mount options for /run should be the same as initramfs tools

Bug #1799251 reported by Dimitri John Ledkov on 2018-10-22
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
systemd (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Unassigned
Bionic
Undecided
Unassigned
Cosmic
Undecided
Unassigned

Bug Description

mount options for /run should be the same as initramfs tools

[Impact]

 * /run is mounted with different options on initrd boots, and initrd-less boots. For consistency it should be the same

 * In particular, this causes overuse of RAM on hosts with dense deployment of containers. Specifically, runtime journald takes up at most 10% or /run, which is capped at 10% of ram, thus 1% of total RAM. However, on initrd-less boots (like lxd launch ubuntu-daily:foo), /run takes up all of RAM, and thus run-time journal is now capped at 10% of RAM. Which is really bad when one deploys more than 10 containers...

[Test Case]

 * Check total RAM on the host with `free -h`
 * lxd launch ubuntu-daily:release
 * In that container check the size of /run with `df -h | grep '/run$'`
 * /run should roughly be 1/10th of the total RAM.

[Regression Potential]

 * /run is meant to be small, and it is small on systems booted with initrd and everything works fine there. Reducing the default size of /run in the containers should not have averse impacts. The most notable change is that runtime journald is now capped 10x smaller in the containers, to the same size as on the hosts. If that is not enough, one should $ sudo mkdir /var/log/journal to have a larger persistent journal.

[Other Info]

 * This issue got escalated as affecting production deployments in the Canonical datacentre.

Related branches

Dimitri John Ledkov (xnox) wrote :

Hmmmm... not sure if /run should be limited to 10%, or if runtime journald should be limited to 1%.

Changed in systemd (Ubuntu):
status: New → Fix Committed
Changed in systemd (Ubuntu Cosmic):
status: New → In Progress
description: updated

Hello Dimitri, or anyone else affected,

Accepted systemd into cosmic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/239-7ubuntu10.5 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-cosmic to verification-done-cosmic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-cosmic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in systemd (Ubuntu Cosmic):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-cosmic
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package systemd - 239-7ubuntu15

---------------
systemd (239-7ubuntu15) disco; urgency=medium

  * core: set /run size to 10%, like initramfs-tools does.
    Currently there is a difference between initrd and initrd-less boots,
    w.r.t. size= mount option of /run. This yields different runtime journald caps
    (1% vs 10%), and on dense deployments of containers may result in OOM kills.
    (LP: #1799251)
    File: debian/patches/debian/UBUNTU-core-set-run-size-to-10-like-initramfs-tools-does.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fac2568fe716dc1a41bada78293dc6327a6df0d

  * resolved: Increase size of TCP stub replies.
    DNS_PACKET_PAYLOAD_SIZE_MAX is limiting the size of the stub replies to
    512 with EDNS off or 4096 with EDNS on, without checking the protocol
    used. This makes TCP replies for clients without EDNS support to be
    limited to 512, making the truncate flag useless if the query result is
    bigger than 512 bytes.
    This commit increases the size of TCP replies to DNS_PACKET_SIZE_MAX
    Fixes: #10816
    (cherry picked from commit e6eed9445956cfa496e1db933bfd3530db23bfce)
    (LP: #1804487)
    Author: Victor Tapia
    File: debian/patches/resolved-Increase-size-of-TCP-stub-replies.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=702a4566174c4d2bd84b70805107cfc1a7c128cc

 -- Dimitri John Ledkov <email address hidden> Mon, 03 Dec 2018 13:49:24 +0000

Changed in systemd (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers