Hi @seyeongkim, done, thanks ** Description changed:
+ [ Impact ] + + In the MAAS + iBFT + iSCSI boot scenario, firmware reports + iface.bootproto as STATIC. + + open-iscsi initramfs writes this as PROTO=static into + /run/net-<iface>.conf, but the initramfs netplan conversion path + expects static IPv4 to be represented as PROTO=none together with + the IPv4 address fields. As a result, /run/netplan/<iface>.yaml + may be generated without addresses, and cloud-init cannot reach + the MAAS datasource. + + This breaks MAAS boot and commissioning flows that rely on iscsi_auto + with static iBFT IPv4 networking. + + The proposed fix updates the open-iscsi initramfs iBFT handling so that + STATIC is mapped to PROTO=none for initramfs netplan rendering, while + preserving IPV4PROTO=static for consumers that need the static IPv4 + semantic. DHCP behavior is unchanged. + + [ Test Plan ] + + 1. Prepare a MAAS test environment with: + - one DHCP network for MAAS access + - one static IPv4 network for iBFT/iSCSI boot + + 2. Configure an iSCSI target and boot a node through iPXE with iBFT data + such that the iBFT NIC uses static IPv4 addressing. + + 3. Boot an unfixed system with iscsi_auto enabled and verify the failure: + - /run/netplan/<iface>.yaml lacks addresses + - cloud-init cannot obtain the MAAS datasource + - MAAS boot or commissioning does not proceed correctly + + 4. Install the proposed package and boot again with the same setup. + + 5. Verify the fixed behavior: + - /run/net-<iface>.conf contains PROTO='none' + - /run/net-<iface>.conf contains IPV4PROTO='static' + - /run/netplan/<iface>.yaml contains the expected static address + configuration + - cloud-init can reach the MAAS datasource + - the MAAS boot or commissioning flow succeeds + + 6. Regression-test the DHCP iBFT case and confirm DHCP behavior remains + unchanged. + + The original bug report also contains a reproducer and successful PR + testing output: https://paste.ubuntu.com/p/6PJ7pXh39v/ + + [ Where problems could occur ] + + The change is limited to the parsing of iface.bootproto in the + open-iscsi initramfs iBFT path. + + The main regression risk is that some existing consumer might have been + relying on PROTO=static in /run/net-<iface>.conf. This is mitigated by + preserving the static IPv4 semantic in IPV4PROTO=static, while using + PROTO=none only to satisfy the initramfs netplan conversion logic. + + The DHCP path is also touched, but only to record IPV4PROTO=dhcp + explicitly; DHCP boot behavior should remain unchanged. + + Unknown bootproto values continue to be passed through unchanged. + + No IPv6 behavior change is intended. + + [ Other Info ] + + The proposed change is limited to the open-iscsi initramfs iBFT parsing + path and implements the following logic: + - map STATIC to PROTO=none for initramfs netplan rendering + - preserve IPV4PROTO=static for consumers that need the original static + IPv4 semantic + + Original Bug Description Below + =========== + Problem description In the MAAS + iBFT + iSCSI boot scenario, iscsistart -f returns iface.bootproto = STATIC. In the current link, the netplan conversion of initramfs fails to generate a static address correctly for PROTO=static, resulting in /run/netplan/<iface>.yaml containing only nameserver and lacking addresses. Consequently, cloud-init cannot obtain the MAAS datasource. Reproducer 1, Create a common maas test env with two NICs, eth0(subnet=172.16.0.0/24) for DHCP and eth1(subnet=172.16.1.0/24) for - STATIC (For me ,it's a common libvirt+maas env, one reference - + STATIC (For me ,it's a common libvirt+maas env, one reference - https://github.com/pmatulis/maas-one , and I've set net.ipv4.ip_forward=1 on the host so 172.16.1.201 can access both subnets - 172.16.0.0/24 and 172.16.1.0/24) 2, Prepare a iscsi disk sudo apt install lvm2 -y sudo pvcreate /dev/sdb sudo vgcreate cinder-volumes /dev/sdb sudo lvcreate -L 30G -n lv-vm1 cinder-volumes sudo systemctl stop tgt && sudo systemctl disable tgt && sudo apt remove --purge tgt -y sudo apt install targetcli-fb -y sudo targetcli <<'EOF' /backstores/block create lv-vm1 /dev/cinder-volumes/lv-vm1 /iscsi create iqn.2017-02.com.quqi:storage /iscsi/iqn.2017-02.com.quqi:storage/tpg1/luns create /backstores/block/lv-vm1 /iscsi/iqn.2017-02.com.quqi:storage/tpg1 set attribute authentication=0 /iscsi/iqn.2017-02.com.quqi:storage/tpg1 set attribute demo_mode_write_protect=0 /iscsi/iqn.2017-02.com.quqi:storage/tpg1 set attribute generate_node_acls=0 /iscsi/iqn.2017-02.com.quqi:storage/tpg1/acls create iqn.2017-02.com.quqi:lv-vm1 saveconfig exit EOF 3, Configure libvirt for iBFT boot, disable net0, set a STATIC IP 172.16.1.201/24 for net1, and then chain to the MAAS iPXE URL. sudo virt-xml n1 --edit --boot \ kernel=/usr/lib/ipxe/ipxe.lkrn,\ kernel_args="ifclose net0 && ifclose net1 && set initiator-iqn iqn.2017-02.com.quqi:lv-vm1 && set net1/ip 172.16.1.201 && set net1/netmask 255.255.255.0 && set net1/gateway 172.16.1.1 && ifopen net1 && sanhook iscsi:172.16.1.1:::0:iqn.2017-02.com.quqi:storage && chain http://172.16.1.1:5248/ipxe.cfg-\${net1/mac} || shell" 4, Enable iscsi_auto from MAAS GUI: iscsi_auto break=init 5, Now /run/netplan/<iface>.yaml contains only nameserver and lacks addresses - https://paste.ubuntu.com/p/TCZr2tpFC7/ , We can also see this error in the virsh console. - [ 17.192905] cloud-init[827]: /run/netplan/enp2s0.yaml:4:12: Error in network definition: expected mapping (check indentation) - [ 17.196242] cloud-init[827]: enp2s0: + [ 17.192905] cloud-init[827]: /run/netplan/enp2s0.yaml:4:12: Error in network definition: expected mapping (check indentation) + [ 17.196242] cloud-init[827]: enp2s0: Proposed solution In the parsing of iBFT iface.bootproto: 1, DHCP is mapped to PROTO=dhcp, IPV4PROTO=dhcp. 2, STATIC is mapped to PROTO=none, IPV4PROTO=static 3, Other values remain transparently transmitted. This satisfies both: 1, The netplan conversion can correctly generate static addresses. 2, Consumers of dynamic-interfaces can still retain static semantics through IPV4PROTO. PR testing successful - https://paste.ubuntu.com/p/6PJ7pXh39v/ ** Summary changed: - open-iscsi initramfs: preserve static iBFT semantics while fixing netplan rendering for MAAS boot + [SRU] open-iscsi initramfs: preserve static iBFT semantics while fixing netplan rendering for MAAS boot ** Description changed: [ Impact ] In the MAAS + iBFT + iSCSI boot scenario, firmware reports iface.bootproto as STATIC. open-iscsi initramfs writes this as PROTO=static into /run/net-<iface>.conf, but the initramfs netplan conversion path expects static IPv4 to be represented as PROTO=none together with the IPv4 address fields. As a result, /run/netplan/<iface>.yaml may be generated without addresses, and cloud-init cannot reach the MAAS datasource. This breaks MAAS boot and commissioning flows that rely on iscsi_auto with static iBFT IPv4 networking. The proposed fix updates the open-iscsi initramfs iBFT handling so that STATIC is mapped to PROTO=none for initramfs netplan rendering, while preserving IPV4PROTO=static for consumers that need the static IPv4 semantic. DHCP behavior is unchanged. + [ Test Plan ] - 1. Prepare a MAAS test environment with: - - one DHCP network for MAAS access - - one static IPv4 network for iBFT/iSCSI boot + The original bug report below contains a reproducer and successful PR + testing output: https://paste.ubuntu.com/p/6PJ7pXh39v/ - 2. Configure an iSCSI target and boot a node through iPXE with iBFT data - such that the iBFT NIC uses static IPv4 addressing. - - 3. Boot an unfixed system with iscsi_auto enabled and verify the failure: - - /run/netplan/<iface>.yaml lacks addresses - - cloud-init cannot obtain the MAAS datasource - - MAAS boot or commissioning does not proceed correctly - - 4. Install the proposed package and boot again with the same setup. - - 5. Verify the fixed behavior: - - /run/net-<iface>.conf contains PROTO='none' - - /run/net-<iface>.conf contains IPV4PROTO='static' - - /run/netplan/<iface>.yaml contains the expected static address - configuration - - cloud-init can reach the MAAS datasource - - the MAAS boot or commissioning flow succeeds - - 6. Regression-test the DHCP iBFT case and confirm DHCP behavior remains - unchanged. - - The original bug report also contains a reproducer and successful PR - testing output: