on all 3 releases:

https://pastebin.ubuntu.com/p/nX7dM7mQSQ/

I believe next step is to proceed with the change proposed by this LP.

As a reminder, as part of a post-install script, we'll need to remove /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg if it exists, so that we don't break network for existing instances when they upgrade cloud-init.

Marking back as ~~triaged~~ confirmed, since we removed /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg fropm the images, which prevented our work here.

EDIT: Marking as confirmed, as I can't mark as Triaged

Changed in cloud-init:
status: Invalid → Confirmed
Chad Smith (chad.smith)
tags: added: sc-1414
Alberto Contreras (aciba)
Changed in cloud-init:
assignee: James Falcon (falcojr) → Alberto Contreras (aciba)
Revision history for this message
Alberto Contreras (aciba) wrote :

Being fixed in:

https://github.com/canonical/cloud-init/pull/1998
https://github.com/canonical/cloud-init/pull/2014

Revision history for this message
Chad Smith (chad.smith) wrote :

Upstream commit landed for this feature https://github.com/canonical/cloud-init/commit/6b9bf7b9bb2db20b7d254f0143df343e14f4c7d4

expected release cloud-init version 23.2. It'll publish sooner into 23.04 (Lunar) in a 23.1.1-## interim snapshot.

Revision history for this message
Chad Smith (chad.smith) wrote :

Related changeset in Lunar packaging to remove config artifacts across upgrade path on Oracle: https://github.com/canonical/cloud-init/pull/2046

Changed in cloud-init:
status: Confirmed → Fix Committed
Revision history for this message
Fabio Augusto Miranda Martins (fabio.martins) wrote :

I see per the comments that this is being released to Lunar. Is there a plan to backport it to B / F / J?

Revision history for this message
James Falcon (falcojr) wrote :

Fabio, this one missed the 23.1 release, which is currently in the process of being SRUed. It will make if to F, J, and K (not B as it will be EOL) once 23.2 lands in about 3 months.

Revision history for this message
Alberto Contreras (aciba) wrote :

F, J, K PRs:

https://github.com/canonical/cloud-init/pull/2068
https://github.com/canonical/cloud-init/pull/2069
https://github.com/canonical/cloud-init/pull/2070

Revision history for this message
James Falcon (falcojr) wrote :

Tracked in Github Issues as https://github.com/canonical/cloud-init/issues/3938

Revision history for this message
Chad Smith (chad.smith) wrote :

This bug is believed to be fixed in cloud-init in version 23.2. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Changed in cloud-init:
status: Fix Committed → Fix Released
Chad Smith (chad.smith)
description: updated
Revision history for this message
Steve Langasek (vorlon) wrote : Please test proposed package

Hello James, or anyone else affected,

Accepted cloud-init into kinetic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.2-0ubuntu0~22.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-kinetic to verification-done-kinetic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-kinetic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed verification-needed-kinetic
Changed in cloud-init (Ubuntu Kinetic):
status: New → Fix Committed
Changed in cloud-init (Ubuntu):
status: New → Fix Released
Changed in cloud-init (Ubuntu Jammy):
status: New → Fix Committed
tags: added: verification-needed-jammy
Revision history for this message
Steve Langasek (vorlon) wrote :

Hello James, or anyone else affected,

Accepted cloud-init into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.2-0ubuntu0~22.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in cloud-init (Ubuntu Focal):
status: New → Fix Committed
tags: added: verification-needed-focal
Revision history for this message
Steve Langasek (vorlon) wrote :

Hello James, or anyone else affected,

Accepted cloud-init into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.2-0ubuntu0~20.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Revision history for this message
Fabio Augusto Miranda Martins (fabio.martins) wrote :

Per my comment #4, CPC has removed /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg, so that no longer exists. The package should have included a post-install script to remove this file from old instances, in case they happen to be running out of images created before this change. So I adapted a little bit my testing process to consider validating the post-install script:

# PART A - Prepare the image with cloud-init from -proposed:

1. Launch Oracle vm for focal, jammy, kinetic and lunar (I used the 20230607 daily images for that)

sudo lsb_release -a
sudo uname -a
sudo cat /etc/cloud/build.info
sudo ls -l /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg

