[Group.of.nepali.translators] [Bug 1574113] Re: curtin/maas don't support multiple (derived) archives/repositories with custom keys
** Also affects: maas/1.9
Importance: Undecided
Status: New
** Changed in: maas/1.9
Status: New => Won't Fix
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1574113
Title:
curtin/maas don't support multiple (derived) archives/repositories
with custom keys
Status in cloud-init:
Fix Released
Status in curtin:
Fix Committed
Status in MAAS:
Fix Released
Status in MAAS 1.9 series:
Won't Fix
Status in cloud-init package in Ubuntu:
Fix Released
Status in curtin package in Ubuntu:
Fix Released
Status in cloud-init source package in Xenial:
Fix Committed
Status in curtin source package in Xenial:
Fix Released
Bug description:
[Impact]
* Curtin doesn't support multiple derived archive/repositories with
custom keys as typically deployed in an offline Landscape deployment.
Adding the custom key resulted in an error when processing the
apt_source configuration as provided in this setup.
Curtin has been updated to support the updated apt-source model
implemented in cloud-init as well. Together the existing Landscape
deployments for offline users can now supply an apt-source config
that updates curtin to use the specified derived repository with a
custom key.
[Test Case]
* Install proposed curtin package and deploy a system behind a
Landscape Offline configuration with a derived repo.
PASS: Curtin will successfully accept the derived repo and install the
system from the specified apt repository.
FAIL: Curtin will fail to install the OS with an error like:
W: GPG error: http://100.107.231.166 trusty InRelease:
The following signatures couldn't be verified because the public key
is not available: NO_PUBKEY 2C6F2731D2B38BD3
E: There are problems and -y was used without --force-yes
Unexpected error while running command.
Command: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get',
'--quiet', '--assume-yes',
'--option=Dpkg::options::=--force-unsafe-io',
'--option=Dpkg::Options::=--force-confold', 'install',
'lvm2', 'ifenslave']
Exit code: 100
[Regression Potential]
* Other users of previous curtin 'apt_source' configurations may not
continue to work without re-formatting the apt_source configuration.
[Original Description]
In a customer environment I have to deploy using offline resources (no
internet connection at all), so I created apt mirror and MAAS images
mirror. I configured MAAS to use the local mirrors and I'm able to
commission the nodes but I'm not able to deploy the nodes because
there is no way to add gpg key of the local repo in target before the
'late' stage'.
Using curtin I'm able to add the key but too late, in fact according
with http://bazaar.launchpad.net/~curtin-
dev/curtin/trunk/view/head:/curtin/commands/install.py#L52 "late"
stage is executed after "curthooks" this prevent to add the key.
I checked also apt_config function in curthooks.py I did't see code
that add the key for each mirror.
It should be possible to add gpg public of the repository in maas.
--
configs/config-000.cfg
--
#cloud-config
debconf_selections:
maas: |
cloud-init cloud-init/datasources multiselect MAAS
cloud-init cloud-init/maas-metadata-url string
http://100.107.231.164/MAAS/metadata/
cloud-init cloud-init/maas-metadata-credentials string
oauth_token_key=8eZmzQWSSQzsUkaLnE_token_secret=LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP_consumer_key=htwDZJFtmv2YvQXhUW
cloud-init cloud-init/local-cloud-config string
apt_preserve_sources_list: true\nmanage_etc_hosts: false\nmanual_cache_clean:
true\nreporting:\n maas: {consumer_key: htwDZJFtmv2YvQXhUW, endpoint:
'http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515',\n
token_key: 8eZmzQWSSQzsUkaLnE, token_secret:
LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP,\ntype: webhook}\nsystem_info:\n
package_mirrors:\n - arches: [i386, amd64]\nfailsafe: {primary:
'http://archive.ubuntu.com/ubuntu', security:
'http://security.ubuntu.com/ubuntu'}\nsearch:\n primary:
['http://100.107.231.166/']\n security: ['http://100.107.231.166/']\n -
arches: [default]\nfailsafe: {primary:
'http://ports.ubuntu.com/ubuntu-ports', security:
'http://ports.ubuntu.com/ubuntu-ports'}\nsearch:\n primary:
['http://ports.ubuntu.com/ubuntu-ports']\n security:
['http://ports.ubuntu.com/ubuntu-ports']\n
late_commands:
maas: [wget, '--no-proxy',
'http://100.107.231.164/MAAS/metadata/latest/by-id/node-61b6987c-07a7-11e6-9d23-5254003d2515/',
'--post-data', 'op=netboot_off', '-O', '/dev/null']
apt_key: ["curtin",
[Group.of.nepali.translators] [Bug 1574113] Re: curtin/maas don't support multiple (derived) archives/repositories with custom keys
** Changed in: maas
Milestone: next => 2.1.0
** Changed in: maas
Importance: Critical => Wishlist
** Changed in: maas
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1574113
Title:
curtin/maas don't support multiple (derived) archives/repositories
with custom keys
Status in cloud-init:
Fix Released
Status in curtin:
Fix Committed
Status in MAAS:
Fix Released
Status in cloud-init package in Ubuntu:
Fix Released
Status in cloud-init source package in Xenial:
Fix Committed
Bug description:
In a customer environment I have to deploy using offline resources (no
internet connection at all), so I created apt mirror and MAAS images
mirror. I configured MAAS to use the local mirrors and I'm able to
commission the nodes but I'm not able to deploy the nodes because
there is no way to add gpg key of the local repo in target before the
'late' stage'.
