Lxc move container changes Hostid and Maprange on new server?

jono · March 13, 2023, 3:44am

Hi All,

We’ve had a problem when we moved a container from one host in a cluster to another, when starting the container on the new host in the cluster it says “Mapping container” which was unexpected, checking the nfs shares yielded nobody:nogroup.

Checking more the settings changed from:

volatile.idmap.current: ‘[{“Isuid”:true,“Isgid”:false,“Hostid”:100000,“Nsid”:0,“Maprange”:65536},{“Isuid”:false,“Isgid”:true,“Hostid”:100000,“Nsid”:0,“Maprange”:65536}]’

to:

volatile.idmap.next: ‘[{“Isuid”:true,“Isgid”:false,“Hostid”:1000000,“Nsid”:0,“Maprange”:1000000000},{“Isuid”:false,“Isgid”:true,“Hostid”:1000000,“Nsid”:0,“Maprange”:1000000000}]’

Why was it changed, we had to do the following, shut down the container then ran:

/snap/bin/lxc config set container volatile.idmap.next=’[{“Isuid”:true,“Isgid”:false,“Hostid”:100000,“Nsid”:0,“Maprange”:65536},{“Isuid”:false,“Isgid”:true,“Hostid”:100000,“Nsid”:0,“Maprange”:65536}]’

Started it, and then nfs uid+gid was good.

Just curious and trying to understand why it behaves this way? Surely it should copy the existing container config across to the new vm?

Cheers
Jonathan

jono · March 14, 2023, 12:16am

bump

stgraber · March 14, 2023, 12:20am

Your source server was configured with a max range of 65k starting at 100000, the target server is configured with a max range of 1b with a start range of 1M, LXD has corrected the map during migration to align with what’s configured on the target.

jono · March 14, 2023, 2:37am

Hi Stéphane,

Where is this max range configured? I checked /etc/subuid and /etc/subgid
and it was the same on both servers, is that setting in LXD itself?

Thanks for the info.

stgraber · March 14, 2023, 2:41am

Your source server is most likely using a distro packaged version of LXD whereas the target is using the snap.

jono · March 14, 2023, 2:47am

Nope both Ubuntu 20.04 (Source VERSION=“20.04.2 LTS (Focal Fossa)”) (Destination VERSION=“20.04.5 LTS (Focal Fossa)”. 20.04.2 the container on the source was created about a year ago, we created the destination about a week ago and then joined it to the cluster, then moved the container.

Both on lxd 5.11-ad0b61e 24483, I found it really weird when moving it that the id’s changed. the source was never on the deb version at all.

jono · March 14, 2023, 2:49am

Maybe the source was created with those values, but why did it not copy those ranges when I purely moved the container, that surely is not correct? It should have kept the original values?