Canonical Juju

snap core store-proxy-id not set during bootstrap

Bug #1821045 reported by John A Meinel
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Canonical Juju
Triaged
Low
Unassigned

Bug Description

With the new feature to install MongoDB from a snap, it became much more relevant to have a snap store proxy setup for the LXD provider. Otherwise it downloads all of core core 18 and juju-db on every bootstrap.

However, *during* the bootstrap process, the snap settings are not set yet:

2019-03-20 17:08:11 INFO juju.mongo mongo.go:511 Ensuring mongo server is running; data directory /var/snap/juju-db/common; port 37017 2019-03-20 17:08:11 INFO juju.service.snap snap.go:382 preparing command: snap install --stable --jailmode core 2019-03-20 17:08:11 INFO juju.service.snap snap.go:392 preparing command: snap install --edge --jailmode juju-db 2019-03-20 17:08:11 INFO juju.service.snap snap.go:342 command: snap install --stable --jailmode core s^C
root@juju-52a250-0:~# sudo snap status
error: unknown command "status", see 'snap help'
root@juju-52a250-0:~# sudo snap get core
Key Value
cloud {...}
refresh {...}
seed {...}
root@juju-52a250-0:~# sudo snap get core -d
{
        "cloud": {
                "name": "unknown"
        },
        "refresh": {
                "hold": "2019-03-20T19:06:41.995742809Z"
        },
        "seed": {
                "loaded": true
        }
}

We *definitely* need to check for them before we run 'snap install' of *anything*.

While for local development this is a 'nice to have'. If we get to production, they won't have outbound access *at all* without the proxy being set.

These are the settings "snap-store-proxy", and "snap-store-assertions" than need to get properly handled early.

(in the first test, I accidentally used 'snap-store-id' which is the ProxyConfig value, not 'snap-store-proxy' which is the environs/config value. However, I fixed that, and bootstrapped a second time, and saw the same behavior. We are running 'snap install' before we have configured snap-store-proxy.)

See original description
John A Meinel (jameinel)
description: updated
Revision history for this message
John A Meinel (jameinel) wrote :

With the right config set, once the machine has finished bootstrapping, I do see:
root@juju-50ff28-0:~# sudo snap get core -d
{
        "cloud": {
                "name": "unknown"
        },
        "proxy": {
                "http": "",
                "https": "",
                "store": "yFsGTy6qwkrVISeJI1JjU09v9Uxlc0Gf"
        },
        "refresh": {
                "hold": "2019-03-20T19:42:00.762131261Z"
        },
        "seed": {
                "loaded": true
        }
}

So the config is correct. I can also see that "snap install juju --classic --channel 2.5/edge" downloads at approx 100MB/s so it is clearly using the local snap store proxy.

We just need to configure that before we install juju-db.

Revision history for this message
John A Meinel (jameinel) wrote :

Arguably we should be setting the snap proxy stuff at the same time we are setting apt and http proxy information (possibly all the way into cloud-init). I think there are a few apps that by-default come from the snap store in bionic. Though I think those are mostly desktop apps right now.

Revision history for this message
John A Meinel (jameinel) wrote :

As a quick workaround hack you can use cloudinit-userdata. In my ~/.local/share/juju/clouds.yaml:
clouds:
...
  lxd:
    type: lxd
    auth-types: [certificate]
    endpoint: https://10.210.24.1:8443
    config:
      apt-http-proxy: http://192.168.0.50:3142
      apt-https-proxy: http://192.168.0.50:3142
      enable-os-upgrade: false
      cloudinit-userdata: |
          preruncmd:
              - "set -xe"
              - "curl -s http://192.168.0.50/v2/auth/store/assertions | sudo snap ack /dev/stdin"
              - "sudo snap set core proxy.store=yFsGTy6qwkrVISeJI1JjU09v9Uxlc0Gf"
      snap-store-proxy: "yFsGTy6qwkrVISeJI1JjU09v9Uxlc0Gf"
      snap-store-assertions: |
...

the "set -xe" isn't necessary, but it makes it possible to see that the next 2 commands are being run. When you use 'preruncmd' the values you set end up before *juju* calls 'set -xe' at the start of its normal runcmd. So while they are executed, without 'set -xe' you don't see them in /var/log/cloud-init-output.log.

Revision history for this message
John A Meinel (jameinel) wrote :

(note that the cloudinit-userdata hack above changes the time for:
export JUJU_DEV_FEATURE_FLAGS=mongodb-snap; time juju bootstrap --debug lxd lxd --no-gui 'juju bootstrap'

from 9m34s to 2m18s.)

Revision history for this message
Dmitrii Shcherbakov (dmitriis) wrote :

I agree with #2. Regular proxy settings should also be configured via cloudinit-userdata for the core snap the same way apt proxy setting are set. Otherwise they will be set only when proxyupdater runs which may be too late.

I would also consider adding an option to set SNAPPY_STORE_NO_CDN environment variable for snapd (to support environments that do not yet have enterprise proxy).

Revision history for this message
Canonical Juju QA Bot (juju-qa-bot) wrote :

This bug has not been updated in 2 years, so we're marking it Low importance. If you believe this is incorrect, please update the importance.

Changed in juju:
importance: High → Low
tags: added: expirebugs-bot
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.