Weekly status for the weeks of the 29th of April to the 5th of May.
Introduction
This past week’s focus was on a number of networking improvements in LXC that will soon make their way to LXD as well as some performance improvements on the LXD side.
On top of that, we spent quite some time working on all the pieces that enable system call interception with the liblxc support now done, libseccomp support merged upstream and a pull request now ready for review on LXD.
This week we’ll be releasing LXD 3.13 which is going to be a pretty packed release on both the feature and bugfix fronts!
Ongoing projects
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- Rework of internal LXD storage handling
- Dqlite 1.0
- Various kernel work
- Stable release work for LXC, LXCFS and LXD
Upstream changes
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
LXD
- Sped up simple container snapshot listings
- Optimized full container snapshot retrieval
- Fixed bad host_name property documentation
- Updated clustering code for raft logging change
- Tweaked project quota logic to build on older systems
- Tweaked btrfs logic to avoid ro snapshots when unprivileged
- More tweaking to project quota logic to build on older systems
LXC
- Added IPVLAN support
- Added layer 2 (ARP/NDP) proxy mode
- Removed seccomp alignment requirements
- Added static routes for IPVLAN with L2PROXY
- Fixed seccomp to ensure fields are set to 0
- Added support for using a path to a nsfd for namespace to share
- Made seccomp handler send process memory fd
- Added gateway device route mode
- Made socket SOCK_CLOEXEC tree-wide
- Added a new __returns_twice compiler attribute
- Documented seccomp path calculation
- Added initial support for the new pidfd_send_signal() syscall
LXCFS
- Nothing to report this week
Distrobuilder
- Nothing to report this week
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
Ubuntu
- Nothing to report this week
Snap
- Nothing to report this week