lxd58.png1920×1080 58.6 KB

Introduction

The main highlight for this past week was the release of LXD 3.3!

We managed to get quite a few last minutes tweak and improvements into LXD just before the 3.3 release, including improvements to the FAN bridge, a number of new network configuration keys and NAT support in the proxy device!

On the LXC side, the highlight for this week was the addition of native AppArmor profile generation, including support for namespacing and stacking of AppArmor profiles.

Upcoming conferences and events

• Open Source Summit North America - Vancouver, BC (August 29-31)
• Linux Plumbers Conference - Vancouver, BC (November 13-15)

Getting started with LXD workshop in Vancouver

@brauner and @stgraber will be giving a “Getting started with LXD” workshop as part of the Open Source Summit North America conference in Vancouver, BC.

Details can be found here: http://sched.co/FANz

Ongoing projects

The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.

• Add support for custom volume snapshots
• Improve integration with macaroon/candid
• Switching distribution building over to distrobuilder
• Improved clustering performance
• Various kernel work
• Stable release work for LXC, LXCFS and LXD

Upstream changes

The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.

LXD

• Added support for NAT to the proxy device
• Fixed unit parsing to support both metric and IEC units
• Added option to change NAT rule ordering on LXD managed networks
• Fixed LVM configuration keys to be node-specific when in a cluster
• Converted the LVM fix to be a patch rather than schema update
• Tweaked FAN bridge handling of unusual MTU and odd subnets
• Added a new bridge.hwaddr configuration key for LXD managed networks
• Tweaked the initial message when running the lxc command
• Added support for downloading images through devlxd
• Fixed querying ZFS module version as an unprivileged user
• Fixed bad DHCPv6 port number in IPv6 firewall
• Released LXD 3.3
• Removed container name in backup and snapshot API entries
• Cleaned up some error messages
• Fixed lxc-to-lxd unit tests
• Fixed remote add to properly support translations
• Fixed internal type for security.uid/security.gid in proxy devices
• Fixed a typo in the storage documentation
• Fixed bad packet stats logic in container state

LXC

• Improved rootfs setup
• Added AppArmor profile generation and support for namespaces and stacking
• Fixed bad indentation in lxccontainer.c
• Added a new lxc_iterate_parts function and switch to gnu11 standard
• Fixed bad license header in NVIDIA hook
• Fixed NULL pointer derefence in netlink code
• Did some refactoring around pipes and read/write operations
• Updated documentation to mention incompatibility of unprivileged containers and none network type
• Fixed devpts handling to skip max mount option on EINVAL

LXCFS

• Updated some error messages to be more descriptive

Distrobuilder

• Nothing to report this week

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.

Ubuntu

• Nothing to report this week

Snap

• Started logging mount namespace changes
• Moved away from calling lxc info during the shutdown sequence
• Tweaked kmod wrapper to allow for unprivileged modinfo calls
• Added logic to detect snap/deb conflicts and force the user to sort it out
• Removed waitready timeout on startup
• Updated LXD to 3.3
• Working on fixing issues on core snap upgrades