1295489 – fusor-installer NTP check may leave system with a broken /etc/resolv.conf

Bug 1295489 - fusor-installer NTP check may leave system with a broken /etc/resolv.conf

Summary: fusor-installer NTP check may leave system with a broken /etc/resolv.conf

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Quickstart Cloud Installer
Classification:	Red Hat
Component:	fusor-installer
Sub Component:
Version:	1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	TP2
Target Release:	1.0
Assignee:	John Matthews
QA Contact:	Tasos Papaioannou
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	rhci-sprint-12
TreeView+	depends on / blocked

Reported:	2016-01-04 16:53 UTC by John Matthews
Modified:	2016-10-03 19:15 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-10-03 19:15:02 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description John Matthews 2016-01-04 16:53:27 UTC

Description of problem:

I ran into a situation where the NTP check in fusor-installer failed and my /etc/resolv.conf only contained entries for the Sat VM, therefore I couldn't resolve other addresses and install couldn't proceed.

It looks like we might be modifying /etc/resolv.conf then doing the NTP check, if it fails exiting with a busted /etc/resolv.conf

Version-Release number of selected component (if applicable):

rpm -qa | grep fusor-installer
fusor-installer-0.0.14-23.el7.noarch

How reproducible:

Steps to Reproduce:
1. New VM
2. Run fusor-installer
3. Enter bad info for NTP server
4. Agree to stop fusor-installer
5. Re-run fusor-installer
6. Enter a valid NTP host
7. See how it complains about NTP host can't be reached
8. Agree to stop fusor-installer

Look at /etc/resolv.conf

# cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
nameserver 192.168.52.10
nameserver 192.168.52.10

Issue is that the first run changes /etc/resolv.conf to:
nameserver 192.168.52.10
nameserver 192.168.121.1

2nd run changes to:
nameserver 192.168.52.10
nameserver 192.168.52.10

The removal of 192.168.121.1 for this case is what's breaking DNS resolution.

Actual results:

Example of /etc/resolv.conf prior to running fusor-installer:

cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
nameserver 192.168.121.1
search localhost

Run fusor-installer for first time

1. Proceed with the values shown
2. Network interface | eth1
3. IP address | 192.168.52.10
4. Hostname | sat61fusorjwm.example.com
5. Network mask | 255.255.255.0
6. Network address | 192.168.52.0
7. Host Gateway | 192.168.121.1
8. DHCP range start | 192.168.52.11
9. DHCP range end | 192.168.52.254
10. DHCP Gateway | 192.168.52.1
11. DNS forwarder | 192.168.121.1
12. Domain | example.com
13. Foreman URL | https://sat61fusorjwm.example.com
14. NTP sync host | foo.example.com
15. Timezone | UTC
16. BMC feature enabled | false
17. BMC default provider | ipmitool
18. Do not configure networking
19. Do not configure firewall
20. Cancel Installation
1
Starting networking setup
Networking setup has finished
WARNING!! - NTP sync host "foo.example.com" does not appear to be valid!
Do you want to continue anyway? [Yes/No]
no
Exiting installation!
Something went wrong! Check the log for ERROR-level output
The full log is at /var/log/katello-installer/katello-installer.log

real 0m42.417s
user 0m5.936s
sys 0m2.223s

# cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
nameserver 192.168.52.10
nameserver 192.168.121.1

(DNS Resolution still works after first run)

Re-run fusor-installer
1. Proceed with the values shown
2. Network interface | eth1
3. IP address | 192.168.52.10
4. Hostname | sat61fusorjwm.example.com
5. Network mask | 255.255.255.0
6. Network address | 192.168.52.0
7. Host Gateway | 192.168.121.1
8. DHCP range start | 192.168.52.11
9. DHCP range end | 192.168.52.254
10. DHCP Gateway | 192.168.52.10
11. DNS forwarder | 192.168.52.10
12. Domain | example.com
13. Foreman URL | https://sat61fusorjwm.example.com
14. NTP sync host | 0.rhel.pool.ntp.org
15. Timezone | UTC
16. BMC feature enabled | false
17. BMC default provider | ipmitool
18. Do not configure networking
19. Do not configure firewall
20. Cancel Installation
1
Starting networking setup
Networking setup has finished
WARNING!! - NTP sync host "0.rhel.pool.ntp.org" does not appear to be valid!
Do you want to continue anyway? [Yes/No]
no
Exiting installation!
Something went wrong! Check the log for ERROR-level output
The full log is at /var/log/katello-installer/katello-installer.log

# cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
nameserver 192.168.52.10
nameserver 192.168.52.10

DNS resolution is now broken since we removed the entry for the external resolver.

Comment 1 Jason Montleon 2016-01-18 17:54:32 UTC

https://github.com/fusor/fusor-installer/pull/41

When you boot with dhcp you'll have one or more nameservers in your resolv.conf. We detect these and offer the first one as a forwarder for your installation.

On the first run then you'll have the RHCI server and this forwarder set as your nameservers in the ifcfg-eth file and the resolv.conf will be updated when the interface comes uo.

If you cancel the install because of a bad ntp server or rerun the install for any other reason the first nameserver, the rhci server now, is offered as the forwarder. If you accept this setting you now have the RHCI server set as both your first and second DNS server. This is particularly problematic if the installation has not finished yet and you don't have a local DNS server running.

This PR just ensures we don't offer the RHCI servers address as a forwarder.

Comment 2 Tasos Papaioannou 2016-01-23 01:27:46 UTC

VERIFIED on RHCI-6.0-RHEL-7-20160118.t.1.

Note You need to log in before you can comment on or make changes to this bug.