| smoser | blackboxsw: merged your branch uploaded to bionic | 02:03 |
|---|---|---|
| blackboxsw | thanks smoser | 02:10 |
| smoser | and /me is out. | 02:13 |
| march__ | Hello #cloud-init | 09:23 |
| march__ | I'm looking for a way to disable a specific service to start. Basically my service is not provisioned yet and I want to delay the service start after custom script execution | 09:24 |
| march__ | maybe with bootcmd and systemctl disable | 09:55 |
| === daniel is now known as Guest77671 | ||
| === Guest77671 is now known as Odd_Bloke | ||
| danmcd | I've a silly question, and I'm happy to take doc pointers as an answer. | 18:33 |
| danmcd | I'm in charge of a DataSource. I have something new: "routes" to provide. | 18:34 |
| danmcd | <prefix, dst, linklocal> | 18:34 |
| danmcd | prefix and dst should be straightforward. "linklocal" is what indicates if this is an "interface route". | 18:35 |
| danmcd | If I turned those tuples into route(1M/8) commands, e.g.: | 18:35 |
| danmcd | <10.1.2.0/24 10.1.1.1, false> ==> route add 10.1.2.0/24 10.1.1.1 | 18:35 |
| danmcd | <10.51.50.0/24, 10.1.1.5, true> ==> route add -interface 10.51.50.0/24 10.1.1.5 | 18:36 |
| danmcd | (And 10.1.1.5 damned well better be your local IP.) | 18:36 |
| danmcd | How would a DataSource feed such information up to its consumer in cloud-init? | 18:37 |
| rharper | danmcd: which datasource are you using ? | 18:50 |
| danmcd | SmartOS. I'm trying to modify it to turn the tuples I mention into something nice for cloud-init. | 18:51 |
| rharper | ah | 18:51 |
| danmcd | http://cloudinit.readthedocs.io/en/latest/topics/network-config-format-v1.html#route | 18:51 |
| rharper | so smartos has a helper to convert the sdc:nics info | 18:51 |
| danmcd | not sdc:nics. | 18:51 |
| danmcd | sdc:routes | 18:51 |
| danmcd | Which correspond, I think, to the cloud-init concept whose documentation I linked to above. | 18:51 |
| rharper | there are two places to set routes in the v1 config; there is the top-level type: route which has gateway,network; or each subnet entry under an interface can accept a routes list | 18:53 |
| rharper | those end up in /etc/network/interfaces as post-{up/down} route commands | 18:53 |
| danmcd | No way to specify interface routes then? | 18:54 |
| rharper | there is, if you hang the routes under the interface subnets configuration | 18:54 |
| danmcd | Okay. | 18:54 |
| danmcd | Wait.. | 18:58 |
| danmcd | Let me gist something... | 18:58 |
| danmcd | https://gist.github.com/danmcd/15a9bdeadbfb1bfbc018fa293a1af26b | 18:59 |
| danmcd | It's still not obvious whether or not I can add an interface route. | 19:00 |
| danmcd | The pointed examples where I'm shouting.... it's not clear from the documentation that's allowed. | 19:01 |
| rharper | we don't explicitly add the -interface, those stanzas result in a route add -net <network> gw <gateway> | 19:01 |
| danmcd | So if I want to add -interface routes, what do I do? | 19:03 |
| rharper | we don't have a way to add the -interface | 19:04 |
| danmcd | THere's something about outputting scripts... do I just hack that in there? | 19:05 |
| rharper | you can certainly have a script run that | 19:05 |
| danmcd | Okay. THank you. | 19:05 |
| danmcd | For your time & patience. :) | 19:06 |
| rharper | np, on the -interface vs. the -net gw ; does that generate a different static route ? | 19:06 |
| danmcd | Yes. | 19:07 |
| danmcd | -interface is essentially: "Hey, ARP these destinations". | 19:07 |
| danmcd | Or "NDP these" if it's IPv6. | 19:07 |
| danmcd | You can't have both with a matching prefix, it's one or the other. | 19:08 |
| rharper | danmcd: hrm, ok; I need to read more; | 19:09 |
| danmcd | I hear you... | 19:09 |
| rharper | I suspect we can file a bug to track this is missing; | 19:09 |
