Weekly status for the week of the 11th November to the 17th of November.
Introduction
The focus for LXD this passed week has been on continuing our initial virtual machine support.
There are new virtual machine specific API routes (at /1.0/virtual-machines) that will operate only on VM type instances.
A lot of development has continued on our new lxd-agent program that will run inside a VM to provide functionality that has previously been available to the lxc CLI for containers (such as file pull/push, console and exec). The agent itself is now made available to the VM through a 9p file share, and our forthcoming VM images will include init modifications to ensure that the agent is running on boot.
These init modifications will use an identifier file that has been added to the VM’s started through LXD to ensure the agent only starts if running inside LXD.
In the container realm, the router veth mode added to LXC back in LXC 3.2.1 has now also been added to LXD. This takes the form of a new NIC type called routed. This new NIC type provides a way for containers to be statically assigned external IPs from the host’s network (using static routes and proxy ARP/NDP) without using a bridge, IPVLAN or MACVLAN. It can also be useful when the host is connected to multiple networks and/or uses routing protocols to publish IP information about containers.
Support has also been added to allow interception and redirection of mount syscalls for filesystems and redirect them to their corresponding fuse implementation.
This is available through the new container config key security.syscalls.intercept.mount.fuse=<fstype>=<fuse-binary>.
On the distrobuilder front there have been improvements made to the OpenWRT build process and further documentation clean ups.
Contribute to LXD
Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: https://github.com/lxc/lxd/labels/Easy
You can also find a slightly longer, more detailed list here: Contributing to LXD
FOSDEM 2020 - containers devroom
We will once again be running the containers devroom at the upcoming FOSDEM conference in Brussels, Belgium. This year it’s going to be over the weekend of the 1st and 2nd of February.
The detailed call for papers can be found here: FOSDEM 2020 containers devroom: Call for papers
Upcoming events
Ongoing projects
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- Virtual machine support
- Rework of internal LXD storage handling
- Distrobuilder 1.0 release
- Various kernel work
- Stable release work for LXC, LXCFS and LXD
Upstream changes
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
LXD
- lxd/vm: Secure boot
- lxd/device/nic/routed: Adds veth routed NIC device
- Fix incorrect size of download images after fallback
- client: Add Disconnect function
- seccomp: implement redirection to fuse
- lxd/vm/qemu: Adds missing secure boot EFI firmware error
- lxd/storage: Only use raw images
- Add LXD VM identifier file
- seccomp: only apply shift when it is needed
- shared/simplestreams: Support disk-kvm.img
- Make the inclusion of IP/hosts in cert optional
- seccomp: tests, logging, pid namespaces
- Use 9p for vm agent
- VM cloud-init config drive
- lxd/vm: Add install script in 9p
- lxd/include: Fix SECCOMP_GET_ACTION_AVAIL define
- lxd/vm: Update systemd units
- lxd: Cleanup storage volumes properly for VMs
- lxd/instances: Add /1.0/virtual-machines
LXC
- Nothing to report this week
LXCFS
- Nothing to report this week
Distrobuilder
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
Ubuntu
- Nothing to report this week
Snap
- Adding the VM parts to the edge snap