Weekly status for the week of the 19th to the 25th of June 2017.
Introduction
This week was a bit less busy than usual due to half the team taking some well deserved vacation time and the LXD 2.15 release being just around the corner.
Conferences and talks
Christian Brauner (@brauner) presented LXD at Tübix (Tübingen, Germany).
Part of the LXD team will be travelling to Los Angeles, CA in September for the Open Source Summit, the Linux Security Summit and the Linux Plumbers Conference.
As part of that, we’ll be giving the following talks:
- Introduction to system containers (@brauner)
- GPU, USB, NICs and Other Physical Devices in Your Containers (@stgraber)
- Condensing Your Infrastructure Using System Containers (@stgraber)
- Containers micro-conference
Ongoing projects
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- External authentication support for LXD servers
- Ceph as a LXD storage backend
- LXD background operation cancellation
- Making the LXD snap production ready
- Preparation for LXC 2.1
Upstream changes
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
LXD
- The LXD command line tool has been ported to use the new client library.
- LXD community members are looking to implement a CRI shim for LXD and there’s a repository for this work now.
So if anyone wants to work on this the LXD team is happy to help with advice and reviews. Just get in touch either on the linked repository or on the Github issue. - Switched LXD over to use the new network configuration keys when an appropriate LXC version is detected.
- LXD will now only generate firewall rules when needed.
- Fixed a bug that was preventing image downloads using the direct protocol.
- Fixed handling of POLLNVAL in our exec code to prevent endless
poll()
loop.
LXC
- Implement version 2 of the new network parser
We’ve discussed the new network parser we’ve merged last week again in more detail and we realized that some existing use-cases we’re currently supporting in the old network parser would be broken by the new parser. As we’ve pointed out many times before, we’re strongly committed to backwards compatibility and not breaking existing use-cases. That’s why we decided to take a new approach. Instead of trying to mangle the old parser and new parser to come up with something that allows a smooth transition we will simply deprecate the oldlxc.network.*
configuration keys and replace them withlxc.net*.
keys. We will start markinglxc.network.*
keys deprecated withLXC 2.1
and completely remove them withLXC 3.0
. In the meantime we will support the full-blown old legacy parser and the new network parser. - Fixed a memory leak in the tty handling code.
- Update the Japanese translation of the manpages.
- Correctly detect blocked signals in a process blocked signal mask (https://github.com/lxc/lxc/pull/1628, https://github.com/lxc/lxc/pull/1630).
- Correctly generate
lxc.pc
prefix. - Fix a memory leak in attach code.
- More work on preparing
LXC 2.1
.- Proper namespacing for security keys
- Removed
lxc.kmsg
- Removed
lxc.pivotdir
- Made the Centos template default to version 7.
- Fixed arm64 detection in the Debian template.
- Fixed support for non-x86 architectures in the Centos template.
LXCFS
- Updated the README to reflect that
LXCFS
is useable by different runtimes. - Made sure that cgroups are mounted before
LXCFS
is started onsysvinit
systems.
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
Ubuntu
- LXD was updated in Ubuntu to cherry-pick the image direct download fix.
- LXCFS was updated in Ubuntu to cherry-pick the btime revert (fixes “ps” start time).
- LXC 1.0.10 was pushed to users of Ubuntu 14.04 LTS.
- LXD 2.0.10 was pushed to users of Ubuntu 16.04 LTS.
- LXC 2.0.8 was pushed to users of Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04.
Snap
- Update to cherry-pick the LXD image direct download fix.
- Update to cherry-pick the LXCFS btime fix.
- The snap now bumps the inotify instances limit to 1024 (if currently below 1024).
- A small change to the snapcraft recipe was made to fix a build regression with LXC from git master.