Ubuntu
cloud-init package

23.2: cloudinit.sources.parse_cmdline of ds=nocloud-net on kernel cmdline does not parse hyphens

Bug #2025180 reported by Chad Smith
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cloud-init (Ubuntu)
Fix Released
Critical
Unassigned
Focal
Fix Released
Undecided
Unassigned
Jammy
Fix Released
Undecided
Unassigned
Kinetic
Fix Released
Undecided
Unassigned
Lunar
Fix Released
Undecided
Unassigned
Mantic
Fix Released
Critical
Unassigned

Bug Description

[ Impact ]

Regression in 23.2 release prevented cloud-init from honoring datasource detection of from the kernel commandline parameter `ds=nocloud-net;s=http://something` with a seed URL instead of local filesystem directory-based seed files.

Inability to correct parse `ds=nocloud-net` from the commandline meant that cloud-init would detect DataSourceNone and no configuration applied to the system on boot.

This typically would result in symtoms like inability to SSH to the VM/container that is launched on platforms which make use of kernel commandline params to set the cloud-init datasource type to nocloud-net and use seed URL to obtain remote configuration from an HTTP service.

Although augmenting kernel commandline is not a typical install pattern for most cloud platforms, this regression has been discovered in iPXE boot environments which may want to customize cloud-init behavior per image launch with configuration from a separate local HTTP-based service on the local/private network.

[ Test Plan ]
1. Provide an HTTP URL or service which surfaces a directory containing: user-data, meta-data and vendor-data
2. Launch a kvm instance in lxd
3. Augment GRUB_CMDLINE_LINUX= to specify ds=nocloud-net;s=<YOUR_URL_FROM_1> to specify both ds=nocloud-net and the remote seed URL containing user-data,vendor-data, meta-data
4. grub-mkconfig
5. reboot the VM
6. Confirm datasorce detected is nocloud (not "none") from: cloud-init query platform
7. Confirm instance-data was pulled from the remote URL seed from: cloud-init query subplatform

Said test plan is already implemented and included in Jenkins test runners of cloud-init integration tests[1] which are run nightly by Jenkins w/ success.

[1] https://github.com/canonical/cloud-init/blob/main/tests/integration_tests/test_kernel_commandline_match.py#L97-L141

[ Where problems could occur ]

This error condition and fix only affects NoCloud datasource for cases where ds=nocloud-net is provided on as kernel commandline parameter. It will not affect any major clouds as they have separate datasources and typically do not use kernel command line params to strictly set/override the cloud-init datasource to detect.

If cloud-init fails to detect the datasource, cloud-init platform will report cloud-id == `none` and no user-data/meta-data configuration would be applied to the system. This typically results in inability ssh into a launched instance

This also does not affect NoCloud datasource which is can still detect nocloud configuration via the filesystem in the default seed directory /var/lib/cloud/seed/nocloud or /var/lib/cloud/seed/nocloud-net. It really is limited to seed URL based configuration for DataSourceNoCloudNet.

[ Other Info ]

Given that this impact is limited to NoCloudNet where kernel cmdline params are provided to override default behavior of cloud-init.

Verification on this SRU bug should probably be limited to:
1. specific test to NoCloudNet datasource as defined above
2. Supplemental full jenkins test run of NoCloud KVM and container suite to ensure no regression in any other LXD related behavior.

[ Original Description ]

Affects: cloud-init 23.2 which is already released to Mantic, and uploaded to the following -proposed suites:
focal-proposed
jammy-proposed
kinetic-proposed
lunar-proposed

This represents and SRU verification regresssion that we do not want to release to the related updates suites on stable releases.

Upstream bug filed https://github.com/canonical/cloud-init/issues/4203 detailing that ds=nocloud-net is not longer recognized resulting in DataSourceNone being detected intead of DataSourceNoCloudNet.

Commit 612b4de introduced parse_cmdline function which did
not take into account hyphenated datasource names.

This function is only used by DataSourceNoCloud and no longer can detect nocloud-net datasource.
This results in DataSourceNone being detected and no NoCloud datasources applied to a launched container/VM.

