Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

network-online.target is inactive breaking many dependent services #1855

Open
hpaluch opened this issue Dec 27, 2024 · 4 comments
Open

network-online.target is inactive breaking many dependent services #1855

hpaluch opened this issue Dec 27, 2024 · 4 comments
Labels
kind/bug

Comments

@hpaluch
Copy link

hpaluch commented Dec 27, 2024

Describe the bug

While trying sample WordPress project from https://github.com/major/quadlets-wordpress I found that systemctl --user ... tasks were stuck because there is service podman-user-wait-network-online.service waiting for systemctl is-active network-online.target (see containers/podman#24796 (comment)).

But on FCOS network-online.target never becomes online - which breaks all dependent services and is bug.

Reproduction steps

  1. install latest stable FCOS, tested fedora-coreos-41.20241122.3.0-live.x86_64.iso, inside is OSTREE_VERSION='41.20241122.3.0' using any kind of Ignition - trivial one with just SSH key is OK
  2. Run systemctl is-active network-online.target
  3. It will produce: inactive

Expected behavior

Command systemctl is-active network-online.target should produce active

Actual behavior

But systemctl is-active network-online.target produces inactive instead.

System details

Here are more details:

rpm-ostree status
State: idle
AutomaticUpdatesDriver: Zincati
  DriverState: active; periodically polling for updates (last checked Fri 2024-12-27 07:28:28 UTC)
Deployments:
● fedora:fedora/x86_64/coreos/stable
                  Version: 41.20241122.3.0 (2024-12-16T21:04:43Z)
                   Commit: c81a94e71f7bbb4a7eaf1aa2162183d1c63fda4e5b7fb8a3054f42ff9607d8a1
             GPGSignature: Valid signature by 466CF2D8B60BC3057AA9453ED0622462E99D6AD1

  fedora:fedora/x86_64/coreos/stable
                  Version: 41.20241122.3.0 (2024-12-16T21:04:43Z)
                   Commit: c81a94e71f7bbb4a7eaf1aa2162183d1c63fda4e5b7fb8a3054f42ff9607d8a1
             GPGSignature: Valid signature by 466CF2D8B60BC3057AA9453ED0622462E99D6AD1

Butane or Ignition config

variant: fcos
version: 1.5.0
passwd:
  users:
    - name: core
      ssh_authorized_keys:
        - 'ssh-ed25519 ...'

Additional information

Workaround: enable iscsi service:

$ sudo systemctl enable --now iscsi
$ systemctl is-active network-online.target

active

I found failing service using (from containers/podman#24796 (comment)):

$ systemctl list-dependencies --reverse  network-online.target

network-online.target
○ ├─docker.service
○ ├─fwupd-refresh.service
○ └─iscsi.service

And evaluating systemctl status ... for each service in tree.

So there are 2 possible solutions:

  1. Enable iscsi.service as default
  2. or remove hard-dependency on iscsi.service from network-online.target
@hpaluch
Copy link
Author

hpaluch commented Dec 27, 2024

Looking at related issues I'm not sure if it is podman bug or network-online.target bug. User level service
is

$ systemctl --user status
● localhost.localdomain
    State: starting
    Units: 137 loaded (incl. loaded aliases)
     Jobs: 8 queued
   Failed: 0 units
    Since: Fri 2024-12-27 08:50:33 UTC; 1min 1s ago
  systemd: 256.8-1.fc41
  Tainted: unmerged-bin
   CGroup: /user.slice/user-1000.slice/[email protected]
           ├─app.slice
           │ └─podman-user-wait-network-online.service
           │   ├─1512 sh -c "until systemctl is-active network-online.target; do sleep 0.5; done"
           │   └─1888 sleep 0.5
           └─init.scope
             ├─1475 /usr/lib/systemd/systemd --user
             └─1484 "(sd-pam)"

And file/package is:

$ rpm -qf /usr/lib/systemd/user/podman-user-wait-network-online.service 
podman-5.3.0-1.fc41.x86_64

@jbtrystram
Copy link
Contributor

That's weird, I have been ordering my quadlets on network-online.target for a while on my FCOS host without issues.
But not user-level ones.
Can you try with a dummy service (without podman being involved) ?

@hpaluch
Copy link
Author

hpaluch commented Dec 27, 2024

That's weird, I have been ordering my quadlets on network-online.target for a while on my FCOS host without issues. But not user-level ones. Can you try with a dummy service (without podman being involved) ?

This problem affects non-root containers only - because faulty /usr/lib/systemd/user/podman-user-wait-network-online.service is invoked for non-root containers only.

Root (privileged) containers are not affected by this bug.

@jlebon
Copy link
Member

jlebon commented Jan 23, 2025

In general, network-online.target is not enabled by default. It must be pulled in by whatever unit wants it, and there are no units in FCOS that are enabled by default that do pull it in. So this sounds more like a podman bug as described in the issue you linked.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hpaluch @jlebon @jbtrystram