LXD 3.4 has been released

Introduction

The LXD team is very excited to announce the release of LXD 3.4!

The main highlight for this release is the major performance improvement that made it in.
We upgraded to a newer version of our database backend, introduced new internal APIs for batch queries, made it possible to query all container states in one API call and fixed a number of bottlenecks that were quite negatively affecting cluster performance.

Initial tests show that a cluster running several thousand containers will now usually return basic container status (lxc list --fast) in just a couple of seconds with most other operations also significantly faster than in the past. Things aren’t quite as fast as we’d like them to be yet, especially when querying the full container state of hundreds/thousands of containers (lxc list) but we’re working on a few options to improve that too.

As for new features, we added progress reporting to a few missing commands in our command line client, added support for aliasing to external commands and added support for cross-host DNS when using a Fan bridge on a LXD cluster.

Enjoy!

Important notes

Fixed container snapshot and backup naming

In the past, the name property of all snapshots and backups included the container name followed by a slash and then by the snapshot or backup name.

This was redundant given that you could only get this information by querying a particular container.

The API now only returns the snapshot or backup name but LXD still understands the old syntax to allow for migrations and restoring of existing backups.

Switched to a newer implementation of dqlite

dqlite, the distributed sqlite3 implementation that we started using for LXD in LXD 3.0 has been significantly reworked to remove a number of performance bottlenecks.

Most of the database logic is now done inside a C library (libdqlite) with a matching Go package (go-dqlite) providing the SQL interface for LXD.

The on-disk format remains unchanged, so there’s no risky upgrade step for this but packagers need to be aware of the new library and package it with LXD.

Renamed lxc remote set-default to lxc remote switch

We renamed lxc remote set-default to the much friendlier and shorter lxc remote switch, this is in preparation for work on LXD projects which will have a similar switch subcommand.

lxc remote set-default remains valid as an alias of lxc remote switch.

Renamed the macaroon authentication options to candid

Now that a standard implementation of macaroon based authentication is publicly available in the Candid project we have updated LXD to support it and renamed our configuration options to match.

This primarily affects the old core.macaroon.endpoint which has now been renamed to candid.api.url. Upgrading to LXD 3.4 will automatically convert one into the other.

New features

Fan-aware DNS resolving for clusters

One problem several users ran into when running a LXD cluster using the Ubuntu Fan as an overlay network was that even though all traffic was properly routed between the various nodes, attempting to resolve the name of a container would only work if it happened to be running on the same cluster node.

LXD 3.4 changes that by now attempting to resolve DNS queries for the network’s defined domain (lxd by default) against all of the nodes until one returns a value, making it feel like it’s all handled by a single unified DNS server.

Faster API for container status

A new /1.0/containers?recursion=2 API has been added which allows for retrieving all containers, their configuration, their state, their snapshot list and their backup list in a single call.

This effectively lets you move from making 1 main API call followed by 3 additional calls per container to just doing a single call.

Progress information in lxc file and lxc import

Transferring files or uploading a backup to LXD will now get you progress information.
When available, you’ll get the percentage transferred and current speed, when the size is unknown, you’ll still get how much was transferred and the transfer speed.

Aliases to external commands

It’s now possible to setup aliases in the command line client which point to external commands. All you have to do is have the alias begin with the absolute path to the command to execute.

lxc alias add my-script "/usr/local/bin/myscript @ARGS@ --extra-args"

File capabilities support

All calls to tar and rsync now pass the required options to save and restore extended attributes, including file capabilities.

On top of that, we’ve implemented logic in our idmap package to shift and unshift files that include file capabilities, using the recently introduced unprivileged file capabilities.

On suitable kernels (upstream 4.14+) this will now allow LXD images to include file capabilities for utilities such as ping or mtr and have users of privileged or unprivileged containers alike be able to set and use those capabilities.

