Avahi is setting some rather strict rlimits which affect everything
which uses that kernel uid, crossing container boundaries and so
breaking containers.
Unfortunately MAAS requires a privileged container right now, so you
can't resort to uid mapping to avoid this problem. At the LXD level, all
we can do to avoid this problem is to allow you to have one distinct id
map per container, which we already support. But that's only going to
work for unprivileged containers.
One fix could be to tweak our avahi to relax or if not that useful,
entirely remove those rlimits as it's a rather frequent pain point and
I'm not sure of the benefit of those rlimits in the first place.
Another fix would be to not have MAAS depend on avahi and let you
install and run it without avahi, which is effectively what Brian's
instructions do (as they disable avahi-daemon in the container).
Marking the LXD task Invalid, as we're already doing all we can in this regard
by supporting non-overlapping id maps for unprivileged containers.
** Changed in: lxd (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to avahi in Ubuntu.
https://bugs.launchpad.net/bugs/1661869
Title:
maas install fails inside of a 16.04 lxd container due to avahi
problems
Status in MAAS:
New
Status in avahi package in Ubuntu:
New
Status in lxd package in Ubuntu:
Invalid
Bug description:
The bug, and workaround, are clearly described in this mailing list
thread:
https://lists.linuxcontainers.org/pipermail/lxc-
users/2016-January/010791.html
I'm trying to install MAAS in a LXD container, but that's failing due
to avahi package install problems. I'm tagging all packages here.
To manage notifications about this bug go to:
https://bugs.launchpad.net/maas/+bug/1661869/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
