Weekly status for the week of the 2nd of August to the 8th of August.
The LXD team at Canonical is currently looking for a Go software engineer to join our distributed team of engineers. We’re looking for candidates anywhere in Europe or the Americas!
All LXD positions are 100% remote with some travel for internal events and conferences.
- When attaching custom block volumes to VMs there is no ability to specify a filesystem mount path (because LXD doesn’t know that there is even a filesystem on the block volume). To avoid confusion LXD checks that no filesystem mount path has been specified by the user and returns an error if it is. However previously this required explicitly passing an empty argument to the
lxc storage volume attachcommand (as the
lxctool itself was requiring the presence of the mount path argument, even if empty). This has now been updated so that the mount path argument is optional in the
lxcCLI and it is left to LXD to check whether it is required or not based on the volume type.
bridgenetworks LXD previously added firewall rules to the host system to allow DHCP and DNS from the instances to the LXD dnsmasq server. This has now been extended to allow specific ICMP types to allow for IPv6 router advertisements and IPv6 router solicitations from the instances, in case these would have been dropped by an existing firewall rule.
- There have been several improvements to the
lxd recovercommand, including pre-scanning all of the detected unknown volumes when restoring the storage pool DB record so we can prefer to restore it from an instance config backup file rather than the user specified config entered during the recovery scan stage, so that we have a full config that was previously taken from the database.
- The internal database query code generator has been seeing some improvements to make it more consistent, cleaner, and safer (ensuring that all filter parameters supplied are actually used when querying or throwing an error if not usable rather than silently being ignored which could have lead to unexpected result sets).
- We have made the Ceph config parser more tolerant in order for it to support more variations in the external config definitions.
- Improvement to the AppArmor rules to make systemd happier when running inside unprivileged containers (affected Centos 8) which was previously causing periodic error messages on the host.
raw.lxcconfig key is documented as appending custom liblxc config to the LXD generated liblxc config file. However this was not always the case as the dynamic device config was added to the config file after the
raw.lxccontent, which was preventing it from overriding NIC level config from that setting. This has now been fixed.
- Allow instance cross-pool moves without triggering a duplicate MAC address error. The recently added duplicate MAC and IP address checks were incorrectly being triggered when performing a cross-pool instance move due to the fact that LXD creates a new temporary instance on the new pool before removing the old one. To workaround this temporary duplicate instance, we now use the
volatile.uuidconfig key to discount this new instance from the duplicate checks if it matches the source.
- Several improvements and bug fixes to the recently added cluster evacuation feature to make the process handle more instance states.
- A fix to to the recently added
lxd recoverfeature to handle ZFS pools that are named different than the LXD storage pool name.
- A regression that prevented containers with empty network namespaces from being started has been fixed.
- Support ISO generation with mkiofs.
- Disable overlay FS on FUSE filesystems.
- Fixed a regression in the unified tarball generation caused by the recent compression feature changes.
- OpenWRT fixes.
- Adds Recover V2 command that supports server roles.
- Fix issues with
- Adds a new
.reconfigurecommand to force a new config into the raft cluster for recovery.
We’ve started a Youtube channel with live streams covering LXD releases and its use in the wider ecosystem.
You may want to give it a watch and/or subscribe for more content in the coming weeks.
Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors
- Nothing to report this week
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- Distrobuilder Windows support
- Virtual networks in LXD
- Various kernel work
- Stable release work for LXC, LXCFS and LXD
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
- Tweak lxc info
- Generator: Parameterized delete
- Generator: ID and UUID casing
- Recovery: Prefer restoring pool config from instance backup file over user input if available
- Generator: Remove wildcard support
- doc: Add events doc to navigation
- Recovery: Improve tests and cephfs support
- Storage: Prevent custom block volume export
- lxc/init: When using network flag support managed networks
- lxd/device/disk: Update comment regading custom block volumes
- lxc/storage: Allow attaching custom block volumes to VMs
- Instance: Don’t trigger duplicate NIC warnings when performing cross-pool move
- lxd: Hide built-in completion command
- Instance: Prevent starting an instance whilst it is being created
- syscall_wrappers: don’t conflict with glibc provided close_range()
- lxd/apparmor: Allow remount using strictatime
- Generator: Use Pointers for Filter fields.
- Allow ICMP to/from LXD networks
- Improve ceph config parser
- global: Disable the completion command
- lxd/instance/lxc: Rework raw.lxc handling
- Fix some ZFS issues with
- lxd/cluster: Fix some early issues with cluster evacuation/restore
- More cluster evacuation fixes
- mount_utils: introduce mount_at()
- conf: rootfs mount option fixes
- network: fix container with empty network namespaces
- Nothing to report this week
- windows: Disable overlay on FUSE filesystems
- image: Fix unified LXD tarballs
- sources/openwrt: Remove verification
- main: Support ISO generation with mkisofs
- Nothing to report this week
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
- LXC 4.0.10 made it to Ubuntu Impish
- lxd: Update to 4.17
- lxd: Cherry-pick upstream bugfixes