Description of problem: Multiple <host> entries with different IPs and the same hostname are useful for round-robin DNS. For example, the new OpenShift installer uses multiple <host> entries for {cluster-name}-api to distribute Kubernetes control-plane traffic among the available masters. Initially, that list of masters includes the bootstrap node, but once the cluster comes up, we're removing that node, and want to also remove the bootstrap entry from Version-Release number of selected component (if applicable): libvirt master v4.9.0-15-gda4b0fd9d3cdd117427e7e1981e8639bc859e844 (but it's 2012 code, so many past releases as well). How reproducible: $ cat <<EOF >net.xml > <network> > <name>wking</name> > <uuid>7fdec6e3-a7c2-42f9-9e8a-8f75e96e876b</uuid> > <forward mode='nat'> > <nat> > <port start='1024' end='65535'/> > </nat> > </forward> > <bridge name='tt0' stp='on' delay='0'/> > <mac address='52:54:00:67:a8:30'/> > <domain name='installer.testing' localOnly='yes'/> > <ip family='ipv4' address='192.168.126.1' prefix='24'/> > </network> > EOF $ virsh -c qemu:///system net-create net.xml Network wking created from net.xml $ virsh -c qemu+tcp:///system net-update wking add dns-host '<host ip="192.168.126.10"><hostname>wking-api</hostname></host>' Updated network wking live state $ virsh -c qemu+tcp:///system net-update wking add dns-host '<host ip="192.168.126.11"><hostname>wking-api</hostname></host>' error: Failed to update network wking error: Requested operation is not valid: there is already at least one DNS HOST record with a matching field in network wking $ virsh -c qemu+tcp:///system version Compiled against library: libvirt 3.9.0 Using library: libvirt 3.9.0 Using API: QEMU 3.9.0 Running hypervisor: QEMU 2.9.0 Actual results: The "there is already at least one DNS HOST record with a matching field in network wking" error above. Expected results: Another "Updated network wking live state" success. Additional info: I've filed a patch for this in [2], but thought I'd file in Bugzilla to to help folks trying to track the patch (which may go through several versions on the list). [1]: https://github.com/openshift/installer/blob/8ef57585ccc79b3ac54da7f0757593d4c6a54e70/data/data/libvirt/main.tf#L93-L102 [2]: https://www.redhat.com/archives/libvir-list/2018-November/msg00231.html
Now ran into this bug, when trying [1]. I read the mailing-list thread mentioned above, and IMO the correct behavior should be to have the code doing verification on 'net-update' behave similarly (or just use same code if possible, didn't check) to the code verifying content on creation. Creation definitely allows more than one entry with the same name. Also: It might make sense, when taking decisions on DNS level (and not about libvirt specifics) to let the DNS server decide - if dnsmasq accepts some change, perhaps just allow it, and not add libvirt-specific restrictions. [1] https://gerrit.ovirt.org/c/ovirt-system-tests/+/114423
Thank you for reporting this issue to the libvirt project. Unfortunately we have been unable to resolve this issue due to insufficient maintainer capacity and it will now be closed. This is not a reflection on the possible validity of the issue, merely the lack of resources to investigate and address it, for which we apologise. If you none the less feel the issue is still important, you may choose to report it again at the new project issue tracker https://gitlab.com/libvirt/libvirt/-/issues The project also welcomes contribution from anyone who believes they can provide a solution.