See original description
Chad Smith (chad.smith)
description: updated
Chad Smith (chad.smith)
description: updated
description: updated
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.3~1ge5a617fe-0ubuntu1

---------------
cloud-init (23.3~1ge5a617fe-0ubuntu1) mantic; urgency=medium

  * Upstream snapshot based on upstream/main at e5a617fe.
    - Bugs fixed in this snapshot: (LP: #2025180, #2025180, #1999952)
      (LP: #1798055)

 -- Chad Smith <email address hidden> Wed, 28 Jun 2023 09:57:55 -0600

Changed in cloud-init (Ubuntu Mantic):
status: Triaged → Fix Released
Revision history for this message
Andreas Hasenack (ahasenack) wrote : Please test proposed package

Hello Chad, or anyone else affected,

Accepted cloud-init into lunar-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.2.1-0ubuntu0~23.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-lunar to verification-done-lunar. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-lunar. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in cloud-init (Ubuntu Lunar):
status: New → Fix Committed
tags: added: verification-needed verification-needed-lunar
Changed in cloud-init (Ubuntu Kinetic):
status: New → Fix Committed
tags: added: verification-needed-kinetic
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Hello Chad, or anyone else affected,

Accepted cloud-init into kinetic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.2.1-0ubuntu0~22.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-kinetic to verification-done-kinetic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-kinetic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in cloud-init (Ubuntu Jammy):
status: New → Fix Committed
tags: added: verification-needed-jammy
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Hello Chad, or anyone else affected,

Accepted cloud-init into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.2.1-0ubuntu0~22.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in cloud-init (Ubuntu Focal):
status: New → Fix Committed
tags: added: verification-needed-focal
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Hello Chad, or anyone else affected,

Accepted cloud-init into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.2.1-0ubuntu0~20.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Revision history for this message
Chad Smith (chad.smith) wrote :

Verification logs are part of cloud-init 23.2.1 integration tests.

Attached are specific verification logs for focal, jammy, kinetic and lunar showing nocloud-net correctly detective from kernel commandline from cloud-init debs in the -proposed pocket.

Test procedure on LXD VMs:

# untestable on LXD containers, or cloud VMs because we are hijacking GRUB options to provide additional kernel params to GRUB across reboot
1. Launch a kvm instance in lxd
2. Augment GRUB_CMDLINE_LINUX= to specify ds=nocloud-net;s=<YOUR_URL_FROM_1> to specify both ds=nocloud-net and the remote seed URL containing user-data,vendor-data, meta-data
3. grub-mkconfig
4. reboot the VM
5. Confirm datasource detected is nocloud (not "none") from: cloud-init query platform
6. Confirm instance-data was pulled from the remote URL seed from: cloud-init query subplatform

#
for RELEASE in focal jammy kinetic lunar; do
 CLOUD_INIT_PLATFORM=lxd_vm CLOUD_INIT_CLOUD_INIT_SOURCE=PROPOSED CLOUD_INIT_OS_IMAGE=$RELEASE tox -e integration-tests tests/integration_tests/test_kernel_commandline_match.py::test_lxd_datasource_kernel_override_nocloud_net;
done

tags: added: verification-done verification-done-focal verification-done-jammy verification-done-kinetic verification-done-lunar
removed: verification-needed verification-needed-focal verification-needed-jammy verification-needed-kinetic verification-needed-lunar
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.2.1-0ubuntu0~23.04.1

---------------
cloud-init (23.2.1-0ubuntu0~23.04.1) lunar; urgency=medium

  * Upstream snapshot based on 23.2.1. (LP: #2025180).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2.1/ChangeLog

cloud-init (23.2-0ubuntu0~23.04.1) lunar; urgency=medium

  * d/control: Remove pep8 dependency. It is no longer used.
  * Upstream snapshot based on 23.2. (LP: #2023110).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2/ChangeLog

 -- Chad Smith <email address hidden> Wed, 28 Jun 2023 14:14:31 -0600

Changed in cloud-init (Ubuntu Lunar):
status: Fix Committed → Fix Released
Revision history for this message
Andreas Hasenack (ahasenack) wrote : Update Released

The verification of the Stable Release Update for cloud-init has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.2.1-0ubuntu0~22.10.1

