MAAS

Merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1 into lp:maas/2.1

  1. ip-allocation-from-incorrect-range--bug-1677507--2.1
  2. Merge into 2.1
Proposed by Mike Pontillo
Status: Merged
Approved by: Mike Pontillo
Approved revision: no longer in the source branch.
Merged at revision: 5598
Proposed branch: lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1
Merge into: lp:maas/2.1
Diff against target: 71 lines (+37/-2)
3 files modified
docs/changelog.rst (+9/-0)
src/maasserver/models/subnet.py (+11/-2)
src/maasserver/models/tests/test_subnet.py (+17/-0)
To merge this branch: bzr merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1
Reviewer Review Type Date Requested Status
Mike Pontillo (community) Approve
Review via email: mp+321472@code.launchpad.net

Commit message

Don't allow allocation of least-recently-used discoveries if they occur in a reserved range.

 * Merges revision 5887 from trunk to fix bug #1677507.

To post a comment you must log in.
Revision history for this message
Mike Pontillo (mpontillo) wrote :

Rejecting temporarily to remove test case for feature that didn't exist in MAAS 2.1.

Revision history for this message
Mike Pontillo (mpontillo) wrote :

Self-approve backport.

review: Approve
Revision history for this message
MAAS Lander (maas-lander) wrote :
Download full text (169.0 KiB)

The attempt to merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1 into lp:maas/2.1 failed. Below is the output from the failed tests.

Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Hit:2 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial InRelease
Get:3 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:4 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Fetched 306 kB in 0s (780 kB/s)
Reading package lists...
sudo DEBIAN_FRONTEND=noninteractive apt-get -y \
    --no-install-recommends install apache2 archdetect-deb authbind avahi-utils bash bind9 bind9utils build-essential bzr bzr-builddeb chromium-browser chromium-chromedriver curl daemontools debhelper dh-apport dh-systemd distro-info dnsutils firefox freeipmi-tools git gjs ipython isc-dhcp-common isc-dhcp-server libjs-angularjs libjs-jquery libjs-jquery-hotkeys libjs-yui3-full libjs-yui3-min libpq-dev make nodejs-legacy npm postgresql pxelinux python3-all python3-apt python3-attr python3-bson python3-convoy python3-crochet python3-cssselect python3-curtin python3-dev python3-distro-info python3-django python3-django-nose python3-django-piston3 python3-dnspython python3-docutils python3-formencode python3-hivex python3-httplib2 python3-jinja2 python3-jsonschema python3-lxml python3-netaddr python3-netifaces python3-novaclient python3-oauth python3-oauthlib python3-openssl python3-paramiko python3-petname python3-pexpect python3-psycopg2 python3-pyinotify python3-pyparsing python3-pyvmomi python3-requests python3-seamicroclient python3-setuptools python3-simplestreams python3-sphinx python3-tempita python3-twisted python3-txtftp python3-tz python3-yaml python3-zope.interface python-bson python-crochet python-django python-django-piston python-djorm-ext-pgarray python-formencode python-lxml python-netaddr python-netifaces python-pocket-lint python-psycopg2 python-simplejson python-tempita python-twisted python-yaml socat syslinux-common tgt ubuntu-cloudimage-keyring wget xvfb
Reading package lists...
Building dependency tree...
Reading state information...
distro-info is already the newest version (0.14build1).
distro-info set to manually installed.
git is already the newest version (1:2.7.4-0ubuntu1).
libjs-jquery is already the newest version (1.11.3+dfsg-4).
libjs-jquery set to manually installed.
make is already the newest version (4.1-6).
python-simplejson is already the newest version (3.8.1-1ubuntu2).
python-simplejson set to manually installed.
python-yaml is already the newest version (3.11-3build1).
python3-apt is already the newest version (1.1.0~beta1build1).
python3-jinja2 is already the newest version (2.8-1).
python3-oauthlib is already the newest version (1.0.3-1).
python3-requests is already the newest version (2.9.1-3).
python3-yaml is already the newest version (3.11-3build1).
ubuntu-cloudimage-keyring is already the newest version (2013.11.11).
bash is already the newest version (4.3-14ubuntu1.1).
bzr is already the newest version (2.7.0-2ubuntu3).
curl is already the newest version (7.47.0-1ubuntu2.2).
dnsutils is alr...

Revision history for this message
MAAS Lander (maas-lander) wrote :
Download full text (14.0 KiB)

The attempt to merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1 into lp:maas/2.1 failed. Below is the output from the failed tests.

