Weekly Update Templates(5)960×540 53.4 KB

Introduction

The highlight of the past week was the release of LXD 4.23, this includes 4 new features from our roadmap and several other improvements, along with lots of smaller bug fixes and improvements.

@stgraber will be going through the release in his next video:

https://www.youtube.com/watch?v=yIVJKlgKJAQ

LXD

The minimum Go version supported for LXD is now Go 1.16.

New features:

• Unified migration tool called lxd-migrate, please see LXD 4.23 release notes for details.
• Token based remote connection, please see LXD 4.23 release notes for details.

Improvements:

• Added end-of-line marker to metrics output and reduces metrics caching to 8s to accommodate the default Prometheus scrape time of 15s.
• Optimised and reduced database queries to improve the speed of instance creation when operating a cluster over a high latency network (>10ms).
• Added the trusted cluster member’s certificate fingerprint into the HTTP request context (using the username field) to allow for intra-cluster requests to verify which cluster member the request is coming from - this will be initially used for setting up intra-cluster event listener filtering.
• Added several improvements to the events subsystem as a precursor to the forthcoming event-hub functionality; replaces the isLocal concept with specific event source definitions (so we can tell whether an event was generated locally, pulled via a remote listener or push from a remote client), and replaces the listener level local server location with a server level local location field, which means we no longer need to perform a deep-copy of each event as its sent to each listener.

Bug fixes:

• Fixed an intermittent crash in lxc exec.
• Added checks for IPv6 being enabled before trying to setup reverse path filter on routed NIC.
• Fixed cluster failover problem when the leader closes down cleanly and remaining non-leaders don’t properly close the remote connection to the former leader causing database transaction errors.
• Now checks that the VM lxd-agent process is running inside the VM guest using the QEMU ringbuffer status check, before trying to connect to it via the vsock connection. This avoids vsock connections hanging if the agent isn’t running.
• Reworked concurrency model of lxc console for VGA mode to ensure proper socket and channel cleanup.

Dqlite (RAFT library)

Bug fixes:

• Fixed a bug that came up during jepsen tests: barrier before every snapshot.

Dqlite (Go bindings)

Improvements:

• Updated the Dqlite App to write “Switching Protocols” header to hijacked response of external connections, as this will always be needed and saves the calling user needing to do it.

YouTube videos

The LXD team is running a YouTube channel with live streams covering LXD releases and weekly videos on different aspects of LXD. You may want to give it a watch and/or subscribe for more content in the coming weeks.

https://www.youtube.com/lxd-videos

Contribute to LXD

Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors

Upcoming events

• Nothing planned currently.

Ongoing projects

The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.

• Reworked cluster event distribution mechanism
• New unified P2C/P2V tooling
• Token based remote add
• Network ACL log API
• Prometheus & grafana integration with the LXD charm
• Various kernel work
• Stable release work for LXC, LXCFS and LXD

Upstream changes

The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.

LXD

• Unified migration tool lxd-migrate
• Token based remote connection
• NIC: Don’t attempt to configure IPv6 reverse path filter on routed NIC if IPv6 not enabled
• Exec: Add channel closed check before writing in ExecReaderToChannel
• doc/instances: Fix bridged NIC ipv{n}.address docs indicating none is valid value
• lxd/metrics: add EOL marker
• Rework metrics caching and filtering
• Varied fixes (console, certificate, trust store)
• Download doc assets
• Instance: Optimise DB queries during instance creation
• lxd/db: Uses api.URL to build used-by urls for storage pools.
• lxc: Translate all errors
• doc: fix path to image in the header
• Cluster: Fix non-leader transaction errors when leader shuts down cleanly
• VM: Check lxd-agent is running (via QEMU status ringbuffer) before attempting to connect
• Assorted fixes ahead of 4.23
• lxc/console: Rework concurency model for vga
• github: Update for current min Go version (1.16)
• lxd-agent: Fix bad copy/paste
• lxd/daemon: Fix http response error typos
• lxd-migrate: Support certificate tokens
• Daemon: Add the trusted cluster member fingerprint to the request context username field
• Events: Replaces isLocal concept with event source
• Events: Replaces listener level server location with server level location
• go.mod: bump github.com/mdlayher/vsock@v1.0.1

LXC

• Nothing to report this week

LXCFS

• Nothing to report this week

Distrobuilder

• Nothing to report this week

Dqlite (RAFT library)

• uv: barrier before every snapshot

Dqlite (database)

• Nothing to report this week

Dqlite (Go bindings)

• External Connection: Write hijacked response header

LXD Charm

• Nothing to report this week

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.

Ubuntu

• Nothing to report this week

Snap

• libusb: Bump to 1.0.25
• nvidia-container: Bump to 1.8.0
• spice-protocol: Bump to 0.14.4
• sqlite: Bump to 3.37.2
• lxd: Bump to 4.23
• lxd: Cherry-pick upstream bugfixes
• ovn: Include ovn-sbctl