[Bug 1251257] Re: [SRU] avahi fails in containers
Launchpad Bug Tracker
1251257 at bugs.launchpad.net
Thu Nov 21 21:19:40 UTC 2013
** Branch linked: lp:ubuntu/saucy-proposed/avahi
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to avahi in Ubuntu.
https://bugs.launchpad.net/bugs/1251257
Title:
[SRU] avahi fails in containers
Status in MAAS:
Triaged
Status in MAAS 1.4 series:
Triaged
Status in “avahi” package in Ubuntu:
Fix Released
Status in “avahi” source package in Saucy:
Fix Committed
Status in “avahi” source package in Trusty:
Fix Released
Bug description:
installed a brand new maas server on suacy into an lxc container from
archive and http://<ip>/MAAS is not accessible although http://<ip> is
accessible
http://<ip>/MAAS is getting logged to /var/log/apache2/access.log
though so request is making it through
<roaksoax> danwest: can you please pastebin apache2's error and access.log
<danwest> http://paste.ubuntu.com/6405411/
<danwest> http://paste.ubuntu.com/6405412/
<roaksoax> danwest: I know what it is
<roaksoax> danwest: dbus/avahi
<roaksoax> danwest: try to restart whatever avahi service there is
<andreas> "dbus" reminds me of https://bugs.launchpad.net/juju-core/+bug/1248283
<andreas> but that was about the units, not maas itself
<danwest> https://pastebin.canonical.com/100290/
<danwest> same problem
<roaksoax> danwest: yeah the avahi daemon is failing to start, causing maas to fail
<roaksoax> danwest: maybe restart whatever dbus serviice it is, and then the avahi-daemon
<matsubara> danwest, restart dbus and avahi-daemon, see https://bugs.launchpad.net/maas/+bug/1221059
<roaksoax> danwest: did avahi-daemon restart corrrectly?
<danwest> nope
<roaksoax> danwest: i guess then an issue with dbus is preventing avahi from working... hence maas failing
<danwest> roaksoax: should not matter but the only thing that is a little unique is that this is in a saucy container
<roaksoax> danwest: ah so then thats the issue...
<danwest> what, the container?
<roaksoax> yeah
<danwest> how so?
<roaksoax> avahi might have issues running in a container
<danwest> hallyn: roaksoax: what should I file that lxc/avahi /maas bug that I hit this morning against?
<hallyn> danwest: i think maas should work around it by unsetting rlimit-nproc
<hallyn> (and/or by running on trusty in a private user ns
<hallyn> smoser: fwiw the problem is that avahi sets its nproc rlimit to exaclty 3, but in a container it's using a uid that is in use on the host - so it exceeds 3 tasks
<hallyn> (i.e. it's reusing uid which is ntp on the host, and ntp is running; or just another avahi)
<smoser> ok...
<smoser> so that doesn't seem like maas's problem to me
<smoser> nor juju's really.
<hallyn> smoser: it is. it needs to pick a unique uid, or configure avahi to ignore the rlimit
<smoser> maas isn't running avahi
<smoser> is it ?
<hallyn> i duno what's actually running it :) it's *for* maas, but it probably is juju
<smoser> what if there was a bug in php, and a user used maas to deploy php.
<smoser> should we fix that in maas ?
<hallyn> you're talking about a bug. i'm talking about a resource conflict
<hallyn> having avahi alwasy run without nprocs, for protection, would be wrong for this.
fix is still up for debate on this one...
[Impact]
Avahi sets the rlimit_nproc to 3, causing avahi to fail running in containers. This This option should not be set in containers at all. This causes avahi-daemon to fail, hence all the applications that use avahi will also fail. In this particular case, MAAS fails because of this.
[Test Case]
1. Install a container.
2. Install MAAS
3. Check apache2 log for errors, such as those in [1].
[Regression Potential]
Minimal. This has been tested and works as expected.
[1]: http://paste.ubuntu.com/6405412/
To manage notifications about this bug go to:
https://bugs.launchpad.net/maas/+bug/1251257/+subscriptions
More information about the foundations-bugs
mailing list