[Bug 1509414] Re: lxc postinst script checks available interfaces, can choose
** Description changed: [Problem] The released wily image preinstalls lxc, which breaks the assumption that lxc's preinst packaging script makes: It inspects the network to try to pick a 10.0.N.0 network that isn't being used, with N starting at 3, so this appears to have picked 10.0.3.0 when it was installed on whatever system was generating the image. This conflicts with the network that eth0 gets attached to when the image is brought up in a container, because it gets attached to the host's lxcbr0, which is using 10.0.3.x. This affects LXC, and should affect LXD but doesn't currently, as the metadata used for lxd images is still pointing to a beta2 release. The easiest way to reproduce this is to use the ubuntu-cloud lxc template on a wily host: [Test Case] - sudo lxc-create -t ubuntu-cloud -n wily - sudo lxc-start -n wily - sudo lxc-attach -n wily - # inside container, test connectivity, eg: - apt-get update + 1.) Verify expectation for each image +- -disk1.img cloud image, check for file +- -root.tar.xz image (used by lxd) and check for file +- -root.tar.gz image (used by lxc) + +For each of those images, verify: +a.) A cloud image should not have /etc/default/lxc-net +b.) lxd should be installed (dpkg-query --show | grep lxd) + + 2.) Start instance from updated image and start instance in lxc inside +launch instance on openstack or kvm or other +verify lxcbr0 bridge exists +lxc-create -t ubuntu-cloud -n bugcheck -- --release=wily --stream=daily +# wait until lxc-ls --fancy shows 'running' +lxc-attach -n bugcheck wget http://ubuntu.com + + 3.) Start instance from updated image and start instance in lxd inside +launch instance on openstack or kvm or other +verify lxcbr0 bridge exists +lxd import-images ubuntu wily +lxc launch ubuntu +# wait some amount +lxc attach bugcheck wget http://ubuntu.com + [Regression Potentional] Currently none as networking didn't work initially. ** Description changed: [Problem] The released wily image preinstalls lxc, which breaks the assumption that lxc's preinst packaging script makes: It inspects the network to try to pick a 10.0.N.0 network that isn't being used, with N starting at 3, so this appears to have picked 10.0.3.0 when it was installed on whatever system was generating the image. This conflicts with the network that eth0 gets attached to when the image is brought up in a container, because it gets attached to the host's lxcbr0, which is using 10.0.3.x. This affects LXC, and should affect LXD but doesn't currently, as the metadata used for lxd images is still pointing to a beta2 release. The easiest way to reproduce this is to use the ubuntu-cloud lxc template on a wily host: [Test Case] 1.) Verify expectation for each image -- -disk1.img cloud image, check for file -- -root.tar.xz image (used by lxd) and check for file -- -root.tar.gz image (used by lxc) + - -disk1.img cloud image, check for file + - -root.tar.xz image (used by lxd) and check for file + - -root.tar.gz image (used by lxc) -For each of those images, verify: -a.) A cloud image should not have /etc/default/lxc-net -b.) lxd should be installed (dpkg-query --show | grep lxd) + For each of those images, verify: + a.) A cloud image should not have /etc/default/lxc-net + b.) lxd should be installed (dpkg-query --show | grep lxd) 2.) Start instance from updated image and start instance in lxc inside -launch instance on openstack or kvm or other -verify lxcbr0 bridge exists -lxc-create -t ubuntu-cloud -n bugcheck -- --release=wily --stream=daily -# wait until lxc-ls --fancy shows 'running' -lxc-attach -n bugcheck wget http://ubuntu.com + launch instance on openstack or kvm or other + verify lxcbr0 bridge exists + lxc-create -t ubuntu-cloud -n bugcheck -- --release=wily --stream=daily + # wait until lxc-ls --fancy shows 'running' + lxc-attach -n bugcheck wget http://ubuntu.com 3.) Start instance from updated image and start instance in lxd inside -launch instance on openstack or kvm or other -verify lxcbr0 bridge exists -lxd import-images ubuntu wily -lxc launch ubuntu -# wait some amount -lxc attach bugcheck wget http://ubuntu.com - + launch instance on openstack or kvm or other + verify lxcbr0 bridge exists + lxd import-images ubuntu wily + lxc launch ubuntu + # wait some amount + lxc attach bugcheck wget http://ubuntu.com [Regression Potentional] - Currently none as networking didn't work initially. + The highest chance for fallout is a change in the /16 network that is chosen conflicting with some existing service. + + [Other Info] + Default apt install of lxc has always picked some 10.0.X.0/16 network to use for its lxcbr0 bridge. That network (often 10.0.3.0/16) would then be unreachable from the host.
