2016-04-23 20:22:25 |
Paolo de Rosa |
bug |
|
|
added bug |
2016-04-23 20:23:52 |
Paolo de Rosa |
description |
In a customer environment I have to deploy using offline resources (no internet connection at all), so I created apt mirror and MAAS images mirror. I configured MAAS to use the local mirrors and I'm able to commission the nodes but I'm not able to deploy the nodes because there is no way to add gpg key of the local repo in target before the 'late' stage'.
Using curtin I'm able to add the key but too late, in fact according with http://bazaar.launchpad.net/~curtin-dev/curtin/trunk/view/head:/curtin/commands/install.py#L52 "late" stage is executed after "curthooks" this prevent to add the key.
I checked also apt_config function in curthooks.py I did't see code that add the key for each mirror.
It should be possible to add gpg public of the repository in maas.
----------------------------------
configs/config-000.cfg
----------------------------------
#cloud-config
debconf_selections:
maas: |
cloud-init cloud-init/datasources multiselect MAAS
cloud-init cloud-init/maas-metadata-url string http://100.107.231.164/MAAS/metadata/
cloud-init cloud-init/maas-metadata-credentials string oauth_token_key=8eZmzQWSSQzsUkaLnE&oauth_token_secret=LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP&oauth_consumer_key=htwDZJFtmv2YvQXhUW
cloud-init cloud-init/local-cloud-config string apt_preserve_sources_list: true\nmanage_etc_hosts: false\nmanual_cache_clean: true\nreporting:\n maas: {consumer_key: htwDZJFtmv2YvQXhUW, endpoint: 'http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515',\n token_key: 8eZmzQWSSQzsUkaLnE, token_secret: LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP,\n type: webhook}\nsystem_info:\n package_mirrors:\n - arches: [i386, amd64]\n failsafe: {primary: 'http://archive.ubuntu.com/ubuntu', security: 'http://security.ubuntu.com/ubuntu'}\n search:\n primary: ['http://100.107.231.166/']\n security: ['http://100.107.231.166/']\n - arches: [default]\n failsafe: {primary: 'http://ports.ubuntu.com/ubuntu-ports', security: 'http://ports.ubuntu.com/ubuntu-ports'}\n search:\n primary: ['http://ports.ubuntu.com/ubuntu-ports']\n security: ['http://ports.ubuntu.com/ubuntu-ports']\n
late_commands:
maas: [wget, '--no-proxy', 'http://100.107.231.164/MAAS/metadata/latest/by-id/node-61b6987c-07a7-11e6-9d23-5254003d2515/', '--post-data', 'op=netboot_off', '-O', '/dev/null']
power_state:
mode: reboot
apt_mirrors:
ubuntu_archive: http://100.107.231.166//
ubuntu_security: http://100.107.231.166//
----- curtin end of log ------
Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'
Setting up swapspace version 1, size = 8388604 KiB
no label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089
Get:1 http://100.107.231.166 trusty InRelease [17.7 kB]
Get:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]
Get:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]
Ign http://100.107.231.166 trusty InRelease
Get:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]
Ign http://100.107.231.166 trusty-updates InRelease
Ign http://100.107.231.166 trusty-security InRelease
Get:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]
Get:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]
Get:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]
Get:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]
Get:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]
Get:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]
Get:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]
Get:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]
Get:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]
Get:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]
Get:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]
Fetched 505 kB in 0s (3,772 kB/s)
Reading package lists...
W: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
W: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
W: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
Reading package lists...
Building dependency tree...
Reading state information...
The following extra packages will be installed:
libdevmapper-event1.02.1 libreadline5 watershed
Suggested packages:
thin-provisioning-tools
The following NEW packages will be installed:
ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed
0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.
Need to get 635 kB of archives.
After this operation, 1,885 kB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2
E: There are problems and -y was used without --force-yes
Unexpected error while running command.
Command: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']
Exit code: 100
Reason: -
Stdout: ''
Stderr: ''
builtin command failed
Installation failed with exception: Unexpected error while running command.
Command: ['curtin', 'curthooks']
Exit code: 3
Reason: -
Stdout: "Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'\nSetting up swapspace version 1, size = 8388604 KiB\nno label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089\nGet:1 http://100.107.231.166 trusty InRelease [17.7 kB]\nGet:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]\nGet:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]\nIgn http://100.107.231.166 trusty InRelease\nGet:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]\nIgn http://100.107.231.166 trusty-updates InRelease\nIgn http://100.107.231.166 trusty-security InRelease\nGet:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]\nGet:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]\nGet:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]\nGet:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]\nGet:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]\nGet:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]\nGet:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]\nGet:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]\nGet:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]\nGet:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]\nGet:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]\nFetched 505 kB in 0s (3,772 kB/s)\nReading package lists...\nW: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nReading package lists...\nBuilding dependency tree...\nReading state information...\nThe following extra packages will be installed:\n libdevmapper-event1.02.1 libreadline5 watershed\nSuggested packages:\n thin-provisioning-tools\nThe following NEW packages will be installed:\n ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed\n0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.\nNeed to get 635 kB of archives.\nAfter this operation, 1,885 kB of additional disk space will be used.\nWARNING: The following packages cannot be authenticated!\n libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2\nE: There are problems and -y was used without --force-yes\nUnexpected error while running command.\nCommand: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']\nExit code: 100\nReason: -\nStdout: ''\nStderr: ''\n"
Stderr: ''
failed posting event: finish: cmd-install: FAIL: curtin command install [[http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515] http error: 400]
Unexpected error while running command.
