LXD 2.0.11 has been released

This is the eleventh bugfix release for LXD 2.0.

The changes since LXD 2.0.10 are

Minor improvements:

  • LXD 2.0.11 is now snap aware and can be installed from the “2.0” track.
  • The documentation is now available on ReadTheDocs: https://lxd.readthedocs.io/en/stable-2.0/
  • It’s now possible to interrupt image downloads.
  • Added a new security.idmap.base config key (overrides the base uid/gid of the container).
  • Added support for delta image downloads.
  • Implemented instance types as a proxy for resource limits.
  • The user-agent string was expanded to include OS and kernel information.
  • The client library and related code is now kept in sync with master.
  • The command line client has been ported to the new client library.

Bugfixes:

  • client: Add CancelTarget to RemoteOperation
  • client: Add CreateContainerFromImage function
  • client: Added insecureSkipVerify flag the ConnectionArgs struct
  • client: Add extra exec option to block on I/O
  • client: Add GetServerResources()
  • client: Add GetStoragePoolResources()
  • client: Add image_create_aliases backward compat
  • client: Add RenameStoragePoolVolume()
  • client: Allow canceling image download from LXDs
  • client: Allow specifying base http client
  • client: Cleanup code duplication in image download code
  • client: Commonize error handling
  • client: Don’t live migrate stopped containers
  • client: Drop experimental tag from new client
  • client: Fail if source isn’t listening on network
  • client: Fix crash in operation handler
  • client: Fix crash when missing cookiejar
  • client: Fix handling of public LXD remote
  • client: Fix image copy
  • client: Fix non-interactive exec hangs
  • client: Fix potential race in event handler setup
  • client: Fix race condition in operation handling
  • client: Implement container and snapshot copy
  • client: Implement push and relay container copy
  • client: Implement remote operations
  • client: Improve error on image copy
  • client: Improve migration relay code
  • client: Keep track of protocol
  • client: Make it possible to retrieve HTTP client
  • client: Make the authentication Interactor configurable
  • client: Move CopyImage to the target server
  • client: Only set file headers if value is provided
  • client: Properly handle remote disconnections
  • client: Reduce request logging to Debug
  • client: Simplify ConnectPublicLXD logic
  • client: Support for macaroons-based authentication
  • client: Sync with master branch
  • client: Use RemoteOperation for CopyImage
  • config: Add support for CookieJar
  • config: Try to be clever about “:” in snapshots
  • doc: Add a note about blkio limits
  • doc: Add section on macvlan vs bridge
  • doc: Add SUPPORT.md
  • doc: Document instance types
  • doc: Document that squashfs images can also be used
  • doc: Document the exec control API
  • doc: Extend/rework security-related documentation.
  • doc: Fix lxd.log location in issue template
  • doc: Fix spaces, commas, quotes, brackets where needed
  • doc: Initial documentation of container env
  • doc: Refresh the issue template
  • doc: Seriously rework the content of the README
  • doc: Sort container config keys
  • doc: Sort server.md config keys
  • doc: Update containers.md
  • extra/lxc-to-lxd: Fix bad test
  • extra/lxc-to-lxd: Ignore capabilities dropped by default
  • extra/lxc-to-lxd: Ignore sysfs/proc mounts
  • extra/lxc-to-lxd: Properly handle lxc.seccomp
  • i18n: Update Japanese translation (for stable-2.0)
  • lxc: Add plumbing for operation cancelation
  • lxc: Cross-platform HOME handling
  • lxc: Fix help to provide sample that actually works
  • lxc: Fix import crash when adding properties
  • lxc: Fix race in progress reporter
  • lxc: Properly record alias source on copy
  • lxc: Re-introduce remote protocol migration
  • lxc: Respect HOME if set
  • lxc/config: Removal of multiple devices at once
  • lxc/copy: Report progress data
  • lxc/delete: Fix lxc delete --force description
  • lxc/exec: Fix signal handler for Windows
  • lxc/exec: Fix Windows port
  • lxc/file: Fix file push/pull with names containing spaces.
