libnginx-mod-http-lua 0.10.11 not compatible with NGINX 1.18/1.17

Bug #1893753 reported by Soenke
56
This bug affects 8 people
Affects Status Importance Assigned to Milestone
nginx (Ubuntu)
Fix Released
High
Unassigned
Focal
Incomplete
Undecided
Unassigned
Groovy
Won't Fix
Undecided
Unassigned

Bug Description

Ubuntu Release:
Description: Ubuntu 20.04.1 LTS
Release: 20.04

libnginx-mod-http-lua 0.10.11 is distributed with current nginx versions 1.17/1.18 on Ubuntu 20.04.
This version was just tested with nginx 1.13 [1] and does not seem to work with the distributed nginx versions [2] [3]. The current version at least claims to be tested with nginx 1.17 [4].

[1] https://github.com/openresty/lua-nginx-module/tree/v0.10.11#nginx-compatibility
[2] https://github.com/openresty/lua-nginx-module/issues/1714
[3] https://github.com/knyar/nginx-lua-prometheus/issues/105#issuecomment-683458757
[4] https://github.com/openresty/lua-nginx-module/tree/v0.10.17#nginx-compatibility

Related branches

Soenke (me-ngeefk4xay8)
summary: - libnginx-mod-http-lua 0.10.11 not tested with NGINX 1.18/1.17
+ libnginx-mod-http-lua 0.10.11 not compatible with NGINX 1.18/1.17
description: updated
Revision history for this message
Rafael David Tinoco (rafaeldtinoco) wrote :

I'm flagging this as server-next so it gets our attention for Groovy. This could mean likely a FFe (Feature Freeze Exception) for Groovy as the fix is updating libnginx-mod-http-lua to a new version (debian/modules)). With that said, this would also be an exception for SRUing to Focal (thus the tag server-triage-discuss).

Changed in nginx (Ubuntu):
status: New → Triaged
tags: added: server-next
Changed in nginx (Ubuntu):
importance: Undecided → High
tags: added: server-triage-discuss
Revision history for this message
Anton Tolchanov (knyar) wrote :

Because of this issue libnginx-mod-http-lua is completely broken in several versions of Ubuntu.

Upgrading lua-nginx-module to 0.10.15 fixes the issue, and I have suggested two patches that would make libnginx-mod-http-lua usable again:
- hirsuite: https://code.launchpad.net/~knyar/ubuntu/+source/nginx/+git/nginx/+merge/393789
- focal: https://code.launchpad.net/~knyar/ubuntu/+source/nginx/+git/nginx/+merge/393790

Note that the latest version of lua-nginx-module is 0.10.19, however upgrading to it is more tricky than upgrading to 0.10.15. Beginning at version 0.10.16, lua-nginx-module requires the lua-resty-core library (https://github.com/openresty/lua-resty-core) to be available, and I have not been able to find it packaged in Ubuntu. There are several options on how to package that lua library (either as a separate Ubuntu package, or together with libnginx-mod-http-lua), which is probably something that Ubuntu nginx maintainers should decide.

Thomas Ward (teward)
Changed in nginx (Ubuntu):
assignee: nobody → Thomas Ward (teward)
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Hi Thomas,

In the source I still see debian/modules/control:
 23 Module: http-lua
 24 Homepage: https://github.com/openresty/lua-nginx-module
 25 Version: 0.10.13
 26 Patch:
 27 openssl-1.1.0.patch
 28 discover-luajit-2.1.patch
 29 Files-Excluded: .gitignore .gitattributes .travis.yml .github

Since the request was to bump to 0.10.15 I wanted to ask if there are there any updates planned/prepared for Hirsute?

Revision history for this message
Thomas Ward (teward) wrote :

Christian:

This comes with a second caveat: it requires https://github.com/openresty/lua-resty-core to be packaged in the package as well now. If the Lua module cannot operate without OpenResty's core functions, then this is something I would like Debian to review and consider - I don't have the cycles at the moment to handle this due to January 2021 tasks at $FullTimePaidJob right now.

Changed in nginx (Ubuntu):
assignee: Thomas Ward (teward) → nobody
Robie Basak (racb)
tags: removed: server-triage-discuss
Revision history for this message
Anton Tolchanov (knyar) wrote :

Thomas, I believe lua-resty-core is required by lua-nginx-module 0.10.16 or later. The patches I proposed for hirsuite and focal in my previous comment upgrade the module to 0.10.15 which is the latest version that does *not* require lua-resty-core, but is fresh enough to work with the packaged version of NGINX (unlike the currently shipped 0.10.11).

While we wait for a longer term plan with respect to lua-resty-core, is there any reason not to upgrade to 0.10.15 to fix what seems completely broken now?

