Introduction
In the past week LXD 3.20 has been released which includes most of the changes added in the past week so for more details please check the release notes.
We have been focusing on our new virtual machine feature and have added support for physical and sriov NIC devices using the vfio-pci kernel module.
We have also added ppc64le VM host support.
The REST API has also gained the ability to do server side filtering of results, for more info on this please see the REST API docs.
There have also been several bug fixes related to the new storage layer.
The AppArmor rules were modified to allow containers running systemd to use the “Project*” features to restrict services running inside the container.
A new container device type unix-hotplug was added, for more info on this please see the the LXD 3.20 Release Notes.
On the LXC front, a new config key was added lxc.selinux.context.keyring to allow the SELinux context under which the container’s keyring should be created to be specified. This allows applications inside the container that expect that the keyring is labelled with a certain context to run normally.
On the LXCFS front, an improvement to SWAP accounting was added to better handle conditions where swap usage is reported to be < 0.
Finally, distrobuilder had a fix for Alpine edge images applied that updates the apk repository config inside the containers to target the edge repos.
FOSDEM
Part of the #LXD team was attending FOSDEM over the weekend, running the containers devroom and also presenting on a variety of topics:
- Supervising and emulating syscalls (@brauner)
- Running full Linux systems in containers, at scale (@stgraber)
- dqlite: High-availability SQLite (@freeekanayaka)
- LXD for mixed system containers and VM workloads (@stgraber)
Videos are being edited at the moment and are slowly starting to show up on the FOSDEM website.
Contribute to LXD
Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: https://github.com/lxc/lxd/labels/Easy
You can also find a slightly longer, more detailed list here: Contributing to LXD
Ongoing projects
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- Virtual machine support
- Rework of internal LXD storage handling
- Distrobuilder virtual machine support
- Various kernel work
- Stable release work for LXC, LXCFS and LXD
Upstream changes
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
LXD
- lxd: updated dnsmasq and forkdns to use new subprocess module
- VM: Physical PCI passthrough
- doc/instance: Clarifies disk path not available for VMs
- VM: Failed startup cleanup
- Fix request redirect when removing a cluster member
- Storage: Only detect volume.block.filesystem changes on block backed pool FS volumes
- Migration: Adds support for pre-bidirectional negotiation targets
- Doc: Documents which device types can be used with which instance types
- VM: Adds SR-IOV NIC support
- Implement VM rename
- Instance name validation improvements
- VM: Mount VM config vol before generating NVRAM file
- lxd/storage: Pass config when deleting images
- Migration: CRIU rsync features
- Network fixes
- lxd/apparmor: Allow ro,remount,noatime,bind
- lxd/storage/drivers: Pass mountPath to xfs_growfs
- Storage: Fixes concurrent access race to map
- Supporting filtering GET requests for instances and images
- Uevent-based matching for unix-char and unix-block
- VM: forklimits
- VM: forklimits exec
- Default cert addresses & minor fixes
- doc: Add libudev-dev dependency
- Add ppc64le support
- Instance: Common driver and profile device validation support
- VM: Device check improvements
- lxd/vm: Fix bad bus name on ppc64el
- lxd/vm: Don’t specify addresses for pci on ppc64
- Storage: Fixes migrate refresh final sync snapshot bug
LXC
LXCFS
Distrobuilder
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
Ubuntu
- Nothing to report this week
Snap
- Bumped to ZFS 0.8.3
- Bumped to LXD 3.20
- Cherry-picked upstream bugfixes