Weekly status #144

Weekly status for the week of the 13th April to the 19th of April.


In the past week we have released LXC 4.0.2 and LXCFS 4.0.3. These were bug fix releases in our 4.x LTS release line.

On the LXD front we have added several new features:

Support for using proxy ARP/NDP with custom policy routing tables on the host with ipvlan (in the default l3s mode) and routed NIC types. This is achieved by specifying a host routing table to add the static routes on the instance’s NIC config. By adding the static routes to a custom routing table, this allows the proxy ARP/NDP responses to be generated by the kernel.

e.g. Using a routed NIC with a custom routing table ID of 100.

lxc config device add c1 eth0 nic nictype=routed parent=eth0 ipv4.address= ipv4.host_table=100

Layer 2 mode support has been added to ipvlan NICs. This allows ipvlan NICs to specify their own default gateway rather than using the host’s default gateway config. It also allows limited DHCP support at layer 2, as long as the DHCP client supports using DUID client IDs rather than MAC address. This also doesn’t need to use proxy ARP/NDP on the host and allows containers to add additional IPs without notifying the host (this is also possible in l3s mode, but due to the way proxy ARP/NDP is setup, only containers running on the same host will be able to use the new IPs added).


lxc config device add c1 eth0 nic nictype=ipvlan parent=eth0 mode=l2 ipv4.gateway=

Additional system information has been added to the resources API.

VMs can now have Ceph RBD block disk devices added to them, this uses the same disk device configuration parameters as containers do. It uses the RBD support in Qemu, so the RBD support must be built into the version of Qemu being used.

An issue that prevented adding several NICs to a VM has been fixed. A VM can now have up to 8 NICs added to it.

We have removed the loading of the br_netfilter kernel module when using the bridged NIC security.ipv6_filtering option as this can cause unexpected traffic filtering on unrelated network connections (as the default behaviour when the br_netfilter module is loaded is to pass all traffic through the netfilter framework). Instead we just check if the module is loaded and configured as needed and if not generate an error.

Finally, an issue affecting renaming instance backups has been fixed.

The focus for LXC and LXCFS last week was continuing to fix cgroupv2 related issues.

Please see the LXC 4.0.2 and LXCFS 4.0.3 release notes for more details.

Some fixes related to Gentoo and OpenWRT source checksum matching were added. As well as a fix for Funtoo image and GPG key URLs.

Contribute to LXD

Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors

Ongoing projects

The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.

  • Virtual machine support
  • Distrobuilder virtual machine support
  • Various kernel work
  • Stable release work for LXC, LXCFS and LXD

Upstream changes

The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.





Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.


  • Uploaded LXCFS 4.0.3 to Ubuntu 20.04
  • Uploaded LXC 4.0.2 to Ubuntu 20.04
  • Uploaded a new LXD migration package to Ubuntu 20.04


  • Rolled out core18 version of the LXD snap to stable
  • Updated to LXC 4.0.2
  • Updated to LXCFS 4.0.3
  • Made log rotating less aggressive
  • Hardened the migration logic
  • Add Ceph RBD support to bundled QEMU
  • Added getfattr/setfattr into the snap