| danmcd | Sure. | 19:10 |
| rharper | I think this might be a BSD thing in route? net-tools on linux route doesn't have a -interface parameter | 19:12 |
| danmcd | -interface originates from 4.3BSD yes... | 19:14 |
| rharper | danmcd: you might try the syntax you gist'ed and see what route you end up with; the gw value is used to determine which interface to us, the man page mentions this is a BSDism ; so I wonder if that's equivalent ? | 19:17 |
| danmcd | Maybe. | 19:17 |
| danmcd | Finding out locally. Thank you. | 19:17 |
| rharper | yw | 19:17 |
| danmcd | Yes, BTW, "route add -net <pfx> -gw <my-local-ip>" is like "route add -interfaces <pfx> <my-local-ip>" on BSD and illumos. | 19:25 |
| smoser | blackboxsw: https://code.launchpad.net/~smoser/cloud-init/+git/cloud-init/+merge/341851 | 19:27 |
| smoser | can you give that a review ? | 19:27 |
| blackboxsw | np smoser | 19:39 |
| === pickle is now known as dhill_ | ||
| AscII | cloud-init generates a strange/broken netplan config if the ipv6 gateway is a link local address | 19:49 |
| AscII | https://paste.ubuntu.com/p/M7Yd4vvSS5/ | 19:49 |
| AscII | if I remove the routes section, everything works as expected | 19:51 |
| AscII | this route section also triggers the following warning | 19:53 |
| AscII | (generate:666): GLib-WARNING **: 18:19:49.916: GError set over the top of a previous GError or uninitialized memory. | 19:53 |
| AscII | in case of v1, I get | 19:54 |
| AscII | post-up route add -net :: netmask 0 gw fe80::1%eth0 || true | 19:55 |
| AscII | which doesn't hur | 19:55 |
| AscII | t | 19:55 |
| AscII | Any idea how to disable these extra routes? | 19:56 |
| AscII | otherwise the newly added Hetzner datasource works in the official bionic images | 19:58 |
| AscII | (which seem to have a broken protective MBR) | 19:58 |
| AscII | smoser: thanks for the merge, btw | 19:58 |
| smoser | AscII: /me is embarassed though | 20:03 |
| smoser | i stole your credit with our merge tool | 20:03 |
| smoser | :-( | 20:03 |
| smoser | i'm apt to stuff a commit message in with your name proper. | 20:04 |
| smoser | the squash took the top-most author | 20:04 |
| AscII | oh well | 20:05 |
| smoser | AscII: can you give the input ? | 20:05 |
| smoser | AscII: the only good thing about someone steeling your credit is that they get blame if theere are bugs :) | 20:06 |
| smoser | i'm really sorry that happened though. | 20:06 |
| AscII | hehe | 20:06 |
| AscII | no worries | 20:06 |
| smoser | the input, what was the input config... ie, did cloud-init mangle the input to break things ? or is netplan just doing the wrong thing . | 20:08 |
| AscII | no mangling. The config is just wrong | 20:08 |
| AscII | The routes shouldn't be there | 20:09 |
| AscII | they are not pushed | 20:09 |
| AscII | net/netplan.py | 20:10 |
| blackboxsw | fwiw, we got credit right on the debian/changelog for Markus :) | 20:10 |
| smoser | yeah, blackboxsw saves the day | 20:10 |
| AscII | hehe | 20:10 |
| blackboxsw | after breaking it. shame on review-mps tool | 20:11 |
| AscII | so L114 in net/netplan.py generates routes for the subnet | 20:11 |
| AscII | always | 20:11 |
| AscII | no matter what | 20:11 |
| blackboxsw | hrm if routes is unspecified on the subnet it should be empty list and remain unset right? | 20:12 |
| AscII | yes, something like that | 20:13 |
| AscII | net/eni.py does a the same thing for v1 in L361 | 20:14 |
| AscII | but that results in the no-op 'post-up route add -net :: netmask 0..' | 20:15 |
| AscII | well, actually this command is wrong as well, but the added '|| true' prevents any problems | 20:17 |
| AscII | there is a comment above that section in net/eni.py that says: We may at somepoint not want to emit this additional postfix | 20:18 |
