Ubuntu Mirror Charm

Merge ~pjdc/ubuntu-mirror-charm/+git/ubuntu-mirror-charm:skip-network-sysctls-in-lxc into ubuntu-mirror-charm:master

  1. Git
  2. lp:~pjdc/ubuntu-mirror-charm/+git/ubuntu-mirror-charm
  3. skip-network-sysctls-in-lxc
  4. Merge into master
Proposed by Paul Collins
Status: Merged
Approved by: Haw Loeung
Approved revision: 2009d3ce27785dd9232c672c46faaf607994b49c
Merged at revision: 12f1c7d22943796a1e40db80dcd81730f39db99a
Proposed branch: ~pjdc/ubuntu-mirror-charm/+git/ubuntu-mirror-charm:skip-network-sysctls-in-lxc
Merge into: ubuntu-mirror-charm:master
Diff against target: 50 lines (+25/-4)
1 file modified
hooks/hooks.py (+25/-4)
Reviewer Review Type Date Requested Status
Haw Loeung +1 Approve
Canonical IS Reviewers Pending
Review via email: mp+380794@code.launchpad.net

Commit message

skip sysctl keys that break container deployments when in a container

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
Haw Loeung (hloeung) wrote :

LGTM

review: Approve (+1)
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision 12f1c7d22943796a1e40db80dcd81730f39db99a

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/hooks/hooks.py b/hooks/hooks.py
2index eb335cb..8b47b2c 100755
3--- a/hooks/hooks.py
4+++ b/hooks/hooks.py
5@@ -709,20 +709,41 @@ def configure_extra_mirrors():
6 relation_set(r, encoded)
7
8
9+# https://discuss.linuxcontainers.org/t/how-to-detect-lxd-from-inside-container/6042
10+def is_lxc():
11+ if os.getuid() != 0:
12+ raise Exception('is_lxc: cannot detect lxd - not running as root')
13+
14+ if 'container=lxc' in open('/proc/1/environ').read().split('\0'):
15+ return True
16+
17+ return False
18+
19+
20 def configure_sysctl():
21- sysctl_settings = {
22+ # In a container, these keys exist but can't be changed. sysctl
23+ # seems to realize that if setting these fail as root, something
24+ # is beyond our control and exits 0. Only add such keys here.
25+ general_settings = {
26 # We now run with 32k apache_max_clients, fix issue with thread creation
27 # https://publib.boulder.ibm.com/httpserv/ihsdiag/apr_thread_create.html
28 'kernel.pid_max': 65536,
29+ # RT#90964: Kill swap on ubuntu-archive servers
30+ 'vm.swappiness': 0,
31+ }
32+ sysctl.create(yaml.dump(general_settings), '/etc/sysctl.d/90-ubuntu-mirror.conf')
33+
34+ # net.core and net.ipv6.route are empty in containers. sysctl
35+ # exits 255 for nonexistent keys, so don't even bother trying.
36+ non_container_settings = {
37 # RT#102466: BBR congestion control
38 'net.core.default_qdisc': 'fq',
39 'net.ipv4.tcp_congestion_control': 'bbr',
40 # RT#68166: Tune kernel for larger number of IPv6 users
41 'net.ipv6.route.max_size': 16384,
42- # RT#90964: Kill swap on ubuntu-archive servers
43- 'vm.swappiness': 0,
44 }
45- sysctl.create(yaml.dump(sysctl_settings), '/etc/sysctl.d/90-ubuntu-mirror.conf')
46+ if not is_lxc():
47+ sysctl.create(yaml.dump(non_container_settings), '/etc/sysctl.d/90-ubuntu-mirror-non-container.conf')
48
49
50 def configure_user():

Subscribers

People subscribed via source and target branches