lxc containers broken with maas
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
juju-core |
Fix Released
|
High
|
Tim Penhey | ||
1.16 |
Fix Released
|
Critical
|
Tim Penhey | ||
juju-core (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Saucy |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
LXC containers under the MAAS provider never startup
[Test Case]
configure a maas environment
juju bootstrap
juju add-machine lxc:0
(machine appears in status output but never starts).
[Regression Potential]
Restructuring of the way cloud-init data is constructed and the new API call to allow the correct secrets to be retrieved as potentially wide impact.
[Original Bug Report]
Machines are shown as pending and never start.
There is an error parsing the config returned from the API call.
ERROR juju.worker environ.go:50 loaded invalid environment configuration: malformed maas-oauth (3 items separated by colons)
maas-oauth is listed as a secret. Although I have not fully investigated yet, I believe that this is a regression that was introduced when the provisioner task was moved to the API, and the environment config is also returned over the API. I posit that the secrets are removed from the environment config before returning them over the API. This makes the configuration invalid, so the "wait for a valid config" just hangs, and the provider fails to enter the main loop.
Related branches
- Juju Engineering: Pending requested
-
Diff: 491 lines (+142/-107)12 files modifiedcontainer/lxc/lxc.go (+12/-47)
container/lxc/lxc_test.go (+6/-8)
environs/cloudinit.go (+20/-12)
provider/local/environ.go (+7/-9)
state/api/params/params.go (+8/-0)
state/api/provisioner/provisioner.go (+14/-0)
state/api/provisioner/provisioner_test.go (+8/-0)
state/apiserver/provisioner/provisioner.go (+14/-0)
state/apiserver/provisioner/provisioner_test.go (+8/-0)
worker/provisioner/lxc-broker.go (+21/-7)
worker/provisioner/lxc-broker_test.go (+7/-2)
worker/provisioner/provisioner.go (+17/-22)
- Juju Engineering: Pending requested
-
Diff: 499 lines (+142/-107)12 files modifiedcontainer/lxc/lxc.go (+12/-47)
container/lxc/lxc_test.go (+6/-8)
environs/cloudinit.go (+20/-12)
provider/local/environ.go (+7/-9)
state/api/params/params.go (+8/-0)
state/api/provisioner/provisioner.go (+7/-0)
state/api/provisioner/provisioner_test.go (+8/-0)
state/apiserver/provisioner/provisioner.go (+14/-0)
state/apiserver/provisioner/provisioner_test.go (+8/-0)
worker/provisioner/lxc-broker.go (+27/-7)
worker/provisioner/lxc-broker_test.go (+8/-2)
worker/provisioner/provisioner.go (+17/-22)
Changed in juju-core: | |
status: | Triaged → In Progress |
Changed in juju-core: | |
milestone: | 1.16.2 → 2.0 |
Changed in juju-core: | |
milestone: | 2.0 → 1.17.0 |
Changed in juju-core: | |
status: | In Progress → Fix Committed |
Changed in juju-core: | |
importance: | Critical → High |
description: | updated |
Changed in juju-core (Ubuntu Saucy): | |
importance: | Undecided → High |
Changed in juju-core: | |
status: | Fix Committed → Fix Released |
There is the correct fix, and there is the quick fix.
The quick fix is likely to be an indicator in the config that this config is passed over the api, so tempter the validation as such.
The correct fix is to change the provisioner so it doesn't need the full environ config, but instead just asks for what it actually needs, which is likely to be the authorized keys.