Using curtin I'm able to add the key but too late, in fact according
with http://bazaar.launchpad.net/~curtin-
dev/curtin/trunk/view/head:/curtin/commands/install.py#L52 "late"
stage is executed after "curthooks" this prevent to add the key.
I checked also apt_config function in curthooks.py I did't see code
that add the key for each mirror.
It should be possible to add gpg public of the repository in maas.
--
configs/config-000.cfg
--
#cloud-config
debconf_selections:
maas: |
cloud-init cloud-init/datasources multiselect MAAS
cloud-init cloud-init/maas-metadata-url string
http://100.107.231.164/MAAS/metadata/
cloud-init cloud-init/maas-metadata-credentials string
oauth_token_key=8eZmzQWSSQzsUkaLnE_token_secret=LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP_consumer_key=htwDZJFtmv2YvQXhUW
cloud-init cloud-init/local-cloud-config string
apt_preserve_sources_list: true\nmanage_etc_hosts: false\nmanual_cache_clean:
true\nreporting:\n maas: {consumer_key: htwDZJFtmv2YvQXhUW, endpoint:
'http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515',\n
token_key: 8eZmzQWSSQzsUkaLnE, token_secret:
LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP,\ntype: webhook}\nsystem_info:\n
package_mirrors:\n - arches: [i386, amd64]\nfailsafe: {primary:
'http://archive.ubuntu.com/ubuntu', security:
'http://security.ubuntu.com/ubuntu'}\nsearch:\n primary:
['http://100.107.231.166/']\n security: ['http://100.107.231.166/']\n -
arches: [default]\nfailsafe: {primary:
'http://ports.ubuntu.com/ubuntu-ports', security:
'http://ports.ubuntu.com/ubuntu-ports'}\nsearch:\n primary:
['http://ports.ubuntu.com/ubuntu-ports']\n security:
['http://ports.ubuntu.com/ubuntu-ports']\n
late_commands:
maas: [wget, '--no-proxy',
'http://100.107.231.164/MAAS/metadata/latest/by-id/node-61b6987c-07a7-11e6-9d23-5254003d2515/',
'--post-data', 'op=netboot_off', '-O', '/dev/null']
apt_key: ["curtin", "in-target", "--", "sh", "-c", "/usr/bin/wget
--no-proxy -qO - http://100.107.231.166/magellan.key | apt-key add -"]
power_state:
mode: reboot
apt_mirrors:
ubuntu_archive: http://100.107.231.166//
ubuntu_security: http://100.107.231.166//
- curtin end of log --
Leaving 'diversion of /etc/init/ureadahead.conf to
/etc/init/ureadahead.conf.disabled by cloud-init'
Setting up swapspace version 1, size = 8388604 KiB
no label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089
Get:1 http://100.107.231.166 trusty InRelease [17.7 kB]
Get:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]
Get:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]
Ign http://100.107.231.166 trusty InRelease
Get:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]
Ign http://100.107.231.166 trusty-updates InRelease
Ign http://100.107.231.166 trusty-security InRelease
Get:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]
Get:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]
Get:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]
Get:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]
Get:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]
Get:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]
Get:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]
Get:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]
Get:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]
Get:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]
Get:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]
Fetched 505 kB in 0s (3,772 kB/s)
Reading package lists...
