[lxc-devel] [PATCH] ubuntu: Fix regression in post-process

Stéphane Graber stgraber at ubuntu.com
Tue Dec 3 23:53:15 UTC 2013


On Tue, Dec 03, 2013 at 05:43:47PM -0600, Serge Hallyn wrote:
> Quoting S.Çağlar Onur (caglar at 10ur.org):
> > Hey Stéphane,
> > 
> > On Wed, Nov 27, 2013 at 7:49 PM, Stéphane Graber <stgraber at ubuntu.com> wrote:
> > > THe recent reorg of lxc-ubuntu introduced some package installation in
> > > post-process but without first disabling service startup.
> > >
> > > As a result, if the cache is a bit out of date and a ssh update is
> > > available, post-process will apply that update (as it does apt-get
> > > install ssh vim) which in turn will attemp to start sshd. This will
> > > either lead to ssh on the host being restarted or if there's no sshd on
> > > the host, will fail the container creation as the postinst will get an
> > > error from upstart.
> > >
> > > The fix is very simply to add the same policy-rc.d trick when running
> > > post-process.
> > 
> > I'm not sure whether this is the desired outcome (I haven't taken a
> > look at it yet) but it looks like after this change "lxc-create -n t
> > -t ubuntu" started to take more time (order of couple of minutes) to
> 
> Can you reproduce this at will - revert the change and it's faster,
> reapply and it's slower?
> 
> -serge

Yes, lxc-ubuntu is now slower when creating a container as an extra
apt-get update run and installation of vim was moved from being done
when creating the cache to being done at container creation time.

That change was caused by the addition of --packages which allows users
to specify extra packages that should be available in the container.

I believe at least one problem with that is that ssh is apt-get
install'ed both at cache creation time and at container creation time.
In most cases this would be a no-op, but if the cache is outdated, then
ssh and openssh-server will get upgraded at container creation time,
creating an extra delay.

I think we should just be dropping ssh from the list of packages
installed at creation time (since it's already in the original install)
and I'd be happy to change the behaviour so that vim is always installed
(as it used to be) and that this extra apt-get update + apt-get install
run would only happen when extra packages are actually passed on the
command line.

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20131203/72a6092b/attachment.pgp>


More information about the lxc-devel mailing list