Weekly Update Templates (2).png960×540 47.7 KB

Introduction

This past week was focused on getting LXD 3.6 ready for release.

Many bugs were fixed in both LXD and LXC and some of the milestoned features haves now landed, like the uevent injection for USB devices and the long awaited LXD projects.

We also got to work on some smaller pieces of work like supporting encrypted TLS keys in the LXD client and adding support for new netlink flags.

Now to get the release out the door and get started on LXD 3.7!

Upcoming conferences and events

• Linux Security Summit Europe - Edinburgh, UK (October 22-24)
  • Kernel Subsystem Overview and Recent Developments: Namespaces and Capabilities by @brauner
• Open Source Summit Europe - Edinburgh, UK (October 25-26)
  • 10 Years Of Linux Containers by @brauner
  • Using Containers For GPU Workloads by @brauner
• Linux Plumbers Conference - Vancouver, BC (November 13-15)
  • Containers and checkpoint/restart micro-conference
• FOSDEM - Brussels, Belgium (February 2-3)
• GTC 2019 - San Jose, CA (March 17-21)

Ongoing projects

The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.

• Incremental update of containers
• Switching distribution building over to distrobuilder
• Various kernel work
• Stable release work for LXC, LXCFS and LXD

Upstream changes

The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.

LXD

• Updated LVM documentation for storage quotas
• Cleaned up the candid handling code a bit
• Fixed netns_get_nsid() signature
• Tweaked apparmor policy to allow cgroupv2 in cgns
• Added support for uevent injection for USB devices
• Fixed candid when using an https server
• Fixed static building lxd-p2c
• Added support for encrypted PEM private keys
• Tweaked client to only setup TLS args when needed
• Optimized TLS setup in the client
• Added support for NETLINK_DUMP_STRICT_CHK to netns handler
• Fixed a potential race condition in the client library
• Fixed logging output in feature detection code
• Tweaked logging in feature detection code
• Added terminal detection to progress handling
• Fixed some blkio limit issues
• Reworked backup documentation
• Implemented LXD projects

LXC

• Fixed cgfsng to not re-use another monitor’s cgroup
• Fixed lxc_set_death_signal()
• Closed closed tiny race window in cgfsng
• Moved syscall wrappers and raw syscalls to appropriate files
• Removed some unused arguments
• Switched from malloc+copy+free to realloc
• Tweaked config parsing
• Replaced MAXPATHLEN by PATH_MAX
• Updated the Korean translation of the documentation
• Fixed signal mask during attach
• Reduced log level of nsid failure
• Fixed missing pthread.h include
• Added support for NETLINK_DUMP_STRICT_CHK
• Fixed parser to not mask failed parse
• Improved cgroup detection and logging

LXCFS

• Nothing to report this week

Distrobuilder

• Added usage instructions to README.md
• Updated README.md some more

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.

Ubuntu

• LXC 3.0.2 is now in bionic-proposed
• LXCFS 3.0.2 is now in bionic-proposed
• LXD 3.0.2 is now in bionic-proposed

Snap

• Fixed an issue in lxd.activate job using wrong paths
• Cherry-picked more upstream fixes