Command: ['curtin', 'curthooks']
Exit code: 3
Reason: -
Stdout: "Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'\nSetting up swapspace version 1, size = 8388604 KiB\nno label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089\nGet:1 http://100.107.231.166 trusty InRelease [17.7 kB]\nGet:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]\nGet:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]\nIgn http://100.107.231.166 trusty InRelease\nGet:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]\nIgn http://100.107.231.166 trusty-updates InRelease\nIgn http://100.107.231.166 trusty-security InRelease\nGet:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]\nGet:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]\nGet:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]\nGet:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]\nGet:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]\nGet:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]\nGet:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]\nGet:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]\nGet:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]\nGet:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]\nGet:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]\nFetched 505 kB in 0s (3,772 kB/s)\nReading package lists...\nW: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nReading package lists...\nBuilding dependency tree...\nReading state information...\nThe following extra packages will be installed:\n libdevmapper-event1.02.1 libreadline5 watershed\nSuggested packages:\n thin-provisioning-tools\nThe following NEW packages will be installed:\n ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed\n0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.\nNeed to get 635 kB of archives.\nAfter this operation, 1,885 kB of additional disk space will be used.\nWARNING: The following packages cannot be authenticated!\n libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2\nE: There are problems and -y was used without --force-yes\nUnexpected error while running command.\nCommand: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']\nExit code: 100\nReason: -\nStdout: ''\nStderr: ''\n"
Stderr: '' |
In a customer environment I have to deploy using offline resources (no internet connection at all), so I created apt mirror and MAAS images mirror. I configured MAAS to use the local mirrors and I'm able to commission the nodes but I'm not able to deploy the nodes because there is no way to add gpg key of the local repo in target before the 'late' stage'.
Using curtin I'm able to add the key but too late, in fact according with http://bazaar.launchpad.net/~curtin-dev/curtin/trunk/view/head:/curtin/commands/install.py#L52 "late" stage is executed after "curthooks" this prevent to add the key.
I checked also apt_config function in curthooks.py I did't see code that add the key for each mirror.
It should be possible to add gpg public of the repository in maas.
----------------------------------
configs/config-000.cfg
----------------------------------
#cloud-config
debconf_selections:
maas: |
cloud-init cloud-init/datasources multiselect MAAS
cloud-init cloud-init/maas-metadata-url string http://100.107.231.164/MAAS/metadata/
cloud-init cloud-init/maas-metadata-credentials string oauth_token_key=8eZmzQWSSQzsUkaLnE&oauth_token_secret=LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP&oauth_consumer_key=htwDZJFtmv2YvQXhUW
cloud-init cloud-init/local-cloud-config string apt_preserve_sources_list: true\nmanage_etc_hosts: false\nmanual_cache_clean: true\nreporting:\n maas: {consumer_key: htwDZJFtmv2YvQXhUW, endpoint: 'http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515',\n token_key: 8eZmzQWSSQzsUkaLnE, token_secret: LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP,\n type: webhook}\nsystem_info:\n package_mirrors:\n - arches: [i386, amd64]\n failsafe: {primary: 'http://archive.ubuntu.com/ubuntu', security: 'http://security.ubuntu.com/ubuntu'}\n search:\n primary: ['http://100.107.231.166/']\n security: ['http://100.107.231.166/']\n - arches: [default]\n failsafe: {primary: 'http://ports.ubuntu.com/ubuntu-ports', security: 'http://ports.ubuntu.com/ubuntu-ports'}\n search:\n primary: ['http://ports.ubuntu.com/ubuntu-ports']\n security: ['http://ports.ubuntu.com/ubuntu-ports']\n
late_commands:
maas: [wget, '--no-proxy', 'http://100.107.231.164/MAAS/metadata/latest/by-id/node-61b6987c-07a7-11e6-9d23-5254003d2515/', '--post-data', 'op=netboot_off', '-O', '/dev/null']
apt_key: ["curtin", "in-target", "--", "sh", "-c", "/usr/bin/wget --no-proxy -qO - http://100.107.231.166/magellan.key | apt-key add -"]
power_state:
mode: reboot
apt_mirrors:
ubuntu_archive: http://100.107.231.166//
ubuntu_security: http://100.107.231.166//
----- curtin end of log ------
Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'
Setting up swapspace version 1, size = 8388604 KiB
no label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089
Get:1 http://100.107.231.166 trusty InRelease [17.7 kB]
Get:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]
Get:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]
Ign http://100.107.231.166 trusty InRelease
Get:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]
Ign http://100.107.231.166 trusty-updates InRelease
Ign http://100.107.231.166 trusty-security InRelease
Get:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]
Get:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]
Get:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]
Get:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]
Get:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]
Get:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]
Get:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]
Get:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]
Get:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]
Get:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]
Get:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]
Fetched 505 kB in 0s (3,772 kB/s)
Reading package lists...
