2017-02-04 17:55:01 |
Dustin Kirkland |
bug |
|
|
added bug |
2017-02-04 17:55:11 |
Dustin Kirkland |
bug task added |
|
lxd (Ubuntu) |
|
2017-02-04 17:55:20 |
Dustin Kirkland |
bug task added |
|
avahi (Ubuntu) |
|
2017-02-04 17:55:30 |
Dustin Kirkland |
tags |
|
maas-at-home |
|
2017-02-04 23:19:30 |
Stéphane Graber |
lxd (Ubuntu): status |
New |
Invalid |
|
2017-02-04 23:19:41 |
Stéphane Graber |
bug |
|
|
added subscriber Ubuntu containers team |
2017-02-05 01:25:39 |
Trent Lloyd |
bug |
|
|
added subscriber Trent Lloyd |
2017-02-08 05:53:50 |
Mike Pontillo |
maas: status |
New |
Invalid |
|
2017-02-08 06:02:44 |
Trent Lloyd |
avahi (Ubuntu): status |
New |
Confirmed |
|
2017-02-08 06:02:52 |
Trent Lloyd |
avahi (Ubuntu): importance |
Undecided |
High |
|
2017-02-08 06:02:57 |
Trent Lloyd |
avahi (Ubuntu): assignee |
|
Trent Lloyd (lathiat) |
|
2017-02-17 15:13:33 |
Paul Larson |
bug |
|
|
added subscriber Paul Larson |
2017-05-10 13:24:54 |
Trent Lloyd |
attachment added |
|
avahi-rlimits-artful.debdiff https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1661869/+attachment/4874663/+files/avahi-rlimits-artful.debdiff |
|
2017-05-10 16:26:36 |
Ubuntu Foundations Team Bug Bot |
tags |
maas-at-home |
maas-at-home patch |
|
2017-05-10 16:26:45 |
Ubuntu Foundations Team Bug Bot |
bug |
|
|
added subscriber Ubuntu Sponsors Team |
2017-05-26 13:22:15 |
Dustin Kirkland |
avahi (Ubuntu): status |
Confirmed |
In Progress |
|
2017-06-29 09:02:38 |
Dominique Poulain |
bug |
|
|
added subscriber Dominique Poulain |
2018-01-11 13:41:04 |
esnalabu |
bug |
|
|
added subscriber esnalabu |
2018-02-05 16:25:48 |
Gábor Mészáros |
bug |
|
|
added subscriber Gábor Mészáros |
2018-03-04 14:13:03 |
Sverre V Blindheim |
bug |
|
|
added subscriber Sverre V Blindheim |
2018-03-15 02:00:32 |
Trent Lloyd |
description |
The bug, and workaround, are clearly described in this mailing list thread:
https://lists.linuxcontainers.org/pipermail/lxc-users/2016-January/010791.html
I'm trying to install MAAS in a LXD container, but that's failing due to avahi package install problems. I'm tagging all packages here. |
[Original Description]
The bug, and workaround, are clearly described in this mailing list thread:
https://lists.linuxcontainers.org/pipermail/lxc-users/2016-January/010791.html
I'm trying to install MAAS in a LXD container, but that's failing due to avahi package install problems. I'm tagging all packages here.
[Issue]
Avahi sets a number of rlimits on startup including the maximum number of processes (nproc=2) and limits on memory usage. These limits are hit in a number of cases - specifically the maximum process limit is hit if you run lxd containers in 'privileged' mode such that avahi has the same uid in multiple containers and large networks can trigger the memory limit.
The fix is to remove these default rlimits completely from the configuration file.
[Impact]
* Avahi is unable to start inside of containers without UID namespace isolation because an rlimit on the maximum number of processes is set by default to 2. When a container launches Avahi, the total number of processes on the system in all containers exceeds this limit and Avahi is killed. It also fails at install time, rather than runtime due to a failure to start the service.
