1568151 – resolv.conf contains nameserver 192.168.122.1 on rhel7.5 [osp12]

Bug 1568151 - resolv.conf contains nameserver 192.168.122.1 on rhel7.5 [osp12]

Summary: resolv.conf contains nameserver 192.168.122.1 on rhel7.5 [osp12]

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	rhosp-director-images
Sub Component:
Version:	12.0 (Pike)
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	z3
Target Release:	12.0 (Pike)
Assignee:	Alex Schultz
QA Contact:	Artem Hrechanychenko
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1582083 (view as bug list)
Depends On:	1545842 1582083
Blocks:	1592575 1592576 1592577 1592578 1673164
TreeView+	depends on / blocked

Reported:	2018-04-16 20:50 UTC by Alex Schultz
Modified:	2021-12-10 16:05 UTC (History)
CC List:	17 users (show)
Fixed In Version:	openstack-tripleo-puppet-elements-7.0.5-2.el7ost openstack-tripleo-common-7.6.9-8.el7ost rhosp-director-images-12.0-20180621.2.el7ost
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	1545842
Clones:	1592575 1592576 1592577 1592578 (view as bug list)
Environment:
Last Closed:	2018-09-26 17:42:29 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Launchpad	1749756	None	None	None	2018-04-16 20:50:25 UTC
OpenStack gerrit	546310	None	MERGED	Create element to purge resolv.conf	2020-06-11 20:51:40 UTC
OpenStack gerrit	546311	None	MERGED	Purge resolv.conf from the overcloud images	2020-06-11 20:51:40 UTC
Red Hat Issue Tracker	OSP-8943	None	None	None	2021-12-10 16:05:00 UTC
Red Hat Product Errata	RHBA-2018:2513	None	None	None	2018-08-20 12:52:42 UTC

Description Alex Schultz 2018-04-16 20:50:26 UTC

+++ This bug was initially created as a clone of Bug #1545842 +++

Problem:
There is a 5 second delay when sshing to overcloud nodes due to resolv.conf containing nameserver 192.168.122.1 which is not valid for the deployment. This can cause issues when deploying as it adds delays when trying to perform some deployment actions.

Cause:
This delay stems from a change to the way ifup-post was updated for RHEL7.5 in which the nameservers from the overcloud images are no longer being cleared out.

See https://bugzilla.redhat.com/show_bug.cgi?id=1543580#c15

Possible fix:
Remove nameserver 192.168.122.1 from the shipped overcloud images.


--- Additional comment from Uemit Seren on 2018-04-16 11:00:59 EDT ---

This also affects OSP12 deployments. 
Will new overcloud images with clean resolve.conf be released for OSP12 ?

--- Additional comment from Alex Schultz on 2018-04-16 16:48:29 EDT ---

It was backported upstream. I'll create a bug to check for 12.

Comment 3 Alex Schultz 2018-05-24 15:14:55 UTC

*** Bug 1582083 has been marked as a duplicate of this bug. ***

Comment 5 Alex Schultz 2018-06-25 17:01:20 UTC

To verify this you can run:

guestfish -a overcloud-full.qcow2 run : mount /dev/sda / : cat /etc/resolv.conf

It should not have any nameserver entries

Comment 9 Artem Hrechanychenko 2018-07-04 15:57:46 UTC

VERIFIED

openstack-tripleo-puppet-elements-7.0.7-1.el7ost.noarch
openstack-tripleo-common-7.6.13-1.el7ost.noarch
rhosp-director-images-12.0-20180625.1.el7ost.noarch

