Incus 6.20 has been released

News
,
1

Introduction

The Incus team is pleased to announce the release of Incus 6.20!

This is the last release of 2025 and a shorter development cycle so we don’t end up releasing right in the middle of the holidays!

image

As usual, you can try it for yourself online: Linux Containers - Incus - Try it online

Enjoy!

New features

QCOW2 formatted volumes on clustered LVM

An annoying limitation of our implementation of LVM cluster was that VM snapshots weren’t working reliably on all LVM versions.

Newer LVM versions introduced an activation mode restriction which would prevent us from using shared locking mode and therefore prevent us from performing live migration.

Back in Incus 6.18 we effectively turned off snapshots on all block volumes running on clustered LVM so we’d have a consistent user experience and avoid issues when users upgrade their operating system to a new major version.

Now we finally have implemented our new solution for snapshots on top of clustered LVM. It uses QCOW2 formatting on the LVs rather than standard raw formatting. This then lets us manually handle the composition of the LVM LVs to make a snapshot chain leading to the correct VM state.

The new format will be automatically used for any new VMs. Existing VMs remain on the raw disk format and so will not support snapshots. It’s possible to convert to QCOW2 by moving the instance to another storage pool and then move it back.

Documentation: LVM - lvm - Incus documentation

Standalone incus cluster join command

This one is motivated by IncusOS where every Incus interaction must be done remotely using the Incus command line or UI. While it was possible for a user to initialize a new cluster remotely using incus cluster enable, joining additional IncusOS servers into that cluster was rather difficult.

To make this as easy as possible, we now have a new incus cluster join command which takes both the existing cluster and the server to be joined as arguments. It will then ask questions similar to incus admin init and lead to the server joining the cluster.

stgraber@castiana:~$ incus cluster join incus01: incus02:
What IP address or DNS name should be used to reach this server? [default=10.244.64.185]:·
What member name should be used to identify this server in the cluster? [default=eb7bbd3f-d385-4a06-919f-d66a7c52b058]: incus02
All existing data is lost when joining a cluster, continue? (yes/no) [default=no] yes
Choose "source" property for storage pool "local": local/incus
Choose "zfs.pool_name" property for storage pool "local": local/incus

stgraber@castiana:~$ incus cluster list incus01:
+---------+----------------------------+------------------+--------------+----------------+-------------+--------+-------------------+
|  NAME   |            URL             |      ROLES       | ARCHITECTURE | FAILURE DOMAIN | DESCRIPTION | STATUS |      MESSAGE      |
+---------+----------------------------+------------------+--------------+----------------+-------------+--------+-------------------+
| incus01 | https://10.244.64.183:8443 | database-leader  | x86_64       | default        |             | ONLINE | Fully operational |
|         |                            | database         |              |                |             |        |                   |
+---------+----------------------------+------------------+--------------+----------------+-------------+--------+-------------------+
| incus02 | https://10.244.64.185:8443 | database-standby | x86_64       | default        |             | ONLINE | Fully operational |
+---------+----------------------------+------------------+--------------+----------------+-------------+--------+-------------------+

stgraber@castiana:~$ incus cluster join incus01: incus03:
What IP address or DNS name should be used to reach this server? [default=10.244.64.60]:·
What member name should be used to identify this server in the cluster? [default=ef50a39f-289d-46c4-989f-9466f8f8ae58]: incus03
All existing data is lost when joining a cluster, continue? (yes/no) [default=no] yes
Choose "source" property for storage pool "local": local/incus
Choose "zfs.pool_name" property for storage pool "local": local/incus

stgraber@castiana:~$ incus cluster list incus01:
+---------+----------------------------+-----------------+--------------+----------------+-------------+--------+-------------------+
|  NAME   |            URL             |      ROLES      | ARCHITECTURE | FAILURE DOMAIN | DESCRIPTION | STATUS |      MESSAGE      |
+---------+----------------------------+-----------------+--------------+----------------+-------------+--------+-------------------+
| incus01 | https://10.244.64.183:8443 | database-leader | x86_64       | default        |             | ONLINE | Fully operational |
|         |                            | database        |              |                |             |        |                   |
+---------+----------------------------+-----------------+--------------+----------------+-------------+--------+-------------------+
| incus02 | https://10.244.64.185:8443 | database        | x86_64       | default        |             | ONLINE | Fully operational |
+---------+----------------------------+-----------------+--------------+----------------+-------------+--------+-------------------+
| incus03 | https://10.244.64.60:8443  | database        | x86_64       | default        |             | ONLINE | Fully operational |
+---------+----------------------------+-----------------+--------------+----------------+-------------+--------+-------------------+
stgraber@castiana:~$

Configuration file for the VM agent

It’s now possible to restrict what kind of actions can be performed through the Incus agent. This is done through a system configuration file which lists a set of enabled features. If the file exists and the feature list is present, then all features are disabled unless explicitly enabled.

