Weekly status #202


Weekly status for the week of the 7th of June to the 13th of June.

Introduction

This past week has mostly been a bug fix and improvement week, however Dqlite 1.8.0 also got a release with new snapshot control functionality.

The LXD latest/stable and 4.0/stable snaps are also going to be moving to the core20 base snap package this week which means the i386 variant will no longer receive updates. Please see

Moving our IRC presence to Libera Chat

Our IRC (live chat) channels have moved from Freenode over to Libera Chat.
You can now find us in #lxc and #lxc-dev on irc.libera.chat.
A web chat client can be found here: Kiwi IRC

The LXD team is hiring

The LXD team at Canonical is currently looking for a Go software engineer to join our distributed team of engineers. We’re looking for candidates anywhere in Europe or the Americas!

All LXD positions are 100% remote with some travel for internal events and conferences.

LXD

With the advent of cluster join tokens (which are more secure than using a single shared trust password to join members to a cluster), now when setting up a new LXD cluster using lxd init the question that asks “Setup password authentication on the cluster?” has had its default value changed from “yes” to “no”, so that we encourage users to use join tokens going forward.

The persistent warning feature has had several new warning scenarios added to it:

  • Bridge network warning if AppArmor disabled on dnsmasq.
  • Bridge network warning if IPv6 subnet prefix larger than /64.
  • MAAS unable to connect warning.
  • Network start up failure warning.
  • Proxy device warning if netfilter is disabled.

There have been three instance import/export related bugs fixed in the past week:

  • An issue that was preventing non-optimized VM exports from being started after they were restored (due to incorrectly exporting the “config.mount” directory used as a temporary mount for the config drive share) has been fixed.
  • An issue that was causing problems starting VMs if there was a pending root drive resize scheduled after importing the VM has been fixed. This was caused when importing an optimized ZFS backup export because it was leaving an orphaned mount counter after the operation, which subsequently prevented the root disk from being resized on start.
  • An issue that was preventing non-optimized LVM (and Ceph) container imports in cases where the instance’s root disk had a size specified and the underlying resize2fs tool used to resize the ext4 filesystem came to the conclusion in its pre-resize estimates that the volume would not have sufficient size to be shrunk to the requested size. It turns out that these checks can sometimes (not always) be wrong, and passing the -f argument to resize2fs can allow the import to succeed. This doesn’t work in all cases (where there is truly not enough room to shrink to the desired size), but as this still causes the resize2fs command to fail and we will delete the volume on failure anyway, it is safe to pass the -f flag when importing backups without the risk of leaving the volume’s filesystem corrupted.

Still on the storage front, we have made the instance revert-on-failure logic be more careful when cleaning up the storage volume(s) it creates. Previously if you had manually removed the instance’s DB records and then tried to create a new instance which failed due to a conflicting storage volume then the instance revert clean up code would also remove the conflicting storage volume. This was undesirable as it could end up causing the unexpected removal of a storage volume on disk. We now only delete the underlying storage volume on failure if we succeeded in creating it in the first place (and thus know its LXD’s volume) during the instance create operation.

There has also been a fix to better detect the new idmapped mount support in liblxc. Some versions of liblxc come with support for idmapped rootfs but do not support idmapped mount entries. LXD will now only support those LXC versions that have full support.

To aid packagers of LXD there is a new build Makefile target that just performs the build and doesn’t attempt to pull any dependencies. It is then up to the packager to fulfil the dependencies however they see fit before running the build.

LXC

LXC will now actually report an error when failing to wire AppArmor.
An issue that was causing incorrect return values from lxc-autostart due to a miscalculated failed count has been fixed.
An API extension has been added so that LXD can detect full idmapped mount support.

Distrobuilder

We have added beta and rc support for AlmaLinux.
Work has continued on improving the systemd generator to fix networking issues in some images and to work towards ensuring that all our relevant images have a clean systemd start up process with no failed units.

Dqlite (database)

Dqlite 1.8.0 has been released with support for controlling node snapshot functionality. See the release notes for more details.

Youtube channel

We’ve started a Youtube channel with live streams covering LXD releases and its use in the wider ecosystem.

You may want to give it a watch and/or subscribe for more content in the coming weeks.

Contribute to LXD

Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors

Upcoming events

  • Nothing to report this week

Ongoing projects

The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.

  • Distrobuilder Windows support
  • Virtual networks in LXD
  • Various kernel work
  • Stable release work for LXC, LXCFS and LXD

Upstream changes

The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.

LXD

LXC

LXCFS

  • Nothing to report this week

Distrobuilder

Dqlite (RAFT library)

Dqlite (database)

Dqlite (Go bindings)

  • Nothing to report this week

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.

Ubuntu

  • Nothing to report this week

Snap

  • lxd: Cherry-picked upstream bugfixes
  • Switched the snap over to core20
2 Likes