Weekly status for the week of the 22nd of June to the 28th of June.
Introduction
The highlight of the past week was the release of LXC 4.0.3 and LXD 4.0.2.
Those includes accumulated bugfixes for the past few months of development.
LXD
Most of the focus this past week has been on improving VM functionality. The highlight of which was adding support for custom block volumes for VMs.
These can now be created as so:
lxc storage volume create [<remote>]:<pool> <name> --type=block
Also on the VM front, we have added a udev rule to start the lxd-agent inside the VM guest, should the systemd unit fail to start due to a race depending on the qemu device that indicates an LXD VM guest. This fixes lxd-agent start problems on some distros, such as Debian.
An issue with cloud-init inside VMs has been fixed to ensure custom cloud-init config is applied.
Although not strictly related to VMs, it was impacting them the most, an improvement has been added to use the backups volume for temporary backing unpacking (if specified) rather than potentially filling up /tmp and failing for larger instance backups.
We now also support passing arguments to the backup and publish compressor executable rather than just its name.
LXC
This past week has seen initial support for time namespace added to LXC. This allows you to specify an offset for the boot time and monotonic clocks inside a container.
Several fixes have also been added, including a fix for the lxc-net script to support properly calculating the broadcast address of the bridge. Fixes for log flooding due to missing command and a non-blocking stop issue have also been fixed.
LXCFS
Further improvements to swap accounting have been added this past week to handle more edge case conditions after the recent re-work.
Distrobuilder
The agent race condition mentioned in the LXD section has also been applied to the images we build. Several issues were fixed for Oracle and openSUSE images as well.
Contribute to LXD
Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors
Upcoming events
-
Open Source Summit - North America
- Dates: June 29 - July 2
- Location: online event
- Attendees: @brauner @stgraber
- Talks:
- Using Linux primitive to build your own containers (@stgraber @brauner)
- 5 years of providing root shells to strangers on the internet (@stgraber)
- Making unprivileged containers more usable (@brauner)
- Container kernel development (@brauner)
- Panel Discussion: What is Lacking in Linux Security and What Are or Should We be Doing about This - Elena Reshetova, Intel with Andrew Lutomirski, AMA Capital Management; Nayna Jain & Emily Ratliff, IBM; Dmitry Vyukov, Google; Christian Brauner, Canonical (@brauner)
Ongoing projects
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- Virtual machine support
- Distrobuilder Windows support
- Various kernel work
- Stable release work for LXC, LXCFS and LXD
Upstream changes
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
LXD
- Support custom block volumes
- Validate that pools and networks are not pending
- lxd: Fix snapshot index retrieval
- lxd/vm: Add udev rule fallback
- lxd/backups: Use backups dir for unpack
- lxd/images: Set arch names when downloading
- Add support for arguments to compressors
- Fix rest-api doc
- lxd: Fix building with clang
- Firewall: Filter unwanted Ethernet frame types when IP filtering is enabled
- lxd/db: Add missing criteria for querying a specific public image
- lxd/cluster: If raft node 1 gets remove during recovery, add it back
- lxd/storage/drivers: Bump VM fs size to 100MB
- Use Truncate instead of qemu-img
- Fix placement in cluster for foreign arch
- lxd/storage: Better handle broken volumes
- Stream multi-part file responses
- lxd/device/disk: Fixes cloud-init errors for VMs
- lxc/action: Show usage on missing target
- lxd/storage: Rely on UsedBy for deletion error
- lxd/storage: Backward compatibility for content types
LXC
- lxccontainer: fix non-blocking container stop
- lxc-net: Set broadcast
- commands: don’t flood logs
- time namespace support
- Update Japanese lxc.container.conf(5)
- confile: handle overflow in lxc.time.offset.{boot,monotonic}
LXCFS
Distrobuilder
- sources/oracle: Consider boot images only
- Fix lxd-agent race condition
- generators/lxd-agent: Add symlink workaround for openSUSE
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
Ubuntu
- Nothing to report this week
Snap
- Cherry-picked upstream LXC bugfixes
- Cherry-picked upstream LXD bugfixes
- Cherry-picked upstream LXCFS bugfixes
- Updated LXC to 4.0.3
- Allowed /run/user access from the snap (for dbus)