| AscII | ah, that relates to the ||true | 20:19 |
| AscII | hmm | 20:19 |
| blackboxsw | AscII: sry I'm still trying to get the rest of the context on this. Do you have /var/log/cloud-init.log or a tarfile produced by 'cloud-init collect-logs' | 20:22 |
| blackboxsw | I'm specifically wondering about the log message Applying network configuration from... | 20:22 |
| AscII | sure | 20:23 |
| blackboxsw | which should contain the netconfig we base rendering on | 20:23 |
| blackboxsw | which may or may not have the 'routes' incorrectly specified | 20:23 |
| AscII | https://paste.ubuntu.com/p/RVrBH9YqBb/ | 20:26 |
| blackboxsw | AscII: ok so ilne 89 in your paste shows that we are feeding in 'incorrect' route information to the netplan generator | 20:28 |
| blackboxsw | I'm trying to grok where that comes from | 20:28 |
| blackboxsw | AscII: it looks like it comes from HetznerCloud datasource.metadata['network-config'] | 20:32 |
| blackboxsw | cat /run/cloud-init/instance-data.json will show you the metadata harvested on the cloud | 20:32 |
| blackboxsw | under 'ds':'meta-data' keys | 20:33 |
| AscII | hmm, that file is not present (anymore). Possibly because I corrected the generated netplan yaml | 20:36 |
| blackboxsw | smoser: I posted comment/question on https://code.launchpad.net/~smoser/cloud-init/+git/cloud-init/+merge/341851 | 20:39 |
| blackboxsw | smoser: simpoir: I finally got ci to like me on https://code.launchpad.net/~chad.smith/cloud-init/+git/cloud-init/+merge/341543 turns out you actually have to 'git add' a new module that you've coded up otherwise those silly import errors. ¯\_(ツ)_/¯ | 20:40 |
| AscII | blackboxsw: ah, crap. My bad. It seems we actually have these routes in the metadata | 20:40 |
| blackboxsw | AscII: I like to pass the blame around ;) | 20:41 |
| AscII | Need to check with my team why. I guess some other distro needed it | 20:41 |
| blackboxsw | good deal. | 20:41 |
| simpoir | blackboxsw: I just saw. I having a second look at it. | 20:42 |
| blackboxsw | simpoir: I'm on your landscape branch atm | 20:42 |
| blackboxsw | it will happen today ;() | 20:42 |
| simpoir | 👍 | 20:43 |
| AscII | well, it looks like rhel/fedora is to blame | 20:46 |
| AscII | they add the route as gateway | 20:47 |
| AscII | IPV6_DEFAULTGW=fe80::1%eth0 | 20:47 |
| AscII | and I think, we couldn't directly pass the interface in the gateway | 20:48 |
| AscII | since the gateway is not in the subnet (L346) it doesn't get rendered there, but later during routes (L392) | 20:52 |
| AscII | great | 20:53 |
| AscII | so, the only way to work around this, would be to render the meta-data with routes to rhel/centos/fedora and without to debian/ubuntu, I guess | 20:58 |
| AscII | At least for now | 20:58 |
| papertigers | rharper: are routes not picked up on ever reboot? | 22:02 |
| rharper | papertigers: not following, could you provide some more context ? | 22:02 |
| rharper | papertigers: are you manually modifying network configuration after cloud-init has generated one for you? | 22:03 |
| papertigers | following up on what danmcd was asking about earlier. It seems only certain things are setup again on reboot. For example I had to run 'cloud-init clean' to get DNS resolvers to change in systemd on this box | 22:03 |
| danmcd | But my newly-parsed-by-DataSourceSmartOS.py "route" doesn't seem to work. | 22:04 |
| danmcd | Here's some json output I got from the logfile, including teased-out to show things clearly:https://gist.github.com/danmcd/7d1ae639d7877e760a47ad83489a342f | 22:04 |
| rharper | network configuration is rendered per-instance;, so a reboot won't modify it; if you're adding additional configuration manually via a script, that would need to be marked per-always rather than per-instance | 22:11 |
