Timeout on Bootstrapping Juju onto machine with Ubuntu 22.04 Desktop

As another user wanting to do the same, here are some observations I've noticed while trying to debug (22.04.3):

- Running within Multipass works fine (thats not how I want to run it though, as with the bug raiser)
- Running juju bootstrap independently works, but does require lxd setup and does issue an 'apparmor' error (update.go:85: cannot change mount namespace according to change mount (/run/user/1000/doc/by-app/snap.juju /run/user/1000/doc none bind,rw,x-snapd.ignore-missing 0 0): cannot inspect "/run/user/1000/doc": lstat /run/user/1000/doc: permission denied) - possibly relates to https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1991691
- looks like https://bugs.launchpad.net/snap-openstack/+bug/2019552 should have fixed this is its the ubuntu user.. regression maybe?

Update:
- reinstalled desktop and server, both hung with --accept-defaults.
- reinstalled desktop again from 22.04.2, updated to 22.04.3. --accept-defaults still hangs on creating juju controller. Re-running with sunbeam cluster bootstrap --role control --role compute --role storage --topology single --database single works fine.

As of snap 274 this seems to be corrected for me on desktop, but now have other issues around traefik v1 api being used (raised separate ticket).

Recently ran into this issue when I decided to try Sunbeam on Ubuntu 22.04 Desktop instead of Ubuntu 22.04 Server. After some analysis it seems that by default after installing the openstack snap and running the prepare-node-script the host can ssh into itself on Ubuntu 22.04 Server, but not with Ubuntu 22.04 Desktop although ~/.ssh/id_rsa.pub is included in ~/.ssh/authorized_keys.

Manually running 'juju bootstrap sunbeam sunbeam-controller' does prompt the user for the password and running 'sunbeam cluster bootstrap' afterwards resolves the issue.

- Reproducer in LXD 5.20

At the time of this writing you'll have to change the url for 'images' to access the ubuntu desktop images (https://discourse.ubuntu.com/t/new-lxd-image-server-available-images-lxd-canonical-com/43824).

lxc remote set-url images https://images.lxd.canonical.com

lxc launch images:ubuntu/jammy/desktop openstack --vm

lxc shell openstack

echo "$(hostname -I) openstack" >> /etc/hosts

sudo snap install openstack --channel 2023.2

su - ubuntu

sunbeam prepare-node-script | bash -x && newgrp snap_daemon

sunbeam cluster bootstrap --accept-defaults

WARNING: Minimum system requirements (4 core CPU, 16 GB RAM) not met.
⠋ Bootstrapping Juju onto machine ...
Error bootstrapping Juju
Traceback (most recent call last):
  File "/snap/openstack/335/lib/python3.10/site-packages/sunbeam/commands/juju.py", line 289, in run
    process = subprocess.run(cmd, capture_output=True, text=True, check=True)
  File "/usr/lib/python3.10/subprocess.py", line 526, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['/snap/openstack/335/juju/bin/juju', 'bootstrap', 'sunbeam', 'sunbeam-controller']' returned non-zero exit status 1.
ERROR initializing ubuntu user: subprocess encountered error code 255 (Connection closed by 10.140.44.4 port 22)
ERROR subprocess encountered error code 255 (Connection closed by 10.140.44.4 port 22)

Error: Command '['/snap/openstack/335/juju/bin/juju', 'bootstrap', 'sunbeam', 'sunbeam-controller']' returned non-zero exit status 1.

#Fix
juju bootstrap sunbeam sunbeam-controller

sunbeam cluster bootstrap --accept-defaults

- Reproducer to check if host can ssh into itself.

Server

lxc launch ubuntu:22.04 server --vm
lxc shell server
snap install openstack --channel 2023.2
su - ubuntu
sunbeam prepare-node-script | bash -x && newgrp snap_daemon
ssh ubuntu@$(hostname -I)
#Does not prompt for password

Desktop

lxc launch images:ubuntu/jammy/desktop desktop --vm
lxc shell desktop
snap install openstack --channel 2023.2
su - ubuntu
sunbeam prepare-node-script | bash -x && newgrp snap_daemon
ssh ubuntu@$(hostname -I)
#Prompts for password

Also, manually running the commands line by line from the prepare node script will still prompt for a password. Something in the prepare node script is happening because manually running these commands successfully sets up promptless access.

sudo apt install -y openssh-server
[ -f $HOME/.ssh/id_rsa ] || ssh-keygen -b 4096 -f $HOME/.ssh/id_rsa -t rsa -N ""
cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys
ssh-keyscan -H $(hostname --all-ip-addresses) >> $HOME/.ssh/known_hosts

After executing 'sunbeam prepare-node-script | bash -x && newgrp snap_daemon', the SSH service is installed but requires proper configuration. Ensure to disable password authentication and enable public key authentication in the /etc/ssh/sshd_config file before restarting the service. Once completed, you can safely proceed to rerun 'sunbeam cluster bootstrap --accept-defaults' without encountering any issues.