LXC container create fails: ERROR: Unable to fetch GPG key from keyserver.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Fix Released
|
Medium
|
Jesse Pretorius |
Bug Description
Sometimes, especially with restricted internet access through proxies of firewalls, the LXC container creation fails when using the download template. This happens during the lxc_hosts role execution as part of the container cache preparation.
When trying the container cache creation manually, the error is exposed:
root@server:
Setting up the GPG keyring
ERROR: Unable to fetch GPG key from keyserver.
lxc_container: lxccontainer.c: create_
lxc_container: lxc_create.c: main: 274 Error creating container LXC_NAME
This can be worked around by creating the cache manually with no gpg validation:
root@server:
Downloading the image index
WARNING: Running without gpg validation!
Downloading the rootfs
Downloading the metadata
The image cache is now ready
Unpacking the rootfs
The default download keyserver is shown here:
https:/
This is changed if a proxy is used:
https:/
It is likely better for us to ensure that we use the same keyserver as is used when using a proxy, as that will be more generally accessible in most environment. Ideally there should be a fallback keyserver used too if the first fails.
Fix proposed to branch: master /review. openstack. org/350684
Review: https:/