Weekly status for the week of the 25th April to the 1st May.
The highlight of the past week was the release of LXD 5.1 which contains lots of fixes and improvements since the LXD 5.0 LTS release (these will also be included in the forthcoming 5.0.1 LTS release) as well as several new features.
In addition to that Distrobuilder 2.1 has also been released.
Please see the LXD release notes and live stream for more details:
- Added syscall interception for the
sysinfosyscall which allows LXD to emulate the memory and process information returned to the container based on its own usage and limits (rather than the host’s). This is useful when using OS images that do not use emulated
/procentries (provided by LXCFS) to get this information. This feature is controlled using the
security.syscalls.intercept.sysinfoinstance config option.
lxc storage volume infocommand now shows volume total size.
- Added the
instances.nic.host_nameserver configuration key which allows changing the pattern used when creating new host side network interfaces for NIC devices. The default is
randombut it can now be specified as
macwhich will mean the instance NICs will use a host interface name derived from its MAC address on the instance side.
- Improved API response codes so that if trying to delete an entity that doesn’t exist a 404 Not Found response is returned instead of 500 Internal Server Error.
- Improves the resources API to handle nested devices.
- Validate all instances exist before deleting any of them in the
lxc deletecommand, that way if a mixture of existent and non-existent instances are specified, none of them will be deleted and an error will be returned. Previously instances were deleted up until the first one that was not found, which could cause unexpected behavior if using an incorrect incantation like
lxc delete <instance> <snapshot>rather than
lxc delete <instance>/<snapshot>which would have resulted in the parent instance being deleted rather than only the snapshot.
- Add more default network timeouts to the HTTP clients.
- Handle long path names for VM virtiofsd sockets.
- Fixed NIC device removal cleanup on operation revert.
- More BTRFS optimized refresh fixes for different scenarios.
- Fixed several bugs affecting VMs running on LVM non-thin storage pools; allow copying a VM snapshot when the source VM is running, and allow unpacking an image larger that the default volume size.
- Fixed an issue when trying to add a client certificate twice. Now checks the supplied token/password for trusted admins as well. In the past this was not done which would return a misleading error
Invalid certificate type.
- Switching to Meson build system.
- Improvements to Meson build system.
- Add viostor driver to Windows image build.
- Fixed an issue where an unfinished transaction is causing issues after a leadership transfer. Dqlite now closes the
gateway->leaderand the SQLite connection it contains, causing ongoing requests to be canceled with
LEADERSHIP_LOSTand future requests will error out with
SQLITE_NOTFOUNDbecause the database is not opened.
- Remove legacy
- Mark the connection as bad to the sql driver if the database is not found
- Bundles prometheus2 stable channel.
- Start converting
lxcinvocations to use
- Reduce time it takes to run
The LXD team is running a YouTube channel with live streams covering LXD releases and weekly videos on different aspects of LXD. You may want to give it a watch and/or subscribe for more content in the coming weeks.
Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors
- Nothing planned currently.
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- Stable release work for LXC, LXCFS and LXD
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
- Seccomp: Add syscall interception for sysinfo
- Moves swagger response definitions to response package.
- More generator flags
- shared/cert: Adds method for returning the public key as an x509 cert.
- DB: Returns a status error on create if entry already exists
- Doc: integrate with systemd-resolved
- DB: Error status not found if “delete one” affects zero rows.
- lxd/project: Allow sysinfo intercept
- lxd/device/disk: Handle long paths in virtiofsd
- gomod: Update github.com/canonical/go-dqlite to v1.11.1
- Instance: Fix NIC removal failure on revert
- lxd/resources: Handle nested devices
- lxc/file: Fix edit in snap environment
- Storage: Fix copy of running VM snapshot on non-thin LVM pool
- Allow overriding the cluster evacuation mode
- shared/api: nowadays various types of certs are accepted
- lxc/storage: Show new Total field
- test: Skip seccomp notify tests if seccomp notify not supported
- Fix BTRFS optimized refresh
- Adds simple wrapper for a cancellable context
- doc: mention that ECDSA cert generation requires openssl 1.1.0+
- Storage: Fix unpacking image larger than default volume size for non-thin LVM pools
- lxc/delete: Validate instances ahead of time
- Fix btrfs issue “cannot find parent subvolume”
- lxd/secommp: Fix sysinfo syscall interception on 32 bit platforms
- Client: Add some default timeouts
- lxd/certificates: Check token for trusted admins
- doc: Fix typos
- Nothing to report this week
- Close leader connection
- Revert “Close leader connection”
- Close leader sql connection
- Remove the legacy “done” field from struct exec
- Fix addresses list returned by https relation-changed
- bundles: prometheus2 stable channel now has what we need
- Convert many invocations of
- Go back to
latest/stablechannel for Juju snap
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
- Nothing to report this week
- lxd: Bump to 5.1
- lxd: Cherry-pick upstream bugfixes