Weekly status for the week of 1st May to 7th May.
Introduction
Last week the LXD team were in Prague for the Canonical Engineering sprint. It was a great opportunity for the team to meet in person and work together, as well as discuss future plans both within the team and with other teams at Canonical.
Here is a photo of the LXD team members, including the Cloud and UI teams.
Pictured from top left are: Thomas Parrott, Thomas Hipp, Ruth Fuchss, Gabriel Mougard, Simon Déziel, Eric Gelinas, Miona Aleksic, Michele Lo Russo, Alexandra Bakalova, Aleksandr Mikhalitsyn, Mark Laing, Max Asnaashari, and Stephane Graber.
David Edler is also on the LXD UI team, but unfortunately he was unable to attend the Prague sprint.
Additionally @stgraber has added a video introducing the new LXD UI project, with an early look at how to set it up and what features it includes so far:
https://www.youtube.com/watch?v=wqEH_d8LC1k
See A graphical user interface for LXD for more information.
Job openings
Canonical Ltd. strengthens its investment into LXD and is looking at building multiple squads under the technical leadership of @stgraber.
As such, we are looking for first line managers (highly technical) and individual contributors to grow the team and pursue our efforts around scalability and clustering.
All positions are 100% remote with some travel for internal events and conferences.
For more info please see LXD related openings at Canonical Ltd (2022-2023)
LXD
New features:
- Added support for browser OIDC login.
Improvements:
- Changed the default behaviour of
lxc publishto that it fails the publish if the alias already exists, and added a--reuseflag as a way to override that which will lead to the current image being deleted and replaced. - Improved the flexibility of the devID matching for IO stats in the metrics subsystem to workaround bugs in some versions of the Linux kernel.
- Added
lxc freezeas an alias tolxc pausefor consistency with theFROZENstate that the instance enters. This is for conceptual consistency with the LXD UI.
Bug fixes:
- Fixed an issue where copying/refreshing a local storage pool volume in a cluster from one member to another would fail.
- Fixed an issue when upgrading from LXD 3.x to 4.x and then onto 5.x where the instance snapshot records that are created in
storage_volumes_snapshotstable are not removed from thestorage_volumestable. - Fixed two issues with
/dev/lxdissue from inside VMs (when usinglxd-agent). The first was the it was not possible to access/dev/lxdwhen using nested VMs. The 2nd issue was that when a cluster was being initialized the new cluster certificate was not applied to thelxd-agent/dev/lxdlistener and so failed to work on the first cluster member. - Fixed an issue that allowed any authenticated user to create a cluster group. Now only admins can do it.
LXD Charm
Improvements:
- Gracefully handle when the remote unit/app is already gone.
- Add more type hints and improve set_peer_data helpers.
YouTube videos
The LXD team is running a YouTube channel with live streams covering LXD releases and weekly videos on different aspects of LXD. You may want to give it a watch and/or subscribe for more content in the coming weeks.
https://www.youtube.com/lxd-videos
Contribute to LXD
Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors
Upcoming events
- Nothing to report this week
Ongoing projects
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- Stable release work for LXC, LXCFS and LXD
Upstream changes
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
LXD
- lxc/storage_volume: Set target before getting storage volume
- Add
--reuseflag forpublishcommand - lxd/db: remove the old snapshot records in the storage_volumes table
- Add support for browser OIDC login
- oidc: Use email scope/claim
- tests: Clean storage pools in scriplet tests
- lxd/cgroup: Better matching of devID and io stats
- SECURITY: Add GPG keys
- lxc/action: Add freeze as alias to pause
- oidc: Always set OIDC headers if needed in case of an error
- Fix declaration order for text fields to be unmarshaled
- lxd/storage/backend/lxd/patches: Fix storage_delete_old_snapshot_records so it runs on older sqlite versions
- oidc: Return and handle Unauthorized error
- lxd/cgroup: use
cg.GetProcessesUsageinstead ofcg.GetTotalProcessesand fix error values inconsistency - Instance: Fix VM /dev/lxd connections from lxd-agent to LXD on host when nesting
- lxc/config: Don’t crash on nil map
- cluster: Disable cluster group creation by anyone authenticated
- Instance: Fix incorrect vm vsock listener certificate for lxd-agent /dev/lxd when setting up a cluster
LXC
LXCFS
- Nothing to report this week
Distrobuilder
- Nothing to report this week
LXD Charm
- Misc fixes
- Gracefully handle when the remote unit/app is already gone
- Add more type hints and improve set_peer_data helpers
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
Ubuntu
- Nothing to report this week
Snap
- Nothing to report this week