Documentation: How to create instances - Incus documentation

Reverse DNS records in OVN

A very small but potentially quite useful addition. All instances running on OVN now get both forward and reverse DNS records generated for their addresses.

stgraber@castiana:~ (incus:dev-cluster/default)$ incus list c
+------+---------+--------------------+-----------------------------------------------+-----------+-----------+----------+
| NAME |  STATE  |        IPV4        |                     IPV6                      |   TYPE    | SNAPSHOTS | LOCATION |
+------+---------+--------------------+-----------------------------------------------+-----------+-----------+----------+
| c1   | RUNNING | 10.20.162.2 (eth0) | fd42:e9ac:c3e5:65f:1266:6aff:fef6:b217 (eth0) | CONTAINER | 0         | incus01  |
+------+---------+--------------------+-----------------------------------------------+-----------+-----------+----------+
| c2   | RUNNING | 10.20.162.3 (eth0) | fd42:e9ac:c3e5:65f:1266:6aff:fea4:5936 (eth0) | CONTAINER | 0         | incus02  |
+------+---------+--------------------+-----------------------------------------------+-----------+-----------+----------+
stgraber@castiana:~ (incus:dev-cluster/default)$ incus exec c1 bash
root@c1:~# host c2.incus
c2.incus has address 10.20.162.3
c2.incus has IPv6 address fd42:e9ac:c3e5:65f:1266:6aff:fea4:5936
Host c2.incus not found: 3(NXDOMAIN)
Host c2.incus not found: 3(NXDOMAIN)
root@c1:~# host 10.20.162.3
3.162.20.10.in-addr.arpa domain name pointer c2.incus.
root@c1:~# host fd42:e9ac:c3e5:65f:1266:6aff:fea4:5936
6.3.9.5.4.a.e.f.f.f.a.6.6.6.2.1.f.5.6.0.5.e.3.c.c.a.9.e.2.4.d.f.ip6.arpa domain name pointer c2.incus.
root@c1:~#

Complete changelog

Here is a complete list of all changes in this release:

