nftables operations do not work on Ubuntu 20.04

Question

nftables operations do not work on Ubuntu 20.04

odesenfans opened this issue a year ago · comments

Node operators report an issue where CRNs running on Ubuntu 20.04 fail to pass diagnostic checks. It turns out that these nodes are unable to run VMs entirely.

A known solution is to upgrade to Ubuntu 22.04.

Jun 28 14:30:45 ns3029942 python3[1358923]: 2023-06-28 14:30:45,301 | ERROR | Error handling request
Jun 28 14:30:45 ns3029942 python3[1358923]: Traceback (most recent call last):
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/usr/lib/python3/dist-packages/aiohttp/web_protocol.py", line 418, in start
Jun 28 14:30:45 ns3029942 python3[1358923]: resp = await task
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/usr/lib/python3/dist-packages/aiohttp/web_app.py", line 458, in _handle
Jun 28 14:30:45 ns3029942 python3[1358923]: resp = await handler(request)
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/usr/lib/python3/dist-packages/aiohttp/web_middlewares.py", line 119, in impl
Jun 28 14:30:45 ns3029942 python3[1358923]: return await handler(request)
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/opt/aleph-vm/vm_supervisor/supervisor.py", line 41, in server_version_middleware
Jun 28 14:30:45 ns3029942 python3[1358923]: resp: web.StreamResponse = await handler(request)
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/usr/lib/python3/dist-packages/aiohttp/web_urldispatcher.py", line 158, in handler_wrapper
Jun 28 14:30:45 ns3029942 python3[1358923]: return await result
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/opt/aleph-vm/vm_supervisor/run.py", line 89, in run_code_on_request
Jun 28 14:30:45 ns3029942 python3[1358923]: execution = await create_vm_execution(vm_hash=vm_hash)
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/opt/aleph-vm/vm_supervisor/run.py", line 53, in create_vm_execution
Jun 28 14:30:45 ns3029942 python3[1358923]: execution = await pool.create_a_vm(
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/opt/aleph-vm/vm_supervisor/pool.py", line 51, in create_a_vm
Jun 28 14:30:45 ns3029942 python3[1358923]: tap_interface = await self.network.create_tap(vm_id)
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/opt/aleph-vm/vm_supervisor/network/hostnetwork.py", line 63, in create_tap
Jun 28 14:30:45 ns3029942 python3[1358923]: setup_nftables_for_vm(vm_id, interface)
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/opt/aleph-vm/vm_supervisor/network/firewall.py", line 392, in setup_nftables_for_vm
Jun 28 14:30:45 ns3029942 python3[1358923]: add_postrouting_chain(f"{settings.NFTABLES_CHAIN_PREFIX}-vm-nat-{vm_id}")
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/opt/aleph-vm/vm_supervisor/network/firewall.py", line 281, in add_postrouting_chain
Jun 28 14:30:45 ns3029942 python3[1358923]: table = get_table_for_hook("postrouting")
Jun 28 14:30:45 ns3029942 python3[1358923]: File "/opt/aleph-vm/vm_supervisor/network/firewall.py", line 80, in get_table_for_hook
Jun 28 14:30:45 ns3029942 python3[1358923]: table = chains.pop()["chain"]["table"]
Jun 28 14:30:45 ns3029942 python3[1358923]: IndexError: pop from empty list

Full logs

Olivier Desenfans · Answer 1 · Thu Jun 29 2023 15:23:08 GMT+0800 (China Standard Time)

Ubuntu 20.04 is officially deprecated, see here.