Hit:1 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial InRelease
Get:2 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Get:3 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:4 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Fetched 306 kB in 0s (684 kB/s)
Reading package lists...
sudo DEBIAN_FRONTEND=noninteractive apt-get -y \
    --no-install-recommends install apache2 archdetect-deb authbind avahi-utils bash bind9 bind9utils build-essential bzr bzr-builddeb chromium-browser chromium-chromedriver curl daemontools debhelper dh-apport dh-systemd distro-info dnsutils firefox freeipmi-tools git gjs ipython isc-dhcp-common isc-dhcp-server libjs-angularjs libjs-jquery libjs-jquery-hotkeys libjs-yui3-full libjs-yui3-min libpq-dev make nodejs-legacy npm postgresql pxelinux python3-all python3-apt python3-attr python3-bson python3-convoy python3-crochet python3-cssselect python3-curtin python3-dev python3-distro-info python3-django python3-django-nose python3-django-piston3 python3-dnspython python3-docutils python3-formencode python3-hivex python3-httplib2 python3-jinja2 python3-jsonschema python3-lxml python3-netaddr python3-netifaces python3-novaclient python3-oauth python3-oauthlib python3-openssl python3-paramiko python3-petname python3-pexpect python3-psycopg2 python3-pyinotify python3-pyparsing python3-pyvmomi python3-requests python3-seamicroclient python3-setuptools python3-simplestreams python3-sphinx python3-tempita python3-twisted python3-txtftp python3-tz python3-yaml python3-zope.interface python-bson python-crochet python-django python-django-piston python-djorm-ext-pgarray python-formencode python-lxml python-netaddr python-netifaces python-pocket-lint python-psycopg2 python-simplejson python-tempita python-twisted python-yaml socat syslinux-common tgt ubuntu-cloudimage-keyring wget xvfb
Reading package lists...
Building dependency tree...
Reading state information...
authbind is already the newest version (2.1.1+nmu1).
avahi-utils is already the newest version (0.6.32~rc+dfsg-1ubuntu2).
build-essential is already the newest version (12.1ubuntu2).
debhelper is already the newest version (9.20160115ubuntu3).
distro-info is already the newest version (0.14build1).
git is already the newest version (1:2.7.4-0ubuntu1).
libjs-angularjs is already the newest version (1.2.28-1ubuntu2).
libjs-jquery is already the newest version (1.11.3+dfsg-4).
libjs-yui3-full is already the newest version (3.5.1-1ubuntu3).
libjs-yui3-min is already the newest version (3.5.1-1ubuntu3).
make is already the newest version (4.1-6).
postgresql is already the newest version (9.5+173).
pxelinux is already the newest version (3:6.03+dfsg-11ubuntu1).
python-formencode is already the newest version (1.3.0-0ubuntu5).
python-lxml is already the newest version (3.5.0-1build1).
python-netaddr is already the newest version (0.7.18-1).
python-netifaces is already the newest version (0.10....

Revision history for this message
MAAS Lander (maas-lander) wrote :
Download full text (13.1 KiB)

The attempt to merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1 into lp:maas/2.1 failed. Below is the output from the failed tests.

Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Hit:2 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial InRelease
Get:3 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:4 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Fetched 306 kB in 0s (697 kB/s)
Reading package lists...
sudo DEBIAN_FRONTEND=noninteractive apt-get -y \
    --no-install-recommends install apache2 archdetect-deb authbind avahi-utils bash bind9 bind9utils build-essential bzr bzr-builddeb chromium-browser chromium-chromedriver curl daemontools debhelper dh-apport dh-systemd distro-info dnsutils firefox freeipmi-tools git gjs ipython isc-dhcp-common isc-dhcp-server libjs-angularjs libjs-jquery libjs-jquery-hotkeys libjs-yui3-full libjs-yui3-min libpq-dev make nodejs-legacy npm postgresql pxelinux python3-all python3-apt python3-attr python3-bson python3-convoy python3-crochet python3-cssselect python3-curtin python3-dev python3-distro-info python3-django python3-django-nose python3-django-piston3 python3-dnspython python3-docutils python3-formencode python3-hivex python3-httplib2 python3-jinja2 python3-jsonschema python3-lxml python3-netaddr python3-netifaces python3-novaclient python3-oauth python3-oauthlib python3-openssl python3-paramiko python3-petname python3-pexpect python3-psycopg2 python3-pyinotify python3-pyparsing python3-pyvmomi python3-requests python3-seamicroclient python3-setuptools python3-simplestreams python3-sphinx python3-tempita python3-twisted python3-txtftp python3-tz python3-yaml python3-zope.interface python-bson python-crochet python-django python-django-piston python-djorm-ext-pgarray python-formencode python-lxml python-netaddr python-netifaces python-pocket-lint python-psycopg2 python-simplejson python-tempita python-twisted python-yaml socat syslinux-common tgt ubuntu-cloudimage-keyring wget xvfb
Reading package lists...
Building dependency tree...
Reading state information...
authbind is already the newest version (2.1.1+nmu1).
avahi-utils is already the newest version (0.6.32~rc+dfsg-1ubuntu2).
build-essential is already the newest version (12.1ubuntu2).
debhelper is already the newest version (9.20160115ubuntu3).
distro-info is already the newest version (0.14build1).
git is already the newest version (1:2.7.4-0ubuntu1).
libjs-angularjs is already the newest version (1.2.28-1ubuntu2).
libjs-jquery is already the newest version (1.11.3+dfsg-4).
libjs-yui3-full is already the newest version (3.5.1-1ubuntu3).
libjs-yui3-min is already the newest version (3.5.1-1ubuntu3).
make is already the newest version (4.1-6).
postgresql is already the newest version (9.5+173).
pxelinux is already the newest version (3:6.03+dfsg-11ubuntu1).
python-formencode is already the newest version (1.3.0-0ubuntu5).
python-lxml is already the newest version (3.5.0-1build1).
python-netaddr is already the newest version (0.7.18-1).
python-netifaces is already the newest version (0.10....

Revision history for this message
MAAS Lander (maas-lander) wrote :
Download full text (14.1 KiB)

The attempt to merge lp:~mpontillo/maas/ip-allocation-from-incorrect-range--bug-1677507--2.1 into lp:maas/2.1 failed. Below is the output from the failed tests.

Hit:1 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial InRelease
Get:2 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:3 http://prodstack-zone-1.clouds.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Get:4 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Fetched 306 kB in 0s (695 kB/s)
Reading package lists...
sudo DEBIAN_FRONTEND=noninteractive apt-get -y \
    --no-install-recommends install apache2 archdetect-deb authbind avahi-utils bash bind9 bind9utils build-essential bzr bzr-builddeb chromium-browser chromium-chromedriver curl daemontools debhelper dh-apport dh-systemd distro-info dnsutils firefox freeipmi-tools git gjs ipython isc-dhcp-common isc-dhcp-server libjs-angularjs libjs-jquery libjs-jquery-hotkeys libjs-yui3-full libjs-yui3-min libpq-dev make nodejs-legacy npm postgresql pxelinux python3-all python3-apt python3-attr python3-bson python3-convoy python3-crochet python3-cssselect python3-curtin python3-dev python3-distro-info python3-django python3-django-nose python3-django-piston3 python3-dnspython python3-docutils python3-formencode python3-hivex python3-httplib2 python3-jinja2 python3-jsonschema python3-lxml python3-netaddr python3-netifaces python3-novaclient python3-oauth python3-oauthlib python3-openssl python3-paramiko python3-petname python3-pexpect python3-psycopg2 python3-pyinotify python3-pyparsing python3-pyvmomi python3-requests python3-seamicroclient python3-setuptools python3-simplestreams python3-sphinx python3-tempita python3-twisted python3-txtftp python3-tz python3-yaml python3-zope.interface python-bson python-crochet python-django python-django-piston python-djorm-ext-pgarray python-formencode python-lxml python-netaddr python-netifaces python-pocket-lint python-psycopg2 python-simplejson python-tempita python-twisted python-yaml socat syslinux-common tgt ubuntu-cloudimage-keyring wget xvfb
Reading package lists...
Building dependency tree...
Reading state information...
authbind is already the newest version (2.1.1+nmu1).
avahi-utils is already the newest version (0.6.32~rc+dfsg-1ubuntu2).
build-essential is already the newest version (12.1ubuntu2).
debhelper is already the newest version (9.20160115ubuntu3).
distro-info is already the newest version (0.14build1).
git is already the newest version (1:2.7.4-0ubuntu1).
libjs-angularjs is already the newest version (1.2.28-1ubuntu2).
libjs-jquery is already the newest version (1.11.3+dfsg-4).
libjs-yui3-full is already the newest version (3.5.1-1ubuntu3).
libjs-yui3-min is already the newest version (3.5.1-1ubuntu3).
make is already the newest version (4.1-6).
postgresql is already the newest version (9.5+173).
pxelinux is already the newest version (3:6.03+dfsg-11ubuntu1).
python-formencode is already the newest version (1.3.0-0ubuntu5).
python-lxml is already the newest version (3.5.0-1build1).
python-netaddr is already the newest version (0.7.18-1).
python-netifaces is already the newest version (0.10....