W: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
W: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
W: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
Reading package lists...
Building dependency tree...
Reading state information...
The following extra packages will be installed:
libdevmapper-event1.02.1 libreadline5 watershed
Suggested packages:
thin-provisioning-tools
The following NEW packages will be installed:
ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed
0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.
Need to get 635 kB of archives.
After this operation, 1,885 kB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2
E: There are problems and -y was used without --force-yes
Unexpected error while running command.
Command: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']
Exit code: 100
Reason: -
Stdout: ''
Stderr: ''
builtin command failed
Installation failed with exception: Unexpected error while running command.
Command: ['curtin', 'curthooks']
Exit code: 3
Reason: -
Stdout: "Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'\nSetting up swapspace version 1, size = 8388604 KiB\nno label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089\nGet:1 http://100.107.231.166 trusty InRelease [17.7 kB]\nGet:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]\nGet:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]\nIgn http://100.107.231.166 trusty InRelease\nGet:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]\nIgn http://100.107.231.166 trusty-updates InRelease\nIgn http://100.107.231.166 trusty-security InRelease\nGet:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]\nGet:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]\nGet:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]\nGet:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]\nGet:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]\nGet:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]\nGet:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]\nGet:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]\nGet:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]\nGet:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]\nGet:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]\nFetched 505 kB in 0s (3,772 kB/s)\nReading package lists...\nW: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nReading package lists...\nBuilding dependency tree...\nReading state information...\nThe following extra packages will be installed:\n libdevmapper-event1.02.1 libreadline5 watershed\nSuggested packages:\n thin-provisioning-tools\nThe following NEW packages will be installed:\n ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed\n0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.\nNeed to get 635 kB of archives.\nAfter this operation, 1,885 kB of additional disk space will be used.\nWARNING: The following packages cannot be authenticated!\n libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2\nE: There are problems and -y was used without --force-yes\nUnexpected error while running command.\nCommand: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']\nExit code: 100\nReason: -\nStdout: ''\nStderr: ''\n"
Stderr: ''
failed posting event: finish: cmd-install: FAIL: curtin command install [[http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515] http error: 400]
Unexpected error while running command.
Command: ['curtin', 'curthooks']
Exit code: 3
Reason: -
Stdout: "Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'\nSetting up swapspace version 1, size = 8388604 KiB\nno label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089\nGet:1 http://100.107.231.166 trusty InRelease [17.7 kB]\nGet:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]\nGet:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]\nIgn http://100.107.231.166 trusty InRelease\nGet:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]\nIgn http://100.107.231.166 trusty-updates InRelease\nIgn http://100.107.231.166 trusty-security InRelease\nGet:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]\nGet:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]\nGet:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]\nGet:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]\nGet:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]\nGet:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]\nGet:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]\nGet:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]\nGet:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]\nGet:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]\nGet:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]\nFetched 505 kB in 0s (3,772 kB/s)\nReading package lists...\nW: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nReading package lists...\nBuilding dependency tree...\nReading state information...\nThe following extra packages will be installed:\n libdevmapper-event1.02.1 libreadline5 watershed\nSuggested packages:\n thin-provisioning-tools\nThe following NEW packages will be installed:\n ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed\n0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.\nNeed to get 635 kB of archives.\nAfter this operation, 1,885 kB of additional disk space will be used.\nWARNING: The following packages cannot be authenticated!\n libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2\nE: There are problems and -y was used without --force-yes\nUnexpected error while running command.\nCommand: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']\nExit code: 100\nReason: -\nStdout: ''\nStderr: ''\n"
