Public bug reported:
Shiftfs right now prevents stacking overlayfs on top of it which
unfortunately means all users of Docker as well as some nested LXC users
which aren't using btrfs are going to break when they get switched over
to shiftfs.
** Affects: linux (Ubuntu)
Importance: Undecided
** Changed in: linux (Ubuntu)
Status: Incomplete => Triaged
** Tags added: shiftfs
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1824719
Title:
shiftfs: Allow stacking overlayfs
** Tags added: shiftfs
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1824812
Title:
apparmor does not start in Disco LXD containers
Status in AppArmor:
Triaged
Status in apparmor pac
@Khaled yes, it is and we have it now. What's still needed is for the
kernel to be signed so it can be used under secureboot.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1873809
Tit
Public bug reported:
This is another case of linux-kvm having unexplained differences
compared to linux-generic in areas that aren't related to hardware
drivers (see other bug we filed for missing nft).
This time, CPC is reporting that LXD no longer works on linux-kvm as we
now set vlan filtering
Trying to boot the proposed kernel in LXD:
"""
BdsDxe: loading Boot0007 "ubuntu" from
HD(1,GPT,25633192-5DBD-412A-8A50-E29B79F72A50,0x800,0x32000)/\EFI\ubuntu\shimx64.efi
BdsDxe: starting Boot0007 "ubuntu" from
HD(1,GPT,25633192-5DBD-412A-8A50-E29B79F72A50,0x800,0x32000)/\EFI\ubuntu\shimx64.efi
"""
Jun 18 13:56:15 f1 kernel: [0.383207] Trying to unpack rootfs image as
initramfs...
Jun 18 13:56:15 f1 kernel: [0.463102] Initramfs unpacking failed: Decoding
failed
"""
Is what we're getting on current generic kernel, though boot continues after
that.
I don't know if when that happ
All LXD virtual machines are hitting this too.
Run:
- lxc launch images:ubuntu/focal/cloud f1 && lxc console f1
And you'll see it show that message. As mentioned above, boot then still
goes ahead and you get a login prompt, but as that may not always be the
case.
For example in linux-kvm, that
@Stefan, so actually this is an actual regression.
1015 will boot just fine in LXD with secureboot disabled.
1017 will not boot at all in LXD with or without secureboot disabled.
I don't know if it's switching to a signed kernel which causes the lz4
issue but the result is a clear regression so I
Yeah, I think you're right, I also had the exact same panic happen now
on 1015, so it's likely some grub weirdness rather than kernel
regression.
It just so happened that in my last test I managed to get a working grub
config after moving to 1015 and not with 1017. Looks like we'll need to
poke at
"""
Loading Linux 5.4.0-1015-kvm ...
Loading initial ramdisk ...
Linux version 5.4.0-1015-kvm (buildd@lcy01-amd64-027) (gcc version 9.3.0
(Ubuntu 9.3.0-10ubuntu2)) #15-Ubuntu SMP Fri Jun 5 00:55:20 UTC 2020 (Ubuntu
5.4.0-1015.15-kvm 5.4.41)
Command line: BOOT_IMAGE=/boot/vmlinuz-5.4.0-1015-kvm
r
Hmm, actually no luck at booting either 1015 or 1017 on
security.secureboot=false here, poked at grub and it does load both
kernel and initrd...
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.ne
@smb Can you confirm that your system indeed goes through the initrd and
isn't just silently falling back to directly mounting and booting /?
Booting with break=mount would likely be a valid way to test this
(should drop you in a shell).
--
You received this bug notification because you are a me
https://paste.ubuntu.com/p/7yHDCFt75m/ for additional proof that the
initrd is never executed (break=top would immediately drop to a shell).
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bu
"""
stgraber@castiana:~$ lxc launch images:ubuntu/focal f1 --vm
Creating f1
Starting f1
stgraber@castiana:~$ lxc exec f1 bash
root@f1:~# echo "deb http://archive.ubuntu.com/ubuntu focal-proposed main
restricted universe multiverse" >> /etc/apt/sources.list
root@f1:~# apt-get update
Hit:1 http://ar
It's not the log above clearly shows the kernel loading an initrd.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1873809
Title:
Make linux-kvm bootable in LXD VMs
Status in cloud-i
Good to hear. I just ran into this today when working on a LXD appliance based
on Ubuntu Core.
btrfs isn't exactly great as an alternative and the 8GB Pi is definitely ZFS
capable so would be great to have :)
--
You received this bug notification because you are a member of Kernel
Packages, whi
@smb what's the state of groovy, did you push the config update there
too?