Full commit list
  • Translated using Weblate (Portuguese)
  • agent-loader/install-linux.sh Fix SELinux issue with agent run path
  • incusd/device/nic: Fix link to instances-limit-units
  • doc: fix instances-limit-units reference links
  • Added default environment variables for the Windows agent.
  • instance/drivers/driver_common: Fix cat order bug in selinuxContext()
  • Added translation using Weblate (Swedish)
  • Translated using Weblate (Swedish)
  • Translated using Weblate (Swedish)
  • incusd/instance/lxc: Generate a stable MAC for managed physical bridged networks
  • Translated using Weblate (Chinese (Simplified Han script))
  • Translated using Weblate (Swedish)
  • Added new Windows environment variable ‘SystemDrive’
  • incus/create: Allow reading Ephemeral flag from stdin
  • incusd/device/nic_physical: Fix VLAN for VMs
  • Translated using Weblate (Swedish)
  • Translated using Weblate (Japanese)
  • Translated using Weblate (Japanese)
  • Translated using Weblate (Japanese)
  • incusd/network/bridge: Don’t listen for incoming RAs
  • incusd/network/zone: Allow trailing dot in NS records
  • incusd/device/physical: Allow live-migration of bridged physical NICs
  • shared/tls: Move ACME challenge to shared/tls
  • internal/server/acme: Update certificate renewal call
  • incusd/instance/qemu: Don’t attempt agent connections on frozen VMs
  • incusd/instance/qemu: Rework state reporting
  • Translated using Weblate (Chinese (Simplified Han script))
  • incusd/operations: Return a copy of the metadata to avoid concurrent access
  • Attempt to make the Incus Agent on Windows better integrated.
  • incusd/instance/qemu: Fix regression in reported state
  • Translated using Weblate (Japanese)
  • gomod: Update dependencies
  • gomod: Get latest umoci
  • build(deps): bump actions/upload-artifact from 5 to 6
  • incus/io: #2636 fix linter complaints in internal/io
  • generate-database: Allow overwriting the target column for a join
  • incusd/storage_volumes: Fix state handling in getVolumeFull
  • internal/jmap: Refactor Map methods and add comprehensive tests
  • shared/tls: implement Happy Eyeballs (RFC 8305) in RFC3493Dialer
  • incusd/devices/tpm: Make incompatible with live-migration
  • incus/util: #2636 fix linter complaints in internal/filter
  • incus/network_load_balancer: Fix typo in cmd info description
  • i18n: Update translation templates
  • api: Add storage_lvmcluster_qcow2 extension
  • incusd/storage/drivers: Add utils for qcow2 manipulation
  • incusd/instance/drivers: Add qcow2 block device utility functions
  • incusd/storage/drivers: Add ‘block.type’ config and additional validation checks
  • incusd/storage: Implement the creation of qcow2 formatted volumes when on lvmcluster
  • incusd/instance/drivers/qmp: Add QueryNamedBlockNodes and ChangeBackingFile
  • incusd/storage/drivers: Add support for activating and deactivating qcow2-formatted volumes
  • incusd/storage/drivers: Add support for the qcow2 config filesystem snapshots
  • incusd/storage/drivers: Add support for creating and renaming qcow2 volume snapshots
  • incusd/storage/drivers: Add GetQcow2BackingFilePath and Qcow2DeletionCleanup
  • incusd/device/config: Add ‘BackingPath’ to track backing chain for qcow2 volumes
  • incusd/storage: Add ‘BackingPath’ to track backing chain for qcow2 volumes
  • incusd/storage: Add support for creating, renaming, restoring and deleting qcow2 instance volumes
  • incusd/instance/drivers: Add support for running instances from a backing chain
  • incusd/instance: Add support for creating/deleting qcow2 snapshots while instance is running
  • incusd/storage/drivers: Show config filesystem only for FS volumes
  • incusd/storage/lvmcluster: Fix activation for containers
  • incusd/storage/lvm: Fix handling of stripe size config
  • incusd/storage/lvmcluster: Set block.filesystem to btrfs
  • incusd/storage: Don’t add new volume options on snapshot
  • incusd/storage/drivers/types: Fix gofumpt
  • doc: Update metadata
  • incusd/cluster: Add missing project handling to ConnectIfVolumeIsRemote
  • incusd/storage_volumes: Handle remote volumes in recursion=2
  • incusd/storage/lvm: Fix incorrect activation mode
  • incus/storage: Take project into account during qcow2 operation
  • shared/api: add comprehensive unit tests for URL builder
  • Translated using Weblate (Portuguese)
  • incus/admin/init: Prepare code for adding initialized server to cluster
  • incus/cluster: Add ‘cluster join’ command
  • i18n: Update translation templates
  • incus-agent: Code cleanup
  • incus-agent: Add OS config path
  • incus-agent: Add system configuration support
  • incus-agent: Add feature checks
  • doc/instances: Cover incus-agent configuration
  • doc/bpf-tokens: Fix markdown
  • gomod: Update dependencies
  • incus/file: Improve error messages
  • i18n: Update translation templates
  • doc/network/firewall: Remove warning against IP forward and Docker
  • incusd/storage: Generate a clean backup.yaml after a backup is generated
  • incusd/api_buckets: Provide fastpath for miniod access
  • incusd: Move ReverseDNS to util
  • incusd/network/ovn: Set PTR records
  • doc/openfga: Clarify required config keys
  • incusd/storage/linstor: Disable volume copie with snapshots
  • tests: Update tests for Linstor limitation

Documentation

The Incus documentation can be found at:

Packages

There are no official Incus packages as Incus upstream only releases regular release tarballs. Below are some available options to get Incus up and running.

Installing the Incus server on Linux

Incus is available for most common Linux distributions. You’ll find detailed installation instructions in our documentation.

Homebrew package for the Incus client

The client tool is available through HomeBrew for both Linux and MacOS.

Chocolatey package for the Incus client

The client tool is available through Chocolatey for Windows users.

Winget package for the Incus client

The client tool is also available through Winget for Windows users.

https://winstall.app/apps/LinuxContainers.Incus

Support

Monthly feature releases are only supported up until the next release comes out. Users needing a longer support length and less frequent changes should consider using Incus 6.0 LTS instead.

Community support is provided at: https://discuss.linuxcontainers.org
Commercial support is available through: Zabbly - Incus services
Bugs can be reported at: GitHub · Where software is built

1 Like
3