Bugs fixed

  • client: Centrally handle targeting
  • client: Fix CopyContainerSnapshot API
  • doc: Fix API output for snapshots
  • doc: Fix typo in storage documentation
  • doc: Update README to cover make deps and new requirements
  • doc: Update requirements
  • global: Support xattrs in rsync calls
  • global: Support xattrs in tar calls
  • global: Unify error messages
  • i18n: Update translations from weblate
  • i18n: Update translation templates
  • lxc: Allow aliases to external commands
  • lxc: Make answer to remote add translatable
  • lxc/container: CEPH also needs offline quotas
  • lxc/copy: Update to fixed CopyContainerSnapshot
  • lxc/file: Show progress
  • lxc/image: Fix URL-based imports
  • lxc/import: Show progress
  • lxc/list: Port to ContainerFull
  • lxc/list: Support for recursion=2
  • lxc/remote: Fix crash on bad remote name
  • lxc/remote: Rename set-default to switch
  • lxc/storage: Fix bad argument parsing
  • lxc/utils: Handle empty progress
  • lxc-to-lxd: Fix lxc.rootfs parsing
  • lxc-to-lxd: Fix rootfs tests
  • lxd: Add dns forwarder
  • lxd: Don’t include container name in backups/snapshots
  • lxd: Fix --syslog flag
  • lxd: Port over to new containerLoadAll function
  • lxd: Port over to new containerLoadNodeAll function
  • lxd/backups: No need for interfaces
  • lxd/cluster: Allow for MemberConfig to be empty in new join API
  • lxd/cluster: Fix typo in errors
  • lxd/cluster: Fix unit test regression
  • lxd/cluster: Only query the containers we need
  • lxd/cluster: Properly skip pending networks/pools
  • lxd/cluster/gateway: Log proxy errors
  • lxd/cluster/gateway: Tweak errors
  • lxd/containers: Add helpers for retrieving containers
  • lxd/containers: Don’t flush leases for snapshots
  • lxd/containers: Fetch containers info in parallel
  • lxd/containers: Implement support for recursion=2
  • lxd/containers: Improve shutdown logic for cluster nodes
  • lxd/containers: Only get the profiles once
  • lxd/containers: Speed up recursive list
  • lxd/containers: Use internal struct values
  • lxd/db: Adapt main package to new cluster sub-package API
  • lxd/db: Add ContainerArgsList and ContainerArgsNodeList
  • lxd/db: Add support for “lxd sql global .sync”
  • lxd/db: Capitalize error messages
  • lxd/db: Drop go-1.6 backward compatibility
  • lxd/db: Drop raft snapshot workaround
  • lxd/db: Fix lints
  • lxd/db: Fix snapshot filtering
  • lxd/db: Fix some missing error checks
  • lxd/db: Limit open connections to local db after initialization
  • lxd/db: Redirect dqlite logging to lxd logging
  • lxd/db: Re-enable empty table checks
  • lxd/db: Replace grpc-sql with dqlite custom protocol
  • lxd/db: Use mattn’s sqlite3 bindings instead of our fork
  • lxd/db: Wire dqlite server
  • lxd/forkproxy: use correct types for {g,u}ids
  • lxd/images: Cleanup any leftovers on startup
  • lxd/images: Send a notification to other nodes when an image is removed
  • lxd/import: Fix support for snapshots without container name
  • lxd/init: Make use of the new cluster join API
  • lxd/networks: Add support for FAN clustered DNS
  • lxd/networks: Don’t try listing containers for lo
  • lxd/networks: Drop unused db property
  • lxd/networks: Fix packet stats logic for containers
  • lxd/networks: Ignore veth devices
  • lxd/networks/state: Skip non-existing interfaces
  • lxd/patches: Fix “no transaction is active” error during database updates
  • lxd/state: Add endpoints to state struct
  • lxd/storage: Cache storage version
  • lxd/storage: Don’t log every storage init
  • lxd/storage/ceph: Fix default container quotas
  • lxd/storage/zfs: Optimize getting disk usage
  • Makefile: Add deps target
  • Makefile: Drop gccgo
  • Makefile: Drop outdated comment
  • Makefile: Fix tags handling
  • Makefile: Fix typo in .PHONY
  • Makefile: Include dqlite in dist tarball
  • Makefile: Rename protobuf to update-protobuf
  • Makefile: Require libsqlite3
  • Makefile: Respect CGO_CFLAGS
  • Makefile: Set PKG_CONFIG_PATH
  • Makefile: Tweak sqlite build flags
  • Makefile: Use shallow clone for dist
  • Makefile: Use shallow clone for deps
  • shared/api: Define ContainerFull
  • shared/idmap: C coding style fixups
  • shared/idmap: Convert uid from big to little endian
  • shared/idmap: Fix xattr.h import
  • shared/idmap: Shift fscaps
  • shared/idmap: s/set_caps/set_vfs_ns_caps/g
  • tests: Add test for cluster shutdown logic
  • tests: Fix lxc-to-lxd unit tests
  • tests: Fix new storage get/set test

Try it for yourself

This new LXD release is already available for you to try on our demo service.

Downloads

The release tarballs can be found on our download page.

4 Likes

LXD 3.4 is available in the candidate channel of the LXD snap.
We’re currently expecting to roll this out to the stable channel on Thursday.