[Bug 1509414] Re: lxc postinst script checks available interfaces, can choose
Updated debdiff, which 1. stops creation of /etc/default/lxc-net on package install 2. removes that file only if upgrading from the 1.0.4ubuntu4 version with an umodified /etc/default/lxc-net file ** Patch added: "lxcnet4.debdiff" https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+attachment/4503531/+files/lxcnet4.debdiff -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1509414 Title: lxc postinst script checks available interfaces, can choose To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1509414] Re: lxc postinst script checks available interfaces, can choose
I don't like disabling lxc-net, because it's simpler to tell a user to apt-get install lxd than to systemctl enable lxc-net or echo "USE_LXC_BRIDGE=true" | sudo tee -a /etc/default/lxc-net systemctl restart lxc-net -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1509414 Title: lxc postinst script checks available interfaces, can choose To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1509414] Re: lxc postinst script checks available interfaces, can choose
Not sure I like this approach. An init script should never change a system config, so this is a packaging policy violation... To be fair, anything we come up with which picks a random/unused subnet will still break users who may have this subnet in use behind a router, so that's not really an option either. For wily, I'd say we simply turn lxc-net off completely. That will add an extra step for any user who wants to use LXD, but it will also guarantee we don't regress anyone in the process. Doing so would require the CPC team to update /etc/default/lxc-net, setting USE_LXC_BRIDGE to false. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1509414 Title: lxc postinst script checks available interfaces, can choose To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1509414] Re: lxc postinst script checks available interfaces, can choose
** Description changed: [Problem] The released wily image preinstalls lxc, which breaks the assumption that lxc's preinst packaging script makes: It inspects the network to try to pick a 10.0.N.0 network that isn't being used, with N starting at 3, so this appears to have picked 10.0.3.0 when it was installed on whatever system was generating the image. This conflicts with the network that eth0 gets attached to when the image is brought up in a container, because it gets attached to the host's lxcbr0, which is using 10.0.3.x. - This affects LXC, and should affect LXD but doesn't currently. (see #2) + This affects LXC, and should affect LXD but doesn't currently, as the metadata used for lxd images is still pointing to a beta2 release. The easiest way to reproduce this is to use the ubuntu-cloud lxc template on a wily host: [Test Case] sudo lxc-create -t ubuntu-cloud -n wily sudo lxc-start -n wily sudo lxc-attach -n wily # inside container, test connectivity, eg: apt-get update [Regression Potentional] Currently none as networking didn't work initially. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1509414 Title: lxc postinst script checks available interfaces, can choose To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1509414] Re: lxc postinst script checks available interfaces, can choose
** Description changed: - The released wily image preinstalls lxc, which breaks the assumption - that lxc's preinst packaging script makes: + [Problem] + The released wily image preinstalls lxc, which breaks the assumption that lxc's preinst packaging script makes: It inspects the network to try to pick a 10.0.N.0 network that isn't being used, with N starting at 3, so this appears to have picked 10.0.3.0 when it was installed on whatever system was generating the image. This conflicts with the network that eth0 gets attached to when the image is brought up in a container, because it gets attached to the host's lxcbr0, which is using 10.0.3.x. This affects LXC, and should affect LXD but doesn't currently. (see #2) The easiest way to reproduce this is to use the ubuntu-cloud lxc template on a wily host: + [Test Case] + sudo lxc-create -t ubuntu-cloud -n wily sudo lxc-start -n wily sudo lxc-attach -n wily # inside container, test connectivity, eg: apt-get update + + [Regression Potentional] + Currently none as networking didn't work initially. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1509414 Title: lxc postinst script checks available interfaces, can choose To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1509414] Re: lxc postinst script checks available interfaces, can choose
Debdiff which works for me. I tested this by creating a cloud container, temporarily setting USE_LXC_BRIDGE=false, rebooting, building the package, setting USE_LXC_BRIDGE=true (leaving 10.0.3 as the lxcbr0 subnet), rebooting. lxcbr0 comes up with 10.0.4.1 as expected. A nested trusty container works fine. The package is targeted at wily, should be at xenial presumably. That should be the only needed update. ** Patch added: "lxcnet.debdiff" https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+attachment/4503325/+files/lxcnet.debdiff -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1509414 Title: lxc postinst script checks available interfaces, can choose To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1509414] Re: lxc postinst script checks available interfaces, can choose
** Changed in: lxc (Ubuntu) Importance: Undecided => Critical -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1509414 Title: lxc postinst script checks available interfaces, can choose To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1509414] Re: lxc postinst script checks available interfaces, can choose
Does not affect LXD only because the LXD metadata for simple-streams is out of date. We are going to hold off updating it until this bug is fixed and sru'ed. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1509414 Title: lxc postinst script checks available interfaces, can choose To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1509414] Re: lxc postinst script checks available interfaces, can choose
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: lxc (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1509414 Title: lxc postinst script checks available interfaces, can choose To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1509414] Re: lxc postinst script checks available interfaces, can choose
** Tags added: cloud-installer -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1509414 Title: lxc postinst script checks available interfaces, can choose To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509414/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
