Weekly status for the week of the 25th April to the 1st May.

Introduction

The highlight of the past week was the release of LXD 5.1 which contains lots of fixes and improvements since the LXD 5.0 LTS release (these will also be included in the forthcoming 5.0.1 LTS release) as well as several new features.

In addition to that Distrobuilder 2.1 has also been released.

Please see the LXD release notes and live stream for more details:

https://www.youtube.com/watch?v=mj_4l5zCdG0

LXD

New features:

• Added syscall interception for the sysinfo syscall which allows LXD to emulate the memory and process information returned to the container based on its own usage and limits (rather than the host’s). This is useful when using OS images that do not use emulated /proc entries (provided by LXCFS) to get this information. This feature is controlled using the security.syscalls.intercept.sysinfo instance config option.
• The lxc storage volume info command now shows volume total size.
• Added the instances.nic.host_name server configuration key which allows changing the pattern used when creating new host side network interfaces for NIC devices. The default is random but it can now be specified as mac which will mean the instance NICs will use a host interface name derived from its MAC address on the instance side.

Improvements:

• Improved API response codes so that if trying to delete an entity that doesn’t exist a 404 Not Found response is returned instead of 500 Internal Server Error.
• Improves the resources API to handle nested devices.
• Validate all instances exist before deleting any of them in the lxc delete command, that way if a mixture of existent and non-existent instances are specified, none of them will be deleted and an error will be returned. Previously instances were deleted up until the first one that was not found, which could cause unexpected behavior if using an incorrect incantation like lxc delete <instance> <snapshot> rather than lxc delete <instance>/<snapshot> which would have resulted in the parent instance being deleted rather than only the snapshot.
• Add more default network timeouts to the HTTP clients.

Bug fixes:

• Handle long path names for VM virtiofsd sockets.
• Fixed NIC device removal cleanup on operation revert.
• More BTRFS optimized refresh fixes for different scenarios.
• Fixed several bugs affecting VMs running on LVM non-thin storage pools; allow copying a VM snapshot when the source VM is running, and allow unpacking an image larger that the default volume size.
• Fixed an issue when trying to add a client certificate twice. Now checks the supplied token/password for trusted admins as well. In the past this was not done which would return a misleading error Invalid certificate type.

LXC

Improvements:

• Switching to Meson build system.

LXCFS

Improvements:

• Improvements to Meson build system.

Distrobuilder

Improvements:

• Add viostor driver to Windows image build.

Dqlite (database)

Bug fixes:

• Fixed an issue where an unfinished transaction is causing issues after a leadership transfer. Dqlite now closes the gateway->leader and the SQLite connection it contains, causing ongoing requests to be canceled with LEADERSHIP_LOST and future requests will error out with SQLITE_NOTFOUND because the database is not opened.
• Remove legacy done field from exec struct.

Dqlite (Go bindings)

Bug fixes:

• Mark the connection as bad to the sql driver if the database is not found

LXD Charm

Improvements:

• Bundles prometheus2 stable channel.
• Start converting lxc invocations to use pylxd.
• Reduce time it takes to run charmcraft pack.

YouTube videos

The LXD team is running a YouTube channel with live streams covering LXD releases and weekly videos on different aspects of LXD. You may want to give it a watch and/or subscribe for more content in the coming weeks.

https://www.youtube.com/lxd-videos

Contribute to LXD

Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors

Upcoming events

• Nothing planned currently.

Ongoing projects

The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.

• Stable release work for LXC, LXCFS and LXD

Upstream changes

The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.

LXD

• Seccomp: Add syscall interception for sysinfo
• Moves swagger response definitions to response package.
• More generator flags
• shared/cert: Adds method for returning the public key as an x509 cert.
• DB: Returns a status error on create if entry already exists
• Doc: integrate with systemd-resolved
• DB: Error status not found if “delete one” affects zero rows.
• lxd/project: Allow sysinfo intercept
• lxd/device/disk: Handle long paths in virtiofsd
• gomod: Update github.com/canonical/go-dqlite to v1.11.1
• Instance: Fix NIC removal failure on revert
• lxd/resources: Handle nested devices
• lxc/file: Fix edit in snap environment
• Storage: Fix copy of running VM snapshot on non-thin LVM pool
• Allow overriding the cluster evacuation mode
• shared/api: nowadays various types of certs are accepted
• lxc/storage: Show new Total field
• test: Skip seccomp notify tests if seccomp notify not supported
• Fix BTRFS optimized refresh
• Adds simple wrapper for a cancellable context
• doc: mention that ECDSA cert generation requires openssl 1.1.0+
• Storage: Fix unpacking image larger than default volume size for non-thin LVM pools
• lxc/delete: Validate instances ahead of time
• Fix btrfs issue “cannot find parent subvolume”
• lxd/secommp: Fix sysinfo syscall interception on 32 bit platforms
• Client: Add some default timeouts
• lxd/certificates: Check token for trusted admins
• doc: Fix typos

LXC

• Meson improvements
• More meson fixes

LXCFS

• meson: Syntax nit

Distrobuilder

• windows: Add viostor driver
• shared/version: Bump version to 2.1

Dqlite (RAFT library)

• Nothing to report this week

Dqlite (database)

• Close leader connection
• Revert “Close leader connection”
• Close leader sql connection
• Remove the legacy “done” field from struct exec

Dqlite (Go bindings)

• Err not found
• app_test: Increase timeouts of flaky tests on armhf

LXD Charm

• Fix addresses list returned by https relation-changed
• bundles: prometheus2 stable channel now has what we need
• Convert many invocations of lxc to pylxd
• Faster charmcraft pack
• Go back to latest/stable channel for Juju snap

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.

Ubuntu

• Nothing to report this week

Snap

• lxd: Bump to 5.1
• lxd: Cherry-pick upstream bugfixes