| rharper | dns resolves should be encoded in /etc/network/interfaces.d/50-cloud-init.cfg | 22:11 |
| rharper | in which case they survive reboots on the same instance | 22:11 |
| rharper | danmcd: yeah, the nameserver should be under the loopback interface in the eni file I refernced, resolvconf reads eni config and updates /etc/resolv.conf which is symlink to /run/resolvconf/resolcv.conf maintained by the resolvconf program | 22:12 |
| danmcd | So nameserver can apply with "cloud-init clean" and a reboot. | 22:16 |
| danmcd | I'm wondering how I can tell why my "route" directive isn't being acted upon. | 22:16 |
| danmcd | Sorry if papertigers didn't make that clear. | 22:16 |
| danmcd | (See the gist above.) | 22:16 |
| rharper | can you paste your /etc/network/interfaces.d/50-cloud-init.cfg ? or if cloud-init collect-logs and share that? | 22:18 |
| rharper | from the yaml in your gist, it should render this: https://paste.ubuntu.com/p/RDbq9qsFJ9/ | 22:18 |
| papertigers | I dont seem to have a at /etc/network/interfaces.d/50-cloud-init.cfg | 22:25 |
| rharper | are you booting ubuntu ? | 22:26 |
| danmcd | "cloud-init collect-logs" barfs | 22:26 |
| rharper | if so , what release? Xenial | 22:26 |
| papertigers | Ubuntu 17.10 | 22:27 |
| rharper | ah, netplan | 22:28 |
| rharper | fun | 22:28 |
| rharper | let me rephrase the output | 22:28 |
| rharper | so, /etc/netplan/50-cloud-init.yaml is what youll have, the resolvers should show up under systemd-resolve --status; the static routes appear to be dropped; =/ | 22:30 |
| blackboxsw | danmcd: I'd also be curious about the collect-logs barfs comment, as that script doesn't do much except tar files on the system and run journalctl | 22:30 |
| rharper | we'll need to refactor the network conversion to put the sdc:routes data under the network interfaces | 22:31 |
| blackboxsw | ahh but it definitely needs a fix for non-deb systems as it leverages dpkg-query | 22:31 |
| danmcd | it's missing routes... | 22:31 |
| danmcd | So do I need to do any more work in DataSourceSmartOS.py? Or is this a consumer-of-that's problem? | 22:31 |
| danmcd | blackboxsw: hang on... | 22:32 |
| danmcd | blackboxsw: https://gist.github.com/danmcd/577325259016909c33fd8e18f01cb1c2 | 22:32 |
| blackboxsw | ahh sudo cloud-init collect-logs danmcd | 22:33 |
| danmcd | DOH! | 22:33 |
| blackboxsw | the instance-data.json is protected root readonly | 22:33 |
| danmcd | silent. | 22:33 |
| blackboxsw | :) | 22:33 |
| rharper | danmcd: yes, we need to fix the converter to put the routes under the interface | 22:33 |
| danmcd | Phew! | 22:33 |
| rharper | danmcd: one sec, lemme paste | 22:33 |
| rharper | http://paste.ubuntu.com/p/ScdyqwMq6z/ | 22:34 |
| danmcd | I'm a newb in this arena, so thanks for your patience. | 22:34 |
| rharper | no worries, we'll file a bug and it should be an easy adjustment | 22:34 |
| rharper | with the change, then the netplan config file looks like this: http://paste.ubuntu.com/p/htRC3hcK5m/ | 22:34 |
| rharper | which will include the routes | 22:34 |
| danmcd | So what you pasted... that is something I'll have to fix. | 22:35 |
| rharper | danmcd: I'll file the bug, and we just need to stuff the sdc:routes data in a different location | 22:35 |
| blackboxsw | sorry danmcd on the silent run of collect-logs, smoser asked me to add a print saying 'Wrote cloud-init.tar.gz' in your cwd. | 22:35 |
| rharper | the subnet we generate, can accept a 'routes' array | 22:35 |
| danmcd | Since now I hang the routes as their own same-level-as-physical. But according to your pastebin, I'll have to put it inside the physical "object". | 22:35 |
| danmcd | right? | 22:35 |
| blackboxsw | I forgot to add that output to the collect-logs cmd. But anyway not a problem you care about at the moment | 22:36 |
