Weekly status for the week of the 10th February to the 16th of February.
Introduction
Last week LXD 3.21 was released. In addition to the highlights in the release notes, the following changes were also added:
A redesign of the firewall interface as well as migrating the xtables firewall driver to the new interface was completed. This paves the way for us to add a new nftables firewall driver shortly.
Several bugs were fixed related to file transfers; symlinks are now followed, and an issue that could cause files to be owned by the unshifted UID if the file was pushed during container start up. Also related to UID shifting, a bug was fixed that updates the ACL entries rather than adding new ones to avoid filling up the ACL list.
A bug in lxc exec
that caused the lxc
process to hang if the controlling terminal was closed when the command being run was ignoring SIGHUP signals sent when the controlling terminal was closed (such as bash when it is running another command). We now detect that there is no controlling terminal and send a SIGTERM instead of the SIGHUP.
A bug giving a misleading error message when attempting to delete a storage pool that was being used by instances in the non-default project has been fixed and an improvement to clustering port validation was added.
On the LXC front, we now drop groups before switching to the user namepsace root, and a small memory leak in locking was fixed.
Contribute to LXD
Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: https://github.com/lxc/lxd/labels/Easy
You can also find a slightly longer, more detailed list here: Contributing to LXD
Ongoing projects
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- Virtual machine support
- Distrobuilder virtual machine support
- Storage database cleanup/rework
- Various kernel work
- Stable release work for LXC, LXCFS and LXD
Upstream changes
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
LXD
- Firewall: xtables
- Unlock when isLeader failure
- Consider the default port when checking address overlap
- lxd: Fix error message when deleting storage pools
- Re-disable clustering upgrade test
- lxc/file: Follow symlinks on individual file transfers
- lxd/container: Protect file push/pull from shift
- Configurable number of voting and stand-by members
- Revert "lxd/instance/drivers/driver/qemu: Fix go routine leak and hanging lxc clients
- CPU pinning for virtual machines
- terminal fixes
- VM: CPU topology
- Improve cluster address validation
- idmap:acl: don’t add but update the acls
- lxc/file: Expand complex symlink chains
- golint fixes
- shared: Fix HostPathFollow for stdin/stdout
LXC
LXCFS
- Nothing to report this week
Distrobuilder
- Nothing to report this week
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
Ubuntu
- Nothing to report this week
Snap
- Updated for LXD 3.21
- Cherry-picked stable bugfixes