Ubuntu
linux package

No tcp_keepalive_time in LXD container

Bug #1736804 reported by John Radley
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Medium
Joseph Salisbury
Xenial
Won't Fix
Medium
Joseph Salisbury

Bug Description

Using LXD v2.20 on Ubuntu 16.04 host, with kernel
Linux 4.4.100-mainline-rev1 #1 SMP Tue Nov 21 08:44:48 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

I get the following

# cat /proc/sys/net/ipv4/tcp_keepalive_time
cat: /proc/sys/net/ipv4/tcp_keepalive_time: No such file or directory

I'm informed from linuxcontainers.org, that this is a kernel bug.
https://discuss.linuxcontainers.org/t/why-is-there-no-tcp-keepalive-under-lxd/891

I happen to be trying to run Kolab.org in a container, and some of their python code errors as this is parameter is not found. Clearly someone has found this in Kolab before as there's a patch
https://github.com/TBits/KolabScripts/blob/KolabWinterfell/kolab/patches/fixPykolabIMAPKeepAlive.patch
But the problem is in other places too.

It could be argued that Kolab should code round this issue.
But on the other hand, with out it, and in general, other applications would not run in containers, which perhaps is a undesirable limitation.

Thus it's why I'm reporting here.
And there may be other parameters not appearing in the container too.

Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1736804

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Revision history for this message
Joseph Salisbury (jsalisbury) wrote :

Would it be possible for you to test the latest upstream kernel? Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest v4.15 kernel[0].

If this bug is fixed in the mainline kernel, please add the following tag 'kernel-fixed-upstream'.

If the mainline kernel does not fix this bug, please add the tag: 'kernel-bug-exists-upstream'.

Once testing of the upstream kernel is complete, please mark this bug as "Confirmed".

Thanks in advance.

[0] http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.15-rc2

Changed in linux (Ubuntu):
importance: Undecided → Medium
tags: added: kernel-da-key
Revision history for this message
Christian Brauner (cbrauner) wrote :

I tested on 4.14 (Ubuntu) and 4.15 (Mainline) tcp_keepalive_time appears on both in new user namespaces.

tags: added: kernel-fixed-upstream
Revision history for this message
Christian Brauner (cbrauner) wrote :

The relevant commit that namespaces this file is:

commit 13b287e8d1cad951634389f85b8c9b816bd3bb1e
Author: Nikolay Borisov <email address hidden>
Date: Thu Jan 7 16:38:43 2016 +0200

    ipv4: Namespaceify tcp_keepalive_time sysctl knob

    Different net namespaces might have different requirements as to
    the keepalive time of tcp sockets. This might be required in cases
    where different firewall rules are in place which require tcp
    timeout sockets to be increased/decreased independently of the host.

    Signed-off-by: Nikolay Borisov <email address hidden>
    Signed-off-by: David S. Miller <email address hidden>

Changed in linux (Ubuntu):
status: Incomplete → Fix Committed
Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu):
status: Fix Committed → In Progress
assignee: nobody → Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu Xenial):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Joseph Salisbury (jsalisbury)
Revision history for this message
Joseph Salisbury (jsalisbury) wrote :

I built a test kernel with commit 13b287e8d1cad951634389f85b8c9b816bd3bb1e. The test kernel can be downloaded from:
http://kernel.ubuntu.com/~jsalisbury/lp1736804

Can you test this kernel and see if it resolves this bug?

Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu):
status: In Progress → Incomplete
Changed in linux (Ubuntu Xenial):
status: In Progress → Incomplete
Revision history for this message
Tyler Hicks (tyhicks) wrote :

The commit mentioned in comment #4 has been upstream since kernel v4.5. Marking the main linux task as fix released.

Changed in linux (Ubuntu):
status: Incomplete → Fix Released
Revision history for this message
Tyler Hicks (tyhicks) wrote :

The reporter states in the linuxcontainers.org discussion and in this bug description that he's not using an Ubuntu kernel.

This is fixed in Ubuntu 18.04 and will soon be available in Ubuntu 16.04 via the hardware enablement kernel. I'm marking this Xenial task as Won't Fix in regards to its 4.4 kernel.

Changed in linux (Ubuntu Xenial):
status: Incomplete → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.