Knife prepare results in "Network is unreachable" due to IPv6 lookup


#1

Hi.

I have a CentOS server that I want to bootstrap with Chef.

If I run the command (from my workstation, 1.2.3.4 is the IP address of the computer I want to prepare):

knife solo prepare root@1.2.3.4 -VV

I end up getting a bunch of errors. The significant one (first one) is this:

DEBUG: Initial command sudo yum -y install rsync
DEBUG: Running processed command sudo -p 'knife sudo password: ’ yum -y install rsync
DEBUG: sudo -p 'knife sudo password: ’ yum -y install rsync stdout: Loaded plugins: fastestmirror

DEBUG: sudo -p 'knife sudo password: ’ yum -y install rsync stdout: Determining fastest mirrors

DEBUG: sudo -p 'knife sudo password: ’ yum -y install rsync stdout: Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os error was
14: PYCURL ERROR 7 - "Failed to connect to 2a02:2498:1:3d:5054:ff:fed3:e91a: Network is unreachable"
Error: Cannot find a valid baseurl for repo: base

So it seems clear that the yum command is looking up an IPv6 address for the mirrorlist.

If I log into the server myself and do a “yum install rsync” everything works fine. I’ve also tried to disable IPv6 on the host being bootstrapped but that doesn’t work.

Does anybody know what’s going on here and how I can fix it?

I should note that the computer in question is behind a firewall and needs to use a proxy to establish a connection. I have added the proxy config in /etc/profile so my login sessions have http_proxy and https_proxy defined. However, I also tried adding the proxy definition to /etc/yum.conf and it behaved exactly the same (my login sessions could do yum install but knife prepare couldn’t).

I’d really appreciate some help here.

-Stefan Freyr.


#2

Ok so I managed to figure this out… well so to speak.

Turns out that there is something (as of yet unknown) going on when commands are given using sudo. If I run the yum install command directly on the server I finally saw the same error, that is, yum started to lookup the mirrorlist as an IPv6 address and failed.

So then I started to try to figure out how to get knife solo to not use sudo. Unfortunately that isn’t exactly straight forward. I don’t get why there isn’t a --no-sudo option on the command line?

Anyway, I managed to do this using the following hack:

knife prepare root@1.2.3.4 --sudo-command “”

That is, supply the empty string as the sudo command. When I did that stuff worked.

So to summarize:

  1. The underlying IPv6 problem has nothing to do with Chef

  2. The knife solo prepare/bootstrap command should IMO have a --no-sudo option.

Should I file #2 as a feature request somewhere?

-Stefan Freyr.


From: Stefán Freyr Stefánsson stefan@nextcode.com
Sent: Wednesday, May 14, 2014 4:55 PM
To: chef@lists.opscode.com
Subject: [chef] knife prepare results in “Network is unreachable” due to IPv6 lookup

Hi.

I have a CentOS server that I want to bootstrap with Chef.

If I run the command (from my workstation, 1.2.3.4 is the IP address of the computer I want to prepare):

knife solo prepare root@1.2.3.4 -VV

I end up getting a bunch of errors. The significant one (first one) is this:

DEBUG: Initial command sudo yum -y install rsync
DEBUG: Running processed command sudo -p 'knife sudo password: ’ yum -y install rsync
DEBUG: sudo -p 'knife sudo password: ’ yum -y install rsync stdout: Loaded plugins: fastestmirror

DEBUG: sudo -p 'knife sudo password: ’ yum -y install rsync stdout: Determining fastest mirrors

DEBUG: sudo -p 'knife sudo password: ’ yum -y install rsync stdout: Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os error was
14: PYCURL ERROR 7 - "Failed to connect to 2a02:2498:1:3d:5054:ff:fed3:e91a: Network is unreachable"
Error: Cannot find a valid baseurl for repo: base

So it seems clear that the yum command is looking up an IPv6 address for the mirrorlist.

If I log into the server myself and do a “yum install rsync” everything works fine. I’ve also tried to disable IPv6 on the host being bootstrapped but that doesn’t work.

Does anybody know what’s going on here and how I can fix it?

I should note that the computer in question is behind a firewall and needs to use a proxy to establish a connection. I have added the proxy config in /etc/profile so my login sessions have http_proxy and https_proxy defined. However, I also tried adding the proxy definition to /etc/yum.conf and it behaved exactly the same (my login sessions could do yum install but knife prepare couldn’t).

I’d really appreciate some help here.

-Stefan Freyr.