For the cloud images, we'll want to switch over to those using linux-kvm
in groovy first, then focal, so just want to make sure we'll get a
working kernel on there too!
--
You received this bug notification because you ar
Confirmed, 1018 boots fine here under Secure Boot, all good!
** Tags removed: verification-needed-focal
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net
Moved the bug over to the kernel.
Those log messages are caused by reference issues in a network namespace
preventing it from being flushed, in turn preventing the LXC monitor
from exiting, holding everything up.
** Package changed: lxd (Ubuntu) => linux (Ubuntu)
--
You received this bug notifi
** Changed in: lxc (Ubuntu)
Status: Confirmed => Invalid
** Changed in: upstart (Ubuntu)
Status: New => Won't Fix
** Changed in: linux (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Kernel
Packages, which is subscrib
** No longer affects: lxc (Ubuntu)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-goldfish in Ubuntu.
https://bugs.launchpad.net/bugs/1527374
Title:
CVE-2015-8709
Status in linux package in Ubuntu:
Fix Released
Status in linux
** Changed in: lxc (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1684481
Title:
KVM guest execution start apparmor blocks on /dev/p
Ok, so the fact that we thought this worked is clearly the result from
bad testing on our part, probably because of our simplestreams parsing
code we fixed yesterday...
We obviously still need to move LXD onto this images as booting the non-
kvm images takes twice as long as it should (due to them
I've tested a kernel with CONFIG_EFI_STUB added (thanks cking!).
This does boot with secureboot enabled, though the LXD agent fails to
start due to lack of vsock.
So in addition to CONFIG_EFI_STUB, it looks like we also need:
- CONFIG_VSOCKETS
- CONFIG_VIRTIO_VSOCKETS
- CONFIG_VIRTIO_VSOCKETS_
Marking cloud-images side of this as Invalid since the images themselves are
built correctly.
Re-packing with an updated kernel boots just fine, so we only need to track
this against linux-kvm.
** Changed in: cloud-images
Status: New => Invalid
** Summary changed:
- disk-kvm.img aren't
** Description changed:
The `disk-kvm.img` images which are to be preferred when run under
- virtualization, completely fail to boot under UEFI.
+ virtualization, currently completely fail to boot under UEFI.
- This is a critical issue as those are the images that LXD is now pulling
- by defa
Just tested it now, confirmed that this still boots fine and that this
time the LXD agent successfully starts too.
So this config seems suitable for us. That + enabling kernel signing
will get us working images.
Thanks!
--
You received this bug notification because you are a member of Kernel
Pa
Thanks Louis, so our testing may in fact have been accurate and things
regressed afterwards :)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1873809
Title:
Make linux-kvm bootable i
Hmm, actually, CONFIG_EFI_STUB is the one we were missing and I'm not
seeing that in your VM either, which makes me wonder how it was booted
in the first place :)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https:/
Ok, fixed the bug tasks and re-opened the bug as we still need this
kernel to get signed.
** Changed in: linux-kvm (Ubuntu)
Status: Fix Released => Triaged
** Changed in: cloud-images
Assignee: Roufique Hossain (roufique) => (unassigned)
** Changed in: linux-kvm (Ubuntu)
Assigne
To confirm that this isn't shiftfs related and that we were just causing
the issue to be hidden, I've run the same test on OpenSuse tumbleweed.
I chose that distro because it's apparmor-enabled, has snapd and a 5.4
kernel.
```
localhost:~ # snap install docker
docker 18.09.9 from Canonical* insta
/var/log/audit.log on Suse logs the same:
type=AVC msg=audit(1590086639.489:8595): apparmor="DENIED"
operation="open" profile="snap.docker.dockerd" name="/entrypoint.sh"
pid=5656 comm="entrypoint.sh" requested_mask="r" denied_mask="r" fsuid=0
ouid=0
--
You received this bug notification beca
Re-opening as I'm not seeing any mention of this being signed now.
** Changed in: linux-kvm (Ubuntu)
Status: Fix Released => Triaged
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bu
Right, I've sent a tweak to LXD upstream to detect such kernel setup and
fallback to xtables, but that's obviously not a situation we'd like to
rely on.