---------------
cloud-init (23.2.1-0ubuntu0~22.10.1) kinetic; urgency=medium

  * Upstream snapshot based on 23.2.1. (LP: #2025180).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2.1/ChangeLog

cloud-init (23.2-0ubuntu0~22.10.1) kinetic; urgency=medium

  * d/control: Remove pep8 dependency. It is no longer used.
  * d/apport-general-hook.py: Add general apport hook to append cloud type,
    image and instance size information to bug reports (LP: #1724623)
  * d/cloud-init.preinst: Oracle to remove vestigial /etc/cloud.cloud.cfg.d/
    99-disable-network-config.cfg because system config is now honored before
    datasource config (LP: #1956788)
  * d/cloud-init.preinst: Clean up vestigial
    /etc/cloud/cloud.cfg.d/99-disable-network-activation.cfg on GCE instances
    after fix in upstream google-guest-agent.
  * Upstream snapshot based on 23.2. (LP: #2023110).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2/ChangeLog

 -- Brett Holman <email address hidden> Wed, 28 Jun 2023 14:24:21 -0600

Changed in cloud-init (Ubuntu Kinetic):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.2.1-0ubuntu0~22.04.1

---------------
cloud-init (23.2.1-0ubuntu0~22.04.1) jammy; urgency=medium

  * Upstream snapshot based on 23.2.1. (LP: #2025180).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2.1/ChangeLog

cloud-init (23.2-0ubuntu0~22.04.1) jammy; urgency=medium

  * d/control: Remove pep8 dependency. It is no longer used.
  * d/apport-general-hook.py: Add general apport hook to append cloud type,
    image and instance size information to bug reports (LP: #1724623)
  * d/cloud-init.preinst: Oracle to remove vestigial /etc/cloud.cloud.cfg.d/
    99-disable-network-config.cfg because system config is now honored before
    datasource config (LP: #1956788)
  * d/cloud-init.preinst: Clean up vestigial
    /etc/cloud/cloud.cfg.d/99-disable-network-activation.cfg on GCE instances
    after fix in upstream google-guest-agent.
  * Refresh patches against upstream/main
    - d/p/expire-on-hashed-users.patch
    - d/p/retain-netplan-world-readable.patch
  * Upstream snapshot based on 23.2. (LP: #2023110).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2/ChangeLog

 -- Brett Holman <email address hidden> Wed, 28 Jun 2023 16:16:26 -0600

Changed in cloud-init (Ubuntu Jammy):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.2.1-0ubuntu0~20.04.2

---------------
cloud-init (23.2.1-0ubuntu0~20.04.2) focal; urgency=medium

  * d/apport-general-hook: correct type hints on Dict for py3.8
    (LP: #2025376)

cloud-init (23.2.1-0ubuntu0~20.04.1) focal; urgency=medium

  * Upstream snapshot based on 23.2.1. (LP: #2025180).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2.1/ChangeLog

cloud-init (23.2-0ubuntu0~20.04.1) focal; urgency=medium

  * d/control: Remove pep8 dependency. It is no longer used
  * d/patches/netplan99-cannot-use-default.patch:
    - Retain routes' definitions compatible with netplan 0.99 (Fixes: #4133)
  * d/apport-general-hook.py: Add general apport hook to append cloud type,
    image and instance size information to bug reports (LP: #1724623)
  * d/cloud-init.preinst: Oracle to remove vestigial /etc/cloud.cloud.cfg.d/
    99-disable-network-config.cfg because system config is now honored before
    datasource config (LP: #1956788)
  * d/cloud-init.preinst: Clean up vestigial
    /etc/cloud/cloud.cfg.d/99-disable-network-activation.cfg on GCE instances
    after fix in upstream google-guest-agent.
  * Refresh patches against upstream/main:
    - d/p/expire-on-hashed-users.patch
    - d/p/retain-netplan-world-readable.patch
  * Upstream snapshot based on 23.2. (LP: #2023110).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.2/ChangeLog

 -- Chad Smith <email address hidden> Thu, 29 Jun 2023 09:41:13 -0600

Changed in cloud-init (Ubuntu Focal):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.