W: GPG
[Group.of.nepali.translators] [Bug 1574113] Re: curtin/maas don't support multiple (derived) archives/repositories with custom keys
This is fixed in cloud-init 0.7.7
** Changed in: cloud-init
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1574113
Title:
curtin/maas don't support multiple (derived) archives/repositories
with custom keys
Status in cloud-init:
Fix Released
Status in curtin:
Confirmed
Status in MAAS:
Triaged
Status in cloud-init package in Ubuntu:
Fix Released
Status in cloud-init source package in Xenial:
In Progress
Bug description:
In a customer environment I have to deploy using offline resources (no
internet connection at all), so I created apt mirror and MAAS images
mirror. I configured MAAS to use the local mirrors and I'm able to
commission the nodes but I'm not able to deploy the nodes because
there is no way to add gpg key of the local repo in target before the
'late' stage'.
Using curtin I'm able to add the key but too late, in fact according
with http://bazaar.launchpad.net/~curtin-
dev/curtin/trunk/view/head:/curtin/commands/install.py#L52 "late"
stage is executed after "curthooks" this prevent to add the key.
I checked also apt_config function in curthooks.py I did't see code
that add the key for each mirror.
It should be possible to add gpg public of the repository in maas.
--
configs/config-000.cfg
--
#cloud-config
debconf_selections:
maas: |
cloud-init cloud-init/datasources multiselect MAAS
cloud-init cloud-init/maas-metadata-url string
http://100.107.231.164/MAAS/metadata/
cloud-init cloud-init/maas-metadata-credentials string
oauth_token_key=8eZmzQWSSQzsUkaLnE_token_secret=LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP_consumer_key=htwDZJFtmv2YvQXhUW
cloud-init cloud-init/local-cloud-config string
apt_preserve_sources_list: true\nmanage_etc_hosts: false\nmanual_cache_clean:
true\nreporting:\n maas: {consumer_key: htwDZJFtmv2YvQXhUW, endpoint:
'http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515',\n
token_key: 8eZmzQWSSQzsUkaLnE, token_secret:
LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP,\ntype: webhook}\nsystem_info:\n
package_mirrors:\n - arches: [i386, amd64]\nfailsafe: {primary:
'http://archive.ubuntu.com/ubuntu', security:
'http://security.ubuntu.com/ubuntu'}\nsearch:\n primary:
['http://100.107.231.166/']\n security: ['http://100.107.231.166/']\n -
arches: [default]\nfailsafe: {primary:
'http://ports.ubuntu.com/ubuntu-ports', security:
'http://ports.ubuntu.com/ubuntu-ports'}\nsearch:\n primary:
['http://ports.ubuntu.com/ubuntu-ports']\n security:
['http://ports.ubuntu.com/ubuntu-ports']\n
late_commands:
maas: [wget, '--no-proxy',
'http://100.107.231.164/MAAS/metadata/latest/by-id/node-61b6987c-07a7-11e6-9d23-5254003d2515/',
'--post-data', 'op=netboot_off', '-O', '/dev/null']
apt_key: ["curtin", "in-target", "--", "sh", "-c", "/usr/bin/wget
--no-proxy -qO - http://100.107.231.166/magellan.key | apt-key add -"]
power_state:
mode: reboot
apt_mirrors:
ubuntu_archive: http://100.107.231.166//
ubuntu_security: http://100.107.231.166//
- curtin end of log --
Leaving 'diversion of /etc/init/ureadahead.conf to
/etc/init/ureadahead.conf.disabled by cloud-init'
Setting up swapspace version 1, size = 8388604 KiB
no label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089
Get:1 http://100.107.231.166 trusty InRelease [17.7 kB]
Get:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]
Get:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]
Ign http://100.107.231.166 trusty InRelease
Get:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]
Ign http://100.107.231.166 trusty-updates InRelease
Ign http://100.107.231.166 trusty-security InRelease
Get:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]
Get:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]
Get:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]
Get:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]
Get:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]
Get:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]
Get:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]
Get:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]
Get:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]
Get:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]
Get:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]
Fetched 505 kB in 0s (3,772 kB/s)
Reading package lists...