  • lxc/file: Read file perms from Windows FS
  • lxc/file: Use shared.HostPath for push/pull
  • lxc/image: Always use long fingerprint in exported filenames
  • lxc/image: Expose the “cached” flag
  • lxc/image: Fix aliases with simplestreams remotes
  • lxc/image: Fix “lxc image copy” not recording the source
  • lxc/image: Fix regression in exported filename
  • lxc/image: Improve filter handling
  • lxc/image: Make “lxc image copy” fast again
  • lxc/image: Update image aliases when they already exist
  • lxc/image: Use shared.HostPath for import/export
  • lxc/init: Fix failure to launch containers with random names
  • lxc/list: Error if --columns and --fast are used together
  • lxc/move: Use force on delete
  • lxc/publish: Fix fingerprint printing
  • lxc/remote: Don’t require a cert for public remotes
  • lxc/utils: Avoid potential progress race condition
  • lxc/utils: Println doesn’t do format strings
  • lxd-benchmark: Add CreateContainers function
  • lxd-benchmark: Add csv reporting
  • lxd-benchmark: Add freezeContainer function
  • lxd-benchmark: Add processBatch function, use it in SpawnContainers and DeleteContainers
  • lxd-benchmark: Add “spawn” as equivalent but deprecated to “launch”
  • lxd-benchmark: Add start and stop commands
  • lxd-benchmark: Add StartContainers function
  • lxd-benchmark: Add StopContainers function
  • lxd-benchmark: Change name of spawn command to launch
  • lxd-benchmark: Extract deleteContainer and copyImage functions
  • lxd-benchmark: Extract ensureImage function
  • lxd-benchmark: Extract getBatchSize function
  • lxd-benchmark: Extract GetContainers function
  • lxd-benchmark: Extract logic to separate package
  • lxd-benchmark: Extract PrintServerInfo function
  • lxd-benchmark: Extract printTestConfig function
  • lxd-benchmark: Fix ensureImage when a local alias is passed
  • lxd-benchmark: Fix local image handling
  • lxd-benchmark: Return operations duration
  • lxd-benchmark: Split private functions to separate files
  • lxd-benchmark: Use NewConfig to get a default configuration
  • lxd: Add initial lxd/sys sub-package and OperatingSystem structure
  • lxd: Fix typo now -> know
  • lxd: Make .dir-locals.el play nice with flycheck
  • lxd: Replace some uses of InternalError with SmartError
  • lxd: Use sql.DB or sys.OS instead of Daemon where possible
  • lxd/apparmor: Drop useless apparmor denies
  • lxd/apparmor: Support new stacking syntax
  • lxd/containers: Allow passing disk devices with the LXD snap
  • lxd/containers: Better handle errors in memory reporting
  • lxd/containers: Check for container mountpoint too
  • lxd/containers: Check whether disk device exists
  • lxd/containers: Cleanup volatile keys on update
  • lxd/containers: Detect POLLNVAL when poll()ing during exec
  • lxd/containers: Fix readonly mode for directory mount
  • lxd/containers: Make “dev” work as a network interface name
  • lxd/containers: Remove from db on storage failure
  • lxd/containers: Show underlying error when container delete fails
  • lxd/containers: Update to support LXC 2.1 configuration keys
  • lxd/containers: Use lxc.network.N.
  • lxd/daemon: Don’t update images while pruning
  • lxd/daemon: d.os.Init must be run after all paths are created
  • lxd/daemon: Extract Daemon.ExpireLogs into a standalone function
  • lxd/daemon: Extract Daemon.GetListeners into a standalone function
  • lxd/daemon: Extract Daemon.httpClient into a standalone HTTPClient function
  • lxd/daemon: Extract Daemon.ListenAddresses into a standalone function
  • lxd/daemon: Extract Daemon.PasswordCheck into a standalone function
  • lxd/daemon: Extract Daemon.SetupStorageDriver into a standalone function
  • lxd/daemon: Finish replacing Daemon with State also in higher-level entity APIs
  • lxd/daemon: Fix handling of config triggers
  • lxd/daemon: Improve error on invalid config key
  • lxd/daemon: Log a warning for unknown config keys and don’t crash
  • lxd/daemon: Move Daemon.BackingFs to the OS struct
  • lxd/daemon: Move Daemon.IdmapSet to OS.IdmapSet
  • lxd/daemon: Move Daemon.isRecursionRequest to the lxd/util sub-package