nftables is the current supported way of doing firewalling and is what
Ubuntu uses by default (through shim packages) as of 20.04, so we need
to
** Changed in: apparmor (Ubuntu)
Status: Confirmed => Invalid
** No longer affects: apparmor (Ubuntu Xenial)
** No longer affects: apparmor (Ubuntu Yakkety)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://
Pinged in #ubuntu-kernel today for an update. It'd be good to have
groovy signed soon so we can then roll this out to focal users.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1873809
** No longer affects: apparmor (Ubuntu)
** No longer affects: linux (Ubuntu Xenial)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1645037
Title:
apparmor_parser hangs indefinitely when
** Changed in: linux-5.4 (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-5.4 in Ubuntu.
https://bugs.launchpad.net/bugs/1864303
Title:
Removing the e1000e module causes a crash
Status in l
We've changed some of those timings in 3.0.4 which will make it in
Ubuntu in the next month or so, but those tests can still be slightly
flaky even in our CI as we're testing cluster recovery during random
node losses, sometimes things take a bit longer than the 30s timeout to
recover, especially o
Public bug reported:
Not sure which of the two needs fixing, but there's a path conflict
between zfs-linux and s390-tools which effectively prevents installing
ZFS on s390x in cosmic.
(Reading database ... 83042 files and directories currently installed.)
Preparing to unpack .../zfsutils-linux_0.
Closing the zfs task as this will be fixed in s390-tools.
** Changed in: zfs-linux (Ubuntu)
Status: Triaged => Invalid
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to zfs-linux in Ubuntu.
https://bugs.launchpad.net/bugs/1788314
Ti
Were you maybe using a privileged container before? Those aren't
affected by the /sys ownership issue.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1784501
Title:
libvirtd is unable to
** Changed in: linux (Ubuntu)
Status: Confirmed => Triaged
** Also affects: linux (Ubuntu Cosmic)
Importance: High
Status: Triaged
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Bionic)
Importance: Undecided
Actually, LXC/LXD can't set environment variables in that way as systemd
strips all inherited environment.
Looking at the backlog it sounds like it'd be safe for us to just turn
off that timeout entirely in Ubuntu given that we can assume we'll
always have devtmpfs where it matters and so there's
I'm confused, how is this change going to work when the "container"
environment variable is only present in PID1's environment but not in
any of its descendants?
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to zfs-linux in Ubuntu.
https://
That's because an attached process ("lxc-attach" or "lxc exec") isn't a
child of init, it's spawned directly by liblxc and so does have our env
variable set.
Any process which is a direct or indirect child of PID1 in the container
will be inheriting its environment through that path and as init sy
Not really, no. You can use systemd-detect-virt which is systemd
specific but should work as a regular user, otherwise you can try to add
some specialized checks like looking if /dev in the mount table is
devtmpfs or not.
--
You received this bug notification because you are a member of Kernel
Pa
The new liblxc has now migrated, so may be worth retrying.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1790521
Title:
lxd 3.0.2-0ubuntu3 ADT test failure with linux 4.18.0-7.8
Status
In preparation for an SRU, here is a minimal C testcase provided by
Wolfgang Bumiller:
```
/*
# apparmor_parser -r /etc/apparmor.d/bug-profile
# (tested without the flags here as well btw.)
profile bug-profile flags=(attach_disconnected,mediate_deleted) {
network,
file,
unix,
}
# gcc thi
Per discussion above:
- Closing the kernel tasks
- Raising priority on apparmor tasks to Critical (to match what kernel had)
- Assigning to jjohansen as the AppArmor maintainer
As we care about xenial, bionic and cosmic, we need point releases (or
cherry-pick) for:
- AppArmor 2.10 (2.10.95 in
@John any update on the point releases?
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1780227
Title:
locking sockets broken due to missing AppArmor socket mediation
patches
Status in
Ok, thanks for the update. I've now updated the bug once again to move
all the tasks over to the kernel. Can you attach the kernel patch here
when you can, I'm sure some of the subscribers may want to test this
ahead of the Ubuntu kernel fixes :)
** Changed in: linux (Ubuntu)
Importance: Undeci
I tested on two systems, one clean xenial and one clean bionic, both
running the current stable LXD snap with latest ArchLinux and Debian
containers. On both of them, upgrading to the kernels provided by John
fixed the file_lock denials and made the containers boot again.
So as far as I'm concerne
Installing the LXD snap from edge channel (for fscaps support), on the
current 4.4 kernel:
root@djanet:~# lxc launch ubuntu-daily:cosmic c1
To start your first container, try: lxc launch ubuntu:18.04
Creating c1
Starting c1
root@djanet:~# lxc exec c1 -- setcap cap_ne
** Tags added: verification-done-xenial
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1778286
Title:
Backport namespaced fscaps to xenial 4.4
Status in linux package in Ubuntu:
Fix R
Adding a task for bionic as we'll want this fix to be available for our 18.04
users.
No need to backport it to anything older than that though.
** Also affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Bionic)
Status: New => Triaged
*
Public bug reported:
My main server has been running into hard lockups about once a week ever
since I switched to the 4.15 Ubuntu 18.04 kernel.
When this happens, nothing is printed to the console, it's effectively
stuck showing a login prompt. The system is running with panic=1 on the
cmdline bu
Oh and whatever kernel I boot needs to have support for ZFS 0.7 or I
won't be able to read my drives.
** Tags added: apport-collected
** Description changed:
My main server has been running into hard lockups about once a week ever
since I switched to the 4.15 Ubuntu 18.04 kernel.
When t
apport information
** Attachment added: "CRDA.txt"
https://bugs.launchpad.net/bugs/1799497/+attachment/5204632/+files/CRDA.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799497
Ti
apport information
** Attachment added: "ProcCpuinfoMinimal.txt"
https://bugs.launchpad.net/bugs/1799497/+attachment/5204635/+files/ProcCpuinfoMinimal.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.l
apport information
** Attachment added: "Lspci.txt"
https://bugs.launchpad.net/bugs/1799497/+attachment/5204634/+files/Lspci.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799497
Well, kinda, this is a production server running a lot of publicly
visible services, so I can run test kernels on it so long as they don't
regress system security.
There's also the unfortunate problem that it takes over a week for me to
see the problem in most cases and that my last known good ker
apport information
** Attachment added: "CurrentDmesg.txt"
https://bugs.launchpad.net/bugs/1799497/+attachment/5204633/+files/CurrentDmesg.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net
apport information
** Attachment added: "UdevDb.txt"
https://bugs.launchpad.net/bugs/1799497/+attachment/5204638/+files/UdevDb.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799497
apport information
** Attachment added: "ProcInterrupts.txt"
https://bugs.launchpad.net/bugs/1799497/+attachment/5204636/+files/ProcInterrupts.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad
apport information
** Attachment added: "ProcModules.txt"
https://bugs.launchpad.net/bugs/1799497/+attachment/5204637/+files/ProcModules.txt
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/b
Note that I've deleted the wifisyslog and currentdmesg as they're not
relevant (current boot) and included information that I'd rather not
have exposed publicly.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs
apport information
** Attachment added: "WifiSyslog.txt"
https://bugs.launchpad.net/bugs/1799497/+attachment/5204639/+files/WifiSyslog.txt
** Attachment removed: "CurrentDmesg.txt"
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1799497/+attachment/5204633/+files/CurrentDmesg.txt
**
The server doesn't respond to pings when locked up.
I do have IPMI and console redirection going for my server and have
enabled all sysrq now though it's unclear whether I can send those
through the BMC yet (as just typing them would obviously send them to my
laptop...).
I've setup debug console
** Changed in: linux (Ubuntu Cosmic)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1789746
Title:
getxattr: always handle namespaced attribu
Just happened again, though the machine wouldn't reboot at all
afterwards, leading to the hosting provider going for a motherboard
replacement, so I guess better luck next week with debugging this.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscri
Oh, I am also using zram-config on the affected machine.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799497
Title:
4.15 kernel hard lockup about once a week
Status in linux package
The verification of the Stable Release Update for lxd has completed
successfully and the package has now been released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report. In
the event that you encounter a regr
Marking the LXD side of this fixed as we're now shipping as a snap by
default and the snap contains zfs.
** Changed in: lxd (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to zfs-linux in Ub
** Changed in: linux (Ubuntu Xenial)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1789746
Title:
getxattr: always handle namespaced attribu
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1884767
Title:
shiftfs: fix btrfs regression
Status in linux pack
We weren't planning to as the previous releases (xenial and bionic) did
not have "-kvm" image and their default image includes an initrd making
them boot just fine under LXD.
So it's really just groovy+focal that we need before we can start using those
images.
focal has been taken care of so we'r
Colin: This is not what this issue is about.
This issue is about getting the ZFS tools installed by default in server
images, with the problem that doing so now would result in zfs-zed
running all the time for everyone, regardless of whether they use ZFS or
not.
What we want is:
- Don't load the
No, the solution is that snapd shouldn't assume that /lib/modules exist
and just not attempt to bind-mount it if it's missing.
Systems that don't have kernels installed (like containers) shouldn't
have /lib/modules at all.
--
You received this bug notification because you are a member of Kernel
Ok, so that's an apparmor or apparmor profile problem.
LXD recently changed to also allow for apparmor profiles to be loaded
inside privileged containers. This seems to align with your timeline
above.
Before that change, your kvm process wasn't itself confined when run
inside a privileged LXD con
We're looking at changing lxc to show /dev/ptmx as a real file rather than
symlink. This is however not particularly easy because:
- It can't be a bind-mount from the host (or it will interact with the host's
devpts)
- It can't be a straight mknod (because that's not allowed in unprivileged
co
Public bug reported:
Hey there,
We've had one of our LXD users report that setting the setgid bit inside
a container using ZFS on Ubuntu 18.04 (zfs 0.7) is silently failing.
