← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #86249

[Bug 1922530] Re: Docs do not list necessary ports for cloud-init

  Thread PreviousDate PreviousThread Next 
[Expired for cloud-init because there has been no activity for 60 days.]

** Changed in: cloud-init
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1922530

Title:
  Docs do not list necessary ports for cloud-init

Status in cloud-init:
  Expired

Bug description:
  Hi Everyone,

  We are renting an Ubuntu 20 VM from IONOS. The VM is a webserver with
  LAMP stack and a wiki. The machine has an external IPv4 address, but
  no external IPv6 address. There's not much to it.

  I'm trying to clamp the machine down using iptables. The initial
  iptables was empty. I added some INPUT chain rules to allow SSH (22),
  DHCP (68), HTTP (80), and HTTPS (443). The machine booted fine.

  When I added a DROP rule at the end the machine took about 2:00
  minutes to boot. After the 2 minute delay the machine was fine.

  Most of the time during the long boot was spent in cloud-init.service.

  # iptable rule that causes the 2 minute boot
  # tail -n 3 /etc/iptables/rules.v4
  -A INPUT -j DROP
  COMMIT

  # systemd-analyze critical-chain
  The time when unit became active or started is printed after the "@" character.
  The time the unit took to start is printed after the "+" character.

  graphical.target @2min 9.162s
  └─multi-user.target @2min 9.162s
    └─apache2.service @2min 2.715s +6.446s
      └─basic.target @2min 2.704s
        └─sockets.target @2min 2.703s
          └─uuidd.socket @2min 2.702s
            └─sysinit.target @2min 2.686s
              └─cloud-init.service @11.358s +1min 51.325s
                └─networking.service @6.079s +5.275s
                  └─network-pre.target @6.071s
                    └─cloud-init-local.service @3.401s +2.668s
                      └─open-vm-tools.service @3.391s
                        └─vgauth.service @3.376s
                          └─systemd-tmpfiles-setup.service @3.214s +88ms
                            └─local-fs.target @3.141s
                              └─boot.mount @3.099s +41ms
                                └─systemd-fsck@dev-disk-by\x2duuid-0905f2a6\x2d8b>
                                  └─dev-disk-by\x2duuid-0905f2a6\x2d8b1e\x2d438d\>

  
  I assume cloud-init needs to listen for something since adding the DROP affects the boot time.

  I went to lookup the port numbers used by cloud-init, but I could not
  find them. The docs I found are at
  https://cloudinit.readthedocs.io/en/latest/.

  My request is, please document the ports needed by cloud-init.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1922530/+subscriptions

References

  Thread PreviousDate PreviousThread Next