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'docs/changelog.rst'
--- docs/changelog.rst 2017-03-23 12:20:26 +0000
+++ docs/changelog.rst 2017-03-30 17:25:45 +0000
@@ -2,6 +2,15 @@
2Changelog2Changelog
3=========3=========
44
52.1.6
6=====
7
8Bugs fixed in this release
9--------------------------
10
11LP: ##1677507 Fix potential IP allocation from incorrect range.
12
13
52.1.5142.1.5
6=====15=====
716
817
=== modified file 'src/maasserver/models/subnet.py'
--- src/maasserver/models/subnet.py 2017-02-17 05:34:56 +0000
+++ src/maasserver/models/subnet.py 2017-03-30 17:25:45 +0000
@@ -593,8 +593,17 @@
593 """593 """
594 # Circular imports.594 # Circular imports.
595 from maasserver.models import Discovery595 from maasserver.models import Discovery
596 return Discovery.objects.filter(596 # Note: for the purposes of this function, being in part of a "used"
597 subnet=self).by_unknown_ip().order_by('last_seen').first()597 # range (such as a router IP address or reserved range) makes it
598 # "known". So we need to avoid those here in order to avoid stepping
599 # on network infrastructure, reserved ranges, etc.
600 unused = self.get_ipranges_not_in_use(ignore_discovered_ips=True)
601 least_recent_neighbours = Discovery.objects.filter(
602 subnet=self).by_unknown_ip().order_by('last_seen')
603 for neighbor in least_recent_neighbours:
604 if neighbor.ip in unused:
605 return neighbor
606 return None
598607
599 def get_iprange_usage(self, with_neighbours=False) -> MAASIPSet:608 def get_iprange_usage(self, with_neighbours=False) -> MAASIPSet:
600 """Returns both the reserved and unreserved IP ranges in this Subnet.609 """Returns both the reserved and unreserved IP ranges in this Subnet.
601610
=== modified file 'src/maasserver/models/tests/test_subnet.py'
--- src/maasserver/models/tests/test_subnet.py 2017-02-17 05:34:56 +0000
+++ src/maasserver/models/tests/test_subnet.py 2017-03-30 17:25:45 +0000
@@ -919,6 +919,23 @@
919 discovery = subnet.get_least_recently_seen_unknown_neighbour()919 discovery = subnet.get_least_recently_seen_unknown_neighbour()
920 self.assertThat(discovery.ip, Equals("10.0.0.2"))920 self.assertThat(discovery.ip, Equals("10.0.0.2"))
921921
922 def test__returns_least_recently_seen_neighbour_excludes_in_use(self):
923 # Note: 10.0.0.0/30 --> 10.0.0.1 and 10.0.0.0.2 are usable.
924 subnet = factory.make_Subnet(
925 cidr="10.0.0.0/30", gateway_ip=None, dns_servers=None)
926 rackif = factory.make_Interface(vlan=subnet.vlan)
927 now = datetime.now()
928 yesterday = now - timedelta(days=1)
929 factory.make_Discovery(
930 ip="10.0.0.1", interface=rackif, updated=now)
931 factory.make_Discovery(
932 ip="10.0.0.2", interface=rackif, updated=yesterday)
933 factory.make_IPRange(
934 subnet, start_ip="10.0.0.2", end_ip="10.0.0.2",
935 type=IPRANGE_TYPE.RESERVED)
936 discovery = subnet.get_least_recently_seen_unknown_neighbour()
937 self.assertThat(discovery.ip, Equals("10.0.0.1"))
938
922 def test__returns_none_if_no_neighbours(self):939 def test__returns_none_if_no_neighbours(self):
923 # Note: 10.0.0.0/30 --> 10.0.0.1 and 10.0.0.0.2 are usable.940 # Note: 10.0.0.0/30 --> 10.0.0.1 and 10.0.0.0.2 are usable.
924 subnet = factory.make_Subnet(941 subnet = factory.make_Subnet(

Subscribers

People subscribed via source and target branches

to all changes: