LXD Weekly Status #27
Stéphane Graber
on 12 December 2017
Introduction
This past week was incredibly busy and featureful for both LXC and LXD.
We landed Infinband support in LXD, alongside new configuration keys to control the presence of /dev/lxd in the container and support for pre-migration of memory during container live-migration. That’s on top of a variety of bugfixes and other still ongoing feature work.
On the LXC side of things, we’ve added a new reboot2
function to our API, making it possible to block on container restarts, added a new lxc.init.cwd
configuration key to control the working directory of the container’s init process, added a new lxc.sysctl
set of configuration keys, all while also fixing numerous new issues reported by Coverity Scan and a number of other bugfixes and refactoring.
We’d like to give a shout out to Adrian Reber from Red Hat for the work on memory pre-migration in LXC and LXD as well as to the students of the University of Texas in Austin for contributing the /dev/lxd work in LXD and a number of refactoring of the LXC tools. It’s always great to get new contributors to those projects!
We’re now slowly preparing for LXD 2.21 due next Tuesday, hopefully getting a couple more features in there and fixing any last minute issues.
We also expect LXD 2.0.11 to be pushed to Ubuntu 14.04 later this week as LXD 2.0.11 in Ubuntu 16.04 seems to be doing very well.
Upcoming conferences and events
- FOSDEM 2018 (Brussels, February 2018)
Ongoing projects
The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.
- New “proxy” device type for network forwarding in LXD
- Extend the /dev/lxd interface for LXD containers
- MAAS network integration in LXD
- Distributed database for LXD clustering
- Stable release work for LXC, LXCFS and LXD
Upstream changes
The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.
LXD
- Introduced a new
security.devlxd
configuration key. - Added a new
infiniband
device type. - Update console handling to match current liblxc.
- Added support for CRIU pre-copy migration.
- Fixed path based storage pools in the LXD snap.
- Changed lxd-benchmark to default to running one container.
- Fixed a devlxd locking issue.
- Allowed live update of the new security.devlxd
- Fixed some documentation, allowed for more complex interface names and fixed URL escaping in the client.
- Fixed handling of spaces in disk entry paths.
- Fixed recursive output from certificates API missing the name key.
- Updated the Makefile to better detect sqlite3.
- Tweaked the infiniband support to properly call its devices ibX.
LXC
- Added a new reboot2 API to allow for blocking reboot calls.
- Fixed a number of storage related issues.
- Added a new lxc.init.cwd configuration key.
- Fixed failed attach on non-existing namespace.
- Fixed integration with Coverity scan.
- Fixed argument parsing in lxc-execute.
- Updated the Japanese manpages to cover a number of new config keys.
- Fixed loglevel in container start.
- Gave lxc-init its own argument parser.
- Fixed a number of coverity issues.
- Added a new lxc.sysctl set of config keys.
- Fixed more coverity issues.
- Added better handling of pthread errors.
- Made a number of improvements to the lxc-oci template.
- Fixed some issues with the legacy network config parser.
- Improved clone handling when sharing namespaces.
LXCFS
- Fixed MemAvailable to include cached memory.
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.
Ubuntu
Snap
- Fixed lack of /etc/mtab in the snap environment (as needed for resize on LVM).
- Cherry-picked a number of bugfixes into the stable LXD snap.
Ubuntu cloud
Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.
Newsletter signup
Related posts
A comprehensive guide to NIS2 Compliance: Part 2 – Understanding NIS2 requirements
In my previous blog, we ran through what NIS2 is and who it applies to. In this second part of the series, I’ll break down the main requirements you’ll find...
A comprehensive guide to NIS2 Compliance: Part 1 – Understanding NIS2 and its scope
The EU NIS2 directive, which calls for strengthening cybersecurity across the European Union, is now active in all member states. Join me for this 3-part blog...
Rsync remote code execution and related vulnerability fixes available
Canonical’s security team has released updates of the rsync packages for all supported Ubuntu releases. The updates remediate CVE-2024-12084, CVE-2024-12085,...