Revision history for this message
Thomas Ward (teward) wrote : Re: [Bug 1893753] Re: libnginx-mod-http-lua 0.10.11 not compatible with NGINX 1.18/1.17

We are discussing this at the server team level for best approach to this, but as it is the weekend you need some patience because the Server Team is usually not available to discuss this type of thing on the weekends.  ;)

-------- Original Message --------
From: Anton Tolchanov <email address hidden>
Sent: Sat Jan 30 12:23:19 EST 2021
To: <email address hidden>
Subject: [Bug 1893753] Re: libnginx-mod-http-lua 0.10.11 not compatible with NGINX 1.18/1.17

Thomas, I believe lua-resty-core is required by lua-nginx-module 0.10.16
or later. The patches I proposed for hirsuite and focal in my previous
comment upgrade the module to 0.10.15 which is the latest version that
does *not* require lua-resty-core, but is fresh enough to work with the
packaged version of NGINX (unlike the currently shipped 0.10.11).

While we wait for a longer term plan with respect to lua-resty-core, is
there any reason not to upgrade to 0.10.15 to fix what seems completely
broken now?

--
You received this bug notification because you are subscribed to nginx
in Ubuntu.
Matching subscriptions: nginx
https://bugs.launchpad.net/bugs/1893753

Title:
  libnginx-mod-http-lua 0.10.11 not compatible with NGINX 1.18/1.17

Status in nginx package in Ubuntu:
  Triaged

Bug description:
  Ubuntu Release:
  Description: Ubuntu 20.04.1 LTS
  Release: 20.04

  libnginx-mod-http-lua 0.10.11 is distributed with current nginx versions 1.17/1.18 on Ubuntu 20.04.
  This version was just tested with nginx 1.13 [1] and does not seem to work with the distributed nginx versions [2] [3]. The current version at least claims to be tested with nginx 1.17 [4].

  [1] https://github.com/openresty/lua-nginx-module/tree/v0.10.11#nginx-compatibility
  [2] https://github.com/openresty/lua-nginx-module/issues/1714
  [3] https://github.com/knyar/nginx-lua-prometheus/issues/105#issuecomment-683458757
  [4] https://github.com/openresty/lua-nginx-module/tree/v0.10.17#nginx-compatibility

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1893753/+subscriptions

Launchpad-Notification-Type: bug
Launchpad-Bug: distribution=ubuntu; sourcepackage=nginx; component=main; status=Triaged; importance=High; assignee=None;
Launchpad-Bug-Tags: server-next
Launchpad-Bug-Information-Type: Public
Launchpad-Bug-Private: no
Launchpad-Bug-Security-Vulnerability: no
Launchpad-Bug-Commenters: knyar me-ngeefk4xay8 paelzer rafaeldtinoco teward
Launchpad-Bug-Reporter: Sönke Huster (me-ngeefk4xay8)
Launchpad-Bug-Modifier: Anton Tolchanov (knyar)
Launchpad-Message-Rationale: Subscriber (nginx in Ubuntu)
Launchpad-Message-For: teward
Launchpad-Subscription: nginx

Revision history for this message
Robie Basak (racb) wrote :

> While we wait for a longer term plan with respect to lua-resty-core, is there any reason not to upgrade to 0.10.15 to fix what seems completely broken now?

I think we need to separate discussion of what to do in Focal and Groovy vs. what to do for Hirsute and future Ubuntu releases.

For future releases, I think we're going to end up dropping the libnginx-mod-http-lua package because I understand that the newer versions require lua-resty-core and this is not packaged in Debian or Ubuntu.

For Focal and Groovy, we can fix the package in the normal way, subject to the normal policy. See https://wiki.ubuntu.com/StableReleaseUpdates for details.

However, in Focal and Groovy, the libnginx-mod-http-lua is in universe, and depends on community support. I therefore don't expect it to be prioritised by the Ubuntu Server Team. If you need this package fixed and can volunteer to provide the necessary fix in line with Ubuntu policy and drive it through Ubuntu's QA process, then we'd welcome your help. Please see the above link for details on what to do.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

As outlined by Thomas this was totally broken, so going forward it was removed from nginx to avoid the trouble. Not sure if there is a better option for the older releases, but I'm tagging the tasks here accordingly to reflect what
https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu5
https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu8
changed.

Changed in nginx (Ubuntu):
status: Triaged → Fix Released
Changed in nginx (Ubuntu Focal):
status: New → Triaged
Changed in nginx (Ubuntu Groovy):
status: New → Triaged
Bryce Harrington (bryce)
tags: removed: server-next
Revision history for this message
Viktor (lamalas) wrote :

Hm, interesting fix. Will this mean that all buggy modules will get removed too in the future?
Is there any chance for Anton Tolchanov's change to be merged (or re-created to verify its trustworthy then compared&merged)? Removal of this package caused me a day of headache.
Upgrading it to a newer but not the newest version is better in my opinion than completely removing it.
Also, it was not totally broken, for some use cases it worked fine (my simple use case worked flawlessly).

