miniONE does not work on ubuntu 22.04

[kotoko]

I tried to install opennebula using miniONE v6.6.0 and installation failed. I am using freshly installed Ubuntu 22.04 inside qemu + virt-manager. Also after script failure I can not connect to internet in firefox or in apt-get update. Here is log:

user@linux:~/Downloads$ sudo ./minione  --yes --password abc123 --bridge-interface minionebr

### Checks & detection
Checking AppArmor  SKIP will try to modify
Checking docker is installed  SKIP will try to install
Checking ansible  SKIP will try to install
Checking terraform  SKIP will try to install

### Main deployment steps:
Install OpenNebula frontend version 6.6
Install Terraform
Install Docker
Configure bridge minionebr with IP 172.16.100.1/24
Enable NAT over enp1s0
Modify AppArmor
Install OpenNebula KVM node
Export appliance and update VM template
Install pip 'ansible==2.9.9'

Do you agree? [yes/no]:

### Installation
Updating APT cache  OK
Updating PIP  OK
Install from PyPI 'ansible==2.9.9'  OK
Creating bridge interface minionebr  OK
Bring bridge interfaces up  OK
Enabling IPv4 forward  OK
Persisting IPv4 forward  OK
Configuring NAT using iptables  OK
Saving iptables changes  OK
Installing DNSMasq  retry 1 retry 2 retry 3 FAILED
apt-get -q -y install dnsmasq
--- STDERR ---
E: Nie uda\u0142o si\u0119 pobra\u0107 http://security.ubuntu.com/ubuntu/pool/universe/d/dnsmasq/dnsmasq_2.86-1.1ubuntu0.1_all.deb  Tymczasowy b\u0142\u0105d przy t\u0142umaczeniu "pl.archive.ubuntu.com"
E: Nie uda\u0142o si\u0119 pobra\u0107 niekt\u00f3rych archiw\u00f3w, prosz\u0119 spr\u00f3bowa\u0107 uruchomi\u0107 apt-get update lub u\u017cy\u0107 opcji --fix-missing.
--------------

[xorel]

I can't reproduce this issue, it seems the iptables are somehow wrong after adding NAT.
Could you post the iptables here?

[kotoko]

I recorded my screen with every step I did (30 MB).
https://www.dropbox.com/s/up31ro9wpvvz3bb/recording1.mkv?dl=1

[kotoko]

root@kotoko-Standard-PC-Q35-ICH9-2009:/home/kotoko/Pobrane# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

root@kotoko-Standard-PC-Q35-ICH9-2009:/home/kotoko/Pobrane# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    2   193 MASQUERADE  all  --  *      *       172.16.100.0/24     !172.16.100.0/24     

root@kotoko-Standard-PC-Q35-ICH9-2009:/home/kotoko/Pobrane# ip route
default via 192.168.122.1 dev enp1s0 proto dhcp metric 20100 
169.254.0.0/16 dev enp1s0 scope link metric 1000 
172.16.100.0/24 dev minionebr proto kernel scope link src 172.16.100.1 
192.168.122.0/24 dev enp1s0 proto kernel scope link src 192.168.122.221 metric 100 

root@kotoko-Standard-PC-Q35-ICH9-2009:/home/kotoko/Pobrane# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:23:bb:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.221/24 brd 192.168.122.255 scope global dynamic noprefixroute enp1s0
       valid_lft 3275sec preferred_lft 3275sec
    inet6 fe80::af47:93da:6b82:c28d/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: minionebr: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether f6:34:76:19:8a:83 brd ff:ff:ff:ff:ff:ff
    inet 172.16.100.1/24 brd 172.16.100.255 scope global minionebr
       valid_lft forever preferred_lft forever
    inet6 fe80::f434:76ff:fe19:8a83/64 scope link 
       valid_lft forever preferred_lft forever
4: minionebr-nic: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue master minionebr state UNKNOWN group default qlen 1000
    link/ether 8a:60:28:11:3b:8b brd ff:ff:ff:ff:ff:ff

[xorel]

Sorry for the silence.

So after enabling the NAT in iptables the box lost network connectivity, correct?
I don't see any obvious reason in the recording, could you eventually compare the network setup before and after running minione?

[kotoko]

compare the network setup before and after running minione

I do not have much free time at work to dig into it right now. However I can copy commands and paste results here.

Could you confirm that you tried to install fresh ubuntu 22.04 in virtual machine and then install miniONE with success?

[xorel]

Yes, we regularly test MiniONE on various systems, including Ubuntu 22.04

[kotoko]

I have strong suspicion that the problem I encountered is related to packages and apt dependencies inside ubuntu/debian repositories and not related to miniONE/opennebula but I do not have any proof. If nobody else can reproduce this I am OK with closing this issue.

[kotoko]

Today I managed to install using miniONE on Ubuntu Server 22.04. This issue could be related to only Ubuntu Desktop 22.04. Maybe during installation NetworkManager or something similar is removed and network configuration disappears?