Weekly status #244


Weekly status for the week of the 11th April to the 17th April.

Introduction

This past week has been focused on working through our issues backlog and trying to resolve as many of them as possible to coincide with the Ubuntu Jammy release so they can be cherry-picked into the 5.0/stable snap channel as well.

In addition to that, following on from the recent 5.0 LTS LXD release, @stgraber has added a video covering the key changes from the 4.0 LTS series for those planning the upgrade:

LXD

New features:

  • Added the ability to derive the LXD host side NIC interface name from the instance’s MAC address. Normally these are either randomly named or can be manually specified using the <device>.host_name setting. However sometimes it is useful to be able to derive what the host side interface name will be before starting the instance (such as when generating a firewall rule set for the LXD host), and without having to specify it manually for every instance. To accommodate this we have a server-wide setting called instances.nic.host_name which defaults to random but can be set to mac to have the host side interfaces derived from the instance’s MAC address (that stored in <device>.hwaddr or volatile.<device>.hwaddr).

Improvements:

  • Replaced the forkuserns C helper with Go’s native uid/gid map functionality in os.Exec. This is used when starting the VM virtio disk proxy helper processes in their own user namespace and avoids having to maintain a separate C based helper program.
  • Set msize for VM 9p mounts to improve performance.
  • Changed ZFS optimized volume copying to send in raw mode. This avoids decompressing the dataset that is streamed, which is faster and results in smaller streams if the dataset was compressed to begin with. This also has 2 advantages for encrypted datasets; you don’t need to load the key and you are not sending plaintext datasets. This is useful when backing up to an untrusted server.
  • Improved instance driver compatibility errors. Instead of just reporting that an instance driver isn’t supported, report the reason for which it was marked as unsupported.
  • The LXD API now returns contextual not found errors messages (along with the 404 HTTP status code) indicating which entity type was not found. E.g. instead of “Not found” it now returns “Instance not found”. This helps identify the problem when the operation being tried could fail for multiple not found reasons.
  • Switched to qemu-img convert from qemu-img dd for VM image management, and enable the use of direct I/O where possible, to avoid polluting the page cache.
  • Restricted length of instance device names to 64 characters and removed the 27 character limit on disk devices. To workaround the previous limit imposed by QEMU we now use a SHA1 hash of the disk device name if the length is over 27 characters.
  • Added GetMetrics function to the LXD Go client package.

Bug fixes:

  • Prevented the pool property of the root disk device from being changed in the instance’s config. The way to move an instance between pools is lxc move <instance> -s <target pool>.
  • Prevented deletion of the following volatile keys; volatile.idmap.base, volatile.idmap.current, volatile.idmap.next and volatile.last_state.idmap as removing these keys when previously set will prevent the instance from operating correctly due to mismatched on-disk file shifting properties. This change is designed to prevent the scenario were an instance is created (and the volatile keys are generated by LXD) and then a subsequent API update of the config for the instance arrives without re-reading the instance’s config and effectively tries to remove the generated volatile keys.
  • Fixed an issue where percent characters in devlxd strings were being incorrectly treated as format specifiers.
  • Fixed an issue preventing disk mounting inside VMs using lxd-agent.
  • Fixed an issue preventing guest initiated restart of ephemeral instances.
  • Fixed missing redirect when fetching instance volume state for a volume on another cluster member.
  • Fixed an issue that was preventing cluster member join when using a project that had restricted.networks.subnet setting enabled.
  • Fixed an issue with VM stateful snapshots when used with QEMU >= 6.2.
  • Fixed an issue that could allow lxc console for one VM to connect to the console of a different VM.
  • Fix AppArmor denial for ramfs.

Dqlite (RAFT library)

New features:

  • Added option that allows an application to choose which network address and port the listening socket will bind to.

Dqlite (database)

Improvements:

  • Added shallow snapshot functionality.

YouTube videos

The LXD team is running a YouTube channel with live streams covering LXD releases and weekly videos on different aspects of LXD. You may want to give it a watch and/or subscribe for more content in the coming weeks.

Contribute to LXD

Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors

Upcoming events

  • Nothing planned currently.

Ongoing projects

The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.

  • Stable release work for LXC, LXCFS and LXD

Upstream changes

The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.

LXD

LXC

  • Nothing to report this week

LXCFS

Distrobuilder

Dqlite (RAFT library)

Dqlite (database)

Dqlite (Go bindings)

  • Nothing to report this week

LXD Charm

  • Nothing to report this week

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.

Ubuntu

  • Nothing to report this week

Snap

  • lxd: Cherry-pick upstream bugfixes
2 Likes