This is not a LXD bug as the exact same operation works on other
filesystems.
There are more details available here:
https
That looks like it, yes. As far as I know most of us only noticed this
when bionic switched from 0.6.x to 0.7.x so yes, 0.6.x seems fine and
current 0.7.x is affected.
I've commented on the github issue and will reach out to Wolfgang (Blub)
on IRC otherwise (he hangs out in the LXC/LXD dev channel
This has now been fixed upstream:
https://github.com/zfsonlinux/zfs/pull/7270#event-1510096286
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1753288
Title:
ZFS setgid broken on 0.7
St
Looks good to me. Delta on libseccomp is small and self contained and
aligns with what has been included in the upstream kernel.
FFe granted
** Changed in: libseccomp (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Kernel
Packages, which
** No longer affects: lxd (Ubuntu)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to zfs-linux in Ubuntu.
https://bugs.launchpad.net/bugs/1567557
Title:
Performance degradation of "zfs clone"
Status in Native ZFS for Linux:
New
Status
** No longer affects: lxd (Ubuntu Xenial)
** No longer affects: lxd (Ubuntu Zesty)
** No longer affects: lxd (Ubuntu Artful)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to zfs-linux in Ubuntu.
https://bugs.launchpad.net/bugs/1567557
Ti
** Changed in: lxd (Ubuntu Xenial)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1611078
Title:
Support snaps inside of lxd containers
Stat
Our test machines aren't particularly impressive, just 12GB of RAM or so.
Note that as can be seen above, we're using Alpine (busybox) images rather than
Ubuntu to limit the resource usage and get us to a lot more containers per
system.
--
You received this bug notification because you are a me
I'm trying to remember if we had to bump any of the sysctls to actually
reach 1024 containers, I don't think any of the usual suspects would be
in play until you reach 2000+ Alpine containers though.
If you do run out of some kernel resources, you can try applying the following
sysctls to get you
Public bug reported:
After upgrading to 4.4.0-65-generic all of our Jenkins test runners are
dying every 10 minutes or so. They don't answer on the network, on the
console or through serial console.
The kernel backtraces we got are:
```
buildd04 login: [ 1443.707658] BUG: unable to handle kernel
We can reproduce this very easily by triggering a LXD testsuite run
which causes a lot of apparmor profiles and namespaces
creation/deletion, causing this issue. A busy LXD host would also hit
this eventually (if the similar BUG we had before is any indication).
--
You received this bug notificat
Running the same thing on zesty to see if the problem is present there too.
We get something a bit different but the result ends up being the same, all the
test runners crash.
```
buildd07 login: [ 976.607283] NMI watchdog: BUG: soft lockup - CPU#3 stuck for
22s! [lxd:34563]
[ 988.645772] NMI
I'll install -67 on our jenkins runners and see if we can reproduce it.
The changelog is a bit confusing as it shows a whole bunch of apparmor
reverts, including the commits that were meant to fix this issue. So
it's unclear whether a proper implementation of the fix was then applied
on top. If not
Oh, I got confused between the two bug reports. So -67 is just the
revert. If so, then it's fine, we've been running with a pre-upload
build of this provided by Jon for a while now and haven't seen any full
hang. We do still run in the original apparmor bug but it's no worse
than before at least.
I'd have preferred that Ubuntu's zfsutils be patched to attempt to load
the kernel module as needed since that change means that now any
documentation telling the user to use "zpool create" or similar zfs
commands will fail unless the user manually plays with modprobe...
That very much feels like
Adding a priority "high" task against zfs-linux since this is a post-FF
regression in expected behavior from a tool in main.
Consider this as coming from me as a release team member and TB member
rather than LXD upstream.
My preference here is that rather than just breaking every single script
an
** Changed in: lxd (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to zfs-linux in Ubuntu.
https://bugs.launchpad.net/bugs/1672749
Title:
Please don't assume zfs module is always loaded
Stat
Creating 100 clones
Took: 4 seconds (25/s)
Creating 200 clones
Took: 13 seconds (15/s)
Creating 400 clones
Took: 46 seconds (8/s)
Creating 600 clones
Took: 156 seconds (3/s)
```
#!/bin/sh
zfs destroy -R castiana/testzfs
rm -Rf /tmp/testzfs
zfs create castiana/testzfs -o mountpoint=none
zfs snaps
1 - 100 of 261 matches
Mail list logo