* Some users also have issues with the maximum memory allocation causing Avahi to exit on networks with a large number of services as the memory limit was quite small (4MB). Refer LP #1638345
[Test Case]
* setup lxd (apt install lxd, lxd init, get working networking)
* lxc launch ubuntu:16.04 avahi-test --config security.privileged=true
* lxc exec avahi-test sudo apt install avahi-daemon
This will fail if the parent host has avahi-daemon installed, however, if it does not you can setup a second container (avahi-test2) and install avahi there. That should then fail (as the issue requires 2 copies of avahi-daemon in the same uid namespace to fail)
[Regression Potential]
* The fix removes all rlimits configured by avahi on startup, this is an extra step avahi takes that most programs did not take (limiting memory usage, running process count, etc). It's possible an unknown bug then consumes significant system resources as a result of that limit no longer being in place, that was previously hidden by Avahi crashing instead. However I believe this risk is significantly reduced as this change has been shipping upstream for many months and have not seen any reports of new problems - however it has fixed a number of existing crashes/problems.
[Other Info]
* This change already exists upstream in 0.7 which is in bionic. SRU required to artful, xenial, trusty.
* The main case this may not fix the issue is if they have modified their avahi-daemon.conf file - but it will fix new installs and most installs as most users don't modify the file. And users may be prompted on upgrade to replace the file. |
|
2018-03-15 02:40:18 |
Trent Lloyd |
description |
[Original Description]
The bug, and workaround, are clearly described in this mailing list thread:
https://lists.linuxcontainers.org/pipermail/lxc-users/2016-January/010791.html
I'm trying to install MAAS in a LXD container, but that's failing due to avahi package install problems. I'm tagging all packages here.
[Issue]
Avahi sets a number of rlimits on startup including the maximum number of processes (nproc=2) and limits on memory usage. These limits are hit in a number of cases - specifically the maximum process limit is hit if you run lxd containers in 'privileged' mode such that avahi has the same uid in multiple containers and large networks can trigger the memory limit.
The fix is to remove these default rlimits completely from the configuration file.
[Impact]
* Avahi is unable to start inside of containers without UID namespace isolation because an rlimit on the maximum number of processes is set by default to 2. When a container launches Avahi, the total number of processes on the system in all containers exceeds this limit and Avahi is killed. It also fails at install time, rather than runtime due to a failure to start the service.
* Some users also have issues with the maximum memory allocation causing Avahi to exit on networks with a large number of services as the memory limit was quite small (4MB). Refer LP #1638345
[Test Case]
* setup lxd (apt install lxd, lxd init, get working networking)
* lxc launch ubuntu:16.04 avahi-test --config security.privileged=true
* lxc exec avahi-test sudo apt install avahi-daemon
This will fail if the parent host has avahi-daemon installed, however, if it does not you can setup a second container (avahi-test2) and install avahi there. That should then fail (as the issue requires 2 copies of avahi-daemon in the same uid namespace to fail)
[Regression Potential]
* The fix removes all rlimits configured by avahi on startup, this is an extra step avahi takes that most programs did not take (limiting memory usage, running process count, etc). It's possible an unknown bug then consumes significant system resources as a result of that limit no longer being in place, that was previously hidden by Avahi crashing instead. However I believe this risk is significantly reduced as this change has been shipping upstream for many months and have not seen any reports of new problems - however it has fixed a number of existing crashes/problems.
[Other Info]
* This change already exists upstream in 0.7 which is in bionic. SRU required to artful, xenial, trusty.
* The main case this may not fix the issue is if they have modified their avahi-daemon.conf file - but it will fix new installs and most installs as most users don't modify the file. And users may be prompted on upgrade to replace the file. |
[Original Description]
The bug, and workaround, are clearly described in this mailing list thread:
https://lists.linuxcontainers.org/pipermail/lxc-users/2016-January/010791.html
I'm trying to install MAAS in a LXD container, but that's failing due to avahi package install problems. I'm tagging all packages here.
[Issue]
Avahi sets a number of rlimits on startup including the maximum number of processes (nproc=2) and limits on memory usage. These limits are hit in a number of cases - specifically the maximum process limit is hit if you run lxd containers in 'privileged' mode such that avahi has the same uid in multiple containers and large networks can trigger the memory limit.
The fix is to remove these default rlimits completely from the configuration file.
[Impact]
* Avahi is unable to start inside of containers without UID namespace isolation because an rlimit on the maximum number of processes is set by default to 2. When a container launches Avahi, the total number of processes on the system in all containers exceeds this limit and Avahi is killed. It also fails at install time, rather than runtime due to a failure to start the service.
* Some users also have issues with the maximum memory allocation causing Avahi to exit on networks with a large number of services as the memory limit was quite small (4MB). Refer LP #1638345
[Test Case]
* setup lxd (apt install lxd, lxd init, get working networking)
* lxc launch ubuntu:16.04 avahi-test --config security.privileged=true
* lxc exec avahi-test sudo apt install avahi-daemon
This will fail if the parent host has avahi-daemon installed, however, if it does not you can setup a second container (avahi-test2) and install avahi there. That should then fail (as the issue requires 2 copies of avahi-daemon in the same uid namespace to fail)
[Regression Potential]
* The fix removes all rlimits configured by avahi on startup, this is an extra step avahi takes that most programs did not take (limiting memory usage, running process count, etc). It's possible an unknown bug then consumes significant system resources as a result of that limit no longer being in place, that was previously hidden by Avahi crashing instead. However I believe this risk is significantly reduced as this change has been shipping upstream for many months and have not seen any reports of new problems - however it has fixed a number of existing crashes/problems.
[Other Info]
* This change already exists upstream in 0.7 which is in bionic. SRU required to artful, xenial, trusty.
* The main case this may not fix the issue is if they have modified their avahi-daemon.conf file - but it will fix new installs and most installs as most users don't modify the file. And users may be prompted on upgrade to replace the file. |
|
2018-03-15 02:41:27 |
Trent Lloyd |
attachment added |
|
lp1661869-artful.debdiff https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1661869/+attachment/5079949/+files/lp1661869-artful.debdiff |
|
2018-03-15 02:41:41 |
Trent Lloyd |
attachment added |
|
lp1661869-xenial.debdiff https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1661869/+attachment/5079950/+files/lp1661869-xenial.debdiff |
|
2018-03-15 02:43:12 |
Trent Lloyd |
attachment added |
|
lp1661869-trusty.debdiff https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1661869/+attachment/5079951/+files/lp1661869-trusty.debdiff |
|
2018-03-15 12:22:47 |
Eric Desrochers |
description |
[Original Description]
The bug, and workaround, are clearly described in this mailing list thread:
https://lists.linuxcontainers.org/pipermail/lxc-users/2016-January/010791.html
I'm trying to install MAAS in a LXD container, but that's failing due to avahi package install problems. I'm tagging all packages here.
[Issue]
Avahi sets a number of rlimits on startup including the maximum number of processes (nproc=2) and limits on memory usage. These limits are hit in a number of cases - specifically the maximum process limit is hit if you run lxd containers in 'privileged' mode such that avahi has the same uid in multiple containers and large networks can trigger the memory limit.
The fix is to remove these default rlimits completely from the configuration file.
[Impact]
* Avahi is unable to start inside of containers without UID namespace isolation because an rlimit on the maximum number of processes is set by default to 2. When a container launches Avahi, the total number of processes on the system in all containers exceeds this limit and Avahi is killed. It also fails at install time, rather than runtime due to a failure to start the service.
* Some users also have issues with the maximum memory allocation causing Avahi to exit on networks with a large number of services as the memory limit was quite small (4MB). Refer LP #1638345
[Test Case]
* setup lxd (apt install lxd, lxd init, get working networking)
* lxc launch ubuntu:16.04 avahi-test --config security.privileged=true
* lxc exec avahi-test sudo apt install avahi-daemon
This will fail if the parent host has avahi-daemon installed, however, if it does not you can setup a second container (avahi-test2) and install avahi there. That should then fail (as the issue requires 2 copies of avahi-daemon in the same uid namespace to fail)
[Regression Potential]
* The fix removes all rlimits configured by avahi on startup, this is an extra step avahi takes that most programs did not take (limiting memory usage, running process count, etc). It's possible an unknown bug then consumes significant system resources as a result of that limit no longer being in place, that was previously hidden by Avahi crashing instead. However I believe this risk is significantly reduced as this change has been shipping upstream for many months and have not seen any reports of new problems - however it has fixed a number of existing crashes/problems.
