Ubuntu – How to get MAAS and Juju to recognize proxy settings in a deployment

jujumaas

So, I have Ubuntu 12.04 LTS, installed MaaS from the initial bootup, and then added JUJU. I'm behind a proxy, so, added proxy to /etc/apt/apt.conf and also to /etc/wgetrc. Doing that I could then use maas-import-pxe-files.

Setup my environment, everything seems fine, but when I boot the nodes up they can't resolve archive.ubuntu.com. Is there somewhere I have to set my proxy information so it's passed onto the nodes that connect to the MaaS server? I don't see any action in any squid logs, and not sure where I should put my proxy to the outside world so it should be passed on.

Any assistance is greatly appreciated!

Best Answer

  • I am afraid this is currently not a supported configuration for MAAS (but i would be happy to be wrong on this).

    I also have to use MAAS behind a proxy, and here is how i dealt with it:

    importing the pxe images:

    sudo http_proxy=http://my.proxy:3128/ maas-import-pxe-files
    

    Edit /usr/share/maas/preseeds/enlist_userdata

    set apt_proxy
    #we cannot use maas as a proxy as maas itself is behind a proxy
    #if we try, when we bootstrap zookeeper, it is not able to download archive.ubuntu.com/ubuntu/dists/precsie/Release
    apt_proxy: http://my.proxy:3128/
    

    Change /usr/share/maas/preseeds/preseed_master so that {{self.proxy}} is

    d-i     mirror/country string manual
    d-i     mirror/http/hostname string archive.ubuntu.com
    d-i     mirror/http/directory string /ubuntu
    d-i     mirror/http/proxy string http://my.proxy:3128/
    

    Be sure to actually remove the {{self.proxy}} macro or it will be expanded anyway if you just comment it out.

    Change /usr/share/maas/preseeds/generic so that

    d-i     preseed/late_command string true && \
        in-target sh -c 'f=$1; shift; echo $0 > $f && chmod 0440 $f $*' 'ubuntu ALL=(ALL) NOPASSWD: ALL' /etc/sudoers.d/maas && \
        in-target wget --no-proxy "{{node_disable_pxe_url|escape.shell}}" --post-data "{{node_disable_pxe_data|escape.shell}}" -O /dev/null && \
        true
    is 
    d-i     preseed/late_command string true && \
        in-target sh -c 'f=$1; shift; echo $0 > $f && chmod 0440 $f $*' 'ubuntu ALL=(ALL) NOPASSWD: ALL' /etc/sudoers.d/maas && \
        in-target wget --no-proxy "{{node_disable_pxe_url|escape.shell}}" --post-data "{{node_disable_pxe_data|escape.shell}}" -O /dev/null && \
        in-target apt-key adv --keyserver-options http-proxy=http://my.proxy:3128/ --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys "0x376a290ec8068b11" && \
        in-target sh -c 'http_proxy=http://my.proxy:3128/ https_proxy=http://my.proxy:3128/ apt-add-repository -m ppa:juju/pkgs --yes' && \
        in-target sh -c 'http_proxy=http://my.proxy:3128/ https_proxy=http://my.proxy:3128/ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5EDB1B62EC4926EA' && \
        true
    

    There may be better way to do it, it may not work everywhere, but it worked for me.

    Note that some charms must also be changed to use a proxy when they try to wget stuff from the internet or add some ppa.

  • Related Question