** Description changed: - LXD can't use nftables on the latest linux-kvm kernels for eoan, focal, - and groovy: + [Impact] + + LXD can't use nftables on the latest linux-kvm kernels for Eoan and + Focal, since nftables support is off in those kernels (contrary to + generic, where nftables is enabled). + + [Fix] + + Apply the attached config change + + [Regression potential] + + Low, we are enabling new CONFIG_NF* options widely used in generic since + a while. + + Boot performance wise, the config change has been tested on a isolated + KVM instance, iterating over 100 reboots and we didn't notice any + evident regression: + + 5.4.0-1018-kvm 20.04 focal (CPUS=1): + + kernel: 2.16371, user: 7.58647, total: 9.75018 + kernel_std: .03405, user_std: .33445, total_std: .33524 + + 5.4.0-1018-kvm~nft 20.04 focal (CPUS=1): + + kernel: 2.15961, user: 7.63694, total: 9.79655 + kernel_std: .03420, user_std: .36585, total_std: .37049 + + + --- + LXD can't use nftables on the latest linux-kvm kernels for eoan, focal, and groovy: - groovy: 5.4.0.1009.9 - focal: 5.4.0-1011.11 - eoan: 5.3.0.1017.19 LXD detects that nft tools are available, and nft tables can be listed; however, trying to create a new table or rule fails. Because of this, LXD has to fall back on xtables, which is a legacy package.
** Description changed: [Impact] - LXD can't use nftables on the latest linux-kvm kernels for Eoan and - Focal, since nftables support is off in those kernels (contrary to - generic, where nftables is enabled). + LXD can't use nftables on the latest Focal/linux-kvm kernel, since + nftables support is off (contrary to generic, where nftables is + enabled). [Fix] Apply the attached config change [Regression potential] - Low, we are enabling new CONFIG_NF* options widely used in generic since - a while. + Low, we are enabling CONFIG_NF* options widely used in generic since a + while. Boot performance wise, the config change has been tested on a isolated KVM instance, iterating over 100 reboots and we didn't notice any evident regression: 5.4.0-1018-kvm 20.04 focal (CPUS=1): kernel: 2.16371, user: 7.58647, total: 9.75018 kernel_std: .03405, user_std: .33445, total_std: .33524 5.4.0-1018-kvm~nft 20.04 focal (CPUS=1): kernel: 2.15961, user: 7.63694, total: 9.79655 kernel_std: .03420, user_std: .36585, total_std: .37049 - --- LXD can't use nftables on the latest linux-kvm kernels for eoan, focal, and groovy: - groovy: 5.4.0.1009.9 - focal: 5.4.0-1011.11 - eoan: 5.3.0.1017.19 LXD detects that nft tools are available, and nft tables can be listed; however, trying to create a new table or rule fails. Because of this, LXD has to fall back on xtables, which is a legacy package. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1881346 Title: linux-kvm should support nftables To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1881346/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