[Other Info]
* This change already exists upstream in 0.7 which is in bionic. SRU required to artful, xenial, trusty.
* The main case this may not fix the issue is if they have modified their avahi-daemon.conf file - but it will fix new installs and most installs as most users don't modify the file. And users may be prompted on upgrade to replace the file. |
[Original Description]
The bug, and workaround, are clearly described in this mailing list thread:
https://lists.linuxcontainers.org/pipermail/lxc-users/2016-January/010791.html
I'm trying to install MAAS in a LXD container, but that's failing due to avahi package install problems. I'm tagging all packages here.
[Issue]
Avahi sets a number of rlimits on startup including the maximum number of processes (nproc=2) and limits on memory usage. These limits are hit in a number of cases - specifically the maximum process limit is hit if you run lxd containers in 'privileged' mode such that avahi has the same uid in multiple containers and large networks can trigger the memory limit.
The fix is to remove these default rlimits completely from the configuration file.
[Impact]
* Avahi is unable to start inside of containers without UID namespace isolation because an rlimit on the maximum number of processes is set by default to 2. When a container launches Avahi, the total number of processes on the system in all containers exceeds this limit and Avahi is killed. It also fails at install time, rather than runtime due to a failure to start the service.
* Some users also have issues with the maximum memory allocation causing Avahi to exit on networks with a large number of services as the memory limit was quite small (4MB). Refer LP #1638345
[Test Case]
* setup lxd (apt install lxd, lxd init, get working networking)
* lxc launch ubuntu:16.04 avahi-test --config security.privileged=true
* lxc exec avahi-test sudo apt install avahi-daemon
This will fail if the parent host has avahi-daemon installed, however, if it does not you can setup a second container (avahi-test2) and install avahi there. That should then fail (as the issue requires 2 copies of avahi-daemon in the same uid namespace to fail)
[Regression Potential]
* The fix removes all rlimits configured by avahi on startup, this is an extra step avahi takes that most programs did not take (limiting memory usage, running process count, etc). It's possible an unknown bug then consumes significant system resources as a result of that limit no longer being in place, that was previously hidden by Avahi crashing instead. However I believe this risk is significantly reduced as this change has been shipping upstream for many months and have not seen any reports of new problems - however it has fixed a number of existing crashes/problems.
* The main case this may not fix the issue is if they have modified their avahi-daemon.conf file - but it will fix new installs and most installs as most users don't modify the file. And users may be prompted on upgrade to replace the file.
[Other Info]
* This change already exists upstream in 0.7 which is in bionic. SRU required to artful, xenial, trusty. |
|
2018-03-15 12:24:38 |
Eric Desrochers |
nominated for series |
|
Ubuntu Trusty |
|
2018-03-15 12:24:38 |
Eric Desrochers |
bug task added |
|
avahi (Ubuntu Trusty) |
|
2018-03-15 12:24:38 |
Eric Desrochers |
bug task added |
|
lxd (Ubuntu Trusty) |
|
2018-03-15 12:24:38 |
Eric Desrochers |
nominated for series |
|
Ubuntu Artful |
|
2018-03-15 12:24:38 |
Eric Desrochers |
bug task added |
|
avahi (Ubuntu Artful) |
|
2018-03-15 12:24:38 |
