MAAS

Merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1 into lp:maas/2.1

  1. ip-allocation-from-incorrect-range--bug-1677507--2.1
  2. Merge into 2.1
Proposed by Mike Pontillo
Status: Merged
Approved by: Mike Pontillo
Approved revision: no longer in the source branch.
Merged at revision: 5598
Proposed branch: lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1
Merge into: lp:maas/2.1
Diff against target: 71 lines (+37/-2)
3 files modified
docs/changelog.rst (+9/-0)
src/maasserver/models/subnet.py (+11/-2)
src/maasserver/models/tests/test_subnet.py (+17/-0)
To merge this branch: bzr merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1
Reviewer Review Type Date Requested Status
Mike Pontillo (community) Approve
Review via email: mp+321472@code.launchpad.net

Commit message

Don't allow allocation of least-recently-used discoveries if they occur in a reserved range.

 * Merges revision 5887 from trunk to fix bug #1677507.

To post a comment you must log in.
Revision history for this message
Mike Pontillo (mpontillo) wrote :

Rejecting temporarily to remove test case for feature that didn't exist in MAAS 2.1.

Revision history for this message
Mike Pontillo (mpontillo) wrote :

Self-approve backport.

review: Approve
Revision history for this message
MAAS Lander (maas-lander) wrote :
Download full text (169.0 KiB)

The attempt to merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1 into lp:maas/2.1 failed. Below is the output from the failed tests.

Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Hit:2 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial InRelease
Get:3 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:4 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Fetched 306 kB in 0s (780 kB/s)
Reading package lists...
sudo DEBIAN_FRONTEND=noninteractive apt-get -y \
    --no-install-recommends install apache2 archdetect-deb authbind avahi-utils bash bind9 bind9utils build-essential bzr bzr-builddeb chromium-browser chromium-chromedriver curl daemontools debhelper dh-apport dh-systemd distro-info dnsutils firefox freeipmi-tools git gjs ipython isc-dhcp-common isc-dhcp-server libjs-angularjs libjs-jquery libjs-jquery-hotkeys libjs-yui3-full libjs-yui3-min libpq-dev make nodejs-legacy npm postgresql pxelinux python3-all python3-apt python3-attr python3-bson python3-convoy python3-crochet python3-cssselect python3-curtin python3-dev python3-distro-info python3-django python3-django-nose python3-django-piston3 python3-dnspython python3-docutils python3-formencode python3-hivex python3-httplib2 python3-jinja2 python3-jsonschema python3-lxml python3-netaddr python3-netifaces python3-novaclient python3-oauth python3-oauthlib python3-openssl python3-paramiko python3-petname python3-pexpect python3-psycopg2 python3-pyinotify python3-pyparsing python3-pyvmomi python3-requests python3-seamicroclient python3-setuptools python3-simplestreams python3-sphinx python3-tempita python3-twisted python3-txtftp python3-tz python3-yaml python3-zope.interface python-bson python-crochet python-django python-django-piston python-djorm-ext-pgarray python-formencode python-lxml python-netaddr python-netifaces python-pocket-lint python-psycopg2 python-simplejson python-tempita python-twisted python-yaml socat syslinux-common tgt ubuntu-cloudimage-keyring wget xvfb
Reading package lists...
Building dependency tree...
Reading state information...
distro-info is already the newest version (0.14build1).
distro-info set to manually installed.
git is already the newest version (1:2.7.4-0ubuntu1).
libjs-jquery is already the newest version (1.11.3+dfsg-4).
libjs-jquery set to manually installed.
make is already the newest version (4.1-6).
python-simplejson is already the newest version (3.8.1-1ubuntu2).
python-simplejson set to manually installed.
python-yaml is already the newest version (3.11-3build1).
python3-apt is already the newest version (1.1.0~beta1build1).
python3-jinja2 is already the newest version (2.8-1).
python3-oauthlib is already the newest version (1.0.3-1).
python3-requests is already the newest version (2.9.1-3).
python3-yaml is already the newest version (3.11-3build1).
ubuntu-cloudimage-keyring is already the newest version (2013.11.11).
bash is already the newest version (4.3-14ubuntu1.1).
bzr is already the newest version (2.7.0-2ubuntu3).
curl is already the newest version (7.47.0-1ubuntu2.2).
dnsutils is alr...

