Bug #3625
closed
It is not possible to add several nodes sharing the same IP from their private network interface
Description
There is already a node with IP '169.254.254.1' or '169.254.254.2' in database. You can not add it again.
Multiple servers have that ip adresses, used for DRDB. However, they have also a public address. Now I can't add these two nodes to Rudder, which is a serious problem.
Updated by Dennis Cabooter over 11 years ago
There is no way to see if an ip-address is local. E.G.
server1 : 10.0.0.2 and 169.254.254.1 server2 : 10.0.0.3 and 169.254.254.2 server3 : 10.0.0.4 and 169.254.254.1 Server4 : 10.0.0.5 and 169.254.254.2
Proposal: Use something that is really unique, like a mac address. :)
Updated by Vincent MEMBRÉ over 11 years ago
This bug happens in 2.4 too.
We forbid all nodes to share any ip addresses.
We should only forbid the ip duplication in the authorized networks.
Updated by Vincent MEMBRÉ over 11 years ago
- Priority changed from N/A to 1 (highest)
- Target version changed from 2.6.2 to 2.4.6
Updated by François ARMAND over 11 years ago
- Project changed from 24 to Rudder
- Category set to Web - Nodes & inventories
- Assignee set to François ARMAND
Vincent proposal seems good: we can't accept two nodes with the same IP used to talk with the CFEngine server, because it needs to resolv the name of the machine to know if it is authorised to connect. Before that check, errors ensued because of CFEngine trying to resolve VM names based on these IP, and that didn't work (for several flavors of work: either we not always get the same authorized machine, or none, or only one).
The main use case was to forbid easy error with clones of VM, where several VM may have the same IP.
Updated by Dennis Cabooter over 11 years ago
How can I add these two nodes now? They ip addresses talking to the outside are unique. The peer-to-peer addresses talking internally DRBD aren't. I don't want to change the internal DRBD addresses, because the machines are in production.
Updated by François ARMAND over 11 years ago
- Status changed from New to Pending technical review
- Assignee changed from François ARMAND to Nicolas CHARLES
Pull request here: https://github.com/Normation/rudder/pull/224
Updated by François ARMAND over 11 years ago
- Pull Request set to https://github.com/Normation/rudder/pull/224
Dennis Cabooter wrote:
How can I add these two nodes now? They ip addresses talking to the outside are unique. The peer-to-peer addresses talking internally DRBD aren't. I don't want to change the internal DRBD addresses, because the machines are in production.
I have a very hacky solution: with the LDAP browser, go to "Pending Inventories -> Nodes", and for each node, remove the faulty "ipHostNumber" value (the local one). That will allows to accept the nodes. Then, on the next inventories, the IP will be restaured (but as the nodes are already accepted, that won't matter).
And the bug will be in the next 2.6, probably really soon published.
Updated by François ARMAND over 11 years ago
- Status changed from Pending technical review to Pending release
- % Done changed from 0 to 100
Applied in changeset cf00eba3d9537e8cb312138af24115be34b6bdf6.
Updated by Nicolas CHARLES over 11 years ago
Applied in changeset 4e9c32152c325f3b40a40de40be4c22406938ab2.
Updated by Nicolas PERRON over 11 years ago
- Subject changed from There is already a node with IP '169.254.254.1' or '169.254.254.2' in database. You can not add it again. to It is not possible to add several nodes sharing the same IP from their private network interface
Updated by Nicolas PERRON over 11 years ago
- Status changed from Pending release to Released