Stderr: '' |
|
2016-04-23 20:32:00 |
Andres Rodriguez |
bug task added |
|
curtin |
|
2016-04-23 20:32:07 |
Andres Rodriguez |
maas: status |
New |
Incomplete |
|
2016-04-25 14:02:47 |
Andres Rodriguez |
bug task deleted |
curtin |
|
|
2016-04-25 14:09:18 |
Andres Rodriguez |
maas: status |
Incomplete |
Invalid |
|
2016-04-25 14:09:26 |
Andres Rodriguez |
bug task added |
|
curtin |
|
2016-04-25 14:09:55 |
Andres Rodriguez |
summary |
Deploy fails in an offline environment |
No way to inject apt archive/mirror key before apt starts processing packages |
|
2016-04-25 14:10:20 |
Andres Rodriguez |
summary |
No way to inject apt archive/mirror key before apt starts processing packages |
No way to inject apt archive/mirror key 'in-target' before apt starts processing packages |
|
2016-04-25 14:17:01 |
Andres Rodriguez |
curtin: status |
New |
Invalid |
|
2016-04-26 11:39:38 |
Ante Karamatić |
bug |
|
|
added subscriber Ante Karamatić |
2016-04-26 13:19:12 |
Andres Rodriguez |
summary |
No way to inject apt archive/mirror key 'in-target' before apt starts processing packages |
curtin/maas don't support derived repositories. We need a way to specify an archive key |
|
2016-04-26 13:43:07 |
Andres Rodriguez |
maas: status |
Invalid |
New |
|
2016-04-26 13:43:11 |
Andres Rodriguez |
curtin: status |
Invalid |
New |
|
2016-04-26 13:43:15 |
Andres Rodriguez |
maas: importance |
Undecided |
High |
|
2016-04-26 13:46:26 |
Adam Collard |
bug |
|
|
added subscriber Landscape |
2016-04-26 13:52:08 |
Andres Rodriguez |
branch linked |
|
lp:~paolo-de-rosa/curtin/curtin |
|
2016-04-26 13:54:39 |
Andres Rodriguez |
maas: importance |
High |
Wishlist |
|
2016-04-26 13:54:43 |
Andres Rodriguez |
maas: importance |
Wishlist |
Critical |
|
2016-04-26 13:59:48 |
Ante Karamatić |
bug |
|
|
added subscriber Christian Reis |
2016-04-26 15:06:07 |
Jon Grimm |
bug |
|
|
added subscriber Jon Grimm |
2016-04-26 15:06:37 |
Jon Grimm |
bug |
|
|
added subscriber Scott Moser |
2016-04-26 16:27:15 |
Andres Rodriguez |
maas: milestone |
|
2.0.0 |
|
2016-04-26 23:51:25 |
Andres Rodriguez |
branch linked |
|
lp:~andreserl/maas/lp1574113 |
|
2016-05-04 14:33:52 |
Gavin Panella |
maas: status |
New |
Triaged |
|
2016-05-09 20:33:22 |
Andres Rodriguez |
summary |
curtin/maas don't support derived repositories. We need a way to specify an archive key |
curtin/maas don't support multiple (derived) archives/repositories with custom keys |
|
2016-05-09 20:33:27 |
Andres Rodriguez |
maas: milestone |
2.0.0 |
next |
|
2016-05-17 07:03:11 |
Christian Ehrhardt |
branch linked |
|
lp:~paelzer/cloud-init/test-apt-source |
|
2016-05-17 07:04:11 |
Christian Ehrhardt |
bug task added |
|
cloud-init (Ubuntu) |
|
2016-05-17 07:04:20 |
Christian Ehrhardt |
cloud-init (Ubuntu): status |
New |
Triaged |
|
2016-05-17 07:04:24 |
Christian Ehrhardt |
cloud-init (Ubuntu): importance |
Undecided |
Medium |
|
2016-05-27 10:09:54 |
Paolo de Rosa |
tags |
|
4010 |
|
2016-06-03 19:32:36 |
Launchpad Janitor |
branch linked |
|
lp:cloud-init |
|
2016-06-03 19:32:43 |
Scott Moser |
bug task added |
|
cloud-init |
|
2016-06-03 19:33:02 |
Scott Moser |
cloud-init: status |
New |
Fix Committed |
|
2016-06-03 19:33:12 |
Scott Moser |
cloud-init: importance |
Undecided |
Medium |
|
2016-06-05 02:01:23 |
Launchpad Janitor |
cloud-init (Ubuntu): status |
Triaged |
Fix Released |
|
2016-06-06 13:33:11 |
Launchpad Janitor |
branch linked |
|
lp:~smoser/ubuntu/yakkety/cloud-init/pkg |
|
2016-06-07 09:20:55 |
Christian Ehrhardt |
curtin: status |
New |
Confirmed |
|
2016-06-07 09:20:58 |
Christian Ehrhardt |
curtin: assignee |
|
ChristianEhrhardt (paelzer) |
|
2016-06-07 09:21:17 |
Christian Ehrhardt |
curtin: importance |
Undecided |
Medium |
|
2016-06-22 13:57:22 |
Ryan Harper |
branch linked |
|
lp:~paelzer/curtin/bug-1574113-derived-repositories |
|
2016-06-22 13:57:51 |
Ryan Harper |
tags |
4010 |
4010 curtin-sru |
|
2016-06-22 20:09:16 |
Launchpad Janitor |
branch linked |
|
lp:~smoser/ubuntu/xenial/cloud-init/pkg |
|
2016-06-23 19:02:16 |
Scott Moser |
nominated for series |
|
Ubuntu Xenial |
|
2016-06-23 19:02:16 |
Scott Moser |
bug task added |
|
cloud-init (Ubuntu Xenial) |
|
2016-06-23 19:02:29 |
Scott Moser |
cloud-init (Ubuntu Xenial): status |
New |
In Progress |
|
2016-06-23 19:02:43 |
Scott Moser |
cloud-init (Ubuntu Xenial): importance |
Undecided |
Medium |
|
2016-06-23 19:02:43 |
Scott Moser |
cloud-init (Ubuntu Xenial): assignee |
|
Scott Moser (smoser) |
|
2016-07-11 15:58:33 |
Scott Moser |
cloud-init (Ubuntu Xenial): status |
In Progress |
Fix Released |
|
2016-07-11 15:58:46 |
Scott Moser |
cloud-init (Ubuntu Xenial): status |
Fix Released |
In Progress |
|
2016-07-27 04:51:58 |
Nobuto Murata |
bug |
|
|
added subscriber Nobuto Murata |
2016-08-02 16:53:33 |
Launchpad Janitor |
