Weekly status for the week of the 11th April to the 17th April.
Introduction
This past week has been focused on working through our issues backlog and trying to resolve as many of them as possible to coincide with the Ubuntu Jammy release so they can be cherry-picked into the 5.0/stable
snap channel as well.
In addition to that, following on from the recent 5.0 LTS LXD release, @stgraber has added a video covering the key changes from the 4.0 LTS series for those planning the upgrade:
https://www.youtube.com/watch?v=UuKTqhpRphk
LXD
New features:
- Added the ability to derive the LXD host side NIC interface name from the instance’s MAC address. Normally these are either randomly named or can be manually specified using the
<device>.host_name
setting. However sometimes it is useful to be able to derive what the host side interface name will be before starting the instance (such as when generating a firewall rule set for the LXD host), and without having to specify it manually for every instance. To accommodate this we have a server-wide setting calledinstances.nic.host_name
which defaults torandom
but can be set tomac
to have the host side interfaces derived from the instance’s MAC address (that stored in<device>.hwaddr
orvolatile.<device>.hwaddr
).
Improvements:
- Replaced the
forkuserns
C helper with Go’s native uid/gid map functionality inos.Exec
. This is used when starting the VM virtio disk proxy helper processes in their own user namespace and avoids having to maintain a separate C based helper program. - Set
msize
for VM 9p mounts to improve performance. - Changed ZFS optimized volume copying to send in raw mode. This avoids decompressing the dataset that is streamed, which is faster and results in smaller streams if the dataset was compressed to begin with. This also has 2 advantages for encrypted datasets; you don’t need to load the key and you are not sending plaintext datasets. This is useful when backing up to an untrusted server.
- Improved instance driver compatibility errors. Instead of just reporting that an instance driver isn’t supported, report the reason for which it was marked as unsupported.
- The LXD API now returns contextual not found errors messages (along with the 404 HTTP status code) indicating which entity type was not found. E.g. instead of “Not found” it now returns “Instance not found”. This helps identify the problem when the operation being tried could fail for multiple not found reasons.
- Switched to
qemu-img convert
fromqemu-img dd
for VM image management, and enable the use of direct I/O where possible, to avoid polluting the page cache. - Restricted length of instance device names to 64 characters and removed the 27 character limit on
disk
devices. To workaround the previous limit imposed by QEMU we now use a SHA1 hash of the disk device name if the length is over 27 characters. - Added
GetMetrics
function to the LXD Go client package.
Bug fixes:
- Prevented the
pool
property of the rootdisk
device from being changed in the instance’s config. The way to move an instance between pools islxc move <instance> -s <target pool>
. - Prevented deletion of the following volatile keys;
volatile.idmap.base
,volatile.idmap.current
,volatile.idmap.next
andvolatile.last_state.idmap
as removing these keys when previously set will prevent the instance from operating correctly due to mismatched on-disk file shifting properties. This change is designed to prevent the scenario were an instance is created (and the volatile keys are generated by LXD) and then a subsequent API update of the config for the instance arrives without re-reading the instance’s config and effectively tries to remove the generated volatile keys. - Fixed an issue where percent characters in devlxd strings were being incorrectly treated as format specifiers.
- Fixed an issue preventing
disk
mounting inside VMs usinglxd-agent
. - Fixed an issue preventing guest initiated restart of ephemeral instances.
- Fixed missing redirect when fetching instance volume state for a volume on another cluster member.
- Fixed an issue that was preventing cluster member join when using a project that had
restricted.networks.subnet
setting enabled. - Fixed an issue with VM stateful snapshots when used with QEMU >= 6.2.
- Fixed an issue that could allow
lxc console
for one VM to connect to the console of a different VM. - Fix AppArmor denial for ramfs.
Dqlite (RAFT library)
New features:
- Added option that allows an application to choose which network address and port the listening socket will bind to.
Dqlite (database)
Improvements:
- Added shallow snapshot functionality.
YouTube videos
The LXD team is running a YouTube channel with live streams covering LXD releases and weekly videos on different aspects of LXD. You may want to give it a watch and/or subscribe for more content in the coming weeks.
https://www.youtube.com/lxd-videos
Contribute to LXD
Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors
Upcoming events
- Nothing planned currently.
Ongoing projects
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- Stable release work for LXC, LXCFS and LXD
Upstream changes
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
LXD
- Add global config option instances.nic.host_name
- Error improvements
- lxc/instance/drivers: Do not update root device pool
- Database Refactor: Remove UsedBy/Config from Projects
- test: drop dependency on uuidgen
- Replace
forkuserns
with Go’s native uid/gid map - Set msize for 9p mounts
- Improve PTY error and prevent volatile key deletion
- lxd/util: Extend tests for CanonicalNetworkAddress
- Fix format string expansion in devlxd
- doc: make it explicit that automake is needed to build LXD
- lxd/main_init_interactive: Mention port
- tests: Add test for instances.nic.host_name
- lxd/storage/drivers/zfs: Use -w flag with
zfs send
if possible - Comment updates for upcoming godoc/gofmt changes
- Show instance driver startup errors
- Re-enable some clustering unit tests
- LXD: Updates ConnectIfInstanceIsRemote to return client preconfigured with instance’s project
- Migration: Improve errors returned when failing to read control message
- VM: Look for QEMU helpers in /usr/libexec/
- lxd: Switch to using api.StatusErrorCheck where appropriate
- lxd/storage/drivers/zfs: send -w is possible since 0.8.0
- VM: Use qemu-img convert rather than qemu-img dd and use direct I/O where possible
- lxd/device: Increase device name length restriction to 64 chars
- lxd-agent: Fix trans= handling
- Fix user triggered restart of ephemeral instances
- client: Add GetMetrics
- Bugfixes
- Cluster: Allow member join when a project has
restricted.networks.subnets
- VM: Fix stateful snapshot with QEMU >= 6.2
- Switch QEMU text console to socket
- lxd/apparmor: Treat ramfs the same as tmpfs
LXC
- Nothing to report this week
LXCFS
Distrobuilder
Dqlite (RAFT library)
Dqlite (database)
- Shallow snapshot
- client: don’t convert between uint64_t and unsigned long
- test_fsm test_cluster: loop variable → int
Dqlite (Go bindings)
- Nothing to report this week
LXD Charm
- Nothing to report this week
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
Ubuntu
- Nothing to report this week
Snap
- lxd: Cherry-pick upstream bugfixes