cloud-init and netplan issues in Bookworm image

To: debian-cloud@lists.debian.org
Subject: cloud-init and netplan issues in Bookworm image
From: Andrew Ruthven <andrew@etc.gen.nz>
Date: Wed, 29 Nov 2023 20:22:35 +1300
Message-id: <[🔎] c121a55a4d2c626eabf054ff69c0b0c913337fe5.camel@etc.gen.nz>

Hey,

I've spotted a few issues with the netplan config in the Bookworm image, as listed below.

I think (1) is probably with netplan and (2) and (3) are with cloud-init.

Are others seeing these? In my case, this is an OpenStack based cloud.

1) MTU not supported with DHCP:

/run/systemd/network/10-netplan-ens3.network: MTUBytes= in [Link] section and UseMTU= in [DHCP] section are set. Disabling UseMTU=.

This file contains:

[Match]

PermanentMACAddress=fa:16:3e:3a:b1:6e

Name=ens3

[Link]

MTUBytes=1500

[Network]

DHCP=ipv4

LinkLocalAddressing=ipv6

[DHCP]

RouteMetric=100

UseMTU=true

2) Permissions too permissive:

root@debian-es:~# netplan apply

** (generate:769): WARNING **: 07:03:39.398: Permissions for /etc/netplan/50-cloud-init.yaml are too open. Netplan configuration should NOT be accessible by others.

Cannot call openvswitch: ovsdb-server.service is not running.

** (process:767): WARNING **: 07:03:39.849: Permissions for /etc/netplan/50-cloud-init.yaml are too open. Netplan configuration should NOT be accessible by others.

[]

Cannot find unique matching interface for ens3

** (process:767): WARNING **: 07:03:39.995: Permissions for /etc/netplan/50-cloud-init.yaml are too open. Netplan configuration should NOT be accessible by others.

root@debian-es:~#

3) And finally... about that "Cannot find unique matching interface for ens3" error

I removed an interface, then added it again. The MAC address on ens3 has changed, /etc/netplan/50-cloud-init.yaml says:

# This file is generated from information provided by the datasource. Changes

# to it will not persist across an instance reboot.

However this file is persisted, even over reboots and has the old MAC - fa:16:3e:0a:ef:d9. But cloud-init is showing the new MAC address fa:16:3e:3a:b1:6e

This can make accessing an instance hard if you remove all the interfaces and then add another one. Ask me how I found that out. ;)

Cheers,

Andrew

--

Andrew Ruthven, Wellington, New Zealand
andrew@etc.gen.nz         |
Catalyst Cloud:           | This space intentionally left blank
 https://catalystcloud.nz |

Reply to:

Prev by Date: Re: Debian qcow2 image username and password
Previous by thread: Re: Debian qcow2 image username and password
Index(es):
- Date
- Thread