branch linked |
|
lp:curtin |
|
2016-08-10 14:52:37 |
Scott Moser |
cloud-init: status |
Fix Committed |
Fix Released |
|
2016-08-18 21:18:44 |
Scott Moser |
curtin: status |
Confirmed |
Fix Committed |
|
2016-09-13 21:14:38 |
Scott Moser |
cloud-init (Ubuntu Xenial): status |
In Progress |
Fix Committed |
|
2016-09-27 19:02:03 |
Andres Rodriguez |
maas: milestone |
next |
2.1.0 |
|
2016-09-27 19:02:07 |
Andres Rodriguez |
maas: importance |
Critical |
Wishlist |
|
2016-09-27 19:02:09 |
Andres Rodriguez |
maas: status |
Triaged |
Fix Released |
|
2016-09-29 18:05:15 |
Launchpad Janitor |
branch linked |
|
lp:~smoser/ubuntu/yakkety/curtin/pkg |
|
2016-10-03 18:52:23 |
Launchpad Janitor |
branch linked |
|
lp:~raharper/ubuntu/xenial/curtin/pkg-sru-revno425 |
|
2016-10-03 21:58:40 |
Ryan Harper |
description |
In a customer environment I have to deploy using offline resources (no internet connection at all), so I created apt mirror and MAAS images mirror. I configured MAAS to use the local mirrors and I'm able to commission the nodes but I'm not able to deploy the nodes because there is no way to add gpg key of the local repo in target before the 'late' stage'.
Using curtin I'm able to add the key but too late, in fact according with http://bazaar.launchpad.net/~curtin-dev/curtin/trunk/view/head:/curtin/commands/install.py#L52 "late" stage is executed after "curthooks" this prevent to add the key.
I checked also apt_config function in curthooks.py I did't see code that add the key for each mirror.
It should be possible to add gpg public of the repository in maas.
----------------------------------
configs/config-000.cfg
----------------------------------
#cloud-config
debconf_selections:
maas: |
cloud-init cloud-init/datasources multiselect MAAS
cloud-init cloud-init/maas-metadata-url string http://100.107.231.164/MAAS/metadata/
cloud-init cloud-init/maas-metadata-credentials string oauth_token_key=8eZmzQWSSQzsUkaLnE&oauth_token_secret=LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP&oauth_consumer_key=htwDZJFtmv2YvQXhUW
cloud-init cloud-init/local-cloud-config string apt_preserve_sources_list: true\nmanage_etc_hosts: false\nmanual_cache_clean: true\nreporting:\n maas: {consumer_key: htwDZJFtmv2YvQXhUW, endpoint: 'http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515',\n token_key: 8eZmzQWSSQzsUkaLnE, token_secret: LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP,\n type: webhook}\nsystem_info:\n package_mirrors:\n - arches: [i386, amd64]\n failsafe: {primary: 'http://archive.ubuntu.com/ubuntu', security: 'http://security.ubuntu.com/ubuntu'}\n search:\n primary: ['http://100.107.231.166/']\n security: ['http://100.107.231.166/']\n - arches: [default]\n failsafe: {primary: 'http://ports.ubuntu.com/ubuntu-ports', security: 'http://ports.ubuntu.com/ubuntu-ports'}\n search:\n primary: ['http://ports.ubuntu.com/ubuntu-ports']\n security: ['http://ports.ubuntu.com/ubuntu-ports']\n
late_commands:
maas: [wget, '--no-proxy', 'http://100.107.231.164/MAAS/metadata/latest/by-id/node-61b6987c-07a7-11e6-9d23-5254003d2515/', '--post-data', 'op=netboot_off', '-O', '/dev/null']
apt_key: ["curtin", "in-target", "--", "sh", "-c", "/usr/bin/wget --no-proxy -qO - http://100.107.231.166/magellan.key | apt-key add -"]
power_state:
mode: reboot
apt_mirrors:
ubuntu_archive: http://100.107.231.166//
ubuntu_security: http://100.107.231.166//
----- curtin end of log ------
Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'
Setting up swapspace version 1, size = 8388604 KiB
no label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089
Get:1 http://100.107.231.166 trusty InRelease [17.7 kB]
Get:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]
Get:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]
Ign http://100.107.231.166 trusty InRelease
Get:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]
Ign http://100.107.231.166 trusty-updates InRelease
Ign http://100.107.231.166 trusty-security InRelease
Get:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]
Get:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]
Get:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]
Get:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]
Get:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]
Get:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]
Get:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]
Get:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]
Get:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]
Get:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]
Get:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]
Fetched 505 kB in 0s (3,772 kB/s)
Reading package lists...
W: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
W: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
W: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
Reading package lists...
Building dependency tree...
Reading state information...
The following extra packages will be installed:
libdevmapper-event1.02.1 libreadline5 watershed
Suggested packages:
thin-provisioning-tools
The following NEW packages will be installed:
ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed
0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.
