** Description changed: === Begin SRU Information === [Impact] - * If a user launches an cloud-image in an environment where the DNS - server does DNS redirection (also known as DNS hijacking), then the - system will configure itself to use a mirror at - http://ubuntu-mirror/ubuntu . + * If a user launches an cloud-image in an environment where the DNS + server does DNS redirection (also known as DNS hijacking), then the + system will configure itself to use a mirror at + http://ubuntu-mirror/ubuntu . - This behavior was by design in cloud-init. It was intended to allow - a cloud provider to set up a mirror at 'ubuntu-mirror' and have - cloud-init select the mirror transparently. However, this causes - failure if dns hijacking ins being used. + This behavior was by design in cloud-init. It was intended to allow + a cloud provider to set up a mirror at 'ubuntu-mirror' and have + cloud-init select the mirror transparently. However, this causes + failure if dns hijacking ins being used. - * The fix is two fold: - a.) cloud-init's code that checks for DNS entries is now protected - by logic that detects the dns hijacking and does not consider - such entries as valid. - b.) the selection of the "search dns for 'ubuntu-mirror'" behavior - has been disabled by default. + * The fix is two fold: + a.) cloud-init's code that checks for DNS entries is now protected + by logic that detects the dns hijacking and does not consider + such entries as valid. + b.) the selection of the "search dns for 'ubuntu-mirror'" behavior + has been disabled by default. [Test Case] - * download cloud image from cloud-images.ubuntu.com, and convert for use - $ url="http://cloud-images.ubuntu.com/server/releases/precise/release-20121026.1/"; - $ wget "$url/ubuntu-12.04-server-cloudimg-i386-disk1.img" -O disk.img.orig - $ qemu-img convert -O raw disk.img.orig disk.raw.dist + * download cloud image from cloud-images.ubuntu.com, and convert for use + $ url="http://cloud-images.ubuntu.com/server/releases/precise/release-20121026.1/"; + $ wget "$url/ubuntu-12.04-server-cloudimg-i386-disk1.img" -O disk.img.orig + $ qemu-img convert -O raw disk.img.orig disk.raw.dist - * have *some* way to add 'ubuntu-mirror' to the dns for kvm guests (or - just have a service provider that uses dns hijacking) + * have *some* way to add 'ubuntu-mirror' to the dns for kvm guests (or + just have a service provider that uses dns hijacking) - I used dnsmasq on a server system, and can control this by adding entries - to /etc/hosts. You need to be able to configure your system such - that 'host ubuntu-mirror' returns something: - $ host ubuntu-mirror - ubuntu-mirror has address 192.168.1.1 + I used dnsmasq on a server system, and can control this by adding entries + to /etc/hosts. You need to be able to configure your system such + that 'host ubuntu-mirror' returns something: + $ host ubuntu-mirror + ubuntu-mirror has address 192.168.1.1 - * boot kvm guest (cloud-localds from 12.10 cloud-utils) - $ qemu-img create -f qcow2 disk.img disk.raw.dist - # this user-data just sets password so you can log in - $ cat user-data.txt - #cloud-config - password: passw0rd - chpasswd: { expire: False } - ssh_pwauth: True + * boot kvm guest (cloud-localds from 12.10 cloud-utils) + $ qemu-img create -f qcow2 -b disk.raw.dist disk.img + # this user-data just sets password so you can log in + $ cat user-data.txt + #cloud-config + password: passw0rd + chpasswd: { expire: False } + ssh_pwauth: True - $ cloud-localds seed.img user-data.txt - $ kvm -m 512 -curses -drive file=seed.img,if=virtio \ - -drive file=disk.img,if=virtio + $ cloud-localds seed.img user-data.txt + $ kvm -m 512 -curses -drive file=seed.img,if=virtio \ + -drive file=disk.img,if=virtio - * login and see problem. - looking at sources.list will show 'ubuntu-mirror' entry + * login and see problem. + looking at sources.list will show 'ubuntu-mirror' entry [Regression Potential] - * A regression is possible due to this designed change in behavior. If - someone was expecting the 'ubuntu-mirror' mirror to be automatically - located they will subsequently have to take different means to - accomplish this. That can be either: - a.) modifying the image to set 'apt_mirror_search_dns: true' - b.) doing 'a' through user-data user-data - * The change made in quantal was tested for regression as described in - comment 5 below. + * A regression is possible due to this designed change in behavior. If + someone was expecting the 'ubuntu-mirror' mirror to be automatically + located they will subsequently have to take different means to + accomplish this. That can be either: + a.) modifying the image to set 'apt_mirror_search_dns: true' + b.) doing 'a' through user-data user-data + * The change made in quantal was tested for regression as described in + comment 5 below. [Other Info] - * The changes here also enable 2 other fixes - * allowing region/availability-zone to be part of mirror (bug 1037727) - * making mirror selection arch aware (bug #1028501) + * The changes here also enable 2 other fixes + * allowing region/availability-zone to be part of mirror (bug 1037727) + * making mirror selection arch aware (bug #1028501) === End SRU Information === - === original bug report === Hi, I have Rogers as an ISP in the great white north, and use their DNS servers. However they run DNS redirectors so that when you get a bad domain then it does bogus things to the hostname. Anyways this resolves in unresovalble hosts in my /etc/apt/sources.list when Im running an openstack instance. ubuntu@server-5:/var/log$ host nov.ec2.archive.ubuntu.com nov.ec2.archive.ubuntu.com has address 8.15.7.107 nov.ec2.archive.ubuntu.com has address 63.251.179.17 Host nov.ec2.archive.ubuntu.com not found: 3(NXDOMAIN) Host nov.ec2.archive.ubuntu.com not found: 3(NXDOMAIN) The console output is the following: http://paste.ubuntu.com/916324/ If you have any questions please let me know. Regards chuck
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to cloud-init in Ubuntu. https://bugs.launchpad.net/bugs/974509 Title: cloud-init selects wrong mirror with dns server redirection To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-init/+bug/974509/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
