Ubuntu
subiquity package

cloud-init is always upgrading the kernel to latest

Bug #1983419 reported by Thomas Lejeune
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
subiquity (Ubuntu)
Confirmed
Medium
Unassigned

Bug Description

Hi !

I've been using cloud-init to build Ubuntu 20.04 VM Images with Packer from a the ISO file https://releases.ubuntu.com/20.04/ubuntu-20.04.4-live-server-amd64.iso that has been created couple of months ago, in February.

When starting an Ubuntu Server using this ISO file directly, we can see that the Kernel version is the kernel of February, which makes sense since that's the date of the ISO build.

Last month, in July, a bug has been detected in the latest version of the Linux kernel, version 5.4.0-122.

Due to this kernel bug, I have been trying to build an Ubuntu Image that would not use the latest kernel. My goal was then to later upgrade the kernel up to the last known working kernel, which is version 5.4.0-121.

Sadly, it seems like cloud-init is ignoring the option 'refresh-installer' and the Image that is built is directly installing the latest version of the kernel, which is the one that contains the bug.

I tried the following approach to disable the automatic upgrade of the kernel:

Test 1:
#cloud-config
autoinstall:
  refresh-installer:
    update: no

Test 2:
#cloud-config
autoinstall:
  early-commands:
    - apt-mark hold linux-generic linux-image-generic linux-header-generic

Test 3:
#cloud-config
autoinstall:
  early-commands:
    - echo "Unattended-Upgrade::Package-Blacklist {" > /target/etc/apt/apt.conf.d/50unattended-upgrades
    - echo "\"linux-generic\";" >> /target/etc/apt/apt.conf.d/50unattended-upgrades
    - echo "\"linux-image-generic\";" >> /target/etc/apt/apt.conf.d/50unattended-upgrades
    - echo "\"linux-headers-generic\";" >> /target/etc/apt/apt.conf.d/50unattended-upgrades
    - echo "};" >> /target/etc/apt/apt.conf.d/50unattended-upgrades

In Test 1 and 2, the kernel is anyway upgraded to version 5.4.0-122.

In test 3, the image fail to be built.

I believe there should be a way to avoid automatically upgrading the kernel to the latest version when building the image, but for some reason I have not been able to identify how to do that.

Any ideas ?

Thanks

Thomas

Revision history for this message
Alberto Contreras (aciba) wrote :

Hello Lejeune,

The `autoinstall` schema is handed over from cloud-init to subiquity in the installer boot and it is subiquity which consumes it. Therefore, I think this ticket belongs to subiquity.

The `refresh-installer` configuration relates to the update of the installer system, see [1]. But, subiquity performs an unattended-upgrade of the target system regardless of this configuration, and there is not a built-in option to disable it.

Doing a search, I have found an answer exposing some "unofficial" ways to disable the upgrade, see [2].

[1] https://ubuntu.com/server/docs/install/autoinstall-reference
[2] https://askubuntu.com/questions/1410553/how-to-disable-unattended-upgrades-during-autoinstall-user-data-cloud-config

tags: added: subiquity
tags: removed: subiquity
Alberto Contreras (aciba)
affects: cloud-init (Ubuntu) → subiquity (Ubuntu)
Revision history for this message
Thomas Lejeune (thomaslejeune) wrote :

Thanks for the answer, and thanks for moving the ticket to the right place.

I had a look at the examples you provided.

One of the example is suggesting to use a parameter called `updates`, like follow:

#cloud-config
autoinstall:
  updates: security

But when I look at the autoinstall docs, the `updates` parameter does not seems to exist or being documented.

Docs: https://ubuntu.com/server/docs/install/autoinstall-reference

Łukasz Zemczak (sil2100)
Changed in subiquity (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in subiquity (Ubuntu):
status: New → Confirmed
Revision history for this message
Adrian Vill (goat-whisper) wrote :

Hello team ubuntu,

Experiencing the same issue that was recently occurring due to the new build iteration of 5.15.0 generic. I have NI driver dependencies that require this GA kernel, and suddenly been breaking after
5.15.0-105.generic.

Source forum -
https://forums.ni.com/t5/Instrument-Control-GPIB-Serial/GPL-incompatible-module-nikal-ko-when-installing-NI-linux-driver/m-p/4372897

This ticket been open for some time now, curious if there was a change or native option for subiquity to disable unattended-upgrades or add a kernel parameter to select a requested build ( Prefer this over downgrading )

Been trying to disable all unitended update/upgrades using a combination of early, run and late commands in the userdata as well as parameters - 'package_update: false' & 'package_upgrade: false' with no success.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.