Need to get 635 kB of archives.
After this operation, 1,885 kB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2
E: There are problems and -y was used without --force-yes
Unexpected error while running command.
Command: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']
Exit code: 100
Reason: -
Stdout: ''
Stderr: ''
builtin command failed
Installation failed with exception: Unexpected error while running command.
Command: ['curtin', 'curthooks']
Exit code: 3
Reason: -
Stdout: "Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'\nSetting up swapspace version 1, size = 8388604 KiB\nno label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089\nGet:1 http://100.107.231.166 trusty InRelease [17.7 kB]\nGet:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]\nGet:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]\nIgn http://100.107.231.166 trusty InRelease\nGet:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]\nIgn http://100.107.231.166 trusty-updates InRelease\nIgn http://100.107.231.166 trusty-security InRelease\nGet:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]\nGet:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]\nGet:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]\nGet:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]\nGet:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]\nGet:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]\nGet:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]\nGet:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]\nGet:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]\nGet:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]\nGet:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]\nFetched 505 kB in 0s (3,772 kB/s)\nReading package lists...\nW: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nReading package lists...\nBuilding dependency tree...\nReading state information...\nThe following extra packages will be installed:\n libdevmapper-event1.02.1 libreadline5 watershed\nSuggested packages:\n thin-provisioning-tools\nThe following NEW packages will be installed:\n ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed\n0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.\nNeed to get 635 kB of archives.\nAfter this operation, 1,885 kB of additional disk space will be used.\nWARNING: The following packages cannot be authenticated!\n libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2\nE: There are problems and -y was used without --force-yes\nUnexpected error while running command.\nCommand: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']\nExit code: 100\nReason: -\nStdout: ''\nStderr: ''\n"
Stderr: ''
failed posting event: finish: cmd-install: FAIL: curtin command install [[http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515] http error: 400]
Unexpected error while running command.
Command: ['curtin', 'curthooks']
Exit code: 3
Reason: -
Stdout: "Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'\nSetting up swapspace version 1, size = 8388604 KiB\nno label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089\nGet:1 http://100.107.231.166 trusty InRelease [17.7 kB]\nGet:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]\nGet:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]\nIgn http://100.107.231.166 trusty InRelease\nGet:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]\nIgn http://100.107.231.166 trusty-updates InRelease\nIgn http://100.107.231.166 trusty-security InRelease\nGet:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]\nGet:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]\nGet:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]\nGet:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]\nGet:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]\nGet:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]\nGet:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]\nGet:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]\nGet:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]\nGet:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]\nGet:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]\nFetched 505 kB in 0s (3,772 kB/s)\nReading package lists...\nW: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nReading package lists...\nBuilding dependency tree...\nReading state information...\nThe following extra packages will be installed:\n libdevmapper-event1.02.1 libreadline5 watershed\nSuggested packages:\n thin-provisioning-tools\nThe following NEW packages will be installed:\n ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed\n0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.\nNeed to get 635 kB of archives.\nAfter this operation, 1,885 kB of additional disk space will be used.\nWARNING: The following packages cannot be authenticated!\n libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2\nE: There are problems and -y was used without --force-yes\nUnexpected error while running command.\nCommand: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']\nExit code: 100\nReason: -\nStdout: ''\nStderr: ''\n"
Stderr: '' |
[Impact]
* Curtin doesn't support multiple derived archive/repositories with
custom keys as typically deployed in an offline Landscape deployment.
Adding the custom key resulted in an error when processing the
apt_source configuration as provided in this setup.
Curtin has been updated to support the updated apt-source model
implemented in cloud-init as well. Together the existing Landscape
deployments for offline users can now supply an apt-source config
that updates curtin to use the specified derived repository with a
custom key.
[Test Case]
* Install proposed curtin package and deploy a system behind a
Landscape Offline configuration with a derived repo.
PASS: Curtin will successfully accept the derived repo and install the
system from the specified apt repository.
FAIL: Curtin will fail to install the OS with an error like:
W: GPG error: http://100.107.231.166 trusty InRelease:
The following signatures couldn't be verified because the public key
is not available: NO_PUBKEY 2C6F2731D2B38BD3
E: There are problems and -y was used without --force-yes
Unexpected error while running command.
Command: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get',
'--quiet', '--assume-yes',
'--option=Dpkg::options::=--force-unsafe-io',
'--option=Dpkg::Options::=--force-confold', 'install',
'lvm2', 'ifenslave']
Exit code: 100
[Regression Potential]
* Other users of previous curtin 'apt_source' configurations may not
continue to work without re-formatting the apt_source configuration.
[Original Description]
In a customer environment I have to deploy using offline resources (no internet connection at all), so I created apt mirror and MAAS images mirror. I configured MAAS to use the local mirrors and I'm able to commission the nodes but I'm not able to deploy the nodes because there is no way to add gpg key of the local repo in target before the 'late' stage'.
Using curtin I'm able to add the key but too late, in fact according with http://bazaar.launchpad.net/~curtin-dev/curtin/trunk/view/head:/curtin/commands/install.py#L52 "late" stage is executed after "curthooks" this prevent to add the key.