2. Create the /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg file:

sudo -i

cat <<EOF > /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
# CLOUD_IMG: This file was created/modified by the Cloud Image build process
network: {config: disabled}
EOF

chown root:root /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
chmod 644 /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg

sudo ls -l /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
sudo cat /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg

3. Upgrade cloud-init to -proposed

sudo dpkg -l cloud-init
sudo -i

cat <<EOF >/etc/apt/sources.list.d/ubuntu-$(lsb_release -cs)-proposed.list
# Enable Ubuntu proposed archive
deb http://archive.ubuntu.com/ubuntu/ $(lsb_release -cs)-proposed restricted main multiverse universe
EOF

sudo apt update
sudo apt install cloud-init

sudo apt-cache policy cloud-init

4. confirm absence of /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg

ls -l /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg

5. Reboot this VM to test default launch without 99-disable-network-config succeds on fresh launches

sudo reboot

6. sudo cloud-init clean --logs; sudo shutdown -h now

sudo -i
echo "cloud-init test" >> /etc/cloud/build.info
cat /etc/cloud/build.info
sudo cloud-init clean --logs
sudo shutdown -h now

# PART B - Launch F / J / K / L instances using the images prepared in A and validate it's OK:

1. Export VM to Oracle Object Storage
2. Launch from exported object storage image to trigger reading network config from IMDS instead of ISCSI
3. Assert ssh to instance works and no Tracebacks in /var/log/cloud-init.log

sudo ls -l /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
sudo cat /etc/cloud/build.info
sudo lsb_release -a
sudo uname -a
sudo apt-cache policy cloud-init
sudo cat /var/log/cloud-init.log
sudo cat /var/log/cloud-init-output.log

Here are the results of my tests:

- Part A:

Focal: https://pastebin.ubuntu.com/p/kgZn5gr9m3/
Jammy: https://pastebin.ubuntu.com/p/JGYfC8XCsh/
Kinetic: https://pastebin.ubuntu.com/p/XTfm2X9rqc/
Lunar: https://pastebin.ubuntu.com/p/pDbFNfMcXD/

- Part B:

Focal: https://pastebin.ubuntu.com/p/dwVzs4DrQx/
Jammy: https://pastebin.ubuntu.com/p/cJ3jXZnfFN/
Kinetic: https://pastebin.ubuntu.com/p/36nMvpsH9z/
Lunar: https://pastebin.ubuntu.com/p/Vb4j6PckyT/

I don't see any obvious failures and everything seems to be working well, so I'll add the verification done label for F / J / K / L.

Thanks for the patch.

tags: added: verification-done verification-done-focal verification-done-jammy verification-done-kinetic verification-done-lunar
removed: verification-needed verification-needed-focal verification-needed-jammy verification-needed-kinetic
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Hello James, or anyone else affected,

Accepted cloud-init into kinetic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.2.1-0ubuntu0~22.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-kinetic to verification-done-kinetic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-kinetic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed verification-needed-kinetic
removed: verification-done verification-done-kinetic
tags: added: verification-needed-jammy
removed: verification-done-jammy
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Hello James, or anyone else affected,

Accepted cloud-init into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.2.1-0ubuntu0~22.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed-focal
removed: verification-done-focal
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Hello James, or anyone else affected,

Accepted cloud-init into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.2.1-0ubuntu0~20.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Revision history for this message
Chad Smith (chad.smith) wrote :

Thank you Fabio for going the extra mile on the integration test verification here.

I can confirm the verification results you linked are applicable for this SRU supplemental verification beyond our typical SRU exception.