https://paste.ubuntu.com/p/6PJ7pXh39v/ [ Where problems could occur ] The change is limited to the parsing of iface.bootproto in the open-iscsi initramfs iBFT path. The main regression risk is that some existing consumer might have been relying on PROTO=static in /run/net-<iface>.conf. This is mitigated by preserving the static IPv4 semantic in IPV4PROTO=static, while using PROTO=none only to satisfy the initramfs netplan conversion logic. The DHCP path is also touched, but only to record IPV4PROTO=dhcp explicitly; DHCP boot behavior should remain unchanged. Unknown bootproto values continue to be passed through unchanged. No IPv6 behavior change is intended. + [ Other Info ] The proposed change is limited to the open-iscsi initramfs iBFT parsing path and implements the following logic: - map STATIC to PROTO=none for initramfs netplan rendering - preserve IPV4PROTO=static for consumers that need the original static - IPv4 semantic + IPv4 semantic Original Bug Description Below =========== Problem description In the MAAS + iBFT + iSCSI boot scenario, iscsistart -f returns iface.bootproto = STATIC. In the current link, the netplan conversion of initramfs fails to generate a static address correctly for PROTO=static, resulting in /run/netplan/<iface>.yaml containing only nameserver and lacking addresses. Consequently, cloud-init cannot obtain the MAAS datasource. Reproducer 1, Create a common maas test env with two NICs, eth0(subnet=172.16.0.0/24) for DHCP and eth1(subnet=172.16.1.0/24) for STATIC (For me ,it's a common libvirt+maas env, one reference - https://github.com/pmatulis/maas-one , and I've set net.ipv4.ip_forward=1 on the host so 172.16.1.201 can access both subnets - 172.16.0.0/24 and 172.16.1.0/24) 2, Prepare a iscsi disk sudo apt install lvm2 -y sudo pvcreate /dev/sdb sudo vgcreate cinder-volumes /dev/sdb sudo lvcreate -L 30G -n lv-vm1 cinder-volumes sudo systemctl stop tgt && sudo systemctl disable tgt && sudo apt remove --purge tgt -y sudo apt install targetcli-fb -y sudo targetcli <<'EOF' /backstores/block create lv-vm1 /dev/cinder-volumes/lv-vm1 /iscsi create iqn.2017-02.com.quqi:storage /iscsi/iqn.2017-02.com.quqi:storage/tpg1/luns create /backstores/block/lv-vm1 /iscsi/iqn.2017-02.com.quqi:storage/tpg1 set attribute authentication=0 /iscsi/iqn.2017-02.com.quqi:storage/tpg1 set attribute demo_mode_write_protect=0 /iscsi/iqn.2017-02.com.quqi:storage/tpg1 set attribute generate_node_acls=0 /iscsi/iqn.2017-02.com.quqi:storage/tpg1/acls create iqn.2017-02.com.quqi:lv-vm1 saveconfig exit EOF 3, Configure libvirt for iBFT boot, disable net0, set a STATIC IP 172.16.1.201/24 for net1, and then chain to the MAAS iPXE URL. sudo virt-xml n1 --edit --boot \ kernel=/usr/lib/ipxe/ipxe.lkrn,\ kernel_args="ifclose net0 && ifclose net1 && set initiator-iqn iqn.2017-02.com.quqi:lv-vm1 && set net1/ip 172.16.1.201 && set net1/netmask 255.255.255.0 && set net1/gateway 172.16.1.1 && ifopen net1 && sanhook iscsi:172.16.1.1:::0:iqn.2017-02.com.quqi:storage && chain http://172.16.1.1:5248/ipxe.cfg-\${net1/mac} || shell" 4, Enable iscsi_auto from MAAS GUI: iscsi_auto break=init 5, Now /run/netplan/<iface>.yaml contains only nameserver and lacks addresses - https://paste.ubuntu.com/p/TCZr2tpFC7/ , We can also see this error in the virsh console. [ 17.192905] cloud-init[827]: /run/netplan/enp2s0.yaml:4:12: Error in network definition: expected mapping (check indentation) [ 17.196242] cloud-init[827]: enp2s0: Proposed solution In the parsing of iBFT iface.bootproto: 1, DHCP is mapped to PROTO=dhcp, IPV4PROTO=dhcp. 2, STATIC is mapped to PROTO=none, IPV4PROTO=static 3, Other values remain transparently transmitted. This satisfies both: 1, The netplan conversion can correctly generate static addresses. 2, Consumers of dynamic-interfaces can still retain static semantics through IPV4PROTO. PR testing successful - https://paste.ubuntu.com/p/6PJ7pXh39v/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2147499 Title: [SRU] open-iscsi initramfs: preserve static iBFT semantics while fixing netplan rendering for MAAS boot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/open-iscsi/+bug/2147499/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
