Bug 1568151 - resolv.conf contains nameserver 192.168.122.1 on rhel7.5 [osp12]
Summary: resolv.conf contains nameserver 192.168.122.1 on rhel7.5 [osp12]
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: rhosp-director-images
Version: 12.0 (Pike)
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: z3
: 12.0 (Pike)
Assignee: Alex Schultz
QA Contact: Artem Hrechanychenko
URL:
Whiteboard:
: 1582083 (view as bug list)
Depends On: 1545842 1582083
Blocks: 1592575 1592576 1592577 1592578 1673164
TreeView+ depends on / blocked
 
Reported: 2018-04-16 20:50 UTC by Alex Schultz
Modified: 2019-02-06 19:55 UTC (History)
17 users (show)

Fixed In Version: openstack-tripleo-puppet-elements-7.0.5-2.el7ost openstack-tripleo-common-7.6.9-8.el7ost rhosp-director-images-12.0-20180621.2.el7ost
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1545842
: 1592575 1592576 1592577 1592578 (view as bug list)
Environment:
Last Closed: 2018-09-26 17:42:29 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Launchpad 1749756 None None None 2018-04-16 20:50:25 UTC
OpenStack gerrit 546310 None MERGED Create element to purge resolv.conf 2020-06-11 20:51:40 UTC
OpenStack gerrit 546311 None MERGED Purge resolv.conf from the overcloud images 2020-06-11 20:51:40 UTC
Red Hat Product Errata RHBA-2018:2513 None None None 2018-08-20 12:52:42 UTC

Description Alex Schultz 2018-04-16 20:50:26 UTC
+++ This bug was initially created as a clone of Bug #1545842 +++

Problem:
There is a 5 second delay when sshing to overcloud nodes due to resolv.conf containing nameserver 192.168.122.1 which is not valid for the deployment. This can cause issues when deploying as it adds delays when trying to perform some deployment actions.

Cause:
This delay stems from a change to the way ifup-post was updated for RHEL7.5 in which the nameservers from the overcloud images are no longer being cleared out.

See https://bugzilla.redhat.com/show_bug.cgi?id=1543580#c15

Possible fix:
Remove nameserver 192.168.122.1 from the shipped overcloud images.


--- Additional comment from Uemit Seren on 2018-04-16 11:00:59 EDT ---

This also affects OSP12 deployments. 
Will new overcloud images with clean resolve.conf be released for OSP12 ?

--- Additional comment from Alex Schultz on 2018-04-16 16:48:29 EDT ---

It was backported upstream. I'll create a bug to check for 12.

Comment 3 Alex Schultz 2018-05-24 15:14:55 UTC
*** Bug 1582083 has been marked as a duplicate of this bug. ***

Comment 5 Alex Schultz 2018-06-25 17:01:20 UTC
To verify this you can run:

guestfish -a overcloud-full.qcow2 run : mount /dev/sda / : cat /etc/resolv.conf

It should not have any nameserver entries

Comment 9 Artem Hrechanychenko 2018-07-04 15:57:46 UTC
VERIFIED

openstack-tripleo-puppet-elements-7.0.7-1.el7ost.noarch
openstack-tripleo-common-7.6.13-1.el7ost.noarch
rhosp-director-images-12.0-20180625.1.el7ost.noarch

