Re: Faster LXD bootstraps and provisioning

On Mon, Aug 15, 2016 at 10:30 PM John Meinel wrote: > ... >> > > >> +### tuple ### allow any 8000 0.0.0.0/0 any 0.0.0.0/0 in >> +-A ufw-user-input -p tcp --dport 8000 -j ACCEPT >> +-A ufw-user-input -p udp --dport 8000 -j ACCEPT >> + >> >> > If I'm reading this one

Re: Faster LXD bootstraps and provisioning

On Mon, Aug 15, 2016 at 10:30 PM John Meinel wrote: > ... >> > > >> +### tuple ### allow any 8000 0.0.0.0/0 any 0.0.0.0/0 in >> +-A ufw-user-input -p tcp --dport 8000 -j ACCEPT >> +-A ufw-user-input -p udp --dport 8000 -j ACCEPT >> + >> >> > If I'm reading this one

Re: Faster LXD bootstraps and provisioning

I decided it'd be easier & safer to host squid-deb-proxy in a LXD container rather than the host. My host doesn't route inbound to LXD from other networks, and all the Juju machines can see it. On Tue, Aug 16, 2016 at 12:30 AM, John Meinel wrote: > ... >> > > >> +###

Re: Faster LXD bootstraps and provisioning

I decided it'd be easier & safer to host squid-deb-proxy in a LXD container rather than the host. My host doesn't route inbound to LXD from other networks, and all the Juju machines can see it. On Tue, Aug 16, 2016 at 12:30 AM, John Meinel wrote: > ... >> > > >> +###

Re: Faster LXD bootstraps and provisioning

> > ... > > +### tuple ### allow any 8000 0.0.0.0/0 any 0.0.0.0/0 in > +-A ufw-user-input -p tcp --dport 8000 -j ACCEPT > +-A ufw-user-input -p udp --dport 8000 -j ACCEPT > + > > If I'm reading this one correctly, it also means that anyone from *any* IP address (not restricted to your local

Re: Faster LXD bootstraps and provisioning

> > ... > > +### tuple ### allow any 8000 0.0.0.0/0 any 0.0.0.0/0 in > +-A ufw-user-input -p tcp --dport 8000 -j ACCEPT > +-A ufw-user-input -p udp --dport 8000 -j ACCEPT > + > > If I'm reading this one correctly, it also means that anyone from *any* IP address (not restricted to your local

Re: Faster LXD bootstraps and provisioning

My concern about your last configuration is that it appears to change your squid deb proxy into an open proxy by which anything can make a request to any website. At least that is my understanding of: http_access allow all (Its no longer a 'deb' proxy, its just a plain http proxy.) That may be

Re: Faster LXD bootstraps and provisioning

Yes thanks for doing the work to share this menn0. It is much appreciated. I also needed to change the following in squid-deb-proxy (even though I added a bunch of domains to /etc/squid-deb-proxy/mirror-dstdomain.acl.d/10-default): --- a/squid-deb-proxy/squid-deb-proxy.conf +++

Re: Faster LXD bootstraps and provisioning

Yes thanks for doing the work to share this menn0. It is much appreciated. I also needed to change the following in squid-deb-proxy (even though I added a bunch of domains to /etc/squid-deb-proxy/mirror-dstdomain.acl.d/10-default): --- a/squid-deb-proxy/squid-deb-proxy.conf +++

Re: Faster LXD bootstraps and provisioning

Thanks Rafael. Would you mind adding this to the wiki page? On 16 August 2016 at 02:31, Rafael Gonzalez wrote: > Hi Menno, > > Thanks for putting this together, great tips. I recently ran into an > issue which others could see as well. > > One may need to adjust

Re: Faster LXD bootstraps and provisioning

Good catch Casey. I've just updated the config in the gist to allow access to any mirror or PPA (in a cleaner way than in the blog article IMO). It seems to work well (apt-get download is nice way to test). On 16 August 2016 at 09:27, Casey Marshall wrote: >

Re: Faster LXD bootstraps and provisioning

Good catch Casey. I've just updated the config in the gist to allow access to any mirror or PPA (in a cleaner way than in the blog article IMO). It seems to work well (apt-get download is nice way to test). On 16 August 2016 at 09:27, Casey Marshall wrote: >

Re: Faster LXD bootstraps and provisioning

Menno, This is great and thanks for sharing! In case anyone else runs into this.. charms that install from PPAs will fail with this squid-deb-proxy setup. You'll need to allow archive mirrors for this to work. See https://1337.tips/ubuntu-cache-packages-using-squid-deb-proxy/ for an example. On

Re: Faster LXD bootstraps and provisioning

Menno, This is great and thanks for sharing! In case anyone else runs into this.. charms that install from PPAs will fail with this squid-deb-proxy setup. You'll need to allow archive mirrors for this to work. See https://1337.tips/ubuntu-cache-packages-using-squid-deb-proxy/ for an example. On

Re: Faster LXD bootstraps and provisioning

Hi Menno, Thanks for putting this together, great tips. I recently ran into an issue which others could see as well. One may need to adjust the following for large bundle deployments on LXD. A bundle deployment fails with errors about "Too many files open." This will increase number of max

Re: Faster LXD bootstraps and provisioning

Hi Menno, Thanks for putting this together, great tips. I recently ran into an issue which others could see as well. One may need to adjust the following for large bundle deployments on LXD. A bundle deployment fails with errors about "Too many files open." This will increase number of max

Re: Faster LXD bootstraps and provisioning

Interesting. With the new rework of some of the model config you can probably set some of those in the cloud definition and set some with "juju set-model-default" so it doesn't have to be set in every bootstrap and add-model. I'm not sure if all of it has landed, but it should certainly be in 2.0.

Re: Faster LXD bootstraps and provisioning

Interesting. With the new rework of some of the model config you can probably set some of those in the cloud definition and set some with "juju set-model-default" so it doesn't have to be set in every bootstrap and add-model. I'm not sure if all of it has landed, but it should certainly be in 2.0.

Faster LXD bootstraps and provisioning

I've put together a few tips on the wiki for speeding up bootstrap and provisioning times when using the Juju lxd provider. I find these techniques helpful when checking my work or investigating bugs - situations where you end up bootstrapping and deploying many times.

Faster LXD bootstraps and provisioning

I've put together a few tips on the wiki for speeding up bootstrap and provisioning times when using the Juju lxd provider. I find these techniques helpful when checking my work or investigating bugs - situations where you end up bootstrapping and deploying many times.