[stack@undercloud-0 ~]$ source stackrc 
(undercloud) [stack@undercloud-0 ~]$ nova list
/usr/lib/python2.7/site-packages/requests/packages/urllib3/connection.py:344: SubjectAltNameWarning: Certificate for 192.168.24.2 has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/shazow/urllib3/issues/497 for details.)
  SubjectAltNameWarning
/usr/lib/python2.7/site-packages/requests/packages/urllib3/connection.py:344: SubjectAltNameWarning: Certificate for 192.168.24.2 has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/shazow/urllib3/issues/497 for details.)
  SubjectAltNameWarning
+--------------------------------------+--------------+--------+------------+-------------+------------------------+
| ID                                   | Name         | Status | Task State | Power State | Networks               |
+--------------------------------------+--------------+--------+------------+-------------+------------------------+
| a2e2fa26-544c-4e5f-96c3-8f70c9a51fa2 | ceph-0       | ACTIVE | -          | Running     | ctlplane=192.168.24.19 |
| 92133581-e686-4f13-a7b6-cbe0ae5486bd | ceph-1       | ACTIVE | -          | Running     | ctlplane=192.168.24.17 |
| 6c5a38d5-8df6-466e-b88f-87f55b477d98 | ceph-2       | ACTIVE | -          | Running     | ctlplane=192.168.24.6  |
| e66b9cf3-491e-4e29-8c65-17450a313bd9 | compute-0    | ACTIVE | -          | Running     | ctlplane=192.168.24.13 |
| 119e0f0d-f40a-4906-a4ec-89cdcfc3d2fc | compute-1    | ACTIVE | -          | Running     | ctlplane=192.168.24.11 |
| 0fffd103-00c1-407f-b567-b52e074b4193 | compute-2    | ACTIVE | -          | Running     | ctlplane=192.168.24.10 |
| 6676eaeb-29d6-464a-96e9-e472c33db813 | controller-0 | ACTIVE | -          | Running     | ctlplane=192.168.24.21 |
| 9754ef35-0800-4910-b532-eb380ff776f1 | controller-1 | ACTIVE | -          | Running     | ctlplane=192.168.24.18 |
| 30ecb969-0133-4b3b-9ea7-79718a38356e | controller-2 | ACTIVE | -          | Running     | ctlplane=192.168.24.22 |
+--------------------------------------+--------------+--------+------------+-------------+------------------------+
(undercloud) [stack@undercloud-0 ~]$ ssh heat-admin.24.19
The authenticity of host '192.168.24.19 (192.168.24.19)' can't be established.
ECDSA key fingerprint is SHA256:KUdFWxq5GeMHImhUIsH7MANlvpVyu+jMiNtGT1nicn4.
ECDSA key fingerprint is MD5:b3:b4:e7:e1:a7:a2:0d:08:d3:f5:3c:23:1c:f4:29:dd.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.24.19' (ECDSA) to the list of known hosts.
[heat-admin@ceph-0 ~]$ cat /etc/resolv.conf 
# Generated by NetworkManager
nameserver 10.0.0.1
[heat-admin@ceph-0 ~]$ exit
logout
Connection to 192.168.24.19 closed.
(undercloud) [stack@undercloud-0 ~]$ ssh heat-admin.24.22
The authenticity of host '192.168.24.22 (192.168.24.22)' can't be established.
ECDSA key fingerprint is SHA256:dEbinF1id93m6PwIOYrYZ8TR389PxTzHfaU9sCA0XBs.
ECDSA key fingerprint is MD5:3b:ca:91:7f:11:b2:6e:03:2f:22:bf:33:30:91:69:86.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.24.22' (ECDSA) to the list of known hosts.
[heat-admin@controller-2 ~]$ cat /etc/resolv.conf 
# Generated by NetworkManager
nameserver 10.0.0.1
[heat-admin@controller-2 ~]$ exit
logout
Connection to 192.168.24.22 closed.
(undercloud) [stack@undercloud-0 ~]$ ssh heat-admin.24.10
The authenticity of host '192.168.24.10 (192.168.24.10)' can't be established.
ECDSA key fingerprint is SHA256:4z/E4IBDSTasbfXs1bXjoC58alCcNMM/x+Dpic2GZtw.
ECDSA key fingerprint is MD5:85:26:dd:1e:18:00:30:17:8f:d5:74:44:cf:9c:2e:fc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.24.10' (ECDSA) to the list of known hosts.
[heat-admin@compute-2 ~]$ cat /etc/resolv.conf 
# Generated by NetworkManager
nameserver 10.0.0.1
[heat-admin@compute-2 ~]$ exit
logout
Connection to 192.168.24.10 closed.
(undercloud) [stack@undercloud-0 ~]$

Comment 12 errata-xmlrpc 2018-08-20 12:52:21 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:2513

Note You need to log in before you can comment on or make changes to this bug.