[stack@undercloud-0 ~]$ source stackrc 
(undercloud) [stack@undercloud-0 ~]$ nova list
/usr/lib/python2.7/site-packages/requests/packages/urllib3/connection.py:344: SubjectAltNameWarning: Certificate for 192.168.24.2 has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/shazow/urllib3/issues/497 for details.)
  SubjectAltNameWarning
/usr/lib/python2.7/site-packages/requests/packages/urllib3/connection.py:344: SubjectAltNameWarning: Certificate for 192.168.24.2 has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/shazow/urllib3/issues/497 for details.)
  SubjectAltNameWarning
+--------------------------------------+--------------+--------+------------+-------------+------------------------+
| ID                                   | Name         | Status | Task State | Power State | Networks               |
+--------------------------------------+--------------+--------+------------+-------------+------------------------+
| a2e2fa26-544c-4e5f-96c3-8f70c9a51fa2 | ceph-0       | ACTIVE | -          | Running     | ctlplane=192.168.24.19 |
| 92133581-e686-4f13-a7b6-cbe0ae5486bd | ceph-1       | ACTIVE | -          | Running     | ctlplane=192.168.24.17 |
| 6c5a38d5-8df6-466e-b88f-87f55b477d98 | ceph-2       | ACTIVE | -          | Running     | ctlplane=192.168.24.6  |
| e66b9cf3-491e-4e29-8c65-17450a313bd9 | compute-0    | ACTIVE | -          | Running     | ctlplane=192.168.24.13 |
| 119e0f0d-f40a-4906-a4ec-89cdcfc3d2fc | compute-1    | ACTIVE | -          | Running     | ctlplane=192.168.24.11 |
| 0fffd103-00c1-407f-b567-b52e074b4193 | compute-2    | ACTIVE | -          | Running     | ctlplane=192.168.24.10 |
| 6676eaeb-29d6-464a-96e9-e472c33db813 | controller-0 | ACTIVE | -          | Running     | ctlplane=192.168.24.21 |
| 9754ef35-0800-4910-b532-eb380ff776f1 | controller-1 | ACTIVE | -          | Running     | ctlplane=192.168.24.18 |
| 30ecb969-0133-4b3b-9ea7-79718a38356e | controller-2 | ACTIVE | -          | Running     | ctlplane=192.168.24.22 |
+--------------------------------------+--------------+--------+------------+-------------+------------------------+
(undercloud) [stack@undercloud-0 ~]$ ssh heat-admin@192.168.24.19
The authenticity of host '192.168.24.19 (192.168.24.19)' can't be established.
ECDSA key fingerprint is SHA256:KUdFWxq5GeMHImhUIsH7MANlvpVyu+jMiNtGT1nicn4.
ECDSA key fingerprint is MD5:b3:b4:e7:e1:a7:a2:0d:08:d3:f5:3c:23:1c:f4:29:dd.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.24.19' (ECDSA) to the list of known hosts.
[heat-admin@ceph-0 ~]$ cat /etc/resolv.conf 
# Generated by NetworkManager
nameserver 10.0.0.1
[heat-admin@ceph-0 ~]$ exit
logout
Connection to 192.168.24.19 closed.
(undercloud) [stack@undercloud-0 ~]$ ssh heat-admin@192.168.24.22
The authenticity of host '192.168.24.22 (192.168.24.22)' can't be established.
ECDSA key fingerprint is SHA256:dEbinF1id93m6PwIOYrYZ8TR389PxTzHfaU9sCA0XBs.
ECDSA key fingerprint is MD5:3b:ca:91:7f:11:b2:6e:03:2f:22:bf:33:30:91:69:86.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.24.22' (ECDSA) to the list of known hosts.
[heat-admin@controller-2 ~]$ cat /etc/resolv.conf 
# Generated by NetworkManager
nameserver 10.0.0.1
[heat-admin@controller-2 ~]$ exit
logout
Connection to 192.168.24.22 closed.
(undercloud) [stack@undercloud-0 ~]$ ssh heat-admin@192.168.24.10
The authenticity of host '192.168.24.10 (192.168.24.10)' can't be established.
ECDSA key fingerprint is SHA256:4z/E4IBDSTasbfXs1bXjoC58alCcNMM/x+Dpic2GZtw.
ECDSA key fingerprint is MD5:85:26:dd:1e:18:00:30:17:8f:d5:74:44:cf:9c:2e:fc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.24.10' (ECDSA) to the list of known hosts.
[heat-admin@compute-2 ~]$ cat /etc/resolv.conf 
# Generated by NetworkManager
nameserver 10.0.0.1
[heat-admin@compute-2 ~]$ exit
logout
Connection to 192.168.24.10 closed.
(undercloud) [stack@undercloud-0 ~]$

Comment 12 errata-xmlrpc 2018-08-20 12:52:21 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:2513


Note You need to log in before you can comment on or make changes to this bug.