Eric Desrochers |
bug task added |
|
lxd (Ubuntu Artful) |
|
2018-03-15 12:24:38 |
Eric Desrochers |
nominated for series |
|
Ubuntu Xenial |
|
2018-03-15 12:24:38 |
Eric Desrochers |
bug task added |
|
avahi (Ubuntu Xenial) |
|
2018-03-15 12:24:38 |
Eric Desrochers |
bug task added |
|
lxd (Ubuntu Xenial) |
|
2018-03-15 12:24:58 |
Eric Desrochers |
avahi (Ubuntu Trusty): assignee |
|
Trent Lloyd (lathiat) |
|
2018-03-15 12:25:13 |
Eric Desrochers |
avahi (Ubuntu Xenial): assignee |
|
Trent Lloyd (lathiat) |
|
2018-03-15 12:25:20 |
Eric Desrochers |
avahi (Ubuntu Artful): assignee |
|
Trent Lloyd (lathiat) |
|
2018-03-15 12:25:37 |
Eric Desrochers |
avahi (Ubuntu Trusty): importance |
Undecided |
Medium |
|
2018-03-15 12:25:39 |
Eric Desrochers |
avahi (Ubuntu Xenial): importance |
Undecided |
Medium |
|
2018-03-15 12:25:40 |
Eric Desrochers |
avahi (Ubuntu Artful): importance |
Undecided |
Medium |
|
2018-03-15 12:32:42 |
Eric Desrochers |
bug |
|
|
added subscriber Eric Desrochers |
2018-03-20 14:33:59 |
Eric Desrochers |
lxd (Ubuntu Trusty): status |
New |
Invalid |
|
2018-03-20 14:34:02 |
Eric Desrochers |
lxd (Ubuntu Xenial): status |
New |
Invalid |
|
2018-03-20 14:34:04 |
Eric Desrochers |
lxd (Ubuntu Artful): status |
New |
Invalid |
|
2018-03-20 14:34:13 |
Eric Desrochers |
avahi (Ubuntu Trusty): status |
New |
In Progress |
|
2018-03-20 14:34:16 |
Eric Desrochers |
avahi (Ubuntu Xenial): status |
New |
In Progress |
|
2018-03-20 14:34:19 |
Eric Desrochers |
avahi (Ubuntu Artful): status |
New |
In Progress |
|
2018-03-20 15:30:02 |
Eric Desrochers |
avahi (Ubuntu): status |
In Progress |
Fix Released |
|
2018-03-20 15:30:15 |
Eric Desrochers |
avahi (Ubuntu): assignee |
Trent Lloyd (lathiat) |
|
|
2018-03-21 13:20:38 |
Robie Basak |
avahi (Ubuntu Trusty): status |
In Progress |
Fix Committed |
|
2018-03-21 13:20:41 |
Robie Basak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2018-03-21 13:20:42 |
Robie Basak |
bug |
|
|
added subscriber SRU Verification |
2018-03-21 13:20:45 |
Robie Basak |
tags |
maas-at-home patch |
maas-at-home patch verification-needed verification-needed-trusty |
|
2018-03-21 13:21:03 |
Robie Basak |
removed subscriber Ubuntu Sponsors Team |
|
|
|
2018-03-21 13:21:36 |
Robie Basak |
avahi (Ubuntu Xenial): status |
In Progress |
Fix Committed |
|
2018-03-21 13:21:41 |
Robie Basak |
tags |
maas-at-home patch verification-needed verification-needed-trusty |
maas-at-home patch verification-needed verification-needed-trusty verification-needed-xenial |
|
2018-03-21 13:24:22 |
Robie Basak |
avahi (Ubuntu Artful): status |
In Progress |
Fix Committed |
|
2018-03-21 13:24:27 |
Robie Basak |
tags |
maas-at-home patch verification-needed verification-needed-trusty verification-needed-xenial |
maas-at-home patch verification-needed verification-needed-artful verification-needed-trusty verification-needed-xenial |
|
2018-03-29 02:37:40 |
Trent Lloyd |
tags |
maas-at-home patch verification-needed verification-needed-artful verification-needed-trusty verification-needed-xenial |
maas-at-home patch verification-done-artful verification-done-trusty verification-done-xenial verification-needed |
|
2018-04-05 07:08:41 |
Launchpad Janitor |
avahi (Ubuntu Artful): status |
Fix Committed |
Fix Released |
|
2018-04-05 07:08:50 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2018-04-05 07:15:12 |
Launchpad Janitor |
avahi (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
2018-04-05 07:17:15 |
Launchpad Janitor |
avahi (Ubuntu Trusty): status |
Fix Committed |
Fix Released |
|