← Back to team overview

touch-packages team mailing list archive

  1. touch-packages team
  2. Mailing list archive
  3. Message #113486

[Bug 1510108] [NEW] pre-installed lxc in cloud-image means loss of access to 10.0.X.0/24

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Bug 1509414 describes fallout of inclusion of lxc in cloud images.  The initial inclusion caused 2 issues:
 a.) containers created by 'lxc -t ubuntu-cloud' and 'lxd import-images ubuntu wily' had completely broken networking
 b.) all cloud images would have lost access to 10.0.3.0/24 networks.

The fix that went in fixes 'a' above.  By default, containers created
for lxd and lxc will now work as expected.

This bug is opened to address the much less severe 'b'.

Now, on first boot lxc-net selects a network in the 10.0.X.0/24 to give
to the lxcbr0 bridge.  It selects the network by simply looking for the
first available N where there .  That code can be seen prior to fix in
debian/lxc.preinst [1] and after fix in config/init/common/lxc-net.in
[2].  Generally speaking it looks for local ip addresses on the targeted
network.  That code is fairly simplistic.  There are definitely cases
where it can pick a network that would be used by this system.  The
result is that traffic destined for that network will be sent to the
lxcbr0 rather than out of the system to wherever it should go.

The suggested fix would be to make that code run on 'lxc' or 'lxd' usage
rather than on instance boot.  By doing so, we reduce the set of users
possibly affected from all cloud-image users to all users of lxc or lxd.

Note, all users of lxd and lxc have been affected by this bug since at
least 14.04.

--
[1]  https://github.com/lxc/lxc-pkg-ubuntu/blob/dpm-wily/debian/lxc.preinst#L55
[2]  https://github.com/lxc/lxc-pkg-ubuntu/blob/dpm-wily/config/init/common/lxc-net.in

Related bugs:
  * bug  1509414: pre-installed lxc in cloud image produces broken lxc (and later lxd) containers

** Affects: lxc (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: lxc (Ubuntu Wily)
     Importance: Undecided
         Status: New

** Affects: lxc (Ubuntu Xenial)
     Importance: Undecided
         Status: New

** Also affects: lxc (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: lxc (Ubuntu Wily)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1510108

Title:
  pre-installed lxc in cloud-image means loss of access to 10.0.X.0/24

Status in lxc package in Ubuntu:
  New
Status in lxc source package in Wily:
  New
Status in lxc source package in Xenial:
  New

Bug description:
  Bug 1509414 describes fallout of inclusion of lxc in cloud images.  The initial inclusion caused 2 issues:
   a.) containers created by 'lxc -t ubuntu-cloud' and 'lxd import-images ubuntu wily' had completely broken networking
   b.) all cloud images would have lost access to 10.0.3.0/24 networks.

  The fix that went in fixes 'a' above.  By default, containers created
  for lxd and lxc will now work as expected.

  This bug is opened to address the much less severe 'b'.

  Now, on first boot lxc-net selects a network in the 10.0.X.0/24 to
  give to the lxcbr0 bridge.  It selects the network by simply looking
  for the first available N where there .  That code can be seen prior
  to fix in debian/lxc.preinst [1] and after fix in config/init/common
  /lxc-net.in [2].  Generally speaking it looks for local ip addresses
  on the targeted network.  That code is fairly simplistic.  There are
  definitely cases where it can pick a network that would be used by
  this system.  The result is that traffic destined for that network
  will be sent to the lxcbr0 rather than out of the system to wherever
  it should go.

  The suggested fix would be to make that code run on 'lxc' or 'lxd'
  usage rather than on instance boot.  By doing so, we reduce the set of
  users possibly affected from all cloud-image users to all users of lxc
  or lxd.

  Note, all users of lxd and lxc have been affected by this bug since at
  least 14.04.

  --
  [1]  https://github.com/lxc/lxc-pkg-ubuntu/blob/dpm-wily/debian/lxc.preinst#L55
  [2]  https://github.com/lxc/lxc-pkg-ubuntu/blob/dpm-wily/config/init/common/lxc-net.in

  Related bugs:
    * bug  1509414: pre-installed lxc in cloud image produces broken lxc (and later lxd) containers

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1510108/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next