  • lxd/daemon: Move Daemon.lxcpath to OS.LxcPath
  • lxd/daemon: Move Daemon.MockMode to OS.MockMode
  • lxd/daemon: Move Deamon.CheckTrustState and Deamon.isTrustedClient to lxd/util
  • lxd/daemon: Move filesystemDetect function into lxd/util subpackage.
  • lxd/daemon: Move lxd/util.go into its own lxd/util/ sub-package
  • lxd/daemon: Replace Daemon with State in all model entities
  • lxd/daemon: Reset the images auto-update loop when configuration changes
  • lxd/daemon: Simplify time channels
  • lxd/daemon: Use select and save goroutines
  • lxd/db: Add db/query sub-package with common query helpers
  • lxd/db: Add db/schema sub-package for managing database schemas
  • lxd/db: Add query.Transaction
  • lxd/db: Add Schema.Dump() method for flattening a series of schema updates
  • lxd/db: Add schema.NewFromMap convenience to create a schema from a map.
  • lxd/db: Automatically generate database schema from database updates
  • lxd/db: Don’t special-case mock mode unnecessarily in db patches
  • lxd/db: Drop dependencies on Daemon
  • lxd/db: Fix bad DB schema update between schema 30 and 31
  • lxd/db: Fix database upgrade logic not inserting interim versions
  • lxd/db: Move db*.go files into their own db/ sub-package
  • lxd/db: Separate db-level update logic from daemon-level one
  • lxd/db: Wire new schema code into db.go
  • lxd/devices: Add support for isolcpu in CPU scheduler
  • lxd/devices: Don’t mark all cpus isolated by default
  • lxd/devices: Fix handling of major and minor numbers in device IDs
  • lxd/devices: Fix sorting order of devices
  • lxd/devices: Handle empty isolcpus set
  • lxd/devices: Take all 32 bits of minor device number
  • lxd/events: Fix race condition in event handlers
  • lxd/images: Actually get the list of images to remove
  • lxd/images: Always expand fingerprint
  • lxd/images: Carry old “cached” value on refresh
  • lxd/images: Clear error for image not found
  • lxd/images: Don’t access the returned struct in case of error
  • lxd/images: Fix image refresh when fingerprint is passed
  • lxd/images: Fix ordering of compressor arguments
  • lxd/images: Fix potential double unlock
  • lxd/images: Fix private image copy with partial fp
  • lxd/images: Fix regression in image auto-update logic
  • lxd/images: Initialize image info in direct download case
  • lxd/images: Properly extract the image expiry
  • lxd/images: Respect disabled cache expiry
  • lxd/images: Store UploadedAt as RFC3399
  • lxd/init: Add a cmd.Parser helper for parsing command line flags
  • lxd/init: Consolidate interactive/auto init logic with the preseed one
  • lxd/init: Extract code asking init questions to individual methods
  • lxd/init: Extract logic to fill init data to standalone methods
  • lxd/init: Extract validation of --auto args into a separate method
  • lxd/init: Make the log cmdInit unit-testable
  • lxd/init: Move state-changing inline functions to own methods
  • lxd/init: Plug cmd.Parser into main.go
  • lxd/init: Properly set default port
  • lxd/main: Fix error message when log path is missing
  • lxd/migration: Fix live migration (bad URL in dumpsuccess)
  • lxd/networks: Don’t require ipt_checksum
  • lxd/patches: Convert UploadedAt to RFC3399
  • lxd/rsync: Handle sparse files when rsyncing
  • lxd/shutdown: Only timeout if told to
  • lxd/storage/btrfs: Workaround btrfs bug
  • lxd/storage/dir: Unfreeze on rsync error
  • lxd/storage/rsync: Ignore vanished file warnings
  • Makefile: Fix static-analysis target
  • Makefile: Update pot before po
  • network: Do not update limits unconditionally
  • shared: Add wrapper to translate host paths
  • shared: Cleanup use of log
  • shared: Fix bad check for snap paths
  • shared: Fix growing of buf in GroupId
  • shared: Fix new golint warning
  • shared: Move GetRemoteCertificate from lxc/remote
  • shared: Move idmap/acl functions to a separate package
  • shared: Move testhelpers into shared/osarch for now
  • shared: Use custom error type for RunCommand
  • shared: Vendor the subtest compatibility schim in shared/subtest
  • shared: Websocket proxy should proxy everything
