Bug 1295489 - fusor-installer NTP check may leave system with a broken /etc/resolv.conf
fusor-installer NTP check may leave system with a broken /etc/resolv.conf
Status: CLOSED CURRENTRELEASE
Product: Red Hat Quickstart Cloud Installer
Classification: Red Hat
Component: fusor-installer (Show other bugs)
1.0
Unspecified Unspecified
unspecified Severity medium
: TP2
: 1.0
Assigned To: John Matthews
Tasos Papaioannou
: Triaged
Depends On:
Blocks: rhci-sprint-12
  Show dependency treegraph
 
Reported: 2016-01-04 11:53 EST by John Matthews
Modified: 2016-10-03 15:15 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-10-03 15:15:02 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description John Matthews 2016-01-04 11:53:27 EST
Description of problem:

I ran into a situation where the NTP check in fusor-installer failed and my /etc/resolv.conf only contained entries for the Sat VM, therefore I couldn't resolve other addresses and install couldn't proceed.

It looks like we might be modifying /etc/resolv.conf then doing the NTP check, if it fails exiting with a busted /etc/resolv.conf




Version-Release number of selected component (if applicable):

rpm -qa | grep fusor-installer
fusor-installer-0.0.14-23.el7.noarch

How reproducible:


Steps to Reproduce:
1. New VM
2. Run fusor-installer
3. Enter bad info for NTP server
4. Agree to stop fusor-installer
5. Re-run fusor-installer
6. Enter a valid NTP host
7. See how it complains about NTP host can't be reached
8. Agree to stop fusor-installer

Look at /etc/resolv.conf

# cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
nameserver 192.168.52.10
nameserver 192.168.52.10



Issue is that the first run changes /etc/resolv.conf to:
 nameserver 192.168.52.10
 nameserver 192.168.121.1

2nd run changes to:
 nameserver 192.168.52.10
 nameserver 192.168.52.10

The removal of 192.168.121.1 for this case is what's breaking DNS resolution.


Actual results:

Example of /etc/resolv.conf prior to running fusor-installer:

cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
nameserver 192.168.121.1
search localhost


Run fusor-installer for first time

1.      Proceed with the values shown
2.           Network interface | eth1
3.                  IP address | 192.168.52.10
4.                    Hostname | sat61fusorjwm.example.com
5.                Network mask | 255.255.255.0
6.             Network address | 192.168.52.0
7.                Host Gateway | 192.168.121.1
8.            DHCP range start | 192.168.52.11
9.              DHCP range end | 192.168.52.254
10.               DHCP Gateway | 192.168.52.1
11.              DNS forwarder | 192.168.121.1
12.                     Domain | example.com
13.                Foreman URL | https://sat61fusorjwm.example.com
14.              NTP sync host | foo.example.com
15.                   Timezone | UTC
16.        BMC feature enabled | false
17.       BMC default provider | ipmitool
18. Do not configure networking
19. Do not configure firewall
20. Cancel Installation
1
Starting networking setup
Networking setup has finished
WARNING!! - NTP sync host "foo.example.com" does not appear to be valid!
Do you want to continue anyway? [Yes/No]
no
Exiting installation!
  Something went wrong! Check the log for ERROR-level output
  The full log is at /var/log/katello-installer/katello-installer.log

real    0m42.417s
user    0m5.936s
sys     0m2.223s

# cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
nameserver 192.168.52.10
nameserver 192.168.121.1

(DNS Resolution still works after first run)


Re-run fusor-installer
1.      Proceed with the values shown
2.           Network interface | eth1
3.                  IP address | 192.168.52.10
4.                    Hostname | sat61fusorjwm.example.com
5.                Network mask | 255.255.255.0
6.             Network address | 192.168.52.0
7.                Host Gateway | 192.168.121.1
8.            DHCP range start | 192.168.52.11
9.              DHCP range end | 192.168.52.254
10.               DHCP Gateway | 192.168.52.10
11.              DNS forwarder | 192.168.52.10
12.                     Domain | example.com
13.                Foreman URL | https://sat61fusorjwm.example.com
14.              NTP sync host | 0.rhel.pool.ntp.org
15.                   Timezone | UTC
16.        BMC feature enabled | false
17.       BMC default provider | ipmitool
18. Do not configure networking
19. Do not configure firewall
20. Cancel Installation
1
Starting networking setup
Networking setup has finished
WARNING!! - NTP sync host "0.rhel.pool.ntp.org" does not appear to be valid!
Do you want to continue anyway? [Yes/No]
no
Exiting installation!
  Something went wrong! Check the log for ERROR-level output
  The full log is at /var/log/katello-installer/katello-installer.log

# cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
nameserver 192.168.52.10
nameserver 192.168.52.10


DNS resolution is now broken since we removed the entry for the external resolver.
Comment 1 Jason Montleon 2016-01-18 12:54:32 EST
https://github.com/fusor/fusor-installer/pull/41

When you boot with dhcp you'll have one or more nameservers in your resolv.conf. We detect these and offer the first one as a forwarder for your installation.

On the first run then you'll have the RHCI server and this forwarder set as your nameservers in the ifcfg-eth file and the resolv.conf will be updated when the interface comes uo.

If you cancel the install because of a bad ntp server or rerun the install for any other reason the first nameserver, the rhci server now, is offered as the forwarder. If you accept this setting you now have the RHCI server set as both your first and second DNS server. This is particularly problematic if the installation has not finished yet and you don't have a local DNS server running.

This PR just ensures we don't offer the RHCI servers address as a forwarder.
Comment 2 Tasos Papaioannou 2016-01-22 20:27:46 EST
VERIFIED on RHCI-6.0-RHEL-7-20160118.t.1.

Note You need to log in before you can comment on or make changes to this bug.