While Debian is known for its stability it is also famously known for being behind on new package versions. In most cases, this doesn't hurt a lot and a workaround can be found. But I agree, this causes more work.
In the example of LXC this is a different case. In my eyes, LXC is a key application running very well on Debian and Ubuntu. LXC is actively developed and maintained by Stéphane Graber and Serge Hallyn from, guess it, Ubuntu. So it's not a big surprise that Ubuntu is very very up to date with recent LXC versions.
For most packages Ubuntu just takes the packages from Debian, one by one. When Debian releases a patch for a package it doesn't take long and Ubuntu pushes the same patch into their repos. For LXC this should be the other way around: Debian should apply the patches provided by Ubuntu. But it doesn't happen. Why? I honestly don't know.
I personally know big companies that changed from Debian to Ubuntu only because of the LXC fact (and LTS; long term support - but Debian added this recently, too).
So there's actually no big surprise when I had problems starting a container on Debian Jessie. This container was running fine until I ran "reboot" within the container. The container was then marked as "STOPPED" on the host. A manual start didn't work and failed with the following errors:
root@jessie ~ # lxc-start -n a1 -o /tmp/start.log -l verbose
lxc-start: failed to determine fs type for '/dev/vglxc/a1'
lxc-start: failed to determine fs type for '/dev/dm-5'
lxc-start: failed to mount rootfs
lxc-start: failed to setup rootfs for 'a1'
lxc-start: Error setting up rootfs mount after spawn
lxc-start: failed to setup the container
lxc-start: invalid sequence number 1. expected 2
lxc-start: failed to spawn 'a1'
lxc-start: The container failed to start.
lxc-start: Additional information can be obtained by setting the --logfile and --logpriority options.
I was perfectly able to manually mount the /dev/vglxc/a1 LV (with auto-detected ext4 file system). So I really didn't get why the lxc-start woul fail.
Eventually I came across a mailing list entry from almost a year ago (April 2015). The same problems were reported back then and the solution back then was to upgrade to 1.0.7:
That was a good advice... with 1.0.7 from experimental, everything works like a charm. I can create root owned unprivileged containers with lvm backend and start them without any tweak (no chmod, ...).
The problem in Debian Jessie? It's still running 1.0.6. The last update (as of today March 29th 2016) was on November 2015 (security patches). When we look at the LXC changelog, the last real patch (talking about LXC functionality) was on December 4th 2014 (2014!) when a patch from 1.0.7 was manually added to support systemd. Everyone following LXC (and I do since the end of 2012) knows how many bugfixes are added with every LXC release. Yet Debian stays at 1.0.6.
So I decided to report a bug with "reportbug" but interestingly I came across this output while filling in the reportbug information:
Your version (1:1.0.6-6+deb8u2) of lxc appears to be out of date.
The following newer release(s) are available in the Debian archive:
jessie-backports (backports-new): 1:1.1.5-1~bpo8+1
Do you still want to file a report [y|N|q|?]? N
Newer released version; stopping.
YES! There is a pretty new version (1.1.5) version out in jessie-backports! Right on!
After enabling jessie-backports, I wanted to install the newer LXC package, but:
root@jessie ~ # apt-get -t jessie-backports install lxc
Reading package lists... Done
Building dependency tree
Reading state information... Done
lxc is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 20 not upgraded.
Huh? WTF? I thought there is a newer version in backports?
The thing is that the new version 1.1.5 is as of today March 29th 2016 still pending to be added to backports. So it has not been added to backports and is not installable yet.
I guess I have to wait unless I compile the newer LXC version myself (but then I keep doing this for every patch...).
Interestingly after a reboot of the physical host, the LXC container a1 was started:
root@jessie ~ # reboot
root@jessie ~ # lxc-ls -f
NAME STATE IPV4 IPV6 AUTOSTART
a1 RUNNING 192.168.10.101 - YES
Please Debian. Put some sense into you. Especially with such important and industry-changing applicaitons like LXC. The current version is not correctly working as it's buggy. And that's definitely not stable.
Kudos to Christian Seiler who took the user requests seriously and packaged LXC 1.1.5 into jessie-backports (although it's not released yet).