Bug 1790823: [baremetal] Verify that MDNS doesn't advertise localhost

[yboaron]

MDNS publisher static pod should start advertising the node
only after node's hostname was set by DHCP.

The idea is to add an init container that will monitor host's hostname
until hostname != localhost.

The issue was how host's hostname should be retrieved by the init container.

Since the MDNS static pod doesn't use host's uts namespace, reading 'hostname'
is not an option.
Reading hostname using dbus didn't work due to security constraints(SElinux).

The suggested solution composed of:

1. NM dispatcher script will monitor & store hostname in a file
2. Init container will mount this file, and read the value

- What I did

- How to verify it

- Description for the changelog

[openshift-ci-robot]

@yboaron: This pull request references Bugzilla bug 1790823, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

Bug 1790823: [baremetal] Verify that MDNS doesn't advertise localhost

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: yboaron
To complete the pull request process, please assign sinnykumari
You can assign the PR to them by writing /assign @sinnykumari in a comment when ready.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[yboaron]

/cc @celebdor @cybertron @bcrochet

[yboaron]

I still didn't check e2e deployment (with customized MCO image) with this fix

[celebdor]

Is there some change to baremetal-runtimecfg mdns-publisher so that it reads the hostname? Cause as far as I can see we are just writing it in /etc/mdns/hostname but we need to use it in rendering then.

[celebdor]

shouldn't it be the FQDN?

[yboaron]

Yep, I need to update also baremetal-runtimecfg to consider mdns hostname file

[celebdor]

localhost.localdomain ?

[yboaron]

Running 'hostname' from shell returns just the hostname without a domain name(e.g: localhost), while GOLANG os.Hostname() returns host+domain-name.
The baremetal-runtimecfg relevant code (utils.ShortHostname [1]) should work OK for both cases.
[1] https://github.com/openshift/baremetal-runtimecfg/blob/master/pkg/utils/utils.go#L22

[celebdor]

I think we can safely drop the .txt extension

[yboaron]

OK

[celebdor]

Let's do it in up|down as well for good measure.

[celebdor]

What's the purpose of reading the cloned uts hostname?

[yboaron]

If verify-hostname init container start to run before NM dispatcher && If hostname in cloned uts namespace != localhost (meaning that verify-hostname start to run after hostname set by DHCP) -
there is no reason to wait for NM script, right?

[celebdor]

why not just cat ?

[celebdor]

I don't think it will kill us to try every second. It is literally just catting a file.

[openshift-ci-robot]

@yboaron: The following tests failed, say /retest to rerun all failed tests:

Test name	Commit	Details	Rerun command
ci/prow/e2e-aws-scaleup-rhel7	91942a5	link	/test e2e-aws-scaleup-rhel7
ci/prow/e2e-gcp-op	91942a5	link	/test e2e-gcp-op

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[yboaron]

This PR is replaced by #1455