From 6ab878083392d95353b7f83e7db16bdba99e10a0 Mon Sep 17 00:00:00 2001 From: Adam King Date: Sat, 21 Jan 2023 18:44:22 -0500 Subject: [PATCH] cephadm: mount host /etc/hosts for containers in podman deployments Podman messes with the /etc/hosts file in certain version. There was already a past issue with it placing the container name there fixed by https://github.com/ceph/ceph/pull/42242. This time it is adding an entry for "host.containers.internal" (seems to be podman 4.1 onward currently). Iscsi figures out the FQDN for a host by running python3 -c 'import socket; print(socket.getfqdn()) which is resolving to "host.containers.internal" when run in the container with the podman modified /etc/hosts. There is also an issue with grafana dashboard with this entry present Passing --no-hosts resolves this, but I think in the past we avoided that due to not wanting to break deployments where host name resolution was handled using /etc/hosts. That's why we had that workaround previously linked. This time I'm not sure such a workaround exists. The try here is to mount a copy of the host's version of /etc/hosts into the iscsi container. That copy won't have the extra entry podman adds in but will have any user created entries in case they were actually using it for host name resolution. If /etc/hosts file isn't present for whatever reason, we're assuming that this user isn't using /etc/hosts for hostname resolution, and just going back to passing --no-hosts. Fixes: https://tracker.ceph.com/issues/58532 Fixes: https://tracker.ceph.com/issues/57018 Signed-off-by: Adam King (cherry picked from commit dd8627bbe3ebc6d924912a37785859d8124f95e5) --- src/cephadm/cephadm | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/src/cephadm/cephadm b/src/cephadm/cephadm index dbe2e639b6614..802567361eb34 100755 --- a/src/cephadm/cephadm +++ b/src/cephadm/cephadm @@ -3042,6 +3042,18 @@ def get_container_mounts(ctx, fsid, daemon_type, daemon_id, data_dir = get_data_dir(fsid, ctx.data_dir, daemon_type, daemon_id) mounts.update(cc.get_container_mounts(data_dir)) + # Modifications podman makes to /etc/hosts causes issues with + # certain daemons (specifically referencing "host.containers.internal" entry + # being added to /etc/hosts in this case). To avoid that, but still + # allow users to use /etc/hosts for hostname resolution, we can + # mount the host's /etc/hosts file. + # https://tracker.ceph.com/issues/58532 + # https://tracker.ceph.com/issues/57018 + if isinstance(ctx.container_engine, Podman): + if os.path.exists('/etc/hosts'): + if '/etc/hosts' not in mounts: + mounts['/etc/hosts'] = '/etc/hosts:ro' + return mounts @@ -3187,6 +3199,14 @@ def get_container(ctx: CephadmContext, ]) if ctx.container_engine.version >= CGROUPS_SPLIT_PODMAN_VERSION and not ctx.no_cgroups_split: container_args.append('--cgroups=split') + # if /etc/hosts doesn't exist, we can be confident + # users aren't using it for host name resolution + # and adding --no-hosts avoids bugs created in certain daemons + # by modifications podman makes to /etc/hosts + # https://tracker.ceph.com/issues/58532 + # https://tracker.ceph.com/issues/57018 + if not os.path.exists('/etc/hosts'): + container_args.extend(['--no-hosts']) return CephContainer.for_daemon( ctx, -- 2.39.5