Weekly status #64

stgraber · September 10, 2018, 3:00pm

Weekly status for the week of the 3rd to the 9th of September.

Introduction

Another pretty quiet week for the LXD team as half the team was traveling.

The focus for this week has been on finalizing a number of features for the upcoming LXD 3.5 release as well as continuing the work on LXD projects.

On top of that feature work, the snap packages got refreshed and a number of bugs in LXC and LXD got fixed.

Upcoming conferences and events

Container Camp - London, UK (September 6-7)
- Filesystem mounts in user namespaces by @brauner
Open Source and Linux Conference - Kiev, Ukraine (September 15)
All Systems Go - Berlin, Germany (September 28-30)
- Past, present and future of system containers by @stgraber
Linux Security Summit Europe - Edinburgh, UK (October 22-24)
- Kernel Subsystem Overview and Recent Developments: Namespaces and Capabilities by @brauner
Open Source Summit Europe - Edinburgh, UK (October 25-26)
- 10 Years Of Linux Containers by @brauner
- Using Containers For GPU Workloads by @brauner
Linux Plumbers Conference - Vancouver, BC (November 13-15)
- Containers and checkpoint/restart micro-conference

Ongoing projects

The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.

LXD projects
Add support for custom volume snapshots
Improve integration with macaroon/candid
Switching distribution building over to distrobuilder
Various kernel work
Stable release work for LXC, LXCFS and LXD

Upstream changes

The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.

LXD

Changed proxy code to only log errors
Fixed bad return value when operation succeeds before timeout
Fixed an issue in the DNS proxy showing the internal domain
Fixed the proxy device to properly work with the LXD snap
Fixed a couple of issues with lxd import

LXC

Switched command handling to using errno for errors
Fixed out of bound access to cap array
Fixed pointer de-reference
Fixed some build errors

LXCFS

Nothing to report this week

Distrobuilder

Nothing to report this week

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.

Ubuntu

Uploaded LXC 3.0.2 to bionic-proposed
Uploaded LXCFS 3.0.2 to bionic-proposed
Uploaded LXD 3.0.2 to bionic-proposed

Snap

Added an install hook to pre-create some paths
Preparing for socket activation in lxd.migrate
Tweaked startup script to make sure all paths exist
Updated lxd.migrate to recommend removing packages
Cherry-picked a large set of bugfixes on top of LXD 3.4
Updated to Go 1.11
Updated to ZFS 0.7.10
Added cluster refresh logic to auto-trigger refreshes

trystan · September 15, 2018, 2:39am

Still not seeing the updated packages in the proposed repo or on launchpad.

stgraber · September 15, 2018, 2:48am

That’s because all 3 packages are in the review queue waiting for someone on the stable release update team to review and let them into -proposed. Sadly not much we can do at that stage but wait and see.

trystan · September 15, 2018, 2:56am

That’s unfortunate, you’d think they’d be higher priority with the CVE fixes

stgraber · September 16, 2018, 12:43am

The CVE has been fixed in Ubuntu for weeks already. Ubuntu pushed a patched version of LXC at the exact time the CVE was made public, so the updates we’re pushing now are just bugfixes, no security content.