Weekly Update Templates960×540 48 KB

Introduction

LXD

This past week has seen several new features added to LXD.

On the networking front, we have added support for stateful DHCPv6 for OVN networks. This can be enabled using the usual ipv6.dhcp.stateful config key.

We have also improved the output of fallback instance IP address list when LXD cannot contact the lxd-agent process inside a VM. In these scenarios we had previously looked at the DHCPv4 leases and the IPv6 neighbour cache on the parent interface. We now also support inspecting the OVN northbound database for IP addresses associated with a virtual port, and for bridged NICs we use the IP neighbour cache for both IPv4 and IPv6 address. For both ovn and bridged NICs we now also ‘guess’ the IPv6 address as the EUI64 address derived from the NIC’s MAC addresses if ipv6.dhcp.stateful is disabled on the parent network. This should improve the accuracy of the IP address output in lxc ls and lxc info when running VMs without an lxd-agent (such as Windows).

Instance and custom volume backups gained the ability to import a backup file as a different instance name or custom volume. We have added an optional argument to specify this to the lxd import and lxd storage volume import commands.

Also on the storage front, storage pools have gained a rsync.compression setting to which allows rsync compression to be disabled during volume transfers. This can significantly speed up transfers when the bottleneck is CPU rather than bandwidth. Rsync compression remains enabled by default.

Virtual machines have gained support for live memory shrinking and growth back to boot time size using the balloon device inside the VM guest. This can be controlled using the lxc set <instance> limits.memory=<size> command.

In some circumstances the VM’s qemu process can hang in such a way that LXD had previously reported the VM as stopped, but it could not be started again because it was still partially running. This issue is now detected, and will show the VM in an error state.

When launching VMs inside a restricted project that does not allow volumes to be attached, this preventing attaching the cloud-init config driver. This is now always allowed inside restricted projects, allowing LXD to control cloud-init.

Finally, there have been several AppAmor fixes that were preventing dnsmasq operation in some environments, and a bug that allowed empty passwords to be set during cluster setup (and subsequently prevented any nodes from joining the cluster) has now been fixed.

Contribute to LXD

Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors

Upcoming events

• Nothing to report this week

Ongoing projects

The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.

• Distrobuilder Windows support
• Virtual networks in LXD
• Various kernel work
• Stable release work for LXC, LXCFS and LXD

Upstream changes

The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.

LXD

• lxc: Always use HostPathFollow
• Backup: Fix importing custom volumes for unprivileged containers
• lxd/cluster: Changing “no heartbeat” language in membership.go
• Backup: Allow import of instances and custom volume under different names
• lxd/api: Restrict access to daemon config
• lxd/storage: Allow ceph/cephfs for images/backups
• VM: Add support for live shrinking of limits.memory
• Network: Adds OVN DHCPv6 stateful support
• Network: OVN NIC fallback state info
• Resources API tweaks
• VM: Adds support for live memory growth back to boot time memory size
• VM: Detect broken/hung qemu process and reflect in LXD state output
• lxd/apparmor: Allow access to zoneinfo files
• Network: Add EUI64 guessing for bridged NIC state
• lxd/apparmor: Add /etc/localtime to the list
• lxd/project: Always allow cloud-init:config drives
• doc/image-handling: Cover publishing
• shared/simplestreams: Fix stream’s index download url
• Prevent empty passwords during init if password authentication is enabled
• Adds config key for disabling rsync compression
• doc/index: Add libsqlite3-dev back to dependencies

LXC

• Nothing to report this week

LXCFS

• Nothing to report this week

Distrobuilder

• Updated doc/index.md

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.

Ubuntu

• Nothing to report this week

Snap

• lxd: Cherry-pick upstream bugfixes