Revision history for this message
Thomas Ward (teward) wrote :

Viktor:

No, not all buggy modules are going to get removed, especially if there's patches. However, to *fix* the issue with the Lua module, and because it has **future** requisite dependencies on OpenResty Core, the Lua module was removed.

This also was not removed in *older* releases, it was only removed in Hirsute+.

Revision history for this message
Viktor (lamalas) wrote :

Well, there are patches for this module, it's even linked to this issue: 0.10.15. That version does not introduce any additional dependencies.
Is there a reason why this package has to be on the latest release and why version 0.10.15 can't be used?

Sadly I can't use older releases, as ~2 year old hardware (and some 5+) is too new to be supported by older releases.

Revision history for this message
Brian Murray (brian-murray) wrote :

The Groovy Gorilla has reached end of life, so this bug will not be fixed for that release

Changed in nginx (Ubuntu Groovy):
status: Triaged → Won't Fix
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

IMHO This should not hang in -nimbus indefinitely.
The current http-lua module in Focal is incompatible and broken.
0.10.16 has extra dependencies but (if true what was said above) 0.10.15 might be fine.

I have another similar story (bug 1874831) that I put to potential SRU status and I'd want to integrate this one as well to finally resolve or finally give up on it depending on the outcome.

If you could please test the PPA if that works fine and makes http-lua working?
PPA:
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4678/+packages

MP:
https://code.launchpad.net/~paelzer/ubuntu/+source/nginx/+git/nginx/+merge/409830

I'd ask the reporter(s) to try the PPA if that resolves their issues.
Furthermore for an SRU this will need steps to reproduce, I assume that is just install nginx + enable http-lua, but if there is more to it please let me know.

tags: added: server-todo
Changed in nginx (Ubuntu Focal):
assignee: nobody → Christian Ehrhardt  (paelzer)
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

FYI - things were not as easy and build fails block the PPA for now.
I'll let you know once I found some time to resolve that.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Hi,
the interactions between luajit and the lua module were .. not nice. TL;DR we can only enable it on x86 and armhf as things are in Focal. But that would be two more architectures than we have currently working for this. Therefore now - really - could affected people with real use-cases give the build in the PPA [1] a try and report if it works for them?

[1]: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4678

Revision history for this message
Anton Tolchanov (knyar) wrote :

Hey Christian, thanks for the update and for sharing the new packages via PPA. I have installed them on a few Focal machines that have lua module enabled in nginx, and can confirm that the nginx process no longer crashes on startup, and that lua module works fine for my use cases (tracking metrics).

I posted an update to https://github.com/openresty/lua-nginx-module/issues/1714 where this issue was initially reported, perhaps other folks will be able to test the new packages too.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thanks Anton, unfortunately I still have no feedback on the nchan use-case (see bug 1874831) :-/
I'd need both to be checked if the change is reasonable.

And actually for an SRU process [1] I'll need to be able to outline test steps. Best case that would be the steps to configure on a clean system so that it exposes the issue and after the upgrade is applied works.

I tried the following (probably too trivial) and it worked just fine even without the fix.

$ apt install libnginx-mod-http-lua nginx-core
# For lua add in /etc/nginx/sites-enabled/default
        location /lua_content {
            # MIME type determined by default_type:
            default_type 'text/plain';

            content_by_lua_block {
                ngx.say('Hello,world!')
            }
        }
# Restart server
$ sudo systemctl restart nginx
# Access lua content
$ curl http://127.0.0.1/lua_content
Hello,world!

Maybe you can help me to extend that example to show the issue?

[1]: https://wiki.ubuntu.com/StableReleaseUpdates#SRU_Bug_Template

Changed in nginx (Ubuntu Focal):
status: Triaged → Incomplete
Revision history for this message
Christian Ehrhardt  (paelzer) wrote (last edit ):

While still missing an answer to drive this, I can say from my tests that the new build (somewhat expected) complain about the luajit version.

From error.log:
2021/11/15 11:15:45 [alert] 8749#8749: detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)

That might be better than not working at all, but I really need steps to recreate the issue to show that it is useless without this update. And since my test above worked I'm unable to continue otherwise as the SRU team would rightfully reject it.

tags: removed: server-todo
Changed in nginx (Ubuntu Focal):
assignee: Christian Ehrhardt  (paelzer) → nobody
Revision history for this message
Anton Tolchanov (knyar) wrote :

> Maybe you can help me to extend that example to show the issue?

As mentioned in the original bug report for this [1], the easiest way to reproduce the issue is to add an empty `init_worker_by_lua_block` block to the `http` section of the nginx config.

[1] https://github.com/openresty/lua-nginx-module/issues/1714

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.