Revision history for this message
MAAS Lander (maas-lander) wrote :
Download full text (14.0 KiB)

The attempt to merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1 into lp:maas/2.1 failed. Below is the output from the failed tests.

Hit:1 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial InRelease
Get:2 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Get:3 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:4 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Fetched 306 kB in 0s (684 kB/s)
Reading package lists...
sudo DEBIAN_FRONTEND=noninteractive apt-get -y \
    --no-install-recommends install apache2 archdetect-deb authbind avahi-utils bash bind9 bind9utils build-essential bzr bzr-builddeb chromium-browser chromium-chromedriver curl daemontools debhelper dh-apport dh-systemd distro-info dnsutils firefox freeipmi-tools git gjs ipython isc-dhcp-common isc-dhcp-server libjs-angularjs libjs-jquery libjs-jquery-hotkeys libjs-yui3-full libjs-yui3-min libpq-dev make nodejs-legacy npm postgresql pxelinux python3-all python3-apt python3-attr python3-bson python3-convoy python3-crochet python3-cssselect python3-curtin python3-dev python3-distro-info python3-django python3-django-nose python3-django-piston3 python3-dnspython python3-docutils python3-formencode python3-hivex python3-httplib2 python3-jinja2 python3-jsonschema python3-lxml python3-netaddr python3-netifaces python3-novaclient python3-oauth python3-oauthlib python3-openssl python3-paramiko python3-petname python3-pexpect python3-psycopg2 python3-pyinotify python3-pyparsing python3-pyvmomi python3-requests python3-seamicroclient python3-setuptools python3-simplestreams python3-sphinx python3-tempita python3-twisted python3-txtftp python3-tz python3-yaml python3-zope.interface python-bson python-crochet python-django python-django-piston python-djorm-ext-pgarray python-formencode python-lxml python-netaddr python-netifaces python-pocket-lint python-psycopg2 python-simplejson python-tempita python-twisted python-yaml socat syslinux-common tgt ubuntu-cloudimage-keyring wget xvfb
Reading package lists...
Building dependency tree...
Reading state information...
authbind is already the newest version (2.1.1+nmu1).
avahi-utils is already the newest version (0.6.32~rc+dfsg-1ubuntu2).
build-essential is already the newest version (12.1ubuntu2).
debhelper is already the newest version (9.20160115ubuntu3).
distro-info is already the newest version (0.14build1).
git is already the newest version (1:2.7.4-0ubuntu1).
libjs-angularjs is already the newest version (1.2.28-1ubuntu2).
libjs-jquery is already the newest version (1.11.3+dfsg-4).
libjs-yui3-full is already the newest version (3.5.1-1ubuntu3).
libjs-yui3-min is already the newest version (3.5.1-1ubuntu3).
make is already the newest version (4.1-6).
postgresql is already the newest version (9.5+173).
pxelinux is already the newest version (3:6.03+dfsg-11ubuntu1).
python-formencode is already the newest version (1.3.0-0ubuntu5).
python-lxml is already the newest version (3.5.0-1build1).
python-netaddr is already the newest version (0.7.18-1).
python-netifaces is already the newest version (0.10....

Revision history for this message
MAAS Lander (maas-lander) wrote :
Download full text (13.1 KiB)

The attempt to merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1 into lp:maas/2.1 failed. Below is the output from the failed tests.

Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Hit:2 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial InRelease
Get:3 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:4 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Fetched 306 kB in 0s (697 kB/s)
Reading package lists...
sudo DEBIAN_FRONTEND=noninteractive apt-get -y \
    --no-install-recommends install apache2 archdetect-deb authbind avahi-utils bash bind9 bind9utils build-essential bzr bzr-builddeb chromium-browser chromium-chromedriver curl daemontools debhelper dh-apport dh-systemd distro-info dnsutils firefox freeipmi-tools git gjs ipython isc-dhcp-common isc-dhcp-server libjs-angularjs libjs-jquery libjs-jquery-hotkeys libjs-yui3-full libjs-yui3-min libpq-dev make nodejs-legacy npm postgresql pxelinux python3-all python3-apt python3-attr python3-bson python3-convoy python3-crochet python3-cssselect python3-curtin python3-dev python3-distro-info python3-django python3-django-nose python3-django-piston3 python3-dnspython python3-docutils python3-formencode python3-hivex python3-httplib2 python3-jinja2 python3-jsonschema python3-lxml python3-netaddr python3-netifaces python3-novaclient python3-oauth python3-oauthlib python3-openssl python3-paramiko python3-petname python3-pexpect python3-psycopg2 python3-pyinotify python3-pyparsing python3-pyvmomi python3-requests python3-seamicroclient python3-setuptools python3-simplestreams python3-sphinx python3-tempita python3-twisted python3-txtftp python3-tz python3-yaml python3-zope.interface python-bson python-crochet python-django python-django-piston python-djorm-ext-pgarray python-formencode python-lxml python-netaddr python-netifaces python-pocket-lint python-psycopg2 python-simplejson python-tempita python-twisted python-yaml socat syslinux-common tgt ubuntu-cloudimage-keyring wget xvfb
Reading package lists...
Building dependency tree...
Reading state information...
authbind is already the newest version (2.1.1+nmu1).
avahi-utils is already the newest version (0.6.32~rc+dfsg-1ubuntu2).
build-essential is already the newest version (12.1ubuntu2).
debhelper is already the newest version (9.20160115ubuntu3).
distro-info is already the newest version (0.14build1).
git is already the newest version (1:2.7.4-0ubuntu1).
libjs-angularjs is already the newest version (1.2.28-1ubuntu2).
libjs-jquery is already the newest version (1.11.3+dfsg-4).
libjs-yui3-full is already the newest version (3.5.1-1ubuntu3).
libjs-yui3-min is already the newest version (3.5.1-1ubuntu3).
make is already the newest version (4.1-6).
postgresql is already the newest version (9.5+173).
pxelinux is already the newest version (3:6.03+dfsg-11ubuntu1).
python-formencode is already the newest version (1.3.0-0ubuntu5).
python-lxml is already the newest version (3.5.0-1build1).
python-netaddr is already the newest version (0.7.18-1).
python-netifaces is already the newest version (0.10....

Revision history for this message
MAAS Lander (maas-lander) wrote :
Download full text (14.1 KiB)

The attempt to merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1 into lp:maas/2.1 failed. Below is the output from the failed tests.

Hit:1 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial InRelease
Get:2 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:3 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Get:4 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Fetched 306 kB in 0s (695 kB/s)
Reading package lists...
sudo DEBIAN_FRONTEND=noninteractive apt-get -y \
    --no-install-recommends install apache2 archdetect-deb authbind avahi-utils bash bind9 bind9utils build-essential bzr bzr-builddeb chromium-browser chromium-chromedriver curl daemontools debhelper dh-apport dh-systemd distro-info dnsutils firefox freeipmi-tools git gjs ipython isc-dhcp-common isc-dhcp-server libjs-angularjs libjs-jquery libjs-jquery-hotkeys libjs-yui3-full libjs-yui3-min libpq-dev make nodejs-legacy npm postgresql pxelinux python3-all python3-apt python3-attr python3-bson python3-convoy python3-crochet python3-cssselect python3-curtin python3-dev python3-distro-info python3-django python3-django-nose python3-django-piston3 python3-dnspython python3-docutils python3-formencode python3-hivex python3-httplib2 python3-jinja2 python3-jsonschema python3-lxml python3-netaddr python3-netifaces python3-novaclient python3-oauth python3-oauthlib python3-openssl python3-paramiko python3-petname python3-pexpect python3-psycopg2 python3-pyinotify python3-pyparsing python3-pyvmomi python3-requests python3-seamicroclient python3-setuptools python3-simplestreams python3-sphinx python3-tempita python3-twisted python3-txtftp python3-tz python3-yaml python3-zope.interface python-bson python-crochet python-django python-django-piston python-djorm-ext-pgarray python-formencode python-lxml python-netaddr python-netifaces python-pocket-lint python-psycopg2 python-simplejson python-tempita python-twisted python-yaml socat syslinux-common tgt ubuntu-cloudimage-keyring wget xvfb
Reading package lists...
Building dependency tree...
Reading state information...
authbind is already the newest version (2.1.1+nmu1).
avahi-utils is already the newest version (0.6.32~rc+dfsg-1ubuntu2).
build-essential is already the newest version (12.1ubuntu2).
debhelper is already the newest version (9.20160115ubuntu3).
distro-info is already the newest version (0.14build1).
git is already the newest version (1:2.7.4-0ubuntu1).
libjs-angularjs is already the newest version (1.2.28-1ubuntu2).
libjs-jquery is already the newest version (1.11.3+dfsg-4).
libjs-yui3-full is already the newest version (3.5.1-1ubuntu3).
libjs-yui3-min is already the newest version (3.5.1-1ubuntu3).
make is already the newest version (4.1-6).
postgresql is already the newest version (9.5+173).
pxelinux is already the newest version (3:6.03+dfsg-11ubuntu1).
python-formencode is already the newest version (1.3.0-0ubuntu5).
python-lxml is already the newest version (3.5.0-1build1).
python-netaddr is already the newest version (0.7.18-1).
python-netifaces is already the newest version (0.10....

