Skip to content

mgr/cephadm: use real IP as host.addr whenever possible#41483

Merged
liewegas merged 7 commits intoceph:masterfrom
liewegas:cephadm-ips
May 27, 2021
Merged

mgr/cephadm: use real IP as host.addr whenever possible#41483
liewegas merged 7 commits intoceph:masterfrom
liewegas:cephadm-ips

Conversation

@liewegas
Copy link
Member

@liewegas liewegas commented May 21, 2021
edited
Loading

  • When adding a host, resolve the IP, and store that.
  • When we need an IP address, resolve host.addr, not the bare hostname.

Any reliance on DNS or /etc/hosts is fraught:

  • it introduces an external source of failure
  • an external change in DNS does not magically work as ceph configs will need to be adjusted anyway
  • /etc/hosts can vary between hosts
  • docker and podman treatment of /etc/hosts is confusing and inconsistent and may (1) prevent socket.getfqdn() from returning a hostname instead of the container name in the case of podman, or (2) cause socket.getaddrinfo() to return 127.0.1.1 instead of a usable IP address

Instead, use our own known IP addresses wherever possible.

NOTE: This PR does not remove the --no-hosts flag to podman because without it podman insists on adding an entry for the hostname and container name with 127.0.0.1. Mostly that doesn't matter, except that other modules may--and mgr/nfs does--use resolve_ip to look up the IP of a hostname. Docker does not fuss with /etc/hosts by default so this is not a problem. Unfortunately, there is no way to make podman behave the same way--pass the host's /etc/hosts through unmolested without adding magic entries to it. This may have some effect on an upgraded octopus cephadm cluster that relied heavily on /etc/hosts, but that should be a very rare case, and such clusters are already broken with the current pacific release.

TODO:

  • resolve existing host.addr fields to an IP address on upgrade

@liewegas liewegas requested a review from a team as a code owner May 21, 2021 17:35
@liewegas liewegas force-pushed the cephadm-ips branch 2 times, most recently from 1844b1b to 64dcd5f Compare May 21, 2021 17:55
sebastian-philipp
sebastian-philipp suggested changes May 25, 2021
View reviewed changes
@liewegas liewegas mentioned this pull request May 25, 2021
Closed
3 tasks
@liewegas liewegas requested a review from a team as a code owner May 25, 2021 20:15
@liewegas liewegas requested review from Waadkh7 and pereman2 and removed request for a team May 25, 2021 20:15
@liewegas liewegas force-pushed the cephadm-ips branch 4 times, most recently from 471cfc9 to 8ae97e6 Compare May 26, 2021 15:42
@liewegas
Copy link
Member Author

liewegas commented May 26, 2021

https://pulpito.ceph.com/sage-2021-05-26_15:41:15-orch-wip-sage-testing-2021-05-26-0842-distro-basic-smithi/

@liewegas
Copy link
Member Author

liewegas commented May 26, 2021

jenkins test api

@liewegas
mgr/cephadm: resolve IP at 'orch host add' time
3587a10 
We prefer to always have a real IP for hosts in the cluster.  This avoids
a reliance on DNS for most operations.

Perhaps more importantly, it means we are less sensitive to inconsistent
host lookup results, for example due to (1) mismatched /etc/hosts files
between machines, or (2) a lookup of the local hostname that returns
127.0.1.1.

Adjust with_hosts() fixture to take an addr, and adjust tests accordingly.

Signed-off-by: Sage Weil <sage@newdream.net>
@github-actions github-actions bot added the nfs label May 26, 2021
@sebastian-philipp
Copy link
Contributor

sebastian-philipp commented May 27, 2021

fixes: https://tracker.ceph.com/issues/49654

liewegas added 6 commits May 27, 2021 12:00
@liewegas
mgr/cephadm: use known host addr
9008800 
If the host IP/addr is known, use that.  The addr might even be a FQDN
instead of an IP address, in which case we want to look that up instead
of the bare hostname.

Signed-off-by: Sage Weil <sage@newdream.net>
@liewegas
doc/cephadm: remove any reference to the use of DNS or /etc/hosts
872668a 
Signed-off-by: Sage Weil <sage@newdream.net>
@liewegas
mgr/dashboard,prometheus: new method of getting mgr IP
157a7b4 
- Use a centralized method get_mgr_ip()
- Look up the hostname via DNS.  This is a bit more reliable than
getfqdn() since it will work even when podman adds the container
name to /etc/hosts.

Signed-off-by: Sage Weil <sage@newdream.net>
@liewegas
mgr/cephadm: convert host addr if non-IP to IP
781bfa1 
Previously we allowed the host.addr to be a DNS name (short or fqdn).
This is problematic because of the inconsistent way that docker and podman
handle /etc/hosts, and undesirable because relying on external DNS is
an external source of failure for the cluster without any benefit in
return (simply updating DNS is not sufficient to make ceph behave).

So: update any non-IP to an IP as soon as we start up (presumably on
upgrade).  If we get a loopback address (127.0.0.1 or 127.0.1.1), then
wait and hope that the next instance of the manager has better luck.

Signed-off-by: Sage Weil <sage@newdream.net>
@liewegas
mgr/nfs: use host.addr for backend IP where possible
7e9f4ac 
Signed-off-by: Sage Weil <sage@newdream.net>
@liewegas
cephadm: stop passing --no-hosts to podman
d1bb94b 
This reverts cfc1f91, which is no longer
neceesary because (1) we don't use socket.getfqdn(), and (2) we generally
do not rely on DNS or /etc/hosts at all anymore (with the exception of
the upgrade transition).

Signed-off-by: Sage Weil <sage@newdream.net>
sebastian-philipp
sebastian-philipp approved these changes May 27, 2021
View reviewed changes
Copy link
Contributor

@sebastian-philipp sebastian-philipp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@liewegas liewegas merged commit 1f30c01 into ceph:master May 27, 2021
@liewegas liewegas mentioned this pull request Jun 4, 2021
Merged
@sebastian-philipp
Copy link
Contributor

sebastian-philipp commented Aug 16, 2021

follow-up #42793

@jmolmo jmolmo mentioned this pull request Sep 9, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pereman2 pereman2 Awaiting requested review from pereman2

@Waadkh7 Waadkh7 Awaiting requested review from Waadkh7

1 more reviewer

@sebastian-philipp sebastian-philipp sebastian-philipp approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

cephadm dashboard documentation mgr nfs orchestrator pybind wip-sage4-testing wip-sage-testing

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@liewegas @sebastian-philipp