CentOS 8.x Unable to fetch GPG key from keyserver issue

From Notes_Wiki
Revision as of 07:17, 11 July 2021 by Saurabh (talk | contribs) (Created page with "<yambe:breadcrumb self="Unable to fetch GPG key from keyserver issue">CentOS 8.x lxc troubleshooting|lxc troubleshooting</yambe:breadcrumb> =CentOS 8.x Unable to fetch GPG key...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

<yambe:breadcrumb self="Unable to fetch GPG key from keyserver issue">CentOS 8.x lxc troubleshooting|lxc troubleshooting</yambe:breadcrumb>

CentOS 8.x Unable to fetch GPG key from keyserver issue

It is possible to get following error while doing lxc-create with download template:

[root@rekallcm1 ~]# lxc-create -n clamav1 -t download -- -r 8-Stream -a amd64 -d centos
The cached copy has expired, re-downloading...
Setting up the GPG keyring
ERROR: Unable to fetch GPG key from keyserver
lxc-create: clamav1: lxccontainer.c: create_run_template: 1625 Failed to create container from template
lxc-create: clamav1: tools/lxc_create.c: main: 331 Failed to create container clamav1

To solve this we can specify "--no-validate" as template option (Not lxc option) using:

lxc-create  -n clamav1 -t download -- --no-validate -a amd64 -d centos -r 8-Stream

This would generate warning:

WARNING: Running without gpg validation!

but should solve the keysearver not reachable issue.


Note that at time of this writing download template specification at '/usr/share/lxc/templates/lxc-download' has config\

DOWNLOAD_KEYSERVER="hkp://p80.pool.sks-keyservers.net:80"

However, if we do nslookup for this host

[saurabh@rekallcm1 ~]$ nslookup p80.pool.sks-keyservers.net 4.2.2.2
Server:		4.2.2.2
Address:	4.2.2.2#53

** server can't find p80.pool.sks-keyservers.net: NXDOMAIN

we get NXDOMAIN error. Till the issue is fixed the command wont work without the --no-validate option.



<yambe:breadcrumb self="Unable to fetch GPG key from keyserver issue">CentOS 8.x lxc troubleshooting|lxc troubleshooting</yambe:breadcrumb>