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'docs/changelog.rst'
2--- docs/changelog.rst 2017-03-23 12:20:26 +0000
3+++ docs/changelog.rst 2017-03-30 17:25:45 +0000
4@@ -2,6 +2,15 @@
5 Changelog
6 =========
7
8+2.1.6
9+=====
10+
11+Bugs fixed in this release
12+--------------------------
13+
14+LP: ##1677507 Fix potential IP allocation from incorrect range.
15+
16+
17 2.1.5
18 =====
19
20
21=== modified file 'src/maasserver/models/subnet.py'
22--- src/maasserver/models/subnet.py 2017-02-17 05:34:56 +0000
23+++ src/maasserver/models/subnet.py 2017-03-30 17:25:45 +0000
24@@ -593,8 +593,17 @@
25 """
26 # Circular imports.
27 from maasserver.models import Discovery
28- return Discovery.objects.filter(
29- subnet=self).by_unknown_ip().order_by('last_seen').first()
30+ # Note: for the purposes of this function, being in part of a "used"
31+ # range (such as a router IP address or reserved range) makes it
32+ # "known". So we need to avoid those here in order to avoid stepping
33+ # on network infrastructure, reserved ranges, etc.
34+ unused = self.get_ipranges_not_in_use(ignore_discovered_ips=True)
35+ least_recent_neighbours = Discovery.objects.filter(
36+ subnet=self).by_unknown_ip().order_by('last_seen')
37+ for neighbor in least_recent_neighbours:
38+ if neighbor.ip in unused:
39+ return neighbor
40+ return None
41
42 def get_iprange_usage(self, with_neighbours=False) -> MAASIPSet:
43 """Returns both the reserved and unreserved IP ranges in this Subnet.
44
45=== modified file 'src/maasserver/models/tests/test_subnet.py'
46--- src/maasserver/models/tests/test_subnet.py 2017-02-17 05:34:56 +0000
47+++ src/maasserver/models/tests/test_subnet.py 2017-03-30 17:25:45 +0000
48@@ -919,6 +919,23 @@
49 discovery = subnet.get_least_recently_seen_unknown_neighbour()
50 self.assertThat(discovery.ip, Equals("10.0.0.2"))
51
52+ def test__returns_least_recently_seen_neighbour_excludes_in_use(self):
53+ # Note: 10.0.0.0/30 --> 10.0.0.1 and 10.0.0.0.2 are usable.
54+ subnet = factory.make_Subnet(
55+ cidr="10.0.0.0/30", gateway_ip=None, dns_servers=None)
56+ rackif = factory.make_Interface(vlan=subnet.vlan)
57+ now = datetime.now()
58+ yesterday = now - timedelta(days=1)
59+ factory.make_Discovery(
60+ ip="10.0.0.1", interface=rackif, updated=now)
61+ factory.make_Discovery(
62+ ip="10.0.0.2", interface=rackif, updated=yesterday)
63+ factory.make_IPRange(
64+ subnet, start_ip="10.0.0.2", end_ip="10.0.0.2",
65+ type=IPRANGE_TYPE.RESERVED)
66+ discovery = subnet.get_least_recently_seen_unknown_neighbour()
67+ self.assertThat(discovery.ip, Equals("10.0.0.1"))
68+
69 def test__returns_none_if_no_neighbours(self):
70 # Note: 10.0.0.0/30 --> 10.0.0.1 and 10.0.0.0.2 are usable.
71 subnet = factory.make_Subnet(

Subscribers

People subscribed via source and target branches

to all changes: