Public bug reported:
I faced a weird issue after a ubuntu 20 to 22 os upgrade. The physical
nodes have lxc containers on it. Both the hosts and the containers are
upgraded from 20 to 22 ubuntu versions. After the upgrade, an internal
endpoint is reachable using curl from the hosts nodes. but from within
the containers on those hosts, the curl was timing out and failing
eventually with the following error:
---
cURL error 35: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
---
So i tried various combinations of openssl libraries but none of them
worked. The ping was successful to that endpoint from the lxc
containers. But only the curl was failing. The request packets were also
reaching the endpoint server from the lxc containers, but the endpoint
was not responding to those requests. But the same is working from the
host machine where the lxc containers are running. Could not find out
why ? At last I tried a reboot of the host machine and after the reboot
the endpoint is reachable from within the lxc containers as well. Can
anyone suggest or give their expert opinion as to why a simple reboot
fixed this issue ? Actually what was the root cause ?
Below are the specifications of the host machine and the containers.
Host:
------------
Ubuntu 22.04.2 LTS \n \l
5.19.0-42-generic #43~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Apr 21 16:51:08
UTC 2 x86_64 x86_64 x86_64 GNU/Linux
liblxc-common 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
amd64 Linux Containers userspace tools (common tools)
liblxc-dev 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
amd64 Linux Containers userspace tools (development)
liblxc1 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
amd64 Linux Containers userspace tools (library)
lxc 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
all Transitional package - lxc -> lxc-utils
lxc-dev 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
all Transitional package - lxc-dev -> liblxc-dev
lxc-templates 3.0.4-5
amd64 Linux Containers userspace tools (templates)
lxc-utils 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
amd64 Linux Containers userspace tools
python3-lxc 1:3.0.4-1ubuntu10
amd64 Linux Containers userspace tools (Python3 bindings)
centrifydc-openssl 5.5.2-578
amd64 Centrify DirectControl OpenSSL
openssl 3.0.2-0ubuntu1.9
amd64 Secure Sockets Layer toolkit - cryptographic utility
lxc containers:
-------------
Ubuntu 22.04.5 LTS \n \l
openssl 3.0.2-0ubuntu1.9
amd64 Secure Sockets Layer toolkit - cryptographic utility
5.19.0-42-generic #43~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Apr 21
16:51:08 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
** Affects: lxc (Ubuntu)
Importance: Undecided
Status: New
** Summary changed:
- network rechability
+ network reachability
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/2091025
Title:
network reachability
Status in lxc package in Ubuntu:
New
Bug description:
I faced a weird issue after a ubuntu 20 to 22 os upgrade. The physical
nodes have lxc containers on it. Both the hosts and the containers are
upgraded from 20 to 22 ubuntu versions. After the upgrade, an internal
endpoint is reachable using curl from the hosts nodes. but from within
the containers on those hosts, the curl was timing out and failing
eventually with the following error:
---
cURL error 35: error:1408F10B:SSL routines:ssl3_get_record:wrong version
number
---
So i tried various combinations of openssl libraries but none of them
worked. The ping was successful to that endpoint from the lxc
containers. But only the curl was failing. The request packets were
also reaching the endpoint server from the lxc containers, but the
endpoint was not responding to those requests. But the same is working
from the host machine where the lxc containers are running. Could not
find out why ? At last I tried a reboot of the host machine and after
the reboot the endpoint is reachable from within the lxc containers as
well. Can anyone suggest or give their expert opinion as to why a
simple reboot fixed this issue ? Actually what was the root cause ?
Below are the specifications of the host machine and the containers.
Host:
------------
Ubuntu 22.04.2 LTS \n \l
5.19.0-42-generic #43~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Apr 21 16:51:08
UTC 2 x86_64 x86_64 x86_64 GNU/Linux
liblxc-common 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
amd64 Linux Containers userspace tools (common tools)
liblxc-dev 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
amd64 Linux Containers userspace tools (development)
liblxc1 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
amd64 Linux Containers userspace tools (library)
lxc 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
all Transitional package - lxc -> lxc-utils
lxc-dev 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
all Transitional package - lxc-dev -> liblxc-dev
lxc-templates 3.0.4-5
amd64 Linux Containers userspace tools (templates)
lxc-utils 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
amd64 Linux Containers userspace tools
python3-lxc 1:3.0.4-1ubuntu10
amd64 Linux Containers userspace tools (Python3 bindings)
centrifydc-openssl 5.5.2-578
amd64 Centrify DirectControl OpenSSL
openssl 3.0.2-0ubuntu1.9
amd64 Secure Sockets Layer toolkit - cryptographic utility
lxc containers:
-------------
Ubuntu 22.04.5 LTS \n \l
openssl 3.0.2-0ubuntu1.9
amd64 Secure Sockets Layer toolkit - cryptographic utility
5.19.0-42-generic #43~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Apr 21
16:51:08 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2091025/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
