Bug 1647211 - Network update does not support adding multiple IPs with a common hostname
Summary: Network update does not support adding multiple IPs with a common hostname
Keywords:
Status: NEW
Alias: None
Product: Virtualization Tools
Classification: Community
Component: libvirt
Version: unspecified
Hardware: All
OS: All
unspecified
high
Target Milestone: ---
Assignee: Libvirt Maintainers
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-11-06 21:17 UTC by W. Trevor King
Modified: 2021-05-05 09:50 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description W. Trevor King 2018-11-06 21:17:33 UTC 
Description of problem:

Multiple <host> entries with different IPs and the same hostname are useful for round-robin DNS.  For example, the new OpenShift installer uses multiple <host> entries for {cluster-name}-api to distribute Kubernetes control-plane traffic among the available masters.  Initially, that list of masters includes the bootstrap node, but once the cluster comes up, we're removing that node, and want to also remove the bootstrap entry from 

Version-Release number of selected component (if applicable):

libvirt master v4.9.0-15-gda4b0fd9d3cdd117427e7e1981e8639bc859e844 (but it's 2012 code, so many past releases as well).

How reproducible:

$ cat <<EOF >net.xml
> <network>
>   <name>wking</name>
>   <uuid>7fdec6e3-a7c2-42f9-9e8a-8f75e96e876b</uuid>
>   <forward mode='nat'>
>     <nat>
>       <port start='1024' end='65535'/>
>     </nat>
>   </forward>
>   <bridge name='tt0' stp='on' delay='0'/>
>   <mac address='52:54:00:67:a8:30'/>
>   <domain name='installer.testing' localOnly='yes'/>
>   <ip family='ipv4' address='192.168.126.1' prefix='24'/>
> </network>
> EOF
$ virsh -c qemu:///system net-create net.xml
Network wking created from net.xml

$ virsh -c qemu+tcp:///system net-update wking add dns-host '<host ip="192.168.126.10"><hostname>wking-api</hostname></host>'
Updated network wking live state
$ virsh -c qemu+tcp:///system net-update wking add dns-host '<host ip="192.168.126.11"><hostname>wking-api</hostname></host>'
error: Failed to update network wking
error: Requested operation is not valid: there is already at least one DNS HOST record with a matching field in network wking

$ virsh -c qemu+tcp:///system version
Compiled against library: libvirt 3.9.0
Using library: libvirt 3.9.0
Using API: QEMU 3.9.0
Running hypervisor: QEMU 2.9.0

Actual results:

The "there is already at least one DNS HOST record with a matching field in network wking" error above.

Expected results:

Another "Updated network wking live state" success.

Additional info:

I've filed a patch for this in [2], but thought I'd file in Bugzilla to to help folks trying to track the patch (which may go through several versions on the list).

[1]: https://github.com/openshift/installer/blob/8ef57585ccc79b3ac54da7f0757593d4c6a54e70/data/data/libvirt/main.tf#L93-L102
[2]: https://www.redhat.com/archives/libvir-list/2018-November/msg00231.html
Comment 1 Yedidyah Bar David 2021-05-05 09:50:58 UTC 
Now ran into this bug, when trying [1].

I read the mailing-list thread mentioned above, and IMO the correct behavior should be to have the code doing verification on 'net-update' behave similarly (or just use same code if possible, didn't check) to the code verifying content on creation. Creation definitely allows more than one entry with the same name.

Also: It might make sense, when taking decisions on DNS level (and not about libvirt specifics) to let the DNS server decide - if dnsmasq accepts some change, perhaps just allow it, and not add libvirt-specific restrictions.

[1] https://gerrit.ovirt.org/c/ovirt-system-tests/+/114423
Note You need to log in before you can comment on or make changes to this bug.