| rharper | yeah, under the subnets for the interface | 22:36 |
| danmcd | Okay, so that is my problem. Since I'm fixing sdc:routes anyway. | 22:36 |
| danmcd | BTW, since sdc:routes is independent of interface, I'm going to have to collect them, and then hang them under all interfaces. | 22:36 |
| danmcd | Which shouldn't be a problem,. even for multi-homed? | 22:37 |
| rharper | yeah, we struggled with the routes | 22:37 |
| danmcd | Okay... | 22:37 |
| rharper | in a sense a route has to go out *one* interface | 22:37 |
| rharper | so, for the netplan format, the routes are stuffed under interfaces | 22:37 |
| danmcd | Oh, this is a netplan thing? | 22:37 |
| rharper | yeah, 17.10+ has netplan | 22:37 |
| danmcd | (Sorry, I come from the illumos TCP/IP stack...) | 22:37 |
| danmcd | Okay, I see. It'll be more challenging, but at least I understand WTF is going on now. You've been very helpful. Thanks for your time & patience. | 22:38 |
| rharper | np | 22:41 |
| papertigers | if we do this work for netplan, does that break anything below 17.10? | 23:15 |
| rharper | papertigers: no, v1 renders the global routes correctly already | 23:16 |
| rharper | 16.04 should work as-is with the config that danmcd posted in his gist | 23:16 |
| danmcd | I'm trying brute-force... putting it in both places. | 23:17 |
| danmcd | Isn't the idea it works in one form and deploys everywhere, though? | 23:17 |
| rharper | that may cause issues on 16.04 | 23:17 |
| rharper | yes, cloud-init converts the v1 into internal network state, then renders to the distro's format (eni, netplan or sysconfig) | 23:18 |
| papertigers | rharper: and my question earlier was basically after the yml file or interfaces file gets written out to disk on first boot it doesn't try to set things up again unless you run 'cloud-init clean'? | 23:18 |
| danmcd | So putting "routes" as a peer of "physical" should not be done? | 23:18 |
| rharper | what we're hitting is that netplan doesn't handle "global" static routes per the design choice that routes should be bound to at least one interface, since they have to egress one anyhow | 23:18 |
| rharper | papertigers: so on 17.10, after your first boot, run systemd-resolve --status | 23:19 |
| danmcd | That seems to be a problem beyond just DataSourceSmartOS, right? | 23:19 |
| rharper | you should see your DNS enatries there | 23:19 |
| papertigers | rharper: yeah I know that works. I am saying if the data in sdc:resolvers changes, cloud-init wont attempt to change that unless you run clean. Just want to confirm behavior | 23:20 |
| rharper | papertigers: cloud-init writes out either an eni on 16.04, or netplan on 17.10 before the "networking" layer starts, then ifupdown or networkd brings the config up | 23:20 |
| rharper | so you shouldn't need to do anything to have all of your network config applied | 23:20 |
| rharper | papertigers: yes, we don't yet have dynamic network config changes | 23:20 |
| rharper | that's something we're actively discussing | 23:21 |
| papertigers | cool, thanks. That would be super useful to us if the discussions is a matter of if and not when | 23:21 |
| rharper | https://hackmd.io/M1Tae41PQBC7a9qMsurTJw | 23:22 |
| rharper | that was one of the discussion we've had with the community | 23:22 |
| rharper | we're very interested in feedback , especially from datasource folks | 23:22 |
| rharper | papertigers: danmcd: I've got to step our for bit; feel free to leave comments, issues, I'll see them later tonight, and if not then tomorrow | 23:24 |
| danmcd | RIght now, I generate multiple "routes" entries. | 23:25 |
| danmcd | I'll find out the hard way if that's a real problem or not. | 23:25 |
| danmcd | Thanks rharper | 23:25 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!