Fedora - stuck building snap, cannot start instance

b0wter · May 17, 2023, 1:10pm

I wanted to update an old application of mine that was using an outdated core. The last time I worked with snapcraft I was on Ubuntu. Currently I am using Fedora. I’ve installed snapd and can use snaps just fine.

However, I wanted to update my application to use core22 so I’ve changed my snacraft.yml accordingly and tried to build a snap. LXD gets installed on the first run, fails because my user is not yet a part of the lxd group so I add my used to the lxd group and try to run snapcraft again but I am now getting stuck in the launching instance ... part. I’ve tried running the same with SELinux disabled but nothing changed.

I’ve checked the execution log but have no idea what to do. I’ve tried multiple times and waited more than 5 minutes but nothing happened so I cancelled via ctrl + c. I had trouble formatting the output properly so I’ve put it up on pastebin: Link

does anyone have any advice for me?

mr_cal · May 17, 2023, 1:13pm

It looks like it’s getting stuck on the call lxc --project snapcraft launch craft-com.ubuntu.cloud-buildd:core22 local:snapcraft-fbrary-on-amd64-for-amd64-140034 --config security.syscalls.intercept.mknod=true

What happens if you run that on the command line? Does it work?

b0wter · May 17, 2023, 1:22pm

That gives me:

Creating snapcraft-fbrary-on-amd64-for-amd64-140034
Error: Failed instance creation: Failed creating instance record: Add instance info to the database: This "instances" entry already exists

I am not familiar with lxd but I tried lxc list and get an empty list. Shouldn’t there be something that “instances” collides with? I’ve also tried:

# snapcraft --use-lxd --verbosity=debug

(saw that in another post) I am not sure if that takes quite some time but I repeatedly get the same line:

2023-05-17 15:17:57.719 Executing in container: lxc --project snapcraft exec local:snapcraft-fbrary-on-amd64-for-amd64-140034 -- env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io

ctlcltd · May 17, 2023, 1:37pm

I’m new to snap. I see these lines 20,24 in the log:

  20   │ 2023-05-17 14:52:41.031 Instance 'snapcraft-fbrary-on-amd64-for-amd64-140034' does not exist.
  24   │ 2023-05-17 14:52:41.081 Base instance 'base-instance-snapcraft-buildd-base-v00--a12c0d0071c13c372948' does not exist.

Instance does not exists. Hope this helps

mr_cal · May 17, 2023, 1:58pm

I am not familiar with lxd but I tried lxc list and get an empty list. Shouldn’t there be something that “instances” collides with?

Snapcraft uses projects, so try lxc --project snapcraft list or lxc list --all-projects.

But it looks like the container did launch successfully, so this is not the right direction of troubleshooting.

I am not sure if that takes quite some time but I repeatedly get the same line:

2023-05-17 15:17:57.719 Executing in container: lxc --project snapcraft exec local:snapcraft-fbrary-on-amd64-for-amd64-140034 -- env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin SNAPCRAFT_MANAGED_MODE=1 getent hosts snapcraft.io

Ah ha! Now this is another bug. This is an issue with the LXD container having a network connectivity problem. Often, Docker is the culprit (although there may be something else with LXD + Fedora, I’m not sure). Here’s a post I made a few weeks ago for someone experiencing the same problem:

If Docker is installed on your host, it may be causing the network connectivity issues. See these links for more information from craft-providers, lxd, and docker.

We have two issues in the craft-providers library to improve this user experience. One for detecting Docker-related network conflicts and another for adding a time-out to the container setup.

b0wter · May 17, 2023, 2:33pm

Thanks for the additional info. There is indeed a problem with the networking. I’ve tried:

$ lxc launch ubuntu:22.04 u1
$ lxc shell u1

# ping google.de
ping: google.de: Temporary failure in name resolution

Now I just need to figure out why. I am not running docker but podman. Maybe the problem is the same…

I don’t think podman is the culprit. I seems to leave iptables untouched:

❯ sudo iptables --list                                                                                                                                                                                                                                                                                                 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

mr_cal · May 17, 2023, 5:29pm

Ah, podman. Please keep me updated if you find a solution, I’m interested in improving the user experience for networking issues concerning snapcraft + LXD.

b0wter · May 20, 2023, 8:02pm

I was able to fix my problem (at least the connectivity part) by permanently adding the lxd network interface (lxdbr0) to the trusted zone in firewalld:

# sudo firewall-cmd --zone=trusted --change-interface=lxdbr0 --permanent

Don’t forget to reload the rules:

# sudo firewall-cmd --reload

Containers should now be able to access the internet.