  • shared/api: Add API for editing containers metadata.yaml and template files
  • shared/api: Add container template files operations.
  • shared/api: Add server resource api structs
  • shared/api: Add storage pool resource api structs
  • shared/api: Add StorageVolumePost
  • shared/api: Add support for macaroons-based authentication indicator
  • shared/api: Extensions go at the bottom
  • shared/api: Implement complete push migration
  • shared/api: Migration: state{ful,less} snapshot migration
  • shared/api: Split storage in separate files for pools and volumes
  • shared/api: Sync with master branch
  • shared/canceler: Support canceling with parallel downloads
  • shared/canceler: Fix return value ordering
  • shared/canceler: Use request Cancel channel
  • shared/cmd: Don’t depend on testify in the cmd package
  • shared/cmd: Update to match master
  • shared/idmap: Disallow hostids intersecting subids
  • shared/idmap: Fix numerous issues
  • shared/idmap: Fix tests
  • shared/idmap: Make ACL failures more verbose
  • shared/logger: Temporary workaround for log15 API breakage
  • shared/network: Add some more TLS ciphers
  • shared/network: Sync TLS handling with master
  • shared/osarch: Add function for parsing /etc/os-release
  • shared/osarch: Add missing architecture aliases
  • shared/osarch: Fix uname handling on some architectures
  • shared/util: Add helper to create tempfiles
  • shared/util: Extract helper to get uname
  • shared/util: Guess size when sysconf() returns -1
  • shared/util: Guess size when sysconf() returns -1
  • shared/util: Implement mountpoint checking
  • shared/util: More snap handling logic
  • shared/util: Shift xattr ACLs uid/gid
  • shared/util: Sync ParseLXDFileHeaders with master
  • shared/version: Add helper to get platform-specific versions
  • shared/version: Only include kernel version, not build id
  • tests: Add a test for read-only disks
  • tests: Add new dependencies
  • tests: Add performance regression tests
  • tests: Add storage helpers
  • tests: Add support for LXD_TMPFS to perf.sh
  • tests: Add test for disallowing hostid in subuid
  • tests: Also measure batch startup time in perf.sh
  • tests: bump image auto update limit to 20min
  • tests: Clear database state in the mock daemon after each lxdSuiteTest
  • tests: Don’t attempt to finger public remotes
  • tests: Don’t attempt to finger public remotes
  • tests: Don’t copy running lvm/ceph containers
  • tests: Fix bad raw.lxc test
  • tests: Fix dependency check
  • tests: Fix image_auto_update test
  • tests: Fix image expiry test
  • tests: Fix shell return value masking
  • tests: Function to include storage backends helpers
  • tests: include lvm in image auto update
  • tests: More apparmor presence checking
  • tests: Refactor cleanup functions
  • tests: Setup basic channel handler for triggers
  • tests: Skip apparmor tests when no kernel support
  • tests: Split out lxc and lxd related helper functions
  • tests: Split out network-related helper functions
  • tests: Split out storage-related helper functions
  • tests: Split out test setup related helper functions
  • tests: Support running individual testify test suites
  • tests: Switch to new storage helpers
  • tests: Update perf.sh to “lxd-benchmark launch”
  • tests: use “–force” everywhere on stop
  • tests: Use in-memory db for tests (makes them faster)
  • tests: Use testimage for perf testing
  • tests: Validate that the right busybox is present
  • tests: Wait up to 2 minutes for image updates

Downloads

The release tarballs can be found on our download page.

1 Like

Does this mean that LXD will know if it was installed via apt or snap and will set up the appropriate
configuration settings?

There is no configuration needed to get LXD working inside a snap environment.

What we had to do was add extra handling code for paths that the user may provide, For example when adding a disk entry to a container or when importing/exporting an image from/to a file. Those paths, as provided by the user do not exist in the snap environment and so LXD has to know how to translate them into paths it can actually access.

Thanks. Good to know!