Backport the container stack in Hirsute
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
containerd (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Lucas Kanashiro | ||
Focal |
Fix Released
|
Undecided
|
Lucas Kanashiro | ||
Groovy |
Fix Released
|
Undecided
|
Lucas Kanashiro | ||
docker.io (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Lucas Kanashiro | ||
Focal |
Fix Released
|
Undecided
|
Lucas Kanashiro | ||
Groovy |
Fix Released
|
Undecided
|
Lucas Kanashiro | ||
runc (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Lucas Kanashiro | ||
Focal |
Fix Released
|
Undecided
|
Lucas Kanashiro | ||
Groovy |
Fix Released
|
Undecided
|
Lucas Kanashiro |
Bug Description
[Impact]
In order to follow our policy on keeping the container stack (docker.io, containerd, and runc) up-to-date in our supported releases, let's backport the stack in Hirsute to Groovy, Focal, and Bionic.
docker.io version 20.10.2 was introduced in mid January in Hirsute and no issue was reported so far against it, which demonstrates its stability. Also, runc version 1.0-rc93 has an important fix regarding a glibc and seccomp issue (LP: #1916485). And finally, containerd version 1.4.4 has a fix for CVE-2021-21334.
[Test Plan]
Per https:/
[Where problems could occur]
As usual, we deliver most benefit to our users by delivering an upstream experience. A risk of regressions is part of that.
[Other Info]
The SRU team brought up to my attention that a couple of changes were made to the containerd service file which worth a mention here. The following lines were added by upstream:
+RestartSec=5
+OOMScoreAdjust
The docker.io service file also has some changes made by upstream:
[Unit]
-BindsTo=
+Wants=
[Service]
+OOMScoreAdjust
The changes in the Unit section is fine because this is the current behavior of our debian packages (we are patching it to apply this change). The second change in the Service section was the default already but then upstream moved from code to the service unit file. Look at the changes dropped from docker.io current in Groovy (components/
- flags.IntVar(
Due to that I believe the changes made are safe to be backported.
Changed in runc (Ubuntu Groovy): | |
assignee: | nobody → Lucas Kanashiro (lucaskanashiro) |
status: | New → In Progress |
Changed in runc (Ubuntu Focal): | |
assignee: | nobody → Lucas Kanashiro (lucaskanashiro) |
status: | New → In Progress |
Changed in runc (Ubuntu Bionic): | |
assignee: | nobody → Lucas Kanashiro (lucaskanashiro) |
status: | New → In Progress |
Changed in runc (Ubuntu): | |
status: | New → Invalid |
Changed in docker.io (Ubuntu): | |
status: | New → Invalid |
Changed in containerd (Ubuntu): | |
status: | New → Invalid |
Changed in docker.io (Ubuntu Groovy): | |
assignee: | nobody → Lucas Kanashiro (lucaskanashiro) |
status: | New → In Progress |
Changed in docker.io (Ubuntu Focal): | |
assignee: | nobody → Lucas Kanashiro (lucaskanashiro) |
status: | New → In Progress |
Changed in docker.io (Ubuntu Bionic): | |
assignee: | nobody → Lucas Kanashiro (lucaskanashiro) |
status: | New → In Progress |
Changed in containerd (Ubuntu Groovy): | |
assignee: | nobody → Lucas Kanashiro (lucaskanashiro) |
status: | New → In Progress |
Changed in containerd (Ubuntu Focal): | |
assignee: | nobody → Lucas Kanashiro (lucaskanashiro) |
status: | New → In Progress |
Changed in containerd (Ubuntu Bionic): | |
assignee: | nobody → Lucas Kanashiro (lucaskanashiro) |
status: | New → In Progress |
Changed in runc (Ubuntu): | |
status: | Invalid → Fix Released |
Changed in docker.io (Ubuntu): | |
status: | Invalid → Fix Released |
Changed in containerd (Ubuntu): | |
status: | Invalid → Fix Released |
description: | updated |
Hello Lucas, or anyone else affected,
Accepted runc into groovy-proposed. The package will build now and be available at https:/ /launchpad. net/ubuntu/ +source/ runc/1. 0.0~rc93- 0ubuntu1~ 20.10.1 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification- needed- groovy to verification- done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed- groovy. In either case, without details of your testing we will not be able to proceed.
Further information regarding the verification process can be found at https:/ /wiki.ubuntu. com/QATeam/ PerformingSRUVe rification . Thank you in advance for helping!
N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.