keyserver workarounds in templates/lxc-download.in not accessible
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | lxc |
Fix Released
|
Undecided
|
Unassigned | |
Bug Description
I am on a machine where I need to use the HTTP proxy for the keyserver. I found no way to engage line 59 of https:/
DOWNLOAD_
I tried
http_proxy=True lxc-create ...
but I still got a failure fetching the key. (Manually issuing the gpg command computed for the proxy works.)
I also tried adding -keyserver <keyserver> to the template options on my lxc-create command line, as line 192 suggests, but got a complaint that --keyserver is not a valid option; indeed, the option parsing in lines 217--237 does not handle that one.
| mahmoh (mahmoh) wrote : | #1 |
| Mike Spreitzer (mike-spreitzer) wrote : | #2 |
It has been so long that I do not clearly remember. I do not think I made much progress beyond the bug report you see.
| Lucio Menzel (lucio-menzel-a) wrote : | #3 |
Dear all, kindly please provide a fix ASAP.
In my view, OpenStack value is mostly as a Private Cloud environment, and would expect most private cloud customers would have a proxy to allow downloading content from the Internet, right?
Isn't this a big issue for ALL private cloud customers?
Furthermore, once Ubuntu is installed and the proxy settings are defined centrally in one place. Then apps should not need to be 'told' about the proxy settings individually but rather use the proxy settings that defined globally at the OS level.
| yetang (yeweitang) wrote : | #4 |
Hi Friends,
Is there a solution to this issue? I am trying to create my first container
and encountered exact same error:
$ lxc-create -t download -n yetang-1st
Setting up the GPG keyring
ERROR: Unable to fetch GPG key from keyserver.
lxc_container: lxccontainer.c: create_
lxc_container: lxc_create.c: main: 271 Error creating container yetang-1st
$ uname -a
Linux ubuntu-docker 3.13.0-24-generic #46-Ubuntu SMP Thu Apr 10 19:11:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
Thanks!
| h (hernst-o) wrote : | #5 |
Hi there,
I had the same problems. I had to disable IPv6 to get it working.
best regards
HE
| Mukul (myadav64) wrote : | #6 |
Please append --no-validate flag to skip gpg validation.
Refer https:/
| Stéphane Graber (stgraber) wrote : | #7 |
The download template respects the http_proxy and https_proxy environment variable, set those to a valid http proxy and everything will work fine.
export http_proxy=http://
export https_proxy=http://
This has now been supported for quite some time.
| Changed in lxc: | |
| status: | New → Fix Released |
Hi Mike, did you ever resolve this problem by any chance as a configuration problem or is this still and issue?
I'm hitting this symptom in a proxy environment myself with Juju+MAAS+lxc:
1) " curl https:/
2) Keys fail though but should work given the download.in code:
sudo lxc-create --template download --name u1
Setting up the GPG keyring
ERROR: Unable to fetch GPG key from keyserver.
lxc_container: lxccontainer.c: create_
lxc_container: lxc_create.c: main: 271 Error creating container u1
3) Here's my failure but the failure may actually be caused by the proxy I just noticed 46 lines in:
environment: maas
machines:
"0":
agent-state: started
agent-version: 1.23.3.1
dns-name: 05.maas
instance-id: /MAAS/api/
series: trusty
containers:
0/lxc/0:
to start'
series: trusty
hardware: arch=amd64 cpu-cores=80 mem=1048576M
state-
"1":
...
"6":
agent-state: started
agent-version: 1.23.3.1
dns-name: 01.maas
instance-id: /MAAS/api/
series: trusty
containers:
6/lxc/0:
creation failed: error executing "lxc-create": + ''['' amd64 = i686 '']'';
+ ''['' 0 = 0 '']''; + case "$hostarch:$arch" in; + :; + ''['' tryreleased
''!='' daily -a tryreleased ''!='' released -a tryreleased ''!='' tryreleased
'']''; + ''['' -z /var/lib/
+ ''['' 0 ''!='' 0 '']''; + config=
+ ''['' -z /var/lib/
is /tmp/wget264411
0 -eq 1 '']''; + mkdir -p /var/cache/
= tryreleased '']''; + stream=released; + ubuntu-
amd64; + ''['' -n https:/
'']''; + url2=https:/
++ basename https:/
+ filename=
'']''; + d...