[lxc-devel] [PATCH] ubuntu: Fix regression in post-process
S.Çağlar Onur
caglar at 10ur.org
Wed Dec 4 04:34:43 UTC 2013
Hi,
On Tue, Dec 3, 2013 at 6:53 PM, Stéphane Graber <stgraber at ubuntu.com> wrote:
> On Tue, Dec 03, 2013 at 05:43:47PM -0600, Serge Hallyn wrote:
>> Quoting S.Çağlar Onur (caglar at 10ur.org):
>> > Hey Stéphane,
>> >
>> > On Wed, Nov 27, 2013 at 7:49 PM, Stéphane Graber <stgraber at ubuntu.com> wrote:
>> > > THe recent reorg of lxc-ubuntu introduced some package installation in
>> > > post-process but without first disabling service startup.
>> > >
>> > > As a result, if the cache is a bit out of date and a ssh update is
>> > > available, post-process will apply that update (as it does apt-get
>> > > install ssh vim) which in turn will attemp to start sshd. This will
>> > > either lead to ssh on the host being restarted or if there's no sshd on
>> > > the host, will fail the container creation as the postinst will get an
>> > > error from upstart.
>> > >
>> > > The fix is very simply to add the same policy-rc.d trick when running
>> > > post-process.
>> >
>> > I'm not sure whether this is the desired outcome (I haven't taken a
>> > look at it yet) but it looks like after this change "lxc-create -n t
>> > -t ubuntu" started to take more time (order of couple of minutes) to
>>
>> Can you reproduce this at will - revert the change and it's faster,
>> reapply and it's slower?
>>
>> -serge
>
> Yes, lxc-ubuntu is now slower when creating a container as an extra
> apt-get update run and installation of vim was moved from being done
> when creating the cache to being done at container creation time.
>
> That change was caused by the addition of --packages which allows users
> to specify extra packages that should be available in the container.
>
> I believe at least one problem with that is that ssh is apt-get
> install'ed both at cache creation time and at container creation time.
> In most cases this would be a no-op, but if the cache is outdated, then
> ssh and openssh-server will get upgraded at container creation time,
> creating an extra delay.
>
> I think we should just be dropping ssh from the list of packages
> installed at creation time (since it's already in the original install)
> and I'd be happy to change the behaviour so that vim is always installed
> (as it used to be) and that this extra apt-get update + apt-get install
> run would only happen when extra packages are actually passed on the
> command line.
To be honest that would be my preference otherwise creating containers
in different times will produce different results and it might not be
a good thing depending on how you look :)
I believe we should be accepting the cache as the authoritative state
over what distro provides on its repositories. Users can upgrade their
containers or install/uninstall packages after the initial creation as
they wish (or using this new --packages parameter) or could invalidate
the cache by flushing it.
> --
> Stéphane Graber
> Ubuntu developer
> http://www.ubuntu.com
--
S.Çağlar Onur <caglar at 10ur.org>
More information about the lxc-devel
mailing list