I also can confirm the only functional code difference between 23.2.0 and 23.2.1 only affects the DataSourceNoCloud not DataSourceOracle so no applicable logic applied to Oracle requiring any additional testing here.

tags: added: verification-done verification-done-focal verification-done-jammy verification-done-kinetic
removed: verification-needed verification-needed-focal verification-needed-jammy verification-needed-kinetic
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.2.1-0ubuntu0~22.10.1

---------------
cloud-init (23.2.1-0ubuntu0~22.10.1) kinetic; urgency=medium

  * Upstream snapshot based on 23.2.1. (LP: #2025180).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2.1/ChangeLog

cloud-init (23.2-0ubuntu0~22.10.1) kinetic; urgency=medium

  * d/control: Remove pep8 dependency. It is no longer used.
  * d/apport-general-hook.py: Add general apport hook to append cloud type,
    image and instance size information to bug reports (LP: #1724623)
  * d/cloud-init.preinst: Oracle to remove vestigial /etc/cloud.cloud.cfg.d/
    99-disable-network-config.cfg because system config is now honored before
    datasource config (LP: #1956788)
  * d/cloud-init.preinst: Clean up vestigial
    /etc/cloud/cloud.cfg.d/99-disable-network-activation.cfg on GCE instances
    after fix in upstream google-guest-agent.
  * Upstream snapshot based on 23.2. (LP: #2023110).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2/ChangeLog

 -- Brett Holman <email address hidden> Wed, 28 Jun 2023 14:24:21 -0600

Changed in cloud-init (Ubuntu Kinetic):
status: Fix Committed → Fix Released
Revision history for this message
Andreas Hasenack (ahasenack) wrote : Update Released

The verification of the Stable Release Update for cloud-init has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.2.1-0ubuntu0~22.04.1

---------------
cloud-init (23.2.1-0ubuntu0~22.04.1) jammy; urgency=medium

  * Upstream snapshot based on 23.2.1. (LP: #2025180).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2.1/ChangeLog

cloud-init (23.2-0ubuntu0~22.04.1) jammy; urgency=medium

  * d/control: Remove pep8 dependency. It is no longer used.
  * d/apport-general-hook.py: Add general apport hook to append cloud type,
    image and instance size information to bug reports (LP: #1724623)
  * d/cloud-init.preinst: Oracle to remove vestigial /etc/cloud.cloud.cfg.d/
    99-disable-network-config.cfg because system config is now honored before
    datasource config (LP: #1956788)
  * d/cloud-init.preinst: Clean up vestigial
    /etc/cloud/cloud.cfg.d/99-disable-network-activation.cfg on GCE instances
    after fix in upstream google-guest-agent.
  * Refresh patches against upstream/main
    - d/p/expire-on-hashed-users.patch
    - d/p/retain-netplan-world-readable.patch
  * Upstream snapshot based on 23.2. (LP: #2023110).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2/ChangeLog

 -- Brett Holman <email address hidden> Wed, 28 Jun 2023 16:16:26 -0600

Changed in cloud-init (Ubuntu Jammy):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.2.1-0ubuntu0~20.04.2

---------------
cloud-init (23.2.1-0ubuntu0~20.04.2) focal; urgency=medium

  * d/apport-general-hook: correct type hints on Dict for py3.8
    (LP: #2025376)

cloud-init (23.2.1-0ubuntu0~20.04.1) focal; urgency=medium

  * Upstream snapshot based on 23.2.1. (LP: #2025180).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2.1/ChangeLog

cloud-init (23.2-0ubuntu0~20.04.1) focal; urgency=medium

  * d/control: Remove pep8 dependency. It is no longer used
  * d/patches/netplan99-cannot-use-default.patch:
    - Retain routes' definitions compatible with netplan 0.99 (Fixes: #4133)
  * d/apport-general-hook.py: Add general apport hook to append cloud type,
    image and instance size information to bug reports (LP: #1724623)
  * d/cloud-init.preinst: Oracle to remove vestigial /etc/cloud.cloud.cfg.d/
    99-disable-network-config.cfg because system config is now honored before
    datasource config (LP: #1956788)
  * d/cloud-init.preinst: Clean up vestigial
    /etc/cloud/cloud.cfg.d/99-disable-network-activation.cfg on GCE instances
    after fix in upstream google-guest-agent.
  * Refresh patches against upstream/main:
    - d/p/expire-on-hashed-users.patch
    - d/p/retain-netplan-world-readable.patch
  * Upstream snapshot based on 23.2. (LP: #2023110).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2/ChangeLog

 -- Chad Smith <email address hidden> Thu, 29 Jun 2023 09:41:13 -0600

Changed in cloud-init (Ubuntu Focal):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.