Ubuntu
lxc package

Disable CONFIG_NET_NS (for #720095) breaks LXC

Bug #796993 reported by Trent W. Buck
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
New
Critical
Unassigned
lxc (Ubuntu)
New
Undecided
Unassigned

Bug Description

 affects ubuntu/lxc
 affects ubuntu/linux
 importance critical
 tag regression-updates
 done

Justification: LXC is the *ONLY* lightweight virtualization system
available in Lucid; without it, the next lightest is KVM.

My containers need their own network stacks. After upgrading from
2.6.32-31 to -32, my containers completely failed to start. I believe
this is because you removed CONFIG_NET_NS for #720095. This *may*
even break containers that share host node's network stack, I haven't
checked.

The lxc package includes an "lxc-checkconfig" script you can use to
check the compile-time options of the running kernel.

Revision history for this message
Trent W. Buck (twb) wrote : subscribe sconklin

 subscribe <email address hidden>
 done

I was talking to sconklin in #ubuntu-kernel about this issue and he
asked to be subscribed.

Brad Figg (brad-figg)
tags: added: lucid
Revision history for this message
Steve Conklin (sconklin) wrote :

Here's the text from the commit which removed the option.

------

commit 0bb7b112c68d24e0f783d568fe1c31a7c1dc6c4e
Author: Stefan Bader <email address hidden>
Date: Tue Mar 29 19:26:56 2011 +0200

    UBUNTU: (config) Disable CONFIG_NET_NS

    BugLink: http://bugs.launchpad.net/bugs/720095

    While network namespaces are used for containers, the implementation was
    still experimental in Lucid. Even worse the cleanup of network
    namespaces is very slow. This can cause severe memory issues when an
    application uses them a lot (for example when cloning subprocesses).

    The problem can only be avoided by backporting several upstream patches
    (and without even more changes that will slow down the creation of new
    net namespaces). This cannot really be justified as a stable update.

    So turn the option off in Lucid. Users of containers should be pointed
    to the LTS-backport kernel.

    Signed-off-by: Stefan Bader <email address hidden>
    Acked-by: Brad Figg <email address hidden>
    Signed-off-by: Tim Gardner <email address hidden>

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.