LXC/LXD installed by default on Ubuntu server

Status changed to 'Confirmed' because the bug affects multiple users.

Thank you for taking the time to report this bug and helping to make Ubuntu better. It seems that your bug report is not filed about a specific source package though, rather it is just filed against Ubuntu in general. It is important that bug reports be filed about source packages so that people interested in the package can find the bugs about it. You can find some hints about determining what package your bug might be about at https://wiki.ubuntu.com/Bugs/FindRightPackage. You might also ask for help in the #ubuntu-bugs irc channel on Freenode.

To change the source package that this bug is filed about visit https://bugs.launchpad.net/ubuntu/+bug/1563026/+editstatus and add the package name in the text box next to the word Package.

[This is an automated message. I apologize if it reached you inappropriately; please just reply to this message indicating so.]

Thank you Brian for marking the proper package. I wasn't sure what the package name would be for the virtual package "ubuntu". Though now in retrospect, ubuntu-meta is pretty obvious.

Indeed, LXD was added to the default Ubuntu server seed in the 15.10 cycle, so this has been the case for at least 6 months.

LXD is extremely important to the Ubuntu server. Basically, every Ubuntu server can now be 100x more Ubuntu (or other Linux) servers!

This is an important and key concept to Ubuntu as a scale out platform.

Note that LXD images are *not* downloaded until you use them for the first time, so those aren't included in the base image.

Thanks!
Dustin

I understand Ubuntu wants to push it's container framework. But what you're saying is that every Ubuntu server installation will have iscsi, libvirt, lxd, dnsmasq, and all of their dependencies by default. Not the best strategy. Perhaps a check box in tasksel for "Containers" would have been more wise.

What is the alternative method to perform a minimal install, especially on UEFI platforms?

Frankly, whether or not I can run 100 gallion Ubuntu servers with LXD on my server with KVM/Xen/a host which needs no virtualization at all on it is irrevelant.

On a brand-new server install (which I prefer to keep to an absolute minimal) on bare-metal on Xenial, I now have:

- A bridge that does nothing for me
- By extension, a stateful firewall with iptables which
a) Could have a negative impact on high throughput hosts
b) Gets in the way of hosts which have their firewalls statically configured with Puppet/Ansible/etc
- dnsmasq which is running a DNS and DHCP service

Do we really need those things on a m1.tiny instance running on AWS?

Even purging LXD on a host causes stuff to be left behind:

Removing lxc-templates (2.0.0~rc12-0ubuntu1) ...
Removing ubuntu-server (1.350) ...
Removing lxd (2.0.0~rc5-0ubuntu1) ...
Warning: Stopping lxd.service, but it can still be activated by:
  lxd.socket
Purging configuration files for lxd (2.0.0~rc5-0ubuntu1) ...
Failed to stop lxd.service: Unit lxd.service not loaded.
dpkg: warning: while removing lxd, directory '/var/lib/lxd' not empty so not removed
Removing lxc (2.0.0~rc12-0ubuntu1) ...
Removing lxc1 (2.0.0~rc12-0ubuntu1) ...
Removing lxc dnsmasq configuration
Purging configuration files for lxc1 (2.0.0~rc12-0ubuntu1) ...
dpkg: warning: while removing lxc1, directory '/etc/lxc' not empty so not removed

Note that LXD as of yesterday does not depend on lxc anymore and also does not start the bridge (so no dnsmasq or iptables) until you start interacting with lxd.

I would suggest this be given better consideration, beyond that of "opinion", as it is currently impossible to use Ubuntu on a minimal server. A "minimal" build is now running services that are unwanted, unexpected, and are creating risk to the enduser. Even though the development of lxd is something I'm excited for and I use lxc just about everyday I have workloads I do not want container services on and this decision is going to force myself and everyone else to perform addition post kick steps to actually deploy a minimal baremetal server. I'd agree with Tom's suggestion to add a menu item in the install process to select container services making it an optional install, it could even be selected by default, but I definitely don't think it should be forced upon the end-user.

I agree with both Tom and lightraven24, in that adding in packages that are not asked for becomes overkill when your "container" is effectively an amazon instance. Having the ability to create a truely "minimal" build of ubuntu in order to run on a cloud service provider is important to reduce possible attack vectors by having in additional software you never asked for in the first place. I think a menu option for "container services" that installs all necessary lxd related dependencies would be ideal so at least the user could choose if they want to include that. Asking users to specifically go and uninstall a bunch of services after deploy seems like a poor user experience.

I'd also like to suggest this be reconsidered. Minimal should mean minimal.

As xenial is close in being released this is probably going to stay in Which is unfortunate, because we really don't need the containers when already virtualized, eg. Amazon, DigitalOcean or even in homelabs proxmox.

What's even more annoying is that this is not the only package that now gets installed by default.

LXC/LXD should be removed! The default server installation doesn't even install ssh by default and LXC/LXD is certainly not the de-facto choice of admins to use for a virtualization platform. It should not be foisted upon users.

This also affects upgraded 16.04 as the dependency is in ubuntu-server. This dependency should be removed.

Also, git should be removed from ubuntu-server. Not every server user needs a version control system in their production environment

If this "selection" of packages is what Ubuntu is calling Server now, what should we use instead for a BASE server install? As fuqqer-r pointed out. SSH isn't installed by default, WTF is LDX, git, iscsi, account-services, and who knows whatelse being installed by default for?

Given 16.04 is already released, that means at BEST, we have to put up with this behavior for 2 years if we stick with Ubuntu Server. Seriously... who thought this was a good idea?

Honestly? I'm running (or trying to) Ubuntu server off of Raspberry Pis. I don't need or want LXD. At least provide another task (minimal-server) or something that we can use that pulls only in what is truly needed. Right now the only choice I have is to try and figure out for each package that lists itself as belonging on server whether it is needed and then to manually install it and to review this selection every couple of months in case another important one comes along.

Dustin, this is assigned to you. Are you actually working on this?

About 9 months passed and no one at ubuntu really cares about this topic.

In my opinion, the ubuntu-server's dependency should be reconsidered. Many packages should not be included. Such as:

* open-iscsi
* open-vm-tools
* git
* lxd

I really dont know why these packages listed in ubuntu-server and openssh-server not.

This is a more complex issue; it's not just about LXD, but the general story for installing "minimal" installs.

The fact that openssh-server was not installed as part of the ubuntu-server is a separate bug we've covered in a different bug report.

Currently, desktops allow picking a "full" install or "minimal" installation. You also somewhat have that option for the d-i mini.iso; but IIRC not really on the new Subiquity installer.

I think this needs to be a larger question than just for LXD; and will need addressing elsewhere than in ubuntu-meta in any case. Reassigning to debian-cd (where we have the grub menus and more magic for selecting "minimal" install).

Sorry for the strong word, but I REALLY had a bad time upgrading the server.

During upgrade from 18.04 (ubuntu-18.04.3-server-amd64.iso) to 19.10 I encountered 'lxd-client' update issue. I did not install that package, and was not even aware it is installed. Please reconsider including it by default. Failed upgrade and related consequences due to unwanted package is a frustrating experience.

Yeah I'm pretty annoyed that newer versions of Ubuntu Server by default install LXD. I don't use it at all and don't even select any packages during installation to trigger its inclusion by default. I'm now observing boot times negatively impacted just because the lxd snap is installed, and I'm removing it from every single Ubuntu Server I have as I go now, as the added boot delay is just unwarranted.

I really don't see a worthwhile justification for lxd to be installed by default when nothing is selected in the regular Ubuntu Server installation (22.04 or otherwise).

C'mon canonical, turn that off by default.