yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #79969
[Bug 1581977] Re: Invalid input for dns_name when spawning instance with .number at the end
Through the use of invalid hostnames it is currently possible to
deactivate individual nova-compute services.
We use the release Rocky on an environment. If we start an instance with
an invalid hostname, the nova-compute service detects this and throws an
exception.
The builder failure weigher (activated by default) blocks the nova-
compute service from further instances. You have to restart the nova-
compute service or explicitly start an instance on this node for the
service to work again.
In other words, it is possible that an unprivileged user blocks an
internal component due to an incorrect input. In principle you can
deactivate whole environments with it.
We have now temporarily solved this problem by setting
build_failure_weight_multiplier to 0.
However, we think that invalid names should already be identified by the
API when creating the instance and should not lead to unwanted behavior
within the environment. Therefore we open this report again.
** Changed in: nova
Status: Invalid => New
** Information type changed from Public to Private Security
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1581977
Title:
Invalid input for dns_name when spawning instance with .number at the
end
Status in OpenStack Compute (nova):
New
Bug description:
When attempting to deploy an instance with a name which ends in dot
<number> (e.g. .123, as in an all-numeric TLD) or simply a name that,
after conversion to dns_name, ends as .<number>, nova conductor fails
with the following error:
2016-05-15 13:15:04.824 ERROR nova.scheduler.utils [req-4ce865cd-e75b-
4de8-889a-ed7fc7fece18 admin demo] [instance:
c4333432-f0f8-4413-82e8-7f12cdf3b5c8] Error from last host:
silpixa00394065 (node silpixa00394065): [u'Traceback (most recent call
last):\n', u' File "/opt/stack/nova/nova/compute/manager.py", line
1926, in _do_build_and_run_instance\n filter_properties)\n', u'
File "/opt/stack/nova/nova/compute/manager.py", line 2116, in
_build_and_run_instance\n instance_uuid=instance.uuid,
reason=six.text_type(e))\n', u"RescheduledException: Build of instance
c4333432-f0f8-4413-82e8-7f12cdf3b5c8 was re-scheduled: Invalid input
for dns_name. Reason: 'networking-ovn-ubuntu-16.04' not a valid PQDN
or FQDN. Reason: TLD '04' must not be all numeric.\nNeutron server
returns request_ids: ['req-7317c3e3-2875-4073-8076-40e944845b69']\n"]
This throws one instance of the infamous Horizon message: Error: No
valid host was found. There are not enough hosts available.
This issue was observed using stable/mitaka via DevStack (nova commit fb3f1706c68ea5b58f05ea810c6339f2449959de).
In the above example, the instance name is "networking-ovn (Ubuntu
16.04)", which resulted in an attempted dns_name="networking-ovn-
ubuntu-16.04", where the 04 was interpreted as a TLD and,
consequently, an invalid TLD.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1581977/+subscriptions
References