I checked also apt_config function in curthooks.py I did't see code that add the key for each mirror.
It should be possible to add gpg public of the repository in maas.
----------------------------------
configs/config-000.cfg
----------------------------------
#cloud-config
debconf_selections:
maas: |
cloud-init cloud-init/datasources multiselect MAAS
cloud-init cloud-init/maas-metadata-url string http://100.107.231.164/MAAS/metadata/
cloud-init cloud-init/maas-metadata-credentials string oauth_token_key=8eZmzQWSSQzsUkaLnE&oauth_token_secret=LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP&oauth_consumer_key=htwDZJFtmv2YvQXhUW
cloud-init cloud-init/local-cloud-config string apt_preserve_sources_list: true\nmanage_etc_hosts: false\nmanual_cache_clean: true\nreporting:\n maas: {consumer_key: htwDZJFtmv2YvQXhUW, endpoint: 'http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515',\n token_key: 8eZmzQWSSQzsUkaLnE, token_secret: LKmn8sHgzEXfvzSZePAa9jUXvTMRrFNP,\n type: webhook}\nsystem_info:\n package_mirrors:\n - arches: [i386, amd64]\n failsafe: {primary: 'http://archive.ubuntu.com/ubuntu', security: 'http://security.ubuntu.com/ubuntu'}\n search:\n primary: ['http://100.107.231.166/']\n security: ['http://100.107.231.166/']\n - arches: [default]\n failsafe: {primary: 'http://ports.ubuntu.com/ubuntu-ports', security: 'http://ports.ubuntu.com/ubuntu-ports'}\n search:\n primary: ['http://ports.ubuntu.com/ubuntu-ports']\n security: ['http://ports.ubuntu.com/ubuntu-ports']\n
late_commands:
maas: [wget, '--no-proxy', 'http://100.107.231.164/MAAS/metadata/latest/by-id/node-61b6987c-07a7-11e6-9d23-5254003d2515/', '--post-data', 'op=netboot_off', '-O', '/dev/null']
apt_key: ["curtin", "in-target", "--", "sh", "-c", "/usr/bin/wget --no-proxy -qO - http://100.107.231.166/magellan.key | apt-key add -"]
power_state:
mode: reboot
apt_mirrors:
ubuntu_archive: http://100.107.231.166//
ubuntu_security: http://100.107.231.166//
----- curtin end of log ------
Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'
Setting up swapspace version 1, size = 8388604 KiB
no label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089
Get:1 http://100.107.231.166 trusty InRelease [17.7 kB]
Get:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]
Get:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]
Ign http://100.107.231.166 trusty InRelease
Get:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]
Ign http://100.107.231.166 trusty-updates InRelease
Ign http://100.107.231.166 trusty-security InRelease
Get:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]
Get:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]
Get:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]
Get:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]
Get:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]
Get:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]
Get:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]
Get:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]
Get:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]
Get:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]
Get:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]
Fetched 505 kB in 0s (3,772 kB/s)
Reading package lists...
W: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
W: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
W: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3
Reading package lists...
Building dependency tree...
Reading state information...
The following extra packages will be installed:
libdevmapper-event1.02.1 libreadline5 watershed
Suggested packages:
thin-provisioning-tools
The following NEW packages will be installed:
ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed
0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.
Need to get 635 kB of archives.
After this operation, 1,885 kB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2
E: There are problems and -y was used without --force-yes
Unexpected error while running command.
Command: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']
Exit code: 100
Reason: -
Stdout: ''
Stderr: ''
builtin command failed
Installation failed with exception: Unexpected error while running command.
Command: ['curtin', 'curthooks']
Exit code: 3
Reason: -
Stdout: "Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'\nSetting up swapspace version 1, size = 8388604 KiB\nno label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089\nGet:1 http://100.107.231.166 trusty InRelease [17.7 kB]\nGet:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]\nGet:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]\nIgn http://100.107.231.166 trusty InRelease\nGet:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]\nIgn http://100.107.231.166 trusty-updates InRelease\nIgn http://100.107.231.166 trusty-security InRelease\nGet:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]\nGet:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]\nGet:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]\nGet:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]\nGet:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]\nGet:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]\nGet:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]\nGet:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]\nGet:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]\nGet:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]\nGet:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]\nFetched 505 kB in 0s (3,772 kB/s)\nReading package lists...\nW: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nReading package lists...\nBuilding dependency tree...\nReading state information...\nThe following extra packages will be installed:\n libdevmapper-event1.02.1 libreadline5 watershed\nSuggested packages:\n thin-provisioning-tools\nThe following NEW packages will be installed:\n ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed\n0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.\nNeed to get 635 kB of archives.\nAfter this operation, 1,885 kB of additional disk space will be used.\nWARNING: The following packages cannot be authenticated!\n libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2\nE: There are problems and -y was used without --force-yes\nUnexpected error while running command.\nCommand: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']\nExit code: 100\nReason: -\nStdout: ''\nStderr: ''\n"
Stderr: ''
failed posting event: finish: cmd-install: FAIL: curtin command install [[http://100.107.231.164/MAAS/metadata/status/node-61b6987c-07a7-11e6-9d23-5254003d2515] http error: 400]
Unexpected error while running command.
