Weekly status for the week of the 26th of June to the 2nd of July 2017.
Introduction
The highlight of this week was the release of LXD 2.15 on Tuesday. We’ve then been pushing a number of bugfixes on top of that, updating our packages for the most important fixes.
We’ve also kept busy with a lot of bug fixing across the board, ongoing refactoring and cleanup work on LXC as well as planned feature work on LXD.
Conferences
- We’ll be presenting at Debconf 2017 this August in Montreal, Canada.
- An introduction to LXD system containers by @stgraber
Ongoing projects
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- External authentication support for LXD servers
- Ceph as a LXD storage backend
- Making the LXD snap production ready
- Preparation for LXC 2.1
Upstream changes
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
LXD
- Added support for image copy cancellation.
- Fixed an issue when copying images using partial fingerprints.
- We implemented attaching storage volumes to containers (https://github.com/lxc/lxd/pull/3453). This was a feature we really wanted our users to have and had gotten quite some requests for it. In the good LXC/LXD tradition of being very careful when implementing new potentially security-sensitive features we wanted to make sure that we have a save solution for this. The spec which details the implementation is available at https://github.com/lxc/lxd/issues/3389.
- Users can now re-use an existing volume group that is not empty on LVM storage pools.
- “lxd shutdown” now doesn’t timeout by default.
- Add a new
security.idmap.base
which allows users to specify the base idmapping a container should use for unprivileged containers. - Added support for operation cancellation in the command line tool.
- Implemented support for transferring symlinks with “lxc file push”.
- Check that a disk device actually exists before trying to unmount it in the container.
- Fixed a hang during ExecContainer in the new client code.
- Fix pushing the current working directory to a container.
- Fixed “lxc publish” not showing the resulting fingerprint.
- Fixed “lxc launch” of containers without a name.
- Updated our tests to not depend on lxdbr0.
- Fixed a crash in the new operation cancellation code.
- Made the deprecation warning for the old client code more visible.
- Internal refactoring of ZFS pool creation functions.
- Extended our security documentation.
- Use sane permissions for intermediate directories with “lxc push -p”.
- Made it possible remove multiple devices with “lxc config device remove”.
- Improved error handling for file transfer commands.
- Fixed bad PID handling for dnsmasq.
- Added logic to the client tool to better handle snapshots that have a “:” in their names.
- Fixed the readonly option when adding a disk entry to a running container.
- Fixed a number of issues with “lxd import”.
- Improved error handling in container memory usage reporting.
LXC
- Fix “lxc-ls” to include running but non-defined containers.
- Use a separate abstract unix domain socket when the container starts daemonized. This makes container startup way more robust especially in heavily multi-threaded use-case like LXD.
- Remove obsolete macros from the codebase.
-
Wipe all deprecated network configuration keys (
lxc.network.*
) from the repo and replace them with the new network configuration keys (lxc.net.[i].*
). - Give the configuration file handling code a clearer structure.
- Fixed a memory leak.
- Removed the lxc.kmsg and lxc.pivotdir configuration keys and moved the LSM configuration keys to a new “lxc.lsm” namespace.
- Updated the API note for get_config_item.
- Renamed a large number of configuration keys to make things more consistent ahead of LXC 2.1.
- Have LXC always send state to the monitord if present.
- Have lxc-monitord exit when it receives the “quit” command.
- Add support for “–apt-conf” in the ALTLinux template.
- Clear a number of unused macros.
- Fix some warnings from cppcheck.
LXCFS
- Added the option to pass a debug flag in order to better debug
libfuse
.
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
Ubuntu
- LXD 2.15-0ubuntu1 was uploaded to the development release and PPAs.
- LXD 2.15-0ubuntu2 was uploaded with fixes related to the new client code.
- LXD 2.15-0ubuntu3 was uploaded with a fix to the new operation cancellation code.
- LXD 2.15-0ubuntu4 was uploaded with a fix for error handling of file operations.
- LXD 2.15 will be made available through backports later this week.
Snap
- The snap will now detect Debian systems and properly configure container nesting.
- The wrapper scripts now log their actions to the systemd log.
- The wrapper scripts were updated so that in most cases, refreshing the LXD snap will no longer cause all containers to be restarted.
- LXD 2.15 was uploaded to the candidate channel (will move to stable early this week)
- The snap was updated with fixes related to the new client code.
- The snap was updated with a fix for the new operation cancellation code.
- The snap was updated with a fix for error of file operations.