apt-mirror does not override security.ubuntu.com for containers on trusty
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Won't Fix
|
High
|
Unassigned | ||
juju-core |
Won't Fix
|
Undecided
|
Unassigned | ||
1.25 |
Won't Fix
|
Undecided
|
Unassigned | ||
cloud-init (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Confirmed
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Undecided
|
Unassigned | ||
Yakkety |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
With "apt-mirror"[1] config, juju 1.25 can override archive.ubuntu.com with a local mirror. However security.ubuntu.com in sources.list is untouched. To make charm execution successful without Internet connectivity, replacing security.ubuntu.com with local mirror is essential.
As of 1.25.5, juju generates user-data with apt-mirror as:
====
#cloud-config
apt_mirror: http://
====
To override security.ubuntu.com juju needs to generate user-data like:
====
#cloud-config
system_info:
package_mirrors:
- arches: [i386, amd64]
failsafe:
primary: http://
security: http://
search:
primary: []
security: []
====
For more information regarding the override, please refer to [2].
[1] https:/
[2] https:/
tags: | added: cpec |
Changed in juju-core: | |
status: | New → Triaged |
importance: | Undecided → High |
milestone: | none → 2.0-beta13 |
Changed in juju-core: | |
milestone: | 2.0-beta13 → 2.0-beta14 |
summary: |
- apt-mirror does not override security.ubuntu.com + apt-mirror does not override security.ubuntu.com for containers |
Changed in juju-core: | |
milestone: | 2.0-beta14 → 2.0-beta15 |
Changed in juju-core: | |
milestone: | 2.0-beta15 → 2.0.0 |
affects: | juju-core → juju |
Changed in juju: | |
milestone: | 2.0.0 → none |
milestone: | none → 2.0.0 |
Changed in juju-core: | |
status: | New → Won't Fix |
Changed in juju: | |
assignee: | nobody → Richard Harding (rharding) |
Changed in juju: | |
milestone: | 2.0.0 → 2.1.0 |
Changed in juju: | |
assignee: | Richard Harding (rharding) → nobody |
Changed in cloud-init (Ubuntu): | |
status: | New → Fix Released |
Changed in cloud-init (Ubuntu Trusty): | |
status: | New → Confirmed |
Changed in cloud-init (Ubuntu Xenial): | |
status: | New → Fix Released |
Changed in cloud-init (Ubuntu Yakkety): | |
status: | New → Fix Released |
tags: |
added: cpe-onsite removed: cpec |
Thanks for the bug report. The apt-mirror setting seems to copy what setting your desktop's apt mirror does in software sources, which isn't useful in your case.
I think the current supported way to isolate a Juju environment from the internet, but still be able to install packages, is to set up a proxy. This is what I have used in the past (but haven't tried recently):
In clouds.yaml for Juju 2.0. Similar options are available for 1.25.x 192.168. 1.2/MAAS/ https-proxy: 192.168.0.2:8000
clouds:
maas-proxied:
type: maas
auth-types: [oauth1]
endpoint: http://
apt-http-proxy: 192.168.0.2:8000
apt-
http-proxy: 192.168.0.2:8000
https-proxy: 192.168.0.2:8000