16.04:

$ lxc launch xenial x1
$ lxc file pull x1/etc/cloud/build.info -
build_name: server
serial: 20160211-034510
$ lxc exec x1 systemctl is-system-running
degraded
$ lxc exec x1 -- systemctl --state=failed
  UNIT                         LOAD   ACTIVE SUB    DESCRIPTION
● dev-hugepages.mount          loaded failed failed Huge Pages File System
● iscsid.service               loaded failed failed iSCSI initiator daemon (iscs
● systemd-remount-fs.service   loaded failed failed Remount Root and Kernel File
● systemd-sysctl.service       loaded failed failed Apply Kernel Variables
● lvm2-lvmetad.socket          loaded failed failed LVM2 metadata daemon socket
● systemd-journald-audit.socket loaded failed failed Journal Audit Socket

16.10:

$ lxc launch ubuntu:yakkety y1
$ lxc file pull y1/etc/cloud/build.info -
build_name: server
serial: 20170307
$ lxc exec y1 systemctl is-system-running
degraded
$ lxc exec y1 -- systemctl --state=failed
  UNIT                         LOAD   ACTIVE SUB    DESCRIPTION
● dev-hugepages.mount          loaded failed failed Huge Pages File System
● iscsid.service               loaded failed failed iSCSI initiator daemon (iscs
● open-iscsi.service           loaded failed failed Login to default iSCSI targe
● systemd-remount-fs.service   loaded failed failed Remount Root and Kernel File
● systemd-sysctl.service       loaded failed failed Apply Kernel Variables
● lvm2-lvmetad.socket          loaded failed failed LVM2 metadata daemon socket
● systemd-journald-audit.socket loaded failed failed Journal Audit Socket

17.04:

$ lxc launch ubuntu-daily:zesty z1
$ lxc file pull z1/etc/cloud/build.info -
build_name: server
serial: 20170315.1
$ lxc exec z1 systemctl is-system-running
degraded
$ lxc exec enormous-quetzal -- systemctl --state=failed
  UNIT                          LOAD   ACTIVE SUB    DESCRIPTION                         
● iscsid.service                loaded failed failed iSCSI initiator daemon (iscsid)     
● systemd-remount-fs.service    loaded failed failed Remount Root and Kernel File Systems
● lvm2-lvmetad.socket           loaded failed failed LVM2 metadata daemon socket         
● systemd-journald-audit.socket loaded failed failed Journal Audit Socket                

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.

4 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.

$ lxc exec enormous-quetzal apt policy open-iscsi
open-iscsi:
  Installed: 2.0.873+git0.3b4b4500-14ubuntu17

So things are better generally. I'm not sure if this is high enough priority where we might want to consider SRUing some of the changes back to 16.04?

--

Also, Serge, I was looking at your change from c#17 -- does that mean even privileged containers would no longer get their iSCSI devices to start? (iscsiadm mentions that iscsid is often needed) And shouldn't we do the same (to be consistent) for iscsid.service? Actually, it seems like if we had done it in iscsid.service, the following:

ExecStartPre=/bin/systemctl --quiet is-active iscsid.service

from open-iscsi.service would have avoided needing to change open-iscsi.service at all?