Weekly status for the weeks of the 15th to the 21st of July.
Introduction
This past week has mostly been a maintenance week with bug fixes, code re-organizations for our larger projects, and other small improvements.
LXD 3.15 started rolling out to our stable users halfway through the week.
Several cluster heartbeat related bugs since the LXD 3.15 release have been fixed, with the aim of reducing the time it takes for cluster membership changes to be applied throughout the cluster nodes.
A number of regressions/bugs in the new dqlite 1.0 backend used by LXD 3.15 were also tracked down, resolved and rolled out to affected users.
The ability to create an empty container has been added to LXD, which is useful if you already have a rootfs you want to use for a container.
On the LXCFS side, several improvements to the way CPU usage is accounted for have been added.
The LXC 3.2 and LXCFS 3.1 releases got delayed a bit and are now expected for early this week.
Upcoming events
- Linux Security Summit - San Diego
- Open Source Summit - San Diego
- Linux Plumbers Conference - Lisbon
-
Kernel Recipes - Paris
- Dates: September 25-27, 2019
- Attendees: @brauner
- Talks:
Ongoing projects
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- Rework of internal LXD device handling
- Rework of internal LXD storage handling
- Ubuntu Core 18 support in distrobuilder
- Cloud-init for all distrobuilder images
- Various kernel work
- Stable release work for LXC, LXCFS and LXD
Upstream changes
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
LXD
- seccomp: cleanup + simplify
- Makefile: include libraft and libco
- bugfix, cleanup, and simplify
- iptables: Moves iptables helper functions into own package
- seccomp: abstract syscall handling
- lxd/project: Adds project package and updates references to it
- dnsmasq package
- tests: Fix CEPH pool names
- tests: Avoid ceph pool conflict
- Device Utils
- forksyscall: mknod fixes
- instance: Adds new type instance
- device/instance/id: Adds instanceIdentifier interface
- networks/utils: Removes networkUpdateStaticContainer
- forksyscall: switch chdirchroot() and setns() order
- Add support for
--empty - task/group: Moves wait group Done() after g.running update
- forksyscall: use correct error handling for chdirchroot()
- seccomp: handle setxattr syscall
- Improve
disttarball - test: Updates static_analysis.sh
- lxd/storage: Fix hangs on volume migration failures
- Add configuration keys for syscall interception
- forksyscall: protect CLONE_NEWCGROUP with ifdef
- lxc/list: If no snapshots, show 0
- seccomp: improvements
- shared: Don’t open files to get their mode
- lxd/cluster: Use hook for initial heartbeat
- Small CEPH improvements
- Cluster heartbeat format change
LXC
LXCFS
Distrobuilder
- Nothing to report this week
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
Ubuntu
- Nothing to report this week
Snap
- Fixed a long standing bug where lxcfs incorrect inherited the LXD socket
- Did several round of cherry-pick of fixes on top of LXD 3.15
- Added the ethertypes and protocols files required for the new ipv4/ipv6 filtering feature