Command: ['curtin', 'curthooks']
Exit code: 3
Reason: -
Stdout: "Leaving 'diversion of /etc/init/ureadahead.conf to /etc/init/ureadahead.conf.disabled by cloud-init'\nSetting up swapspace version 1, size = 8388604 KiB\nno label, UUID=e2fe91bc-91e9-4e43-b50f-209dfcf04089\nGet:1 http://100.107.231.166 trusty InRelease [17.7 kB]\nGet:2 http://100.107.231.166 trusty-updates InRelease [17.7 kB]\nGet:3 http://100.107.231.166 trusty-security InRelease [17.7 kB]\nIgn http://100.107.231.166 trusty InRelease\nGet:4 http://100.107.231.166 trusty/main amd64 Packages [412 kB]\nIgn http://100.107.231.166 trusty-updates InRelease\nIgn http://100.107.231.166 trusty-security InRelease\nGet:5 http://100.107.231.166 trusty/restricted amd64 Packages [20 B]\nGet:6 http://100.107.231.166 trusty/universe amd64 Packages [20 B]\nGet:7 http://100.107.231.166 trusty/multiverse amd64 Packages [20 B]\nGet:8 http://100.107.231.166 trusty-updates/main amd64 Packages [33.0 kB]\nGet:9 http://100.107.231.166 trusty-updates/restricted amd64 Packages [20 B]\nGet:10 http://100.107.231.166 trusty-updates/universe amd64 Packages [20 B]\nGet:11 http://100.107.231.166 trusty-updates/multiverse amd64 Packages [20 B]\nGet:12 http://100.107.231.166 trusty-security/main amd64 Packages [6,578 B]\nGet:13 http://100.107.231.166 trusty-security/restricted amd64 Packages [20 B]\nGet:14 http://100.107.231.166 trusty-security/universe amd64 Packages [20 B]\nGet:15 http://100.107.231.166 trusty-security/multiverse amd64 Packages [20 B]\nFetched 505 kB in 0s (3,772 kB/s)\nReading package lists...\nW: GPG error: http://100.107.231.166 trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nW: GPG error: http://100.107.231.166 trusty-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2C6F2731D2B38BD3\nReading package lists...\nBuilding dependency tree...\nReading state information...\nThe following extra packages will be installed:\n libdevmapper-event1.02.1 libreadline5 watershed\nSuggested packages:\n thin-provisioning-tools\nThe following NEW packages will be installed:\n ifenslave libdevmapper-event1.02.1 libreadline5 lvm2 watershed\n0 upgraded, 5 newly installed, 0 to remove and 10 not upgraded.\nNeed to get 635 kB of archives.\nAfter this operation, 1,885 kB of additional disk space will be used.\nWARNING: The following packages cannot be authenticated!\n libdevmapper-event1.02.1 libreadline5 ifenslave watershed lvm2\nE: There are problems and -y was used without --force-yes\nUnexpected error while running command.\nCommand: ['chroot', '/tmp/tmpcEfTLw/target', 'eatmydata', 'apt-get', '--quiet', '--assume-yes', '--option=Dpkg::options::=--force-unsafe-io', '--option=Dpkg::Options::=--force-confold', 'install', 'lvm2', 'ifenslave']\nExit code: 100\nReason: -\nStdout: ''\nStderr: ''\n"
Stderr: '' |
|
2016-10-05 15:39:15 |
Andy Whitcroft |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2016-10-05 15:39:21 |
Andy Whitcroft |
bug |
|
|
added subscriber SRU Verification |
2016-10-05 15:39:30 |
Andy Whitcroft |
tags |
4010 curtin-sru |
4010 curtin-sru verification-needed |
|
2016-10-05 15:44:59 |
Andy Whitcroft |
bug task added |
|
curtin (Ubuntu) |
|
2016-10-05 15:50:13 |
Andy Whitcroft |
curtin (Ubuntu Xenial): status |
New |
Fix Committed |
|
2016-10-05 15:50:15 |
Andy Whitcroft |
curtin (Ubuntu): status |
New |
Fix Released |
|
2016-10-06 20:49:24 |
Andres Rodriguez |
tags |
4010 curtin-sru verification-needed |
4010 curtin-sru verification-done |
|
2016-10-17 03:58:02 |
Launchpad Janitor |
curtin (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
2016-10-17 03:58:40 |
Martin Pitt |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2016-11-07 13:55:17 |
Blake Rouse |
nominated for series |
|
maas/1.9 |
|
2016-11-07 13:55:17 |
Blake Rouse |
bug task added |
|
maas/1.9 |
|
2016-11-07 13:55:31 |
Blake Rouse |
maas/1.9: status |
New |
Won't Fix |
|
2017-12-15 22:10:23 |
Scott Moser |
curtin: status |
Fix Committed |
Fix Released |
|
2023-05-10 12:25:22 |
James Falcon |
bug watch added |
|
https://github.com/canonical/cloud-init/issues/2658 |
|