Ubuntu
tuned package

[21.04 regression] tuned breaks networking in podman containers

Bug #1925765 reported by Martin Pitt
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tuned (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

This stopped working in 21.04:

  podman run -it --rm -p 5000:5000 --name registry docker.io/registry:2
  curl http://localhost:5000/v2/

The curl just hangs forever. This works fine in Ubuntu 20.10 with podman 2.0.6+dfsg1-1ubuntu1.

Outbound direction is also broken:

# podman run -it --rm docker.io/ubuntu:latest apt update
Err:1 http://archive.ubuntu.com/ubuntu focal InRelease
  Temporary failure resolving 'archive.ubuntu.com'

However, that's already the case in Ubuntu 20.10.

Unfortunately there are no tools like `ip` in the container to see network interfaces and routes, neither in fedora:latest.

/proc/net/dev and /proc/net/route do show an interface as expected, and they are exactly the same as in 20.10.

Package: podman 3.0.1+dfsg1-1ubuntu1
DistroRelease: Ubuntu 21.04

See original description
Martin Pitt (pitti)
description: updated
Revision history for this message
Reinhard Tartler (siretart) wrote :

Unfortunately, I cannot confirm this on a freshly installed Ubuntu 20.04 VM (that I grabbed with https://github.com/canonical/multipass on my laptop running debian/bullseye).

I've replicated the registry example with the registry like this:

  ubuntu@accessible-liger:~$ podman run -d -p 5000:5000 --name registry docker.io/registry:2
  40c86041d629bec154a29eadb00440cf5fa43d7acbd8e4ca5e1fc90dabd1a3ec

  ubuntu@accessible-liger:~$ curl -s localhost:5000/v2/ | jq
  {}

As for your network connectity issue:

  root@accessible-liger:~# podman run --rm -it debian
  Resolved "debian" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
  Trying to pull docker.io/library/debian:latest...
  Getting image source signatures
  Copying blob bd8f6a7501cc done
  Copying config 0d587dfbc4 done
  Writing manifest to image destination
  Storing signatures
  root@db1fb5ce9bf4:/# apt update
  Get:1 http://security.debian.org/debian-security buster/updates InRelease [65.4 kB]
  Get:2 http://deb.debian.org/debian buster InRelease [121 kB]
  Get:3 http://security.debian.org/debian-security buster/updates/main amd64 Packages [272 kB]
  Get:4 http://deb.debian.org/debian buster-updates InRelease [51.9 kB]
  Get:5 http://deb.debian.org/debian buster/main amd64 Packages [7907 kB]

I've tested both use-cases both in rootful and in rootless mode, both worked fine for me.

Changed in libpod (Ubuntu):
status: New → Incomplete
assignee: nobody → Reinhard Tartler (siretart)
Revision history for this message
Martin Pitt (pitti) wrote :

Thanks Reinhard for trying! I'm running a standard cloud image (https://cloud-images.ubuntu.com/daily/server/hirsute/current/hirsute-server-cloudimg-amd64.img), but with some additional packages installed. I'll go through them with a fine comb and see what's the one that breaks podman.

(But probably not before Monday, weather is just too nice 🌞)

Revision history for this message
Martin Pitt (pitti) wrote :

@Reinhard:

> Unfortunately, I cannot confirm this on a freshly installed Ubuntu 20.04

I assume this was a typo and you really meant 21.04.

> and see what's the one that breaks podman.

That was easy, it's tuned. Full reproducer:

apt install -y tuned
podman run -it --rm -p 5000:5000 --name registry docker.io/registry:2
curl http://localhost:5000/v2/

Curious, two years ago I already filed bug #1774000 where tuned breaks qemu. Reassigning for now.

summary: - [21.04 regression] networking broken in containers
+ [21.04 regression] tuned breaks networking in podman containers
affects: libpod (Ubuntu) → tuned (Ubuntu)
Changed in tuned (Ubuntu):
assignee: Reinhard Tartler (siretart) → nobody
status: Incomplete → New
Revision history for this message
Lucas Kanashiro (lucaskanashiro) wrote :

I cannot reproduce this issue in Ubuntu Noble (24.04), next LTS release, using the reproduction steps in comment #3. So marking this bug as Incomplete.

Changed in tuned (Ubuntu):
status: New → Incomplete
Revision history for this message
Martin Pitt (pitti) wrote :

I re-tested this on current 22.04 and 23.10, and it indeed seems fixed. Nice! I sent https://github.com/cockpit-project/cockpit-podman/pull/1539 to make sure that it stays that way.

Changed in tuned (Ubuntu):
status: Incomplete → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.