[lxc-devel] [PATCH] fix systemd lxc-net vs lxc ordering
Serge Hallyn
serge.hallyn at ubuntu.com
Tue Jun 30 13:45:08 UTC 2015
Quoting Martin Pitt (martin.pitt at ubuntu.com):
> Hey Serge,
Hi Martin,
thanks for your reply - short version, it's solved with your help,
thanks!
> Serge Hallyn [2015-06-29 16:40 +0000]:
> > The lxc init job must not start until lxc networking has been
> > setup. This requires lxc-net to have complete, not just
> > started. To that end,
> >
> > 1. lxc-net now does its work in ExecPreStart rather than
> > ExecStart
>
> lxc-net starts a long-running process "dnsmasq", so this is wrong.
> ExecStartPre= must not start long-running processes, only ExecStart=
Yeah, I eventually found that out :)
> can. Also, this unit is "Type=oneshot", so this change does not even
> make a difference -- *All* ExecStart*= commands have to finish before
> the unit is considered "started".
>
> > 2. lxc now specifies lxc-net in After, not Wants. So if lxc-net
> > fails, lxc won't start and try to autostart containers. (If you
> > want lxc-net to do nothing, setting USE_LXC_BRIDGE="false" in
> > /etc/default/lxc is the way to do that, but lxc-net should still
> > run successfully.)
>
> The missing "After=" was indeed a bug, and adding it will make lxc
> wait for lxc-net to finish first, which is what you want. Wrt. the
> Wants=, we should decide how we want lxc-net.service to get started.
> Right now it has an
>
> [Install]
> WantedBy=multi-user.target
>
> I. e. it always gets started on boot independently of lxc.service. I.
Ah!. I thought After= was an alternative to Wants=. I see that's not
the case.
> e. even if you disable the latter. But if you disable lxc-net, so that
> /etc/systemd/system/multi-user.target.wants/lxc-net.service goes away,
> it will still get started if you start "lxc-net". That sounds like a
> reasonable behaviour, thus I suggest keeping the Wants= too.
>
> So as a result..
>
> > --- a/config/init/systemd/lxc-net.service.in
> > +++ b/config/init/systemd/lxc-net.service.in
> > @@ -6,7 +6,7 @@ Before=lxc.service
> > [Service]
> > Type=oneshot
> > RemainAfterExit=yes
> > -ExecStart=@LIBEXECDIR@/lxc/lxc-net start
> > +ExecStartPre=@LIBEXECDIR@/lxc/lxc-net start
> > ExecStop=@LIBEXECDIR@/lxc/lxc-net stop
>
> Drop this hunk, it's wrong.
>
> > [Install]
>
> Drop the [Install] section if you only want to start lxc-net when lxc
> is started. (I don't have a recommendation whether that's conceptually
> cleaner or whether lxc-net is beneficial even without lxc).
>
> > diff --git a/config/init/systemd/lxc.service.in b/config/init/systemd/lxc.service.in
> > index a256141..7d191dc 100644
> > --- a/config/init/systemd/lxc.service.in
> > +++ b/config/init/systemd/lxc.service.in
> > @@ -1,7 +1,6 @@
> > [Unit]
> > Description=LXC Container Initialization and Autoboot Code
> > -After=syslog.target network.target
> > -Wants=lxc-net.service
> > +After=syslog.target network.target lxc-net.service
>
> The After= is right. Dropping the Wants= is wrong IMHO.
Indeed - I tested this by adding a 20s sleep to lxc-net and some echos
to the starts of the scripts, and this does do exactly what we want.
I'll send a new patch - thanks.
-serge
More information about the lxc-devel
mailing list