Resolve oVirt IP addresses #13767
Resolve oVirt IP addresses #13767
Conversation
| # @return [String] The host name. | ||
| # | ||
| def resolve_ip_address(address) | ||
| require 'resolv' |
There was a problem hiding this comment.
I dont think you need this because you are using stdlib stuff - but then I see it other places too.
@chrisarcand is there a reason to require here? like we do `require 'ostruct' here
There was a problem hiding this comment.
Not sure about the rails environment, but in plain Ruby this fails without the require, even if resolv is part of the stdlib.
There was a problem hiding this comment.
- You do need a require under normal circumstances as while it's part of stdlib, it isn't loaded by default.
- The module is present in our current Rails env, it's not clear as to what actually adds it, probably Rails for it's own purposes. So...
- It's appropriate to require it in this file as it's a required dependency, but I'd put it at the top of the file instead of within the method itself.
There was a problem hiding this comment.
OK. I will put it at the top of the file.
Note that in other cases I have seen the opposite comment: put the requires only where they are needed, not at the top of file. Is there a rationale or common rule about where should requires go?
There was a problem hiding this comment.
If there is a hard-and-fast rule, usually it's what we described here: put at the top of the file.
There are specific exceptions, though; For example, in the ovirt_metrics gem I needed to write a custom adapter for dealing with an old version of Postgres on Ovirt databases that isn't supported by Rails 5 (what we run). As the adapter isn't required for Rails < 5, I require it inline based on which version of Rails you're running. I don't want the adapter required when it isn't necessary (it's very large and expensive to load)
Here it looks like you're adding some core functionality that should always run, so we'll consider it a true dependency that we'll specify at the beginning of the file.
There was a problem hiding this comment.
There was a problem hiding this comment.
OK, thanks for the explanation @chrisarcand , I will move the require to the top of the file in the next version of the pull request.
| @@ -97,6 +97,7 @@ | |||
| :purge_window_size: 10000 | |||
| :ems: | |||
| :ems_redhat: | |||
| :resolve_ip_addresses: true | |||
There was a problem hiding this comment.
I think this setting is not really self explanatory. But I dont know how could be really short and good.
resolve_ip_address_for_ovirt_manager_connect: true ?
There was a problem hiding this comment.
Can this be commented? I didn't see comments in this file, but if possible, I'd like to write a comment explaining the meaning. Something like this:
#
# Indicates if the oVirt provider should try to convert IP addresses
# to host names, using a reverse DNS lookup if required. This is
# needed because since version 4 of oVirt connections that use
# an IP address directly are rejected. Change to 'false' only if you
# have explicitly configured the oVirt engine to use IP addresses
# and you don't have a working DNS configuration.
#
:resolve_ip_addresses: trueAssuming comments are allowed, would that be enough?
There was a problem hiding this comment.
It's possible, but they dont show up in the UI :(
Thats why I think we should a) do a corresponding doc update. I guess the docs request in the BZ is enough. Though it would be nice to involve the docs team right here on the PR.
@adahms ?
There was a problem hiding this comment.
@oourfali what do you think about the naming of this config option?
There was a problem hiding this comment.
@durandom - Thank you for adding me to the discussion. If the change is visible in the UI, which it looks like it will be, then we can add a step and a note to the procedure on adding RHV providers to call out this behaviour.
Would that work?
There was a problem hiding this comment.
@adahms what is the process to add that text to the providers guide? Sending a pull request to some GitHub repository? Where? Will you take care of it or should I?
There was a problem hiding this comment.
@jhernand I have now raised the following bug to address this request, and the content will be added in the upstream and sync'ed with the downstream -
There was a problem hiding this comment.
@jhernand - Nothing else from documentation. Thank you for calling out this change!
|
@durandom I requested a release note in the bug. Please review it and tell me if something else is needed in order to trigger docs. |
|
The only change in the new version of the pull request is moving the |
|
@jhernand could you re-base on current master, amend the last commit or close/open the PR to trigger the CI? |
Since version 4 oVirt rejects connections that use directly the IP
address instead of the host name. This is a side effect of the new SSO
authentication mechanism. That means that when a oVirt provider is added
using an IP address it will not work. Users don't do this frequently,
but the system does it automatically when the provider is added using
the discovery mechanism, as this mechanism uses IP addresses only. To
avoid this issue this patch changes the provider so that when it
receives an IP address it tries to convert it to the corresponding fully
qualified host name.
There may be situations where the user really wants to use an IP
address, and not the host name. For those cases this patch also
introduces a new 'resolve_ip_addresses' setting that can be used to
disable resolving. This setting will be stored in the
'config/settings.yml' file, and its default value will be 'true':
:ems:
:ems_redhat:
:resolve_ip_addresses: true
https://bugzilla.redhat.com/1417757
|
Rebased, no changes. |
|
Checked commit https://github.com/jhernand/manageiq/commit/8df5bb0ce29b51928ecee75978e30ea80603e582 with ruby 2.2.6, rubocop 0.47.1, and haml-lint 0.20.0 |
|
@miq-bot add_label euwe/yes |
|
@jhernand This isn't a clean cherry-pick due to some refactoring done on master branch. Can you make an Euwe-specific PR (referencing this one) or suggest other PRs to backport. |
|
@simaishi Yes, I'll prepare an Euwe-specific PR. |
[EUWE] Resolve oVirt IP addresses (backport of #13767)
|
Backported to Euwe via #14183 |
Since version 4 oVirt rejects connections that use directly the IP address instead of the host name. This is a side effect of the new SSO authentication mechanism. That means that when a oVirt provider is added using an IP address it will not work. Users don't do this frequently, but the system does it automatically when the provider is added using the discovery mechanism, as this mechanism uses IP addresses only. To avoid this issue this patch changes the provider so that when it receives an IP address it tries to convert it to the corresponding fully qualified host name.
There may be situations where the user really wants to use an IP address, and not the host name. For those cases this patch also introduces a new
resolve_ip_addressessetting that can be used to disable resolving. This setting will be stored in theconfig/settings.ymlfile, and its default value will betrue:https://bugzilla.redhat.com/1417757