W: GPG error: http://100.107.231.166 trusty InRelease: The following
signatures
[Group.of.nepali.translators] [Bug 1574113] Re: curtin/maas don't support multiple (derived) archives/repositories with custom keys
Hello,
An SRU upload of cloud-init for 16.04 that contains a fix for this bug has been
made under bug 1595302. Please track that bug if you are interested.
** Also affects: cloud-init (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: cloud-init (Ubuntu Xenial)
Status: New => In Progress
** Changed in: cloud-init (Ubuntu Xenial)
Importance: Undecided => Medium
** Changed in: cloud-init (Ubuntu Xenial)
Assignee: (unassigned) => Scott Moser (smoser)
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1574113
Title:
curtin/maas don't support multiple (derived) archives/repositories
with custom keys
Status in cloud-init:
Fix Committed
Status in curtin:
Confirmed
Status in MAAS:
Triaged
Status in cloud-init package in Ubuntu:
Fix Released
Status in cloud-init source package in Xenial:
In Progress
Bug description:
In a customer environment I have to deploy using offline resources (no
internet connection at all), so I created apt mirror and MAAS images
mirror. I configured MAAS to use the local mirrors and I'm able to
commission the nodes but I'm not able to deploy the nodes because
there is no way to add gpg key of the local repo in target before the
'late' stage'.
Using curtin I'm able to add the key but too late, in fact according
with http://bazaar.launchpad.net/~curtin-
dev/curtin/trunk/view/head:/curtin/commands/install.py#L52 "late"
stage is executed after "curthooks" this prevent to add the key.
I checked also apt_config function in curthooks.py I did't see code
that add the key for each mirror.
It should be possible to add gpg public of the repository in maas.
--
configs/config-000.cfg
--
#cloud-config
debconf_selections:
maas: |
cloud-init cloud-init/datasources multiselect MAAS
cloud-init cloud-init/maas-metadata-url string
http://100.107.231.164/MAAS/metadata/
cloud-init cloud-init/maas-metadata-credentials string
oauth_token_key=8eZmzQWSSQzsUkaLnE_token_secret=LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP_consumer_key=htwDZJFtmv2YvQXhUW
cloud-init cloud-init/local-cloud-config string
apt_preserve_sources_list: true\nmanage_etc_hosts: false\nmanual_cache_clean:
true\nreporting:\n maas: {consumer_key: htwDZJFtmv2YvQXhUW, endpoint:
'http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515',\n
token_key: 8eZmzQWSSQzsUkaLnE, token_secret:
LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP,\ntype: webhook}\nsystem_info:\n
package_mirrors:\n - arches: [i386, amd64]\nfailsafe: {primary:
'http://archive.ubuntu.com/ubuntu', security:
'http://security.ubuntu.com/ubuntu'}\nsearch:\n primary:
['http://100.107.231.166/']\n security: ['http://100.107.231.166/']\n -
arches: [default]\nfailsafe: {primary:
'http://ports.ubuntu.com/ubuntu-ports', security:
'http://ports.ubuntu.com/ubuntu-ports'}\nsearch:\n primary:
['http://ports.ubuntu.com/ubuntu-ports']\n security:
['http://ports.ubuntu.com/ubuntu-ports']\n
late_commands:
maas: [wget, '--no-proxy',
'http://100.107.231.164/MAAS/metadata/latest/by-id/node-61b6987c-07a7-11e6-9d23-5254003d2515/',
'--post-data', 'op=netboot_off', '-O', '/dev/null']
apt_key: ["curtin", "in-target", "--", "sh", "-c", "/usr/bin/wget
--no-proxy -qO - http://100.107.231.166/magellan.key | apt-key add -"]
power_state:
mode: reboot
apt_mirrors:
ubuntu_archive: http://100.107.231.166//
ubuntu_security: http://100.107.231.166//
- curtin end of log --
Leaving 'diversion of /etc/init/ureadahead.conf to
/etc/init/ureadahead.conf.disabled by cloud-init'
Setting up swapspace version 1, size = 8388604 KiB
no label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089
Get:1 http://100.107.231.166 trusty InRelease [17.7 kB]
Get:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]
Get:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]
Ign http://100.107.231.166 trusty InRelease
Get:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]
Ign http://100.107.231.166 trusty-updates InRelease
Ign http://100.107.231.166 trusty-security InRelease
Get:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]
Get:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]
Get:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]
Get:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]
Get:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]
Get:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]
Get:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]
Get:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578
